From: Armin Kuster <[email protected]> Source: https://libvirt.org MR: 97512 Type: Security Fix Disposition: Backport from https://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=9ed175fbc2deecfdaeabca7bc77c7e7ae33a3377 ChangeID: 6c662c67dd3cf6e0eba493b7b619db35f2e07d93 Description:
Fixes CVE-2019-3840 Signed-off-by: Armin Kuster <[email protected]> --- .../libvirt/libvirt/CVE-2019-3840.patch | 39 ++++++++++++++++++++++ recipes-extended/libvirt/libvirt_4.7.0.bb | 1 + 2 files changed, 40 insertions(+) create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-3840.patch diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch b/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch new file mode 100644 index 0000000..8cca821 --- /dev/null +++ b/recipes-extended/libvirt/libvirt/CVE-2019-3840.patch @@ -0,0 +1,39 @@ +From 9ed175fbc2deecfdaeabca7bc77c7e7ae33a3377 Mon Sep 17 00:00:00 2001 +From: John Ferlan <[email protected]> +Date: Fri, 7 Sep 2018 16:01:27 -0400 +Subject: [PATCH] qemu: Remove duplicated qemuAgentCheckError + +Commit 5b3492fadb moved qemuAgentCheckError calls into +qemuAgentCommand for various reasons; however, subsequent +commit 0977b8aa0 adding a new command made call again +So let's just remove the duplicitous call from +qemuAgentGetInterfaces. + +Signed-off-by: John Ferlan <[email protected]> +ACKed-by: Michal Privoznik <[email protected]> + +Upstream-Status: Backport +CVE: CVE-2019-3840 +Signed-off-by: Armin Kuster <[email protected]> + +--- + src/qemu/qemu_agent.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +Index: libvirt-4.7.0/src/qemu/qemu_agent.c +=================================================================== +--- libvirt-4.7.0.orig/src/qemu/qemu_agent.c ++++ libvirt-4.7.0/src/qemu/qemu_agent.c +@@ -1987,10 +1987,9 @@ qemuAgentGetInterfaces(qemuAgentPtr mon, + if (!(cmd = qemuAgentMakeCommand("guest-network-get-interfaces", NULL))) + goto cleanup; + +- if (qemuAgentCommand(mon, cmd, &reply, false, VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0 || +- qemuAgentCheckError(cmd, reply) < 0) { ++ if (qemuAgentCommand(mon, cmd, &reply, false, ++ VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0) + goto cleanup; +- } + + if (!(ret_array = virJSONValueObjectGet(reply, "return"))) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", diff --git a/recipes-extended/libvirt/libvirt_4.7.0.bb b/recipes-extended/libvirt/libvirt_4.7.0.bb index 5136798..270dc72 100644 --- a/recipes-extended/libvirt/libvirt_4.7.0.bb +++ b/recipes-extended/libvirt/libvirt_4.7.0.bb @@ -36,6 +36,7 @@ SRC_URI = "http://libvirt.org/sources/libvirt-${PV}.tar.xz;name=libvirt \ file://0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch \ file://configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch \ file://lxc_monitor-Avoid-AB-BA-lock-race.patch \ + file://CVE-2019-3840.patch \ " SRC_URI[libvirt.md5sum] = "38da6c33250dcbc0a6d68de5c758262b" -- 2.7.4 -- _______________________________________________ meta-virtualization mailing list [email protected] https://lists.yoctoproject.org/listinfo/meta-virtualization
