Format: 1.7 Date: Thu, 07 May 2009 16:02:29 -0500 Source: kvm Binary: kvm kvm-source Architecture: amd64 Version: 1:62+dfsg-0ubuntu8.1 Distribution: hardy Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Dustin Kirkland Description: kvm - Full virtualization on x86 hardware kvm-source - Source for the KVM driver Changes: kvm (1:62+dfsg-0ubuntu8.1) hardy-security; urgency=low . * debian/patches/SECURITY_CVE-2008-1945: - SECURITY UPDATE: guest OS users may read arbitrary files on host OS + qemu/hw/usb-msd.c: Add image format option for USB mass-storage $devices; Author: Aurelien Jarno + CVE-2008-1945: commit 334c0241c006533d1f4ed7e07239ec00b46c6efd * debian/patches/CVE-2008-2382: - SECURITY UPDATE: remote denial of service via crafted message to vnc + qemu/vnc.c: Properly handle the case of SetPixelEncodings with a length of zero.; Author: Anthony Liguori + CVE-2008-2382: commit 69dd5c9ffd5c0c6a01ad14b9c6a8d7135ccc2b9a * debian/patches/CVE-2008-4539: - SECURITY UPDATE: local users might gain privileges via heap overflow + qemu/hw/cirrus_vga.c: fix a heap overflow in Cirrus emulation; Author: Aurelien Jarno + CVE-2008-4539: commit 65d35a09979e63541afc5bfc595b9f1b1b4ae069 * debian/patches/CVE-2008-5714: - SECURITY UPDATE: vnc password limited to 7, rather than 8 characters + qemu/monitor.c: monitor_readline expects buf_size to include the terminating \0, but do_change_vnc in monitor.c calls it as though it doesn't; Authors: Chris Webb and Anthony Liguori + CVE-2008-5714: commit 2a7e8dda090af586f3d0b3d157054a9e18776a52 * debian/patches/series: updated accordingly Files: aa65a634670369404840047a92714a1a 770136 misc optional kvm_62+dfsg-0ubuntu8.1_amd64.deb Original-Maintainer: Jan Luebbe