c/pve-qemu-qoup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
138 Commits 3 Branches 0 Tags 4.1 MiB
Makefile 100%
284d3b2cab
Go to file
Oguz Bektas 284d3b2cab security patches for libslirp CVE-2020-8608 
original commits and email can be found here[0]

A out-of-bounds heap buffer access issue was found in the SLiRP
networking implementation of the QEMU emulator. It occurs in tcp_emu()
routine while emulating IRC and other protocols due to unsafe usage of
snprintf(3) function.

A user/process could use this flaw to crash the Qemu process on the host
resulting in DoS or potentially execute arbitrary code with privileges
of the QEMU process on the host.

[0]: https://seclists.org/oss-sec/2020/q1/64

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-06 15:17:29 +01:00
debian security patches for libslirp CVE-2020-8608 2020-03-06 15:17:29 +01:00
keycodemapdb bump version to 3.0.0-1 2018-09-07 14:52:23 +02:00
qemu@99c5874a9b Update and rebase to QEMU 4.1.1 2019-11-21 07:59:09 +01:00
.gitmodules import stable-4 build files 2017-04-05 11:39:09 +02:00
backup.txt correct link to vma spec to new repository url 2020-01-14 11:18:52 +01:00
Makefile fix qemu PKGVERSION 2019-07-02 13:32:06 +02:00
vma_spec.txt import stable-4 build files 2017-04-05 11:39:09 +02:00