Format: 1.8
Date: Thu, 07 May 2009 16:41:38 -0400
Source: kvm
Binary: kvm kvm-source
Architecture: all i386
Version: 1:72+dfsg-1ubuntu6.1
Distribution: intrepid
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@palmer.buildd>
Changed-By: Dustin Kirkland <kirkland@ubuntu.com>
Description: 
 kvm        - Full virtualization on i386 and amd64 hardware
 kvm-source - Source for the KVM driver
Changes: 
 kvm (1:72+dfsg-1ubuntu6.1) intrepid-security; urgency=low
 .
   * debian/patches/SECURITY_CVE-2008-1945:
     - SECURITY UPDATE: guest OS users may read arbitrary files on host OS
       + qemu/hw/usb-msd.c: Add image format option for USB mass-storage
         $devices; Author: Aurelien Jarno <aurelien@aurel32.net>
       + CVE-2008-1945: commit 334c0241c006533d1f4ed7e07239ec00b46c6efd
   * debian/patches/CVE-2008-2382:
     - SECURITY UPDATE: remote denial of service via crafted message to vnc
       + qemu/vnc.c: Properly handle the case of SetPixelEncodings with a
         length of zero.; Author: Anthony Liguori <aliguori@us.ibm.com>
       + CVE-2008-2382: commit 69dd5c9ffd5c0c6a01ad14b9c6a8d7135ccc2b9a
   * debian/patches/CVE-2008-4539:
     - SECURITY UPDATE: local users might gain privileges via heap overflow
       + qemu/hw/cirrus_vga.c: fix a heap overflow in Cirrus emulation;
         Author: Aurelien Jarno <aurelien@aurel32.net>
       + CVE-2008-4539: commit 65d35a09979e63541afc5bfc595b9f1b1b4ae069
   * debian/patches/CVE-2008-5714:
     - SECURITY UPDATE: vnc password limited to 7, rather than 8 characters
       + qemu/monitor.c: monitor_readline expects buf_size to include the
         terminating \0, but do_change_vnc in monitor.c calls it as though
         it doesn't; Authors: Chris Webb <chris@arachsys.com> and
         Anthony Liguori <aliguori@us.ibm.com>
       + CVE-2008-5714: commit 2a7e8dda090af586f3d0b3d157054a9e18776a52
   * debian/patches/series: updated accordingly
Checksums-Sha1: 
 5882ea3961f1b02ba8696294b0c1331d635488a1 190230 kvm-source_72+dfsg-1ubuntu6.1_all.deb
 1b65b73981c1018682a2669d078e3d4cc04b4996 957398 kvm_72+dfsg-1ubuntu6.1_i386.deb
Checksums-Sha256: 
 a9734f73ba9ab530f0669b9be5dacd580ba97f2c8d52417bc6c755c836014d10 190230 kvm-source_72+dfsg-1ubuntu6.1_all.deb
 a74a2de8efaf4438e147d3c466e769eea94949e123a351951b173c0e48895747 957398 kvm_72+dfsg-1ubuntu6.1_i386.deb
Files: 
 113fb528ab82213136087d1036f65822 190230 misc optional kvm-source_72+dfsg-1ubuntu6.1_all.deb
 699d7cc4987430613f930b726df849f0 957398 misc optional kvm_72+dfsg-1ubuntu6.1_i386.deb
Original-Maintainer: Jan Lübbe <jluebbe@debian.org>