From bfcdf88760e6732d43c0cd1eeb0a95c5d8681950 Mon Sep 17 00:00:00 2001 From: Alex Vong Date: Thu, 10 Aug 2017 21:02:14 +0800 Subject: gnu: catdoc: Fix CVE-2017-11110. * gnu/packages/patches/catdoc-CVE-2017-11110.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/textutils.scm (catdoc)[source]: Use it. Signed-off-by: Marius Bakke --- gnu/local.mk | 1 + 1 file changed, 1 insertion(+) (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index b1ff72d6a6..cffb18d3a6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -534,6 +534,7 @@ dist_patch_DATA = \ %D%/packages/patches/calibre-drop-unrar.patch \ %D%/packages/patches/calibre-no-updates-dialog.patch \ %D%/packages/patches/calibre-use-packaged-feedparser.patch \ + %D%/packages/patches/catdoc-CVE-2017-11110.patch \ %D%/packages/patches/cdparanoia-fpic.patch \ %D%/packages/patches/cdrtools-3.01-mkisofs-isoinfo.patch \ %D%/packages/patches/ceph-disable-cpu-optimizations.patch \ -- cgit v1.2.3 From 06465d2ba4291eb2046c90c3977a295a9b7c434b Mon Sep 17 00:00:00 2001 From: Peter Mikkelsen Date: Sun, 13 Aug 2017 00:04:04 +0200 Subject: gnu: Add mpd service. * doc/guix.texi: Add documentation. * gnu/services/audio.scm (): New record type. (mpd-service-type): New service type. * gnu/tests/audio.scm: New file. * gnu/local.mk: Add new files. Signed-off-by: Christopher Baines --- doc/guix.texi | 54 +++++++++++++++++++++++++++++++ gnu/local.mk | 2 ++ gnu/services/audio.scm | 86 ++++++++++++++++++++++++++++++++++++++++++++++++++ gnu/tests/audio.scm | 78 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 220 insertions(+) create mode 100644 gnu/services/audio.scm create mode 100644 gnu/tests/audio.scm (limited to 'gnu/local.mk') diff --git a/doc/guix.texi b/doc/guix.texi index 02933c82ca..94277ba396 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -227,6 +227,7 @@ Services * Network File System:: NFS related services. * Continuous Integration:: The Cuirass service. * Power management Services:: The TLP tool. +* Audio Services:: The MPD. * Miscellaneous Services:: Other services. Defining Services @@ -9035,6 +9036,7 @@ declaration. * Network File System:: NFS related services. * Continuous Integration:: The Cuirass service. * Power management Services:: The TLP tool. +* Audio Services:: The MPD. * Miscellaneous Services:: Other services. @end menu @@ -15635,6 +15637,58 @@ Package object of thermald. @end table @end deftp +@node Audio Services +@subsubsection Audio Services + +The @code{(gnu services audio)} module provides a service to start MPD +(the Music Player Daemon). + +@cindex mpd +@subsubheading Music Player Daemon + +The Music Player Daemon (MPD) is a service that can play music while +being controlled from the local machine or over the network by a variety +of clients. + +The following example shows how one might run @code{mpd} as user +@code{"bob"} on port @code{6666}. It uses pulseaudio for output. + +@example +(service mpd-service-type + (mpd-configuration + (user "bob") + (port "6666"))) +@end example + +@defvr {Scheme Variable} mpd-service-type +The service type for @command{mpd} +@end defvr + +@deftp {Data Type} mpd-configuration +Data type representing the configuration of @command{mpd}. + +@table @asis +@item @code{user} (default: @code{"mpd"}) +The user to run mpd as. + +@item @code{music-dir} (default: @code{"~/Music"}) +The directory to scan