Re: [DSA 1799-1] New qemu packages fix several vulnerabilities

To: debian-security@lists.debian.org
Subject: Re: [DSA 1799-1] New qemu packages fix several vulnerabilities
From: Faidon Liambotis <paravoid@debian.org>
Date: Tue, 12 May 2009 13:23:40 +0300
Message-id: <[🔎] 4A094E2C.2000009@debian.org>
In-reply-to: <20090511211308.GA3953@galadriel.inutil.org>
References: <20090511211308.GA3953@galadriel.inutil.org>

Moritz Muehlenhoff wrote:
> Package        : qemu
> Vulnerability  : several
> Problem-Type   : local
> Debian-specific: no
> CVE ID         : CVE-2008-0928 CVE-2008-4539 CVE-2008-1945
> 
> Several vulnerabilities have been discovered in the QEMU processor
> emulator. The Common Vulnerabilities and Exposures project identifies the
> following problems:
<snip>

Are KVM and/or Xen HVM hosts affected by this?
Should those VMs be restarted to avoid escaping from the guest to the host?

Thanks,
Faidon

Reply to:

Follow-Ups:
- Re: [DSA 1799-1] New qemu packages fix several vulnerabilities
  - From: Moritz Muehlenhoff <jmm@inutil.org>

Prev by Date: Abwesenheitsnotiz: [SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution
Next by Date: Any likely update for mod_jk?
Previous by thread: Abwesenheitsnotiz: [SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution
Next by thread: Re: [DSA 1799-1] New qemu packages fix several vulnerabilities
Index(es):
- Date
- Thread