[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 618-1] qemu security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : qemu
Version        : 1.1.2+dfsg-6+deb7u15
CVE ID         : CVE-2016-7116
Debian Bug     : 836502 

Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9
File System(9pfs) support, is vulnerable to a directory/path traversal issue.
It could occur while creating or accessing files on a shared host directory.

A privileged user inside guest could use this flaw to access undue files on the
host.  

For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u15.

We recommend that you upgrade your qemu packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJX1ZUAAAoJEKyQrD7FJAZeHwoQAMdPiAJv7akvZVb46UY1O20Q
X4QtD8NCLSU7FBJrBXx2bRO6QBAP7/fhx9V/bQJ7bnxEIU+qkZrC0MgkngUbboX+
crpo6jEn6qDnUvVgpuhc73isnwawjzvQM3IQLmTQbtI04ERTGqUnvY7A8ZYA86mG
A70P/CsJ/7rWwOPiV7xTvGpxNIwkhsMSXMlxfG9eCtLBB7EWj/bEaQ74ZfkihIWx
7D4cic2ARfpfppCLeOh2zTnERgM34dFdgH6+9heur7SBXgux8LRSOdf9jF3/bhIu
3Aw0U5zkDrxNTu06r6YMHA5agL/BJ7szImQHd0AY+4PrjAamRdmfKXUpzeTMiqoi
ZM1t0oL0TYSoEdS1Hc8U6+W+hyEPjLPlgjCopVe99lztU5SesrV8vnyvRZgVu6P3
BCD2AFJClJYcD3jBQPLHaYl9MT4z/iHpFdlAd7wBslfdNaIxg7bL2XxfGzQx9ZSz
BvCbuKkAA6EFKxWKJlEdRJEiBHLAHS9ZZ0POQOYfzRGa8pLdbFg8Qxcz1Kat6GZz
zTDiZ3dzbphmV+RuVd1KoDBbAuLG6RBR6TOwPKvC1aFjbLfT6/HVEa2WLaJ0feXk
9+EP6O4W9UfhHhg+JlIlMQ2LNXmKW2hwn92PCyfNPoqAeeUunT84z+cXxKm/QqiK
k0qEW/7kRDY5DU+ZaBcX
=AxtY
-----END PGP SIGNATURE-----
Reply to: