summaryrefslogtreecommitdiffstats
path: root/main/libvirt
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2013-05-17 07:03:25 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2013-05-17 07:04:18 +0000
commit4628047e00483e7cd428cfe876de11334905df70 (patch)
tree7bf00a719b41735f40c1d6a3554f4e42a8686676 /main/libvirt
parentb05d0f7c6103d70d11b5e1cef74c8e7011541d14 (diff)
downloadaports-4628047e00483e7cd428cfe876de11334905df70.tar.bz2
aports-4628047e00483e7cd428cfe876de11334905df70.tar.xz
Security fix for CVE-2013-1962. Fixes #1892
Diffstat (limited to 'main/libvirt')
-rw-r--r--main/libvirt/APKBUILD12
-rw-r--r--main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch33
2 files changed, 41 insertions, 4 deletions
diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD
index 17267345a..e1cca4fbd 100644
--- a/main/libvirt/APKBUILD
+++ b/main/libvirt/APKBUILD
@@ -2,7 +2,7 @@
pkgname=libvirt
pkgver=1.0.5
_ver="${pkgver/_rc/-rc}"
-pkgrel=0
+pkgrel=1
pkgdesc="A virtualization API for several hypervisor and container systems"
url="http://libvirt.org/"
arch="all"
@@ -20,6 +20,7 @@ source="http://libvirt.org/sources/$pkgname-$pkgver.tar.gz
libvirt.confd
libvirt.initd
uclibc-physmem.patch
+ remoteDispatchStoragePoolListAllVolumes.patch
"
if [ "$ALPINE_LIBC" != "eglibc" ]; then
@@ -142,12 +143,15 @@ uml() {
md5sums="91c4145f49bcf92e89470fa3fb28fff6 libvirt-1.0.5.tar.gz
1c84a7baeafe0a7f4e9d7ae5180311b7 libvirt.confd
d897df38c7e7fa1a297aa551108633c9 libvirt.initd
-df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch"
+df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch
+25d31e5965f90ac8c50483305d5f3d12 remoteDispatchStoragePoolListAllVolumes.patch"
sha256sums="337f1cd6611462b6e3cdf94541c49477df678074321fb7923274e4e30398209f libvirt-1.0.5.tar.gz
851ab3f9678f0fa9c3ee03f7fc7bd00c4ee86d5f0777eecf9eb1ffe3243adfd1 libvirt.confd
e9fad203434ffaa6afe524e42a9fb6594edad61cb02b1ca60a68d1a7fe0c31ab libvirt.initd
-807005a8669b7396c9af43ddb2534bb0f073f1e97a5c8b1d9eefc1949f3c2df8 uclibc-physmem.patch"
+807005a8669b7396c9af43ddb2534bb0f073f1e97a5c8b1d9eefc1949f3c2df8 uclibc-physmem.patch
+de912a18bcf62a11b4c7e25c13f42d3f10d5f6597bd2787cb20a97b7af39dfc0 remoteDispatchStoragePoolListAllVolumes.patch"
sha512sums="ee069f6047bad26b59cc14f7811725801d96525e7943e7abc31d33d256c77ae6024cf5ff841af9441a6853a3c24ba6aa5e0f437dcf2c5b2cfe860364b01719fc libvirt-1.0.5.tar.gz
9aba6ab73219a635c64a340ee8887356e644445c9128734cbce73f5d54778378da2f10a190365ad88a7db8bc95b1fb17f0c6ca41fc41bb786c09e1afe84d65dc libvirt.confd
f48c97f93ef4509a86eda6200b3aae5b2c0c6263403bde933b770fd62240dca27bc439bd29b440ea6a47c8337f8b4511230ed915cb5ff54d9a1cf311863f6fa1 libvirt.initd
-4c885e72dcb11f8523a267917315d4874812eee289fb00075334c1728d0da9bd0e5db6c52d6e3c39bd3fe66d5ccadf9e26ec9dcaa855397e211b9bd1173ac72d uclibc-physmem.patch"
+4c885e72dcb11f8523a267917315d4874812eee289fb00075334c1728d0da9bd0e5db6c52d6e3c39bd3fe66d5ccadf9e26ec9dcaa855397e211b9bd1173ac72d uclibc-physmem.patch
+cd31b3a68fe29f7e506068806f2854902319d0fd4506c02da39a8e4d29eec7fd18a7a4ea2ee85be64ef3795cb199446ad0d2f342d5e7995bb48f0a4cd7ec925a remoteDispatchStoragePoolListAllVolumes.patch"
diff --git a/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch b/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch
new file mode 100644
index 000000000..86de595df
--- /dev/null
+++ b/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch
@@ -0,0 +1,33 @@
+From 08e817e91f44f947f8945115302100500b51ae22 Mon Sep 17 00:00:00 2001
+Message-Id: <08e817e91f44f947f8945115302100500b51ae22.1366126535.git.jtomko@redhat.com>
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 12 Apr 2013 17:30:56 +0200
+Subject: [PATCH] daemon: fix leak after listing all volumes
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: 8bit
+
+remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
+The pool also held a reference to the connection, preventing it from
+getting freed and closing the netcf interface driver, which held two
+sockets open.
+---
+ daemon/remote.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index 45c50f3..37f998f 100644
+--- a/daemon/remote.c
++++ b/daemon/remote.c
+@@ -4229,6 +4229,8 @@ cleanup:
+ virStorageVolFree(vols[i]);
+ VIR_FREE(vols);
+ }
++ if (pool)
++ virStoragePoolFree(pool);
+ return rv;
+ }
+
+--
+1.8.1.5
+