Summary: | =app-emulation/qemu-softmmu-0.9.0 "removable media" Host file disclosure (CVE-2008-1945) | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> | ||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED OBSOLETE | ||||||||
Severity: | normal | CC: | lu_zero | ||||||
Priority: | High | ||||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | B3 [ebuild / upstream] | ||||||||
Package list: | Runtime testing required: | --- | |||||||
Attachments: |
|
Description
Robert Buchholz (RETIRED)
2008-08-19 20:07:24 UTC
Created attachment 163325 [details, diff]
qemu-CVE-2008-1945.patch
Patch as applied upstream in r4747
Created attachment 163327 [details, diff]
qemu-0.9.0-mdv,svn-CVE-2008-1945.patch
Patch as applied by Mandriva
I asked spuk of Mandriva why the patch was not fully applied upstream: <spuk-> rbu: don't know why it wasn't fully applied upstream, last words from the patch author (Chris Wright) after some discussion on the patch were that that patch was fine, and I didn't see a drawback on using it, as it seemed "more complete", even though the "extra completeness" might not be very important (maybe that's why it wasn't applied?) Chris Wright's original comment on the patch (as used by Mandriva): Subject: [PATCH] add image format options for USB storage and removable media Previous commit didn't handle removable media or USB (thanks to Markus for noting this). This patch adds a cmdline option for USB to allow admin to specify format type. To avoid changing exists semantics a new option -usbdevice diskformat: is added (ugly name). This is valid from both command line and monitor interface. Because of the comma delimiter, admin must use ',,' just as in -drive file=filename. The patch also allows specifying image format when changing removable media. It is an optional argument to the monitor command "change," so there is no change to existing semantics. Longer term it'd be better to provide some safe defaults. @security: ~5 year ping. package is no longer in the tree. The bug doesn't make a note of this but it affected xen 3.0 as well. 5 year old bug, package gone -> byebye. |