[SECURITY] [DLA 619-1] qemu-kvm security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : qemu-kvm
Version : 1.1.2+dfsg-6+deb7u15
CVE ID : CVE-2016-7116
qemu-kvm built with the VirtFS, host directory sharing via Plan 9 File System
(9pfs) support, is vulnerable to a directory/path traversal issue. It could
occur while creating or accessing files on a shared host directory.
A privileged user inside guest could use this flaw to access undue files on the
host.
For Debian 7 "Wheezy", these problems have been fixed in version
1.1.2+dfsg-6+deb7u15.
We recommend that you upgrade your qemu-kvm packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJX1ZWMAAoJEKyQrD7FJAZeTaIQANhdfcPGEo9iMY7mI6iMSMZM
frF+U0QizLXCkW4vlmjP/bIFPzfZWXCnLEsR+QSuVG13C52EOblro/uq8nPYazs2
guynVQwaLk/VnJd2DvUEU+xACX0it+EOeKnqTpoowVhBlGTMdkFeOma+3c9qSQBI
bTI16MEL5Lcf79bDgPKx846uEr1n8p7Hsr0gETlQ3GZv6aqoTULcnM2D45nJN/g+
wpi5NBkrrLwsHrbSDY2UiCmlgOkg5gcdhXxX5sx95KdEzg5pTdFDtNQju4c4yasY
nUeBALlybGj9MW67y9EVyAw/4F0/l1/Hn+e4VjeuPRD46dBOS6cjxD7nHHa6i/fa
Asd2oDAuKqNTvzshKr/P7h1Dt8V19sJx5Yca+g9v/qkXCYDA6eRjXSbcpRoFNLO9
kcgJW8eSEFOERzJ+iLINfdpB/ManA4mnY9vK7EKWtVFFw+hbtcy11pi/7Gn+FX9t
/7wvDuaxEvdFGWSTg08TksCR6hwKT8lJWwD/kVb25dQJTaX9kzZm8Ml55Q5UCqvG
yAZizkx1S4KncOzXP8dDRLlGbxlA66K6bQUVMDeWojAL+WBjwWWt6lAZMQaz6du4
o+VB78l3x5S/AnD+r648gnshgW6qPZWEyw49BZq60hn0xstkZeNYt9flj2oT1Lpu
K19ltkiLac1KtrEzYTNk
=QrlV
-----END PGP SIGNATURE-----
Reply to: