[libvirt/f15] update to libvirt-0.8.8-5
Laine Stump
laine at fedoraproject.org
Tue Jul 5 22:38:01 UTC 2011
commit 84c34151e44ade9583533fa6b02cddb413cdf9dc
Author: Laine Stump <laine at laine.org>
Date: Tue Jul 5 18:36:14 2011 -0400
update to libvirt-0.8.8-5
Fix for CVE-2011-2178, regression introduced in disk probe logic,
Bug 709775
Fix for CVE-2011-2511, integer overflow in VirDomainGetVcpus,
Bug 717204
Add several build and runtime dependencies to specfile
Bug 680270
...0.8.8-Requires-gettext-for-client-package.patch | 40 +++++++
....8.8-build-add-dependency-on-gnutls-utils.patch | 30 +++++
...8-remote-protect-against-integer-overflow.patch | 115 ++++++++++++++++++++
libvirt-0.8.8-rpm-add-missing-dependencies.patch | 99 +++++++++++++++++
...ug-regression-introduced-in-disk-probe-lo.patch | 40 +++++++
...-validate-behave-when-CERTTOOL-is-missing.patch | 27 +++++
libvirt.spec | 52 +++++++++-
7 files changed, 400 insertions(+), 3 deletions(-)
---
diff --git a/libvirt-0.8.8-Requires-gettext-for-client-package.patch b/libvirt-0.8.8-Requires-gettext-for-client-package.patch
new file mode 100644
index 0000000..a7ea772
--- /dev/null
+++ b/libvirt-0.8.8-Requires-gettext-for-client-package.patch
@@ -0,0 +1,40 @@
+From e03899ff772cb753f02ecc99c81776a95c8e3d59 Mon Sep 17 00:00:00 2001
+From: Osier Yang <jyang at redhat.com>
+Date: Fri, 18 Feb 2011 13:45:13 +0800
+Subject: [PATCH 2/6] Requires gettext for client package
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+
+libvirt-guests invokes functions in gettext.sh, so we need to
+require gettext package in spec file.
+
+Demo with the fix:
+% rpm -q gettext
+package gettext is not installed
+
+% rpm -ivh libvirt-client-0.8.8-1.fc14.x86_64.rpm
+error: Failed dependencies:
+ gettext is needed by libvirt-client-0.8.8-1.fc14.x86_64
+
+* libvirt.spec.in
+---
+ libvirt.spec.in | 2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index d4208e8..c08b186 100644
+--- a/libvirt.spec.in
++++ b/libvirt.spec.in
+@@ -415,6 +415,8 @@ Requires: ncurses
+ # So remote clients can access libvirt over SSH tunnel
+ # (client invokes 'nc' against the UNIX socket on the server)
+ Requires: nc
++# Needed by libvirt-guests init script.
++Requires: gettext
+ %if %{with_sasl}
+ Requires: cyrus-sasl
+ # Not technically required, but makes 'out-of-box' config
+--
+1.7.3.4
+
diff --git a/libvirt-0.8.8-build-add-dependency-on-gnutls-utils.patch b/libvirt-0.8.8-build-add-dependency-on-gnutls-utils.patch
new file mode 100644
index 0000000..e5239cb
--- /dev/null
+++ b/libvirt-0.8.8-build-add-dependency-on-gnutls-utils.patch
@@ -0,0 +1,30 @@
+From 29680e00f67bad9145387022ea0d3c307465d3dc Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake at redhat.com>
+Date: Mon, 21 Feb 2011 10:43:29 -0700
+Subject: [PATCH 4/6] build: add dependency on gnutls-utils
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+
+* libvirt.spec.in (Requires): Add gnutls-utils, for virt-pki-validate.
+Suggested by Daniel P. Berrange.
+---
+ libvirt.spec.in | 2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index c08b186..23f4525 100644
+--- a/libvirt.spec.in
++++ b/libvirt.spec.in
+@@ -417,6 +417,8 @@ Requires: ncurses
+ Requires: nc
+ # Needed by libvirt-guests init script.
+ Requires: gettext
++# Needed by virt-pki-validate script.
