* [warrior][PATCH] libvirt: Five security fixes
@ 2019-09-06 2:52 Armin Kuster
2019-09-09 17:28 ` Bruce Ashfield
0 siblings, 1 reply; 2+ messages in thread
From: Armin Kuster @ 2019-09-06 2:52 UTC (permalink / raw)
To: meta-virtualization
From: Armin Kuster <akuster@mvista.com>
Affects <= 4.9.0
This affectively moves sources to tip
Fixes the following cves.
CVE-2019-10132
CVE-2019-10161
CVE-2019-10166
CVE-2019-10167
CVE-2019-10168
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
.../libvirt/libvirt/CVE-2019-10132_p1.patch | 63 +++++++++++++
.../libvirt/libvirt/CVE-2019-10132_p2.patch | 55 +++++++++++
.../libvirt/libvirt/CVE-2019-10132_p3.patch | 55 +++++++++++
.../libvirt/libvirt/CVE-2019-10161.patch | 101 +++++++++++++++++++++
.../libvirt/libvirt/CVE-2019-10166.patch | 43 +++++++++
.../libvirt/libvirt/CVE-2019-10167.patch | 41 +++++++++
.../libvirt/libvirt/CVE-2019-10168.patch | 49 ++++++++++
recipes-extended/libvirt/libvirt_4.9.0.bb | 7 ++
8 files changed, 414 insertions(+)
create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch
create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch
create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch
create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10161.patch
create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10166.patch
create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10168.patch
diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch
new file mode 100644
index 0000000..1f958fa
--- /dev/null
+++ b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch
@@ -0,0 +1,63 @@
+From b0f788c2d3d9930015258a7df95dde80a498e657 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 30 Apr 2019 17:26:13 +0100
+Subject: [PATCH 1/7] admin: reject clients unless their UID matches the
+ current UID
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The admin protocol RPC messages are only intended for use by the user
+running the daemon. As such they should not be allowed for any client
+UID that does not match the server UID.
+
+Fixes CVE-2019-10132
+
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7)
+
+Upstream-Status: Backport
+CVE: CVE-2019-10132 patch #1
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++
+ 1 file changed, 22 insertions(+)
+
+diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c
+index b78ff90..9f25813 100644
+--- a/src/admin/admin_server_dispatch.c
++++ b/src/admin/admin_server_dispatch.c
+@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED,
+ void *opaque)
+ {
+ struct daemonAdmClientPrivate *priv;
++ uid_t clientuid;
++ gid_t clientgid;
++ pid_t clientpid;
++ unsigned long long timestamp;
++
++ if (virNetServerClientGetUNIXIdentity(client,
++ &clientuid,
++ &clientgid,
++ &clientpid,
++ ×tamp) < 0)
++ return NULL;
++
++ VIR_DEBUG("New client pid %lld uid %lld",
++ (long long)clientpid,
++ (long long)clientuid);
++
++ if (geteuid() != clientuid) {
++ virReportRestrictedError(_("Disallowing client %lld with uid %lld"),
++ (long long)clientpid,
++ (long long)clientuid);
++ return NULL;
++ }
+
+ if (VIR_ALLOC(priv) < 0)
+ return NULL;
+--
+2.7.4
+
diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch
new file mode 100644
index 0000000..2fffe14
--- /dev/null
+++ b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch
@@ -0,0 +1,55 @@
+From ea014c9fcf19539c75a7cb6926b14858426746a7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 30 Apr 2019 16:51:37 +0100
+Subject: [PATCH 2/7] locking: restrict sockets to mode 0600
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virtlockd daemon's only intended client is the libvirtd daemon. As
+such it should never allow clients from other user accounts to connect.
