Package: xen-unstable Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable.
CVE-2008-0928[0]: | Qemu 0.9.1 and earlier does not perform range checks for block device | read or write requests, which allows guest host users with root | privileges to access arbitrary memory and escape the virtual machine. If you fix this vulnerability please also include the CVE id in your changelog entry. https://bugzilla.redhat.com/attachment.cgi?id=296005 is the patch (tools/ioemu/block.c should get patched). For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpYri2RaqmhG.pgp
Description: PGP signature
