Hi,
I've had a quick look at CVE-2016-7116[0] and would be interested by working on
it. Upstream provided a patch[1], which looks 'relatively' simple and seems to
apply well with some adaptations. However, the names of the concerned files have
changed[2] (e.g. virtio-9p.c -> 9p.c). I think this isn't very important since
the sourcecode hasn't changed too much, but, just to make sure, could anybody
have a second look at it (and, before I send a message to the maintainers,
confirm me that we should support qemu in wheezy LTS) ?
Thanks !
Cheers,
Hugo
[0] https://security-tracker.debian.org/tracker/CVE-2016-7116
[1] http://git.qemu.org/?p=qemu.git;a=commit;h=56f101ecce0eafd09e2daf1c4eeb1377d6959261
[2] http://sources.debian.net/src/qemu/1:2.1%2Bdfsg-12%2Bdeb8u5a~bpo70%2B1/hw/9pfs/
--
Hugo Lefeuvre (hle) | www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
Attachment:
signature.asc
Description: PGP signature