Bug#683589: unblock: libvirt/0.9.12-4
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package libvirt
It fixes CVE-2012-3445 (#683483). Debdiff attached.
unblock libvirt/0.9.12-4
Cheers,
-- Guido
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-3-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru libvirt-0.9.12/debian/changelog libvirt-0.9.12/debian/changelog
--- libvirt-0.9.12/debian/changelog 2012-06-20 08:24:44.000000000 +0200
+++ libvirt-0.9.12/debian/changelog 2012-08-01 21:12:20.000000000 +0200
@@ -1,3 +1,10 @@
+libvirt (0.9.12-4) unstable; urgency=low
+
+ * [80ac2a6] Fix CVE-2012-3445 with upstream commit
+ 6039a2cb49c8af4c68460d2faf365a7e1c686c7b (Closes: #683483)
+
+ -- Guido Günther <agx@sigxcpu.org> Wed, 01 Aug 2012 21:12:13 +0200
+
libvirt (0.9.12-3) unstable; urgency=low
* [6b610b6] Include stdint.h for uint32_t to fix the build on kFreeBSD
diff -Nru libvirt-0.9.12/debian/patches/debian/Allow-libvirt-group-to-access-the-socket.patch libvirt-0.9.12/debian/patches/debian/Allow-libvirt-group-to-access-the-socket.patch
--- libvirt-0.9.12/debian/patches/debian/Allow-libvirt-group-to-access-the-socket.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/debian/Allow-libvirt-group-to-access-the-socket.patch 2012-08-01 21:11:17.000000000 +0200
@@ -1,6 +1,3 @@
-Message-Id: <b3b5bf1ad7c56d826426b7f7974117ef5b2590e4.1336929172.git.agx@sigxcpu.org>
-In-Reply-To: <3212167ef5921de92659b7f6bf21d29fad1e4aa6.1336929172.git.agx@sigxcpu.org>
-References: <3212167ef5921de92659b7f6bf21d29fad1e4aa6.1336929172.git.agx@sigxcpu.org>
From: Guido Guenther <agx@sigxcpu.org>
Date: Thu, 26 Jun 2008 20:01:38 +0200
Subject: Allow libvirt group to access the socket
diff -Nru libvirt-0.9.12/debian/patches/debian/Debianize-libvirt-guests.patch libvirt-0.9.12/debian/patches/debian/Debianize-libvirt-guests.patch
--- libvirt-0.9.12/debian/patches/debian/Debianize-libvirt-guests.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/debian/Debianize-libvirt-guests.patch 2012-08-01 21:11:17.000000000 +0200
@@ -5,6 +5,7 @@
Origin: vendor
+
---
tools/libvirt-guests.init.sh | 41 +++++++++++++----------------------------
tools/libvirt-guests.sysconf | 4 ++--
diff -Nru libvirt-0.9.12/debian/patches/debian/Don-t-enable-default-network-on-boot.patch libvirt-0.9.12/debian/patches/debian/Don-t-enable-default-network-on-boot.patch
--- libvirt-0.9.12/debian/patches/debian/Don-t-enable-default-network-on-boot.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/debian/Don-t-enable-default-network-on-boot.patch 2012-08-01 21:11:17.000000000 +0200
@@ -5,16 +5,17 @@
to not interfere with existing network configurations
+
---
src/Makefile.am | 3 ---
src/Makefile.in | 3 ---
- 2 files changed, 0 insertions(+), 6 deletions(-)
+ 2 files changed, 6 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
-index a2aae9d..6860e21 100644
+index 0dadc29..998fd78 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
-@@ -1622,9 +1622,6 @@ if WITH_NETWORK
+@@ -1625,9 +1625,6 @@ if WITH_NETWORK
cp $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t \
$(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml && \
rm $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t; }
@@ -25,10 +26,10 @@
uninstall-local::
diff --git a/src/Makefile.in b/src/Makefile.in
-index 26b9dce..34c96a8 100644
+index 209e118..90598de 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
-@@ -7423,9 +7423,6 @@ install-data-local:
+@@ -7486,9 +7486,6 @@ install-data-local:
@WITH_NETWORK_TRUE@ cp $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t \
@WITH_NETWORK_TRUE@ $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml && \
@WITH_NETWORK_TRUE@ rm $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t; }
