Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Mon, 22 Jul 2013 18:22:55 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Important: qemu-kvm on SL6.x i386/srpm/x86_64 MIME-Version: 1.0 Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2013:1100-1 Issue Date: 2013-07-22 CVE Numbers: CVE-2013-2231 -- An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges. (CVE-2013-2231) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. -- SL6 x86_64 qemu-guest-agent-win32-0.12.1.2-2.355.el6_4.6.x86_64.rpm qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64.rpm qemu-guest-agent-0.12.1.2-2.355.el6_4.6.x86_64.rpm qemu-img-0.12.1.2-2.355.el6_4.6.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.355.el6_4.6.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm i386 qemu-guest-agent-0.12.1.2-2.355.el6_4.6.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.i686.rpm srpm qemu-kvm-0.12.1.2-2.355.el6_4.6.src.rpm noarch qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.355.el6_4.6.x86_64.rpm - Scientific Linux Development Team