tags 594478 + pending thanks 26.08.2010 13:31, Moritz Muehlenhoff wrote: > Package: qemu-kvm > Severity: grave > Tags: security > Justification: user security hole > > This has been assigned CVE-2010-2784. Please see here for > references and a patch: > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2784 > http://www.spinics.net/lists/kvm/msg39173.html
For some reason I haven't seen this email coming to me -- usually I receive all bugreports against kvm and qemu-kvm. Regardless, I just comitted a fix for this, to be in the next debian release of qemu-kvm package. By the way, there are tons of guest-triggerable aborts() all around the code in qemu, are they qualify as security bugs too? :) Thank you for the bugreport! /mjt -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org