Message ID | 20200610011713.3687895-1-eblake@redhat.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On 6/9/20 8:17 PM, Eric Blake wrote: > The following changes since commit 31d321c2b3574dcc74e9f6411af06bca6b5d10f4: > > Merge remote-tracking branch 'remotes/philmd-gitlab/tags/sparc-next-20200609' into staging (2020-06-09 17:29:47 +0100) > > are available in the Git repository at: > > https://repo.or.cz/qemu/ericb.git tags/pull-nbd-2020-06-09 > > for you to fetch changes up to 2886df0c75c1c5f6aed054c54f4ad48aeee04bfd: > > block: Call attention to truncation of long NBD exports (2020-06-09 17:05:50 -0500) > > ---------------------------------------------------------------- > NBD patches for 2020-06-09 > > - fix iotest 194 race > - fix CVE-2020-10761: server DoS from assertion on long NBD error messages > > ---------------------------------------------------------------- > Eric Blake (2): > nbd/server: Avoid long error message assertions CVE-2020-10761 Vladimir raised a potential thread-safety issue in this patch. As it is intended to fix a CVE, let's hold off on this pull request, and I'll send a v2 once I have better review.