| Message ID | 1488822850-23070-1-git-send-email-groug@kaod.org |
|---|---|
| State | New |
| Headers | show |
On 06/03/17 17:54, Greg Kurz wrote: > The following changes since commit 56b51708e9e22809d2a78f38d0ac84bb3f3fca92: > > Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.9-20170306' into staging (2017-03-06 13:06:30 +0000) > > are available in the git repository at: > > https://github.com/gkurz/qemu.git tags/fixes-for-2.9 > > for you to fetch changes up to b003fc0d8aa5e7060dbf7e5862b8013c73857c7f: > > 9pfs: fix vulnerability in openat_dir() and local_unlinkat_common() (2017-03-06 17:34:01 +0100) > > ---------------------------------------------------------------- > Fixes issues that got merged with the latest pull request: > - missing O_NOFOLLOW flag for CVE-2016-960 > - build break with older glibc that don't have O_PATH and AT_EMPTY_PATH > - various bugs reported by Coverity > > ---------------------------------------------------------------- > Greg Kurz (6): > 9pfs: fix bogus fd check in local_remove() > 9pfs: fix fd leak in local_opendir() > 9pfs: fail local_statfs() earlier > 9pfs: don't use AT_EMPTY_PATH in local_set_cred_passthrough() > 9pfs: fix O_PATH build break with older glibc versions > 9pfs: fix vulnerability in openat_dir() and local_unlinkat_common() > > hw/9pfs/9p-local.c | 10 +++++++--- > hw/9pfs/9p-util.h | 8 +++++++- > 2 files changed, 14 insertions(+), 4 deletions(-) Greg - just to confirm that I've done a local checkout of the above tag and it fixes the build for me. Thanks for taking the time to sort this one out even though it's an issue caused by an older OS. ATB, Mark.
On 6 March 2017 at 17:54, Greg Kurz <groug@kaod.org> wrote: > The following changes since commit 56b51708e9e22809d2a78f38d0ac84bb3f3fca92: > > Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.9-20170306' into staging (2017-03-06 13:06:30 +0000) > > are available in the git repository at: > > https://github.com/gkurz/qemu.git tags/fixes-for-2.9 > > for you to fetch changes up to b003fc0d8aa5e7060dbf7e5862b8013c73857c7f: > > 9pfs: fix vulnerability in openat_dir() and local_unlinkat_common() (2017-03-06 17:34:01 +0100) > > ---------------------------------------------------------------- > Fixes issues that got merged with the latest pull request: > - missing O_NOFOLLOW flag for CVE-2016-960 > - build break with older glibc that don't have O_PATH and AT_EMPTY_PATH > - various bugs reported by Coverity > > ---------------------------------------------------------------- > Greg Kurz (6): > 9pfs: fix bogus fd check in local_remove() > 9pfs: fix fd leak in local_opendir() > 9pfs: fail local_statfs() earlier > 9pfs: don't use AT_EMPTY_PATH in local_set_cred_passthrough() > 9pfs: fix O_PATH build break with older glibc versions > 9pfs: fix vulnerability in openat_dir() and local_unlinkat_common() > Applied, thanks. -- PMM
The following changes since commit 56b51708e9e22809d2a78f38d0ac84bb3f3fca92: Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-2.9-20170306' into staging (2017-03-06 13:06:30 +0000) are available in the git repository at: https://github.com/gkurz/qemu.git tags/fixes-for-2.9 for you to fetch changes up to b003fc0d8aa5e7060dbf7e5862b8013c73857c7f: 9pfs: fix vulnerability in openat_dir() and local_unlinkat_common() (2017-03-06 17:34:01 +0100) ---------------------------------------------------------------- Fixes issues that got merged with the latest pull request: - missing O_NOFOLLOW flag for CVE-2016-960 - build break with older glibc that don't have O_PATH and AT_EMPTY_PATH - various bugs reported by Coverity ---------------------------------------------------------------- Greg Kurz (6): 9pfs: fix bogus fd check in local_remove() 9pfs: fix fd leak in local_opendir() 9pfs: fail local_statfs() earlier 9pfs: don't use AT_EMPTY_PATH in local_set_cred_passthrough() 9pfs: fix O_PATH build break with older glibc versions 9pfs: fix vulnerability in openat_dir() and local_unlinkat_common() hw/9pfs/9p-local.c | 10 +++++++--- hw/9pfs/9p-util.h | 8 +++++++- 2 files changed, 14 insertions(+), 4 deletions(-)