+The code already enforces this and drops clients from other UIDs, but
+we can get earlier (and thus stronger) protection against DoS by setting
+the socket permissions to 0600
+
+Fixes CVE-2019-10132
+
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit f111e09468693909b1f067aa575efdafd9a262a1)
+
+Upstream-Status: Backport
+CVE: CVE-2019-10132 patch #2
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ src/locking/virtlockd-admin.socket.in | 1 +
+ src/locking/virtlockd.socket.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in
+index 2a7500f..f674c49 100644
+--- a/src/locking/virtlockd-admin.socket.in
++++ b/src/locking/virtlockd-admin.socket.in
+@@ -5,6 +5,7 @@ Before=libvirtd.service
+ [Socket]
+ ListenStream=@localstatedir@/run/libvirt/virtlockd-admin-sock
+ Service=virtlockd.service
++SocketMode=0600
+
+ [Install]
+ WantedBy=sockets.target
+diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in
+index 45e0f20..d701b27 100644
+--- a/src/locking/virtlockd.socket.in
++++ b/src/locking/virtlockd.socket.in
+@@ -4,6 +4,7 @@ Before=libvirtd.service
+
+ [Socket]
+ ListenStream=@localstatedir@/run/libvirt/virtlockd-sock
++SocketMode=0600
+
+ [Install]
+ WantedBy=sockets.target
+--
+2.7.4
+
diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch
new file mode 100644
index 0000000..0cb0005
--- /dev/null
+++ b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch
@@ -0,0 +1,55 @@
+From a474f18dceed61d562508980999e5f2d7445d683 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 30 Apr 2019 17:27:41 +0100
+Subject: [PATCH 3/7] logging: restrict sockets to mode 0600
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virtlogd daemon's only intended client is the libvirtd daemon. As
+such it should never allow clients from other user accounts to connect.
+The code already enforces this and drops clients from other UIDs, but
+we can get earlier (and thus stronger) protection against DoS by setting
+the socket permissions to 0600
+
+Fixes CVE-2019-10132
+
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit e37bd65f9948c1185456b2cdaa3bd6e875af680f)
+
+Upstream-Status: Backport
+CVE: CVE-2019-10132 patch #3
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ src/logging/virtlogd-admin.socket.in | 1 +
+ src/logging/virtlogd.socket.in | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in
+index 595e6c4..5c41dfe 100644
+--- a/src/logging/virtlogd-admin.socket.in
++++ b/src/logging/virtlogd-admin.socket.in
+@@ -5,6 +5,7 @@ Before=libvirtd.service
+ [Socket]
+ ListenStream=@localstatedir@/run/libvirt/virtlogd-admin-sock
+ Service=virtlogd.service
++SocketMode=0600
+
+ [Install]
+ WantedBy=sockets.target
+diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in
+index 22b9360..ae48cda 100644
+--- a/src/logging/virtlogd.socket.in
++++ b/src/logging/virtlogd.socket.in
+@@ -4,6 +4,7 @@ Before=libvirtd.service
+
+ [Socket]
+ ListenStream=@localstatedir@/run/libvirt/virtlogd-sock
++SocketMode=0600
+
+ [Install]
+ WantedBy=sockets.target
+--
+2.7.4
+
diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch
new file mode 100644
index 0000000..72e69a8
--- /dev/null
+++ b/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch
@@ -0,0 +1,101 @@
+From 568c735d7b0ccb55f9476c86f8603eb3a5c9fc5c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 14 Jun 2019 08:47:42 +0200
+Subject: [PATCH 4/7] api: disallow virDomainSaveImageGetXMLDesc on read-only
+ connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virDomainSaveImageGetXMLDesc API is taking a path parameter,
+which can point to any path on the system. This file will then be
+read and parsed by libvirtd running with root privileges.
+
+Forbid it on read-only connections.
+
+Fixes: CVE-2019-10161
+Reported-by: Matthias Gerstner <mgerstner@suse.de>
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit aed6a032cead4386472afb24b16196579e239580)
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+
+Conflicts:
+ src/libvirt-domain.c
+ src/remote/remote_protocol.x
+
+Upstream commit 12a51f372 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE
+alias for VIR_DOMAIN_XML_SECURE is not backported.
+Just skip the commit since we now disallow the whole API on read-only
+connections, regardless of the flag.
+
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+
+Upstream-Status: Backport
+CVE: CVE-2019-19161
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ src/libvirt-domain.c | 11 ++---------
+ src/qemu/qemu_driver.c | 2 +-
+ src/remote/remote_protocol.x | 3 +--
+ 3 files changed, 4 insertions(+), 12 deletions(-)
+
+diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
+index 7690339..c188239 100644
+--- a/src/libvirt-domain.c
++++ b/src/libvirt-domain.c
+@@ -1073,9 +1073,7 @@ virDomainRestoreFlags(virConnectPtr conn, const char *from, const char *dxml,
+ * previously by virDomainSave() or virDomainSaveFlags().
+ *
+ * No security-sensitive data will be included unless @flags contains
+- * VIR_DOMAIN_XML_SECURE; this flag is rejected on read-only
+- * connections. For this API, @flags should not contain either
+- * VIR_DOMAIN_XML_INACTIVE or VIR_DOMAIN_XML_UPDATE_CPU.
