CVE-2013-2007 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2007): The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
Also can affect Xen, but [1] says that this is really not a default configuration and requires a lot of work on the part of the systems administrator. Removing maintainers since they don't need to be CC'd. GLSA vote: no. [1] http://www.openwall.com/lists/oss-security/2013/05/06/5
GLSA vote: no Closing as noglsa.