Another vulnerability has been found, see $URL for more details and patches.
It seems unclear to me if 0.9.x is also affected. However, we still have bug #252266 open which affects 0.9.x.
Apparently 0.10.x and 0.11.x are the way to go these days. Do we want to fix 0.9.x and figure out whether this issue here also affects 0.9.x (and if yes, backport the relatively long patch), or should be apply the existing backported patch for 0.10.6 and stabilise that (or even 0.11.x)?
Luca, please advise.
Multiple use-after-free vulnerabilities in vnc.c in the VNC server in
QEMU 0.10.6 and earlier might allow guest OS users to execute
arbitrary code on the host OS by establishing a connection from a VNC
client and then (1) disconnecting during data transfer, (2) sending a
message using incorrect integer data types, or (3) using the Fuzzy
Screen Mode protocol, related to double free vulnerabilities.
VMs are often used for security reasons, setting whiteboard.
Creating new GLSA request
Affected versions are removed from the tree.
@security: follow up ping
Four year old bugs aren't worth the time. Byebye.