++ * VIR_DOMAIN_XML_SECURE.
+ *
+ * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of
+ * error. The caller must free() the returned value.
+@@ -1091,12 +1089,7 @@ virDomainSaveImageGetXMLDesc(virConnectPtr conn, const char *file,
+
+ virCheckConnectReturn(conn, NULL);
+ virCheckNonNullArgGoto(file, error);
+-
+- if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_XML_SECURE)) {
+- virReportError(VIR_ERR_OPERATION_DENIED, "%s",
+- _("virDomainSaveImageGetXMLDesc with secure flag"));
+- goto error;
+- }
++ virCheckReadOnlyGoto(conn->flags, error);
+
+ if (conn->driver->domainSaveImageGetXMLDesc) {
+ char *ret;
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index a52e249..f7656e5 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -6798,7 +6798,7 @@ qemuDomainSaveImageGetXMLDesc(virConnectPtr conn, const char *path,
+ if (fd < 0)
+ goto cleanup;
+
+- if (virDomainSaveImageGetXMLDescEnsureACL(conn, def, flags) < 0)
++ if (virDomainSaveImageGetXMLDescEnsureACL(conn, def) < 0)
+ goto cleanup;
+
+ ret = qemuDomainDefFormatXML(driver, def, flags);
+diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
+index 28c8feb..52b9233 100644
+--- a/src/remote/remote_protocol.x
++++ b/src/remote/remote_protocol.x
+@@ -5226,8 +5226,7 @@ enum remote_procedure {
+ /**
+ * @generate: both
+ * @priority: high
+- * @acl: domain:read
+- * @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE
++ * @acl: domain:write
+ */
+ REMOTE_PROC_DOMAIN_SAVE_IMAGE_GET_XML_DESC = 235,
+
+--
+2.7.4
+
diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch
new file mode 100644
index 0000000..6305ffd
--- /dev/null
+++ b/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch
@@ -0,0 +1,43 @@
+From 0a744e15517d727c7f473fabe32ca6b0dbb7b7d1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 14 Jun 2019 09:14:53 +0200
+Subject: [PATCH 5/7] api: disallow virDomainManagedSaveDefineXML on read-only
+ connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virDomainManagedSaveDefineXML can be used to alter the domain's
+config used for managedsave or even execute arbitrary emulator binaries.
+Forbid it on read-only connections.
+
+Fixes: CVE-2019-10166
+Reported-by: Matthias Gerstner <mgerstner@suse.de>
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a)
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+
+Upstream-Status: Backport
+CVE: CVE-2019-19166
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ src/libvirt-domain.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
+index c188239..d8b64c0 100644
+--- a/src/libvirt-domain.c
++++ b/src/libvirt-domain.c
+@@ -9490,6 +9490,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml,
+
+ virCheckDomainReturn(domain, -1);
+ conn = domain->conn;
++ virCheckReadOnlyGoto(conn->flags, error);
+
+ if (conn->driver->domainManagedSaveDefineXML) {
+ int ret;
+--
+2.7.4
+
diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
new file mode 100644
index 0000000..abca309
--- /dev/null
+++ b/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
@@ -0,0 +1,41 @@
+From 6452b9fdff7988024a6157ca0a973ac3abf54468 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 14 Jun 2019 09:16:14 +0200
+Subject: [PATCH 6/7] api: disallow virConnectGetDomainCapabilities on
+ read-only connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This API can be used to execute arbitrary emulators.
+Forbid it on read-only connections.
+
+Fixes: CVE-2019-10167
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26)
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+
+Upstream-Status: Backport
+CVE: CVE-2019-19167
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ src/libvirt-domain.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
+index d8b64c0..1e1c4e3 100644
+--- a/src/libvirt-domain.c
++++ b/src/libvirt-domain.c
+@@ -11282,6 +11282,7 @@ virConnectGetDomainCapabilities(virConnectPtr conn,
+ virResetLastError();
+
+ virCheckConnectReturn(conn, NULL);
++ virCheckReadOnlyGoto(conn->flags, error);
+
+ if (conn->driver->connectGetDomainCapabilities) {
+ char *ret;
+--
+2.7.4
+
diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch
new file mode 100644
index 0000000..2211238
--- /dev/null
+++ b/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch
@@ -0,0 +1,49 @@
+From dd88b69a207c1ed6e89d7e9fa6b5f4a9ec4db97c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 14 Jun 2019 09:17:39 +0200
+Subject: [PATCH 7/7] api: disallow virConnect*HypervisorCPU on read-only
+ connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+These APIs can be used to execute arbitrary emulators.
