From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:50710)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kraxel@redhat.com>) id 1YdJMj-0001rc-2k
	for qemu-devel@nongnu.org; Wed, 01 Apr 2015 10:11:33 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <kraxel@redhat.com>) id 1YdJMd-0002CX-Uc
	for qemu-devel@nongnu.org; Wed, 01 Apr 2015 10:11:33 -0400
Received: from mx1.redhat.com ([209.132.183.28]:53403)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kraxel@redhat.com>) id 1YdJMd-0002C2-Nn
	for qemu-devel@nongnu.org; Wed, 01 Apr 2015 10:11:27 -0400
Received: from int-mx09.intmail.prod.int.phx2.redhat.com
	(int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id t31EBRKc027520
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256
	verify=FAIL)
	for <qemu-devel@nongnu.org>; Wed, 1 Apr 2015 10:11:27 -0400
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed,  1 Apr 2015 16:11:13 +0200
Message-Id: <1427897475-26983-1-git-send-email-kraxel@redhat.com>
Subject: [Qemu-devel] [PULL for-2.3 0/2] vnc: fix websocket security issues
	(cve-2015-1779).
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Gerd Hoffmann <kraxel@redhat.com>

  Hi,

$subject says all, here are the cve-2015-1779 fixes for vnc websockets
from Daniel P. Berrange for 2.3-rc2.

please pull,
  Gerd

The following changes since commit 054903a832b865eb5432d79b5c9d1e1ff31b58d7:

  Update version for v2.3.0-rc1 release (2015-03-24 16:34:16 +0000)

are available in the git repository at:

  git://git.kraxel.org/qemu tags/pull-cve-2015-1779-20150401-1

for you to fetch changes up to 9cf222fd4fd3f4d1f959685c061279d0673726cd:

  CVE-2015-1779: limit size of HTTP headers from websockets clients (2015-04-01 15:48:52 +0200)

----------------------------------------------------------------
vnc: fix websocket security issues (cve-2015-1779).

----------------------------------------------------------------
Daniel P. Berrange (2):
      CVE-2015-1779: incrementally decode websocket frames
      CVE-2015-1779: limit size of HTTP headers from websockets clients

 ui/vnc-ws.c | 115 +++++++++++++++++++++++++++++++++++++++++-------------------
 ui/vnc-ws.h |   9 +++--
 ui/vnc.h    |   2 ++
 3 files changed, 88 insertions(+), 38 deletions(-)