Comment 214 for bug 2059809
Revision history for this message
| Dan Smith (danms) wrote Re: Arbitrary file access through QCOW2 external data file (CVE-2024-32498) | #214 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Nova is vulnerable to QED in one of the two attack vectors, so this is a new unified patch that should catch it.
This (and the forthcoming backports) are unified patches where this new functionality is shoved into the 3/3 patch, which was the same as the additional one. So if it matters, you can just extract the third patch from this set and use it to replace the previous -additional one.