+Forbid them on read-only connections.
+
+Fixes: CVE-2019-10168
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit bf6c2830b6c338b1f5699b095df36f374777b291)
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+
+Upstream-Status: Backport
+CVE: CVE-2019-19168
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ src/libvirt-host.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/libvirt-host.c b/src/libvirt-host.c
+index e20d6ee..2978825 100644
+--- a/src/libvirt-host.c
++++ b/src/libvirt-host.c
+@@ -1041,6 +1041,7 @@ virConnectCompareHypervisorCPU(virConnectPtr conn,
+
+ virCheckConnectReturn(conn, VIR_CPU_COMPARE_ERROR);
+ virCheckNonNullArgGoto(xmlCPU, error);
++ virCheckReadOnlyGoto(conn->flags, error);
+
+ if (conn->driver->connectCompareHypervisorCPU) {
+ int ret;
+@@ -1234,6 +1235,7 @@ virConnectBaselineHypervisorCPU(virConnectPtr conn,
+
+ virCheckConnectReturn(conn, NULL);
+ virCheckNonNullArgGoto(xmlCPUs, error);
++ virCheckReadOnlyGoto(conn->flags, error);
+
+ if (conn->driver->connectBaselineHypervisorCPU) {
+ char *cpu;
+--
+2.7.4
+
diff --git a/recipes-extended/libvirt/libvirt_4.9.0.bb b/recipes-extended/libvirt/libvirt_4.9.0.bb
index 813d95e..db5a4f9 100644
--- a/recipes-extended/libvirt/libvirt_4.9.0.bb
+++ b/recipes-extended/libvirt/libvirt_4.9.0.bb
@@ -36,6 +36,13 @@ SRC_URI = "http://libvirt.org/sources/libvirt-${PV}.tar.xz;name=libvirt \
file://0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch \
file://configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch \
file://hook_support.py \
+ file://CVE-2019-10132_p1.patch \
+ file://CVE-2019-10132_p2.patch \
+ file://CVE-2019-10132_p3.patch \
+ file://CVE-2019-10161.patch \
+ file://CVE-2019-10166.patch \
+ file://CVE-2019-10167.patch \
+ file://CVE-2019-10168.patch \
"
SRC_URI[libvirt.md5sum] = "aaf7b265ac2013d6eb184a86b5f7eeb9"
--
2.7.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [warrior][PATCH] libvirt: Five security fixes
2019-09-06 2:52 [warrior][PATCH] libvirt: Five security fixes Armin Kuster
@ 2019-09-09 17:28 ` Bruce Ashfield
0 siblings, 0 replies; 2+ messages in thread
From: Bruce Ashfield @ 2019-09-09 17:28 UTC (permalink / raw)
To: Armin Kuster; +Cc: meta-virtualization
In message: [meta-virtualization] [warrior][PATCH] libvirt: Five security fixes
on 05/09/2019 Armin Kuster wrote:
> From: Armin Kuster <akuster@mvista.com>
>
> Affects <= 4.9.0
>
> This affectively moves sources to tip
> Fixes the following cves.
>
> CVE-2019-10132
> CVE-2019-10161
> CVE-2019-10166
> CVE-2019-10167
> CVE-2019-10168
Thanks armin. This is now merged to the warrior branch.
Bruce
>
> Signed-off-by: Armin Kuster <akuster@mvista.com>
> ---
> .../libvirt/libvirt/CVE-2019-10132_p1.patch | 63 +++++++++++++
> .../libvirt/libvirt/CVE-2019-10132_p2.patch | 55 +++++++++++
> .../libvirt/libvirt/CVE-2019-10132_p3.patch | 55 +++++++++++
> .../libvirt/libvirt/CVE-2019-10161.patch | 101 +++++++++++++++++++++
> .../libvirt/libvirt/CVE-2019-10166.patch | 43 +++++++++
> .../libvirt/libvirt/CVE-2019-10167.patch | 41 +++++++++
> .../libvirt/libvirt/CVE-2019-10168.patch | 49 ++++++++++
> recipes-extended/libvirt/libvirt_4.9.0.bb | 7 ++
> 8 files changed, 414 insertions(+)
> create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch
> create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch
> create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch
> create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10161.patch
> create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10166.patch
> create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
> create mode 100644 recipes-extended/libvirt/libvirt/CVE-2019-10168.patch
>
> diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch
> new file mode 100644
> index 0000000..1f958fa
> --- /dev/null
> +++ b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch
> @@ -0,0 +1,63 @@
> +From b0f788c2d3d9930015258a7df95dde80a498e657 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
> +Date: Tue, 30 Apr 2019 17:26:13 +0100
> +Subject: [PATCH 1/7] admin: reject clients unless their UID matches the
> + current UID
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +The admin protocol RPC messages are only intended for use by the user
> +running the daemon. As such they should not be allowed for any client
> +UID that does not match the server UID.
