[Pkg-libvirt-commits] [SCM] Libvirt Debian packaging branch, master, updated. debian/1.1.0-4

[Guido Günther]

The following commit has been merged in the master branch:
commit 23a28f28488c1ff33d79b6ba5ab354f79e317d6f
Author: Guido Günther <agx at sigxcpu.org>
Date:   Sat Jul 20 09:57:22 2013 +0200

    CVE-2013-4153: qemu: Fix double free of returned JSON array in qemuAgentGetVCPUs()
    
    Thanks: Peter Krempa
    Closes: #717354

diff --git a/debian/patches/CVE-2013-4153-qemu-Fix-double-free-of-returned-JSON-.patch b/debian/patches/CVE-2013-4153-qemu-Fix-double-free-of-returned-JSON-.patch
new file mode 100644
index 0000000..0b45bb7
--- /dev/null
+++ b/debian/patches/CVE-2013-4153-qemu-Fix-double-free-of-returned-JSON-.patch
@@ -0,0 +1,29 @@
+From: Peter Krempa <pkrempa at redhat.com>
+Date: Tue, 16 Jul 2013 15:39:06 +0200
+Subject: CVE-2013-4153: qemu: Fix double free of returned JSON array in
+ qemuAgentGetVCPUs()
+
+A part of the returned monitor response was freed twice and caused
+crashes of the daemon when using guest agent cpu count retrieval.
+
+ # virsh vcpucount dom --guest
+
+Introduced in v1.0.6-48-gc6afcb0
+
+Closes: #717354
+---
+ src/qemu/qemu_agent.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
+index 9914521..d6be677 100644
+--- a/src/qemu/qemu_agent.c
++++ b/src/qemu/qemu_agent.c
+@@ -1538,7 +1538,6 @@ qemuAgentGetVCPUs(qemuAgentPtr mon,
+ cleanup:
+     virJSONValueFree(cmd);
+     virJSONValueFree(reply);
+-    virJSONValueFree(data);
+     return ret;
+ }
+ 
diff --git a/debian/patches/series b/debian/patches/series
index d5acb6f..b9e2dad 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -12,3 +12,4 @@ debian/Debianize-systemd-service-files.patch
 Allow-xen-toolstack-to-find-it-s-binaries.patch
 Create-directory-for-lease-files-if-it-s-missing.patch
 Fix-crash-when-multiple-event-callbacks-were-registe.patch
+CVE-2013-4153-qemu-Fix-double-free-of-returned-JSON-.patch

-- 
Libvirt Debian packaging