diff options
author | Daniel BORNAZ <daniel.bornaz@enea.com> | 2014-07-17 14:24:11 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-07-19 00:09:02 +0100 |
commit | ee2b26fe759d1d8a0f78c94f1a4f3cfe30ff3c5d (patch) | |
tree | 6de973953c8749b57d06d0980951859300afca66 /meta/recipes-devtools/qemu/qemu_2.0.0.bb | |
parent | 348102a03d84ba0965556cd88d6e3df70c44eb74 (diff) | |
download | poky-ee2b26fe759d1d8a0f78c94f1a4f3cfe30ff3c5d.tar.gz |
qemu: security patch for CVE-2014-3471
Qemu PCIe bus support is vulnerable to a use-after-free flaw. It could
occur via guest, when it tries to hotplug/hotunplug devices on the
guest.
A user able to add & delete Virtio block devices on a guest could use
this flaw to crash the Qemu instance resulting in DoS.
Originated-by: Marcel Apfelbaum <address@hidden>
Updated the qemu recipe to include the security patch.
Upstream-Status: Submitted
(From OE-Core rev: a84e1749b489cee5ea219799c35e29b6edead30f)
Signed-off-by: Daniel BORNAZ <daniel.bornaz@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu_2.0.0.bb')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu_2.0.0.bb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/meta/recipes-devtools/qemu/qemu_2.0.0.bb b/meta/recipes-devtools/qemu/qemu_2.0.0.bb index b8ce62428b..9a530a6fb5 100644 --- a/meta/recipes-devtools/qemu/qemu_2.0.0.bb +++ b/meta/recipes-devtools/qemu/qemu_2.0.0.bb | |||
@@ -4,7 +4,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=441c28d2cf86e15a37fa47e15a72fbac \ | |||
4 | file://COPYING.LIB;endline=24;md5=c04def7ae38850e7d3ef548588159913" | 4 | file://COPYING.LIB;endline=24;md5=c04def7ae38850e7d3ef548588159913" |
5 | 5 | ||
6 | SRC_URI += "file://qemu-enlarge-env-entry-size.patch \ | 6 | SRC_URI += "file://qemu-enlarge-env-entry-size.patch \ |
7 | file://Qemu-Arm-versatilepb-Add-memory-size-checking.patch" | 7 | file://Qemu-Arm-versatilepb-Add-memory-size-checking.patch \ |
8 | file://pcie_better_hotplug_support.patch \ | ||
9 | " | ||
10 | |||
11 | |||
8 | 12 | ||
9 | SRC_URI_prepend = "http://wiki.qemu-project.org/download/${BP}.tar.bz2" | 13 | SRC_URI_prepend = "http://wiki.qemu-project.org/download/${BP}.tar.bz2" |
10 | SRC_URI[md5sum] = "2790f44fd76da5de5024b4aafeb594c2" | 14 | SRC_URI[md5sum] = "2790f44fd76da5de5024b4aafeb594c2" |