> +
> +Fixes CVE-2019-10132
> +
> +Reviewed-by: Ján Tomko <jtomko@redhat.com>
> +Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> +(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7)
> +
> +Upstream-Status: Backport
> +CVE: CVE-2019-10132 patch #1
> +Signed-off-by: Armin Kuster <akuster@mvista.com>
> +
> +---
> + src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++
> + 1 file changed, 22 insertions(+)
> +
> +diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c
> +index b78ff90..9f25813 100644
> +--- a/src/admin/admin_server_dispatch.c
> ++++ b/src/admin/admin_server_dispatch.c
> +@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED,
> + void *opaque)
> + {
> + struct daemonAdmClientPrivate *priv;
> ++ uid_t clientuid;
> ++ gid_t clientgid;
> ++ pid_t clientpid;
> ++ unsigned long long timestamp;
> ++
> ++ if (virNetServerClientGetUNIXIdentity(client,
> ++ &clientuid,
> ++ &clientgid,
> ++ &clientpid,
> ++ ×tamp) < 0)
> ++ return NULL;
> ++
> ++ VIR_DEBUG("New client pid %lld uid %lld",
> ++ (long long)clientpid,
> ++ (long long)clientuid);
> ++
> ++ if (geteuid() != clientuid) {
> ++ virReportRestrictedError(_("Disallowing client %lld with uid %lld"),
> ++ (long long)clientpid,
> ++ (long long)clientuid);
> ++ return NULL;
> ++ }
> +
> + if (VIR_ALLOC(priv) < 0)
> + return NULL;
> +--
> +2.7.4
> +
> diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch
> new file mode 100644
> index 0000000..2fffe14
> --- /dev/null
> +++ b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p2.patch
> @@ -0,0 +1,55 @@
> +From ea014c9fcf19539c75a7cb6926b14858426746a7 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
> +Date: Tue, 30 Apr 2019 16:51:37 +0100
> +Subject: [PATCH 2/7] locking: restrict sockets to mode 0600
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +The virtlockd daemon's only intended client is the libvirtd daemon. As
> +such it should never allow clients from other user accounts to connect.
> +The code already enforces this and drops clients from other UIDs, but
> +we can get earlier (and thus stronger) protection against DoS by setting
> +the socket permissions to 0600
> +
> +Fixes CVE-2019-10132
> +
> +Reviewed-by: Ján Tomko <jtomko@redhat.com>
> +Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> +(cherry picked from commit f111e09468693909b1f067aa575efdafd9a262a1)
> +
> +Upstream-Status: Backport
> +CVE: CVE-2019-10132 patch #2
> +Signed-off-by: Armin Kuster <akuster@mvista.com>
> +---
> + src/locking/virtlockd-admin.socket.in | 1 +
> + src/locking/virtlockd.socket.in | 1 +
> + 2 files changed, 2 insertions(+)
> +
> +diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in
> +index 2a7500f..f674c49 100644
> +--- a/src/locking/virtlockd-admin.socket.in
> ++++ b/src/locking/virtlockd-admin.socket.in
> +@@ -5,6 +5,7 @@ Before=libvirtd.service
> + [Socket]
> + ListenStream=@localstatedir@/run/libvirt/virtlockd-admin-sock
> + Service=virtlockd.service
> ++SocketMode=0600
> +
> + [Install]
> + WantedBy=sockets.target
> +diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in
> +index 45e0f20..d701b27 100644
> +--- a/src/locking/virtlockd.socket.in
> ++++ b/src/locking/virtlockd.socket.in
> +@@ -4,6 +4,7 @@ Before=libvirtd.service
> +
> + [Socket]
> + ListenStream=@localstatedir@/run/libvirt/virtlockd-sock
> ++SocketMode=0600
> +
> + [Install]
> + WantedBy=sockets.target
> +--
> +2.7.4
> +
> diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch
> new file mode 100644
> index 0000000..0cb0005
> --- /dev/null
> +++ b/recipes-extended/libvirt/libvirt/CVE-2019-10132_p3.patch
> @@ -0,0 +1,55 @@
> +From a474f18dceed61d562508980999e5f2d7445d683 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
> +Date: Tue, 30 Apr 2019 17:27:41 +0100
> +Subject: [PATCH 3/7] logging: restrict sockets to mode 0600
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +The virtlogd daemon's only intended client is the libvirtd daemon. As
> +such it should never allow clients from other user accounts to connect.
