drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in qemu
Name: |
Mangelnde Rechteprüfung in qemu |
|
ID: |
MDVSA-2009:257 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva 2009.0, Mandriva Enterprise Server 5.0 |
|
Datum: |
Di, 6. Oktober 2009, 23:18 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 |
|
Applikationen: |
QEMU |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1254863909-13155-2443
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:257 http://www.mandriva.com/security/ _______________________________________________________________________
Package : qemu Date : October 5, 2009 Affected: 2009.0, Enterprise Server 5.0 _______________________________________________________________________
Problem Description:
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. (CVE-2008-0928) The updated packages have been patched to prevent this. _______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 _______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0: 57bef154e8cd25b642dce57763e16554 2009.0/i586/dkms-kqemu-1.4.0-0.pre1.0.2mdv2009.0.i586.rpm 329a667ed2903819014161849d344861 2009.0/i586/qemu-0.9.1-0.r5137.1.2mdv2009.0.i586.rpm db1ca03164a5ff2de841c4037c450bd6 2009.0/i586/qemu-img-0.9.1-0.r5137.1.2mdv2009.0.i586.rpm 93fdd8eee03c1f6096d8191a192f4640 2009.0/SRPMS/qemu-0.9.1-0.r5137.1.2mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: 8ac6d994096bf85f3e4b4e708148e13c 2009.0/x86_64/dkms-kqemu-1.4.0-0.pre1.0.2mdv2009.0.x86_64.rpm 2f8acf7a55e0c6e68a41da161c28d8e8 2009.0/x86_64/qemu-0.9.1-0.r5137.1.2mdv2009.0.x86_64.rpm 5dd666c65695a3a3db651455e735d5df 2009.0/x86_64/qemu-img-0.9.1-0.r5137.1.2mdv2009.0.x86_64.rpm 93fdd8eee03c1f6096d8191a192f4640 2009.0/SRPMS/qemu-0.9.1-0.r5137.1.2mdv2009.0.src.rpm
Mandriva Enterprise Server 5: 3438296928c91d6622555fc99b1f351a mes5/i586/dkms-kqemu-1.4.0-0.pre1.0.2mdvmes5.i586.rpm 37c18d0d549fc3820f010b11dc59fabf mes5/i586/qemu-0.9.1-0.r5137.1.2mdvmes5.i586.rpm e53fcf1dac65b13c16dbdc78dcb05ecd mes5/i586/qemu-img-0.9.1-0.r5137.1.2mdvmes5.i586.rpm b154a1c5d6ac4e5b2a010fe2f1bf32eb mes5/SRPMS/qemu-0.9.1-0.r5137.1.2mdvmes5.src.rpm
Mandriva Enterprise Server 5/X86_64: 2969010fc07ede667a6638a2826aa2fc mes5/x86_64/dkms-kqemu-1.4.0-0.pre1.0.2mdvmes5.x86_64.rpm ef9508b52fc4f1f16e077d37f34ea63c mes5/x86_64/qemu-0.9.1-0.r5137.1.2mdvmes5.x86_64.rpm cccc034235886f9799bda18d9e8018e4 mes5/x86_64/qemu-img-0.9.1-0.r5137.1.2mdvmes5.x86_64.rpm b154a1c5d6ac4e5b2a010fe2f1bf32eb mes5/SRPMS/qemu-0.9.1-0.r5137.1.2mdvmes5.src.rpm _______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKy4clmqjQ0CJFipgRAnk+AJ9LASPFW6fXHJ0sDZUT9RbJo8Wt/QCg5+NK R/D7OiJge6nzf7peU/UWjuQ= =S5Q3 -----END PGP SIGNATURE-----
------------=_1254863909-13155-2443 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________
------------=_1254863909-13155-2443--
|
|
|
|