-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : qemu Version : 1.1.2+dfsg-6+deb7u15 CVE ID : CVE-2016-7116 Debian Bug : 836502
Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to a directory/path traversal issue. It could occur while creating or accessing files on a shared host directory. A privileged user inside guest could use this flaw to access undue files on the host. For Debian 7 "Wheezy", these problems have been fixed in version 1.1.2+dfsg-6+deb7u15. We recommend that you upgrade your qemu packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJX1ZUAAAoJEKyQrD7FJAZeHwoQAMdPiAJv7akvZVb46UY1O20Q X4QtD8NCLSU7FBJrBXx2bRO6QBAP7/fhx9V/bQJ7bnxEIU+qkZrC0MgkngUbboX+ crpo6jEn6qDnUvVgpuhc73isnwawjzvQM3IQLmTQbtI04ERTGqUnvY7A8ZYA86mG A70P/CsJ/7rWwOPiV7xTvGpxNIwkhsMSXMlxfG9eCtLBB7EWj/bEaQ74ZfkihIWx 7D4cic2ARfpfppCLeOh2zTnERgM34dFdgH6+9heur7SBXgux8LRSOdf9jF3/bhIu 3Aw0U5zkDrxNTu06r6YMHA5agL/BJ7szImQHd0AY+4PrjAamRdmfKXUpzeTMiqoi ZM1t0oL0TYSoEdS1Hc8U6+W+hyEPjLPlgjCopVe99lztU5SesrV8vnyvRZgVu6P3 BCD2AFJClJYcD3jBQPLHaYl9MT4z/iHpFdlAd7wBslfdNaIxg7bL2XxfGzQx9ZSz BvCbuKkAA6EFKxWKJlEdRJEiBHLAHS9ZZ0POQOYfzRGa8pLdbFg8Qxcz1Kat6GZz zTDiZ3dzbphmV+RuVd1KoDBbAuLG6RBR6TOwPKvC1aFjbLfT6/HVEa2WLaJ0feXk 9+EP6O4W9UfhHhg+JlIlMQ2LNXmKW2hwn92PCyfNPoqAeeUunT84z+cXxKm/QqiK k0qEW/7kRDY5DU+ZaBcX =AxtY -----END PGP SIGNATURE-----
