Accepting request 689150 from home:bfrogers:branches:Virtualization
A tweak was needed to previous submit, and in the interim another security bug came in, so fix that as well. OBS-URL: https://build.opensuse.org/request/show/689150 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=461
This commit is contained in:
parent
7f992805eb
commit
433d851e9d
34
0064-device_tree.c-Don-t-use-load_image.patch
Normal file
34
0064-device_tree.c-Don-t-use-load_image.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
From: Peter Maydell <peter.maydell@linaro.org>
|
||||||
|
Date: Fri, 14 Dec 2018 13:30:52 +0000
|
||||||
|
Subject: device_tree.c: Don't use load_image()
|
||||||
|
|
||||||
|
The load_image() function is deprecated, as it does not let the
|
||||||
|
caller specify how large the buffer to read the file into is.
|
||||||
|
Instead use load_image_size().
|
||||||
|
|
||||||
|
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
||||||
|
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
||||||
|
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||||
|
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
Reviewed-by: Eric Blake <eblake@redhat.com>
|
||||||
|
Message-id: 20181130151712.2312-9-peter.maydell@linaro.org
|
||||||
|
(cherry picked from commit da885fe1ee8b4589047484bd7fa05a4905b52b17)
|
||||||
|
[BR: BSC#1130675 CVE-2018-20815]
|
||||||
|
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||||
|
---
|
||||||
|
device_tree.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/device_tree.c b/device_tree.c
|
||||||
|
index 6d9c9726f6..296278e12a 100644
|
||||||
|
--- a/device_tree.c
|
||||||
|
+++ b/device_tree.c
|
||||||
|
@@ -91,7 +91,7 @@ void *load_device_tree(const char *filename_path, int *sizep)
|
||||||
|
/* First allocate space in qemu for device tree */
|
||||||
|
fdt = g_malloc0(dt_size);
|
||||||
|
|
||||||
|
- dt_file_load_size = load_image(filename_path, fdt);
|
||||||
|
+ dt_file_load_size = load_image_size(filename_path, fdt, dt_size);
|
||||||
|
if (dt_file_load_size < 0) {
|
||||||
|
error_report("Unable to open device tree file '%s'",
|
||||||
|
filename_path);
|
@ -1,3 +1,10 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Mar 27 16:59:53 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||||
|
|
||||||
|
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
|
||||||
|
* Patches added:
|
||||||
|
0064-device_tree.c-Don-t-use-load_image.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Mar 25 20:45:10 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
Mon Mar 25 20:45:10 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||||
|
|
||||||
|
@ -95,6 +95,7 @@ Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch
|
|||||||
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
|
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
|
||||||
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
|
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
|
||||||
Patch0063: 0063-i2c-ddc-fix-oob-read.patch
|
Patch0063: 0063-i2c-ddc-fix-oob-read.patch
|
||||||
|
Patch0064: 0064-device_tree.c-Don-t-use-load_image.patch
|
||||||
# Please do not add QEMU patches manually here.
|
# Please do not add QEMU patches manually here.
|
||||||
# Run update_git.sh to regenerate this queue.
|
# Run update_git.sh to regenerate this queue.
|
||||||
ExcludeArch: s390
|
ExcludeArch: s390
|
||||||
@ -189,6 +190,7 @@ syscall layer occurs on the native hardware and operating system.
|
|||||||
%patch0061 -p1
|
%patch0061 -p1
|
||||||
%patch0062 -p1
|
%patch0062 -p1
|
||||||
%patch0063 -p1
|
%patch0063 -p1
|
||||||
|
%patch0064 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
./configure \
|
./configure \
|
||||||
|
@ -1,3 +1,12 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Mar 27 16:59:46 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||||
|
|
||||||
|
- Tweak last spec file change to guard new Requires with conditional
|
||||||
|
- Fix DOS possibility in device tree processing (CVE-2018-20815
|
||||||
|
bsc#1130675)
|
||||||
|
0064-device_tree.c-Don-t-use-load_image.patch
|
||||||
|
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Mar 25 20:45:08 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
