diff options
author | Marius Bakke <mbakke@fastmail.com> | 2017-08-30 20:50:13 +0200 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2017-08-30 20:50:13 +0200 |
commit | 2de7d137b3c6f528acb540a6ab3460627f484b0a (patch) | |
tree | d29f36cc43f86ab04b2074610a913328d5607d91 /gnu/packages/patches/qemu-CVE-2017-8309.patch | |
parent | ffeeda6bab174a457c166251e0d1cbf5077bb0b3 (diff) | |
download | guix-2de7d137b3c6f528acb540a6ab3460627f484b0a.tar.gz guix-2de7d137b3c6f528acb540a6ab3460627f484b0a.zip |
gnu: qemu: Update to 2.10.0.
* gnu/packages/patches/qemu-CVE-2017-10664.patch,
gnu/packages/patches/qemu-CVE-2017-10806.patch,
gnu/packages/patches/qemu-CVE-2017-10911.patch,
gnu/packages/patches/qemu-CVE-2017-11334.patch,
gnu/packages/patches/qemu-CVE-2017-11434.patch,
gnu/packages/patches/qemu-CVE-2017-12809.patch:
gnu/packages/patches/qemu-CVE-2017-7493.patch,
gnu/packages/patches/qemu-CVE-2017-8112.patch,
gnu/packages/patches/qemu-CVE-2017-8309.patch,
gnu/packages/patches/qemu-CVE-2017-8379.patch,
gnu/packages/patches/qemu-CVE-2017-8380.patch,
gnu/packages/patches/qemu-CVE-2017-9524.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/virtualization.scm (qemu): Update to 2.10.0.
[source](patches): Remove.
Diffstat (limited to 'gnu/packages/patches/qemu-CVE-2017-8309.patch')
-rw-r--r-- | gnu/packages/patches/qemu-CVE-2017-8309.patch | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/gnu/packages/patches/qemu-CVE-2017-8309.patch b/gnu/packages/patches/qemu-CVE-2017-8309.patch deleted file mode 100644 index dc4b4006b7..0000000000 --- a/gnu/packages/patches/qemu-CVE-2017-8309.patch +++ /dev/null @@ -1,46 +0,0 @@ -Fix CVE-2017-8309: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8309 - -Patch copied from upstream source repository: - -http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3268a845f41253fb55852a8429c32b50f36f349a - -From 3268a845f41253fb55852a8429c32b50f36f349a Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann <kraxel@redhat.com> -Date: Fri, 28 Apr 2017 09:56:12 +0200 -Subject: [PATCH] audio: release capture buffers - -AUD_add_capture() allocates two buffers which are never released. -Add the missing calls to AUD_del_capture(). - -Impact: Allows vnc clients to exhaust host memory by repeatedly -starting and stopping audio capture. - -Fixes: CVE-2017-8309 -Cc: P J P <ppandit@redhat.com> -Cc: Huawei PSIRT <PSIRT@huawei.com> -Reported-by: "Jiangxin (hunter, SCC)" <jiangxin1@huawei.com> -Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> -Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org> -Message-id: 20170428075612.9997-1-kraxel@redhat.com ---- - audio/audio.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/audio/audio.c b/audio/audio.c -index c8898d8422..beafed209b 100644 ---- a/audio/audio.c -+++ b/audio/audio.c -@@ -2028,6 +2028,8 @@ void AUD_del_capture (CaptureVoiceOut *cap, void *cb_opaque) - sw = sw1; - } - QLIST_REMOVE (cap, entries); -+ g_free (cap->hw.mix_buf); -+ g_free (cap->buf); - g_free (cap); - } - return; --- -2.13.0 - |