> +The code already enforces this and drops clients from other UIDs, but
> +we can get earlier (and thus stronger) protection against DoS by setting
> +the socket permissions to 0600
> +
> +Fixes CVE-2019-10132
> +
> +Reviewed-by: Ján Tomko <jtomko@redhat.com>
> +Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> +(cherry picked from commit e37bd65f9948c1185456b2cdaa3bd6e875af680f)
> +
> +Upstream-Status: Backport
> +CVE: CVE-2019-10132 patch #3
> +Signed-off-by: Armin Kuster <akuster@mvista.com>
> +---
> + src/logging/virtlogd-admin.socket.in | 1 +
> + src/logging/virtlogd.socket.in | 1 +
> + 2 files changed, 2 insertions(+)
> +
> +diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in
> +index 595e6c4..5c41dfe 100644
> +--- a/src/logging/virtlogd-admin.socket.in
> ++++ b/src/logging/virtlogd-admin.socket.in
> +@@ -5,6 +5,7 @@ Before=libvirtd.service
> + [Socket]
> + ListenStream=@localstatedir@/run/libvirt/virtlogd-admin-sock
> + Service=virtlogd.service
> ++SocketMode=0600
> +
> + [Install]
> + WantedBy=sockets.target
> +diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in
> +index 22b9360..ae48cda 100644
> +--- a/src/logging/virtlogd.socket.in
> ++++ b/src/logging/virtlogd.socket.in
> +@@ -4,6 +4,7 @@ Before=libvirtd.service
> +
> + [Socket]
> + ListenStream=@localstatedir@/run/libvirt/virtlogd-sock
> ++SocketMode=0600
> +
> + [Install]
> + WantedBy=sockets.target
> +--
> +2.7.4
> +
> diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch
> new file mode 100644
> index 0000000..72e69a8
> --- /dev/null
> +++ b/recipes-extended/libvirt/libvirt/CVE-2019-10161.patch
> @@ -0,0 +1,101 @@
> +From 568c735d7b0ccb55f9476c86f8603eb3a5c9fc5c Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
> +Date: Fri, 14 Jun 2019 08:47:42 +0200
> +Subject: [PATCH 4/7] api: disallow virDomainSaveImageGetXMLDesc on read-only
> + connections
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +The virDomainSaveImageGetXMLDesc API is taking a path parameter,
> +which can point to any path on the system. This file will then be
> +read and parsed by libvirtd running with root privileges.
> +
> +Forbid it on read-only connections.
> +
> +Fixes: CVE-2019-10161
> +Reported-by: Matthias Gerstner <mgerstner@suse.de>
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> +(cherry picked from commit aed6a032cead4386472afb24b16196579e239580)
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +
> +Conflicts:
> + src/libvirt-domain.c
> + src/remote/remote_protocol.x
> +
> +Upstream commit 12a51f372 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE
> +alias for VIR_DOMAIN_XML_SECURE is not backported.
> +Just skip the commit since we now disallow the whole API on read-only
> +connections, regardless of the flag.
> +
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +
> +Upstream-Status: Backport
> +CVE: CVE-2019-19161
> +Signed-off-by: Armin Kuster <akuster@mvista.com>
> +---
> + src/libvirt-domain.c | 11 ++---------
> + src/qemu/qemu_driver.c | 2 +-
> + src/remote/remote_protocol.x | 3 +--
> + 3 files changed, 4 insertions(+), 12 deletions(-)
> +
> +diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
> +index 7690339..c188239 100644
> +--- a/src/libvirt-domain.c
> ++++ b/src/libvirt-domain.c
> +@@ -1073,9 +1073,7 @@ virDomainRestoreFlags(virConnectPtr conn, const char *from, const char *dxml,
> + * previously by virDomainSave() or virDomainSaveFlags().
