Am 27.07.2010 20:25, schrieb Anthony Liguori:
> On 07/27/2010 12:43 PM, Anthony PERARD wrote:
>> Anthony Liguori wrote:
>>> On 07/27/2010 12:01 PM, Anthony PERARD wrote:
Anthony Liguori wrote:
> CVE-2008-2004 described a vulnerability in QEMU whereas a malicious
> user could
> tri
On 07/27/2010 12:43 PM, Anthony PERARD wrote:
Anthony Liguori wrote:
On 07/27/2010 12:01 PM, Anthony PERARD wrote:
Anthony Liguori wrote:
CVE-2008-2004 described a vulnerability in QEMU whereas a malicious
user could
trick the block probing code into accessing arbitrary files in a
guest. To
Anthony Liguori wrote:
On 07/27/2010 12:01 PM, Anthony PERARD wrote:
Anthony Liguori wrote:
CVE-2008-2004 described a vulnerability in QEMU whereas a malicious
user could
trick the block probing code into accessing arbitrary files in a
guest. To
mitigate this, we added an explicit format para
On 07/27/2010 12:01 PM, Anthony PERARD wrote:
Anthony Liguori wrote:
CVE-2008-2004 described a vulnerability in QEMU whereas a malicious
user could
trick the block probing code into accessing arbitrary files in a
guest. To
mitigate this, we added an explicit format parameter to -drive which
d
Anthony Liguori wrote:
CVE-2008-2004 described a vulnerability in QEMU whereas a malicious user could
trick the block probing code into accessing arbitrary files in a guest. To
mitigate this, we added an explicit format parameter to -drive which disabling
block probing.
Fast forward to today, a
CVE-2008-2004 described a vulnerability in QEMU whereas a malicious user could
trick the block probing code into accessing arbitrary files in a guest. To
mitigate this, we added an explicit format parameter to -drive which disabling
block probing.
Fast forward to today, and the vast majority of u
