The QEMU v1.5.2 stable release is now available at:

  http://wiki.qemu.org/download/qemu-1.5.2.tar.bz2

This is release is solely to address a security issue (CVE-2013-2231) found
in the QEMU Guest Agent on Windows. More details on the nature of the CVE
can be found here:

http://seclists.org/oss-sec/2013/q3/161

There are 2 minor fixes for qemu-ga for Windows as well, though these are
included mainly due to being dependencies of the CVE fix sent upstream.

Thanks to Laszlo and the Red Hat security team for identifying/fixing the
issue.

ff4be47: Update VERSION for 1.5.2 release (Michael Roth)
be161ae: qga: escape cmdline args when registering win32 service 
(CVE-2013-2231) (Laszlo Ersek)
bb31546: ga_install_service(): nest error paths more idiomatically (Laszlo 
Ersek)
af0bbf8: qga/service-win32.c: diagnostic output should go to stderr (Laszlo 
Ersek)
31c6ed2: qga: save state directory in ga_install_service() (Laszlo Ersek)
c432c7d: qga: remove undefined behavior in ga_install_service() (Laszlo Ersek)

Reply via email to