=app-emulation/libvirt-1.1.1-r5 target keywords: amd64 x86
amd64 stable
(In reply to Agostino Sarubbo from comment #1) > amd64 stable Making all in src make[2]: Entering directory `/var/tmp/portage/app-emulation/libvirt-1.1.1-r5/work/libvirt-1.1.1/src' /usr/bin/perl -w ./rpc/gendispatch.pl --mode=server \ virLXCMonitor VIR_LXC_MONITOR ./lxc/lxc_monitor_protocol.x > lxc/lxc_controller_dispatch.h /usr/bin/perl -w ./rpc/genprotocol.pl /usr/bin/rpcgen -h \ remote/remote_protocol.x remote/remote_protocol.h /usr/bin/perl -w ./rpc/gendispatch.pl --mode=client \ remote REMOTE ./remote/remote_protocol.x > remote/remote_client_bodies.h /usr/bin/perl -w ./rpc/gendispatch.pl --mode=aclheader \ remote REMOTE ./remote/remote_protocol.x > access/viraccessapicheck.h /usr/bin/perl -w ./rpc/gendispatch.pl --mode=aclbody \ remote REMOTE ./remote/remote_protocol.x access/viraccessapicheck.h > access/viraccessapicheck.c /usr/bin/perl -w ./rpc/gendispatch.pl --mode=aclsym \ remote REMOTE ./remote/remote_protocol.x > libvirt_access.syms /usr/bin/perl -w ./rpc/gendispatch.pl --mode=aclsym \ qemu QEMU ./remote/qemu_protocol.x > libvirt_access_qemu.syms /usr/bin/perl -w ./rpc/gendispatch.pl --mode=aclsym \ lxc LXC ./remote/lxc_protocol.x > libvirt_access_lxc.syms /usr/bin/rpcgen: C preprocessor failed with exit code 1 rm -f -- libvirt_qemu.def-tmp libvirt_qemu.def ; \ printf 'EXPORTS\n' > libvirt_qemu.def-tmp && \ sed -e '/^$/d; /#/d; /:/d; /}/d; /\*/d; /LIBVIRT_/d' \ -e 's/[ ]*\(.*\)\;/ \1/g' libvirt_qemu.syms >> libvirt_qemu.def-tmp && \ chmod a-w libvirt_qemu.def-tmp && \ mv libvirt_qemu.def-tmp libvirt_qemu.def cannot shutdown /usr/bin/rpcgen: at ./rpc/genprotocol.pl line 136. make[2]: *** [remote/remote_protocol.h] Error 1 make[2]: *** Waiting for unfinished jobs.... make[2]: Leaving directory `/var/tmp/portage/app-emulation/libvirt-1.1.1-r5/work/libvirt-1.1.1/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/tmp/portage/app-emulation/libvirt-1.1.1-r5/work/libvirt-1.1.1' make: *** [all] Error 2 just me?
sorry, read my logs wrong, this failure is on i686...although not sure why.
last update, it failed on both for me
(In reply to Rick Farina (Zero_Chaos) from comment #4) > last update, it failed on both for me what glibc version?
(In reply to Doug Goldstein from comment #5) > (In reply to Rick Farina (Zero_Chaos) from comment #4) > > last update, it failed on both for me > > what glibc version? glibc-2.15-r3 worked on my host system, failed 8 times in a row on a catalyst build... not really sure why. parallelization bug? the error looks pretty weird.
I didn't even think about it, but I'm on hardened, and it's failing in a chroot. Is it doing something evil and grsec is blocking maybe? kernel.grsecurity.chroot_deny_fchdir = 1 kernel.grsecurity.chroot_deny_mknod = 0 kernel.grsecurity.chroot_deny_shmat = 1 kernel.grsecurity.chroot_deny_sysctl = 1 kernel.grsecurity.chroot_deny_unix = 1 kernel.grsecurity.chroot_enforce_chdir = 1 kernel.grsecurity.chroot_findtask = 1 kernel.grsecurity.chroot_restrict_nice = 1
(In reply to Rick Farina (Zero_Chaos) from comment #6) > (In reply to Doug Goldstein from comment #5) > > (In reply to Rick Farina (Zero_Chaos) from comment #4) > > > last update, it failed on both for me > > > > what glibc version? > > glibc-2.15-r3 > > worked on my host system, failed 8 times in a row on a catalyst build... not > really sure why. parallelization bug? the error looks pretty weird. Not sure. I'm about to add 1.1.2 to the tree and you should be able to give that a whirl and not run into an issue.
(In reply to Doug Goldstein from comment #0) > =app-emulation/libvirt-1.1.1-r5 > > target keywords: amd64 x86 FWIW, this stable request was to fix: CVE-2013-5651 and CVE-2013-4292.
(In reply to Doug Goldstein from comment #9) > (In reply to Doug Goldstein from comment #0) > > =app-emulation/libvirt-1.1.1-r5 > > > > target keywords: amd64 x86 > > FWIW, this stable request was to fix: CVE-2013-5651 and CVE-2013-4292. Then, this is a security bug :) CVE-2013-4291: http://libvirt.org/git/?p=libvirt.git;a=commit;h=745aa55fbf3e076c4288d5ec3239f5a5d43508a6 CVE-2013-4292: http://libvirt.org/git/?p=libvirt.git;a=commit;h=fd6f6a48619eb221afeb1c5965537534cd54e01d CVE-2013-5651 http://libvirt.org/git/?p=libvirt.git;a=commit;h=47b9127e883677a0d60d767030a147450e919a25
CVE-2013-4291 didn't affect Gentoo with how we package libvirt.
(In reply to Doug Goldstein from comment #11) > CVE-2013-4291 didn't affect Gentoo with how we package libvirt. Thanks for point it. @security, please vote
CVE-2013-5651 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5651): The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune. CVE-2013-4292 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4292): libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c.
Added to existing GLSA draft
This issue was resolved and addressed in GLSA 201412-04 at http://security.gentoo.org/glsa/glsa-201412-04.xml by GLSA coordinator Kristian Fiskerstrand (K_F).