++Requires: gnutls-utils
+ %if %{with_sasl}
+ Requires: cyrus-sasl
+ # Not technically required, but makes 'out-of-box' config
+--
+1.7.3.4
+
diff --git a/libvirt-0.8.8-remote-protect-against-integer-overflow.patch b/libvirt-0.8.8-remote-protect-against-integer-overflow.patch
new file mode 100644
index 0000000..931c9a5
--- /dev/null
+++ b/libvirt-0.8.8-remote-protect-against-integer-overflow.patch
@@ -0,0 +1,115 @@
+From 9388aeabcbb06ec93845b6d066148ad4cfe1dd9e Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake at redhat.com>
+Date: Fri, 24 Jun 2011 12:16:05 -0600
+Subject: [PATCH 6/6] remote: protect against integer overflow
+
+https://bugzilla.redhat.com/show_bug.cgi?id=717204
+CVE-2011-2511 - integer overflow in VirDomainGetVcpus
+
+Integer overflow and remote code are never a nice mix.
+
+This has existed since commit 56cd414.
+
+* src/libvirt.c (virDomainGetVcpus): Reject overflow up front.
+* src/remote/remote_driver.c (remoteDomainGetVcpus): Avoid overflow
+ on sending rpc.
+* daemon/remote.c (remoteDispatchDomainGetVcpus): Avoid overflow on
+ receiving rpc.
+
+(cherry picked from commit 774b21c163845170c9ffa873f5720d318812eaf6)
+
+Conflicts:
+
+ daemon/remote.c
+ src/remote/remote_driver.c
+
+Change to internal.h required to avoid backporting 89d994ad.
+---
+ daemon/remote.c | 3 ++-
+ src/internal.h | 17 +++++++++++++++++
+ src/libvirt.c | 5 +++--
+ src/remote/remote_driver.c | 3 ++-
+ 4 files changed, 24 insertions(+), 4 deletions(-)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index 159430e..b707326 100644
+--- a/daemon/remote.c
++++ b/daemon/remote.c
+@@ -1722,7 +1722,8 @@ remoteDispatchDomainGetVcpus (struct qemud_server *server ATTRIBUTE_UNUSED,
+ return -1;
+ }
+
+- if (args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
++ if (INT_MULTIPLY_OVERFLOW(args->maxinfo, args->maplen) ||
++ args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
+ virDomainFree(dom);
+ remoteDispatchFormatError (rerr, "%s", _("maxinfo * maplen > REMOTE_CPUMAPS_MAX"));
+ return -1;
+diff --git a/src/internal.h b/src/internal.h
+index e263684..f47b842 100644
+--- a/src/internal.h
++++ b/src/internal.h
+@@ -232,6 +232,23 @@
+ } \
+ } while (0)
+
++/* branch-specific: we don't want to update gnulib on the branch, so this
++ * backports just one required macro from newer gnulib's intprops.h.
++ * This version requires that both a and b are 'int', rather than
++ * the fully type-generic version from gnulib. */
++# define INT_MULTIPLY_OVERFLOW(a, b) \
++ ((b) < 0 \
++ ? ((a) < 0 \
++ ? (a) < INT_MAX / (b) \
++ : (b) == -1 \
++ ? 0 \
++ : INT_MIN / (b) < (a)) \
++ : (b) == 0 \
++ ? 0 \
++ : ((a) < 0 \
++ ? (a) < INT_MIN / (b) \
++ : INT_MAX / (b) < (a)))
++
+ /* divide value by size, rounding up */
+ # define VIR_DIV_UP(value, size) (((value) + (size) - 1) / (size))
+
+diff --git a/src/libvirt.c b/src/libvirt.c
+index 8c70a1f..d8ab8f8 100644
+--- a/src/libvirt.c
++++ b/src/libvirt.c
+@@ -40,6 +40,7 @@
+ #include "util.h"
+ #include "memory.h"
+ #include "configmake.h"
++#include "intprops.h"
+
+ #ifndef WITH_DRIVER_MODULES
+ # ifdef WITH_TEST
+@@ -5363,8 +5364,8 @@ virDomainGetVcpus(virDomainPtr domain, virVcpuInfoPtr info, int maxinfo,
+
+ /* Ensure that domainGetVcpus (aka remoteDomainGetVcpus) does not
+ try to memcpy anything into a NULL pointer. */
+- if ((cpumaps == NULL && maplen != 0)
+- || (cpumaps && maplen <= 0)) {
++ if (!cpumaps ? maplen != 0
++ : (maplen <= 0 || INT_MULTIPLY_OVERFLOW(maxinfo, maplen))) {
