Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-emulation
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2014-08-28 07:36:56 +0000
committerMike Frysinger <vapier@gentoo.org>2014-08-28 07:36:56 +0000
commitc89b023b8acec297f6ece0193e9518a21ac3684c (patch)
tree358e983705df1870566ec93e4b6316df42047fd6 /app-emulation
parentSecurity bump (diff)
downloadhistorical-c89b023b8acec297f6ece0193e9518a21ac3684c.tar.gz
historical-c89b023b8acec297f6ece0193e9518a21ac3684c.tar.bz2
historical-c89b023b8acec297f6ece0193e9518a21ac3684c.zip
Clean up CVE patch #520688 by Agostino Sarubbo.
Package-Manager: portage-2.2.10/cvs/Linux x86_64 Manifest-Sign-Key: 0xD2E96200
Diffstat (limited to 'app-emulation')
-rw-r--r--app-emulation/qemu/ChangeLog7
-rw-r--r--app-emulation/qemu/Manifest32
-rw-r--r--app-emulation/qemu/files/CVE-2014-5388.patch12
-rw-r--r--app-emulation/qemu/files/qemu-2.1.0-CVE-2014-5388.patch36
-rw-r--r--app-emulation/qemu/qemu-2.1.0-r1.ebuild4
5 files changed, 60 insertions, 31 deletions
diff --git a/app-emulation/qemu/ChangeLog b/app-emulation/qemu/ChangeLog
index 0d47a12a1688..ad4e553066ae 100644
--- a/app-emulation/qemu/ChangeLog
+++ b/app-emulation/qemu/ChangeLog
@@ -1,6 +1,11 @@
# ChangeLog for app-emulation/qemu
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/ChangeLog,v 1.288 2014/08/27 13:16:45 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/ChangeLog,v 1.289 2014/08/28 07:36:55 vapier Exp $
+
+ 28 Aug 2014; Mike Frysinger <vapier@gentoo.org>
+ +files/qemu-2.1.0-CVE-2014-5388.patch, -files/CVE-2014-5388.patch,
+ qemu-2.1.0-r1.ebuild:
+ Clean up CVE patch #520688 by Agostino Sarubbo.
*qemu-2.1.0-r1 (27 Aug 2014)
diff --git a/app-emulation/qemu/Manifest b/app-emulation/qemu/Manifest
index dac4c10a011b..186a0412fc2a 100644
--- a/app-emulation/qemu/Manifest
+++ b/app-emulation/qemu/Manifest
@@ -2,7 +2,6 @@
Hash: SHA256
AUX 65-kvm.rules 40 SHA256 c16a8dc7855880b2651f1a3ff488ecc54d4ac1036c71fffd5007021d8d18a7c5 SHA512 98aad2a2f212a7ac0ee5b60a9c92744fa462bce5f26594845c7a31d692aaaca2d52cb57bdbede7dfc60b9862c2a6510665dbb03215d5cf76e62516a283decdd6 WHIRLPOOL 937de93a23930f6b8533f0c3e0dd249c99ddf7d54446dea857607266ac0a4b435c5b4a52b2986b138bace9c0a7ade66f94116b38e2bc4767ead54bd11baf0920
-AUX CVE-2014-5388.patch 410 SHA256 dc5030a55f244c0372561f4a15940cc4f890181f1d6e2ae9b3ef126a845370b8 SHA512 1ddd3188edad892bff032f9b2b95f58ab74165bc46c3bb0a517fb33e4d516ec1dd5b68fa9eded97cf2e2a648ca4294501b1d1385cc2e7028ad2e5bd362e07168 WHIRLPOOL 3effea2fa9a19546c63ec967bc545804a23021c335ae92fd702e89f37e7fe72995bfd3c2048668140db889c6d337443f155be46bdd339ab8d9922f09bdb2fad7
