diff options
Diffstat (limited to 'external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch')
-rw-r--r-- | external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch | 43 |
1 files changed, 0 insertions, 43 deletions
diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch deleted file mode 100644 index 12ab5436..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 6da721ea37bf3624ff9922637cfa657d2dcb20f9 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> -Date: Fri, 14 Jun 2019 09:14:53 +0200 -Subject: [PATCH 09/11] api: disallow virDomainManagedSaveDefineXML on - read-only connections -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The virDomainManagedSaveDefineXML can be used to alter the domain's -config used for managedsave or even execute arbitrary emulator binaries. -Forbid it on read-only connections. - -Fixes: CVE-2019-10166 -Reported-by: Matthias Gerstner <mgerstner@suse.de> -Signed-off-by: Ján Tomko <jtomko@redhat.com> -Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a) -Signed-off-by: Ján Tomko <jtomko@redhat.com> - -Upstream-Status: Backport -CVE: CVE-2019-10166 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/libvirt-domain.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c -index 270e10e..5c764aa 100644 ---- a/src/libvirt-domain.c -+++ b/src/libvirt-domain.c -@@ -9482,6 +9482,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml, - - virCheckDomainReturn(domain, -1); - conn = domain->conn; -+ virCheckReadOnlyGoto(conn->flags, error); - - if (conn->driver->domainManagedSaveDefineXML) { - int ret; --- -2.7.4 - |