qemu: security bump to version 2.10.2 - buildroot

diff options

author	Peter Korsgaard <peter@korsgaard.com>	2017-12-20 12:26:01 +0100
committer	Peter Korsgaard <peter@korsgaard.com>	2017-12-20 21:22:33 +0100
commit	eb2b3df62666b0e2dc3042efdfecd7f62513bc9a (patch)
tree	ed6780141c6f82d57016eb53ee8119de6c01accc /package/json-c/0001-don-t-threat-warnings-as-errors.patch
parent	35f8333eb4b69e7d04960677a03790426e7fb15e (diff)
download	buildroot-eb2b3df62666b0e2dc3042efdfecd7f62513bc9a.tar.gz buildroot-eb2b3df62666b0e2dc3042efdfecd7f62513bc9a.zip

qemu: security bump to version 2.10.2

Fixes the following security issues: CVE-2017-13672: QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update. CVE-2017-15118: Stack buffer overflow in NBD server triggered via long export name CVE-2017-15119: DoS via large option request CVE-2017-15268: Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. For more details, see the release announcement: https://lists.nongnu.org/archive/html/qemu-devel/2017-12/msg03618.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Diffstat (limited to 'package/json-c/0001-don-t-threat-warnings-as-errors.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: