diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2013-05-17 07:03:25 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2013-05-17 07:04:18 +0000 |
commit | 4628047e00483e7cd428cfe876de11334905df70 (patch) | |
tree | 7bf00a719b41735f40c1d6a3554f4e42a8686676 /main/libvirt | |
parent | b05d0f7c6103d70d11b5e1cef74c8e7011541d14 (diff) | |
download | aports-4628047e00483e7cd428cfe876de11334905df70.tar.bz2 aports-4628047e00483e7cd428cfe876de11334905df70.tar.xz |
Security fix for CVE-2013-1962. Fixes #1892
Diffstat (limited to 'main/libvirt')
-rw-r--r-- | main/libvirt/APKBUILD | 12 | ||||
-rw-r--r-- | main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch | 33 |
2 files changed, 41 insertions, 4 deletions
diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD index 17267345a..e1cca4fbd 100644 --- a/main/libvirt/APKBUILD +++ b/main/libvirt/APKBUILD @@ -2,7 +2,7 @@ pkgname=libvirt pkgver=1.0.5 _ver="${pkgver/_rc/-rc}" -pkgrel=0 +pkgrel=1 pkgdesc="A virtualization API for several hypervisor and container systems" url="http://libvirt.org/" arch="all" @@ -20,6 +20,7 @@ source="http://libvirt.org/sources/$pkgname-$pkgver.tar.gz libvirt.confd libvirt.initd uclibc-physmem.patch + remoteDispatchStoragePoolListAllVolumes.patch " if [ "$ALPINE_LIBC" != "eglibc" ]; then @@ -142,12 +143,15 @@ uml() { md5sums="91c4145f49bcf92e89470fa3fb28fff6 libvirt-1.0.5.tar.gz 1c84a7baeafe0a7f4e9d7ae5180311b7 libvirt.confd d897df38c7e7fa1a297aa551108633c9 libvirt.initd -df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch" +df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch +25d31e5965f90ac8c50483305d5f3d12 remoteDispatchStoragePoolListAllVolumes.patch" sha256sums="337f1cd6611462b6e3cdf94541c49477df678074321fb7923274e4e30398209f libvirt-1.0.5.tar.gz 851ab3f9678f0fa9c3ee03f7fc7bd00c4ee86d5f0777eecf9eb1ffe3243adfd1 libvirt.confd e9fad203434ffaa6afe524e42a9fb6594edad61cb02b1ca60a68d1a7fe0c31ab libvirt.initd -807005a8669b7396c9af43ddb2534bb0f073f1e97a5c8b1d9eefc1949f3c2df8 uclibc-physmem.patch" +807005a8669b7396c9af43ddb2534bb0f073f1e97a5c8b1d9eefc1949f3c2df8 uclibc-physmem.patch +de912a18bcf62a11b4c7e25c13f42d3f10d5f6597bd2787cb20a97b7af39dfc0 remoteDispatchStoragePoolListAllVolumes.patch" sha512sums="ee069f6047bad26b59cc14f7811725801d96525e7943e7abc31d33d256c77ae6024cf5ff841af9441a6853a3c24ba6aa5e0f437dcf2c5b2cfe860364b01719fc libvirt-1.0.5.tar.gz 9aba6ab73219a635c64a340ee8887356e644445c9128734cbce73f5d54778378da2f10a190365ad88a7db8bc95b1fb17f0c6ca41fc41bb786c09e1afe84d65dc libvirt.confd f48c97f93ef4509a86eda6200b3aae5b2c0c6263403bde933b770fd62240dca27bc439bd29b440ea6a47c8337f8b4511230ed915cb5ff54d9a1cf311863f6fa1 libvirt.initd -4c885e72dcb11f8523a267917315d4874812eee289fb00075334c1728d0da9bd0e5db6c52d6e3c39bd3fe66d5ccadf9e26ec9dcaa855397e211b9bd1173ac72d uclibc-physmem.patch" +4c885e72dcb11f8523a267917315d4874812eee289fb00075334c1728d0da9bd0e5db6c52d6e3c39bd3fe66d5ccadf9e26ec9dcaa855397e211b9bd1173ac72d uclibc-physmem.patch +cd31b3a68fe29f7e506068806f2854902319d0fd4506c02da39a8e4d29eec7fd18a7a4ea2ee85be64ef3795cb199446ad0d2f342d5e7995bb48f0a4cd7ec925a remoteDispatchStoragePoolListAllVolumes.patch" diff --git a/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch b/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch new file mode 100644 index 000000000..86de595df --- /dev/null +++ b/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch @@ -0,0 +1,33 @@ +From 08e817e91f44f947f8945115302100500b51ae22 Mon Sep 17 00:00:00 2001 +Message-Id: <08e817e91f44f947f8945115302100500b51ae22.1366126535.git.jtomko@redhat.com> +From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> +Date: Fri, 12 Apr 2013 17:30:56 +0200 +Subject: [PATCH] daemon: fix leak after listing all volumes +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf-8 +Content-Transfer-Encoding: 8bit + +remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool. +The pool also held a reference to the connection, preventing it from +getting freed and closing the netcf interface driver, which held two +sockets open. +--- + daemon/remote.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/daemon/remote.c b/daemon/remote.c +index 45c50f3..37f998f 100644 +--- a/daemon/remote.c ++++ b/daemon/remote.c +@@ -4229,6 +4229,8 @@ cleanup: + virStorageVolFree(vols[i]); + VIR_FREE(vols); + } ++ if (pool) ++ virStoragePoolFree(pool); + return rv; + } + +-- +1.8.1.5 + |