Accepting request 65096 from Virtualization
Accepted submit request 65096 from user licensedigger OBS-URL: https://build.opensuse.org/request/show/65096 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=74
This commit is contained in:
commit
4d7451dea2
93
71753cb7-CVE-2011-1146.patch
Normal file
93
71753cb7-CVE-2011-1146.patch
Normal file
@ -0,0 +1,93 @@
|
|||||||
|
commit 71753cb7f7a16ff800381c0b5ee4e99eea92fed3
|
||||||
|
Author: Guido Günther <agx@sigxcpu.org>
|
||||||
|
Date: Mon Mar 14 10:56:28 2011 +0800
|
||||||
|
|
||||||
|
Add missing checks for read only connections
|
||||||
|
|
||||||
|
As pointed on CVE-2011-1146, some API forgot to check the read-only
|
||||||
|
status of the connection for entry point which modify the state
|
||||||
|
of the system or may lead to a remote execution using user data.
|
||||||
|
The entry points concerned are:
|
||||||
|
- virConnectDomainXMLToNative
|
||||||
|
- virNodeDeviceDettach
|
||||||
|
- virNodeDeviceReAttach
|
||||||
|
- virNodeDeviceReset
|
||||||
|
- virDomainRevertToSnapshot
|
||||||
|
- virDomainSnapshotDelete
|
||||||
|
|
||||||
|
* src/libvirt.c: fix the above set of entry points to error on read-only
|
||||||
|
connections
|
||||||
|
|
||||||
|
Index: libvirt-0.8.8/src/libvirt.c
|
||||||
|
===================================================================
|
||||||
|
--- libvirt-0.8.8.orig/src/libvirt.c
|
||||||
|
+++ libvirt-0.8.8/src/libvirt.c
|
||||||
|
@@ -3152,6 +3152,10 @@ char *virConnectDomainXMLToNative(virCon
|
||||||
|
virDispatchError(NULL);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
+ if (conn->flags & VIR_CONNECT_RO) {
|
||||||
|
+ virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (nativeFormat == NULL || domainXml == NULL) {
|
||||||
|
virLibConnError(VIR_ERR_INVALID_ARG, __FUNCTION__);
|
||||||
|
@@ -9579,6 +9583,11 @@ virNodeDeviceDettach(virNodeDevicePtr de
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (dev->conn->flags & VIR_CONNECT_RO) {
|
||||||
|
+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (dev->conn->driver->nodeDeviceDettach) {
|
||||||
|
int ret;
|
||||||
|
ret = dev->conn->driver->nodeDeviceDettach (dev);
|
||||||
|
@@ -9622,6 +9631,11 @@ virNodeDeviceReAttach(virNodeDevicePtr d
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (dev->conn->flags & VIR_CONNECT_RO) {
|
||||||
|
+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (dev->conn->driver->nodeDeviceReAttach) {
|
||||||
|
int ret;
|
||||||
|
ret = dev->conn->driver->nodeDeviceReAttach (dev);
|
||||||
|
@@ -9667,6 +9681,11 @@ virNodeDeviceReset(virNodeDevicePtr dev)
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (dev->conn->flags & VIR_CONNECT_RO) {
|
||||||
|
+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (dev->conn->driver->nodeDeviceReset) {
|
||||||
|
int ret;
|
||||||
|
ret = dev->conn->driver->nodeDeviceReset (dev);
|
||||||
|
@@ -12962,6 +12981,10 @@ virDomainRevertToSnapshot(virDomainSnaps
|
||||||
|
}
|
||||||
|
|
||||||
|
conn = snapshot->domain->conn;
|
||||||
|
+ if (conn->flags & VIR_CONNECT_RO) {
|
||||||
|
+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (conn->driver->domainRevertToSnapshot) {
|
||||||
|
int ret = conn->driver->domainRevertToSnapshot(snapshot, flags);