for music files. + +@item @code{playlist-dir} (default: @code{"~/.mpd/playlists"}) +The directory to store playlists. + +@item @code{pid-file} (default: @code{"/var/run/mpd.pid"}) +The file mpd wil store its PID. This must be an absolute path. + +@item @code{port} (default: @code{"6600"}) +The port to run mpd on. + +@item @code{address} (default: @code{"any"}) +The address that mpd will bind to. To use a Unix domain socket, +an absolute path can be specified here. + +@end table +@end deftp @node Miscellaneous Services @subsubsection Miscellaneous Services diff --git a/gnu/local.mk b/gnu/local.mk index cffb18d3a6..c12fd85594 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -426,6 +426,7 @@ GNU_SYSTEM_MODULES = \ \ %D%/services.scm \ %D%/services/admin.scm \ + %D%/services/audio.scm \ %D%/services/avahi.scm \ %D%/services/base.scm \ %D%/services/configuration.scm \ @@ -481,6 +482,7 @@ GNU_SYSTEM_MODULES = \ \ %D%/tests.scm \ %D%/tests/admin.scm \ + %D%/tests/audio.scm \ %D%/tests/base.scm \ %D%/tests/databases.scm \ %D%/tests/dict.scm \ diff --git a/gnu/services/audio.scm b/gnu/services/audio.scm new file mode 100644 index 0000000000..22814a6c09 --- /dev/null +++ b/gnu/services/audio.scm @@ -0,0 +1,86 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Peter Mikkelsen +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services audio) + #:use-module (guix gexp) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (gnu packages mpd) + #:use-module (guix records) + #:use-module (ice-9 match) + #:export (mpd-configuration + mpd-configuration? + mpd-service-type)) + +;;; Commentary: +;;; +;;; Audio related services +;;; +;;; Code: + +(define-record-type* + mpd-configuration make-mpd-configuration + mpd-configuration? + (user mpd-configuration-user + (default "mpd")) + (music-dir mpd-configuration-music-dir + (default "~/Music")) + (playlist-dir mpd-configuration-playlist-dir + (default "~/.mpd/playlists")) + (port mpd-configuration-port + (default "6600")) + (address mpd-configuration-address + (default "any")) + (pid-file mpd-configuration-pid-file + (default "/var/run/mpd.pid"))) + +(define (mpd-config->file config) + (apply + mixed-text-file "mpd.conf" + "audio_output {\n" + " type \"pulse\"\n" + " name \"MPD\"\n" + "}\n" + (map (match-lambda + ((config-name config-val) + (string-append config-name " \"" (config-val config) "\"\n"))) + `(("user" ,mpd-configuration-user) + ("music_directory" ,mpd-configuration-music-dir) + ("playlist_directory" ,mpd-configuration-playlist-dir) + ("port" ,mpd-configuration-port) + ("bind_to_address" ,mpd-configuration-address) + ("pid_file" ,mpd-configuration-pid-file))))) + +(define (mpd-service config) + (shepherd-service + (documentation "Run the MPD (Music Player Daemon)") + (provision '(mpd)) + (start #~(make-forkexec-constructor + (list #$(file-append mpd "/bin/mpd") + "--no-daemon" + #$(mpd-config->file config)) + #:pid-file #$(mpd-configuration-pid-file config))) + (stop #~(make-kill-destructor)))) + +(define mpd-service-type + (service-type + (name 'mpd) + (extensions + (list (service-extension shepherd-root-service-type + (compose list mpd-service)))) + (default-value (mpd-configuration)))) diff --git a/gnu/tests/audio.scm b/gnu/tests/audio.scm new file mode 100644 index 0000000000..8eadaf02e1 --- /dev/null +++ b/gnu/tests/audio.scm @@ -0,0 +1,78 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Peter Mikkelsen +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu tests audio) + #:use-module (gnu tests) + #:use-module (gnu system) + #:use-module (gnu system vm) + #:use-module (gnu services) + #:use-module (gnu services audio) + #:use-module (gnu packages mpd) + #:use-module (guix gexp) + #:export (%test-mpd)) + +(define %mpd-os + (simple-operating-system + (service mpd-service-type + (mpd-configuration + (user "root"))))) + +(define (run-mpd-test) + "Run tests in %mpd-os, which has mpd running." + (define os + (marionette-operating-system + %mpd-os + #:imported-modules '((gnu services herd)))) + + (define vm + (virtual-machine os)) + + (define test + (with-imported-modules '((gnu build marionette)) + #~(begin + (use-modules (srfi srfi-64) + (gnu build marionette)) + (define marionette + (make-marionette (list #$vm))) + + (mkdir #$output) + (chdir #$output) + + (test-begin "mpd") + + (test-assert "service is running" + (marionette-eval + '(begin + (use-modules (gnu services herd)) + (start-service 'mpd)) + marionette)) + + (test-assert "mpc connect" + (marionette-eval + '(zero? (system #$(file-append mpd-mpc "/bin/mpc"))) + marionette)) + + (test-end) + (exit (= (test-runner-fail-count (test-runner-current)) 0))))) + (gexp->derivation "mpd-test" test)) + +(define %test-mpd + (system-test + (name "mpd") + (description "Test that the mpd can run and be connected to.") + (value (run-mpd-test)))) -- cgit v1.2.3 From d5daf6fbe06ad7a5e0bfc8100584f1ac33a9f2a9 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sun, 13 Aug 2017 16:46:41 +0200 Subject: gnu: curl: Fix i686 test failure. * gnu/packages/patches/curl-bounds-check.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/curl.scm (curl-7.55.0)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/curl.scm | 1 + gnu/packages/patches/curl-bounds-check.patch | 19 +++++++++++++++++++ 3 files changed, 21 insertions(+) create mode 100644 gnu/packages/patches/curl-bounds-check.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c12fd85594..1e750ab44a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -567,6 +567,7 @@ dist_patch_DATA = \ %D%/packages/patches/crossmap-allow-system-pysam.patch \ %D%/packages/patches/csound-header-ordering.patch \ %D%/packages/patches/clucene-contribs-lib.patch \ + %D%/packages/patches/curl-bounds-check.patch \ %D%/packages/patches/cursynth-wave-rand.patch \ %D%/packages/patches/cyrus-sasl-CVE-2013-4122.patch \ %D%/packages/patches/dblatex-remove-multirow.patch \ diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm index d6e32e4389..3f6335ae87 100644 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@ -132,6 +132,7 @@ tunneling, and so on.") (method url-fetch) (uri (string-append "https://curl.haxx.se/download/curl-" version ".tar.xz")) + (patches (search-patches "curl-bounds-check.patch")) (sha256 (base32 "1785vxi0jamiv9d1wr1l45g0fm9ircxdfyfzf7ld8zv0z0i8bmfd")))) diff --git a/gnu/packages/patches/curl-bounds-check.patch b/gnu/packages/patches/curl-bounds-check.patch new file mode 100644 index 0000000000..4b8ff65304 --- /dev/null +++ b/gnu/packages/patches/curl-bounds-check.patch @@ -0,0 +1,19 @@ +Fix test failure on some 32-bit platforms. + +Patch copied from upstream source repository: + +https://github.com/curl/curl/commit/45a560390c4356bcb81d933bbbb229c8ea2acb63 + +diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c +index b9dedc989e..85c5e79a7e 100644 +--- a/src/tool_paramhlp.c ++++ b/src/tool_paramhlp.c +@@ -218,7 +218,7 @@ static ParameterError str2double(double *val, const char *str, long max) + num = strtod(str, &endptr); + if(errno == ERANGE) + return PARAM_NUMBER_TOO_LARGE; +- if((long)num > max) { ++ if(num > max) { + /* too large */ + return PARAM_NUMBER_TOO_LARGE; + } -- cgit v1.2.3 From f152208b0da26ab9d3f85baaf74e1356699f8aea Mon Sep 17 00:00:00 2001 From: Alex Vong Date: Sun, 13 Aug 2017 19:42:59 +0800 Subject: gnu: qemu: Fix CVE-2017-{10664,10806,10911,11434}. * gnu/packages/patches/qemu-CVE-2017-10664.patch, gnu/packages/patches/qemu-CVE-2017-10806.patch, gnu/packages/patches/qemu-CVE-2017-10911.patch, gnu/packages/patches/qemu-CVE-2017-11434.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/virtualization.scm (qemu)[source]: Use them. Signed-off-by: Marius Bakke --- gnu/local.mk | 4 + gnu/packages/patches/qemu-CVE-2017-10664.patch | 27 +++++++ gnu/packages/patches/qemu-CVE-2017-10806.patch | 38 +++++++++ gnu/packages/patches/qemu-CVE-2017-10911.patch | 106 +++++++++++++++++++++++++ gnu/packages/patches/qemu-CVE-2017-11434.patch | 25 ++++++ gnu/packages/virtualization.scm | 7 +- 6 files changed, 206 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/qemu-CVE-2017-10664.patch create mode 100644 gnu/packages/patches/qemu-CVE-2017-10806.patch create mode 100644 gnu/packages/patches/qemu-CVE-2017-10911.patch create mode 100644 gnu/packages/patches/qemu-CVE-2017-11434.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 1e750ab44a..ec37f81b0f 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -989,7 +989,11 @@ dist_patch_DATA = \ %D%/packages/patches/qemu-CVE-2017-8379.patch \ %D%/packages/patches/qemu-CVE-2017-8380.patch \ %D%/packages/patches/qemu-CVE-2017-9524.patch \ + %D%/packages/patches/qemu-CVE-2017-10664.patch \ + %D%/packages/patches/qemu-CVE-2017-10806.patch \ + %D%/packages/patches/qemu-CVE-2017-10911.patch \ %D%/packages/patches/qemu-CVE-2017-11334.patch \ + %D%/packages/patches/qemu-CVE-2017-11434.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/qtscript-disable-tests.patch \ %D%/packages/patches/quagga-reproducible-build.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2017-10664.patch b/gnu/packages/patches/qemu-CVE-2017-10664.patch new file mode 100644 index 0000000000..2b60de3dca --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-10664.patch @@ -0,0 +1,27 @@ +Fix CVE-2017-10664: + +https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html +https://bugzilla.redhat.com/show_bug.cgi?id=1466190 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10664 +https://security-tracker.debian.org/tracker/CVE-2017-10664 + +Patch copied from upstream source repository: + +https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commitdiff;h=041e32b8d9d076980b4e35317c0339e57ab888f1 + +diff --git a/qemu-nbd.c b/qemu-nbd.c +index 9464a0461c..4dd3fd4732 100644 +--- a/qemu-nbd.c ++++ b/qemu-nbd.c +@@ -581,6 +581,10 @@ int main(int argc, char **argv) + sa_sigterm.sa_handler = termsig_handler; + sigaction(SIGTERM, &sa_sigterm, NULL); + ++#ifdef CONFIG_POSIX ++ signal(SIGPIPE, SIG_IGN); ++#endif ++ + module_call_init(MODULE_INIT_TRACE); + qcrypto_init(&error_fatal); + + diff --git a/gnu/packages/patches/qemu-CVE-2017-10806.patch