diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2020-05-08 21:43:04 +0200 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2020-05-08 21:43:04 +0200 |
| commit | 35c43fcdbb408a5755efebc13241dd9082360aa1 (patch) | |
| tree | 4ad992d7abf0888cfc4ab9ac0930a0680f8ca61b /gnu/packages/patches/qemu-CVE-2020-7211.patch | |
| parent | 4bdf4182fe080c3409f6ef9b410146b67cfa2595 (diff) | |
| download | patches-base-for-series-3879.tar patches-base-for-series-3879.tar.gz | |
gnu: QEMU: Update to 5.0.0.base-for-series-3881base-for-series-3879
* gnu/packages/patches/qemu-CVE-2020-1711.patch,
gnu/packages/patches/qemu-CVE-2020-7039.patch,
gnu/packages/patches/qemu-CVE-2020-7211.patch,
gnu/packages/patches/qemu-CVE-2020-8608.patch,
gnu/packages/patches/qemu-fix-documentation-build-failure.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/virtualization.scm (qemu)[source](patches): Remove.
[arguments]: Add phase 'patch-/bin/sh-references'. In the 'configure' phase,
add shebang substitutions. Remove phase 'prevent-network-configuration'.
[inputs]: Change from LIBCAP to LIBCAP-NG.
Diffstat (limited to 'gnu/packages/patches/qemu-CVE-2020-7211.patch')
| -rw-r--r-- | gnu/packages/patches/qemu-CVE-2020-7211.patch | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/gnu/packages/patches/qemu-CVE-2020-7211.patch b/gnu/packages/patches/qemu-CVE-2020-7211.patch deleted file mode 100644 index 2885dda411..0000000000 --- a/gnu/packages/patches/qemu-CVE-2020-7211.patch +++ /dev/null @@ -1,49 +0,0 @@ -Fix CVE-2020-7211: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7211 - -Patch copied from upstream dependency repository: - -https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 - -From 14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 Mon Sep 17 00:00:00 2001 -From: Prasad J Pandit <pjp@fedoraproject.org> -Date: Mon, 13 Jan 2020 17:44:31 +0530 -Subject: [PATCH] slirp: tftp: restrict relative path access - -tftp restricts relative or directory path access on Linux systems. -Apply same restrictions on Windows systems too. It helps to avoid -directory traversal issue. - -Fixes: https://bugs.launchpad.net/qemu/+bug/1812451 -Reported-by: Peter Maydell <peter.maydell@linaro.org> -Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> -Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> -Message-Id: <20200113121431.156708-1-ppandit@redhat.com> ---- - src/tftp.c | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/src/tftp.c b/src/tftp.c -index 093c2e0..e52e71b 100644 ---- a/slirp/src/tftp.c -+++ b/slirp/src/tftp.c -@@ -344,8 +344,13 @@ static void tftp_handle_rrq(Slirp *slirp, struct sockaddr_storage *srcsas, - k += 6; /* skipping octet */ - - /* do sanity checks on the filename */ -- if (!strncmp(req_fname, "../", 3) || -- req_fname[strlen(req_fname) - 1] == '/' || strstr(req_fname, "/../")) { -+ if ( -+#ifdef G_OS_WIN32 -+ strstr(req_fname, "..\\") || -+ req_fname[strlen(req_fname) - 1] == '\\' || -+#endif -+ strstr(req_fname, "../") || -+ req_fname[strlen(req_fname) - 1] == '/') { - tftp_send_error(spt, 2, "Access violation", tp); - return; - } --- -2.24.1 - |