Hello community, here is the log from the commit of package libvirt for openSUSE:11.2 checked in at Wed Mar 16 01:42:17 CET 2011.
-------- --- old-versions/11.2/UPDATES/all/libvirt/libvirt.changes 2010-07-17 00:36:40.000000000 +0200 +++ 11.2/libvirt/libvirt.changes 2011-03-15 22:01:29.000000000 +0100 @@ -0,0 +1,9 @@ +------------------------------------------------------------------- +Tue Mar 15 09:37:20 MDT 2011 - [email protected] + +- VUL-0: libvirt: several API calls do not honour read-only + connection + 71753cb7-CVE-2011-1146.patch + bnc#678406 + +------------------------------------------------------------------- calling whatdependson for 11.2-i586 New: ---- 71753cb7-CVE-2011-1146.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libvirt.spec ++++++ --- /var/tmp/diff_new_pack.UdUcQq/_old 2011-03-16 01:41:58.000000000 +0100 +++ /var/tmp/diff_new_pack.UdUcQq/_new 2011-03-16 01:41:58.000000000 +0100 @@ -1,7 +1,7 @@ # -# spec file for package libvirt (Version 0.7.2) +# spec file for package libvirt # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -65,7 +65,7 @@ Group: Development/Libraries/C and C++ AutoReqProv: yes Version: 0.7.2 -Release: 1.1.<RELEASE3> +Release: 1.1.<RELEASE5> Summary: A C toolkit to interract with the virtualization capabilities of Linux Requires: readline Requires: ncurses @@ -108,6 +108,7 @@ Patch14: CVE-2010-223x-0010.patch Patch15: 91f9157e-fix-masq-rules.patch Patch16: CVE-2010-2242-nat.patch +Patch17: 71753cb7-CVE-2011-1146.patch # Need to go upstream Patch100: socat.patch Patch101: clone.patch @@ -226,6 +227,7 @@ %patch14 -p1 %patch15 -p1 %patch16 -p1 +%patch17 -p1 %patch100 -p1 %patch101 %patch102 -p1 ++++++ 71753cb7-CVE-2011-1146.patch ++++++ commit 71753cb7f7a16ff800381c0b5ee4e99eea92fed3 Author: Guido Günther <[email protected]> Date: Mon Mar 14 10:56:28 2011 +0800 Add missing checks for read only connections As pointed on CVE-2011-1146, some API forgot to check the read-only status of the connection for entry point which modify the state of the system or may lead to a remote execution using user data. The entry points concerned are: - virConnectDomainXMLToNative - virNodeDeviceDettach - virNodeDeviceReAttach - virNodeDeviceReset - virDomainRevertToSnapshot - virDomainSnapshotDelete * src/libvirt.c: fix the above set of entry points to error on read-only connections Index: libvirt-0.7.2/src/libvirt.c =================================================================== --- libvirt-0.7.2.orig/src/libvirt.c +++ libvirt-0.7.2/src/libvirt.c @@ -2879,6 +2879,10 @@ char *virConnectDomainXMLToNative(virCon virLibConnError(NULL, VIR_ERR_INVALID_CONN, __FUNCTION__); return (NULL); } + if (conn->flags & VIR_CONNECT_RO) { + virLibDomainError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + goto error; + } if (nativeFormat == NULL || domainXml == NULL) { virLibConnError(conn, VIR_ERR_INVALID_ARG, __FUNCTION__); @@ -8653,6 +8657,11 @@ virNodeDeviceDettach(virNodeDevicePtr de return (-1); } + if (dev->conn->flags & VIR_CONNECT_RO) { + virLibConnError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + goto error; + } + if (dev->conn->driver->nodeDeviceDettach) { int ret; ret = dev->conn->driver->nodeDeviceDettach (dev); @@ -8696,6 +8705,11 @@ virNodeDeviceReAttach(virNodeDevicePtr d return (-1); } + if (dev->conn->flags & VIR_CONNECT_RO) { + virLibConnError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + goto error; + } + if (dev->conn->driver->nodeDeviceReAttach) { int ret; ret = dev->conn->driver->nodeDeviceReAttach (dev); @@ -8741,6 +8755,11 @@ virNodeDeviceReset(virNodeDevicePtr dev) return (-1); } + if (dev->conn->flags & VIR_CONNECT_RO) { + virLibConnError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + goto error; + } + if (dev->conn->driver->nodeDeviceReset) { int ret; ret = dev->conn->driver->nodeDeviceReset (dev); ++++++ suse-network.patch ++++++ --- /var/tmp/diff_new_pack.UdUcQq/_old 2011-03-16 01:41:59.000000000 +0100 +++ /var/tmp/diff_new_pack.UdUcQq/_new 2011-03-16 01:41:59.000000000 +0100 @@ -164,7 +164,7 @@ =================================================================== --- libvirt-0.7.2.orig/src/network/bridge_driver.c +++ libvirt-0.7.2/src/network/bridge_driver.c -@@ -976,6 +976,11 @@ static int networkShutdownNetworkDaemon( +@@ -1042,6 +1042,11 @@ static int networkShutdownNetworkDaemon( unlink(stateFile); VIR_FREE(stateFile); @@ -176,7 +176,7 @@ if (network->dnsmasqPid > 0) kill(network->dnsmasqPid, SIGTERM); -@@ -1432,6 +1437,12 @@ static int networkSetAutostart(virNetwor +@@ -1498,6 +1503,12 @@ static int networkSetAutostart(virNetwor goto cleanup; } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
