[libvirt] [v0.9.12-maint 0/9] CVE fixes

Guido Günther agx at sigxcpu.org
Thu Sep 19 12:23:19 UTC 2013 

On Wed, Sep 18, 2013 at 09:14:16PM -0600, Eric Blake wrote:
> I've completed and pushed my backport work for both CVEs that
> were patched today, into all branches v0.10.2-maint and newer
> (basically, we have 0.10.2, then all releases since 1.0.2).  One
> last branch in active use (hello Debian) remains to be patched;
> but here, the backport work had enough conflict resolutions that
> I decided to post my work for review first.

I've been basing my patches for CVE-2013-4311 on Daniel's RHEL6 version
so far but this looks much nicer for v0.9.12-maint.
Cheers,
 -- Guido

> 
> Daniel P. Berrange (9):
>   Introduce APIs for splitting/joining strings
>   Rename virKillProcess to virProcessKill
>   Rename virPid{Abort, Wait} to virProcess{Abort, Wait}
>   Rename virCommandTranslateStatus to virProcessTranslateStatus
>   Move virProcessKill into virprocess.{h, c}
>   Move virProcess{Kill, Abort, TranslateStatus} into virprocess.{c, h}
>   Include process start time when doing polkit checks
>   Add support for using 3-arg pkcheck syntax for process (CVE-2013-4311)
>   Fix crash in remoteDispatchDomainMemoryStats (CVE-2013-4296)
> 
>  .gitignore                   |   1 +
>  configure.ac                 |   8 +
>  daemon/libvirtd.c            |   3 +-
>  daemon/remote.c              |  33 +++-
>  libvirt.spec.in              |   3 +-
>  po/POTFILES.in               |   1 +
>  src/Makefile.am              |   2 +
>  src/libvirt_private.syms     |  16 +-
>  src/lxc/lxc_container.c      |   3 +-
>  src/lxc/lxc_controller.c     |   3 +-
>  src/qemu/qemu_agent.c        |   3 +-
>  src/qemu/qemu_monitor.c      |   3 +-
>  src/qemu/qemu_process.c      |   3 +-
>  src/rpc/virnetserverclient.c |   8 +-
>  src/rpc/virnetserverclient.h |   3 +-
>  src/rpc/virnetsocket.c       |  22 ++-
>  src/rpc/virnetsocket.h       |   3 +-
>  src/uml/uml_driver.c         |   3 +-
>  src/util/command.c           | 167 ++------------------
>  src/util/command.h           |   8 -
>  src/util/util.c              |  64 +-------
>  src/util/util.h              |   1 -
>  src/util/virprocess.c        | 359 +++++++++++++++++++++++++++++++++++++++++++
>  src/util/virprocess.h        |  45 ++++++
>  src/util/virstring.c         | 179 +++++++++++++++++++++
>  src/util/virstring.h         |  40 +++++
>  tests/Makefile.am            |   9 +-
>  tests/testutils.c            |   5 +-
>  tests/virstringtest.c        | 161 +++++++++++++++++++
>  29 files changed, 908 insertions(+), 251 deletions(-)
>  create mode 100644 src/util/virprocess.c
>  create mode 100644 src/util/virprocess.h
>  create mode 100644 src/util/virstring.c
>  create mode 100644 src/util/virstring.h
>  create mode 100644 tests/virstringtest.c
> 
> -- 
> 1.8.3.1
>

More information about the libvir-list mailing list