[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[SECURITY] Fedora 7 Update: qemu-0.9.0-4.fc7



--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2001
2008-02-25 22:17:09
--------------------------------------------------------------------------------

Name        : qemu
Product     : Fedora 7
Version     : 0.9.0
Release     : 4.fc7
URL         : http://www.qemu.org/
Summary     : QEMU is a FAST! processor emulator
Description :
QEMU is a generic and open source processor emulator which achieves a good
emulation speed by using dynamic translation. QEMU has two operating modes:

 * Full system emulation. In this mode, QEMU emulates a full system (for
   example a PC), including a processor and various peripherials. It can be
   used to launch different Operating Systems without rebooting the PC or
   to debug system code.
 * User mode emulation. In this mode, QEMU can launch Linux processes compiled
   for one CPU on another CPU.

As QEMU requires no host kernel patches to run, it is safe and easy to use.

--------------------------------------------------------------------------------
Update Information:

Ian Jackson discovered that accesses beyond end of qemu emulated disk devices
can result in accesses to emulator's virtual memory space accesses and thus can
allow user with sufficient privilege in guest (root, as this would need
modification to kernel's driver) to break out of VM.    http://marc.info/?l
=debian-security&m=120343592917055&w=2
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 23 2008 Daniel P. Berrange <berrange redhat com> - 0.9.0-4.fc7
- Fix block device extents check (rhbz #433560)
* Wed Sep 26 2007 Daniel P. Berrange <berrange redhat com> - 0.9.0-3.fc7
- Update licence
- Fix CDROM emulation (rhbz #253542)
- Fix rtl8139 mmio region mappings with multiple NICs
- Fix rtl8139 checksum calculation for Vista (rhbz #308201)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #433560 - Qemu insufficient block device address range checking
        https://bugzilla.redhat.com/show_bug.cgi?id=433560
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update qemu' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]