From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1JZ874-00072S-IP
	for qemu-devel@nongnu.org; Tue, 11 Mar 2008 13:18:06 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1JZ872-00072C-Vm
	for qemu-devel@nongnu.org; Tue, 11 Mar 2008 13:18:05 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1JZ872-000729-QG
	for qemu-devel@nongnu.org; Tue, 11 Mar 2008 13:18:04 -0400
Received: from savannah.gnu.org ([199.232.41.3] helo=sv.gnu.org)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <aurelien@aurel32.net>)
	id 1JZ872-00083y-LU
	for qemu-devel@nongnu.org; Tue, 11 Mar 2008 13:18:04 -0400
Received: from cvs.savannah.gnu.org ([199.232.41.69])
	by sv.gnu.org with esmtp (Exim 4.63)
	(envelope-from <aurelien@aurel32.net>) id 1JZ86y-0004mT-07
	for qemu-devel@nongnu.org; Tue, 11 Mar 2008 17:18:00 +0000
Received: from aurel32 by cvs.savannah.gnu.org with local (Exim 4.63)
	(envelope-from <aurel32@savannah.gnu.org>) id 1JZ86x-0004mP-EW
	for qemu-devel@nongnu.org; Tue, 11 Mar 2008 17:17:59 +0000
Message-Id: <E1JZ86x-0004mP-EW@cvs.savannah.gnu.org>
From: Aurelien Jarno <aurelien@aurel32.net>
Date: Tue, 11 Mar 2008 17:17:59 +0000
Subject: [Qemu-devel] qemu block-qcow.c block-qcow2.c block-vmdk.c bl...
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

CVSROOT:	/sources/qemu
Module name:	qemu
Changes by:	Aurelien Jarno <aurel32>	08/03/11 17:17:59

Modified files:
	.              : block-qcow.c block-qcow2.c block-vmdk.c block.c 
	                 block.h block_int.h 

Log message:
	Fix CVE-2008-0928 - insufficient block device address range checking
	
	Qemu 0.9.1 and earlier does not perform range checks for block device
	read or write requests, which allows guest host users with root
	privileges to access arbitrary memory and escape the virtual machine.

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/qemu/block-qcow.c?cvsroot=qemu&r1=1.15&r2=1.16
http://cvs.savannah.gnu.org/viewcvs/qemu/block-qcow2.c?cvsroot=qemu&r1=1.10&r2=1.11
http://cvs.savannah.gnu.org/viewcvs/qemu/block-vmdk.c?cvsroot=qemu&r1=1.19&r2=1.20
http://cvs.savannah.gnu.org/viewcvs/qemu/block.c?cvsroot=qemu&r1=1.54&r2=1.55
http://cvs.savannah.gnu.org/viewcvs/qemu/block.h?cvsroot=qemu&r1=1.6&r2=1.7
http://cvs.savannah.gnu.org/viewcvs/qemu/block_int.h?cvsroot=qemu&r1=1.16&r2=1.17