1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3044-1] qemu-kvm security update

    From Moritz Muehlenhoff@1:229/2 to All on Sat Oct 4 21:30:01 2014
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3044-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 04, 2014 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : qemu-kvm
    CVE ID : CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145
    CVE-2014-0146 CVE-2014-0147 CVE-2014-0222 CVE-2014-0223
    CVE-2014-3615 CVE-2014-3640

    Several vulnerabilities were discovered in qemu-kvm, a full
    virtualization solution on x86 hardware:

    * Various security issues have been found in the block qemu drivers.
    Malformed disk images might result in the execution of arbitrary code.
    * A NULL pointer dereference in SLIRP may result in denial of service
    * An information leak was discovered in the VGA emulation

    For the stable distribution (wheezy), these problems have been fixed in
    version 1.1.2+dfsg-6+deb7u4.

    For the unstable distribution (sid), these problems will be fixed soon.

    We recommend that you upgrade your qemu-kvm packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBAgAGBQJUMEnFAAoJEBDCk7bDfE42S0IQAI0GiUzZAZs8X6pOR06uRvwM gOJSOBjbP6cvFUrQIXNAckjGeBxvLt1aI+wM8grGVw2GRJZgg1cfUsSrq8aPhaUn rwJQHLYqJrgqBR5LA8bVvSBZMugGIMMh1s2ta9aCL2+kzAXdVYjHBGnud40MlLlc rYmj7cuL2TsgVdlFDmlChWFXSfSEJe1Kf2vxtBDXWx8BjSFIbHz0W+UKXgsUenXe IUtglp9Kch1HJteeOXWNDF2rS5YLdbPBR86nQo51au9G3g1IzuY9/kalUjYuB8AU gHfMkH6qpkc+QfxJBB+KnB0d9zE5Zl4rXxqMUCvgcDmv2uKGmGoGPqXw9Oz833az o8M/+NtvdLlqW4FXiAAM89o0SovE8N/Hnzu65p0mCaVzwL2Wt1iUYMfvNsqSHTnX 1cCF4eggILabE9yuwmX0CX+J7zrOHPuN+zHZgX67urXDp+uSpxCyp/M+SssP1XpP jn9bizH2mbDdVek6J/W5vyQWIjpKsaNrcNLL7igyBm0OCSesOxhb4Kx47RZRtXpV K0DSVqQ8UovOZt4otoLe5+tjk/WIM2/O2n5u44W6awzmOW+Isb8SOLl+L/3SwrEQ YEMpqrCIb05P1jgnRBi6Rak7pP2kNZWFxvkQ4fIiRCn1ifKcWXrCBbOZ2zfE6W1Y 4WK4Zu8toz5YnAnN+FEa
    =84ai
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)