OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
ddbc41de38
qemu-e2k/hw
History
Peter Maydell 5fd7fc8db9 CVE-2014-3615: fix sanity checks in vbe (bochs dispi) and spice. 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJUCZvsAAoJEEy22O7T6HE4D80P/j64duoXcM9G3tWq2L3ki+dA
 t46OnRdMXSb5O5vJkoJ0ZzujgRleHLbV2D5rfFuhWK0slPdDw3dN9aH2FCerI1lD
 5iXGrIsZ6hhxRTYCVTQ8ibttnCtFxhq0YZcJ/8XbHiUH/EaHPHMXWEgxG4B2FgRB
 QXsjQsh+1nIKN41rsNzsCVyxFeTo1pU2aKFbFDbOvZpU0I/hksR/jXhg02Om0zCc
 l8XgLpQfJmhORgA1dptWFLBnsE3ILs+0nfhNt3HBrWn32lLG0bnIFMfcUbn+T5Do
 97aIv68/qFntcNeO/cFouV+3hsl8QE3Qg9bayOWT5ZutCEtOy8wEAtCx4bzep46a
 PM2NbvTBDjPAK0D8Bkr8wvgYeL2ROtuskcLgfcWlbutx3qGlJ1aj7a+OxlUD1yUM
 C24FR2sd3UYl9OX78Vn4DuCR094uILWcNq/5Ym2hi8aWF3TdempcOiQWOJq8Fnbs
 Y0j9O5FxFGVJ0Vt43yjqqwpZMZNqx8zR4UFOx/GuYlRdImz8W4+VeY+/sbVQrMxN
 pwnlQmx+IRp3TuLdnjwU/+7tqRgGyiMqaqLW07fVCSD8glGB60wlYh1ZydZPPy4K
 Ve71qT420p7zjMmlKTBU9IVsJKgSBMovd7M1oLrslxbnnBYxxetO4rMRTEoHxSui
 rT88qImcGxI33oJcOeoq
 =fF3a
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-cve-2014-3615-20140905-1' into staging

CVE-2014-3615: fix sanity checks in vbe (bochs dispi) and spice.

# gpg: Signature made Fri 05 Sep 2014 12:18:04 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-cve-2014-3615-20140905-1:
  spice: make sure we don't overflow ssd->buf
  vbe: rework sanity checks
  vbe: make bochs dispi interface return the correct memory size with qxl

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-05 12:26:33 +01:00
..
9pfs hw/9pfs: Don't return type from host in readdir on local 9p filesystem 2014-09-04 10:51:13 -05:00
acpi pcihp: fix possible array out of bounds 2014-08-25 00:16:06 +02:00
alpha iommu: add is_write as a parameter to the translate function of MemoryRegionIOMMUOps 2014-08-28 23:10:22 +02:00
arm aarch64: raise max_cpus to 8 2014-08-29 15:00:29 +01:00
audio SCSI changes that enable sending vendor-specific commands via virtio-scsi. 2014-08-19 13:00:57 +01:00
block virtio-blk: allow drive_del with dataplane 2014-08-29 16:01:48 +01:00
bt l2cap: fix access to freed memory 2014-08-15 19:12:48 +04:00
char SCSI changes that enable sending vendor-specific commands via virtio-scsi. 2014-08-19 13:00:57 +01:00
core qdev: Add cleanup logic in device_set_realized() to avoid resource leak 2014-09-04 19:15:54 +02:00
cpu
cris machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
display vbe: rework sanity checks 2014-09-04 08:23:14 +02:00
dma dma: axidma: Variablise repeated s->streams[i] sub-expr 2014-08-24 13:16:32 +04:00
gpio savevm: Remove all the unneeded version_minimum_id_old (arm) 2014-05-13 16:09:35 +01:00
i2c Fix debug print warning 2014-09-02 22:38:16 +04:00
i386 trivial patches for 2014-09-03 2014-09-04 13:33:53 +01:00
ide ide: Fix bootindex for bus_id > 9 2014-08-29 10:46:57 +01:00
input Fix debug print warning 2014-09-02 22:38:16 +04:00
intc Fix debug print warning 2014-09-02 22:38:16 +04:00
ipack memory: remove memory_region_destroy 2014-08-18 12:06:21 +02:00
isa Fix debug print warning 2014-09-02 22:38:16 +04:00
lm32 machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
m68k machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
mem pc-dimm: fix up error message 2014-08-14 13:22:00 +02:00
microblaze microblaze: ml605: Get rid of ddr_base variable 2014-08-24 13:16:32 +04:00
mips memory: convert memory_region_destroy to object_unparent 2014-08-18 12:06:20 +02:00
misc vfio: Enable NVIDIA 88000 region quirk regardless of VGA 2014-08-25 12:10:15 -06:00
moxie hw/moxie/moxiesim.c: Remove unused moxie_intc_create() 2014-06-24 20:01:24 +04:00
net Net patches 2014-09-04 17:39:07 +01:00
nvram spapr: Fix RTAS token numbers 2014-06-27 13:48:22 +02:00
openrisc machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
pci pci: avoid losing config updates to MSI/MSIX cap regs 2014-09-02 17:28:26 +03:00
pci-bridge ioh3420: remove unused ioh3420_init() declaration 2014-09-02 17:28:26 +03:00
pci-host intel-iommu: add context-cache to cache context-entry 2014-08-28 23:10:22 +02:00
pcmcia hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
ppc pci, pc fixes, features 2014-09-02 16:07:31 +01:00
s390x sclp-s390: Add memory hotplug SCLPs 2014-09-01 09:25:32 +02:00
scsi pci, pc fixes, features 2014-09-04 12:20:41 +01:00
sd sd: sdhci: Fix ADMA dma_memory_read access 2014-08-04 14:41:54 +01:00
sh4 hw: Fix qemu_allocate_irqs() leaks 2014-06-30 21:13:30 +02:00
sparc tcx: move initialisation from realizefn to initfn 2014-06-05 20:51:57 +01:00
sparc64 sun4u: switch second PCI-ebus bridge BAR over to PCI IO space 2014-08-17 13:12:52 +01:00
ssi ssi: xilinx_spi: Initialise CS GPIOs as NULL 2014-08-15 18:54:40 +04:00
timer Fix debug print warning 2014-09-02 22:38:16 +04:00
tpm Add ACPI tables for TPM 2014-08-25 00:16:06 +02:00
tricore target-tricore: Add board for systemmode 2014-09-01 14:49:20 +01:00
unicore32 machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
usb usb: add usb host adapters exit trace 2014-08-29 12:52:14 +02:00
virtio Net patches 2014-09-04 17:39:07 +01:00
watchdog memory: remove memory_region_destroy 2014-08-18 12:06:21 +02:00
xen memory: remove memory_region_destroy 2014-08-18 12:06:21 +02:00
xenpv machine: Conversion of QEMUMachineInitArgs to MachineState 2014-05-28 17:35:01 +02:00
xtensa hw/xtensa/xtfpga: implement initrd loading 2014-06-29 02:32:42 +04:00
Makefile.objs pc: implement pc-dimm device abstraction 2014-06-19 16:41:47 +03:00