Comment 17 for bug 458521

This bug was fixed in the package qemu-kvm - 0.11.0-0ubuntu6.3

---------------
qemu-kvm (0.11.0-0ubuntu6.3) karmic-security; urgency=low

  * SECURITY UPDATE: linux <= 2.6.25 guests (e.g. hardy) with virtio
    networking are subject to DoS by qemu-kvm application crash;
    the crash can be remotely triggered by a malicious user flooding any
    open network port (LP: #458521)
    - debian/patches/12_whitelist_host_virtio_networking_features.patch:
      fix accounting of virtio networking features available to make
      available to the guests
    - CVE-2009-XXXX
  * debian/kvm-ok: check for other common reasons why KVM might not be
    usable, LP: #452323
  * debian/control: build-depend on libcurl devel, to allow booting from
    ISOs over http, LP: #453441

 -- Dustin Kirkland <email address hidden> Thu, 29 Oct 2009 11:36:18 -0500