From patchwork Wed Dec 20 11:26:01 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Korsgaard <peter@korsgaard.com>
X-Patchwork-Id: 851408
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=busybox.net
	(client-ip=140.211.166.136; helo=silver.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="KkFTWxfX"; dkim-atps=neutral
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3z1ssw4xpkz9s4s
	for <incoming@patchwork.ozlabs.org>;
	Wed, 20 Dec 2017 22:26:27 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id AEA362FA9D;
	Wed, 20 Dec 2017 11:26:23 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id eYJynCKdQQyW; Wed, 20 Dec 2017 11:26:22 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by silver.osuosl.org (Postfix) with ESMTP id 8A6BA237E7;
	Wed, 20 Dec 2017 11:26:22 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	by ash.osuosl.org (Postfix) with ESMTP id DD10D1C0156
	for <buildroot@lists.busybox.net>;
	Wed, 20 Dec 2017 11:26:21 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id 21BEF2FA9D
	for <buildroot@lists.busybox.net>;
	Wed, 20 Dec 2017 11:26:20 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id W-Kg287dhz+1 for <buildroot@lists.busybox.net>;
	Wed, 20 Dec 2017 11:26:18 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com
	[74.125.82.65])
	by silver.osuosl.org (Postfix) with ESMTPS id EF4DE2A377
	for <buildroot@buildroot.org>; Wed, 20 Dec 2017 11:26:17 +0000 (UTC)
Received: by mail-wm0-f65.google.com with SMTP id y82so15254871wmg.1
	for <buildroot@buildroot.org>; Wed, 20 Dec 2017 03:26:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id;
	bh=LhYOPhE03kPkRVkinll+UlOAx+wLdLRJBjsztpYqibw=;
	b=KkFTWxfXyVNgKsPinT0F8Aqt51Sfv1FYr4nAR6oinFjIWG6a7l8Hq1yozHOZrRJKsw
	Ye7kecidrzTS1nHQ5F2uhs/4MROS92gtf6YpTukQPg+EmOy4RSB5eIaborhmjHlLEjQN
	DQwEWcS7P30ONNsSZnCpnRpzkIJLOFRV/mucBSG2jF741hIYiR842Iwa7mg0fNJohbT7
	0MO7NrL7/QffvefTKpCkrz1zMsa7FFn5d8z505ImgceiI9+753HOOX5Bw4uLp/RZCtTN
	sT4h6/XT0G3X8lKB+nZvCNUMCYymeF4ykioVFnaef+bFoBhff8W4DSyld2NJKFNbyM+R
	+3Mg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id;
	bh=LhYOPhE03kPkRVkinll+UlOAx+wLdLRJBjsztpYqibw=;
	b=DBPdyjfu1dQY9fDwJkMF3948rRpu+kkJcfJpYTufMSdSsnj+I+YogbDtjORFnT9+jS
	oITshZgY//fVUwdu3KMk2DWW4KucQsk/qznsXtKTYMbPGAaZHjThCPOsLYC9slNvLKDv
	PP+Ehzmr0DsQXAHkRgOCMPPFgLBDcQk+JZNafTy9KWeV0P2EGHyEIwb7KF09nR/53OGb
	ONrSWLTmsG/JkEFXb21Xk6dha9ZEdM1pF2r6ku0oGIOKKmiGpugx9Wy5anAtDq07xWF9
	0wqeNYj5qMVADK5OjUfZOntcJhRIs71H5/8K/Smf5I3jaJY47io9VSWHkoFPAFCE7wTs
	BqBw==
X-Gm-Message-State: AKGB3mIIAnCL6uhl8QVfT43W6KvI/TbZZ2LK3+vvOmQ5Vvy+x6oT/xlv
	6zNwaLbtiH55423xiGnR+QSks2Aa
X-Google-Smtp-Source: 
 ACJfBougrs+qha7Z6UIeLoAbK9WK6HobmfwVwgup+uhaXEF37LhvuteeZEkyu+OqNtq6EHi/mth6bw==
X-Received: by 10.80.166.222 with SMTP id f30mr5051756edc.278.1513769175960;
	Wed, 20 Dec 2017 03:26:15 -0800 (PST)
Received: from dell.be.48ers.dk
	(ptr-bvxwyj9hmyz9swdo3rb.18120a2.ip6.access.telenet.be.
	[2a02:1811:8c2c:ff00:ba8a:60ff:feb3:d607])
	by smtp.gmail.com with ESMTPSA id
	o42sm14645814edo.91.2017.12.20.03.26.14
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Wed, 20 Dec 2017 03:26:14 -0800 (PST)
Received: from peko by dell.be.48ers.dk with local (Exim 4.89)
	(envelope-from <peko@dell.be.48ers.dk>)
	id 1eRcVp-00050q-Vr; Wed, 20 Dec 2017 12:26:14 +0100
From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@buildroot.org,
	francois.perrad@gadz.org
Date: Wed, 20 Dec 2017 12:26:01 +0100
Message-Id: <20171220112601.19056-1-peter@korsgaard.com>
X-Mailer: git-send-email 2.11.0
Subject: [Buildroot] [PATCH] qemu: security bump to version 2.10.2
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.24
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Fixes the following security issues:

CVE-2017-13672: QEMU (aka Quick Emulator), when built with the VGA display
emulator support, allows local guest OS privileged users to cause a denial
of service (out-of-bounds read and QEMU process crash) via vectors involving
display update.

CVE-2017-15118: Stack buffer overflow in NBD server triggered via long
export name

CVE-2017-15119: DoS via large option request

CVE-2017-15268: Qemu through 2.10.0 allows remote attackers to cause a
memory leak by triggering slow data-channel read operations, related to
io/channel-websock.c.

For more details, see the release announcement:
https://lists.nongnu.org/archive/html/qemu-devel/2017-12/msg03618.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/qemu/qemu.hash | 2 +-
 package/qemu/qemu.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/qemu/qemu.hash b/package/qemu/qemu.hash
index db43c9a2d8..1173c1bf3d 100644
--- a/package/qemu/qemu.hash
+++ b/package/qemu/qemu.hash
@@ -1,4 +1,4 @@
 # Locally computed, tarball verified with GPG signature
-sha256 1dd51a908fc68c7d935b0b31fb184c5669bc23b5a1b081816e824714f2a11caa  qemu-2.10.1.tar.xz
+sha256 fcfdaa1ecdaac8aead616fe811bfb8fe4a8f2cd59796aa446c5175b5af0e829f  qemu-2.10.2.tar.xz
 sha256 6f04ae8364d0079a192b14635f4b1da294ce18724c034c39a6a41d1b09df6100  COPYING
 sha256 48ffe9fc7f1d5462dbd19340bc4dd1d8a9e37c61ed535813e614cbe4a5f0d4df  COPYING.LIB
diff --git a/package/qemu/qemu.mk b/package/qemu/qemu.mk
index 402ad68b5c..345ef52668 100644
--- a/package/qemu/qemu.mk
+++ b/package/qemu/qemu.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-QEMU_VERSION = 2.10.1
+QEMU_VERSION = 2.10.2
 QEMU_SOURCE = qemu-$(QEMU_VERSION).tar.xz
 QEMU_SITE = http://download.qemu.org
 QEMU_LICENSE = GPL-2.0, LGPL-2.1, MIT, BSD-3-Clause, BSD-2-Clause, Others/BSD-1c