AUX bridge.conf 454 SHA256 a51850dd39923f3482e4c575b48ad9fef9c9ebb2f2176225da399b79ce48c69d SHA512 a907ee86b81a1b61033bb7621ded65112504131ef7b698c53e4014b958ee6fc79e66f63069015a01e41362cb70a7d0ed26dd9a03033cf776f4846f0e1f8f1533 WHIRLPOOL 8fcbd4abf9b8f7ca3d16fe0eaf17196ebf708dfecf85ce0f020e0de22b64905114f7b310f361826c81bb961c6b1bbbf984bff1e595bb949993b8966ccb222c35
AUX qemu-1.7.0-cflags.patch 300 SHA256 8f35e55c4bae93e82f9580eabe2d6a2d4660bd05343e1f4e6c33815deeede91e SHA512 54446cb555b623b2306f8a323713e4dfb1b8b7bbf3af3771d5b62e164e0672cc21cbe44f08ca8b58052523e8d629e16355a44ebb544a999a44d11ac3af671f1c WHIRLPOOL b903b4abefeeb09a2ab2d1ee224de5d3694f99f50aacfe33882fce0c1c87c23dae4d57b001d1c35cc96fffa93d43fac4a8ab30a3e45fe1f380580162c0332e78
AUX qemu-2.0.0-CVE-2013-4541.patch 1254 SHA256 9e17729acae9cc8baa50a06cbd3cd96c242b498e4af92ec9f3399537d804b05c SHA512 deaba2b423e45ea0846fa4fd4ba838c4cb183c8fbcea8fab141172cdcf196d0636f37e16bf91cec73d45bed268d369960a4fc50d74fb455f4c095b37633f7b36 WHIRLPOOL 492978b353f330a1dbcdb089949938c6e2213b4a28429498ddbcbe54cec18d0b2d36c0fb0e3b78c43b66ecdf40f1fbafa9ef216506d43a3436765d8bb657ac22
@@ -10,6 +9,7 @@ AUX qemu-2.0.0-CVE-2014-0222.patch 1724 SHA256 d96e3b3b599928a40156e0632596f0795
AUX qemu-2.0.0-CVE-2014-0223.patch 1916 SHA256 a39ef614d175e5304c579fed2a18608990011ef516bac0b1bc00f1c020d4d53a SHA512 84218e77d9ac3eac286a4b55cdab7994271d65b6e2493f0f87d7f1f5b412f56581c78b003bc63e78a8b5106f43143437dc83190329607e346e6445fc5766985a WHIRLPOOL 86929b77ae0beef4b086e48444ca019dd43e1ae20df05dbdc63e8c3c019545dbbda1e8f14b618244cc87761272270fad241635d14bf78a894d7f08afdd9bd68a
AUX qemu-2.0.0-qcow-check-max-sizes.patch 1863 SHA256 b3dbd3b90f683350aba558e065e76683617a3c0fc73246430223cd5d05239435 SHA512 f07180158987350ed1fefde9dea391bdd0abf267f4cc81e3a339431e338aa7c664efe8e7c8d6474cf5dfe48782742127b28db2a3381d26b921d9df1b73690570 WHIRLPOOL 6f2f0586f2f89b611eafa186367fad66633118703c38af227f3259cc4fd112d274f3304020339369063f9c92283ecd2df0506df7a49f48ae2e4a2ec695132a4a
AUX qemu-2.0.0-usb-post-load-checks.patch 1267 SHA256 e0eb00149f3a37d5e66ac4858fdf806894104980795ad97a2b1fc78671e298ae SHA512 edfa35f8ac1aab52034d85f99d5dac16fcb553b3c12e8d0541de8b0f10dd48908c289691f8145fcc2fc38676f76bbb8a90ea9169d9993bc689690ec71a9d1c9b WHIRLPOOL 99afb66c3734fbcc0ffcfde0210e875bf631a854132f1c945d69ecda29c8f5c37a20ca713471905fb85e61873b762abafc01223a1d782e4b7aafd218fe68026d
