From fbd6fb1a9d75bd7b5d1df24cb805b7df335b0223 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 7 Apr 2017 00:16:18 -0400 Subject: gnu: qemu: Update to 2.8.1 [security fixes]. Fixes CVE-2016-{9602,9603} and CVE-2017-{2615,2620,2630,5667,5931}. * gnu/packages/qemu.scm (qemu): Update to 2.8.1. * gnu/packages/patches/qemu-CVE-2017-2615.patch, gnu/packages/patches/qemu-CVE-2017-2620.patch, gnu/packages/patches/qemu-CVE-2017-2630.patch, gnu/packages/patches/qemu-CVE-2017-5667.patch, gnu/packages/patches/qemu-CVE-2017-5931.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/packages/patches/qemu-CVE-2017-2630.patch | 47 --------------------------- 1 file changed, 47 deletions(-) delete mode 100644 gnu/packages/patches/qemu-CVE-2017-2630.patch (limited to 'gnu/packages/patches/qemu-CVE-2017-2630.patch') diff --git a/gnu/packages/patches/qemu-CVE-2017-2630.patch b/gnu/packages/patches/qemu-CVE-2017-2630.patch deleted file mode 100644 index b154d171f1..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-2630.patch +++ /dev/null @@ -1,47 +0,0 @@ -Fix CVE-2017-2630: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2630 -https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.html - -Patch copied from upstream source repository: - -http://git.qemu-project.org/?p=qemu.git;a=commit;h=2563c9c6b8670400c48e562034b321a7cf3d9a85 - -From 2563c9c6b8670400c48e562034b321a7cf3d9a85 Mon Sep 17 00:00:00 2001 -From: Vladimir Sementsov-Ogievskiy -Date: Tue, 7 Mar 2017 09:16:27 -0600 -Subject: [PATCH] nbd/client: fix drop_sync [CVE-2017-2630] -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Comparison symbol is misused. It may lead to memory corruption. -Introduced in commit 7d3123e. - -Signed-off-by: Vladimir Sementsov-Ogievskiy -Message-Id: <20170203154757.36140-6-vsementsov@virtuozzo.com> -[eblake: add CVE details, update conditional] -Signed-off-by: Eric Blake -Reviewed-by: Marc-André Lureau -Message-Id: <20170307151627.27212-1-eblake@redhat.com> -Signed-off-by: Paolo Bonzini ---- - nbd/client.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/nbd/client.c b/nbd/client.c -index 5c9dee37fa..3dc2564cd0 100644 ---- a/nbd/client.c -+++ b/nbd/client.c -@@ -94,7 +94,7 @@ static ssize_t drop_sync(QIOChannel *ioc, size_t size) - char small[1024]; - char *buffer; - -- buffer = sizeof(small) < size ? small : g_malloc(MIN(65536, size)); -+ buffer = sizeof(small) >= size ? small : g_malloc(MIN(65536, size)); - while (size > 0) { - ssize_t count = read_sync(ioc, buffer, MIN(65536, size)); - --- -2.12.0 - -- cgit v1.2.3