Mandrake Security Advisory MDVSA-2009:257 (qemu)

Summary
The remote host is missing an update to qemu announced via advisory MDVSA-2009:257.
Solution
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:257
Insight
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. (CVE-2008-0928) The updated packages have been patched to prevent this. Affected: 2009.0, Enterprise Server 5.0