+ virLibDomainError(VIR_ERR_INVALID_ARG, __FUNCTION__);
+ goto error;
+ }
+diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
+index 4ca0d3b..c73452e 100644
+--- a/src/remote/remote_driver.c
++++ b/src/remote/remote_driver.c
+@@ -2850,7 +2850,8 @@ remoteDomainGetVcpus (virDomainPtr domain,
+ maxinfo, REMOTE_VCPUINFO_MAX);
+ goto done;
+ }
+- if (maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
++ if (INT_MULTIPLY_OVERFLOW(maxinfo, maplen) ||
++ maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
+ remoteError(VIR_ERR_RPC,
+ _("vCPU map buffer length exceeds maximum: %d > %d"),
+ maxinfo * maplen, REMOTE_CPUMAPS_MAX);
+--
+1.7.3.4
+
diff --git a/libvirt-0.8.8-rpm-add-missing-dependencies.patch b/libvirt-0.8.8-rpm-add-missing-dependencies.patch
new file mode 100644
index 0000000..0f0ad76
--- /dev/null
+++ b/libvirt-0.8.8-rpm-add-missing-dependencies.patch
@@ -0,0 +1,99 @@
+From 775581ead9c0b6435e8a0dad2a6838909638e7b6 Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake at redhat.com>
+Date: Wed, 23 Mar 2011 10:30:49 -0600
+Subject: [PATCH 5/6] rpm: add missing dependencies
+
+manually adapted from upstream 206fc979b1656722b254e683d89b3e9fc4480c63
+
+Among others, the missing radvd dependency showed up as:
+
+error: Failed to start network ipv6net
+error: Cannot find radvd - Possibly the package isn't installed: No such file
+or directory
+
+even when radvd was installed, because the RADVD preprocessor
+symbol was missing at configure time.
+
+* libvirt.spec.in (with_network): Add Build and BuildRequires for radvd
+ (BuildRequires): Add libxslt and augeas for docs and test.
+ (with_libvirtd): Add module-init-tools for modprobe.
+ (with_nwfilter): Add BuildRequires for ebtables.
+---
+ libvirt.spec.in | 26 ++++++++++++++++++++++++--
+ 1 files changed, 24 insertions(+), 2 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index 23f4525..8ffb757 100644
+--- a/libvirt.spec.in
++++ b/libvirt.spec.in
+@@ -219,15 +219,21 @@ Requires: %{name}-client = %{version}-%{release}
+ # daemon is present
+ %if %{with_libvirtd}
+ Requires: bridge-utils
++# for modprobe of pci devices
++Requires: module-init-tools
++# for /sbin/ip
++Requires: iproute
+ %endif
+ %if %{with_network}
+ Requires: dnsmasq >= 2.41
++Requires: radvd
++%endif
++%if %{with_network} || %{with_nwfilter}
+ Requires: iptables
++Requires: iptables-ipv6
+ %endif
+ %if %{with_nwfilter}
+ Requires: ebtables
+-Requires: iptables
+-Requires: iptables-ipv6
+ %endif
+ # needed for device enumeration
+ %if %{with_hal}
+@@ -295,10 +301,15 @@ BuildRequires: xmlrpc-c-devel >= 1.14.0
+ %endif
+ BuildRequires: libxml2-devel
+ BuildRequires: xhtml1-dtds
++BuildRequires: libxslt
+ BuildRequires: readline-devel
+ BuildRequires: ncurses-devel
+ BuildRequires: gettext
+ BuildRequires: gnutls-devel
++%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
++# for augparse, optionally used in testing
++BuildRequires: augeas
++%endif
+ %if %{with_hal}
+ BuildRequires: hal-devel
+ %endif
+@@ -323,8 +334,15 @@ BuildRequires: libselinux-devel
+ %endif
+ %if %{with_network}
+ BuildRequires: dnsmasq >= 2.41
++BuildRequires: iptables
++BuildRequires: iptables-ipv6
++BuildRequires: radvd
++%endif
++%if %{with_nwfilter}
++BuildRequires: ebtables
+ %endif
+ BuildRequires: bridge-utils
++BuildRequires: module-init-tools
+ %if %{with_sasl}
+ BuildRequires: cyrus-sasl-devel
+ %endif
+@@ -388,7 +406,11 @@ BuildRequires: libssh2-devel
