aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrancesco Colista <fcolista@alpinelinux.org>2019-07-03 14:22:00 +0000
committerFrancesco Colista <fcolista@alpinelinux.org>2019-07-03 14:22:00 +0000
commit011b9d5c5ae0af504ab1bb28a042d56676636a00 (patch)
treeec56de6e00c853a259d4d67d4fc5600d52c86dea
parent00c3f0f4eb9d3c23ff8cde84d3086c07b6eb16bf (diff)
downloadaports-011b9d5c5ae0af504ab1bb28a042d56676636a00.tar.bz2
aports-011b9d5c5ae0af504ab1bb28a042d56676636a00.tar.xz
main/libvirt: security upgrade
-rw-r--r--main/libvirt/APKBUILD15
-rw-r--r--main/libvirt/CVE-2019-3840.patch42
-rw-r--r--main/libvirt/musl-stderr.patch14
3 files changed, 24 insertions, 47 deletions
diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD
index 2e71831cfa..80674edae6 100644
--- a/main/libvirt/APKBUILD
+++ b/main/libvirt/APKBUILD
@@ -1,8 +1,8 @@
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=libvirt
-pkgver=4.10.0
+pkgver=5.5.0
_ver="${pkgver/_rc/-rc}"
-pkgrel=3
+pkgrel=0
pkgdesc="A virtualization API for several hypervisor and container systems"
url="http://libvirt.org/"
arch="all"
@@ -30,7 +30,7 @@ source="https://libvirt.org/sources/$pkgname-$pkgver.tar.xz
virtlogd.initd
virtlockd.initd
musl-fix-includes.patch
- CVE-2019-3840.patch
+ musl-stderr.patch
"
if [ "$CARCH" = "x86_64" ]; then
@@ -44,6 +44,11 @@ builddir="$srcdir"/$pkgname-$pkgver
# secfixes:
# 4.10.0-r2:
# - CVE-2019-3840
+# 5.5.0-r0:
+# - CVE-2019-10161
+# - CVE-2019-10166
+# - CVE-2019-10167
+# - CVE-2019-10168
build() {
cd "$builddir"
@@ -177,10 +182,10 @@ _common_drivers() {
"$subpkgdir"/etc/libvirt/
}
-sha512sums="a4f97aed6299c7954518ab88738ab781cee0755bfd64094a44468f77f99cac5eb2bc74ecd6aec90177317606ebd073292f5b5d0056054d1d94973fa938589fbd libvirt-4.10.0.tar.xz
+sha512sums="47923aaca605fb43a53238ac535abc1f88f73435336b8f3e88cb01df277ed205d99c586991e523aa32b50c832a0a7c949ab5f84dc78eb8d18a4951cfc791448d libvirt-5.5.0.tar.xz
9aba6ab73219a635c64a340ee8887356e644445c9128734cbce73f5d54778378da2f10a190365ad88a7db8bc95b1fb17f0c6ca41fc41bb786c09e1afe84d65dc libvirt.confd
734afb83b7a4703dd238f1d89dbc853a8c73bcf1994af648c41ab01ae4088e5c7a423f0cb91e5e31f2ae5e60c66d08a6e1583a1e3b88bb5554e0f9fd15ecc15c libvirt.initd
36b85f473d292be8df415256d01a562131d8ae61450ba3893658090a12d589ca32215382f56f286a830b4e59ffd98fbe1d92004f2ce14ca0834451b943cd8f2f virtlogd.initd
a4c4d26e4111931acbe7594451bf963a36c8db33c64b1bc447ab4758bb92803510bebee0511d6bc16ba80c289ab6f87e74377d47bf560412f9adb9c161a206d9 virtlockd.initd
dfe042c596028125bf8548115de2922683829c4716f6b0efb8efc38518670e3e848481661b9714bb0664c1022b87e8f3c0773611fe10187b0bc588e2336ada0c musl-fix-includes.patch
-4ce674defc6da9f1da7d238a7727ea4058e3b10798dfdd9df606de777871cf3ab688acfba952cbdaa59c417928aed0e560c29d6a5965ceb72f47085aad83f251 CVE-2019-3840.patch"
+a583c5981cda7fe2c17b5c7d4262399debea3e273124c43590cff029ce8d93868836ec1fe45d5776cd7ff26e31df577828e8541af56801a2b75eaa8f179cfc13 musl-stderr.patch"
diff --git a/main/libvirt/CVE-2019-3840.patch b/main/libvirt/CVE-2019-3840.patch
deleted file mode 100644
index 2f6018f2de..0000000000
--- a/main/libvirt/CVE-2019-3840.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 7cfd1fbb1332ae5df678b9f41a62156cb2e88c73 Mon Sep 17 00:00:00 2001
-From: =?utf8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
-Date: Fri, 4 Jan 2019 10:17:46 +0100
-Subject: [PATCH] qemu: require reply from guest agent in qemuAgentGetInterfaces
-MIME-Version: 1.0
-Content-Type: text/plain; charset=utf8
-Content-Transfer-Encoding: 8bit
-
-Since its introduction in commit 0977b8aa071 (released in v1.2.14)
-qemuAgentGetInterfaces calls qemuAgentCommand with needReply=false,
-which allows qemuAgentCommand to return 0 even when it did not get
-any reply from the agent.
-
-Set needReply to true, since we dereference it right after.
-
-This can be hit if libvirt is waiting for an event from the agent
-(e.g. shutdown) and the agent cannot reply in time (e.g. due to
-the guest being shut down), as reported in:
-https://bugzilla.redhat.com/show_bug.cgi?id=1663051
-
-Signed-off-by: Ján Tomko <jtomko@redhat.com>
-Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
----
- src/qemu/qemu_agent.c | 2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
-index 0f4dae3..80b789b 100644
---- a/src/qemu/qemu_agent.c
-+++ b/src/qemu/qemu_agent.c
-@@ -2043,7 +2043,7 @@ qemuAgentGetInterfaces(qemuAgentPtr mon,
- if (!(cmd = qemuAgentMakeCommand("guest-network-get-interfaces", NULL)))
- goto cleanup;
-
-- if (qemuAgentCommand(mon, cmd, &reply, false,
-+ if (qemuAgentCommand(mon, cmd, &reply, true,
- VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0)
- goto cleanup;
-
---
-1.7.1
-
diff --git a/main/libvirt/musl-stderr.patch b/main/libvirt/musl-stderr.patch
new file mode 100644
index 0000000000..c30017f793
--- /dev/null
+++ b/main/libvirt/musl-stderr.patch
@@ -0,0 +1,14 @@
+--- a/src/qemu/qemu_process.c 2019-03-07 18:52:23.722271821 +0100
++++ b/src/qemu/qemu_process.c 2019-03-07 18:53:53.129064501 +0100
+@@ -92,6 +92,10 @@
+
+ VIR_LOG_INIT("qemu.qemu_process");
+
++#ifdef stderr
++# undef stderr
++#endif
++
+ /**
+ * qemuProcessRemoveDomainStatus
+ *
+