Re: [DSA 1799-1] New qemu packages fix several vulnerabilities

To: debian-security@lists.debian.org
Subject: Re: [DSA 1799-1] New qemu packages fix several vulnerabilities
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Tue, 12 May 2009 18:19:34 +0200
Message-id: <[🔎] slrnh0j8cm.bds.jmm@inutil.org>
References: <20090511211308.GA3953@galadriel.inutil.org> <[🔎] 4A094E2C.2000009@debian.org>

On 2009-05-12, Faidon Liambotis <paravoid@debian.org> wrote:
> Moritz Muehlenhoff wrote:
>> Package        : qemu
>> Vulnerability  : several
>> Problem-Type   : local
>> Debian-specific: no
>> CVE ID         : CVE-2008-0928 CVE-2008-4539 CVE-2008-1945
>> 
>> Several vulnerabilities have been discovered in the QEMU processor
>> emulator. The Common Vulnerabilities and Exposures project identifies the
>> following problems:
><snip>
>
> Are KVM and/or Xen HVM hosts affected by this?
> Should those VMs be restarted to avoid escaping from the guest to the host?

KVM and Xen embed a forked copy of qemu. This update is for the standalone
Qemu only.

Cheers,
        Moritz

Reply to:

References:
- Re: [DSA 1799-1] New qemu packages fix several vulnerabilities
  - From: Faidon Liambotis <paravoid@debian.org>

Prev by Date: The security tools list, new version with more than 200 new tools!
Next by Date: Re: Any likely update for mod_jk?
Previous by thread: Re: [DSA 1799-1] New qemu packages fix several vulnerabilities
Next by thread: Any likely update for mod_jk?
Index(es):
- Date
- Thread