From unknown Sun Jun 15 08:53:33 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#39225] [PATCH 0/2] QEMU updates Resent-From: Leo Famulari Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 21 Jan 2020 18:57:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 39225 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 39225@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.157963297613672 (code B ref -1); Tue, 21 Jan 2020 18:57:02 +0000 Received: (at submit) by debbugs.gnu.org; 21 Jan 2020 18:56:16 +0000 Received: from localhost ([127.0.0.1]:48487 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ityhA-0003YB-LQ for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:16 -0500 Received: from lists.gnu.org ([209.51.188.17]:35785) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ityh5-0003Xu-Dw for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:11 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:57683) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ityh1-0005qI-Eh for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:07 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.7 required=5.0 tests=BAYES_20,RCVD_IN_DNSWL_LOW, URIBL_BLOCKED autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1itygx-0002Sr-Lg for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:03 -0500 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:35375) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1itygx-0002RZ-FY for guix-patches@gnu.org; Tue, 21 Jan 2020 13:55:59 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 9D1B921C29; Tue, 21 Jan 2020 13:55:57 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 21 Jan 2020 13:55:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; s=mesmtp; bh=c3sUhCXRkR5HA2TgsIyijsX ljVxXKEv4SHgcfjZLMGw=; b=cRocE5KntjZGPqe09Y/+xuStxVjxZr5Hk7VZX+g GllYCuZJi8G30GLxyS/y3M+BqXpSDLv2/aNKSkBSaUbTXxXyujSQrBtzz7bIxQDD bJMdPY//O6k/eWyyHjzZSV2KhelzhguzsrVJhVJj0SEU7pPVXLmYK8LEjujCzk4y uPq4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=c3sUhCXRkR5HA2Tgs IyijsXljVxXKEv4SHgcfjZLMGw=; b=KUc+uBTbKdQ3HQ8QbrKo4xoFEd0kVBeGo UjSbBLQaslXzx/8BC66i5d+YCv3a4VjDlBjrw+dt3NTzCxAkwmOSsK4l8/0EYeVg px6DCzgL3tz3hGdGWoXzY7ojIagGKps//h/Dwqk5i9ct2qiRORlhwdzTEQgqPy1H e92DHZ1pnbvk4PEectuTFa7BNvhZk9PUeiIN7SaVmxdMp08QB+TqgJaFEHtZrf3V kaQ+C6vIJFWI6jUfDgwxm2NoWwlc9AAnZf3iUfVLdcJOrcB5jaFu6GvZcW1WB/8x nsgtPUQRGADAb66T6ahfmNkURdHv87mv/9b3Tp5Ysz9jv2cXTkPPQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudekgdduudejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgggfestdekredtre dttdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhi rdhnrghmvgeqnecukfhppeejiedruddvgedrudefkedrieefnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhn rghmvg X-ME-Proxy: Received: from jasmine.lan (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 15593306097C for ; Tue, 21 Jan 2020 13:55:57 -0500 (EST) From: Leo Famulari Date: Tue, 21 Jan 2020 13:55:50 -0500 Message-Id: X-Mailer: git-send-email 2.25.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.27 X-Spam-Score: -1.4 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.4 (--) The security updates work with our current QEMU package of 4.1.1 as well as 4.2.0. I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image and running it with the "full" QEMU package, and the SLIRP networking works fine in both cases. Leo Famulari (2): gnu: QEMU: Fix CVE-2020-{7039,7211}. gnu: QEMU: Update to 4.2.0. gnu/local.mk | 3 + gnu/packages/patches/qemu-CVE-2020-7039.patch | 173 ++++++++++++++++++ gnu/packages/patches/qemu-CVE-2020-7211.patch | 49 +++++ ...qemu-fix-documentation-build-failure.patch | 43 +++++ gnu/packages/virtualization.scm | 7 +- 5 files changed, 273 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/qemu-CVE-2020-7039.patch create mode 100644 gnu/packages/patches/qemu-CVE-2020-7211.patch create mode 100644 gnu/packages/patches/qemu-fix-documentation-build-failure.patch -- 2.25.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Jan 21 13:59:33 2020 Received: (at control) by debbugs.gnu.org; 21 Jan 2020 18:59:33 +0000 Received: from localhost ([127.0.0.1]:48501 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1itykO-0003eQ-Pw for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:59:33 -0500 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:35469) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1itykM-0003eD-SD for control@debbugs.gnu.org; Tue, 21 Jan 2020 13:59:31 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 9EFBE22129; Tue, 21 Jan 2020 13:59:25 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 21 Jan 2020 13:59:25 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:message-id:mime-version:content-type; s=mesmtp; bh=B+PEffjX08hwWs7MUv2/q18z0O/A/FQj1DKj5Cx71Lk=; b=xnhx56KmuuH3 ythxCpFtHDsoQgcKLNwlkdTgDRXQssJFrHhmyuRA+zspT0QLf1GjRN6+1p2we/Y7 x+9oj/HM1W6axOOKIyGr7aMu8T6Da1rZA0epGZ3VqJeKa0ycyDw5cXr9HkdhXSQ6 dq4R2Zp/tAKV0U6yOmUWzJfBrnxMfH0= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=B+PEffjX08hwWs7MUv2/q18z0O/A/FQj1DKj5Cx71 Lk=; b=kqGpcb2Qtsl10ARHdIHN+8V1JAl0XRXA+B+YhA03BoDad8OSm5CryKSvM wd2ABRvGf6hbqYTQEl/zu+XETCJiilSF6Er1esKMCTZkoLPYcbOHbQfE/ZynqEXL E+AhMnSpTSXBpN7Faih42YODKfmckre3BpZcVAmlpZgj34gs7QFoJy9Z56MMWa0G qlrzBOhwk31+31/LkVLYMi2jOJvphvRhTcCYpDb1bT3vyOscwTiuznMhwMnacJKx hh0hZry/mharN3M0yGhPrDxBKXP98N7EfVA0V2bVQOTpzjeJN8qvmBQnCj1m05FV o1vRRIX6VPPhHVrlHJThXPROwUvbA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudekgdduudekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucfgmhhpthihuchsuhgsjhgvtghtucdluddtmdenuc fjughrpeffhffvkfggtggusehttdertddttddvnecuhfhrohhmpefnvghoucfhrghmuhhl rghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqeenucfkphepjeeirdduvdegrd dufeekrdeifeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhr ohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 5C13B3060986 for ; Tue, 21 Jan 2020 13:59:25 -0500 (EST) Date: Tue, 21 Jan 2020 13:59:24 -0500 From: Leo Famulari To: control@debbugs.gnu.org Message-ID: <20200121185924.GA2542@jasmine.