This bug was fixed in the package qemu-kvm - 0.12.3+noroms-0ubuntu9.4
---------------
qemu-kvm (0.12.3+noroms-0ubuntu9.4) lucid-security; urgency=low
* SECURITY UPDATE: Setting VNC password to empty string silently
disables all authentication (LP: #697197)
- debian/patches/697197-fix-vnc-password-semantics.patch: Reverses the
change introduced in Qemu by git commit 52c18be9, thanks to Neil Wilson.
- CVE-2011-0011
-- Dustin Kirkland <[email protected]> Fri, 11 Feb 2011 09:57:30 -0600
** Changed in: qemu-kvm (Ubuntu Karmic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/697197
Title:
Empty password allows access to VNC in libvirt
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
