qemu: fixed multiple CVEs

CVE-2015-3456, fdc: out-of-bounds fifo buffer memory access
CVE-2014-5263, missing field list terminator in vmstate_xhci_event
CVE-2014-3689, vmware_vga: insufficient parameter validation in rectangle
functions
CVE-2014-7815, vnc: insufficient bits_per_pixel from the client sanitization

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3689
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>

1 files changed, 5 insertions, 1 deletions

diff --git a/meta/recipes-devtools/qemu/qemu_1.7.2.bb b/meta/recipes-devtools/qemu/qemu_1.7.2.bb
index 60a7937219..c3c6d3652d 100644
--- a/meta/recipes-devtools/qemu/qemu_1.7.2.bb
+++ b/meta/recipes-devtools/qemu/qemu_1.7.2.bb
@@ -7,7 +7,11 @@ SRC_URI += "file://fxrstorssefix.patch \
             file://qemu-enlarge-env-entry-size.patch \
             file://Qemu-Arm-versatilepb-Add-memory-size-checking.patch \
             file://ide-CVE-2014-2894.patch \
-            file://slirp-udp-NULL-pointer-dereference-CVE-2014-3640.patch"
+            file://slirp-udp-NULL-pointer-dereference-CVE-2014-3640.patch \
+            file://vmware-vga-CVE-2014-3689.patch \
+            file://vmstate_xhci_event-CVE-2014-5263.patch \
+            file://vnc-CVE-2014-7815.patch \
+            file://fdc-CVE-2015-3456.patch"
 
 SRC_URI_prepend = "http://wiki.qemu.org/download/qemu-${PV}.tar.bz2"
 SRC_URI[md5sum] = "a52e0acd37b0c9b06228fe98da0b1b43"