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: merge 39225 39226 merge 39225 39227 Content analysis details: (1.3 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: famulari.name] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [66.111.4.27 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.3 (/) merge 39225 39226 merge 39225 39227 From unknown Sun Jun 15 08:53:33 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#39225] [PATCH 0/2] QEMU updates Resent-From: Tobias Geerinckx-Rice Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 21 Jan 2020 20:15:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 39225 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 39225@debbugs.gnu.org Cc: Leo Famulari Received: via spool by 39225-submit@debbugs.gnu.org id=B39225.157963768528685 (code B ref 39225); Tue, 21 Jan 2020 20:15:02 +0000 Received: (at 39225) by debbugs.gnu.org; 21 Jan 2020 20:14:45 +0000 Received: from localhost ([127.0.0.1]:48529 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1itzvB-0007Sb-Bp for submit@debbugs.gnu.org; Tue, 21 Jan 2020 15:14:45 -0500 Received: from tobias.gr ([80.241.217.52]:43614) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1itzv8-0007SQ-0w for 39225@debbugs.gnu.org; Tue, 21 Jan 2020 15:14:43 -0500 Received: by tobias.gr (OpenSMTPD) with ESMTP id 09780e96; Tue, 21 Jan 2020 20:14:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=tobias.gr; h=from:to:cc :subject:references:in-reply-to:date:message-id:mime-version :content-type; s=2018; i=me@tobias.gr; bh=pYxDVWR+FC5qrdVsyYEukE AGc4A4p9KAARqnX3zlYlU=; b=YV8z9w24Zm3tbrk1vV4ISbE788ffhk/NqPbw+3 QBflksn44JF0cVFsTxNYL/+RsbXR1iTg0RAByBZSQYBeLj+yD+CS2fzVsyoZfjUU ug0jRwhuM39BWno5Egq9+ClT4nQOP3bLr8YV1RWbsrIBs/5TvYRRzukf8dmjQTFY 18UG2oLz5DjiZRZWN69AfiJvbRMtcRngEAeIwsbPz9SaKdPHXt2RFDfuzcoac6HD e7nhgisHT/WRfahHidpEHEvNPhiPxhKaGTTPohiCsfxzVqfHxrvA6kJwJJu1o3Fl Nz083lKdWtA77YzPx9hIF+gn1S8VL52yDlWM5x4H9G/C70xg== Received: by submission.tobias.gr (OpenSMTPD) with ESMTPSA id a52fd48d (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Tue, 21 Jan 2020 20:14:39 +0000 (UTC) From: Tobias Geerinckx-Rice References: In-reply-to: Date: Tue, 21 Jan 2020 21:14:40 +0100 Message-ID: <87muaga7nz.fsf@nckx> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) --=-=-= Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Leo, Leo Famulari =E5=86=99=E9=81=93=EF=BC=9A > The security updates work with our current QEMU package of 4.1.1=20 > as well > as 4.2.0. > > I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image=20 > and > running it with the "full" QEMU package, and the SLIRP=20 > networking works > fine in both cases. Have you run the Guix System test suite with this new Qemu? Both patches LGTM. Thanks! T G-R --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfo+u0AlEeO9y5k0W2Imw8BjFSTwFAl4nW7AACgkQ2Imw8BjF STyc4Q//ZbP/UEBtfUWu7ujhlD4X+o3wT/+HoYo/rWqF6aJiIEBa+FvWNPNoNBhQ f/BnokJzDTDoNQwJYpXAUTsLfJo3AXdO818YiKpxK30rOLqc/d9aNy2zs84xxBvz l3PZu/MUMfNctFLYOax2CXmZOu3RrqrAydlGy6/MAwTIUmuVJYyxLFVZY7FMbVPC nP3Hai35t873zVE5VcYQNN6k5RSCVkLfAdcaH54OkXDh8xjwHKi/uToO0AEDCT8v 3iJUUZoQM2pHwMgFzqGslZbbItbkonyZ3hvQT7z9QM/I2goZnbhqZFYcTilvN0NZ w7sJJUFwz9tdGWRIWnZW4b0WL8aE/eoMwy/WhTW3AeCRuLVxX7N6N+c7tG9swGr7 3cn/0vbZUUXn46wQxKptMa+Ry5MVg50gOVO1yu+FYQ2/K5WOyh+xXd4U3eFJjg1j vp9DBKsbUy8s2Va8oT0Z9JmfdnFES4Db+Ok1vmPrqLmvOxF8TPvxrAlpvadUnGfR 6e/brm7Z7YSI3vbsF1Nsoa3D8ai3q2rKNIxj8DGac03LktnlvFOKQIgdafG87diP xx/Bw4Vs7fyt3+sdZ9NcoPkN3uYF8Dt4cCuzY8lhIv8Vq4TH3soEMun5n4Oj5jr8 ygZBHOJJQiwbO9y0y8cHnhsi+3AWekc/YOXDoaf7Dd8DlPR02W4= =99pL -----END PGP SIGNATURE----- --=-=-=-- From unknown Sun Jun 15 08:53:33 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#39225] [PATCH 0/2] QEMU updates Resent-From: Leo Famulari Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 21 Jan 2020 21:53:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 39225 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Tobias Geerinckx-Rice Cc: 39225@debbugs.gnu.org Received: via spool by 39225-submit@debbugs.gnu.org id=B39225.157964356113543 (code B ref 39225); Tue, 21 Jan 2020 21:53:02 +0000 Received: (at 39225) by debbugs.gnu.org; 21 Jan 2020 21:52:41 +0000 Received: from localhost ([127.0.0.1]:48622 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iu1Rt-0003WG-Mn for submit@debbugs.gnu.org; Tue, 21 Jan 2020 16:52:41 -0500 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:59029) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iu1Rm-0003Vo-1F for 39225@debbugs.gnu.org; Tue, 21 Jan 2020 16:52:34 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id C6F4122148; Tue, 21 Jan 2020 16:52:24 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 21 Jan 2020 16:52:24 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=O03qeKTl0hfeU9fR1mZxaBOG d/Z5qAaV9tt8DdwE/0I=; b=Ca9/YGjIi3eBy74KGszIH9QEvl5FUQqLJbM5Am3q 9uOrFWMdPwT6kxfQ5WZCYAXSiUDavAGgBsy+BDiVQLfWNDMb71FO9bCG9WMApwx3 kfCM8sCXJZSSEQP/UBNQTisVZ31GhE/eJ8yBJNOx1tmC+HEbA10ZIOlXLEIn9t0U JEE= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=O03qeK Tl0hfeU9fR1mZxaBOGd/Z5qAaV9tt8DdwE/0I=; b=dgcVnRFufKwQGbDYNOAXUC Y95LJtIyjJ4qs2LGvvpiePxzP1cgx6SCYRcFmL6JSx6A3xbNJFSM0D5d1cz6JnM/ +QBq8usNu09bbLBJ8Zuax9D+HarV64/qJbXpaUJKjLi/tW094h1XH2HB0xiq4wPQ z7O+cMCPPrUpr+/J7eZS1RjpaJ6ldE9GOVv8OrEOsPDEzKLvyQPnsXvSif6z0IFt 0xhg4CQwzE64qbXJ4ED7V7368G8g4mqb2Bai1hQOHNyQaruofnSvDu5saxc1+NQm r8/K/I+33i6zYUuW8eHpDAmBoh2qT4Mk9VNssbgnbhN4SteIm87v0EIfGhCpkAfg == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudekgdduhedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesghdtre ertddtvdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgr rhhirdhnrghmvgeqnecuffhomhgrihhnpehgnhhurdhorhhgnecukfhppeejiedruddvge drudefkedrieefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhf rhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 3C6E43280060; Tue, 21 Jan 2020 16:52:24 -0500 (EST) Date: Tue, 21 Jan 2020 16:52:19 -0500 From: Leo Famulari Message-ID: <20200121215219.GA9078@jasmine.lan> References: <87muaga7nz.fsf@nckx> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="G4iJoqBmSsgzjUCe" Content-Disposition: inline In-Reply-To: <87muaga7nz.fsf@nckx> X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --G4iJoqBmSsgzjUCe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Jan 