Bug#646118: CVE-2011-3346: buffer overflow in scsi subsystem

Michael Tokarev Fri, 21 Oct 2011 06:57:22 -0700

Package: qemu-kvm
Version: 0.12.5+dfsg-5+squeeze6
Severity: important
Tags: security upstream patch


CVE-2011-3346 flaw, as described in 
https://bugzilla.redhat.com/show_bug.cgi?id=736038,
also affects qemu-kvm, as shipped in squeeze, testing/unstable and experimental.

The patch to fix this issue is available at:
 http://repo.or.cz/w/qemu.git/commit/7285477ab11831b1cf56e45878a89170dd06d9b9
 http://repo.or.cz/w/qemu.git/commit/103b40f51e4012b3b0ad20f615562a1806d7f49a

but both requires some backporting work (which I'm doing currently).

/mjt



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#646118: CVE-2011-3346: buffer overflow in scsi subsystem

Reply via email to