Comment 73 for bug 1449062
Revision history for this message
| Daniel Berrange (berrange) wrote Re: qemu-img calls need to be restricted by ulimit (CVE-2015-5162) | #73 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
Yes, *any* qemu-img command that you run without providing '-f' will try to guess the image format. Rather than trying to figure out whether a particular invokation may or may not be susceptible to attack, the safe approach is to use '-f' every time.