diff -Nru libvirt-0.9.12/debian/patches/debian/Don-t-require-gawk-for-a-simple-print-expression.patch libvirt-0.9.12/debian/patches/debian/Don-t-require-gawk-for-a-simple-print-expression.patch
--- libvirt-0.9.12/debian/patches/debian/Don-t-require-gawk-for-a-simple-print-expression.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/debian/Don-t-require-gawk-for-a-simple-print-expression.patch 2012-08-01 21:11:17.000000000 +0200
@@ -6,15 +6,16 @@
Thanks: Luca Capello
+
---
src/nwfilter/nwfilter_ebiptables_driver.c | 2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
+ 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
-index 0db9f19..09538a2 100644
+index 28f48bd..ee71bb5 100644
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
-@@ -4044,7 +4044,7 @@ ebiptablesDriverInit(bool privileged)
+@@ -4062,7 +4062,7 @@ ebiptablesDriverInit(bool privileged)
if (virMutexInit(&execCLIMutex) < 0)
return -EINVAL;
diff -Nru libvirt-0.9.12/debian/patches/debian/fix-Debian-specific-path-to-hvm-loader.patch libvirt-0.9.12/debian/patches/debian/fix-Debian-specific-path-to-hvm-loader.patch
--- libvirt-0.9.12/debian/patches/debian/fix-Debian-specific-path-to-hvm-loader.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/debian/fix-Debian-specific-path-to-hvm-loader.patch 2012-08-01 21:11:17.000000000 +0200
@@ -5,6 +5,7 @@
Closes: #517059
+
---
src/xen/xen_hypervisor.c | 2 +-
tests/xencapsdata/xen-i686-pae-hvm.xml | 2 +-
@@ -14,7 +15,7 @@
5 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/xen/xen_hypervisor.c b/src/xen/xen_hypervisor.c
-index 4401b68..4817b95 100644
+index b4ec579..5160d53 100644
--- a/src/xen/xen_hypervisor.c
+++ b/src/xen/xen_hypervisor.c
@@ -2359,7 +2359,7 @@ xenHypervisorBuildCapabilities(virConnectPtr conn,
diff -Nru libvirt-0.9.12/debian/patches/debian/remove-RHism.diff.patch libvirt-0.9.12/debian/patches/debian/remove-RHism.diff.patch
--- libvirt-0.9.12/debian/patches/debian/remove-RHism.diff.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/debian/remove-RHism.diff.patch 2012-08-01 21:11:17.000000000 +0200
@@ -4,13 +4,13 @@
---
tools/virsh.pod | 2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
+ 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/virsh.pod b/tools/virsh.pod
-index c7d5bbd..747832a 100644
+index ef71717..19dde93 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
-@@ -103,7 +103,7 @@ telnet's B<^]> is used.
+@@ -104,7 +104,7 @@ alphabetic character, @, [, ], \, ^, _.
Most B<virsh> operations rely upon the libvirt library being able to
connect to an already running libvirtd service. This can usually be
diff -Nru libvirt-0.9.12/debian/patches/Disable-failing-virnetsockettest.patch libvirt-0.9.12/debian/patches/Disable-failing-virnetsockettest.patch
--- libvirt-0.9.12/debian/patches/Disable-failing-virnetsockettest.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/Disable-failing-virnetsockettest.patch 2012-08-01 21:11:17.000000000 +0200
@@ -5,10 +5,10 @@
until we debugged the interaction with pbuilder
---
tests/virnetsockettest.c | 2 ++
- 1 files changed, 2 insertions(+), 0 deletions(-)
+ 1 file changed, 2 insertions(+)
diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c
-index 44d6f65..bcfcbd3 100644
+index 204113e..f025f52 100644
--- a/tests/virnetsockettest.c
+++ b/tests/virnetsockettest.c
@@ -491,10 +491,12 @@ mymain(void)
diff -Nru libvirt-0.9.12/debian/patches/Disable-gnulib-s-test-nonplocking-pipe.sh.patch libvirt-0.9.12/debian/patches/Disable-gnulib-s-test-nonplocking-pipe.sh.patch
--- libvirt-0.9.12/debian/patches/Disable-gnulib-s-test-nonplocking-pipe.sh.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/Disable-gnulib-s-test-nonplocking-pipe.sh.patch 2012-08-01 21:11:17.000000000 +0200
@@ -7,7 +7,7 @@
Issue reported upstresm.