21, 2020 at 09:14:40PM +0100, Tobias Geerinckx-Rice wrote: > Have you run the Guix System test suite with this new Qemu? The basic and openssh tests did pass. I don't have the computing resources or time to continue testing it. Can we use Cuirass on to test it more fully? --G4iJoqBmSsgzjUCe Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl4ncpAACgkQJkb6MLrK fwh2HQ/7B1eum0cGyoRfKv6ACuOAOTSP2gFKUcWJuscll2ECkkW0rawrgHc9neKP NgXdHYVCx6K9lNsk55R+AAfKVtXWgwRMh7m2sqKO8s7NzUb8xe5wDc4mMKzwkdTl H28+CWeVK/Osb/hWw7bWp7TnKhXuO61rhgYLky0r31gdcz5BSfuLbVa2lIWaGzod VKPujowuxerHKNzXHjgXOGmcUvKEXDOKjS4/wq5Y1k1A2sRLXH1va8Q+DrV8reDu kxTLM46t21UhomDT/WnTojlK3YQ9PtvQCCFqTXbuMQS4JAc3R9kHwy9LToFD2XX5 DBnyoEBaqmM5oM1mZ0qrdfIhFhp1DS7xzQu4ksdE9QmSewzjHmcShcEupte1E7E+ vXCPE32FBhXUPHAEydTk168T0stEJvZmGHZxNcdfBJsnBHjRPLRjcdlbFCHU69lf nJr6D6vWJDXPJWjttNYtlq/KzeXkCzy5hH9oV76Ar8ROq+ZjI7UMg1KdnEc2+r7U CUXuQoawc0Nb19yZcgwlFowyRDivHqOSPSojW5L1jnEd+IaghXoV+Yp0L7v7oOJ1 egXzkuVvsFpvyYdaG5kKVHyJbIjsqyWLoN9pBiIzyCqivDi8dZOd7YpFCrpMeT+C w6HSHsgF6aqaMNbO5fOPUVr38wA4hYCpBKOql6fXCSAbvm5zweI= =h201 -----END PGP SIGNATURE----- --G4iJoqBmSsgzjUCe-- From unknown Sun Jun 15 08:53:33 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Leo Famulari Subject: bug#39225: closed (Re: [PATCH 0/2] QEMU updates) Message-ID: References: <20200125021359.GA7762@jasmine.lan> X-Gnu-PR-Message: they-closed 39225 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 39225@debbugs.gnu.org Date: Sat, 25 Jan 2020 02:15:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1579918502-23723-1" This is a multi-part message in MIME format... ------------=_1579918502-23723-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #39225: [PATCH 0/2] QEMU updates which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 39225@debbugs.gnu.org. --=20 39225: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D39225 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1579918502-23723-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 39225-done) by debbugs.gnu.org; 25 Jan 2020 02:14:08 +0000 Received: from localhost ([127.0.0.1]:54891 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ivAxc-00069M-JT for submit@debbugs.gnu.org; Fri, 24 Jan 2020 21:14:08 -0500 Received: from wout3-smtp.messagingengine.com ([64.147.123.19]:47501) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ivAxb-00069A-CR for 39225-done@debbugs.gnu.org; Fri, 24 Jan 2020 21:14:08 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 8B7CE48E; Fri, 24 Jan 2020 21:14:01 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Fri, 24 Jan 2020 21:14:01 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=nla4oAWJW5MUJJVfZHinnhzk zX727ggUOOp7kZVa4Mk=; b=S7J54COVWBcLHvTZwPwTcbUt8+8Vy+XujG+Bd9Yo MQkr/e3c1Ljlg3d/WdvL+lKV27P9h7eeqVJhQ/w1cLfCLkb0PSY4k4dQMxfqsMym Uri5ZoknlPwxLaM1u8o70Gy4Yc6++aHWwdzPkP4DurIvxKOjRtF6Z3GRwH91xd18 9Ic= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=nla4oA WJW5MUJJVfZHinnhzkzX727ggUOOp7kZVa4Mk=; b=UUHrBf75p3mtMNBUZM9La9 1GglcGQJFnH4uPIGEEoywTAs/EosjB0Gw44WPA8vtiQkcOdSl3rvBU19dMuILOnu 71EIZkGvBSo31wUKYEyERxjsXhUNf8IbrC3O+QMPnoUddrO6PQjC0SnggwW1DecE Y6/kH1d2VVCToMxHuaDt/eUlpRu8EjXWcyeuc6CHxasfImWu2wKpUOkuIBbl9Pm4 m6x4KbRZY0fu+lCdSiU8AguHh3MFjwtQxTvOK7F//srhhUebbS2FnO6sluucmpV5 ufDF2FONgBG2H3xp4cOs9bqEcKmq1GsrqoVhoNtq/quMdTnePTvv29HuHm4GIncQ == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrvdeigdegfecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukfhfgggtuggjsehgtderre dttddvnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhlrghr ihdrnhgrmhgvqeenucffohhmrghinhepqhgvmhhurdhorhhgnecukfhppeejiedruddvge drudefkedrieefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhf rhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id E00E3328005E for <39225-done@debbugs.gnu.org>; Fri, 24 Jan 2020 21:14:00 -0500 (EST) Date: Fri, 24 Jan 2020 21:13:59 -0500 From: Leo Famulari To: 39225-done@debbugs.gnu.org Subject: Re: [PATCH 0/2] QEMU updates Message-ID: <20200125021359.GA7762@jasmine.lan> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="YZ5djTAD1cGYuMQK" Content-Disposition: inline In-Reply-To: X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 39225-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --YZ5djTAD1cGYuMQK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 21, 2020 at 01:55:50PM -0500, Leo Famulari wrote: > The security updates work with our current QEMU package of 4.1.1 as well > as 4.2.0. >=20 > I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image and > running it with the "full" QEMU package, and the SLIRP networking works > fine in both cases. Pushed as 3778b3d9d013a443eec7990c31f47f887f72fe59, along with a 3rd patch that brings back the QEMU man pages. QEMU 4.0 began requiring the use of Sphinx to build them: https://wiki.qemu.org/ChangeLog/4.0#Build_Dependencies --YZ5djTAD1cGYuMQK Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl4rpGcACgkQJkb6MLrK fwh+NRAAiZZY7P/ueR52nqqmYsGeG4T45foEx+DqpL2bsOHFamUD/Rk/+y1R2PZ1 sR9ZN29afyvPZ/8Oc+3S4WeOuz9k0knFxzgafiQdVlGOHdO8sJA/N+qV+3EEQ0NX xN+HfC9ipRdUAvzv/oYuBQat5jqGLqud3asvJZ3hWYn+2W5znqfXf6xgDRBxvkRP iLn7Raegm1LmvrkuEh0l9ahgW9FyC5q38X3KcEP86WlFQkD2OgMGZIb+yRSKBeKQ Mn89pH9669Ll5Nix+wnQ3VS6sgaSN0F11OeL7yWkOKZZSkLyErCbbRDCFYjvPiR4 Grph+hFdXSbhuTokvyGqvk4JKziQ1YBPjRZoceIUOzqiFKXgJ934VT9wGrEhBp7h CbmScxTmg6AOziJaBqSWPKmwssCgXEQIYyMtxxajPCjnq01e2c2fCLt9lBm1TU8D E7Nb6nediRmiKtagZsjUpY1khAyQDgHnaKS6VMB1KW5ZOsUb3v09Q3BuXVK7pjRz kO2XsSqL4VPfxhnA8pubQbZRs8U5DQ3tSqLXhOKiWzvtIWlqmHEDuWTCMhMd2C5g pLRa+w5pi45u//myYNplBH09JbObuxNx8aP0nsL9MxpAQa29GyjK/MfZ6UPuBbrj e/oQik32zHKeFOsFWB1QqfM2jockLKnfdqC6mvDSakWe+r6Dlb0= =R4Bc -----END PGP SIGNATURE----- --YZ5djTAD1cGYuMQK-- ------------=_1579918502-23723-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 21 Jan 2020 18:56:16 +0000 Received: from localhost ([127.0.0.1]:48487 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ityhA-0003YB-LQ for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:16 -0500 Received: from lists.gnu.org ([209.51.188.17]:35785) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ityh5-0003Xu-Dw