Mon Mar 25 20:45:08 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||||
|
|
||||||
|
@ -206,6 +206,7 @@ Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch
|
|||||||
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
|
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
|
||||||
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
|
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
|
||||||
Patch0063: 0063-i2c-ddc-fix-oob-read.patch
|
Patch0063: 0063-i2c-ddc-fix-oob-read.patch
|
||||||
|
Patch0064: 0064-device_tree.c-Don-t-use-load_image.patch
|
||||||
# Please do not add QEMU patches manually here.
|
# Please do not add QEMU patches manually here.
|
||||||
# Run update_git.sh to regenerate this queue.
|
# Run update_git.sh to regenerate this queue.
|
||||||
|
|
||||||
@ -845,7 +846,9 @@ Release: 0
|
|||||||
Provides: %name:%_libexecdir/qemu-bridge-helper
|
Provides: %name:%_libexecdir/qemu-bridge-helper
|
||||||
Requires(pre): permissions
|
Requires(pre): permissions
|
||||||
Requires(pre): shadow
|
Requires(pre): shadow
|
||||||
|
%if 0%{?suse_version} > 1320
|
||||||
Recommends: multipath-tools
|
Recommends: multipath-tools
|
||||||
|
%endif
|
||||||
Recommends: qemu-block-curl
|
Recommends: qemu-block-curl
|
||||||
%if 0%{?with_rbd}
|
%if 0%{?with_rbd}
|
||||||
Recommends: qemu-block-rbd
|
Recommends: qemu-block-rbd
|
||||||
@ -1007,6 +1010,7 @@ This package provides a service file for starting and stopping KSM.
|
|||||||
%patch0061 -p1
|
%patch0061 -p1
|
||||||
%patch0062 -p1
|
%patch0062 -p1
|
||||||
%patch0063 -p1
|
%patch0063 -p1
|
||||||
|
%patch0064 -p1
|
||||||
|
|
||||||
pushd roms/seabios
|
pushd roms/seabios
|
||||||
%patch1100 -p1
|
%patch1100 -p1
|
||||||
|
@ -1,3 +1,12 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Mar 27 16:59:46 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||||
|
|
||||||
|
- Tweak last spec file change to guard new Requires with conditional
|
||||||
|
- Fix DOS possibility in device tree processing (CVE-2018-20815
|
||||||
|
bsc#1130675)
|
||||||
|
0064-device_tree.c-Don-t-use-load_image.patch
|
||||||
|
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-3.1
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Mar 25 20:45:08 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
Mon Mar 25 20:45:08 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||||
|
|
||||||
|
@ -206,6 +206,7 @@ Patch0060: 0060-target-i386-sev-Do-not-pin-the-ram-.patch
|
|||||||
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
|
Patch0061: 0061-slirp-check-sscanf-result-when-emul.patch
|
||||||
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
|
Patch0062: 0062-ppc-add-host-serial-and-host-model-.patch
|
||||||
Patch0063: 0063-i2c-ddc-fix-oob-read.patch
|
Patch0063: 0063-i2c-ddc-fix-oob-read.patch
|
||||||
|
Patch0064: 0064-device_tree.c-Don-t-use-load_image.patch
|
||||||
# Please do not add QEMU patches manually here.
|
# Please do not add QEMU patches manually here.
|
||||||
# Run update_git.sh to regenerate this queue.
|
# Run update_git.sh to regenerate this queue.
|
||||||
|
|
||||||
@ -845,7 +846,9 @@ Release: 0
|
|||||||
Provides: %name:%_libexecdir/qemu-bridge-helper
|
Provides: %name:%_libexecdir/qemu-bridge-helper
|
||||||
Requires(pre): permissions
|
Requires(pre): permissions
|
||||||
Requires(pre): shadow
|
Requires(pre): shadow
|
||||||
|
%if 0%{?suse_version} > 1320
|
||||||
Recommends: multipath-tools
|
Recommends: multipath-tools
|
||||||
|
%endif
|
||||||
Recommends: qemu-block-curl
|
Recommends: qemu-block-curl
|
||||||
%if 0%{?with_rbd}
|
%if 0%{?with_rbd}
|
||||||
Recommends: qemu-block-rbd
|
Recommends: qemu-block-rbd
|
||||||
@ -1007,6 +1010,7 @@ This package provides a service file for starting and stopping KSM.
|
|||||||
%patch0061 -p1
|
%patch0061 -p1
|
||||||
%patch0062 -p1
|
%patch0062 -p1
|
||||||
%patch0063 -p1
|
%patch0063 -p1
|
||||||
|
%patch0064 -p1
|
||||||
|
|
||||||
pushd roms/seabios
|
pushd roms/seabios
|
||||||
%patch1100 -p1
|
%patch1100 -p1
|
||||||
|
@ -780,7 +780,9 @@ Release: 0
|
|||||||
Provides: %name:%_libexecdir/qemu-bridge-helper
|
Provides: %name:%_libexecdir/qemu-bridge-helper
|
||||||
Requires(pre): permissions
|
Requires(pre): permissions
|
||||||
Requires(pre): shadow
|
Requires(pre): shadow
|
||||||
|
%if 0%{?suse_version} > 1320
|
||||||
Recommends: multipath-tools
|
Recommends: multipath-tools
|
||||||
|
%endif
|
||||||
Recommends: qemu-block-curl
|
Recommends: qemu-block-curl
|
||||||
%if 0%{?with_rbd}
|
%if 0%{?with_rbd}
|
||||||
Recommends: qemu-block-rbd
|
Recommends: qemu-block-rbd
|
||||||
|
Loading…
Reference in New Issue
Block a user