Richard W.M. Jones
2012-May-28 08:07 UTC
[Libguestfs] FYI: CVE-2012-2652 in qemu could affect libguestfs users
Jim Meyering found various flaws in the creation of temporary files in qemu. For more details see: http://marc.info/?l=qemu-devel&m=133819025731504&w=2 http://bugzilla.redhat.com/CVE-2012-2652 This problem could affect libguestfs users, particularly (but not exclusively) if libguestfs was run as root. No update is needed for libguestfs, but you should check that the version of qemu you are using contains a fix for this bug. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming blog: http://rwmj.wordpress.com Fedora now supports 80 OCaml packages (the OPEN alternative to F#) http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora