On Tue, Feb 28, 2017, at 02:23 PM, Eric Blake wrote:
> Might also be worth mentioning that this patch is required in order to > solve CVE-2016-9602, per discussion at > https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg06089.html I only briefly looked at this, but can't `open(..., O_PATH)` be used to solve this today?