---
gnulib/tests/test-nonblocking-pipe.sh | 4 ++++
- 1 files changed, 4 insertions(+), 0 deletions(-)
+ 1 file changed, 4 insertions(+)
diff --git a/gnulib/tests/test-nonblocking-pipe.sh b/gnulib/tests/test-nonblocking-pipe.sh
index dd692be..9690791 100755
diff -Nru libvirt-0.9.12/debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch libvirt-0.9.12/debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch
--- libvirt-0.9.12/debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch 2012-08-01 21:11:17.000000000 +0200
@@ -4,13 +4,13 @@
---
src/rpc/virnetserver.c | 5 ++---
- 1 files changed, 2 insertions(+), 3 deletions(-)
+ 1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c
-index f761e6b..ab6d112 100644
+index ae19e84..33dc807 100644
--- a/src/rpc/virnetserver.c
+++ b/src/rpc/virnetserver.c
-@@ -695,9 +695,8 @@ void virNetServerRun(virNetServerPtr srv)
+@@ -672,9 +672,8 @@ void virNetServerRun(virNetServerPtr srv)
virNetServerLock(srv);
#if HAVE_AVAHI
diff -Nru libvirt-0.9.12/debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch libvirt-0.9.12/debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
--- libvirt-0.9.12/debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch 2012-08-01 21:11:17.000000000 +0200
@@ -39,10 +39,10 @@
to savely detect that the command 'info migrate' is not implemented.
---
src/qemu/qemu_monitor_text.c | 10 +++++++++-
- 1 files changed, 9 insertions(+), 1 deletions(-)
+ 1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_monitor_text.c b/src/qemu/qemu_monitor_text.c
-index 30a0416..631899b 100644
+index 9e2991b..96539b5 100644
--- a/src/qemu/qemu_monitor_text.c
+++ b/src/qemu/qemu_monitor_text.c
@@ -1654,7 +1654,15 @@ int qemuMonitorTextGetMigrationStatus(qemuMonitorPtr mon,
diff -Nru libvirt-0.9.12/debian/patches/security/CVE-2012-3445.patch libvirt-0.9.12/debian/patches/security/CVE-2012-3445.patch
--- libvirt-0.9.12/debian/patches/security/CVE-2012-3445.patch 1970-01-01 01:00:00.000000000 +0100
+++ libvirt-0.9.12/debian/patches/security/CVE-2012-3445.patch 2012-08-01 21:11:17.000000000 +0200
@@ -0,0 +1,87 @@
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
+Date: Wed, 1 Aug 2012 13:11:34 +0200
+Subject: CVE-2012-3445
+
+Patch taken from upstream commit
+6039a2cb49c8af4c68460d2faf365a7e1c686c7b.
