openembedded-core.git/meta/recipes-devtools/qemu, branch dizzy Mirror of openembedded-core qemu-slirp: CVE-2014-3640 2015-09-01T20:30:27+00:00 Sona Sarmadi sona.sarmadi@enea.com 2015-08-25T09:50:07+00:00 f63a4f706269b4cd82c56d92f37c881de824d8bc Fixes NULL pointer deref in sosendto(). Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3640 Upstream patch: http://git.qemu.org/?p=qemu.git;a=commit; h=9a72433843d912a45046959b1953861211d1838d Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
Fixes NULL pointer deref in sosendto().

Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3640

Upstream patch:
http://git.qemu.org/?p=qemu.git;a=commit;
h=9a72433843d912a45046959b1953861211d1838d

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
qemu-vnc: CVE-2014-7815 2015-09-01T20:28:02+00:00 Sona Sarmadi sona.sarmadi@enea.com 2015-08-19T12:14:29+00:00 31e3d1bab6612d8116086f9ada048a0c094fb2c8 Fixes an uninitialized data structure use flaw in qemu-vnc which allows remote attackers to cause a denial of service (crash). Upstream patch: http://git.qemu.org/?p=qemu.git;a=commit; h=b2f1d90530301d7915dddc8a750063757675b21a References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815 http://www.securityfocus.com/bid/70998 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
Fixes an uninitialized data structure use flaw in qemu-vnc
which allows remote attackers to cause a denial of service
(crash).

Upstream patch:
http://git.qemu.org/?p=qemu.git;a=commit;
h=b2f1d90530301d7915dddc8a750063757675b21a

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815
http://www.securityfocus.com/bid/70998

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
qemu: CVE-2014-7840 2015-09-01T20:28:00+00:00 Sona Sarmadi sona.sarmadi@enea.com 2015-08-18T08:45:56+00:00 0bd4b0c7ede8a52559e4bf05085a3f0d46a0a280 Fixes insufficient parameter validation during ram load Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840 Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit; h=0be839a2701369f669532ea5884c15bead1c6e08 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
Fixes insufficient parameter validation during ram load

Reference
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840

Upstream commit:
http://git.qemu.org/?p=qemu.git;a=commit;
h=0be839a2701369f669532ea5884c15bead1c6e08

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
qemu: fix CVE-2015-3456 2015-07-20T19:53:07+00:00 Kai Kang kai.kang@windriver.com 2015-05-26T07:14:43+00:00 e4c1374330679f84436796a3f6c50b486465a7ed Backport patch to fix qemuc CVE issue CVE-2015-3456. Refs: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 http://git.qemu.org/?p=qemu.git;a=commit;h=e907746266721f305d67bc0718795fedee2e824c (From OE-Core rev: 1d9e6ef173bea8181fabc6abf0dbb53990b15fd8) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-devtools/qemu/qemu_2.1.0.bb 
Backport patch to fix qemuc CVE issue CVE-2015-3456.

Refs:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456
http://git.qemu.org/?p=qemu.git;a=commit;h=e907746266721f305d67bc0718795fedee2e824c

(From OE-Core rev: 1d9e6ef173bea8181fabc6abf0dbb53990b15fd8)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

Conflicts:
	meta/recipes-devtools/qemu/qemu_2.1.0.bb
qemu: disable vte if gtk is also disabled 2014-12-31T10:17:47+00:00 Richard Tollerton rich.tollerton@ni.com 2014-12-11T18:52:57+00:00 03c2129351b39cf5299c2f531483f77e1aead7fc vte will pull in the gtk libs itself. This can cause build failures if the native gtk was build with glib>=2.41 while the sysroot native glib is <=2.40. Fix for [YOCTO #7077]. (From OE-Core rev: 6cea10dd8f041731269ad16b94d8e172ab1f7257) Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
vte will pull in the gtk libs itself. This can cause build failures if
the native gtk was build with glib>=2.41 while the sysroot native glib
is <=2.40.

Fix for [YOCTO #7077].

(From OE-Core rev: 6cea10dd8f041731269ad16b94d8e172ab1f7257)

Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
qemu: Add missing wacom HID descriptor 2014-12-31T10:17:32+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2014-11-27T14:04:29+00:00 9564a6ea2c4648205136a1c2e9a6cedb8a19aaf1 The wacom driver we use is missing a HID descriptor causing it not to work with 3.17 kernels and later. This patch adds in a descriptor to make the driver work again. (From OE-Core rev: 51200e0151f0a3b0ed06649ffe77ef20bb296499) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
The wacom driver we use is missing a HID descriptor causing it not to work
with 3.17 kernels and later. This patch adds in a descriptor to make the
driver work again.

