From ${URL} : Quick Emulator(Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtio_gpu_resource_destroy' A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05043.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
i've added it to our 2.8.0 ebuild
Stabilization will be happen as part of bug 601824.
Added to existing GLSA request.
This issue was resolved and addressed in GLSA 201701-49 at https://security.gentoo.org/glsa/201701-49 by GLSA coordinator Aaron Bauman (b-man).
