[PULL,0/2] Fixes 20220408 patches

Message ID	20220408045252.2375896-1-kraxel@redhat.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: Gerd Hoffmann <kraxel@redhat.com> To: qemu-devel@nongnu.org Subject: [PULL 0/2] Fixes 20220408 patches Date: Fri, 8 Apr 2022 06:52:50 +0200 Message-Id: <20220408045252.2375896-1-kraxel@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=170.10.129.124; envelope-from=kraxel@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -28 X-Spam_score: -2.9 X-Spam_bar: -- X-Spam_report: (-2.9 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.082, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: Gerd Hoffmann <kraxel@redhat.com> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Message ID

20220408045252.2375896-1-kraxel@redhat.com (mailing list archive)

State

New, archived

Headers

From: Gerd Hoffmann <kraxel@redhat.com>
To: qemu-devel@nongnu.org
Subject: [PULL 0/2] Fixes 20220408 patches
Date: Fri,  8 Apr 2022 06:52:50 +0200
Message-Id: <20220408045252.2375896-1-kraxel@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=170.10.129.124; envelope-from=kraxel@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -28
X-Spam_score: -2.9
X-Spam_bar: --
X-Spam_report: (-2.9 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.082,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Message

Gerd Hoffmann April 8, 2022, 4:52 a.m. UTC

The following changes since commit 95a3fcc7487e5bef262e1f937ed8636986764c4e:

  Update version for v7.0.0-rc3 release (2022-04-06 21:26:13 +0100)

are available in the Git repository at:

  git://git.kraxel.org/qemu tags/fixes-20220408-pull-request

for you to fetch changes up to fa892e9abb728e76afcf27323ab29c57fb0fe7aa:

  ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206) (2022-04-07 12:30:54 +0200)

----------------------------------------------------------------
two cursor/qxl related security fixes.

----------------------------------------------------------------

Mauro Matteo Cascella (2):
  display/qxl-render: fix race condition in qxl_cursor (CVE-2021-4207)
  ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206)

 hw/display/qxl-render.c | 9 ++++++++-
 hw/display/vmware_vga.c | 2 ++
 ui/cursor.c             | 8 +++++++-
 3 files changed, 17 insertions(+), 2 deletions(-)

Comments

Peter Maydell April 8, 2022, 2:01 p.m. UTC | #1

On Fri, 8 Apr 2022 at 05:55, Gerd Hoffmann <kraxel@redhat.com> wrote:
>
> The following changes since commit 95a3fcc7487e5bef262e1f937ed8636986764c4e:
>
>   Update version for v7.0.0-rc3 release (2022-04-06 21:26:13 +0100)
>
> are available in the Git repository at:
>
>   git://git.kraxel.org/qemu tags/fixes-20220408-pull-request
>
> for you to fetch changes up to fa892e9abb728e76afcf27323ab29c57fb0fe7aa:
>
>   ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206) (2022-04-07 12:30:54 +0200)
>
> ----------------------------------------------------------------
> two cursor/qxl related security fixes.
>

Applied, thanks.

Please update the changelog at https://wiki.qemu.org/ChangeLog/7.0
for any user-visible changes.

-- PMM

[PULL,0/2] Fixes 20220408 patches

Pull-request

Message

Comments