[OE-core] [PATCH] qemu: fix CVE-2020-7039
akuster808
akuster808 at gmail.com
Thu Mar 12 21:28:58 UTC 2020
On 3/12/20 1:53 PM, Randy MacLeod wrote:
> On 2020-02-27 12:25 a.m., changqing.li at windriver.com wrote:
>> From: Changqing Li <changqing.li at windriver.com>
got it fixed up. its sitting @
http://git.yoctoproject.org/cgit/cgit.cgi/poky-contrib/log/?h=akuster/master-next_qemu_fix
I will through it at the AB so will let RP decide if he want to take it
before M3
- Armin
>>
>> Signed-off-by: Changqing Li <changqing.li at windriver.com>
>> ---
>> meta/recipes-devtools/qemu/qemu.inc | 3 +
>> .../qemu/qemu/CVE-2020-7039-1.patch | 44
>> +++++++++++++++
>> .../qemu/qemu/CVE-2020-7039-2.patch | 59
>> ++++++++++++++++++++
>> .../qemu/qemu/CVE-2020-7039-3.patch | 64
>> ++++++++++++++++++++++
>> 4 files changed, 170 insertions(+)
>> create mode 100644
>> meta/recipes-devtools/qemu/qemu/CVE-2020-7039-1.patch
>> create mode 100644
>> meta/recipes-devtools/qemu/qemu/CVE-2020-7039-2.patch
>> create mode 100644
>> meta/recipes-devtools/qemu/qemu/CVE-2020-7039-3.patch
>>
>
> LGTM, I don't see it in master or master-next.
>
> NVD gives this defect a 'critical' score so it would be good to get
> it tested and merged.
> https://nvd.nist.gov/vuln/detail/CVE-2020-7039
>
More information about the Openembedded-core
mailing list