Support / Security / Advisories / Mandriva Linux 2009.0 / MDVSA-2009:009

Package name: kvm
Date: 2009-01-14
Advisory ID: MDVSA-2009:009
Affected versions: 2009.0 x86_64 , 2009.0 i586

Problem description

Security vulnerabilities have been discovered and corrected in
VNC server of kvm version 79 and earlier, which could lead to
denial-of-service attacks (CVE-2008-2382), and make it easier for
remote crackers to guess the VNC password (CVE-2008-5714).

The updated packages have been patched to prevent this.

Updated packages

2009.0 x86_64

 b84f9ff6c8005e7de6996b3e1f04335d  2009.0/x86_64/kvm-74-3.1mdv2009.0.x86_64.rpm 
 8ee1433de23a7fec8bc768a66585368c  2009.0/SRPMS/kvm-74-3.1mdv2009.0.src.rpm

2009.0 i586

 acdff9c09970bba49f5b500723092f2b  2009.0/i586/kvm-74-3.1mdv2009.0.i586.rpm 
 8ee1433de23a7fec8bc768a66585368c  2009.0/SRPMS/kvm-74-3.1mdv2009.0.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5714
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2382