[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 5c843a: slirp: fill error when failing to ini
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] 5c843a: slirp: fill error when failing to initialize user ... |
|
Date: |
Fri, 04 Aug 2017 03:51:14 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 5c843af22604edecda10d4bb89d4eede9e1bd3d0
https://github.com/qemu/qemu/commit/5c843af22604edecda10d4bb89d4eede9e1bd3d0
Author: Hervé Poussineau <address@hidden>
Date: 2017-08-03 (Thu, 03 Aug 2017)
Changed paths:
M net/slirp.c
Log Message:
-----------
slirp: fill error when failing to initialize user network
With "-netdev user,id=net0,dns=1.2.3.4"
error was:
qemu-system-i386: -netdev user,id=net0,dns=1.2.3.4: Device 'user' could not be
initialized
Error is now:
qemu-system-i386: -netdev user,id=net0,dns=1.2.3.4: DNS doesn't belong to
network
Signed-off-by: Hervé Poussineau <address@hidden>
Signed-off-by: Samuel Thibault <address@hidden>
Commit: 413d463f43fbc4dd3a601e80a5724aa384a265a0
https://github.com/qemu/qemu/commit/413d463f43fbc4dd3a601e80a5724aa384a265a0
Author: Prasad J Pandit <address@hidden>
Date: 2017-08-03 (Thu, 03 Aug 2017)
Changed paths:
M slirp/bootp.c
Log Message:
-----------
slirp: check len against dhcp options array end
While parsing dhcp options string in 'dhcp_decode', if an options'
length 'len' appeared towards the end of 'bp_vend' array, ensuing
read could lead to an OOB memory access issue. Add check to avoid it.
This is CVE-2017-11434.
Reported-by: Reno Robert <address@hidden>
Signed-off-by: Prasad J Pandit <address@hidden>
Signed-off-by: Samuel Thibault <address@hidden>
Commit: 413ff8be2fcb5e5c4422f5c1bacdb7e5b5915e5e
https://github.com/qemu/qemu/commit/413ff8be2fcb5e5c4422f5c1bacdb7e5b5915e5e
Author: Peter Maydell <address@hidden>
Date: 2017-08-04 (Fri, 04 Aug 2017)
Changed paths:
M net/slirp.c
M slirp/bootp.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into
staging
slirp updates
# gpg: Signature made Wed 02 Aug 2017 23:27:41 BST
# gpg: using RSA key 0x9E511E01C737F075
# gpg: Good signature from "Samuel Thibault <address@hidden>"
# gpg: aka "Samuel Thibault <address@hidden>"
# gpg: aka "Samuel Thibault <address@hidden>"
# gpg: aka "Samuel Thibault <address@hidden>"
# gpg: aka "Samuel Thibault <address@hidden>"
# gpg: aka "Samuel Thibault <address@hidden>"
# gpg: aka "Samuel Thibault <address@hidden>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 900C B024 B679 31D4 0F82 304B D017 8C76 7D06 9EE6
# Subkey fingerprint: 9A37 3D36 64A8 DC62 DA0A 34FD 9E51 1E01 C737 F075
* remotes/thibault/tags/samuel-thibault:
slirp: check len against dhcp options array end
slirp: fill error when failing to initialize user network
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/aaaec6acad7c...413ff8be2fcb
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 5c843a: slirp: fill error when failing to initialize user ...,
GitHub <=