for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:11 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:57683) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ityh1-0005qI-Eh for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:07 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.7 required=5.0 tests=BAYES_20,RCVD_IN_DNSWL_LOW, URIBL_BLOCKED autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1itygx-0002Sr-Lg for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:03 -0500 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:35375) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1itygx-0002RZ-FY for guix-patches@gnu.org; Tue, 21 Jan 2020 13:55:59 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 9D1B921C29; Tue, 21 Jan 2020 13:55:57 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 21 Jan 2020 13:55:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; s=mesmtp; bh=c3sUhCXRkR5HA2TgsIyijsX ljVxXKEv4SHgcfjZLMGw=; b=cRocE5KntjZGPqe09Y/+xuStxVjxZr5Hk7VZX+g GllYCuZJi8G30GLxyS/y3M+BqXpSDLv2/aNKSkBSaUbTXxXyujSQrBtzz7bIxQDD bJMdPY//O6k/eWyyHjzZSV2KhelzhguzsrVJhVJj0SEU7pPVXLmYK8LEjujCzk4y uPq4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=c3sUhCXRkR5HA2Tgs IyijsXljVxXKEv4SHgcfjZLMGw=; b=KUc+uBTbKdQ3HQ8QbrKo4xoFEd0kVBeGo UjSbBLQaslXzx/8BC66i5d+YCv3a4VjDlBjrw+dt3NTzCxAkwmOSsK4l8/0EYeVg px6DCzgL3tz3hGdGWoXzY7ojIagGKps//h/Dwqk5i9ct2qiRORlhwdzTEQgqPy1H e92DHZ1pnbvk4PEectuTFa7BNvhZk9PUeiIN7SaVmxdMp08QB+TqgJaFEHtZrf3V kaQ+C6vIJFWI6jUfDgwxm2NoWwlc9AAnZf3iUfVLdcJOrcB5jaFu6GvZcW1WB/8x nsgtPUQRGADAb66T6ahfmNkURdHv87mv/9b3Tp5Ysz9jv2cXTkPPQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudekgdduudejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgggfestdekredtre dttdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhi rdhnrghmvgeqnecukfhppeejiedruddvgedrudefkedrieefnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhn rghmvg X-ME-Proxy: Received: from jasmine.lan (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 15593306097C for ; Tue, 21 Jan 2020 13:55:57 -0500 (EST) From: Leo Famulari To: guix-patches@gnu.org Subject: [PATCH 0/2] QEMU updates Date: Tue, 21 Jan 2020 13:55:50 -0500 Message-Id: X-Mailer: git-send-email 2.25.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.27 X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.4 (--) The security updates work with our current QEMU package of 4.1.1 as well as 4.2.0. I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image and running it with the "full" QEMU package, and the SLIRP networking works fine in both cases. Leo Famulari (2): gnu: QEMU: Fix CVE-2020-{7039,7211}. gnu: QEMU: Update to 4.2.0. gnu/local.mk | 3 + gnu/packages/patches/qemu-CVE-2020-7039.patch | 173 ++++++++++++++++++ gnu/packages/patches/qemu-CVE-2020-7211.patch | 49 +++++ ...qemu-fix-documentation-build-failure.patch | 43 +++++ gnu/packages/virtualization.scm | 7 +- 5 files changed, 273 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/qemu-CVE-2020-7039.patch create mode 100644 gnu/packages/patches/qemu-CVE-2020-7211.patch create mode 100644 gnu/packages/patches/qemu-fix-documentation-build-failure.patch -- 2.25.0 ------------=_1579918502-23723-1-- From unknown Sun Jun 15 08:53:33 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Leo Famulari Subject: bug#39226: closed (Re: [PATCH 0/2] QEMU updates) Message-ID: References: <20200125021359.GA7762@jasmine.lan> <53df75fcc13eff9e9bc2f33179ac976d14e36c6b.1579632845.git.leo@famulari.name> X-Gnu-PR-Message: they-closed 39226 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 39226@debbugs.gnu.org Date: Sat, 25 Jan 2020 02:15:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1579918502-23723-3" This is a multi-part message in MIME format... ------------=_1579918502-23723-3 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #39225: [PATCH 1/2] gnu: QEMU: Fix CVE-2020-{7039,7211}. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 39226@debbugs.gnu.org. --=20 39225: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D39225 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1579918502-23723-3 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 39225-done) by debbugs.gnu.org; 25 Jan 2020 02:14:08 +0000 Received: from localhost ([127.0.0.1]:54891 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ivAxc-00069M-JT for submit@debbugs.gnu.org; Fri, 24 Jan 2020 21:14:08 -0500 Received: from wout3-smtp.messagingengine.com ([64.147.123.19]:47501) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ivAxb-00069A-CR for 39225-done@debbugs.gnu.org; Fri, 24 Jan 2020 21:14:08 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 8B7CE48E; Fri, 24 Jan 2020 21:14:01 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Fri, 24 Jan 2020 21:14:01 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=nla4oAWJW5MUJJVfZHinnhzk zX727ggUOOp7kZVa4Mk=; b=S7J54COVWBcLHvTZwPwTcbUt8+8Vy+XujG+Bd9Yo MQkr/e3c1Ljlg3d/WdvL+lKV27P9h7eeqVJhQ/w1cLfCLkb0PSY4k4dQMxfqsMym Uri5ZoknlPwxLaM1u8o70Gy4Yc6++aHWwdzPkP4DurIvxKOjRtF6Z3GRwH91xd18 9Ic= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=nla4oA WJW5MUJJVfZHinnhzkzX727ggUOOp7kZVa4Mk=; b=UUHrBf75p3mtMNBUZM9La9 1GglcGQJFnH4uPIGEEoywTAs/EosjB0Gw44WPA8vtiQkcOdSl3rvBU19dMuILOnu 71EIZkGvBSo31wUKYEyERxjsXhUNf8IbrC3O+QMPnoUddrO6PQjC0SnggwW1DecE Y6/kH1d2VVCToMxHuaDt/eUlpRu8EjXWcyeuc6CHxasfImWu2wKpUOkuIBbl9Pm4 m6x4KbRZY0fu+lCdSiU8AguHh3MFjwtQxTvOK7F//srhhUebbS2FnO6sluucmpV5 ufDF2FONgBG2H3xp4cOs9bqEcKmq1GsrqoVhoNtq/quMdTnePTvv29HuHm4GIncQ == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrvdeigdegfecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukfhfgggtuggjsehgtderre dttddvnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhlrghr ihdrnhgrmhgvqeenucffohhmrghinhepqhgvmhhurdhorhhgnecukfhppeejiedruddvge drudefkedrieefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhf rhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id E00E3328005E for <39225-done@debbugs.gnu.org>; Fri, 24 Jan 2020 21:14:00 -0500 (EST) Date: Fri, 24 Jan 2020 21:13:59 -0500 From: Leo Famulari To: 39225-done@debbugs.gnu.org Subject: Re: [PATCH 0/2] QEMU updates Message-ID: <20200125021359.GA7762@jasmine.lan> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="YZ5djTAD1cGYuMQK" Content-Disposition: inline In-Reply-To: X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 39225-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --YZ5djTAD1cGYuMQK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 21, 2020 at 01:55:50PM -0500, Leo Famulari wrote: > The security updates work with our current QEMU package of 4.1.1 as well > as 4.2.0. >=20 > I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image and > running it with the "full" QEMU package, and the SLIRP networking works > fine in both cases. Pushed as 3778b3d9d013a443eec7990c31f47f887f72fe59, along with a 3rd patch that brings back the QEMU man pages. QEMU 4.0 began requiring the use of Sphinx to build them: https://wiki.qemu.org/ChangeLog/4.0#Build_Dependencies --YZ5djTAD1cGYuMQK Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl4rpGcACgkQJkb6MLrK fwh+NRAAiZZY7P/ueR52nqqmYsGeG4T45foEx+DqpL2bsOHFamUD/Rk/+y1R2PZ1 sR9ZN29afyvPZ/8Oc+3S4WeOuz9k0knFxzgafiQdVlGOHdO8sJA/N+qV+3EEQ0NX xN+HfC9ipRdUAvzv/oYuBQat5jqGLqud3asvJZ3hWYn+2W5znqfXf6xgDRBxvkRP iLn7Raegm1LmvrkuEh0l9ahgW9FyC5q38X3KcEP86WlFQkD2OgMGZIb+yRSKBeKQ Mn89pH9669Ll5Nix+wnQ3VS6sgaSN0F11OeL7yWkOKZZSkLyErCbbRDCFYjvPiR4 Grph+hFdXSbhuTokvyGqvk4JKziQ1YBPjRZoceIUOzqiFKXgJ934VT9wGrEhBp7h CbmScxTmg6AOziJaBqSWPKmwssCgXEQIYyMtxxajPCjnq01e2c2fCLt9lBm1TU8D E7Nb6nediRmiKtagZsjUpY1khAyQDgHnaKS6VMB1KW5ZOsUb3v09Q3BuXVK7pjRz kO2XsSqL4VPfxhnA8pubQbZRs8U5DQ3tSqLXhOKiWzvtIWlqmHEDuWTCMhMd2C5g pLRa+w5pi45u//myYNplBH09JbObuxNx8aP0nsL9MxpAQa29GyjK/MfZ6UPuBbrj e/oQik32zHKeFOsFWB1QqfM2jockLKnfdqC6mvDSakWe+r6Dlb0= =R4Bc -----END PGP SIGNATURE----- --YZ5djTAD1cGYuMQK-- ------------=_1579918502-23723-3 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 21 Jan 2020 18:56:25 +0000 Received: from localhost ([127.0.0.1]:48489 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ityhE-0003YT-OF for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:25 -0500 Received: from lists.gnu.org ([209.51.188.17]:59398) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ityh4-0003Xs-RG for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:14 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:57681) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ityh1-0005qH-5Y for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:06 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_05,RCVD_IN_DNSWL_LOW, URIBL_BLOCKED autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1itygx-0002Sz-MZ for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:03 -0500 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:44963) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1itygx-0002RY-Do for guix-patches@gnu.org; Tue, 21 Jan 2020 13:55:59 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 9EA2C21EAF; Tue, 21 Jan 2020 13:55:57 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 21 Jan 2020 13:55:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=mesmtp; bh=J53fVKKJhi 4MNbOUq53MhGtRWSsCEHodAOsiHGOZP1Q=; b=Rnwpy1dxCWZE91bgsnjlXUCZ/U bG940iVL7oyzFQobVPn65N2DPqZ4cC6F7fjwsYxFF8/CRSzjgiWh+r/j6C5eLxT/ Tc8aXu8si04jmRrNBs9fRiQuNDgWbtpqdLbKqejQIp25dbn8Gq8paBZM7ZTyuCj1 HITpq7bz9sXdaKjuQ= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; bh=J53fVKKJhi4MNbOUq53MhGtRWSsCEHodAOsiHGOZP1Q=; b=DzGjWf0s QQjn8Z1M6Gn9CGYlvyFfhyxmthMEE3Z4BBcojt89WInYQzWOMnndOBFDLZmI6zoc yg1ixNSKBzcqlUAXOTXaX1zVkVABgB6e87qh2gmMdDJ4RYX3leM1Qe401cbdAcom +MKg592vFpCdkOCMKOGmcd+9ZtyDekgbkBU+9IswL5y4vnNm+UsynvXSAfrZnGQL iptE7G0fHSP9VL6HIy7VRx59meSBvFkehbe1XAb66stmWf+C3HRit7Yd2HXKkHY+ OJryRzXunGbijCuugHDq/TxtzLiIoM80HEisHs20DEDIMMcY4It/XHEU/WWbATRF JEyTB3PHC6SyQw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudekgdduudejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgjfhgggfestdekre dtredttdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgr rhhirdhnrghmvgeqnecuffhomhgrihhnpehmihhtrhgvrdhorhhgpdhfrhgvvgguvghskh htohhprdhorhhgpdhsvghmvhgvrhdrohhrghdplhgruhhntghhphgrugdrnhgvthdpqhgv mhhurdhorhhgnecukfhppeejiedruddvgedrudefkedrieefnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhn rghmvg X-ME-Proxy: Received: from jasmine.lan (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 374C93060A08 for ; Tue, 21 Jan 2020 13:55:57 -0500 (EST) From: Leo Famulari To: guix-patches@gnu.org Subject: [PATCH 1/2] gnu: QEMU: Fix CVE-2020-{7039,7211}. Date: Tue, 21 Jan 2020 13:55:51 -0500 Message-Id: <53df75fcc13eff9e9bc2f33179ac976d14e36c6b.1579632845.git.leo@famulari.name> X-Mailer: git-send-email 2.25.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.27 X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.1 (/) * gnu/packages/patches/qemu-CVE-2020-7039.patch, gnu/packages/patches/qemu-CVE-2020-7211.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/virtualization.scm (qemu)[source]: Use them. --- gnu/local.mk | 2 + gnu/packages/patches/qemu-CVE-2020-7039.patch | 173 ++++++++++++++++++ gnu/packages/patches/qemu-CVE-2020-7211.patch | 49 +++++ gnu/packages/virtualization.scm | 2 + 4 files changed, 226 insertions(+) create mode 100644 gnu/packages/patches/qemu-CVE-2020-7039.patch create mode 100644 gnu/packages/patches/qemu-CVE-2020-7211.patch diff --git a/gnu/local.mk b/gnu/local.mk index 626d91ce62..1a01a87c40 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1334,6 +1334,8 @@ dist_patch_DATA = \ %D%/packages/patches/python-unittest2-remove-argparse.patch \ %D%/packages/patches/python-waitress-fix-tests.patch \ %D%/packages/patches/qemu-glibc-2.27.patch \ + %D%/packages/patches/qemu-CVE-2020-7039.patch \ + %D%/packages/patches/qemu-CVE-2020-7211.