commit: 229d28a525799ae2f65b1a2cd206b07189241026 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Sun Jul 2 23:34:19 2023 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Sun Jul 2 23:34:42 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=229d28a5
app-emulation/qemu: use right CVE-2023-2861 patch for 8.0.2 Fixes: d2d08ad4d9a70136bf79818eb698e3cb7eead3b0 Bug: https://bugs.gentoo.org/909542 Signed-off-by: Sam James <sam <AT> gentoo.org> .../qemu/files/qemu-8.0.2-CVE-2023-2861.patch | 23 +++++++++++++--------- .../{qemu-8.0.2-r1.ebuild => qemu-8.0.2-r2.ebuild} | 0 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/app-emulation/qemu/files/qemu-8.0.2-CVE-2023-2861.patch b/app-emulation/qemu/files/qemu-8.0.2-CVE-2023-2861.patch index 9a9c11a41d66..75fa534b4f1c 100644 --- a/app-emulation/qemu/files/qemu-8.0.2-CVE-2023-2861.patch +++ b/app-emulation/qemu/files/qemu-8.0.2-CVE-2023-2861.patch @@ -1,7 +1,7 @@ https://bugs.gentoo.org/909542 -https://gitlab.com/qemu-project/qemu/-/commit/10fad73a2bf1c76c8aa9d6322755e5f877d83ce5 +https://gitlab.com/qemu-project/qemu/-/commit/b9d2887be4e616cdaeedd0b7456bfaa71ee798af -From 10fad73a2bf1c76c8aa9d6322755e5f877d83ce5 Mon Sep 17 00:00:00 2001 +From b9d2887be4e616cdaeedd0b7456bfaa71ee798af Mon Sep 17 00:00:00 2001 From: Christian Schoenebeck <[email protected]> Date: Wed, 7 Jun 2023 18:29:33 +0200 Subject: [PATCH] 9pfs: prevent opening special files (CVE-2023-2861) @@ -39,7 +39,6 @@ Reviewed-by: Michael Tokarev <[email protected]> Message-Id: <[email protected]> (cherry picked from commit f6b0de53fb87ddefed348a39284c8e2f28dc4eda) Signed-off-by: Michael Tokarev <[email protected]> -(Mjt: drop adding qemu_fstat wrapper for 7.2 where wrappers aren't used) --- a/fsdev/virtfs-proxy-helper.c +++ b/fsdev/virtfs-proxy-helper.c @@ -26,6 +26,7 @@ @@ -108,7 +107,15 @@ Signed-off-by: Michael Tokarev <[email protected]> #ifdef O_PATH #define O_PATH_9P_UTIL O_PATH #else -@@ -112,6 +114,38 @@ static inline void close_preserve_errno(int fd) +@@ -95,6 +97,7 @@ static inline int errno_to_dotl(int err) { + #endif + + #define qemu_openat openat ++#define qemu_fstat fstat + #define qemu_fstatat fstatat + #define qemu_mkdirat mkdirat + #define qemu_renameat renameat +@@ -108,6 +111,38 @@ static inline void close_preserve_errno(int fd) errno = serrno; } @@ -127,7 +134,7 @@ Signed-off-by: Michael Tokarev <[email protected]> +{ + struct stat stbuf; + -+ if (fstat(fd, &stbuf) < 0) { ++ if (qemu_fstat(fd, &stbuf) < 0) { + close_preserve_errno(fd); + return -1; + } @@ -146,8 +153,8 @@ Signed-off-by: Michael Tokarev <[email protected]> + static inline int openat_dir(int dirfd, const char *name) { - return openat(dirfd, name, -@@ -146,6 +180,10 @@ again: + return qemu_openat(dirfd, name, +@@ -142,6 +177,10 @@ again: return -1; } @@ -158,5 +165,3 @@ Signed-off-by: Michael Tokarev <[email protected]> serrno = errno; /* O_NONBLOCK was only needed to open the file. Let's drop it. We don't * do that with O_PATH since fcntl(F_SETFL) isn't supported, and openat() --- -GitLab diff --git a/app-emulation/qemu/qemu-8.0.2-r1.ebuild b/app-emulation/qemu/qemu-8.0.2-r2.ebuild similarity index 100% rename from app-emulation/qemu/qemu-8.0.2-r1.ebuild rename to app-emulation/qemu/qemu-8.0.2-r2.ebuild
