[Pkg-libvirt-commits] [SCM] Libvirt Debian packaging branch, master, updated. debian/1.0.5-3

Guido Günther agx at sigxcpu.org
Wed May 29 10:56:47 UTC 2013


The following commit has been merged in the master branch:
commit 037b674ac4206ee816ae8971fbd9ecb1a5e2d488
Author: Guido Günther <agx at sigxcpu.org>
Date:   Wed May 29 11:09:54 2013 +0200

    daemon: fix leak after listing all volumes
    
    Thanks: Ján Tomko
    Closes: #708647

diff --git a/debian/patches/daemon-fix-leak-after-listing-all-volumes.patch b/debian/patches/daemon-fix-leak-after-listing-all-volumes.patch
new file mode 100644
index 0000000..a0fe32e
--- /dev/null
+++ b/debian/patches/daemon-fix-leak-after-listing-all-volumes.patch
@@ -0,0 +1,29 @@
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko at redhat.com>
+Date: Fri, 12 Apr 2013 17:30:56 +0200
+Subject: daemon: fix leak after listing all volumes
+
+CVE-2013-1962
+
+remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
+The pool also held a reference to the connection, preventing it from
+getting freed and closing the netcf interface driver, which held two
+sockets open.
+
+Closes: #708647
+---
+ daemon/remote.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index e5e3f2c..dd72f9f 100644
+--- a/daemon/remote.c
++++ b/daemon/remote.c
+@@ -4226,6 +4226,8 @@ cleanup:
+             virStorageVolFree(vols[i]);
+         VIR_FREE(vols);
+     }
++    if (pool)
++        virStoragePoolFree(pool);
+     return rv;
+ }
+ 
diff --git a/debian/patches/series b/debian/patches/series
index a032d07..1ae8142 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -15,3 +15,4 @@ Add-sanitytest.py.patch
 virInitctlRequest-Don-t-hardcode-384-bytes-size.patch
 Fixup-rpcgen-code-on-kFreeBSD-too.patch
 Make-detect_scsi_host_caps-a-function-on-all-archite.patch
+daemon-fix-leak-after-listing-all-volumes.patch

-- 
Libvirt Debian packaging



More information about the Pkg-libvirt-commits mailing list