kvm 1:72+dfsg-1ubuntu6.1 source package in Ubuntu

Changelog

kvm (1:72+dfsg-1ubuntu6.1) intrepid-security; urgency=low

  * debian/patches/SECURITY_CVE-2008-1945:
    - SECURITY UPDATE: guest OS users may read arbitrary files on host OS
      + qemu/hw/usb-msd.c: Add image format option for USB mass-storage
        $devices; Author: Aurelien Jarno <email address hidden>
      + CVE-2008-1945: commit 334c0241c006533d1f4ed7e07239ec00b46c6efd
  * debian/patches/CVE-2008-2382:
    - SECURITY UPDATE: remote denial of service via crafted message to vnc
      + qemu/vnc.c: Properly handle the case of SetPixelEncodings with a
        length of zero.; Author: Anthony Liguori <email address hidden>
      + CVE-2008-2382: commit 69dd5c9ffd5c0c6a01ad14b9c6a8d7135ccc2b9a
  * debian/patches/CVE-2008-4539:
    - SECURITY UPDATE: local users might gain privileges via heap overflow
      + qemu/hw/cirrus_vga.c: fix a heap overflow in Cirrus emulation;
        Author: Aurelien Jarno <email address hidden>
      + CVE-2008-4539: commit 65d35a09979e63541afc5bfc595b9f1b1b4ae069
  * debian/patches/CVE-2008-5714:
    - SECURITY UPDATE: vnc password limited to 7, rather than 8 characters
      + qemu/monitor.c: monitor_readline expects buf_size to include the
        terminating \0, but do_change_vnc in monitor.c calls it as though
        it doesn't; Authors: Chris Webb <email address hidden> and
        Anthony Liguori <email address hidden>
      + CVE-2008-5714: commit 2a7e8dda090af586f3d0b3d157054a9e18776a52
  * debian/patches/series: updated accordingly

 -- Dustin Kirkland <email address hidden>   Thu, 07 May 2009 16:41:38 -0400