[libvirt/f21] Rebased to version 1.2.9.2 CVE-2014-8131: deadlock and segfault in qemuConnectGetAllDomainStats (bz
Cole Robinson
crobinso at fedoraproject.org
Sun Feb 8 03:00:50 UTC 2015
commit 7415198273f8aa80e370a65f206c607a3f2478c0
Author: Cole Robinson <crobinso at redhat.com>
Date: Sat Feb 7 22:00:40 2015 -0500
Rebased to version 1.2.9.2
CVE-2014-8131: deadlock and segfault in qemuConnectGetAllDomainStats (bz #1172571)
CVE-2015-0236: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save images and snapshots objects (bz #1185769)
CVE-2014-8136: local denial of service in qemu/qemu_driver.c (bz #1176179)
Fix crash parsing nbd URIs (bz #1188644)
Fix domain startup failing with 'strict' mode in numatune (bz #1168672)
...Cpu-Add-support-for-Power-LE-Architecture.patch | 22 +++---
...d-support-for-launching-VM-in-compat-mode.patch | 2 +-
...emu-Support-OVMF-on-armv7l-aarch64-guests.patch | 30 -------
0007-qemu-Drop-OVMF-whitelist.patch | 84 --------------------
libvirt.spec | 20 +++--
sources | 2 +-
6 files changed, 25 insertions(+), 135 deletions(-)
---
diff --git a/0001-Cpu-Add-support-for-Power-LE-Architecture.patch b/0001-Cpu-Add-support-for-Power-LE-Architecture.patch
index 409d636..6e8615a 100644
--- a/0001-Cpu-Add-support-for-Power-LE-Architecture.patch
+++ b/0001-Cpu-Add-support-for-Power-LE-Architecture.patch
@@ -19,10 +19,10 @@ Reviewed-by: Michal Privoznik <mprivozn at redhat.com>
6 files changed, 20 insertions(+), 16 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
-index c23a1f5..2d31ac2 100644
+index 6b64f51..699ffb9 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
-@@ -9864,7 +9864,7 @@ virDomainVideoDefaultType(const virDomainDef *def)
+@@ -9865,7 +9865,7 @@ virDomainVideoDefaultType(const virDomainDef *def)
(STREQ(def->os.type, "xen") ||
STREQ(def->os.type, "linux")))
return VIR_DOMAIN_VIDEO_TYPE_XEN;
@@ -45,7 +45,7 @@ index 67cb9ff..d591c18 100644
struct ppc_vendor {
char *name;
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
-index b931497..59a38b2 100644
+index e5ed50a..363e4e2 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -632,7 +632,7 @@ virQEMUCapsProbeCPUModels(virQEMUCapsPtr qemuCaps, uid_t runUid, gid_t runGid)
@@ -76,7 +76,7 @@ index b931497..59a38b2 100644
return (chr->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL &&
chr->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO);
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index 5ef3cbf..6cd0da6 100644
+index aeb4eec..c5c48bf 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -713,7 +713,7 @@ qemuSetSCSIControllerModel(virDomainDefPtr def,
@@ -115,7 +115,7 @@ index 5ef3cbf..6cd0da6 100644
model = VIR_DOMAIN_CONTROLLER_MODEL_USB_PCI_OHCI;
else
model = VIR_DOMAIN_CONTROLLER_MODEL_USB_PIIX3_UHCI;
-@@ -8453,7 +8453,7 @@ qemuBuildCommandLine(virConnectPtr conn,
+@@ -8445,7 +8445,7 @@ qemuBuildCommandLine(virConnectPtr conn,
!qemuDomainMachineIsQ35(def) &&
(!virQEMUCapsGet(qemuCaps, QEMU_CAPS_PIIX3_USB_UHCI) ||
(!virQEMUCapsGet(qemuCaps, QEMU_CAPS_PCI_OHCI) &&
@@ -124,7 +124,7 @@ index 5ef3cbf..6cd0da6 100644
if (usblegacy) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("Multiple legacy USB controllers are "
-@@ -9651,7 +9651,7 @@ qemuBuildCommandLine(virConnectPtr conn,
+@@ -9643,7 +9643,7 @@ qemuBuildCommandLine(virConnectPtr conn,
}
if (def->nvram) {
@@ -133,7 +133,7 @@ index 5ef3cbf..6cd0da6 100644
STRPREFIX(def->os.machine, "pseries")) {
if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_NVRAM)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-@@ -9769,7 +9769,7 @@ qemuBuildSerialChrDeviceStr(char **deviceStr,
+@@ -9761,7 +9761,7 @@ qemuBuildSerialChrDeviceStr(char **deviceStr,
{
virBuffer cmd = VIR_BUFFER_INITIALIZER;
@@ -142,7 +142,7 @@ index 5ef3cbf..6cd0da6 100644
if (serial->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL &&
serial->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO) {
virBufferAsprintf(&cmd, "spapr-vty,chardev=char%s",
-@@ -10191,7 +10191,7 @@ qemuParseCommandLineDisk(virDomainXMLOptionPtr xmlopt,
