- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop

in start_xmit and e1000_receive_iov routines CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=396
2016-01-27 20:31:39 +00:00
parent 39134eb9d2
commit fbfd58d3a2
4 changed files with 201 additions and 2 deletions
--- a/xen.spec
+++ b/xen.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package xen
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #

-
 # needssslcertforbuild

 Name:           xen
@@ -277,6 +276,8 @@ Patch281:       CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-l
 Patch282:       CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
 Patch283:       CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
 Patch284:       CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
+Patch285:       CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
+Patch286:       CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
 # Our platform specific patches
 Patch321:       xen-destdir.patch
 Patch322:       vif-bridge-no-iptables.patch
@@ -620,6 +621,8 @@ Authors:
 %patch282 -p1
 %patch283 -p1
 %patch284 -p1
+%patch285 -p1
+%patch286 -p1
 # Our platform specific patches
 %patch321 -p1
 %patch322 -p1