> + *
> + * No security-sensitive data will be included unless @flags contains
> +- * VIR_DOMAIN_XML_SECURE; this flag is rejected on read-only
> +- * connections. For this API, @flags should not contain either
> +- * VIR_DOMAIN_XML_INACTIVE or VIR_DOMAIN_XML_UPDATE_CPU.
> ++ * VIR_DOMAIN_XML_SECURE.
> + *
> + * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of
> + * error. The caller must free() the returned value.
> +@@ -1091,12 +1089,7 @@ virDomainSaveImageGetXMLDesc(virConnectPtr conn, const char *file,
> +
> + virCheckConnectReturn(conn, NULL);
> + virCheckNonNullArgGoto(file, error);
> +-
> +- if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_XML_SECURE)) {
> +- virReportError(VIR_ERR_OPERATION_DENIED, "%s",
> +- _("virDomainSaveImageGetXMLDesc with secure flag"));
> +- goto error;
> +- }
> ++ virCheckReadOnlyGoto(conn->flags, error);
> +
> + if (conn->driver->domainSaveImageGetXMLDesc) {
> + char *ret;
> +diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> +index a52e249..f7656e5 100644
> +--- a/src/qemu/qemu_driver.c
> ++++ b/src/qemu/qemu_driver.c
> +@@ -6798,7 +6798,7 @@ qemuDomainSaveImageGetXMLDesc(virConnectPtr conn, const char *path,
> + if (fd < 0)
> + goto cleanup;
> +
> +- if (virDomainSaveImageGetXMLDescEnsureACL(conn, def, flags) < 0)
> ++ if (virDomainSaveImageGetXMLDescEnsureACL(conn, def) < 0)
> + goto cleanup;
> +
> + ret = qemuDomainDefFormatXML(driver, def, flags);
> +diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
> +index 28c8feb..52b9233 100644
> +--- a/src/remote/remote_protocol.x
> ++++ b/src/remote/remote_protocol.x
> +@@ -5226,8 +5226,7 @@ enum remote_procedure {
> + /**
> + * @generate: both
> + * @priority: high
> +- * @acl: domain:read
> +- * @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE
> ++ * @acl: domain:write
> + */
> + REMOTE_PROC_DOMAIN_SAVE_IMAGE_GET_XML_DESC = 235,
> +
> +--
> +2.7.4
> +
> diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch
> new file mode 100644
> index 0000000..6305ffd
> --- /dev/null
> +++ b/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch
> @@ -0,0 +1,43 @@
> +From 0a744e15517d727c7f473fabe32ca6b0dbb7b7d1 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
> +Date: Fri, 14 Jun 2019 09:14:53 +0200
> +Subject: [PATCH 5/7] api: disallow virDomainManagedSaveDefineXML on read-only
> + connections
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +The virDomainManagedSaveDefineXML can be used to alter the domain's
> +config used for managedsave or even execute arbitrary emulator binaries.
> +Forbid it on read-only connections.
> +
> +Fixes: CVE-2019-10166
> +Reported-by: Matthias Gerstner <mgerstner@suse.de>
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> +(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a)
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +
> +Upstream-Status: Backport
> +CVE: CVE-2019-19166
> +Signed-off-by: Armin Kuster <akuster@mvista.com>
> +
> +---
> + src/libvirt-domain.c | 1 +
> + 1 file changed, 1 insertion(+)
> +
> +diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
> +index c188239..d8b64c0 100644
> +--- a/src/libvirt-domain.c
> ++++ b/src/libvirt-domain.c
> +@@ -9490,6 +9490,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml,
> +
> + virCheckDomainReturn(domain, -1);
> + conn = domain->conn;
> ++ virCheckReadOnlyGoto(conn->flags, error);
> +
> + if (conn->driver->domainManagedSaveDefineXML) {
> + int ret;
> +--
> +2.7.4
> +
> diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
> new file mode 100644
> index 0000000..abca309
> --- /dev/null
> +++ b/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch
> @@ -0,0 +1,41 @@
> +From 6452b9fdff7988024a6157ca0a973ac3abf54468 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
> +Date: Fri, 14 Jun 2019 09:16:14 +0200
> +Subject: [PATCH 6/7] api: disallow virConnectGetDomainCapabilities on
> + read-only connections
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +This API can be used to execute arbitrary emulators.
> +Forbid it on read-only connections.