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/qtbase-use-TZDIR.patch \ %D%/packages/patches/qtscript-disable-tests.patch \ diff --git a/gnu/packages/patches/qemu-CVE-2020-7039.patch b/gnu/packages/patches/qemu-CVE-2020-7039.patch new file mode 100644 index 0000000000..ffebda68ab --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2020-7039.patch @@ -0,0 +1,173 @@ +Fix CVE-2020-7039: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039 + +Patches copied from upstream dependency repository: + +https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289 +https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9 +https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80 + +From 2655fffed7a9e765bcb4701dd876e9dab975f289 Mon Sep 17 00:00:00 2001 +From: Samuel Thibault +Date: Wed, 8 Jan 2020 00:58:48 +0100 +Subject: [PATCH] tcp_emu: Fix oob access + +The main loop only checks for one available byte, while we sometimes +need two bytes. +--- + CHANGELOG.md | 1 + + src/tcp_subr.c | 7 +++++++ + 2 files changed, 8 insertions(+) + +#diff --git a/CHANGELOG.md b/CHANGELOG.md +#index 00d0ce2..5cf94a8 100644 +#--- a/CHANGELOG.md +#+++ b/CHANGELOG.md +#@@ -20,6 +20,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 +# ### Fixed +# +# - ncsi: fix checksum OOB memory access +#+ - `tcp_emu()`: fix OOB accesses +# +# ## [4.1.0] - 2019-12-02 +# +diff --git a/src/tcp_subr.c b/src/tcp_subr.c +index 382aa38..9c1bdec 100644 +--- a/slirp/src/tcp_subr.c ++++ b/slirp/src/tcp_subr.c +@@ -871,6 +871,9 @@ int tcp_emu(struct socket *so, struct mbuf *m) + break; + + case 5: ++ if (bptr == m->m_data + m->m_len - 1) ++ return 1; /* We need two bytes */ ++ + /* + * The difference between versions 1.0 and + * 2.0 is here. For future versions of +@@ -886,6 +889,10 @@ int tcp_emu(struct socket *so, struct mbuf *m) + /* This is the field containing the port + * number that RA-player is listening to. + */ ++ ++ if (bptr == m->m_data + m->m_len - 1) ++ return 1; /* We need two bytes */ ++ + lport = (((uint8_t *)bptr)[0] << 8) + ((uint8_t *)bptr)[1]; + if (lport < 6970) + lport += 256; /* don't know why */ +-- +2.24.1 + +From ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Thu, 9 Jan 2020 15:12:27 +0530 +Subject: [PATCH] slirp: use correct size while emulating IRC commands + +While emulating IRC DCC commands, tcp_emu() uses 'mbuf' size +'m->m_size' to write DCC commands via snprintf(3). This may +lead to OOB write access, because 'bptr' points somewhere in +the middle of 'mbuf' buffer, not at the start. Use M_FREEROOM(m) +size to avoid OOB access. + +Reported-by: Vishnu Dev TJ +Signed-off-by: Prasad J Pandit +Reviewed-by: Samuel Thibault +Message-Id: <20200109094228.79764-2-ppandit@redhat.com> +--- + src/tcp_subr.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/src/tcp_subr.c b/src/tcp_subr.c +index 9c1bdec..ee7a938 100644 +--- a/slirp/src/tcp_subr.c ++++ b/slirp/src/tcp_subr.c +@@ -763,7 +763,8 @@ int tcp_emu(struct socket *so, struct mbuf *m) + return 1; + } + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += snprintf(bptr, m->m_size, "DCC CHAT chat %lu %u%c\n", ++ m->m_len += snprintf(bptr, M_FREEROOM(m), ++ "DCC CHAT chat %lu %u%c\n", + (unsigned long)ntohl(so->so_faddr.s_addr), + ntohs(so->so_fport), 1); + } else if (sscanf(bptr, "DCC SEND %256s %u %u %u", buff, &laddr, &lport, +@@ -773,8 +774,8 @@ int tcp_emu(struct socket *so, struct mbuf *m) + return 1; + } + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += +- snprintf(bptr, m->m_size, "DCC SEND %s %lu %u %u%c\n", buff, ++ m->m_len += snprintf(bptr, M_FREEROOM(m), ++ "DCC SEND %s %lu %u %u%c\n", buff, + (unsigned long)ntohl(so->so_faddr.s_addr), + ntohs(so->so_fport), n1, 1); + } else if (sscanf(bptr, "DCC MOVE %256s %u %u %u", buff, &laddr, &lport, +@@ -784,8 +785,8 @@ int tcp_emu(struct socket *so, struct mbuf *m) + return 1; + } + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += +- snprintf(bptr, m->m_size, "DCC MOVE %s %lu %u %u%c\n", buff, ++ m->m_len += snprintf(bptr, M_FREEROOM(m), ++ "DCC MOVE %s %lu %u %u%c\n", buff, + (unsigned long)ntohl(so->so_faddr.s_addr), + ntohs(so->so_fport), n1, 1); + } +-- +2.24.1 + +From 82ebe9c370a0e2970fb5695aa19aa5214a6a1c80 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Thu, 9 Jan 2020 15:12:28 +0530 +Subject: [PATCH] slirp: use correct size while emulating commands + +While emulating services in tcp_emu(), it uses 'mbuf' size +'m->m_size' to write commands via snprintf(3). Use M_FREEROOM(m) +size to avoid possible OOB access. + +Signed-off-by: Prasad J Pandit +Signed-off-by: Samuel Thibault +Message-Id: <20200109094228.79764-3-ppandit@redhat.com> +--- + src/tcp_subr.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +diff --git a/src/tcp_subr.c b/src/tcp_subr.c +index ee7a938..177dfd2 100644 +--- a/slirp/src/tcp_subr.c ++++ b/slirp/src/tcp_subr.c +@@ -681,7 +681,7 @@ int tcp_emu(struct socket *so, struct mbuf *m) + n4 = (laddr & 0xff); + + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += snprintf(bptr, m->m_size - m->m_len, ++ m->m_len += snprintf(bptr, M_FREEROOM(m), + "ORT %d,%d,%d,%d,%d,%d\r\n%s", n1, n2, n3, n4, + n5, n6, x == 7 ? buff : ""); + return 1; +@@ -716,8 +716,7 @@ int tcp_emu(struct socket *so, struct mbuf *m) + n4 = (laddr & 0xff); + + m->m_len = bptr - m->m_data; /* Adjust length */ +- m->m_len += +- snprintf(bptr, m->m_size - m->m_len, ++ m->m_len += snprintf(bptr, M_FREEROOM(m), + "27 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n%s", + n1, n2, n3, n4, n5, n6, x == 7 ? buff : ""); + +@@ -743,8 +742,8 @@ int tcp_emu(struct socket *so, struct mbuf *m) + if (m->m_data[m->m_len - 1] == '\0' && lport != 0 && + (so = tcp_listen(slirp, INADDR_ANY, 0, so->so_laddr.s_addr, + htons(lport), SS_FACCEPTONCE)) != NULL) +- m->m_len = +- snprintf(m->m_data, m->m_size, "%d", ntohs(so->so_fport)) + 1; ++ m->m_len = snprintf(m->m_data, M_ROOM(m), ++ "%d", ntohs(so->so_fport)) + 1; + return 1; + + case EMU_IRC: +-- +2.24.1 + diff --git a/gnu/packages/patches/qemu-CVE-2020-7211.patch b/gnu/packages/patches/qemu-CVE-2020-7211.patch new file mode 100644 index 0000000000..2885dda411 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2020-7211.patch @@ -0,0 +1,49 @@ +Fix CVE-2020-7211: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7211 + +Patch copied from upstream dependency repository: + +https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 + +From 14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 Mon Sep 17 00:00:00 2001 +From: Prasad J Pandit +Date: Mon, 13 Jan 2020 17:44:31 +0530 +Subject: [PATCH] slirp: tftp: restrict relative path access + +tftp restricts relative or directory path access on Linux systems. +Apply same restrictions on Windows systems too. It helps to avoid +directory traversal issue. + +Fixes: https://bugs.launchpad.net/qemu/+bug/1812451 +Reported-by: Peter Maydell +Signed-off-by: Prasad J Pandit +Reviewed-by: Samuel Thibault +Message-Id: <20200113121431.156708-1-ppandit@redhat.com> +--- + src/tftp.