|
||||||
|
@@ -13008,6 +13031,10 @@ virDomainSnapshotDelete(virDomainSnapsho
|
||||||
|
}
|
||||||
|
|
||||||
|
conn = snapshot->domain->conn;
|
||||||
|
+ if (conn->flags & VIR_CONNECT_RO) {
|
||||||
|
+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
|
||||||
|
+ goto error;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (conn->driver->domainSnapshotDelete) {
|
||||||
|
int ret = conn->driver->domainSnapshotDelete(snapshot, flags);
|
2
baselibs.conf
Normal file
2
baselibs.conf
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
libvirt-client
|
||||||
|
libvirt-devel
|
@ -1,3 +1,24 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Mar 24 10:23:30 UTC 2011 - coolo@novell.com
|
||||||
|
|
||||||
|
- use %first_lang before changing symlinks, find_lang removes
|
||||||
|
unsupported languages
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Mar 15 09:37:20 MDT 2011 - jfehlig@novell.com
|
||||||
|
|
||||||
|
- VUL-0: libvirt: several API calls do not honour read-only
|
||||||
|
connection
|
||||||
|
71753cb7-CVE-2011-1146.patch
|
||||||
|
bnc#678406
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Mar 7 11:47:17 MST 2011 - jfehlig@novell.com
|
||||||
|
|
||||||
|
- Add baselibs.conf file to build xxbit packages
|
||||||
|
for multilib support
|
||||||
|
bnc#676921
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Feb 25 12:38:09 MST 2011 - jfehlig@novell.com
|
Fri Feb 25 12:38:09 MST 2011 - jfehlig@novell.com
|
||||||
|
|
||||||
|
@ -170,6 +170,7 @@ Source0: %{name}-%{version}.tar.bz2
|
|||||||
Source1: libvirtd.init
|
Source1: libvirtd.init
|
||||||
# Upstream patches
|
# Upstream patches
|
||||||
Patch0: efc2594b-boot-param.patch
|
Patch0: efc2594b-boot-param.patch
|
||||||
|
Patch1: 71753cb7-CVE-2011-1146.patch
|
||||||
# Need to go upstream
|
# Need to go upstream
|
||||||
Patch100: xen-name-for-devid.patch
|
Patch100: xen-name-for-devid.patch
|
||||||
Patch102: clone.patch
|
Patch102: clone.patch
|
||||||
@ -285,6 +286,7 @@ Authors:
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
|
%patch1 -p1
|
||||||
%patch100 -p1
|
%patch100 -p1
|
||||||
%patch102
|
%patch102
|
||||||
%patch103 -p1
|
%patch103 -p1
|
||||||
@ -409,6 +411,8 @@ rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.qemu
|
|||||||
%if ! %{with_uml}
|
%if ! %{with_uml}
|
||||||
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.uml
|
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.uml
|
||||||
%endif
|
%endif
|
||||||
|
%find_lang %{name}
|
||||||
|
|
||||||
ln_dupes()
|
ln_dupes()
|
||||||
{
|
{
|
||||||
target=""
|
target=""
|
||||||
@ -430,7 +434,6 @@ mkdir -p $RPM_BUILD_ROOT/etc/init.d
|
|||||||
install %SOURCE1 $RPM_BUILD_ROOT/etc/init.d/libvirtd
|
install %SOURCE1 $RPM_BUILD_ROOT/etc/init.d/libvirtd
|
||||||
ln -s /etc/init.d/libvirtd $RPM_BUILD_ROOT/usr/sbin/rclibvirtd
|
ln -s /etc/init.d/libvirtd $RPM_BUILD_ROOT/usr/sbin/rclibvirtd
|
||||||
ln -s /etc/init.d/libvirt-guests $RPM_BUILD_ROOT/usr/sbin/rclibvirt-guests
|
ln -s /etc/init.d/libvirt-guests $RPM_BUILD_ROOT/usr/sbin/rclibvirt-guests
|
||||||
%find_lang %{name}
|
|
||||||
|
|
||||||
%clean
|
%clean
|
||||||
rm -rf $RPM_BUILD_ROOT
|
rm -rf $RPM_BUILD_ROOT
|
||||||
|
Loading…
Reference in New Issue
Block a user