Security fix for CVE-2013-1962. Fixes #1892

2 files changed, 41 insertions, 4 deletions

diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD
index 17267345a..e1cca4fbd 100644
--- a/main/libvirt/APKBUILD
+++ b/main/libvirt/APKBUILD
@@ -2,7 +2,7 @@
 pkgname=libvirt
 pkgver=1.0.5
 _ver="${pkgver/_rc/-rc}"
-pkgrel=0
+pkgrel=1
 pkgdesc="A virtualization API for several hypervisor and container systems"
 url="http://libvirt.org/"
 arch="all"
@@ -20,6 +20,7 @@ source="http://libvirt.org/sources/$pkgname-$pkgver.tar.gz
 	libvirt.confd
 	libvirt.initd
 	uclibc-physmem.patch
+	remoteDispatchStoragePoolListAllVolumes.patch
 	"
 
 if [ "$ALPINE_LIBC" != "eglibc" ]; then
@@ -142,12 +143,15 @@ uml() {
 md5sums="91c4145f49bcf92e89470fa3fb28fff6  libvirt-1.0.5.tar.gz
 1c84a7baeafe0a7f4e9d7ae5180311b7  libvirt.confd
 d897df38c7e7fa1a297aa551108633c9  libvirt.initd
-df9cbfaf8a6e520a4822914a300add4d  uclibc-physmem.patch"
+df9cbfaf8a6e520a4822914a300add4d  uclibc-physmem.patch
+25d31e5965f90ac8c50483305d5f3d12  remoteDispatchStoragePoolListAllVolumes.patch"
 sha256sums="337f1cd6611462b6e3cdf94541c49477df678074321fb7923274e4e30398209f  libvirt-1.0.5.tar.gz
 851ab3f9678f0fa9c3ee03f7fc7bd00c4ee86d5f0777eecf9eb1ffe3243adfd1  libvirt.confd
 e9fad203434ffaa6afe524e42a9fb6594edad61cb02b1ca60a68d1a7fe0c31ab  libvirt.initd
-807005a8669b7396c9af43ddb2534bb0f073f1e97a5c8b1d9eefc1949f3c2df8  uclibc-physmem.patch"
+807005a8669b7396c9af43ddb2534bb0f073f1e97a5c8b1d9eefc1949f3c2df8  uclibc-physmem.patch
+de912a18bcf62a11b4c7e25c13f42d3f10d5f6597bd2787cb20a97b7af39dfc0  remoteDispatchStoragePoolListAllVolumes.patch"
 sha512sums="ee069f6047bad26b59cc14f7811725801d96525e7943e7abc31d33d256c77ae6024cf5ff841af9441a6853a3c24ba6aa5e0f437dcf2c5b2cfe860364b01719fc  libvirt-1.0.5.tar.gz
 9aba6ab73219a635c64a340ee8887356e644445c9128734cbce73f5d54778378da2f10a190365ad88a7db8bc95b1fb17f0c6ca41fc41bb786c09e1afe84d65dc  libvirt.confd
 f48c97f93ef4509a86eda6200b3aae5b2c0c6263403bde933b770fd62240dca27bc439bd29b440ea6a47c8337f8b4511230ed915cb5ff54d9a1cf311863f6fa1  libvirt.initd
-4c885e72dcb11f8523a267917315d4874812eee289fb00075334c1728d0da9bd0e5db6c52d6e3c39bd3fe66d5ccadf9e26ec9dcaa855397e211b9bd1173ac72d  uclibc-physmem.patch"
+4c885e72dcb11f8523a267917315d4874812eee289fb00075334c1728d0da9bd0e5db6c52d6e3c39bd3fe66d5ccadf9e26ec9dcaa855397e211b9bd1173ac72d  uclibc-physmem.patch
+cd31b3a68fe29f7e506068806f2854902319d0fd4506c02da39a8e4d29eec7fd18a7a4ea2ee85be64ef3795cb199446ad0d2f342d5e7995bb48f0a4cd7ec925a  remoteDispatchStoragePoolListAllVolumes.patch"
diff --git a/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch b/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch
new file mode 100644
index 000000000..86de595df
--- /dev/null
+++ b/main/libvirt/remoteDispatchStoragePoolListAllVolumes.patch
@@ -0,0 +1,33 @@
+From 08e817e91f44f947f8945115302100500b51ae22 Mon Sep 17 00:00:00 2001
+Message-Id: <08e817e91f44f947f8945115302100500b51ae22.1366126535.git.jtomko@redhat.com>
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 12 Apr 2013 17:30:56 +0200
+Subject: [PATCH] daemon: fix leak after listing all volumes
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: 8bit
+
+remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
+The pool also held a reference to the connection, preventing it from
+getting freed and closing the netcf interface driver, which held two
+sockets open.
+---
+ daemon/remote.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index 45c50f3..37f998f 100644
+--- a/daemon/remote.c
++++ b/daemon/remote.c
+@@ -4229,6 +4229,8 @@ cleanup:
+             virStorageVolFree(vols[i]);
+         VIR_FREE(vols);
+     }
++    if (pool)
++        virStoragePoolFree(pool);
+     return rv;
+ }
+ 
+-- 
+1.8.1.5
+