+ BuildRequires: netcf-devel >= 0.1.4
+ %endif
+ %if %{with_esx}
++%if 0%{?fedora} >= 9 || 0%{?rhel} >= 6
+ BuildRequires: libcurl-devel
++%else
++BuildRequires: curl-devel
++%endif
+ %endif
+ %if %{with_audit}
+ BuildRequires: audit-libs-devel
+--
+1.7.3.4
+
diff --git a/libvirt-0.8.8-security-plug-regression-introduced-in-disk-probe-lo.patch b/libvirt-0.8.8-security-plug-regression-introduced-in-disk-probe-lo.patch
new file mode 100644
index 0000000..e45c1e0
--- /dev/null
+++ b/libvirt-0.8.8-security-plug-regression-introduced-in-disk-probe-lo.patch
@@ -0,0 +1,40 @@
+From c2d77ade37ee917ca258cb24ffb130fc07bb95b4 Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake at redhat.com>
+Date: Thu, 26 May 2011 08:18:46 -0600
+Subject: [PATCH 1/6] security: plug regression introduced in disk probe logic
+
+This patch resolves:
+
+ https://bugzilla.redhat.com/show_bug.cgi?id=709775
+ CVE-2011-2178 - regression introduced in disk probe logic
+
+Regression introduced in commit d6623003 (v0.8.8) - using the
+wrong sizeof operand meant that security manager private data
+was overlaying the allowDiskFormatProbing member of struct
+_virSecurityManager. This reopens disk probing, which was
+supposed to be prevented by the solution to CVE-2010-2238.
+
+* src/security/security_manager.c
+(virSecurityManagerGetPrivateData): Use correct offset.
+---
+ src/security/security_manager.c | 4 +++-
+ 1 files changed, 3 insertions(+), 1 deletions(-)
+
+diff --git a/src/security/security_manager.c b/src/security/security_manager.c
+index 0246dd8..6f0becd 100644
+--- a/src/security/security_manager.c
++++ b/src/security/security_manager.c
+@@ -107,7 +107,9 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name,
+
+ void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr)
+ {
+- return ((char*)mgr) + sizeof(mgr);
++ /* This accesses the memory just beyond mgr, which was allocated
++ * via VIR_ALLOC_VAR earlier. */
++ return mgr + 1;
+ }
+
+
+--
+1.7.3.4
+
diff --git a/libvirt-0.8.8-virt-pki-validate-behave-when-CERTTOOL-is-missing.patch b/libvirt-0.8.8-virt-pki-validate-behave-when-CERTTOOL-is-missing.patch
new file mode 100644
index 0000000..c4bc36a
--- /dev/null
+++ b/libvirt-0.8.8-virt-pki-validate-behave-when-CERTTOOL-is-missing.patch
@@ -0,0 +1,27 @@
+From 9679cde15cabf95c7538c3b6929893ec68552d23 Mon Sep 17 00:00:00 2001
+From: Dan Kenigsberg <danken at redhat.com>
+Date: Sun, 20 Feb 2011 22:29:25 +0200
+Subject: [PATCH 3/6] virt-pki-validate: behave when CERTTOOL is missing
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+---
+ tools/virt-pki-validate.in | 2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in
+index 207fa76..96659cf 100755
+--- a/tools/virt-pki-validate.in
++++ b/tools/virt-pki-validate.in
+@@ -14,7 +14,7 @@ PORT=16514
+ # First get certtool
+ #
+ CERTOOL=`which certtool 2>/dev/null`
+-if [ ! -x $CERTOOL ]
++if [ ! -x "$CERTOOL" ]
+ then
+ echo "Could not locate the certtool program"
+ echo "make sure the gnutls-utils (or gnutls-bin) package is installed"
+--
+1.7.3.4
+
diff --git a/libvirt.spec b/libvirt.spec
index 63eb265..6173ff0 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -204,7 +204,7 @@
Summary: Library providing a simple virtualization API
Name: libvirt
Version: 0.8.8
-Release: 4%{?dist}%{?extra_release}
+Release: 5%{?dist}%{?extra_release}
License: LGPLv2+
Group: Development/Libraries
Source: http://libvirt.org/sources/libvirt-%{version}.tar.gz