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/src/tftp.c b/src/tftp.c +index 093c2e0..e52e71b 100644 +--- a/slirp/src/tftp.c ++++ b/slirp/src/tftp.c +@@ -344,8 +344,13 @@ static void tftp_handle_rrq(Slirp *slirp, struct sockaddr_storage *srcsas, + k += 6; /* skipping octet */ + + /* do sanity checks on the filename */ +- if (!strncmp(req_fname, "../", 3) || +- req_fname[strlen(req_fname) - 1] == '/' || strstr(req_fname, "/../")) { ++ if ( ++#ifdef G_OS_WIN32 ++ strstr(req_fname, "..\\") || ++ req_fname[strlen(req_fname) - 1] == '\\' || ++#endif ++ strstr(req_fname, "../") || ++ req_fname[strlen(req_fname) - 1] == '/') { + tftp_send_error(spt, 2, "Access violation", tp); + return; + } +-- +2.24.1 + diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 51ba3c602a..1874cf3d9f 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -114,6 +114,8 @@ (method url-fetch) (uri (string-append "https://download.qemu.org/qemu-" version ".tar.xz")) + (patches (search-patches "qemu-CVE-2020-7039.patch" + "qemu-CVE-2020-7211.patch")) (sha256 (base32 "1lm1jndfpc5sydwrxyiz5sms414zkcg9jdl0zx318qbjsayxnvzd")))) -- 2.25.0 ------------=_1579918502-23723-3-- From unknown Sun Jun 15 08:53:33 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Leo Famulari Subject: bug#39227: closed (Re: [PATCH 0/2] QEMU updates) Message-ID: References: <20200125021359.GA7762@jasmine.lan> X-Gnu-PR-Message: they-closed 39227 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 39227@debbugs.gnu.org Date: Sat, 25 Jan 2020 02:15:03 +0000 Content-Type: multipart/mixed; boundary="----------=_1579918503-23723-5" This is a multi-part message in MIME format... ------------=_1579918503-23723-5 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #39225: [PATCH 2/2] gnu: QEMU: Update to 4.2.0. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 39227@debbugs.gnu.org. --=20 39225: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D39225 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1579918503-23723-5 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 39225-done) by debbugs.gnu.org; 25 Jan 2020 02:14:08 +0000 Received: from localhost ([127.0.0.1]:54891 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ivAxc-00069M-JT for submit@debbugs.gnu.org; Fri, 24 Jan 2020 21:14:08 -0500 Received: from wout3-smtp.messagingengine.com ([64.147.123.19]:47501) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ivAxb-00069A-CR for 39225-done@debbugs.gnu.org; Fri, 24 Jan 2020 21:14:08 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 8B7CE48E; Fri, 24 Jan 2020 21:14:01 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Fri, 24 Jan 2020 21:14:01 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=nla4oAWJW5MUJJVfZHinnhzk zX727ggUOOp7kZVa4Mk=; b=S7J54COVWBcLHvTZwPwTcbUt8+8Vy+XujG+Bd9Yo MQkr/e3c1Ljlg3d/WdvL+lKV27P9h7eeqVJhQ/w1cLfCLkb0PSY4k4dQMxfqsMym Uri5ZoknlPwxLaM1u8o70Gy4Yc6++aHWwdzPkP4DurIvxKOjRtF6Z3GRwH91xd18 9Ic= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=nla4oA WJW5MUJJVfZHinnhzkzX727ggUOOp7kZVa4Mk=; b=UUHrBf75p3mtMNBUZM9La9 1GglcGQJFnH4uPIGEEoywTAs/EosjB0Gw44WPA8vtiQkcOdSl3rvBU19dMuILOnu 71EIZkGvBSo31wUKYEyERxjsXhUNf8IbrC3O+QMPnoUddrO6PQjC0SnggwW1DecE Y6/kH1d2VVCToMxHuaDt/eUlpRu8EjXWcyeuc6CHxasfImWu2wKpUOkuIBbl9Pm4 m6x4KbRZY0fu+lCdSiU8AguHh3MFjwtQxTvOK7F//srhhUebbS2FnO6sluucmpV5 ufDF2FONgBG2H3xp4cOs9bqEcKmq1GsrqoVhoNtq/quMdTnePTvv29HuHm4GIncQ == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrvdeigdegfecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukfhfgggtuggjsehgtderre dttddvnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhlrghr ihdrnhgrmhgvqeenucffohhmrghinhepqhgvmhhurdhorhhgnecukfhppeejiedruddvge drudefkedrieefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhf rhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id E00E3328005E for <39225-done@debbugs.gnu.org>; Fri, 24 Jan 2020 21:14:00 -0500 (EST) Date: Fri, 24 Jan 2020 21:13:59 -0500 From: Leo Famulari To: 39225-done@debbugs.gnu.org Subject: Re: [PATCH 0/2] QEMU updates Message-ID: <20200125021359.GA7762@jasmine.lan> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="YZ5djTAD1cGYuMQK" Content-Disposition: inline In-Reply-To: X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 39225-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --YZ5djTAD1cGYuMQK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 21, 2020 at 01:55:50PM -0500, Leo Famulari wrote: > The security updates work with our current QEMU package of 4.1.1 as well > as 4.2.0. >=20 > I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image and > running it with the "full" QEMU package, and the SLIRP networking works > fine in both cases. Pushed as 3778b3d9d013a443eec7990c31f47f887f72fe59, along with a 3rd patch that brings back the QEMU man pages. QEMU 4.0 began requiring the use of Sphinx to build them: https://wiki.qemu.org/ChangeLog/4.0#Build_Dependencies --YZ5djTAD1cGYuMQK Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl4rpGcACgkQJkb6MLrK fwh+NRAAiZZY7P/ueR52nqqmYsGeG4T45foEx+DqpL2bsOHFamUD/Rk/+y1R2PZ1 sR9ZN29afyvPZ/8Oc+3S4WeOuz9k0knFxzgafiQdVlGOHdO8sJA/N+qV+3EEQ0NX xN+HfC9ipRdUAvzv/oYuBQat5jqGLqud3asvJZ3hWYn+2W5znqfXf6xgDRBxvkRP iLn7Raegm1LmvrkuEh0l9ahgW9FyC5q38X3KcEP86WlFQkD2OgMGZIb+yRSKBeKQ Mn89pH9669Ll5Nix+wnQ3VS6sgaSN0F11OeL7yWkOKZZSkLyErCbbRDCFYjvPiR4 Grph+hFdXSbhuTokvyGqvk4JKziQ1YBPjRZoceIUOzqiFKXgJ934VT9wGrEhBp7h CbmScxTmg6AOziJaBqSWPKmwssCgXEQIYyMtxxajPCjnq01e2c2fCLt9lBm1TU8D E7Nb6nediRmiKtagZsjUpY1khAyQDgHnaKS6VMB1KW5ZOsUb3v09Q3BuXVK7pjRz kO2XsSqL4VPfxhnA8pubQbZRs8U5DQ3tSqLXhOKiWzvtIWlqmHEDuWTCMhMd2C5g pLRa+w5pi45u//myYNplBH09JbObuxNx8aP0nsL9MxpAQa29GyjK/MfZ6UPuBbrj e/oQik32zHKeFOsFWB1QqfM2jockLKnfdqC6mvDSakWe+r6Dlb0= =R4Bc -----END PGP SIGNATURE----- --YZ5djTAD1cGYuMQK-- ------------=_1579918503-23723-5 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 