This bug was fixed in the package qemu-kvm - 0.11.0-0ubuntu6.3 --------------- qemu-kvm (0.11.0-0ubuntu6.3) karmic-security; urgency=low
* SECURITY UPDATE: linux <= 2.6.25 guests (e.g. hardy) with virtio networking are subject to DoS by qemu-kvm application crash; the crash can be remotely triggered by a malicious user flooding any open network port (LP: #458521) - debian/patches/12_whitelist_host_virtio_networking_features.patch: fix accounting of virtio networking features available to make available to the guests - CVE-2009-XXXX * debian/kvm-ok: check for other common reasons why KVM might not be usable, LP: #452323 * debian/control: build-depend on libcurl devel, to allow booting from ISOs over http, LP: #453441 -- Dustin Kirkland <kirkl...@ubuntu.com> Thu, 29 Oct 2009 11:36:18 -0500 ** Changed in: qemu-kvm (Ubuntu Karmic) Status: Fix Committed => Fix Released -- qemu-kvm should link against libcurl to be able to boot/stream off of http://..../*.iso https://bugs.launchpad.net/bugs/453441 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to qemu-kvm in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs