[Pkg-libvirt-commits] [SCM] Libvirt debian packaging branch, master, updated. debian/0.6.1-1
Guido Günther
agx at sigxcpu.org
Thu Mar 5 13:55:39 UTC 2009
The following commit has been merged in the master branch:
commit 95d4b7f0aa248117e8f3416c49e56dcf885b7978
Author: Guido Günther <agx at sigxcpu.org>
Date: Thu Mar 5 11:35:50 2009 +0100
drop patches backported from upstream
* 0009-libvirt_proxy-Fix-use-of-uninitalized-memory.patch
diff --git a/debian/patches/0009-libvirt_proxy-Fix-use-of-uninitalized-memory.patch b/debian/patches/0009-libvirt_proxy-Fix-use-of-uninitalized-memory.patch
deleted file mode 100644
index a5fa28c..0000000
--- a/debian/patches/0009-libvirt_proxy-Fix-use-of-uninitalized-memory.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From: Rasputin <rasputin at email.ru>
-Date: Tue, 27 Jan 2009 21:33:12 +0300
-Subject: [PATCH] libvirt_proxy: Fix use of uninitalized memory
-
-On short read, members of packet header are checked before actually read.
-If uninitialized values can pass the test, they can be set to arbitrary
-values while reading remaining portion of a packet.
-
-Buffer overflow is possible. libvirt_proxy is suid-root.
-
-CVE-2009-0036
----
- proxy/libvirt_proxy.c | 3 ++-
- 1 files changed, 2 insertions(+), 1 deletions(-)
-
-diff --git a/proxy/libvirt_proxy.c b/proxy/libvirt_proxy.c
-index 3b0dc42..8657f62 100644
---- a/proxy/libvirt_proxy.c
-+++ b/proxy/libvirt_proxy.c
-@@ -385,7 +385,8 @@ retry:
- fprintf(stderr, "read %d bytes from client %d on socket %d\n",
- ret, nr, pollInfos[nr].fd);
-
-- if ((req->version != PROXY_PROTO_VERSION) ||
-+ if ((ret != sizeof(virProxyPacket)) ||
-+ (req->version != PROXY_PROTO_VERSION) ||
- (req->len < sizeof(virProxyPacket)) ||
- (req->len > sizeof(virProxyFullPacket)))
- goto comm_error;
---
diff --git a/debian/patches/series b/debian/patches/series
index ef59db7..a8c0f9e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,7 +1,4 @@
0001-remove-RHism.diff.patch
0002-qemu-disable-network.diff.patch
0003-allow-libvirt-group-to-access-the-socket.patch
-0004-Don-t-hardcode-ssh-port.patch
-0005-minimal-workaround-for-qemu-startup-race.patch
-0009-libvirt_proxy-Fix-use-of-uninitalized-memory.patch
-0010-fix-Debian-specific-path-to-hvm-loader.patch
+0004-fix-Debian-specific-path-to-hvm-loader.patch
--
Libvirt debian packaging
More information about the Pkg-libvirt-commits
mailing list