From: Adam Osuchowski Date: Thu, 28 Mar 2019 12:55:34 +0000 (+0100) Subject: - CVE-2018-20815 fix X-Git-Tag: auto/th/qemu-4.0.0-1~1 X-Git-Url: http://git.pld-linux.org/gitweb.cgi?a=commitdiff_plain;h=d60e942007553c4d766342168f8b64c7b14e6af7;p=packages%2Fqemu.git - CVE-2018-20815 fix --- diff --git a/qemu-CVE-2018-20815.patch b/qemu-CVE-2018-20815.patch new file mode 100644 index 0000000..430ac3c --- /dev/null +++ b/qemu-CVE-2018-20815.patch @@ -0,0 +1,13 @@ +diff --git a/device_tree.c b/device_tree.c +index 6d9c972..296278e 100644 +--- a/device_tree.c ++++ b/device_tree.c +@@ -91,7 +91,7 @@ void *load_device_tree(const char *filename_path, int *sizep) + /* First allocate space in qemu for device tree */ + fdt = g_malloc0(dt_size); + +- dt_file_load_size = load_image(filename_path, fdt); ++ dt_file_load_size = load_image_size(filename_path, fdt, dt_size); + if (dt_file_load_size < 0) { + error_report("Unable to open device tree file '%s'", + filename_path); diff --git a/qemu.spec b/qemu.spec index d1b2766..98eb35a 100644 --- a/qemu.spec +++ b/qemu.spec @@ -60,6 +60,7 @@ Patch2: %{name}-user-execve.patch Patch3: %{name}-xattr.patch Patch4: libjpeg-boolean.patch Patch5: x32.patch +Patch6: %{name}-CVE-2018-20815.patch URL: http://www.qemu-project.org/ %{?with_gl:BuildRequires: OpenGL-GLX-devel} %{?with_gl:BuildRequires: OpenGL-devel} @@ -828,6 +829,7 @@ Moduł QEMU dla urządeń blokowych typu 'ssh'. %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 # workaround for conflict with alsa/error.h ln -s ../error.h qapi/error.h