Hello community, here is the log from the commit of package qemu for openSUSE:Factory checked in at 2015-05-20 23:51:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/qemu (Old) and /work/SRC/openSUSE:Factory/.qemu.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "qemu" Changes: -------- --- /work/SRC/openSUSE:Factory/qemu/libcacard.changes 2015-05-15 07:44:23.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.qemu.new/libcacard.changes 2015-05-20 23:51:48.000000000 +0200 @@ -1,0 +2,7 @@ +Thu May 14 17:21:21 UTC 2015 - afaerber@suse.de + +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 +* Patches added: + 0041-fdc-force-the-fifo-access-to-be-in-.patch + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/qemu/qemu-linux-user.changes 2015-05-15 07:44:23.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-linux-user.changes 2015-05-20 23:51:48.000000000 +0200 @@ -1,0 +2,7 @@ +Thu May 14 17:21:17 UTC 2015 - afaerber@suse.de + +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 +* Patches added: + 0041-fdc-force-the-fifo-access-to-be-in-.patch + +------------------------------------------------------------------- @@ -7,0 +15,5 @@ + +------------------------------------------------------------------- +Mon May 11 12:21:16 UTC 2015 - afaerber@suse.de + +- Limit %check to architectures prepared for it --- /work/SRC/openSUSE:Factory/qemu/qemu-testsuite.changes 2015-05-15 07:44:23.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-testsuite.changes 2015-05-20 23:51:48.000000000 +0200 @@ -1,0 +2,7 @@ +Thu May 14 17:21:13 UTC 2015 - afaerber@suse.de + +- Fix CVE-2015-3456 (boo#929339) + 0041-fdc-force-the-fifo-access-to-be-in-.patch +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 + +------------------------------------------------------------------- qemu.changes: same change New: ---- 0041-fdc-force-the-fifo-access-to-be-in-.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libcacard.spec ++++++ --- /var/tmp/diff_new_pack.8vazUp/_old 2015-05-20 23:51:50.000000000 +0200 +++ /var/tmp/diff_new_pack.8vazUp/_new 2015-05-20 23:51:50.000000000 +0200 @@ -65,6 +65,7 @@ Patch0038: 0038-Revert-Revert-seccomp-tests-that-al.patch Patch0039: 0039-s390x-Fix-stoc-direction.patch Patch0040: 0040-s390x-Add-interlocked-access-facili.patch +Patch0041: 0041-fdc-force-the-fifo-access-to-be-in-.patch # Please do not add patches manually here, run update_git.sh. # this is to make lint happy Source300: qemu-rpmlintrc @@ -164,6 +165,7 @@ %patch0038 -p1 %patch0039 -p1 %patch0040 -p1 +%patch0041 -p1 %build ./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \ ++++++ qemu-linux-user.spec ++++++ --- /var/tmp/diff_new_pack.8vazUp/_old 2015-05-20 23:51:50.000000000 +0200 +++ /var/tmp/diff_new_pack.8vazUp/_new 2015-05-20 23:51:50.000000000 +0200 @@ -65,6 +65,7 @@ Patch0038: 0038-Revert-Revert-seccomp-tests-that-al.patch Patch0039: 0039-s390x-Fix-stoc-direction.patch Patch0040: 0040-s390x-Add-interlocked-access-facili.patch +Patch0041: 0041-fdc-force-the-fifo-access-to-be-in-.patch # Please do not add patches manually here, run update_git.sh. # this is to make lint happy Source300: qemu-rpmlintrc @@ -158,6 +159,7 @@ %patch0038 -p1 %patch0039 -p1 %patch0040 -p1 +%patch0041 -p1 %build ./configure --prefix=%_prefix --sysconfdir=%_sysconfdir \ @@ -203,10 +205,12 @@ %define qemu_arch s390x %endif +%ifarch %ix86 x86_64 %arm aarch64 ppc ppc64 ppc64le s390x %if 0%{?suse_version} >= 1310 %check %{qemu_arch}-linux-user/qemu-%{qemu_arch} %_bindir/ls > /dev/null %endif +%endif %install make install DESTDIR=$RPM_BUILD_ROOT ++++++ qemu-testsuite.spec ++++++ --- /var/tmp/diff_new_pack.8vazUp/_old 2015-05-20 23:51:50.000000000 +0200 +++ /var/tmp/diff_new_pack.8vazUp/_new 2015-05-20 23:51:50.000000000 +0200 @@ -96,6 +96,7 @@ Patch0038: 0038-Revert-Revert-seccomp-tests-that-al.patch Patch0039: 0039-s390x-Fix-stoc-direction.patch Patch0040: 0040-s390x-Add-interlocked-access-facili.patch +Patch0041: 0041-fdc-force-the-fifo-access-to-be-in-.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. @@ -596,6 +597,7 @@ %patch0038 -p1 %patch0039 -p1 %patch0040 -p1 +%patch0041 -p1 %if %{build_x86_fw_from_source} pushd roms/seabios qemu.spec: same change ++++++ 0041-fdc-force-the-fifo-access-to-be-in-.patch ++++++
From 8ee1862533a1af5b18387662b262560fc336a08b Mon Sep 17 00:00:00 2001 From: Petr Matousek
Date: Wed, 6 May 2015 09:48:59 +0200 Subject: [PATCH] fdc: force the fifo access to be in bounds of the allocated buffer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
During processing of certain commands such as FD_CMD_READ_ID and
FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could
get out of bounds leading to memory corruption with values coming
from the guest.
Fix this by making sure that the index is always bounded by the
allocated memory.
This is CVE-2015-3456.
Signed-off-by: Petr Matousek