[Pkg-virtualbox-commits] [SCM] virtualbox Debian packaging branch, master, updated. debian/4.1.18-dfsg-1.1

Felix Geyer fgeyer at debian.org
Fri Oct 19 12:05:16 UTC 2012 

The following commit has been merged in the master branch:
commit 52b4bd1ef9a5e309c610040aa4a03e262d5e5ef7
Author: Michael Gilbert <mgilbert at debian.org>
Date:   Thu Oct 18 20:20:00 2012 +0200

    Imported Debian patch 4.1.18-dfsg-1.1

diff --git a/debian/changelog b/debian/changelog
index a664628..e15a5ef 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+virtualbox (4.1.18-dfsg-1.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Fix cve-2012-3221: missing privilege check for task gate switches
+    (closes: 690777).
+
+ -- Michael Gilbert <mgilbert at debian.org>  Thu, 18 Oct 2012 14:20:28 -0400
+
 virtualbox (4.1.18-dfsg-1) unstable; urgency=low
 
   * New upstream release.
diff --git a/debian/patches/cve-2012-3221.patch b/debian/patches/cve-2012-3221.patch
new file mode 100644
index 0000000..239740a
--- /dev/null
+++ b/debian/patches/cve-2012-3221.patch
@@ -0,0 +1,18 @@
+Index: virtualbox-4.1.18-dfsg/src/recompiler/target-i386/op_helper.c
+===================================================================
+--- virtualbox-4.1.18-dfsg.orig/src/recompiler/target-i386/op_helper.c	2012-06-20 09:20:29.000000000 -0400
++++ virtualbox-4.1.18-dfsg/src/recompiler/target-i386/op_helper.c	2012-10-18 16:39:20.647324489 -0400
+@@ -872,6 +872,13 @@
+     type = (e2 >> DESC_TYPE_SHIFT) & 0x1f;
+     switch(type) {
+     case 5: /* task gate */
++#ifdef VBOX
++        dpl = (e2 >> DESC_DPL_SHIFT) & 3;
++        cpl = env->hflags & HF_CPL_MASK;
++        /* check privilege if software int */
++        if (is_int && dpl < cpl)
++            raise_exception_err(EXCP0D_GPF, intno * 8 + 2);
++#endif
+         /* must do that check here to return the correct error code */
+         if (!(e2 & DESC_P_MASK))
+             raise_exception_err(EXCP0B_NOSEG, intno * 8 + 2);
diff --git a/debian/patches/series b/debian/patches/series
index 45f7025..33a14a3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -14,3 +14,4 @@
 32-disable-guest-version-check.patch
 35-libvdeplug-soname.patch
 36-fix-ftbfs-xserver-112.patch
+cve-2012-3221.patch

-- 
virtualbox Debian packaging

More information about the Pkg-virtualbox-commits mailing list