[Slackbuilds-users] Security Advisories for QEMU and MUMBLE/MURMUR
King Beowulf
kingbeowulf at gmail.com
Fri Jun 12 05:21:24 UTC 2015
Hello:
QEMU
----
Willy tweeted me to qemu CVE-2015-3209, Heap overflow in QEMU PCNET
controller, allowing guest->host escape. This is easy to mitigate:
don't use pcnet! ;-)
I'll send in an update this weekend. But, reeaallyy, you should be
using virtio-net-pci ...
References
(1) http://xenbits.xen.org/xsa/advisory-135.html
(2) http://securitytracker.com/id/1032546
(3)
http://git.qemu.org/?p=qemu.git;a=commit;h=9f7c594c006289ad41169b854d70f5da6e400a2a
MUMBLE
------
mumble-1.2.9 maintenance release fixes various bugs, updates
dependencies, and adds new functionality. The current slackbuild
*should* work OOTB on 14.1 updated to latest patches as of today, but
here may be an issue with the new TLS 1.2 functionality (see (1))
I'll test as soon as my build VMs are updated this weekend.
References
----------
(1) http://blog.mumble.info/mumble-1-2-9/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20150611/fdee1cee/attachment.asc>
More information about the SlackBuilds-users
mailing list