Hello community,
here is the log from the commit of package libvirt for openSUSE:11.2
checked in at Wed Mar 16 01:42:17 CET 2011.
--------
--- old-versions/11.2/UPDATES/all/libvirt/libvirt.changes 2010-07-17 00:36:40.000000000 +0200
+++ 11.2/libvirt/libvirt.changes 2011-03-15 22:01:29.000000000 +0100
@@ -0,0 +1,9 @@
+-------------------------------------------------------------------
+Tue Mar 15 09:37:20 MDT 2011 - jfehlig@novell.com
+
+- VUL-0: libvirt: several API calls do not honour read-only
+ connection
+ 71753cb7-CVE-2011-1146.patch
+ bnc#678406
+
+-------------------------------------------------------------------
calling whatdependson for 11.2-i586
New:
----
71753cb7-CVE-2011-1146.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libvirt.spec ++++++
--- /var/tmp/diff_new_pack.UdUcQq/_old 2011-03-16 01:41:58.000000000 +0100
+++ /var/tmp/diff_new_pack.UdUcQq/_new 2011-03-16 01:41:58.000000000 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package libvirt (Version 0.7.2)
+# spec file for package libvirt
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -65,7 +65,7 @@
Group: Development/Libraries/C and C++
AutoReqProv: yes
Version: 0.7.2
-Release: 1.1.<RELEASE3>
+Release: 1.1.<RELEASE5>
Summary: A C toolkit to interract with the virtualization capabilities of Linux
Requires: readline
Requires: ncurses
@@ -108,6 +108,7 @@
Patch14: CVE-2010-223x-0010.patch
Patch15: 91f9157e-fix-masq-rules.patch
Patch16: CVE-2010-2242-nat.patch
+Patch17: 71753cb7-CVE-2011-1146.patch
# Need to go upstream
Patch100: socat.patch
Patch101: clone.patch
@@ -226,6 +227,7 @@
%patch14 -p1
%patch15 -p1
%patch16 -p1
+%patch17 -p1
%patch100 -p1
%patch101
%patch102 -p1
++++++ 71753cb7-CVE-2011-1146.patch ++++++
commit 71753cb7f7a16ff800381c0b5ee4e99eea92fed3
Author: Guido Günther
Date: Mon Mar 14 10:56:28 2011 +0800
Add missing checks for read only connections
As pointed on CVE-2011-1146, some API forgot to check the read-only
status of the connection for entry point which modify the state
of the system or may lead to a remote execution using user data.
The entry points concerned are:
- virConnectDomainXMLToNative
- virNodeDeviceDettach
- virNodeDeviceReAttach
- virNodeDeviceReset
- virDomainRevertToSnapshot
- virDomainSnapshotDelete
* src/libvirt.c: fix the above set of entry points to error on read-only
connections
Index: libvirt-0.7.2/src/libvirt.c
===================================================================
--- libvirt-0.7.2.orig/src/libvirt.c
+++ libvirt-0.7.2/src/libvirt.c
@@ -2879,6 +2879,10 @@ char *virConnectDomainXMLToNative(virCon
virLibConnError(NULL, VIR_ERR_INVALID_CONN, __FUNCTION__);
return (NULL);
}
+ if (conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ goto error;
+ }
if (nativeFormat == NULL || domainXml == NULL) {
virLibConnError(conn, VIR_ERR_INVALID_ARG, __FUNCTION__);
@@ -8653,6 +8657,11 @@ virNodeDeviceDettach(virNodeDevicePtr de
return (-1);
}
+ if (dev->conn->flags & VIR_CONNECT_RO) {
+ virLibConnError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ goto error;
+ }
+
if (dev->conn->driver->nodeDeviceDettach) {
int ret;
ret = dev->conn->driver->nodeDeviceDettach (dev);
@@ -8696,6 +8705,11 @@ virNodeDeviceReAttach(virNodeDevicePtr d
return (-1);
}
+ if (dev->conn->flags & VIR_CONNECT_RO) {
+ virLibConnError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ goto error;
+ }
+
if (dev->conn->driver->nodeDeviceReAttach) {
int ret;
ret = dev->conn->driver->nodeDeviceReAttach (dev);
@@ -8741,6 +8755,11 @@ virNodeDeviceReset(virNodeDevicePtr dev)
return (-1);
}
+ if (dev->conn->flags & VIR_CONNECT_RO) {
+ virLibConnError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ goto error;
+ }
+
if (dev->conn->driver->nodeDeviceReset) {
int ret;
ret = dev->conn->driver->nodeDeviceReset (dev);
++++++ suse-network.patch ++++++
--- /var/tmp/diff_new_pack.UdUcQq/_old 2011-03-16 01:41:59.000000000 +0100
+++ /var/tmp/diff_new_pack.UdUcQq/_new 2011-03-16 01:41:59.000000000 +0100
@@ -164,7 +164,7 @@
===================================================================
--- libvirt-0.7.2.orig/src/network/bridge_driver.c
+++ libvirt-0.7.2/src/network/bridge_driver.c
-@@ -976,6 +976,11 @@ static int networkShutdownNetworkDaemon(
+@@ -1042,6 +1042,11 @@ static int networkShutdownNetworkDaemon(
unlink(stateFile);
VIR_FREE(stateFile);
@@ -176,7 +176,7 @@
if (network->dnsmasqPid > 0)
kill(network->dnsmasqPid, SIGTERM);
-@@ -1432,6 +1437,12 @@ static int networkSetAutostart(virNetwor
+@@ -1498,6 +1503,12 @@ static int networkSetAutostart(virNetwor
goto cleanup;
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org