commit libvirt for openSUSE:Factory
Hello community,
here is the log from the commit of package libvirt for openSUSE:Factory checked in at 2017-09-04 12:16:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libvirt (Old)
and /work/SRC/openSUSE:Factory/.libvirt.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvirt"
Mon Sep 4 12:16:53 2017 rev:233 rq:519736 version:3.6.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes 2017-08-10 13:44:38.816375923 +0200
+++ /work/SRC/openSUSE:Factory/.libvirt.new/libvirt.changes 2017-09-04 12:17:02.646137854 +0200
@@ -1,0 +2,7 @@
+Tue Aug 29 22:34:42 UTC 2017 - jfehlig@suse.com
+
+- rpc: avoid ssh interpreting malicious hostname as arguments
+ e4cb8500-avoid-malicious-ssh-hostname-as-args.patch
+ bsc#1053600
+
+-------------------------------------------------------------------
New:
----
e4cb8500-avoid-malicious-ssh-hostname-as-args.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libvirt.spec ++++++
--- /var/tmp/diff_new_pack.3EGxjD/_old 2017-09-04 12:17:04.301905088 +0200
+++ /var/tmp/diff_new_pack.3EGxjD/_new 2017-09-04 12:17:04.309903964 +0200
@@ -308,6 +308,7 @@
Patch0: 8982f3ab-util-hash-header.patch
Patch1: 0b1ecf7b-virHashCodeGen-mockable.patch
Patch2: f536b0dd-tests-arch-independent-hash.patch
+Patch3: e4cb8500-avoid-malicious-ssh-hostname-as-args.patch
# Patches pending upstream review
Patch100: libxl-dom-reset.patch
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch
@@ -876,6 +877,7 @@
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
%patch100 -p1
%patch101 -p1
%patch150 -p1
++++++ e4cb8500-avoid-malicious-ssh-hostname-as-args.patch ++++++
commit e4cb8500810a310a10a6cb359e1b53fac03ed597
Author: Daniel P. Berrange
participants (1)
-
root@hilbert.suse.de