summaryrefslogtreecommitdiffstats
path: root/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
diff options
context:
space:
mode:
Diffstat (limited to 'external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch')
-rw-r--r--external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch41
1 files changed, 0 insertions, 41 deletions
diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
deleted file mode 100644
index 576f46c7..00000000
--- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 5441f05a42a90779b0df86518286bf527e94aafb Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
-Date: Fri, 14 Jun 2019 09:16:14 +0200
-Subject: [PATCH 10/11] api: disallow virConnectGetDomainCapabilities on
- read-only connections
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This API can be used to execute arbitrary emulators.
-Forbid it on read-only connections.
-
-Fixes: CVE-2019-10167
-Signed-off-by: Ján Tomko <jtomko@redhat.com>
-Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-(cherry picked from commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26)
-Signed-off-by: Ján Tomko <jtomko@redhat.com>
-
-Upstream-Status: Backport
-CVE: CVE-2019-10167
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- src/libvirt-domain.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
-index 5c764aa..9862a5d 100644
---- a/src/libvirt-domain.c
-+++ b/src/libvirt-domain.c
-@@ -11274,6 +11274,7 @@ virConnectGetDomainCapabilities(virConnectPtr conn,
- virResetLastError();
-
- virCheckConnectReturn(conn, NULL);
-+ virCheckReadOnlyGoto(conn->flags, error);
-
- if (conn->driver->connectGetDomainCapabilities) {
- char *ret;
---
-2.7.4
-