[Pkg-libvirt-commits] [libvirt] 01/02: CVE-2016-5008: qemu: Let empty default VNC password work as documented
Guido Guenther
agx at moszumanska.debian.org
Fri Oct 21 10:50:52 UTC 2016
This is an automated email from the git hooks/post-receive script.
agx pushed a commit to annotated tag debian/1.2.9-9+deb8u3
in repository libvirt.
commit 9da83d85b58467d838fb66b74547e2806224ffb5
Author: Guido Günther <agx at sigxcpu.org>
Date: Fri Jul 1 16:28:48 2016 +0200
CVE-2016-5008: qemu: Let empty default VNC password work as documented
Thanks: Jiri Denemark
---
...mu-Let-empty-default-VNC-password-work-as.patch | 67 ++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 68 insertions(+)
diff --git a/debian/patches/security/CVE-2016-5008-qemu-Let-empty-default-VNC-password-work-as.patch b/debian/patches/security/CVE-2016-5008-qemu-Let-empty-default-VNC-password-work-as.patch
new file mode 100644
index 0000000..662044f
--- /dev/null
+++ b/debian/patches/security/CVE-2016-5008-qemu-Let-empty-default-VNC-password-work-as.patch
@@ -0,0 +1,67 @@
+From: Jiri Denemark <jdenemar at redhat.com>
+Date: Tue, 28 Jun 2016 14:39:58 +0200
+Subject: CVE-2016-5008 qemu: Let empty default VNC password work as documented
+
+Setting an empty graphics password is documented as a way to disable
+VNC/SPICE access, but QEMU does not always behaves like that. VNC would
+happily accept the empty password. Let's enforce the behavior by setting
+password expiration to "now".
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1180092
+
+Signed-off-by: Jiri Denemark <jdenemar at redhat.com>
+(cherry picked from commit bb848feec0f3f10e92dd8e5231ae7aa89b5598f3)
+---
+ src/qemu/qemu_hotplug.c | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
+index d631887..e483293 100644
+--- a/src/qemu/qemu_hotplug.c
++++ b/src/qemu/qemu_hotplug.c
+@@ -3559,6 +3559,7 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
+ time_t now = time(NULL);
+ char expire_time [64];
+ const char *connected = NULL;
++ const char *password;
+ int ret = -1;
+ virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
+
+@@ -3566,16 +3567,14 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
+ ret = 0;
+ goto cleanup;
+ }
++ password = auth->passwd ? auth->passwd : defaultPasswd;
+
+ if (auth->connected)
+ connected = virDomainGraphicsAuthConnectedTypeToString(auth->connected);
+
+ if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
+ goto cleanup;
+- ret = qemuMonitorSetPassword(priv->mon,
+- type,
+- auth->passwd ? auth->passwd : defaultPasswd,
+- connected);
++ ret = qemuMonitorSetPassword(priv->mon, type, password, connected);
+
+ if (ret == -2) {
+ if (type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
+@@ -3583,14 +3582,15 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
+ _("Graphics password only supported for VNC"));
+ ret = -1;
+ } else {
+- ret = qemuMonitorSetVNCPassword(priv->mon,
+- auth->passwd ? auth->passwd : defaultPasswd);
++ ret = qemuMonitorSetVNCPassword(priv->mon, password);
+ }
+ }
+ if (ret != 0)
+ goto end_job;
+
+- if (auth->expires) {
++ if (password[0] == '\0') {
++ snprintf(expire_time, sizeof(expire_time), "now");
++ } else if (auth->expires) {
+ time_t lifetime = auth->validTo - now;
+ if (lifetime <= 0)
+ snprintf(expire_time, sizeof(expire_time), "now");
diff --git a/debian/patches/series b/debian/patches/series
index 7651164..b30557b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -33,3 +33,4 @@ Fix-crash-on-live-migration.patch
upstream/Report-original-error-when-QMP-probing-fails-with-ne.patch
security/CVE-2015-5313-storage-don-t-allow-in-filesystem-volu.patch
debian/Debianize-bridge-helper-path.patch
+security/CVE-2016-5008-qemu-Let-empty-default-VNC-password-work-as.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libvirt.git
More information about the Pkg-libvirt-commits
mailing list