+
+---
+ daemon/remote.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index 16a8a05..4ece019 100644
+--- a/daemon/remote.c
++++ b/daemon/remote.c
+@@ -964,7 +964,7 @@ remoteDispatchDomainGetSchedulerParameters(virNetServerPtr server ATTRIBUTE_UNUS
+ virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
+ goto cleanup;
+ }
+- if (VIR_ALLOC_N(params, nparams) < 0)
++ if (nparams && VIR_ALLOC_N(params, nparams) < 0)
+ goto no_memory;
+
+ if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
+@@ -1019,7 +1019,7 @@ remoteDispatchDomainGetSchedulerParametersFlags(virNetServerPtr server ATTRIBUTE
+ virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
+ goto cleanup;
+ }
+- if (VIR_ALLOC_N(params, nparams) < 0)
++ if (nparams && VIR_ALLOC_N(params, nparams) < 0)
+ goto no_memory;
+
+ if (!(dom = get_nonnull_domain(priv->conn, args->dom)))
+@@ -1200,7 +1200,7 @@ remoteDispatchDomainBlockStatsFlags(virNetServerPtr server ATTRIBUTE_UNUSED,
+ virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
+ goto cleanup;
+ }
+- if (VIR_ALLOC_N(params, nparams) < 0) {
++ if (nparams && VIR_ALLOC_N(params, nparams) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+@@ -1674,7 +1674,7 @@ remoteDispatchDomainGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
+ virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
+ goto cleanup;
+ }
+- if (VIR_ALLOC_N(params, nparams) < 0) {
++ if (nparams && VIR_ALLOC_N(params, nparams) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+@@ -1739,7 +1739,7 @@ remoteDispatchDomainGetNumaParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
+ virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
+ goto cleanup;
+ }
+- if (VIR_ALLOC_N(params, nparams) < 0) {
++ if (nparams && VIR_ALLOC_N(params, nparams) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+@@ -1804,7 +1804,7 @@ remoteDispatchDomainGetBlkioParameters(virNetServerPtr server ATTRIBUTE_UNUSED,
+ virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
+ goto cleanup;
+ }
+- if (VIR_ALLOC_N(params, nparams) < 0) {
++ if (nparams && VIR_ALLOC_N(params, nparams) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+@@ -2064,7 +2064,7 @@ remoteDispatchDomainGetBlockIoTune(virNetServerPtr server ATTRIBUTE_UNUSED,
+ goto cleanup;
+ }
+
+- if (VIR_ALLOC_N(params, nparams) < 0) {
++ if (nparams && VIR_ALLOC_N(params, nparams) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
+@@ -3567,7 +3567,7 @@ remoteDispatchDomainGetInterfaceParameters(virNetServerPtr server ATTRIBUTE_UNUS
+ virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
+ goto cleanup;
+ }
+- if (VIR_ALLOC_N(params, nparams) < 0) {
++ if (nparams && VIR_ALLOC_N(params, nparams) < 0) {
+ virReportOOMError();
+ goto cleanup;
+ }
diff -Nru libvirt-0.9.12/debian/patches/series libvirt-0.9.12/debian/patches/series
--- libvirt-0.9.12/debian/patches/series 2012-06-20 08:24:04.000000000 +0200
+++ libvirt-0.9.12/debian/patches/series 2012-08-01 21:11:17.000000000 +0200
@@ -12,3 +12,4 @@
Only-check-for-cluster-fs-if-we-re-using-a-filesyste.patch
Reduce-udevadm-settle-timeout-to-10-seconds.patch
Include-stdint.h-for-uint32_t.patch
+security/CVE-2012-3445.patch
diff -Nru libvirt-0.9.12/debian/patches/virsh-Initialize-library-before-calling-virResetLast.patch libvirt-0.9.12/debian/patches/virsh-Initialize-library-before-calling-virResetLast.patch
--- libvirt-0.9.12/debian/patches/virsh-Initialize-library-before-calling-virResetLast.patch 2012-06-20 08:24:34.000000000 +0200
+++ libvirt-0.9.12/debian/patches/virsh-Initialize-library-before-calling-virResetLast.patch 2012-08-01 21:11:17.000000000 +0200
@@ -23,13 +23,13 @@
#11 main (argc=5, argv=0xbf9c2cd4) at virsh.c:12751
---
tools/virsh.c | 3 +++
- 1 files changed, 3 insertions(+), 0 deletions(-)
+ 1 file changed, 3 insertions(+)
diff --git a/tools/virsh.c b/tools/virsh.c
-index ee6db4c..b3dc21c 100644
+index dd9292a..d798328 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
-@@ -19276,6 +19276,9 @@ vshInit(vshControl *ctl)
+@@ -19560,6 +19560,9 @@ vshInit(vshControl *ctl)
/* set up the signals handlers to catch disconnections */
vshSetupSignals();
Reply to: