qemu-all: fix CVE-2014-0150

2014-04-20 20:57:58 +02:00 · 2014-04-20 20:57:58 +02:00 · c16cb613a0
commit c16cb613a0
parent f21119e761
1 changed files with 6 additions and 1 deletions
--- a/qemu-all/Pkgfile
+++ b/qemu-all/Pkgfile
@ -7,10 +7,11 @@
 
 name=qemu-all
 version=2.0.0
-release=1
+release=2
 source=(http://wiki.qemu.org/download/qemu-$version.tar.bz2)

 build() {
+
  cd qemu-$version

  ./configure --prefix=/usr \
@ -22,6 +23,10 @@ build() {
      --disable-gtk \
      --localstatedir=/var

+  # fix CVE-2014-0150
+  sed -i '/if (in_use + mac_data.entries <= MAC_TABLE_ENTRIES) {/if \
+  (mac_data.entries <= MAC_TABLE_ENTRIES - in_use) {/' hw/net/virtio-net.c
+
  # fix include issues with libcap
  sed -i -e '/#include "qemu\/xattr.h"/d' \
         -e 's|#include <sys/resource.h>|#include <sys/resource.h>\r\n#include "qemu\/xattr.h"|g' \