b/gnu/packages/patches/qemu-CVE-2017-10806.patch new file mode 100644 index 0000000000..ebf782fe7b --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-10806.patch @@ -0,0 +1,38 @@ +Fix CVE-2017-10806: + +https://lists.nongnu.org/archive/html/qemu-devel/2017-05/msg03087.html +https://bugzilla.redhat.com/show_bug.cgi?id=1468496 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10806 +https://security-tracker.debian.org/tracker/CVE-2017-10806 + +Patch copied from upstream source repository: + +https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=bd4a683505b27adc1ac809f71e918e58573d851d + +diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c +index b001a27f05..ad5ef783a6 100644 +--- a/hw/usb/redirect.c ++++ b/hw/usb/redirect.c +@@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg) + static void usbredir_log_data(USBRedirDevice *dev, const char *desc, + const uint8_t *data, int len) + { +- int i, j, n; +- + if (dev->debug < usbredirparser_debug_data) { + return; + } +- +- for (i = 0; i < len; i += j) { +- char buf[128]; +- +- n = sprintf(buf, "%s", desc); +- for (j = 0; j < 8 && i + j < len; j++) { +- n += sprintf(buf + n, " %02X", data[i + j]); +- } +- error_report("%s", buf); +- } ++ qemu_hexdump((char *)data, stderr, desc, len); + } + + /* diff --git a/gnu/packages/patches/qemu-CVE-2017-10911.patch b/gnu/packages/patches/qemu-CVE-2017-10911.patch new file mode 100644 index 0000000000..1dcb860a2d --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-10911.patch @@ -0,0 +1,106 @@ +Fix CVE-2017-10911: + +https://xenbits.xen.org/xsa/advisory-216.html +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10911 +https://security-tracker.debian.org/tracker/CVE-2017-10911 + +Patch copied from Xen Security Advisory: + +https://xenbits.xen.org/xsa/xsa216-qemuu.patch + +--- a/hw/block/xen_blkif.h ++++ b/hw/block/xen_blkif.h +@@ -14,9 +14,6 @@ + struct blkif_common_request { + char dummy; + }; +-struct blkif_common_response { +- char dummy; +-}; + + /* i386 protocol version */ + #pragma pack(push, 4) +@@ -36,13 +33,7 @@ struct blkif_x86_32_request_discard { + blkif_sector_t sector_number; /* start sector idx on disk (r/w only) */ + uint64_t nr_sectors; /* # of contiguous sectors to discard */ + }; +-struct blkif_x86_32_response { +- uint64_t id; /* copied from request */ +- uint8_t operation; /* copied from request */ +- int16_t status; /* BLKIF_RSP_??? */ +-}; + typedef struct blkif_x86_32_request blkif_x86_32_request_t; +-typedef struct blkif_x86_32_response blkif_x86_32_response_t; + #pragma pack(pop) + + /* x86_64 protocol version */ +@@ -62,20 +53,14 @@ struct blkif_x86_64_request_discard { + blkif_sector_t sector_number; /* start sector idx on disk (r/w only) */ + uint64_t nr_sectors; /* # of contiguous sectors to discard */ + }; +-struct blkif_x86_64_response { +- uint64_t __attribute__((__aligned__(8))) id; +- uint8_t operation; /* copied from request */ +- int16_t status; /* BLKIF_RSP_??? */ +-}; + typedef struct blkif_x86_64_request blkif_x86_64_request_t; +-typedef struct blkif_x86_64_response blkif_x86_64_response_t; + + DEFINE_RING_TYPES(blkif_common, struct blkif_common_request, +- struct blkif_common_response); ++ struct blkif_response); + DEFINE_RING_TYPES(blkif_x86_32, struct blkif_x86_32_request, +- struct blkif_x86_32_response); ++ struct blkif_response