[Pkg-xen-changes] r604 - in branches/etch/xen-3.0/debian: . patches
Bastian Blank
waldi at alioth.debian.org
Tue Jul 15 19:10:44 UTC 2008
Author: waldi
Date: Tue Jul 15 19:10:44 2008
New Revision: 604
Log:
Fix CVE-2007-1321.
* debian/changelog: Update.
* debian/patches/00list: Add new patch.
* debian/patches/CVE-2007-1321.dpatch: Add.
Added:
branches/etch/xen-3.0/debian/patches/CVE-2007-1321.dpatch (contents, props changed)
Modified:
branches/etch/xen-3.0/debian/changelog
branches/etch/xen-3.0/debian/patches/00list
Modified: branches/etch/xen-3.0/debian/changelog
==============================================================================
--- branches/etch/xen-3.0/debian/changelog (original)
+++ branches/etch/xen-3.0/debian/changelog Tue Jul 15 19:10:44 2008
@@ -2,6 +2,8 @@
* Disable access to the qemu monitor.
See: CVE-2007-0998
+ * Fix integer signedness error in ne2000 emulator.
+ See: CVE-2007-1321
* Fix heap overflow in network handling.
See: CVE-2007-5730
* Clear debug registers for HVM guests.
Modified: branches/etch/xen-3.0/debian/patches/00list
==============================================================================
--- branches/etch/xen-3.0/debian/patches/00list (original)
+++ branches/etch/xen-3.0/debian/patches/00list Tue Jul 15 19:10:44 2008
@@ -15,3 +15,4 @@
CVE-2008-2004
CVE-2007-0998
CVE-2007-5730
+CVE-2007-1321
Added: branches/etch/xen-3.0/debian/patches/CVE-2007-1321.dpatch
==============================================================================
--- (empty file)
+++ branches/etch/xen-3.0/debian/patches/CVE-2007-1321.dpatch Tue Jul 15 19:10:44 2008
@@ -0,0 +1,27 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+
+ at DPATCH@
+diff -r 02b4247ef707 -r bea754626f14 tools/ioemu/hw/ne2000.c
+--- a/tools/ioemu/hw/ne2000.c Tue Jul 15 20:57:15 2008 +0200
++++ b/tools/ioemu/hw/ne2000.c Tue Jul 15 21:02:33 2008 +0200
+@@ -230,7 +230,7 @@ static void ne2000_receive(void *opaque,
+ {
+ NE2000State *s = opaque;
+ uint8_t *p;
+- int total_len, next, avail, len, index, mcast_idx;
++ unsigned int total_len, next, avail, len, index, mcast_idx;
+ uint8_t buf1[60];
+ static const uint8_t broadcast_macaddr[6] =
+ { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
+@@ -299,7 +299,10 @@ static void ne2000_receive(void *opaque,
+
+ /* write packet data */
+ while (size > 0) {
+- avail = s->stop - index;
++ if (index <= s->stop)
++ avail = s->stop - index;
++ else
++ avail = 0;
+ len = size;
+ if (len > avail)
+ len = avail;
More information about the Pkg-xen-changes
mailing list