pve-qemu-qoup/debian/patches/series
Oguz Bektas 284d3b2cab security patches for libslirp CVE-2020-8608
original commits and email can be found here[0]

A out-of-bounds heap buffer access issue was found in the SLiRP
networking implementation of the QEMU emulator. It occurs in tcp_emu()
routine while emulating IRC and other protocols due to unsafe usage of
snprintf(3) function.

A user/process could use this flaw to crash the Qemu process on the host
resulting in DoS or potentially execute arbitrary code with privileges
of the QEMU process on the host.

[0]: https://seclists.org/oss-sec/2020/q1/64

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-06 15:17:29 +01:00

56 lines
3.2 KiB
Plaintext

extra/0001-monitor-qmp-resume-monitor-when-clearing-its-queue.patch
extra/0002-virtio-blk-schedule-virtio_notify_config-to-run-on-m.patch
extra/0003-vnc-fix-memory-leak-when-vnc-disconnect.patch
extra/0004-util-add-slirp_fmt-helpers.patch
extra/0005-tcp_emu-fix-unsafe-snprintf-usages.patch
pve/0001-PVE-Config-block-file-change-locking-default-to-off.patch
pve/0002-PVE-Config-Adjust-network-script-path-to-etc-kvm.patch
pve/0003-PVE-Config-set-the-CPU-model-to-kvm64-32-instead-of-.patch
pve/0004-PVE-Config-ui-spice-default-to-pve-certificates.patch
pve/0005-PVE-Config-smm_available-false.patch
pve/0006-PVE-Config-glusterfs-no-default-logfile-if-daemonize.patch
pve/0007-PVE-Config-rbd-block-rbd-disable-rbd_cache_writethro.patch
pve/0008-PVE-Up-qmp-add-get_link_status.patch
pve/0009-PVE-Up-glusterfs-allow-partial-reads.patch
pve/0010-PVE-Up-qemu-img-return-success-on-info-without-snaps.patch
pve/0011-PVE-Up-qemu-img-dd-add-osize-and-read-from-to-stdin-.patch
pve/0012-PVE-Up-qemu-img-dd-add-isize-parameter.patch
pve/0013-PVE-Up-qemu-img-dd-add-n-skip_create.patch
pve/0014-PVE-virtio-balloon-improve-query-balloon.patch
pve/0015-PVE-qapi-modify-query-machines.patch
pve/0016-PVE-qapi-modify-spice-query.patch
pve/0017-PVE-internal-snapshot-async.patch
pve/0018-PVE-block-add-the-zeroinit-block-driver-filter.patch
pve/0019-PVE-backup-modify-job-api.patch
pve/0020-PVE-backup-introduce-vma-archive-format.patch
pve/0021-PVE-Deprecated-adding-old-vma-files.patch
pve/0022-PVE-vma-add-throttling-options-to-drive-mapping-fifo.patch
pve/0023-PVE-vma-add-cache-option-to-device-map.patch
pve/0024-PVE-vma-remove-forced-NO_FLUSH-option.patch
pve/0025-PVE-Add-dummy-id-command-line-parameter.patch
pve/0026-PVE-Config-Revert-target-i386-disable-LINT0-after-re.patch
pve/0027-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
pve/0028-PVE-savevm-async-kick-AIO-wait-on-block-state-write.patch
pve/0029-PVE-move-snapshot-cleanup-into-bottom-half.patch
pve/0030-PVE-monitor-disable-oob-capability.patch
pve/0031-PVE-bug-fix-1071-vma-writer.c-use-correct-AioContext.patch
pve/0032-qmp_backup-run-backup-related-code-inside-coroutines.patch
pve/0033-qmp_backup-use-a-CoMutex-to-protect-access-to-backup.patch
pve/0034-vma_writer_close-avoid-call-to-aio_poll-acquire-flus.patch
pve/0035-backup_job_create-pass-cluster-size-for-dump.patch
pve/0036-avoid-calling-dump_cb-with-NULL-data-pointer-for-sma.patch
pve/0037-rename-config_to_vma-into-pvebackup_co_add_config.patch
pve/0038-pvebackup_co_dump_cb-do-not-call-job-cancel.patch
pve/0039-fix-backup-job-completion.patch
pve/0040-pvebackup_complete_cb-avoid-poll-loop-if-already-ins.patch
pve/0041-PVE-backup-consider-source-cluster-size-as-well.patch
pve/0042-PVE-fixup-vma-tool.patch
pve/0043-PVE-fixup-blockdev-pvebackup-integration-fix-blockjo.patch
pve/0044-Acquire-aio_context-before-calling-block_job_add_bdr.patch
pve/0045-PVE-Compat-4.0-used-balloon-qemu-4-0-config-size-fal.patch
pve/0046-PVE-Allow-version-code-in-machine-type.patch
pve/0047-PVE-fix-hmp-info-backup-cmd-for-not-initialized-back.patch
pve/0048-PVE-backup-use-separate-CoRwlock-for-data-accessed-b.patch
pve/0049-PVE-backup-block_on_coroutine_wrapper-call-aio_wait.patch
pve/0050-PVE-backup-move-backup_state.cancel-to-backup_state.patch