[PATCH for-5.0?] slirp: update to fix CVE-2020-1983

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [PATCH for-5.0?] slirp: update to fix CVE-2020-1983
@ 2020-04-21 17:02 Marc-André Lureau
  2020-04-21 19:19 ` Peter Maydell
  0 siblings, 1 reply; 3+ messages in thread
From: Marc-André Lureau @ 2020-04-21 17:02 UTC (permalink / raw)
  To: qemu-devel; +Cc: samuel.thibault, philmd, Marc-André Lureau

This is an update on the stable-4.2 branch of libslirp.git:

git shortlog 55ab21c9a3..2faae0f778f81

Marc-André Lureau (1):
      Fix use-afte-free in ip_reass() (CVE-2020-1983)

CVE-2020-1983 is actually a follow up fix for commit
126c04acbabd7ad32c2b018fe10dfac2a3bc1210 ("Fix heap overflow in
ip_reass on big packet input") which was was included in qemu
v4.1 (commit e1a4a24d262ba5ac74ea1795adb3ab1cd574c7fb "slirp: update
with CVE-2019-14378 fix").

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
 slirp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/slirp b/slirp
index 55ab21c9a36..2faae0f778f 160000
--- a/slirp
+++ b/slirp
@@ -1 +1 @@
-Subproject commit 55ab21c9a36852915b81f1b41ebaf3b6509dd8ba
+Subproject commit 2faae0f778f818fadc873308f983289df697eb93
-- 
2.26.0.106.g9fadedd637



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH for-5.0?] slirp: update to fix CVE-2020-1983
  2020-04-21 17:02 [PATCH for-5.0?] slirp: update to fix CVE-2020-1983 Marc-André Lureau
@ 2020-04-21 19:19 ` Peter Maydell
  2020-04-22 12:47   ` Peter Maydell
  0 siblings, 1 reply; 3+ messages in thread
From: Peter Maydell @ 2020-04-21 19:19 UTC (permalink / raw)
  To: Marc-André Lureau
  Cc: Samuel Thibault, Philippe Mathieu-Daudé, QEMU Developers

On Tue, 21 Apr 2020 at 18:03, Marc-André Lureau
<marcandre.lureau@redhat.com> wrote:
>
> This is an update on the stable-4.2 branch of libslirp.git:
>
> git shortlog 55ab21c9a3..2faae0f778f81
>
> Marc-André Lureau (1):
>       Fix use-afte-free in ip_reass() (CVE-2020-1983)
>
> CVE-2020-1983 is actually a follow up fix for commit
> 126c04acbabd7ad32c2b018fe10dfac2a3bc1210 ("Fix heap overflow in
> ip_reass on big packet input") which was was included in qemu
> v4.1 (commit e1a4a24d262ba5ac74ea1795adb3ab1cd574c7fb "slirp: update
> with CVE-2019-14378 fix").
>
> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Hi; thanks for putting together this stable-branch update.
I've run it through my test setup and it's fine; I'm just
going to wait a little until I push it to master just in case
anybody wants to speak up with an opinion/objection.
I'll do that tomorrow afternoon UK time and then tag rc4.

thanks
-- PMM


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH for-5.0?] slirp: update to fix CVE-2020-1983
  2020-04-21 19:19 ` Peter Maydell
@ 2020-04-22 12:47   ` Peter Maydell
  0 siblings, 0 replies; 3+ messages in thread
From: Peter Maydell @ 2020-04-22 12:47 UTC (permalink / raw)
  To: Marc-André Lureau
  Cc: Samuel Thibault, Philippe Mathieu-Daudé, QEMU Developers

On Tue, 21 Apr 2020 at 20:19, Peter Maydell <peter.maydell@linaro.org> wrote:
>
> On Tue, 21 Apr 2020 at 18:03, Marc-André Lureau
> <marcandre.lureau@redhat.com> wrote:
> >
> > This is an update on the stable-4.2 branch of libslirp.git:
> >
> > git shortlog 55ab21c9a3..2faae0f778f81
> >
> > Marc-André Lureau (1):
> >       Fix use-afte-free in ip_reass() (CVE-2020-1983)
> >
> > CVE-2020-1983 is actually a follow up fix for commit
> > 126c04acbabd7ad32c2b018fe10dfac2a3bc1210 ("Fix heap overflow in
> > ip_reass on big packet input") which was was included in qemu
> > v4.1 (commit e1a4a24d262ba5ac74ea1795adb3ab1cd574c7fb "slirp: update
> > with CVE-2019-14378 fix").
> >
> > Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
>
> Hi; thanks for putting together this stable-branch update.
> I've run it through my test setup and it's fine; I'm just
> going to wait a little until I push it to master just in case
> anybody wants to speak up with an opinion/objection.
> I'll do that tomorrow afternoon UK time and then tag rc4.

Now applied to master, thanks.

-- PMM


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2020-04-22 12:49 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-04-21 17:02 [PATCH for-5.0?] slirp: update to fix CVE-2020-1983 Marc-André Lureau
2020-04-21 19:19 ` Peter Maydell
2020-04-22 12:47   ` Peter Maydell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).