diff options
author | Chee Yang Lee <chee.yang.lee@intel.com> | 2023-03-21 11:40:23 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-04-01 20:23:23 +0100 |
commit | 72707c04e10248640328dd39afe55ba08195965d (patch) | |
tree | 9d675807dc06d19e792546938aa2e5f929092490 /meta/recipes-devtools/qemu/qemu.inc | |
parent | f76c7b8e6366129a2550417ed6f091717d897a81 (diff) | |
download | poky-72707c04e10248640328dd39afe55ba08195965d.tar.gz |
qemu: fix multple CVEs
import patches from ubuntu to fix
CVE-2020-15469
CVE-2020-15859
CVE-2020-17380
CVE-2020-35504
CVE-2020-35505
CVE-2021-3409
CVE-2022-26354
https://git.launchpad.net/ubuntu/+source/qemu/tree/debian/patches?h=ubuntu/focal-security
Combine patches for both CVE-2020-25085 and CVE-2021-3409 also fix CVE-2020-17380.
so mark CVE-2020-17380 fixed by CVE-2021-3409 patches. CVE-2020-17380 patch backported since
oecore rev 6b4c58a31ec11e557d40c31f2532985dd53e61eb.
(From OE-Core rev: 3ee2e9027d57dd5ae9f8795436c1acd18a9f1e24)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu.inc')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu.inc | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 0649727338..600a2af022 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc | |||
@@ -117,6 +117,23 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ | |||
117 | file://CVE-2021-3507.patch \ | 117 | file://CVE-2021-3507.patch \ |
118 | file://CVE-2021-3929.patch \ | 118 | file://CVE-2021-3929.patch \ |
119 | file://CVE-2022-4144.patch \ | 119 | file://CVE-2022-4144.patch \ |
120 | file://CVE-2020-15859.patch \ | ||
121 | file://CVE-2020-15469-1.patch \ | ||
122 | file://CVE-2020-15469-2.patch \ | ||
123 | file://CVE-2020-15469-3.patch \ | ||
124 | file://CVE-2020-15469-4.patch \ | ||
125 | file://CVE-2020-15469-5.patch \ | ||
126 | file://CVE-2020-15469-6.patch \ | ||
127 | file://CVE-2020-15469-7.patch \ | ||
128 | file://CVE-2020-15469-8.patch \ | ||
129 | file://CVE-2020-35504.patch \ | ||
130 | file://CVE-2020-35505.patch \ | ||
131 | file://CVE-2022-26354.patch \ | ||
132 | file://CVE-2021-3409-1.patch \ | ||
133 | file://CVE-2021-3409-2.patch \ | ||
134 | file://CVE-2021-3409-3.patch \ | ||
135 | file://CVE-2021-3409-4.patch \ | ||
136 | file://CVE-2021-3409-5.patch \ | ||
120 | " | 137 | " |
121 | UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" | 138 | UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" |
122 | 139 | ||