QEMU_PACKED); + DEFINE_RING_TYPES(blkif_x86_64, struct blkif_x86_64_request, +- struct blkif_x86_64_response); ++ struct blkif_response); + + union blkif_back_rings { + blkif_back_ring_t native; +--- a/hw/block/xen_disk.c ++++ b/hw/block/xen_disk.c +@@ -769,31 +769,30 @@ static int blk_send_response_one(struct + struct XenBlkDev *blkdev = ioreq->blkdev; + int send_notify = 0; + int have_requests = 0; +- blkif_response_t resp; +- void *dst; +- +- resp.id = ioreq->req.id; +- resp.operation = ioreq->req.operation; +- resp.status = ioreq->status; ++ blkif_response_t *resp; + + /* Place on the response ring for the relevant domain. */ + switch (blkdev->protocol) { + case BLKIF_PROTOCOL_NATIVE: +- dst = RING_GET_RESPONSE(&blkdev->rings.native, blkdev->rings.native.rsp_prod_pvt); ++ resp = RING_GET_RESPONSE(&blkdev->rings.native, ++ blkdev->rings.native.rsp_prod_pvt); + break; + case BLKIF_PROTOCOL_X86_32: +- dst = RING_GET_RESPONSE(&blkdev->rings.x86_32_part, +- blkdev->rings.x86_32_part.rsp_prod_pvt); ++ resp = RING_GET_RESPONSE(&blkdev->rings.x86_32_part, ++ blkdev->rings.x86_32_part.rsp_prod_pvt); + break; + case BLKIF_PROTOCOL_X86_64: +- dst = RING_GET_RESPONSE(&blkdev->rings.x86_64_part, +- blkdev->rings.x86_64_part.rsp_prod_pvt); ++ resp = RING_GET_RESPONSE(&blkdev->rings.x86_64_part, ++ blkdev->rings.x86_64_part.rsp_prod_pvt); + break; + default: +- dst = NULL; + return 0; + } +- memcpy(dst, &resp, sizeof(resp)); ++ ++ resp->id = ioreq->req.id; ++ resp->operation = ioreq->req.operation; ++ resp->status = ioreq->status; ++ + blkdev->rings.common.rsp_prod_pvt++; + + RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&blkdev->rings.common, send_notify); diff --git a/gnu/packages/patches/qemu-CVE-2017-11434.patch b/gnu/packages/patches/qemu-CVE-2017-11434.patch new file mode 100644 index 0000000000..4da701a73d --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2017-11434.patch @@ -0,0 +1,25 @@ +Fix CVE-2017-11434: + +https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html +https://bugzilla.redhat.com/show_bug.cgi?id=1472611 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11434 +https://security-tracker.debian.org/tracker/CVE-2017-11434 + +Patch copied from upstream source repository: + +https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=413d463f43fbc4dd3a601e80a5724aa384a265a0 + +diff --git a/slirp/bootp.c b/slirp/bootp.c +index 5a4646c182..5dd1a415b5 100644 +--- a/slirp/bootp.c ++++ b/slirp/bootp.c +@@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type, + if (p >= p_end) + break; + len = *p++; ++ if (p + len > p_end) { ++ break; ++ } + DPRINTF("dhcp: tag=%d len=%d\n", tag, len); + + switch(tag) { diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 49998120d2..ab364cd1fb 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2015, 2016, 2017 Mark H Weaver ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 Ricardo Wurmus +;;; Copyright © 2017 Alex Vong ;;; ;;; This file is part of GNU Guix. ;;; @@ -82,7 +83,11 @@ "qemu-CVE-2017-8379.patch" "qemu-CVE-2017-8380.patch" "qemu-CVE-2017-9524.patch" - "qemu-CVE-2017-11334.patch")) + "qemu-CVE-2017-10664.patch" + "qemu-CVE-2017-10806.patch" + "qemu-CVE-2017-10911.patch" + "qemu-CVE-2017-11334.patch" + "qemu-CVE-2017-11434.patch")) (sha256 (base32 "08mhfs0ndbkyqgw7fjaa9vjxf4dinrly656f6hjzvmaz7hzc677h")))) -- cgit v1.2.3 From 15428168eaf06ce54aa3f8ed8eec819d6bbdefec Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 14 Aug 2017 12:27:01 -0400 Subject: gnu: cvs: Fix CVE-2017-12836. * gnu/packages/patches/cvs-2017-12836.