+@@ -10183,7 +10183,7 @@ qemuParseCommandLineDisk(virDomainXMLOptionPtr xmlopt,
if (VIR_ALLOC(def->src) < 0)
goto error;
@@ -151,7 +151,7 @@ index 5ef3cbf..6cd0da6 100644
dom->os.machine && STRPREFIX(dom->os.machine, "pseries")))
def->bus = VIR_DOMAIN_DISK_BUS_SCSI;
else
-@@ -10284,7 +10284,7 @@ qemuParseCommandLineDisk(virDomainXMLOptionPtr xmlopt,
+@@ -10276,7 +10276,7 @@ qemuParseCommandLineDisk(virDomainXMLOptionPtr xmlopt,
} else if (STREQ(keywords[i], "if")) {
if (STREQ(values[i], "ide")) {
def->bus = VIR_DOMAIN_DISK_BUS_IDE;
@@ -160,7 +160,7 @@ index 5ef3cbf..6cd0da6 100644
dom->os.machine && STRPREFIX(dom->os.machine, "pseries"))) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("pseries systems do not support ide devices '%s'"), val);
-@@ -11529,7 +11529,7 @@ qemuParseCommandLine(virCapsPtr qemuCaps,
+@@ -11521,7 +11521,7 @@ qemuParseCommandLine(virCapsPtr qemuCaps,
}
if (STREQ(arg, "-cdrom")) {
disk->device = VIR_DOMAIN_DISK_DEVICE_CDROM;
@@ -169,7 +169,7 @@ index 5ef3cbf..6cd0da6 100644
def->os.machine && STRPREFIX(def->os.machine, "pseries")))
disk->bus = VIR_DOMAIN_DISK_BUS_SCSI;
if (VIR_STRDUP(disk->dst, "hdc") < 0)
-@@ -11545,7 +11545,7 @@ qemuParseCommandLine(virCapsPtr qemuCaps,
+@@ -11537,7 +11537,7 @@ qemuParseCommandLine(virCapsPtr qemuCaps,
disk->bus = VIR_DOMAIN_DISK_BUS_IDE;
else
disk->bus = VIR_DOMAIN_DISK_BUS_SCSI;
diff --git a/0002-PowerPC-Add-support-for-launching-VM-in-compat-mode.patch b/0002-PowerPC-Add-support-for-launching-VM-in-compat-mode.patch
index fa87886..20ee601 100644
--- a/0002-PowerPC-Add-support-for-launching-VM-in-compat-mode.patch
+++ b/0002-PowerPC-Add-support-for-launching-VM-in-compat-mode.patch
@@ -70,7 +70,7 @@ index d591c18..4ea1835 100644
const struct ppc_vendor *vnd;
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index 6cd0da6..9619d28 100644
+index c5c48bf..423692e 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -6217,7 +6217,9 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
diff --git a/libvirt.spec b/libvirt.spec
index d61f861..da7fc42 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -362,8 +362,8 @@
Summary: Library providing a simple virtualization API
Name: libvirt
-Version: 1.2.9.1
-Release: 2%{?dist}%{?extra_release}
+Version: 1.2.9.2
+Release: 1%{?dist}%{?extra_release}
License: LGPLv2+
Group: Development/Libraries
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -380,9 +380,6 @@ Patch0002: 0002-PowerPC-Add-support-for-launching-VM-in-compat-mode.patch
Patch0003: 0003-PowerPC-Improve-PVR-handling-to-fall-back-to-cpu-gen.patch
Patch0004: 0004-docs-Add-documentation-for-compat-mode.patch
Patch0005: 0005-Test-Add-a-testcase-for-PowerPC-compat-mode-cpu-spec.patch
-# Don't reject aarch64 + uefi
-Patch0006: 0006-qemu-Support-OVMF-on-armv7l-aarch64-guests.patch
-Patch0007: 0007-qemu-Drop-OVMF-whitelist.patch
%if %{with_libvirtd}
Requires: libvirt-daemon = %{version}-%{release}
@@ -1214,9 +1211,6 @@ driver
%patch0003 -p1
%patch0004 -p1
%patch0005 -p1
-# Don't reject aarch64 + uefi
-%patch0006 -p1
-%patch0007 -p1
%build
%if ! %{with_xen}
@@ -2294,6 +2288,16 @@ exit 0
%doc examples/systemtap
%changelog
+* Sat Feb 07 2015 Cole Robinson <crobinso at redhat.com> - 1.2.9.2-1
+- Rebased to version 1.2.9.2
+- CVE-2014-8131: deadlock and segfault in qemuConnectGetAllDomainStats (bz
+ #1172571)
+- CVE-2015-0236: missing ACL check for the VIR_DOMAIN_XML_SECURE flag in save
+ images and snapshots objects (bz #1185769)
+- CVE-2014-8136: local denial of service in qemu/qemu_driver.c (bz #1176179)
+- Fix crash parsing nbd URIs (bz #1188644)
+- Fix domain startup failing with 'strict' mode in numatune (bz #1168672)
+
* Tue Dec 02 2014 Cole Robinson <crobinso at redhat.com> - 1.2.9.1-2
- Don't reject aarch64 + uefi
diff --git a/sources b/sources
index 3d4e8b8..c254fca 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-c0390a04b3b18d2ed965de89fa9c12dc libvirt-1.2.9.1.tar.gz
+7417e2c4912d8b36841eadbb6eada3a7 libvirt-1.2.9.2.tar.gz
More information about the scm-commits
mailing list