USN-863-1: QEMU vulnerability

12-03-2009

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

USN-863-1: QEMU vulnerability

Description:
=========================================================== Ubuntu Security Notice USN-863-1 December 03, 2009 qemu-kvm vulnerabilities https://launchpad.net/bugs/458521 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: qemu-kvm 0.11.0-0ubuntu6.3 After a standard system upgrade you need to restart any QEMU guests to effect the necessary changes. Details follow: It was discovered that QEMU did not properly setup the virtio networking features available to its guests. A remote attacker could exploit this to crash QEMU guests which use virtio networking on Linux kernels earlier than 2.6.26.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

ssh-import-id(1) ssh-import ssh-import-id(1) NAME
ssh-import-id - retrieve one or more public keys from a public keyserver (Launchpad.net by default) and append them to the current user's authorized_keys file (or some other specified file) SYNOPSIS
ssh-import-id [options] USER_ID_1 [USER_ID_2] ... [USER_ID_n] OPTIONS
-h | --help usage -o | --output F write output to file 'F' (default ~/.ssh/authorized_keys, use "-" for standard out) DESCRIPTION
This utility will securely contact a public keyserver (https://launchpad.net by default) and retrieve one or more user's public keys, and append these to the current user's ~/.ssh/authorized_keys file. The system administrator can change the source URL used by ssh-import-id(1) by editing the configuration file, /etc/ssh/ssh_import_id, which is sourced to obtain the value of URL. By default, URL="https://launchpad.net/~%s/+sshkeys". Note that this url really MUST be a secure, https url with a valid, signed certificate or else your system will be vulnerable to man-in-the-middle attacks! The "%s" will be populated by ssh-import-id(1) with the value(s) of USER_ID_1 [USER_ID_2] ... [USER_ID_n]. SEE ALSO
ssh(1) FILES
/etc/ssh/ssh_import_id AUTHOR
This manpage and the utility was written by Dustin Kirkland <kirkland@canonical.com> for Ubuntu systems (but may be used by others). Per- mission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 3 published by the Free Software Foundation. On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL. ssh-import 23 Feb 2010 ssh-import-id(1)

Security Advisories (RSS)

USN-863-1: QEMU vulnerability

LEARN ABOUT LINUX

ssh-import-lp-id