(From OE-Core rev: 51200e0151f0a3b0ed06649ffe77ef20bb296499)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
pcihp: fix possible array out of bounds, CVE-2014-5388 2014-09-10T14:19:57+00:00 Sona Sarmadi sona.sarmadi@enea.com 2014-09-05T10:04:08+00:00 43ba8f84fb03a8f645995b43966cb87152b69f4c Prevent out-of-bounds array access on acpi_pcihp_pci_status. [From QEMU: fa365d7cd11185237471823a5a33d36765454e16] Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Prevent out-of-bounds array access on acpi_pcihp_pci_status.

[From QEMU: fa365d7cd11185237471823a5a33d36765454e16]

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
qemu-native: only depends on libxext-native when x11 2014-09-03T09:24:20+00:00 Robert Yang liezhi.yang@windriver.com 2014-09-02T13:29:13+00:00 012c7fbe0a21e469db5112873e778ff7c3b17237 Fixed when build without x11 in DISTRO_FEATURES: ERROR: libxext-native was skipped: missing required distro feature 'x11' (not in DISTRO_FEATURES) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Fixed when build without x11 in DISTRO_FEATURES:
ERROR: libxext-native was skipped: missing required distro feature 'x11' (not in DISTRO_FEATURES)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
qemu-native: depends on libxext-native when enable sdl 2014-08-29T22:43:31+00:00 Robert Yang liezhi.yang@windriver.com 2014-07-29T08:02:44+00:00 fbf6995306d85ad868fa5d33da9b493e7e0de414 Fixed do_configure error: ERROR: User requested feature sdl configure was not able to find it. Install SDL devel The error message from log.do_configure, and if we check config.log, the error is: sysroots/x86_64-linux/usr/lib/libXext.so.6: undefined reference to `_XEatDataWords' The _XEatDataWords is provided by libX11.so, the dependencies are: qemu-native -> sdl(from the host) -> libXext.so(maybe host or native) -> libX11.so (maybe host or native) For example on Ubuntu 12.04 x86_64, the link route is: qemu-native's do_configure sdl checking: /usr/lib/x86_64-linux-gnu/libSDL.so --> <sysroots>/x86_64-linux/usr/lib/libXext.so.6 --> /usr/lib/x86_64-linux-gnu/libX11.so So it is: host sdl -> sysroot libXext.so.6 -> host X11.so qemu-native doesn't depend on libxext-native, so the error would happen if the libx11-native is being rebuilding and the host's libX11.so doesn't have _XEatDataWords. Manually reproduce it on Ubuntu 12.04 x86_64: $ bitbake qemu-native libx11-native libxext-native $ bitbake qemu-native libx11-native -ccleansstate && bitbake qemu-native Note, only qemu-native has this problem since libxext depends on libX11, and SDL would depend on libxext when x11 is enabled. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Fixed do_configure error:

ERROR: User requested feature sdl
       configure was not able to find it.
       Install SDL devel

The error message from log.do_configure, and if we check config.log, the
error is:

sysroots/x86_64-linux/usr/lib/libXext.so.6: undefined reference to `_XEatDataWords'

The _XEatDataWords is provided by libX11.so, the dependencies are:

qemu-native -> sdl(from the host) -> libXext.so(maybe host or native) -> libX11.so (maybe host or native)

For example on Ubuntu 12.04 x86_64, the link route is:

qemu-native's do_configure sdl checking:
/usr/lib/x86_64-linux-gnu/libSDL.so --> <sysroots>/x86_64-linux/usr/lib/libXext.so.6 --> /usr/lib/x86_64-linux-gnu/libX11.so

So it is:
host sdl -> sysroot libXext.so.6 -> host X11.so

qemu-native doesn't depend on libxext-native, so the error would happen
if the libx11-native is being rebuilding and the host's libX11.so
doesn't have _XEatDataWords.

Manually reproduce it on Ubuntu 12.04 x86_64:

$ bitbake qemu-native libx11-native libxext-native
$ bitbake qemu-native libx11-native -ccleansstate && bitbake qemu-native

Note, only qemu-native has this problem since libxext depends on libX11,
and SDL would depend on libxext when x11 is enabled.

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
qemu: add PACKAGECONFIG for numa 2014-08-27T11:13:25+00:00 Jackie Huang jackie.huang@windriver.com 2014-08-27T09:34:04+00:00 9661ce6ed5e01dd21360946c561b3c8a1ce9fc2c Add PACKAGECONFIG for numa to avoid build error: backends/hostmem.c:21:20: fatal error: numaif.h: No such file or directory Package numctl is from meta-oe. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Add PACKAGECONFIG for numa to avoid build error:
backends/hostmem.c:21:20: fatal error: numaif.h: No such file or directory

Package numctl is from meta-oe.

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>