OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/block
History
Stefan Hajnoczi fb6d1bbd24 block/curl: disable extra protocols to prevent CVE-2013-0249 
There is a buffer overflow in libcurl POP3/SMTP/IMAP.  The workaround is
simple: disable extra protocols so that they cannot be exploited.  Full
details here:

  http://curl.haxx.se/docs/adv_20130206.html

QEMU only cares about HTTP, HTTPS, FTP, FTPS, and TFTP.  I have tested
that this fix prevents the exploit on my host with
libcurl-7.27.0-5.fc18.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08 11:14:20 -06:00
..
blkdebug.c
blkverify.c
bochs.c
bochs: Fix bdrv_open() error handling
2013-02-01 14:58:28 +01:00
cloop.c
cloop: Fix bdrv_open() error handling
2013-02-01 14:58:28 +01:00
commit.c
block: fix null-pointer bug on error case in block commit
2013-01-17 10:51:11 +01:00
cow.c
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
2013-01-25 18:18:35 +01:00
curl.c
block/curl: disable extra protocols to prevent CVE-2013-0249
2013-02-08 11:14:20 -06:00
dmg.c
dmg: Use g_free instead of free
2013-02-01 14:58:29 +01:00
gluster.c
iscsi.c
iscsi: add support for iovectors
2013-01-24 15:37:55 +01:00
linux-aio.c
Makefile.objs
mirror.c
mirror: do nothing on zero-sized disk
2013-01-25 18:18:35 +01:00
nbd.c
parallels.c
parallels: Fix bdrv_open() error handling
2013-02-01 14:58:29 +01:00
qcow2-cache.c
qcow2-cluster.c
qcow2-refcount.c
g_malloc(0) and g_malloc0(0) return NULL; simplify
2013-01-30 11:14:46 +01:00
qcow2-snapshot.c
qcow2.c
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
2013-01-25 18:18:35 +01:00
qcow2.h
qcow.c
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
2013-01-25 18:18:35 +01:00
qed-check.c
qed-cluster.c
qed-gencb.c
qed-l2-cache.c
qed-table.c
qed.c
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
2013-01-25 18:18:35 +01:00
qed.h
raw-aio.h
block: make discard asynchronous
2013-01-15 10:03:47 +01:00
raw-posix.c
block/raw-posix: Build fix for O_ASYNC
2013-02-01 15:11:12 +01:00
raw-win32.c
raw.c
rbd.c
sheepdog.c
sheepdog: pass vdi_id to sheep daemon for sd_close()
2013-02-01 14:58:28 +01:00
stream.c
vdi.c
g_malloc(0) and g_malloc0(0) return NULL; simplify
2013-01-30 11:14:46 +01:00
vmdk.c
vmdk: Allow space in file name
2013-02-01 14:58:29 +01:00
vpc.c
vpc: Fix bdrv_open() error handling
2013-02-01 14:58:28 +01:00
vvfat.c
Replace remaining gmtime, localtime by gmtime_r, localtime_r
2013-01-11 09:44:37 +01:00
win32-aio.c
win32-aio: use iov utility functions instead of open-coding them
2013-01-18 09:57:51 +01:00