-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 23/03/2015 18:48, Eric Blake wrote:
>> Why can't libvirt just add ,format=raw instead of leaving out the
>> format key altogether?
>
> Libvirt DOES add format=raw. This patch is an extra insurance
> policy to guarantee that libvirt does not ha
On 03/23/2015 11:23 AM, Paolo Bonzini wrote:
>
>
> On 20/03/2015 15:19, Markus Armbruster wrote:
>>> If (a working version of) this makes it in 2.3, libvirt WILL use it in
>>> the next release. It will take me less than 5 minutes to write up the
>>> libvirt patch, as long as the new option is ad
On 20/03/2015 15:19, Markus Armbruster wrote:
> > If (a working version of) this makes it in 2.3, libvirt WILL use it in
> > the next release. It will take me less than 5 minutes to write up the
> > libvirt patch, as long as the new option is advertised via
> > query-command-line-options (which
On 2015-03-20 at 09:05, Markus Armbruster wrote:
Probing is convenient, but probing untrusted raw images is insecure
(CVE-2008-2004). To avoid it, users should always specify raw format
explicitly. This isn't trivial, and even sophisticated users have
gotten it wrong (libvirt CVE-2010-2237, CVE
Probing is convenient, but probing untrusted raw images is insecure
(CVE-2008-2004). To avoid it, users should always specify raw format
explicitly. This isn't trivial, and even sophisticated users have
gotten it wrong (libvirt CVE-2010-2237, CVE-2010-2238, CVE-2010-2239,
plus more recent variati