Synopsis: Moderate: qemu-kvm security update Issue date: 2011-03-10 CVE Names: CVE-2011-0011 A flaw was found in the way the VNC "password" option was handled. Clearingaa password disabled VNC authentication, allowing a remote user able to connect to the virtual machines' VNC ports to open a VNC session without authentication. (CVE-2011-0011) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. SL 6.x SRPMS: qemu-kvm-0.12.1.2-2.113.el6_0.8.src.rpm x86_64: qemu-img-0.12.1.2-2.113.el6_0.8.x86_64.rpm qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.113.el6_0.8.x86_64.rpm -Connie Sieh -Troy Dawson