forked from pool/libvirt
9b367aafd3
db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch, 922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch bnc#836931 - CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats e7f400a1-CVE-2013-4296.patch bnc#838638 - CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate 2dba0323-CVE-2013-4297.patch bnc#838642 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=299
36 lines
1.4 KiB
Diff
36 lines
1.4 KiB
Diff
commit e4697b92abaad16e8e6b41a1e55be9b084d48d5a
|
|
Author: Daniel P. Berrange <berrange@redhat.com>
|
|
Date: Mon Sep 23 12:46:25 2013 +0100
|
|
|
|
Fix typo in identity code which is pre-requisite for CVE-2013-4311
|
|
|
|
The fix for CVE-2013-4311 had a pre-requisite enhancement
|
|
to the identity code
|
|
|
|
commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176
|
|
Author: Daniel P. Berrange <berrange@redhat.com>
|
|
Date: Thu Aug 22 16:00:01 2013 +0100
|
|
|
|
Also store user & group ID values in virIdentity
|
|
|
|
This had a typo which caused the group ID to overwrite the
|
|
user ID string. This meant any checks using this would have
|
|
the wrong ID value. This only affected the ACL code, not the
|
|
initial polkit auth. It also leaked memory.
|
|
|
|
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
|
Index: libvirt-1.1.2/src/rpc/virnetserverclient.c
|
|
===================================================================
|
|
--- libvirt-1.1.2.orig/src/rpc/virnetserverclient.c
|
|
+++ libvirt-1.1.2/src/rpc/virnetserverclient.c
|
|
@@ -678,7 +678,7 @@ virNetServerClientCreateIdentity(virNetS
|
|
goto cleanup;
|
|
if (!(groupname = virGetGroupName(gid)))
|
|
goto cleanup;
|
|
- if (virAsprintf(&userid, "%d", (int)gid) < 0)
|
|
+ if (virAsprintf(&groupid, "%d", (int)gid) < 0)
|
|
goto cleanup;
|
|
if (virAsprintf(&processid, "%llu",
|
|
(unsigned long long)pid) < 0)
|