[Pkg-xen-changes] r1099 - in branches/wheezy/xen/debian: . patches

[Bastian Blank]

Author: waldi
Date: Fri Sep  7 17:38:58 2012
New Revision: 1099

Log:
* debian/changelog: Update.
* debian/patches: Add security fix.

Added:
   branches/wheezy/xen/debian/patches/CVE-2012-4411
Modified:
   branches/wheezy/xen/debian/changelog
   branches/wheezy/xen/debian/patches/series

Modified: branches/wheezy/xen/debian/changelog
==============================================================================
--- branches/wheezy/xen/debian/changelog	Fri Sep  7 16:05:34 2012	(r1098)
+++ branches/wheezy/xen/debian/changelog	Fri Sep  7 17:38:58 2012	(r1099)
@@ -10,6 +10,8 @@
     CVE-2012-3498
   * Properly check bounds while setting the cursor in qemu.
     CVE-2012-3515
+  * Disable monitor in qemu by default.
+    CVE-2012-4411
 
  -- Bastian Blank <waldi at debian.org>  Wed, 05 Sep 2012 18:23:55 +0200
 

Added: branches/wheezy/xen/debian/patches/CVE-2012-4411
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/wheezy/xen/debian/patches/CVE-2012-4411	Fri Sep  7 17:38:58 2012	(r1099)
@@ -0,0 +1,31 @@
+commit d7d453f51459b591faa96d1c123b5bfff7c5b6b6
+Author: Ian Jackson <ian.jackson at eu.citrix.com>
+Date:   Thu Sep 6 17:05:30 2012 +0100
+
+    Disable qemu monitor by default.  The qemu monitor is an overly
+    powerful feature which must be protected from untrusted (guest)
+    administrators.
+    
+    Neither xl nor xend expect qemu to produce this monitor unless it is
+    explicitly requested.
+    
+    This is a security problem, XSA-19.  Previously it was CVE-2007-0998
+    in Red Hat but we haven't dealt with it in upstream.  We hope to have
+    a new CVE for it here but we don't have one yet.
+    
+    Signed-off-by: Ian Jackson <ian.jackson at eu.citrix.com>
+    (cherry picked from commit bacc0d302445c75f18f4c826750fb5853b60e7ca)
+
+diff --git a/vl.c b/vl.c
+index f07a659..686a9bd 100644
+--- a/qemu/vl.c
++++ b/qemu/vl.c
+@@ -4910,7 +4910,7 @@ int main(int argc, char **argv, char **envp)
+     kernel_cmdline = "";
+     cyls = heads = secs = 0;
+     translation = BIOS_ATA_TRANSLATION_AUTO;
+-    monitor_device = "vc:80Cx24C";
++    monitor_device = "null";
+ 
+     serial_devices[0] = "vc:80Cx24C";
+     for(i = 1; i < MAX_SERIAL_PORTS; i++)

Modified: branches/wheezy/xen/debian/patches/series
==============================================================================
--- branches/wheezy/xen/debian/patches/series	Fri Sep  7 16:05:34 2012	(r1098)
+++ branches/wheezy/xen/debian/patches/series	Fri Sep  7 17:38:58 2012	(r1099)
@@ -9,6 +9,7 @@
 CVE-2012-3496
 CVE-2012-3498
 CVE-2012-3515
+CVE-2012-4411
 
 xen-x86-interrupt-pointer-missmatch.diff