@@ -213,6 +213,12 @@ Patch2: %{name}-%{version}-read-only-checks.patch
# Patches 5, 6 CVE-2011-1486
Patch3: %{name}-%{version}-threadsafe-libvirtd-error-reporting.patch
Patch4: %{name}-%{version}-avoid-resetting-errors.patch
+Patch5: %{name}-%{version}-security-plug-regression-introduced-in-disk-probe-lo.patch
+Patch6: %{name}-%{version}-Requires-gettext-for-client-package.patch
+Patch7: %{name}-%{version}-virt-pki-validate-behave-when-CERTTOOL-is-missing.patch
+Patch8: %{name}-%{version}-build-add-dependency-on-gnutls-utils.patch
+Patch9: %{name}-%{version}-rpm-add-missing-dependencies.patch
+Patch10: %{name}-%{version}-remote-protect-against-integer-overflow.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
URL: http://libvirt.org/
BuildRequires: python-devel
@@ -224,15 +230,21 @@ Requires: %{name}-client = %{version}-%{release}
# daemon is present
%if %{with_libvirtd}
Requires: bridge-utils
+# for modprobe of pci devices
+Requires: module-init-tools
+# for /sbin/ip
+Requires: iproute
%endif
%if %{with_network}
Requires: dnsmasq >= 2.41
+Requires: radvd
+%endif
+%if %{with_network} || %{with_nwfilter}
Requires: iptables
+Requires: iptables-ipv6
%endif
%if %{with_nwfilter}
Requires: ebtables
-Requires: iptables
-Requires: iptables-ipv6
%endif
# needed for device enumeration
%if %{with_hal}
@@ -300,10 +312,15 @@ BuildRequires: xmlrpc-c-devel >= 1.14.0
%endif
BuildRequires: libxml2-devel
BuildRequires: xhtml1-dtds
+BuildRequires: libxslt
BuildRequires: readline-devel
BuildRequires: ncurses-devel
BuildRequires: gettext
BuildRequires: gnutls-devel
+%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
+# for augparse, optionally used in testing
+BuildRequires: augeas
+%endif
%if %{with_hal}
BuildRequires: hal-devel
%endif
@@ -328,8 +345,15 @@ BuildRequires: libselinux-devel
%endif
%if %{with_network}
BuildRequires: dnsmasq >= 2.41
+BuildRequires: iptables
+BuildRequires: iptables-ipv6
+BuildRequires: radvd
+%endif
+%if %{with_nwfilter}
+BuildRequires: ebtables
%endif
BuildRequires: bridge-utils
+BuildRequires: module-init-tools
%if %{with_sasl}
BuildRequires: cyrus-sasl-devel
%endif
@@ -393,7 +417,11 @@ BuildRequires: libssh2-devel
BuildRequires: netcf-devel >= 0.1.4
%endif
%if %{with_esx}
+%if 0%{?fedora} >= 9 || 0%{?rhel} >= 6
BuildRequires: libcurl-devel
+%else
+BuildRequires: curl-devel
+%endif
%endif
%if %{with_audit}
BuildRequires: audit-libs-devel
@@ -420,6 +448,10 @@ Requires: ncurses
# So remote clients can access libvirt over SSH tunnel
# (client invokes 'nc' against the UNIX socket on the server)
Requires: nc
+# Needed by libvirt-guests init script.
+Requires: gettext
+# Needed by virt-pki-validate script.
+Requires: gnutls-utils
%if %{with_sasl}
Requires: cyrus-sasl
# Not technically required, but makes 'out-of-box' config
@@ -463,6 +495,12 @@ of recent versions of Linux (and other OSes).
%patch2 -p1
%patch3 -p1
%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
%build
%if ! %{with_xen}
@@ -982,6 +1020,14 @@ fi
%endif
%changelog
+* Tue Jul 5 2011 Laine Stump <laine at redhat.com> 0.8.8-5
+- Fix for CVE-2011-2178, regression introduced in disk probe logic,
+ Bug 709775
+- Fix for CVE-2011-2511, integer overflow in VirDomainGetVcpus,
+ Bug 717204
+- Add several build and runtime dependencies to specfile
+ Bug 680270
+
* Tue Apr 5 2011 Laine Stump <laine at redhat.com> 0.8.8-4
- Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe,
bug 693457
More information about the scm-commits
mailing list