[Pkg-libvirt-commits] [SCM] Libvirt Debian packaging branch, master, updated. debian/1.0.5-3
Guido Günther
agx at sigxcpu.org
Wed May 29 10:56:47 UTC 2013
The following commit has been merged in the master branch:
commit 037b674ac4206ee816ae8971fbd9ecb1a5e2d488
Author: Guido Günther <agx at sigxcpu.org>
Date: Wed May 29 11:09:54 2013 +0200
daemon: fix leak after listing all volumes
Thanks: Ján Tomko
Closes: #708647
diff --git a/debian/patches/daemon-fix-leak-after-listing-all-volumes.patch b/debian/patches/daemon-fix-leak-after-listing-all-volumes.patch
new file mode 100644
index 0000000..a0fe32e
--- /dev/null
+++ b/debian/patches/daemon-fix-leak-after-listing-all-volumes.patch
@@ -0,0 +1,29 @@
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko at redhat.com>
+Date: Fri, 12 Apr 2013 17:30:56 +0200
+Subject: daemon: fix leak after listing all volumes
+
+CVE-2013-1962
+
+remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
+The pool also held a reference to the connection, preventing it from
+getting freed and closing the netcf interface driver, which held two
+sockets open.
+
+Closes: #708647
+---
+ daemon/remote.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index e5e3f2c..dd72f9f 100644
+--- a/daemon/remote.c
++++ b/daemon/remote.c
+@@ -4226,6 +4226,8 @@ cleanup:
+ virStorageVolFree(vols[i]);
+ VIR_FREE(vols);
+ }
++ if (pool)
++ virStoragePoolFree(pool);
+ return rv;
+ }
+
diff --git a/debian/patches/series b/debian/patches/series
index a032d07..1ae8142 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -15,3 +15,4 @@ Add-sanitytest.py.patch
virInitctlRequest-Don-t-hardcode-384-bytes-size.patch
Fixup-rpcgen-code-on-kFreeBSD-too.patch
Make-detect_scsi_host_caps-a-function-on-all-archite.patch
+daemon-fix-leak-after-listing-all-volumes.patch
--
Libvirt Debian packaging
More information about the Pkg-libvirt-commits
mailing list