+AUX qemu-2.1.0-CVE-2014-5388.patch 1093 SHA256 df7c11ffb519f9a4c0db177359c5fe9772d5463fbd61d29905b8177e598d6887 SHA512 1f0c4b5b306f85a9a796b906cdd79106ea87a07217aee5b84ac45db0235440b55484591eeb4d0c05fbae6011879ac957304e82cb8a7b58ee77c550e32602367f WHIRLPOOL 33a09191ba765f72764ce5396e9a14c8f900efaf7e1707d535cadca38c46bf0dde0e99f6e8f0f37bd58ae512049edf78977976678088a1dc4d26f544e90cfc29
AUX qemu-9999-cflags.patch 347 SHA256 fe3bcbe83e81225b2c722578a0a976fcb724419d5208bbd6d02fb543e80b7e12 SHA512 e1b8be744170d61a2155b23a8394db01f8af6dc70ec033e71b2ff46f72975704836d42b96d7904e5d462289c5f8f24317f2fb28698f18a77ab1de02829e585eb WHIRLPOOL 2d972c7e40292f424fd37a4c1af04d2be095c215211ec2e1d15d8457df553342ffc02a7d39985f817fbbf5342e422d30e439c35a925341cf9b852ca7ff15a308
AUX qemu-9999-virtfs-proxy-helper-accept.patch 973 SHA256 91cc9e024aa09ea3dd23ec52c561047656acc89f0ad0d5ddccce354c1ac4d282 SHA512 031cb1c35b479b18032f56a07fa2fa6d392a7f0919acd3636bf122ab7f75dcfbb5fc0e26e18a8a31a9888409f81c2e08438a1af999232418d940167c5031a92b WHIRLPOOL ea4dc08230289a147fd55d0bd9e32896cd4491130084fc45b4043f41caf611f07d4587cc485e6d25ba3f6fbc66939ed8faf3c2017bf33ab10e1885277fa3f6ff
AUX qemu-binfmt.initd-r1 8078 SHA256 2560f1d12374a2dea74e18365ac3d759c2eab35eb9a77b989e1bb8346d9bc3f8 SHA512 82d8ebdb5a4c452f03281c28f074ea52acfb730f1c3ddf68de2ce496c7ca23fd379041948371b021355f00f9c260383fdecf47218ddf2764ab75d6ec8a7a2715 WHIRLPOOL a0f54e133fbda2fd050ef8168fee676a763bb94a890f8c1d99d44e37e4a29322d513d9f5ddad9247f44e3ee0ac779050a3b06cf909678fdfb9f46777701de492
@@ -17,25 +17,25 @@ AUX qemu-kvm-1.4 68 SHA256 8b1adf198129f001e75a2311fc420c168094d1084d2163cdf6a32
DIST qemu-2.0.0.tar.bz2 12839647 SHA256 60cc1aa0cad39cec891f970bed60ca8a484f071adad4943123599ac223543a3b SHA512 8fe2e8faa66251aaea7d6017ee71675d5b05f93f92be7e2ad3e1d02af185b3d6c4069bd83a13fb1e35a3e8947aff76f22446b395f97ac18b6f7a99744202e3fa WHIRLPOOL 6b39916acdcaa5e22510afec8a972935e71064de9ff0a3f9a698a8142f66b130a24d0a38cc56a7a92dbdc78d5145abe743a9c6933f819ce9e682b7cffdac1508
DIST qemu-2.1.0.tar.bz2 23563306 SHA256 397e23184f4bf613589a8fe0c6542461dc2afdf17ed337e97e6fd2f31e8f8802 SHA512 8c00fd61432420229d762fa2ccf91cb8cec20206e2ec02ab2df13c6b3b9de7605fbfacb0fadd21f20f13c1de4c5216d8b11538738c0d0e5094582ded7c668f2e WHIRLPOOL 9d28aab8e20a5a60e85709d7a192a45425605693e54452f54decd65ecc77b504f1bc6ff60f5e9428314fb04911f966753f39a189adc8aa85776fd3c49b5a6858
EBUILD qemu-2.0.0-r1.ebuild 18252 SHA256 08b927a25c9f88d90195b28d69c6abc6a971accb449ed8082c9471224f88c10d SHA512 ea5f33db18c158e4f5e5f4e01834763f5d735c5dcf8e8b4fee22831dbde5ce134858cbaffa02d3e6baf30f574c52f3fc6d969d1253ea6a8334355e977e1e5651 WHIRLPOOL b0ecd2e63f70c3274d45c94351a58be3b4704e604ebec8f4acdb2fe01de532292de43b041bdb059ec8294fbc163756ba1814cd058cad73da1397b61cea2112e0
-EBUILD qemu-2.1.0-r1.ebuild 18049 SHA256 e5228342b350fe96ebf98f48918a23b2b89ce7d4b7162a5ce2657f61a7bde4e8 SHA512 ce79ab31bf1d57557b8df2ba24558390cdf78633edef64d9890071f866215ecc3dafa7574a1b0903e68d02a4b716904eb1fda0193dbcde262faaf2b2a48f7ee1 WHIRLPOOL a2ab90e1ac20a44b341a145cb22e4a4fe2745a1e6b5abbc28d7d70f49314906a8ba2e5bf53477f76635db293b18e1aa080914658c3b5f4dafc37e638c30c164a
+EBUILD qemu-2.1.0-r1.ebuild 18065 SHA256 d838c5e8941f458a35d620652f864b3cd81be6aa46f3f681467def7c6a3e1d5b SHA512 48b23e8fbcc3f7a42ad1b08e3f0290e3ca02a98a80914c40910f16a64d9c26750fe253eedefa5bd698e9cb786a742048b428556819bc2d172c483f915530ab44 WHIRLPOOL 8a98c63e6fce96ba0f7afb1f3f1643f6ba77eb318db995ca733b584c579325dbcdf17aa8376d6d84fb541b7bf910a4b995183e73b09e266552f87532e163b1a1
EBUILD qemu-2.1.0.ebuild 18007 SHA256 026af0cea78e108dcebbecca5c72df8ff37d138d33df20057d57550a4a2f5fc3 SHA512 aea577f787d9e6a05ffdb6db0cd8cb77520997482368390d6fe341043ffb654e5a18946560863f8219768afa82e4ef5b6a38ce166f8514ff765f0eddbe68bd3b WHIRLPOOL 2d8047017b848ccb7f92480c1a3c777c7c510a7849258c6f8cd4da5762bfb1e4a61d16fa365b946aa97394bf790eb90eac41340fdbb4bd02698335a3f0e21817
EBUILD qemu-9999.ebuild 18007 SHA256 fc11816806972a5a17be8e6615bf0fd4293d4fc6b79b533bb8b676892f5bc1de SHA512 b023b348ea19253130735ea387ab0294f26c998e5ca19fa99f6b4e40491aca6146a90f21362a863592c28fdc17cf8d6702478673bc489839c0e2e738291dfb3e WHIRLPOOL 02139e39a20b985284ec3400dc33420bb36f0dc0c45190ffd92a14d77c1a1114efa9fdaf4cba08079771461549469fe7a12254ede64d5e9b7a3bd95a763f4763
-MISC ChangeLog 47755 SHA256 e078389a89aefeeed78336e7906b6c860ca53041ba9987614d97a51cf10b54f8 SHA512 be87afbcb5f8c8452776bd8a0c2a0d74230f293f4bde63d5561290b3b4998f5632fc5c19c4d2dff0ad159d67da682dabb233a9a4540624ba0096792822603e86 WHIRLPOOL f6757681e93a2f65e70e73e76cf4e8d4ec58d949dd4f122898b7e14d483741555c62fdcc89617429da2a0a63a07a111280c4260d9d779128081547dfd6eb8325
