The lenny packages of KVM got several security updates (somewhat) recently, but the lenny-backports ones are still at 85+dfsg-4~bpo50+1 from 2009-06-29. According to [1] kvm-88 is still vulnerable, so I guess kvm-85 is as well. Any chance to get updated packages? kvm seems to have been replaced by qemu-kvm in sid/squeeze; are backports of the latter possible (i.e. would they work with the stock 2.6.26 kernel)?
[1] http://article.gmane.org/gmane.comp.emulators.kvm.devel/43002 CU Sascha -- http://sascha.silbe.org/ http://www.infra-silbe.de/
Attachment:
signature.asc
Description: Digital signature