On Wed, Mar 10, 2010 at 05:44:10PM -0500, Michael Gilbert wrote: > On Wed, 10 Mar 2010 17:21:45 -0500, Daniel Kahn Gillmor wrote: > > We recommend that you upgrade your kvm package. If your system is > > currently using a kvm-modules package built from previous versions of > > the kvm-source package, we recommend that you upgrade your kvm-source > > package, re-build a new kvm-modules package and install it. You should > > subsequently unload the old kvm modules from your kernel and reload the > > newly built kernel modules. The simplest way to accomplish this kernel > > module unload/reload is a system restart. > > a restart is (almost) never the answer. i think a better approach would > be the following simple instructions > > if you have previously installed the kvm modules on your system, they > need to be refreshed following an upgrade of your kvm packages. please > execute the following commands as root after the new packages are > installed: > > # m-a a-i kvm-source > # modprobe kvm
If kvm is running, the above commands will succeed w/o error - but still leave you with a vulnerable system. You would need to shutdown all users of kvm and unload the existing module as well. -- dann frazier -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100311004114.ge1...@lackof.org
