main/qemu: upgrade to 1.6.2 and security fix CVE-2014-0150

fixes #2902

2 files changed, 24 insertions, 4 deletions

diff --git a/main/qemu/APKBUILD b/main/qemu/APKBUILD
index ad5b734801..1d1d8b9eae 100644
--- a/main/qemu/APKBUILD
+++ b/main/qemu/APKBUILD
@@ -1,6 +1,6 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=qemu
-pkgver=1.6.1
+pkgver=1.6.2
 pkgrel=0
 pkgdesc="QEMU is a generic machine emulator and virtualizer"
 url="http://qemu.org/"
@@ -72,6 +72,7 @@ $pkgname-guest-agent:guest
 "
 source="http://wiki.qemu-project.org/download/qemu-$pkgver.tar.bz2
 	0001-elfload-load-PIE-executables-to-right-address.patch
+	CVE-2014-0150.patch
 	qemu-guest-agent.confd
 	qemu-guest-agent.initd
 	80-kvm.rules"
@@ -225,18 +226,21 @@ guest() {
 		"$subpkgdir"/etc/conf.d/qemu-guest-agent || return 1
 }
 
-md5sums="3a897d722457c5a895cd6ac79a28fda0  qemu-1.6.1.tar.bz2
+md5sums="d0a75f8acfe2becf33cec040e8be78e8  qemu-1.6.2.tar.bz2
 672727bb1d8c8ab7b5def65dd1793c33  0001-elfload-load-PIE-executables-to-right-address.patch
+99dbe445530aeaa795a4a68aabef6c90  CVE-2014-0150.patch
 1663bc6977f6886a58394155b1bf3676  qemu-guest-agent.confd
 2035cd781ea810e94bda250c609d8d90  qemu-guest-agent.initd
 66660f143235201249dc0648b39b86ee  80-kvm.rules"
-sha256sums="fc736f44aa10478223c881310a7e40fc8386547e9cadf7d01ca4685951605294  qemu-1.6.1.tar.bz2
+sha256sums="65c5196226e73e327377d741d70004d2ea8fb6799080812b6f3ed8f9269e4eb4  qemu-1.6.2.tar.bz2
 af35304b165622a53f7557b59ffd8da5030f5fd444e669c862f9410131f3b987  0001-elfload-load-PIE-executables-to-right-address.patch
+e07581b81a364d5c774f30331b5d9f79e7cbdbecbece21af12ba1674d4f75084  CVE-2014-0150.patch
 d84e53a94584f37f3bd1b21f44077b5de0d07094c6729f26ae20ab1f7b9cc298  qemu-guest-agent.confd
 982fa8ba67c728405305e4cf5a36a41a780b3d1f388ebd6377e7964c271a1c92  qemu-guest-agent.initd
 37f666f1cdb7d8a62171de69b531681dcb0fba74236729dac8b6c019232eba84  80-kvm.rules"
-sha512sums="b8a5a35aa548359db453a74a3ac54be445fe217b1ba553467e7932edc57f45a44fa36f401db767828d875115df2057b46aa939193b61df7e2d05a8ce1739269d  qemu-1.6.1.tar.bz2
+sha512sums="bea8ebfc4b8af23f88ebc0acb2ecfe9d38ec8c8a86a94d7f20d8da21ccdbffe79b3213ad5bac2f5175e4fdc98ad149e82250d2a99f0b5415cace82e776033a64  qemu-1.6.2.tar.bz2
 405008589cad1c8b609eca004d520bf944366e8525f85a19fc6e283c95b84b6c2429822ba064675823ab69f1406a57377266a65021623d1cd581e7db000134fd  0001-elfload-load-PIE-executables-to-right-address.patch
+39630e251954f321419c59a9fce4ab0443e7c3679ed8cb69e8448bf017d2b715f3bb6b45a11bdd9cb1c083a801273b4c0dc9ebfd628f80477064845f9ba200e4  CVE-2014-0150.patch
 d90c034cae3f9097466854ed1a9f32ab4b02089fcdf7320e8f4da13b2b1ff65067233f48809911485e4431d7ec1a22448b934121bc9522a2dc489009e87e2b1f  qemu-guest-agent.confd
 761b4e2397569dae45ae3bb9e46e28746275297f629af9e9065525497fd26a48b65d8abcf4282727afd35309e338967acf6a1b14c3169577bdc16c1f42e618b3  qemu-guest-agent.initd
 9b7a89b20fcf737832cb7b4d5dc7d8301dd88169cbe5339eda69fbb51c2e537d8cb9ec7cf37600899e734209e63410d50d0821bce97e401421db39c294d97be2  80-kvm.rules"
diff --git a/main/qemu/CVE-2014-0150.patch b/main/qemu/CVE-2014-0150.patch
new file mode 100644
index 0000000000..d941e5fa2d
--- /dev/null
+++ b/main/qemu/CVE-2014-0150.patch
@@ -0,0 +1,16 @@
+diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
+index 5320aab..a42d241 100644
+--- a/hw/net/virtio-net.c
++++ b/hw/net/virtio-net.c
+ <at>  <at>  -655,7 +655,7  <at>  <at>  static int virtio_net_handle_mac(VirtIONet *n,
+uint8_t cmd,
+         goto error;
+     }
+
+-    if (n->mac_table.in_use + mac_data.entries <= MAC_TABLE_ENTRIES) {
++    if (mac_data.entries <= MAC_TABLE_ENTRIES - n->mac_table.in_use) {
+         s = iov_to_buf(iov, iov_cnt, 0, n->mac_table.macs,
+                        mac_data.entries * ETH_ALEN);
+         if (s != mac_data.entries * ETH_ALEN) {
+
+--