Package: qemu Severity: important Tags: security Fixed: 0.9.1-5 Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for qemu. CVE-2008-1945[0]: | QEMU 0.9.0 does not properly handle changes to removable media, which | allows guest OS users to read arbitrary files on the host OS by using | the diskformat: parameter in the -usbdevice option to modify the | disk-image header to identify a different format, a related issue to | CVE-2008-2004. This is already fixed in version 0.9.1-5 in unstable. Please coordinate with the security team ([email protected]) to prepare packages for the stable releases. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1945 http://security-tracker.debian.net/tracker/CVE-2008-1945 Thanks, Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
