From: Yann E. MORIN <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 3/4] spice: security bump to version 0.12.8
Date: Thu, 22 Jun 2017 22:28:23 +0200 [thread overview]
Message-ID: <20170622202823.GF3054@scaer> (raw)
In-Reply-To: <20170621220744.18908-4-peter@korsgaard.com>
Peter, All,
On 2017-06-22 00:07 +0200, Peter Korsgaard spake thusly:
> Fixes the following security issues:
>
> CVE-2016-0749: The smartcard interaction in SPICE allows remote attackers to
> cause a denial of service (QEMU-KVM process crash) or possibly execute
> arbitrary code via vectors related to connecting to a guest VM, which
> triggers a heap-based buffer overflow.
>
> CVE-2016-2150: SPICE allows local guest OS users to read from or write to
> arbitrary host memory locations via crafted primary surface parameters, a
> similar issue to CVE-2015-5261.
>
> The pyparsing check has been dropped from configure, and the spice protocol
> definition is again included, so the workarounds can be removed.
All that work for that... :-/
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Regards,
Yann E. MORIN.
> ---
> package/spice/spice.hash | 2 +-
> package/spice/spice.mk | 24 +-----------------------
> 2 files changed, 2 insertions(+), 24 deletions(-)
>
> diff --git a/package/spice/spice.hash b/package/spice/spice.hash
> index 04bd516689..c9b591f41d 100644
> --- a/package/spice/spice.hash
> +++ b/package/spice/spice.hash
> @@ -1,2 +1,2 @@
> # Locally calculated
> -sha256 f148ea30135bf80a4f465ce723a1cd6d4ccb34c098b6298a020b378ace8569b6 spice-0.12.6.tar.bz2
> +sha256 f901a5c5873d61acac84642f9eea5c4d6386fc3e525c2b68792322794e1c407d spice-0.12.8.tar.bz2
> diff --git a/package/spice/spice.mk b/package/spice/spice.mk
> index f1fb46d29c..7b09f39fe7 100644
> --- a/package/spice/spice.mk
> +++ b/package/spice/spice.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -SPICE_VERSION = 0.12.6
> +SPICE_VERSION = 0.12.8
> SPICE_SOURCE = spice-$(SPICE_VERSION).tar.bz2
> SPICE_SITE = http://www.spice-space.org/download/releases
> SPICE_LICENSE = LGPL-2.1+
> @@ -47,28 +47,6 @@ ifeq ($(BR2_PACKAGE_OPUS),y)
> SPICE_DEPENDENCIES += opus
> endif
>
> -# build system uses pkg-config --variable=codegendir spice-protocol which
> -# returns the runtime path rather than build time, so it needs some help
> -SPICE_MAKE_OPTS = CODE_GENERATOR_BASEDIR=$(STAGING_DIR)/usr/lib/spice-protocol
> -SPICE_INSTALL_STAGING_OPTS = $(SPICE_MAKE_OPTS) DESTDIR=$(STAGING_DIR) install
> -SPICE_INSTALL_TARGET_OPTS = $(SPICE_MAKE_OPTS) DESTDIR=$(TARGET_DIR) install
> -
> -# spice uses a number of source files that are generated with python / pyparsing.
> -# The generated files are part of the tarball, so python / pyparsing isn't needed
> -# when building from the tarball, but the configure script gets confused and looks
> -# for the wrong file name to know if it needs to check for python / pyparsing,
> -# so convince it they aren't needed.
> -# It will also regenerate these files if the spice-protocol protocol definition
> -# is newer than the generated files (which it will be when spice-protocol
> -# installs it to staging), so ensure their timestamp is updated to skip this.
> -define SPICE_NO_PYTHON_PYPARSING
> - mkdir -p $(@D)/client
> - touch $(@D)/client/generated_marshallers.cpp
> - touch $(@D)/spice-common/common/generated_*
> -endef
> -
> -SPICE_PRE_CONFIGURE_HOOKS += SPICE_NO_PYTHON_PYPARSING
> -
> # We need to tweak spice.pc because it /forgets/ (for static linking) that
> # it should link against libz and libjpeg. libz is pkg-config-aware, while
> # libjpeg isn't, hence the two-line tweak
> --
> 2.11.0
>
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
next prev parent reply other threads:[~2017-06-22 20:28 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-21 22:07 [Buildroot] [PATCH 0/4] spice: version bump / security bump Peter Korsgaard
2017-06-21 22:07 ` [Buildroot] [PATCH 1/4] spice: bump to version 0.12.5 Peter Korsgaard
2017-06-22 20:24 ` Yann E. MORIN
2017-06-21 22:07 ` [Buildroot] [PATCH 2/4] spice: security bump to version 0.12.6 Peter Korsgaard
2017-06-22 20:27 ` Yann E. MORIN
2017-06-21 22:07 ` [Buildroot] [PATCH 3/4] spice: security bump to version 0.12.8 Peter Korsgaard
2017-06-22 20:28 ` Yann E. MORIN [this message]
2017-06-21 22:07 ` [Buildroot] [PATCH 4/4] spice: add post-0.12.8 upstream security fixes Peter Korsgaard
2017-06-22 20:37 ` Yann E. MORIN
2017-06-22 21:23 ` Peter Korsgaard
2017-06-22 21:26 ` [Buildroot] [PATCH 0/4] spice: version bump / security bump Peter Korsgaard
2017-06-26 12:38 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170622202823.GF3054@scaer \
--to=yann.morin.1998@free.fr \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.