rpms/xen/F-9 xen.spec, 1.215, 1.216 xen-pvfb-validate-fb.patch, 1.1, 1.2
Markus Armbruster (armbru)
fedora-extras-commits at redhat.com
Fri Jun 13 14:18:53 UTC 2008
Author: armbru
Update of /cvs/pkgs/rpms/xen/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10628
Modified Files:
xen.spec xen-pvfb-validate-fb.patch
Log Message:
Correctly limit PVFB size (CVE-2008-1952)
Index: xen.spec
===================================================================
RCS file: /cvs/pkgs/rpms/xen/F-9/xen.spec,v
retrieving revision 1.215
retrieving revision 1.216
diff -u -r1.215 -r1.216
--- xen.spec 3 Jun 2008 15:49:30 -0000 1.215
+++ xen.spec 13 Jun 2008 14:18:09 -0000 1.216
@@ -2,7 +2,7 @@
# Always set these 3 tags
%define base_version 3.2.0
-%define base_release 12
+%define base_release 13
# Hypervisor ABI
%define hv_abi 3.2
@@ -465,6 +465,9 @@
%{_libdir}/*.a
%changelog
+* Fri Jun 13 2008 Markus Armbruster <armbru at redhat.com> - 3.2.0-13.fc9
+- Correctly limit PVFB size (CVE-2008-1952)
+
* Tue Jun 3 2008 Daniel P. Berrange <berrange at redhat.com> - 3.2.0-12.fc9
- Move /var/run/xend into xen-runtime for pygrub (rhbz #442052)
xen-pvfb-validate-fb.patch:
Index: xen-pvfb-validate-fb.patch
===================================================================
RCS file: /cvs/pkgs/rpms/xen/F-9/xen-pvfb-validate-fb.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- xen-pvfb-validate-fb.patch 14 May 2008 16:03:12 -0000 1.1
+++ xen-pvfb-validate-fb.patch 13 Jun 2008 14:18:09 -0000 1.2
@@ -18,7 +18,7 @@
struct xenfb;
struct xenfb_device {
-@@ -476,6 +474,55 @@ void xenfb_shutdown(struct xenfb *xenfb)
+@@ -476,6 +474,56 @@ void xenfb_shutdown(struct xenfb *xenfb)
free(xenfb);
}
@@ -36,6 +36,7 @@
+ fprintf(stderr,
+ "FB: frontend fb size %zu limited to %zu\n",
+ fb_len, fb_len_lim);
++ fb_len = fb_len_lim;
+ }
+ if (depth != 8 && depth != 16 && depth != 24 && depth != 32) {
+ fprintf(stderr,
More information about the fedora-extras-commits
mailing list