+MISC ChangeLog 47952 SHA256 c2168c55aaecd832e6e09bdd5b744ad6e7941f270992ba842fb7ab4cb289fa42 SHA512 d183db0803422644c1e2aa1a44a829f491a4d26bcccae4b3213eb6e1a59cb883307c30b5920b3692f26579f86b6fa2cdfdd10bca1f4b1b4d4ee462c23d1896e5 WHIRLPOOL 66b6198917388a4c99ff1b675c307263112c23e13e98d4157a4117c31b1c07c6f3a297506284b3298727e65c62af97914559299255e942a9c88c7ceb3fc7ef25
MISC metadata.xml 3774 SHA256 45d220d5c3fedecb5c318e2ab1fa796391f5fd3db09e4ef218b3bc7cb3cb10e1 SHA512 90b16206b5398b4044132d930b417372e1d305a93b062c895bc3b46ae64a19aa96d2471b5838f960cca7c6c30ce58571f332731f02eaeee17e4204469c5d6330 WHIRLPOOL f5498b8cb14aeeacdfd1da30c26ceca282bba3042a6288496d624d91c3c26c1bed34c42374db04e06378c8efd78010d3bef76c41c1aa529ccf17cec513ed1fa8
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-iQIcBAEBCAAGBQJT/do+AAoJELp701BxlEWfZBUP/1wPQPCDLZ8TN9kswKidq9oV
-tueTCasWY5x2pZd+NXkWvRyiApp6cqRvdhJmxtdlRP3bCUNSfAZtlXtl6vMIppH4
-iS1E4Uknm2y7tTNSYtnh8gKFf6akDCZxqn90j+aBFaE8lBA2+S71iH7agpGrlUCx
-AcU5veGnPMca1g9TGwOZwTpkzybs2oBqQYTzzReSaM+UtUF76X7Xy1DGnto5I76L
-1PA2t9VKcre2O4tNsbJZznhvJjkowTJOPaACuTYc60JUDuO6O/7obxvY5fX0/+Aw
-7oX0rahzGDhiPBFchsGYTI2AeRg6yBha9oGtIpP5ZuOyNiI4NkLuxlMUaJrulach
-tJbwOMMe1y/9wOHDiJpAapkiZrBIgQY6S4bPH8cYANOz2tw8yCu1ny3ifdgoZqwu
-+eIwRr97TjUDClKNcgoYLp3SJ7Htiz26Xb8+FFE8uXbweTQBuDEKMonrOn16qSIm
-xbTrynFdT285rtsORlQsaBuO+PpwpTAc7M2R4PfC3WKpVE6Uc03dbTt7ubTxKR9b
-vDMn3HLXYJyPHbj5Wk0LuNLp7IuKEY4xfvvYlTwZG6EmN1uXyp86RJmEVmXS5+NF
-ZZANr0l6qx9FWZ8qVHJTwSTF3hSQ6e4at/Yo8kAUHDotml5jxtc8rOOIWd+cTgs1
-UXJakb0VyuKz/lcz4qZo
-=MrqE
+iQIcBAEBCAAGBQJT/twYAAoJEPGu1DbS6WIADKsP/RvMkcKjgxmIO4X89sA5ZCez
+2BTtAndseLWDSpkPuaqfAKTP4z+66KEF5ZQOMjKLQPvw+0pHuQM15yeotMD2hJex
+Srb/7H8dgB8QKK2U0In1i9EAgNxI7DwdB8T4vvLOJPXi18/eHud0oa0I77pgrmeC
+v5NdzgKL0l507CqigKE7EzbioopgQ8KS9+/IT0MikdEuapSqzQjjYXTHfknEQI13
+PPRRm9XZcv5zFJciWrpusWDhH3luy0Nj8fwGheQfetTWExL2TpBPUVYOPViehTvu
+5cWZ+XlnVy1qB9EPe+r/VDpeVRI/W8hB5S7syyJzUWWBK707so4VUt0rWfsjUWvT
+ly1na5NlM5CnZPXQQhQuJSJGBW1XAgagMEqqpW3ccLDjvhhF7nzbhZiVck6CnCab
+2fUXb+/2Fxs5c7lsoFWi91Jpza/DmVxF3mYT+vOdQq9buMeGiP85gIT1iyE+w7FN
+89v3AgvhErjoi+pCUw/j0ONExrDfgGQATOIwW9xJBk7SX4aKDyCg2rnXlxByZNor
+RMyU0ylkqVbhQvxIG2q6l1C2Be2EhkI8X4qZLz9U2fmqu9ANQmcnI788LixwjkT9
+ycRZ6hQAqV/Y4imnl0TE4n4KMgBRFb5sr6NySzCIHrDMG26IhMQA+h8ZoJH2eiW+
+7MY1PEExmQsjup6JP8LN
+=69en
-----END PGP SIGNATURE-----
diff --git a/app-emulation/qemu/files/CVE-2014-5388.patch b/app-emulation/qemu/files/CVE-2014-5388.patch
deleted file mode 100644