> +
> +Fixes: CVE-2019-10167
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> +(cherry picked from commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26)
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +
> +Upstream-Status: Backport
> +CVE: CVE-2019-19167
> +Signed-off-by: Armin Kuster <akuster@mvista.com>
> +
> +---
> + src/libvirt-domain.c | 1 +
> + 1 file changed, 1 insertion(+)
> +
> +diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
> +index d8b64c0..1e1c4e3 100644
> +--- a/src/libvirt-domain.c
> ++++ b/src/libvirt-domain.c
> +@@ -11282,6 +11282,7 @@ virConnectGetDomainCapabilities(virConnectPtr conn,
> + virResetLastError();
> +
> + virCheckConnectReturn(conn, NULL);
> ++ virCheckReadOnlyGoto(conn->flags, error);
> +
> + if (conn->driver->connectGetDomainCapabilities) {
> + char *ret;
> +--
> +2.7.4
> +
> diff --git a/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch b/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch
> new file mode 100644
> index 0000000..2211238
> --- /dev/null
> +++ b/recipes-extended/libvirt/libvirt/CVE-2019-10168.patch
> @@ -0,0 +1,49 @@
> +From dd88b69a207c1ed6e89d7e9fa6b5f4a9ec4db97c Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
> +Date: Fri, 14 Jun 2019 09:17:39 +0200
> +Subject: [PATCH 7/7] api: disallow virConnect*HypervisorCPU on read-only
> + connections
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +These APIs can be used to execute arbitrary emulators.
> +Forbid them on read-only connections.
> +
> +Fixes: CVE-2019-10168
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> +(cherry picked from commit bf6c2830b6c338b1f5699b095df36f374777b291)
> +Signed-off-by: Ján Tomko <jtomko@redhat.com>
> +
> +Upstream-Status: Backport
> +CVE: CVE-2019-19168
> +Signed-off-by: Armin Kuster <akuster@mvista.com>
> +
> +---
> + src/libvirt-host.c | 2 ++
> + 1 file changed, 2 insertions(+)
> +
> +diff --git a/src/libvirt-host.c b/src/libvirt-host.c
> +index e20d6ee..2978825 100644
> +--- a/src/libvirt-host.c
> ++++ b/src/libvirt-host.c
> +@@ -1041,6 +1041,7 @@ virConnectCompareHypervisorCPU(virConnectPtr conn,
> +
> + virCheckConnectReturn(conn, VIR_CPU_COMPARE_ERROR);
> + virCheckNonNullArgGoto(xmlCPU, error);
> ++ virCheckReadOnlyGoto(conn->flags, error);
> +
> + if (conn->driver->connectCompareHypervisorCPU) {
> + int ret;
> +@@ -1234,6 +1235,7 @@ virConnectBaselineHypervisorCPU(virConnectPtr conn,
> +
> + virCheckConnectReturn(conn, NULL);
> + virCheckNonNullArgGoto(xmlCPUs, error);
> ++ virCheckReadOnlyGoto(conn->flags, error);
> +
> + if (conn->driver->connectBaselineHypervisorCPU) {
> + char *cpu;
> +--
> +2.7.4
> +
> diff --git a/recipes-extended/libvirt/libvirt_4.9.0.bb b/recipes-extended/libvirt/libvirt_4.9.0.bb
> index 813d95e..db5a4f9 100644
> --- a/recipes-extended/libvirt/libvirt_4.9.0.bb
> +++ b/recipes-extended/libvirt/libvirt_4.9.0.bb
> @@ -36,6 +36,13 @@ SRC_URI = "http://libvirt.org/sources/libvirt-${PV}.tar.xz;name=libvirt \
> file://0001-ptest-Remove-Windows-1252-check-from-esxutilstest.patch \
> file://configure.ac-search-for-rpc-rpc.h-in-the-sysroot.patch \
> file://hook_support.py \
> + file://CVE-2019-10132_p1.patch \
> + file://CVE-2019-10132_p2.patch \
> + file://CVE-2019-10132_p3.patch \
> + file://CVE-2019-10161.patch \
> + file://CVE-2019-10166.patch \
> + file://CVE-2019-10167.patch \
> + file://CVE-2019-10168.patch \
> "
>
> SRC_URI[libvirt.md5sum] = "aaf7b265ac2013d6eb184a86b5f7eeb9"
> --
> 2.7.4
>
> --
> _______________________________________________
> meta-virtualization mailing list
> meta-virtualization@yoctoproject.org
> https://lists.yoctoproject.org/listinfo/meta-virtualization
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-09-09 17:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-06 2:52 [warrior][PATCH] libvirt: Five security fixes Armin Kuster
2019-09-09 17:28 ` Bruce Ashfield
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.