-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3759-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk March 11, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : qemu Version : 1:3.1+dfsg-8+deb10u12 CVE ID : CVE-2023-2861 CVE-2023-3354 CVE-2023-5088 Multiple vulnerabilities have been fixed in the machine emulator and virtualizer QEMU. CVE-2023-2861 9pfs did not prohibit opening special files on the host side CVE-2023-3354 remote unauthenticated clients could cause denial of service in VNC server CVE-2023-5088 IDE guest I/O operation addressed to an arbitrary disk offset might get targeted to offset 0 instead For Debian 10 buster, these problems have been fixed in version 1:3.1+dfsg-8+deb10u12. We recommend that you upgrade your qemu packages. For the detailed security status of qemu please refer to its security tracker page at: https://security-tracker.debian.org/tracker/qemu Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmXvPusACgkQiNJCh6LY mLEpLQ//aGHe1oAqi/qNG1F16/1bA9DJ5jhVr+OmRhNSddCIrelqsOBlBo+l09vV UxbWFSOheTfOj9QZS2q9WG3I2rA8EGz7lliMX9wOoPg2K/hxWMuhbvjmz2ZkFAOX QhuSH6dqUf7F0AqiHWTcIoMzJp7yXwh7S0kPjsIS34sdclTu4+gTGJSQoG0jR5Jz /jaNr8wMVNKpAWnSEuoEnUXwS3E5GoEJ6P/BUprCVKG5QEdn9IwCIkObELZi6K06 HG5b/r8WsWoF7THte6TfJp7MI0T8xCUGmAavUXtjCe5WenEAOfzzMjzVQuQYIyae fAr4zk/Y0quph9G/BlnMx2rI+7KQcm0SXE+KKz8qCMffA8dP8GAiEcZkJl/QjpGZ KgTYwaXXhcXOTDsTD7i3guHT2wQdxvSO39ScOHssxsz3+ijoMhl036mG2QN/Y8vf 3CZg4F4uJ2q7N4q6viZC+TR06rpq227uvJEYGSPiUtOkSDX28GbLDBPNcHept3SM /BkaDvcPqA+tkIRw2GBeX/SKNMZ0WNo3RUI1SL+9MiPoi+AcI0ZoIZRNdht1IIeb Uh8t0YYOnNL9K6hqrmp3ikNxNavX85RPqcPdEGdITi+1mWnZ+x+gs6zdIjOn9Pb0 EigLFMck+BB3IzVjoSe4rl9yqedlpbDZ/+gPC1PhvxB6lVXRjy4= =4xcX -----END PGP SIGNATURE-----