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/version-control.scm (cvs)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/patches/cvs-2017-12836.patch | 45 +++++++++++++++++++++++++++++++ gnu/packages/version-control.scm | 1 + 3 files changed, 47 insertions(+) create mode 100644 gnu/packages/patches/cvs-2017-12836.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ec37f81b0f..97e876a507 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -569,6 +569,7 @@ dist_patch_DATA = \ %D%/packages/patches/clucene-contribs-lib.patch \ %D%/packages/patches/curl-bounds-check.patch \ %D%/packages/patches/cursynth-wave-rand.patch \ + %D%/packages/patches/cvs-2017-12836.patch \ %D%/packages/patches/cyrus-sasl-CVE-2013-4122.patch \ %D%/packages/patches/dblatex-remove-multirow.patch \ %D%/packages/patches/dbus-helper-search-path.patch \ diff --git a/gnu/packages/patches/cvs-2017-12836.patch b/gnu/packages/patches/cvs-2017-12836.patch new file mode 100644 index 0000000000..507ab0f7d0 --- /dev/null +++ b/gnu/packages/patches/cvs-2017-12836.patch @@ -0,0 +1,45 @@ +Fix CVE-2017-12836: + +http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12836 +https://security-tracker.debian.org/tracker/CVE-2017-12836 + +Patch adpated from Debian (comments and changelog annotations removed): + +https://anonscm.debian.org/cgit/collab-maint/cvs.git/commit/?h=stretch&id=41e077396e35efb6c879951f44c62dd8a1d0f094 + +From 41e077396e35efb6c879951f44c62dd8a1d0f094 Mon Sep 17 00:00:00 2001 +From: mirabilos +Date: Sat, 12 Aug 2017 03:17:18 +0200 +Subject: Fix CVE-2017-12836 (Closes: #871810) for stretch + +--- + debian/changelog | 6 ++++++ + src/rsh-client.c | 10 ++++++++-- + 2 files changed, 14 insertions(+), 2 deletions(-) + +diff --git a/src/rsh-client.c b/src/rsh-client.c +index fe0cfc4..1fc860d 100644 +--- a/src/rsh-client.c ++++ b/src/rsh-client.c +@@ -105,6 +106,9 @@ start_rsh_server (cvsroot_t *root, struct buffer **to_server_p, + rsh_argv[i++] = argvport; + } + ++ /* Only non-option arguments from here. (CVE-2017-12836) */ ++ rsh_argv[i++] = "--"; ++ + rsh_argv[i++] = root->hostname; + rsh_argv[i++] = cvs_server; + if (readonlyfs) +@@ -189,6 +193,8 @@ start_rsh_server (cvsroot_t *root, struct buffer **to_server_p, + *p++ = argvport; + } + ++ *p++ = "--"; ++ + *p++ = root->hostname; + *p++ = command; + *p++ = NULL; +-- +cgit v0.12 + diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index 151cf0cf10..7c1f02d5ad 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -924,6 +924,7 @@ machine.") (uri (string-append "https://ftp.gnu.org/non-gnu/cvs/source/feature/" version "/cvs-" version ".tar.bz2")) + (patches (search-patches "cvs-2017-12836.patch")) (sha256 (base32 "0pjir8cwn0087mxszzbsi1gyfc6373vif96cw4q3m1x6p49kd1bq")))) -- cgit v1.2.3 From f28fea1ca729de793ad5e08deb7e6e2c7a663b0d Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 15 Aug 2017 01:08:01 +0200 Subject: gnu: e2fsprogs: Update to 1.43.5. * gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/linux.scm (e2fsprogs): Update to 1.43.5. [source]: Use patch. --- gnu/local.mk | 1 + gnu/packages/linux.scm | 5 ++- .../patches/e2fsprogs-32bit-quota-warnings.patch | 46 ++++++++++++++++++++++ 3 files changed, 50 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 97e876a507..b15a16b6bc 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -580,6 +580,7 @@ dist_patch_DATA = \ %D%/packages/patches/doc++-segfault-fix.patch \ %D%/packages/patches/doxygen-test.patch \ %D%/packages/patches/dvd+rw-tools-add-include.patch \ + %D%/packages/patches/e2fsprogs-32bit-quota-warnings.patch \ %D%/packages/patches/elfutils-tests-ptrace.patch \ %D%/packages/patches/elixir-disable-failing-tests.patch \ %D%/packages/patches/einstein-build.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 63027d658f..212eb12775 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -680,16 +680,17 @@ slabtop, and skill.") (define-public e2fsprogs (package (name "e2fsprogs") - (version "1.43.4") + (version "1.43.5") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/linux/kernel/people/tytso/" name "/v" version "/" name "-" version ".tar.xz")) + (patches (search-patches "e2fsprogs-32bit-quota-warnings.patch")) (sha256 (base32 - "092absr4vrlqrkdf9nwh4ykj40ab6hhwrkdr6sjsccd54c8z5csl")))) + "05ssjpmy0fpv2ik6ibm1f47wr6794nf0q50r581vygrqvsd3s7r6")))) (build-system gnu-build-system) (inputs `(("util-linux" ,util-linux))) (native-inputs `(("pkg-config" ,pkg-config) diff --git a/gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch b/gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch new file mode 100644 index 0000000000..e7a96a2ac0 --- /dev/null +++ b/gnu/packages/patches/e2fsprogs-32bit-quota-warnings.patch @@ -0,0 +1,46 @@ +Fix a test failure on 32-bit platforms. + +Patch copied from upstream source repository: + +https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=9e31a5696c4b699bf000a07b86601c1fb91c0493 + +diff --git a/lib/support/mkquota.c b/lib/support/mkquota.c +index 00f3a40..931a839 100644 +--- a/lib/support/mkquota.c ++++ b/lib/support/mkquota.c +@@ -50,11 +50,13 @@ static void print_dquot(const char *desc, struct dquot *dq) + { + if (desc) + fprintf(stderr, "%s: ", desc); +- fprintf(stderr, "%u %ld:%ld:%ld %ld:%ld:%ld\n", +- dq->dq_id, dq->dq_dqb.dqb_curspace, +- dq->dq_dqb.dqb_bsoftlimit, dq->dq_dqb.dqb_bhardlimit, +- dq->dq_dqb.dqb_curinodes, +- dq->dq_dqb.dqb_isoftlimit, dq->dq_dqb.dqb_ihardlimit); ++ fprintf(stderr, "%u %lld:%lld:%lld %lld:%lld:%lld\n", ++ dq->dq_id, (long long) dq->dq_dqb.dqb_curspace, ++ (long long) dq->dq_dqb.dqb_bsoftlimit, ++ (long long) dq->dq_dqb.dqb_bhardlimit, ++ (long long) dq->dq_dqb.dqb_curinodes, ++ (long long) dq->dq_dqb.dqb_isoftlimit, ++ (long long) dq->dq_dqb.dqb_ihardlimit); + } + #else + static void print_dquot(const char *desc EXT2FS_ATTR((unused)), +@@ -524,11 +526,11 @@ static int scan_dquots_callback(struct dquot *dquot, void *cb_data) + dq->dq_dqb.dqb_curinodes != dquot->dq_dqb.dqb_curinodes) { + scan_data->usage_is_inconsistent = 1; + fprintf(stderr, "[QUOTA WARNING] Usage inconsistent for ID %u:" +- "actual (%ld, %ld) != expected (%ld, %ld)\n", +- dq->dq_id, dq->dq_dqb.dqb_curspace, +- dq->dq_dqb.dqb_curinodes, +- dquot->dq_dqb.dqb_curspace, +- dquot->dq_dqb.dqb_curinodes); ++ "actual (%lld, %lld) != expected (%lld, %lld)\n", ++ dq->dq_id, (long long) dq->dq_dqb.dqb_curspace, ++ (long long) dq->dq_dqb.dqb_curinodes, ++ (long long) dquot->dq_dqb.dqb_curspace, ++ (long long) dquot->dq_dqb.dqb_curinodes); + } + + if (scan_data->update_limits) { -- cgit v1.2.3