index 3481e9e9c02b..000000000000
--- a/app-emulation/qemu/files/CVE-2014-5388.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html
---- hw/acpi/pcihp.c.orig 2014-08-27 12:53:38.200621592 +0000
-+++ hw/acpi/pcihp.c 2014-08-27 12:53:58.390518561 +0000
-@@ -231,7 +231,7 @@
- uint32_t val = 0;
- int bsel = s->hotplug_select;
-
-- if (bsel < 0 || bsel > ACPI_PCIHP_MAX_HOTPLUG_BUS) {
-+ if (bsel < 0 || bsel >= ACPI_PCIHP_MAX_HOTPLUG_BUS) {
- return 0;
- }
-
diff --git a/app-emulation/qemu/files/qemu-2.1.0-CVE-2014-5388.patch b/app-emulation/qemu/files/qemu-2.1.0-CVE-2014-5388.patch
new file mode 100644
index 000000000000..26a012bef7e8
--- /dev/null
+++ b/app-emulation/qemu/files/qemu-2.1.0-CVE-2014-5388.patch
@@ -0,0 +1,36 @@
+https://bugs.gentoo.org/520688
+
+From fa365d7cd11185237471823a5a33d36765454e16 Mon Sep 17 00:00:00 2001
+From: Gonglei <arei.gonglei@huawei.com>
+Date: Wed, 20 Aug 2014 13:52:30 +0800
+Subject: [PATCH] pcihp: fix possible array out of bounds
+
+Prevent out-of-bounds array access on
+acpi_pcihp_pci_status.
+
+Signed-off-by: Gonglei <arei.gonglei@huawei.com>
+Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
+Cc: qemu-stable@nongnu.org
+Reviewed-by: Marcel Apfelbaum <marcel@redhat.com>
+---
+ hw/acpi/pcihp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/acpi/pcihp.c b/hw/acpi/pcihp.c
+index fae663a..34dedf1 100644
+--- a/hw/acpi/pcihp.c
++++ b/hw/acpi/pcihp.c
+@@ -231,7 +231,7 @@ static uint64_t pci_read(void *opaque, hwaddr addr, unsigned int size)
+ uint32_t val = 0;
+ int bsel = s->hotplug_select;
+
+- if (bsel < 0 || bsel > ACPI_PCIHP_MAX_HOTPLUG_BUS) {
++ if (bsel < 0 || bsel >= ACPI_PCIHP_MAX_HOTPLUG_BUS) {
+ return 0;
+ }
+
+--
+2.0.0
+
diff --git a/app-emulation/qemu/qemu-2.1.0-r1.ebuild b/app-emulation/qemu/qemu-2.1.0-r1.ebuild
index 03209a0723e9..bcf52fb8698f 100644
--- a/app-emulation/qemu/qemu-2.1.0-r1.ebuild
+++ b/app-emulation/qemu/qemu-2.1.0-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.1.0-r1.ebuild,v 1.1 2014/08/27 13:16:45 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu/qemu-2.1.0-r1.ebuild,v 1.2 2014/08/28 07:36:55 vapier Exp $
EAPI=5
@@ -249,7 +249,7 @@ src_prepare() {
use nls || rm -f po/*.po
epatch "${FILESDIR}"/qemu-1.7.0-cflags.patch
- epatch "${FILESDIR}"/CVE-2014-5388.patch
+ epatch "${FILESDIR}"/${P}-CVE-2014-5388.patch #520688
[[ -n ${BACKPORTS} ]] && \
EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
epatch