-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u15 CVE ID : CVE-2016-7116
qemu-kvm built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to a directory/path traversal issue. It could occur while creating or accessing files on a shared host directory. A privileged user inside guest could use this flaw to access undue files on the host. For Debian 7 "Wheezy", these problems have been fixed in version 1.1.2+dfsg-6+deb7u15. We recommend that you upgrade your qemu-kvm packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJX1ZWMAAoJEKyQrD7FJAZeTaIQANhdfcPGEo9iMY7mI6iMSMZM frF+U0QizLXCkW4vlmjP/bIFPzfZWXCnLEsR+QSuVG13C52EOblro/uq8nPYazs2 guynVQwaLk/VnJd2DvUEU+xACX0it+EOeKnqTpoowVhBlGTMdkFeOma+3c9qSQBI bTI16MEL5Lcf79bDgPKx846uEr1n8p7Hsr0gETlQ3GZv6aqoTULcnM2D45nJN/g+ wpi5NBkrrLwsHrbSDY2UiCmlgOkg5gcdhXxX5sx95KdEzg5pTdFDtNQju4c4yasY nUeBALlybGj9MW67y9EVyAw/4F0/l1/Hn+e4VjeuPRD46dBOS6cjxD7nHHa6i/fa Asd2oDAuKqNTvzshKr/P7h1Dt8V19sJx5Yca+g9v/qkXCYDA6eRjXSbcpRoFNLO9 kcgJW8eSEFOERzJ+iLINfdpB/ManA4mnY9vK7EKWtVFFw+hbtcy11pi/7Gn+FX9t /7wvDuaxEvdFGWSTg08TksCR6hwKT8lJWwD/kVb25dQJTaX9kzZm8Ml55Q5UCqvG yAZizkx1S4KncOzXP8dDRLlGbxlA66K6bQUVMDeWojAL+WBjwWWt6lAZMQaz6du4 o+VB78l3x5S/AnD+r648gnshgW6qPZWEyw49BZq60hn0xstkZeNYt9flj2oT1Lpu K19ltkiLac1KtrEzYTNk =QrlV -----END PGP SIGNATURE-----
