[Libguestfs] FYI: CVE-2012-2652 in qemu could affect libguestfs users

Richard W.M. Jones rjones at redhat.com
Mon May 28 08:07:50 UTC 2012


Jim Meyering found various flaws in the creation of temporary files in
qemu.  For more details see:

http://marc.info/?l=qemu-devel&m=133819025731504&w=2
http://bugzilla.redhat.com/CVE-2012-2652

This problem could affect libguestfs users, particularly (but not
exclusively) if libguestfs was run as root.  No update is needed for
libguestfs, but you should check that the version of qemu you are
using contains a fix for this bug.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)
http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora




More information about the Libguestfs mailing list