21 Jan 2020 18:56:27 +0000 Received: from localhost ([127.0.0.1]:48491 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ityhN-0003Ym-Ay for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:27 -0500 Received: from lists.gnu.org ([209.51.188.17]:46652) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ityh5-0003Xv-Fc for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:15 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:57685) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ityh1-0005qJ-MY for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:07 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW, URIBL_BLOCKED autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1itygx-0002TE-Uc for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:03 -0500 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:45125) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1itygx-0002RX-Qm for guix-patches@gnu.org; Tue, 21 Jan 2020 13:55:59 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 9D20721D28; Tue, 21 Jan 2020 13:55:57 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 21 Jan 2020 13:55:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=from:to:subject:date:message-id:in-reply-to:references :mime-version:content-type:content-transfer-encoding; s=mesmtp; bh=ahpUtg3OKNJ/l3ngPhPiqF4GDRUvoVNbA3N2IjEAG3g=; b=VVDT/JCegp2/ A4isgi3KUjFB/0LRxGNaFsJgTOkjKrH/BRCb9mUCrQ1rkmQ8yx/TZreX62k7HgE4 FzoYU/PfLl1wtxrjhuP4jQbWHTD3KN8fXvlk3y76Ciw9xZ06n3HmhHBosfeMberh 77MmrceDUqLAyoYx6n+F0yi76VvgkKU= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=ahpUtg3OKNJ/l3ngPhPiqF4GDRUvoVNbA3N2IjEAG 3g=; b=gDCa69DPiUR14zxgJDUXl6dRJgS6VDury1DiKHsdyAmQPOGbed/bQEHn1 xoPcG0xBIQXJi4KWXPTQDhevI4ungkgJ3De6GAIgLDlM64KJ7ceLkA0YQ3muI6LK gWVWRDZ63Z3XgwFnQ63sDrG9tzySM52SzHUTuA8IqnfkEWvCAEVRPZOswgeZimQa VMRPwu/pJnaibqQ7m+StQbzy++Ahtv85DLjyGT1ZThze4cuhu0Qd7zER2E6e3XSe CAzfNB0JmeDwjHIGyNpRE649W2cdqHGZb0mT88KcPt94v14zcNh1huex7V/fW+Zh 2Auen099bJ/Iliz1zm1OvGAPALpxg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudekgdduudejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgjfhggtgfgsehtke ertdertdejnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhl rghrihdrnhgrmhgvqeenucffohhmrghinhepqhgvmhhurdhorhhgnecukfhppeejiedrud dvgedrudefkedrieefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghi lhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: Received: from jasmine.lan (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 5637C3060B16 for ; Tue, 21 Jan 2020 13:55:57 -0500 (EST) From: Leo Famulari To: guix-patches@gnu.org Subject: [PATCH 2/2] gnu: QEMU: Update to 4.2.0. Date: Tue, 21 Jan 2020 13:55:52 -0500 Message-Id: X-Mailer: git-send-email 2.25.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.27 X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.4 (--) * gnu/packages/virtualization.scm (qemu): Update to 4.2.0. [source]: Use new patch. * gnu/packages/patches/qemu-fix-documentation-build-failure.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + ...qemu-fix-documentation-build-failure.patch | 43 +++++++++++++++++++ gnu/packages/virtualization.scm | 7 +-- 3 files changed, 48 insertions(+), 3 deletions(-) create mode 100644 gnu/packages/patches/qemu-fix-documentation-build-failure.patch diff --git a/gnu/local.mk b/gnu/local.mk index 1a01a87c40..7893c2a8ad 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1336,6 +1336,7 @@ dist_patch_DATA = \ %D%/packages/patches/qemu-glibc-2.27.patch \ %D%/packages/patches/qemu-CVE-2020-7039.patch \ %D%/packages/patches/qemu-CVE-2020-7211.patch \ + %D%/packages/patches/qemu-fix-documentation-build-failure.patch \ %D%/packages/patches/qt4-ldflags.patch \ %D%/packages/patches/qtbase-use-TZDIR.patch \ %D%/packages/patches/qtscript-disable-tests.patch \ diff --git a/gnu/packages/patches/qemu-fix-documentation-build-failure.patch b/gnu/packages/patches/qemu-fix-documentation-build-failure.patch new file mode 100644 index 0000000000..c913c553b2 --- /dev/null +++ b/gnu/packages/patches/qemu-fix-documentation-build-failure.patch @@ -0,0 +1,43 @@ +Fix a build failure caused by a texinfo bug: + +qemu-doc.texi:41: @menu reference to nonexistent node `QEMU Guest Agent' + +Patch copied from upstream source repository: + +https://git.qemu.org/?p=qemu.git;a=commitdiff;h=80bc935eaaf93e5b9a4efe97abd7c51d645f2612 + +From 80bc935eaaf93e5b9a4efe97abd7c51d645f2612 Mon Sep 17 00:00:00 2001 +From: Thomas Huth +Date: Mon, 16 Dec 2019 14:29:41 +0100 +Subject: [PATCH] qemu-doc: Remove the unused "Guest Agent" node +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The node has been removed from the texi file some months ago, so we +should remove it from the menu section, too. + +Fixes: 27a296fce982 ("qemu-ga: Convert invocation documentation to rST") +Signed-off-by: Thomas Huth +Reviewed-by: Philippe Mathieu-Daudé +Message-Id: <20191216132941.25729-1-thuth@redhat.com> +Signed-off-by: Laurent Vivier +--- + qemu-doc.texi | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/qemu-doc.texi b/qemu-doc.texi +index eea91a2d1e..39f950471f 100644 +--- a/qemu-doc.texi ++++ b/qemu-doc.texi +@@ -38,7 +38,6 @@ + * Introduction:: + * QEMU PC System emulator:: + * QEMU System emulator for non PC targets:: +-* QEMU Guest Agent:: + * QEMU User space emulator:: + * System requirements:: + * Security:: +-- +2.24.1 + diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 1874cf3d9f..87d7b8669e 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -109,16 +109,17 @@ (define-public qemu (package (name "qemu") - (version "4.1.1") + (version "4.2.0") (source (origin (method url-fetch) (uri (string-append "https://download.qemu.org/qemu-" version ".tar.xz")) (patches (search-patches "qemu-CVE-2020-7039.patch" - "qemu-CVE-2020-7211.patch")) + "qemu-CVE-2020-7211.patch" + "qemu-fix-documentation-build-failure.patch")) (sha256 (base32 - "1lm1jndfpc5sydwrxyiz5sms414zkcg9jdl0zx318qbjsayxnvzd")))) + "1w38hzlw7xp05gcq1nhga7hxvndxy6dfcnzi7q2il8ff110isj6k")))) (build-system gnu-build-system) (arguments '(;; Running tests in parallel can occasionally lead to failures, like: -- 2.25.0 ------------=_1579918503-23723-5--