xemu-project/xemu
1
0
Fork 0
mirror of https://github.com/xemu-project/xemu.git synced 2025-02-25 23:15:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
xemu/block
History
Stefan Hajnoczi fb6d1bbd24 block/curl: disable extra protocols to prevent CVE-2013-0249 
There is a buffer overflow in libcurl POP3/SMTP/IMAP.  The workaround is
simple: disable extra protocols so that they cannot be exploited.  Full
details here:

  http://curl.haxx.se/docs/adv_20130206.html

QEMU only cares about HTTP, HTTPS, FTP, FTPS, and TFTP.  I have tested
that this fix prevents the exploit on my host with
libcurl-7.27.0-5.fc18.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-02-08 11:14:20 -06:00
..
blkdebug.c
misc: move include files to include/qemu/
2012-12-19 08:32:39 +01:00
blkverify.c
misc: move include files to include/qemu/
2012-12-19 08:32:39 +01:00
bochs.c
bochs: Fix bdrv_open() error handling
2013-02-01 14:58:28 +01:00
cloop.c
cloop: Fix bdrv_open() error handling
2013-02-01 14:58:28 +01:00
commit.c
block: fix null-pointer bug on error case in block commit
2013-01-17 10:51:11 +01:00
cow.c
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
2013-01-25 18:18:35 +01:00
curl.c
block/curl: disable extra protocols to prevent CVE-2013-0249
2013-02-08 11:14:20 -06:00
dmg.c
dmg: Use g_free instead of free
2013-02-01 14:58:29 +01:00
gluster.c
misc: move include files to include/qemu/
2012-12-19 08:32:39 +01:00
iscsi.c
iscsi: add support for iovectors
2013-01-24 15:37:55 +01:00
linux-aio.c
misc: move include files to include/qemu/
2012-12-19 08:32:39 +01:00
Makefile.objs
build: move rules from Makefile to */Makefile.objs
2012-12-19 08:29:06 +01:00
mirror.c
mirror: do nothing on zero-sized disk
2013-01-25 18:18:35 +01:00
nbd.c
misc: move include files to include/qemu/
2012-12-19 08:32:39 +01:00
parallels.c
parallels: Fix bdrv_open() error handling
2013-02-01 14:58:29 +01:00
qcow2-cache.c
block: move include files to include/block/
2012-12-19 08:31:31 +01:00
qcow2-cluster.c
block: move include files to include/block/
2012-12-19 08:31:31 +01:00
qcow2-refcount.c
g_malloc(0) and g_malloc0(0) return NULL; simplify
2013-01-30 11:14:46 +01:00
qcow2-snapshot.c
block: move include files to include/block/
2012-12-19 08:31:31 +01:00
qcow2.c
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
2013-01-25 18:18:35 +01:00
qcow2.h
block: move include files to include/block/
2012-12-19 08:31:31 +01:00
qcow.c
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
2013-01-25 18:18:35 +01:00
qed-check.c
qed: mark image clean after repair succeeds
2012-08-10 10:25:12 +02:00
qed-cluster.c
qed-gencb.c
qed-l2-cache.c
qed: do not evict in-use L2 table cache entries
2012-03-12 15:14:06 +01:00
qed-table.c
misc: move include files to include/qemu/
2012-12-19 08:32:39 +01:00
qed.c
block: Use error code EMEDIUMTYPE for wrong format in some block drivers
2013-01-25 18:18:35 +01:00
qed.h
block: move include files to include/block/
2012-12-19 08:31:31 +01:00
raw-aio.h
block: make discard asynchronous
2013-01-15 10:03:47 +01:00
raw-posix.c
block/raw-posix: Build fix for O_ASYNC
2013-02-01 15:11:12 +01:00
raw-win32.c
block/raw-win32: Fix compiler warnings (wrong format specifiers)
2013-01-02 16:08:57 +01:00
raw.c
misc: move include files to include/qemu/
2012-12-19 08:32:39 +01:00
rbd.c
misc: move include files to include/qemu/
2012-12-19 08:32:39 +01:00
sheepdog.c
sheepdog: pass vdi_id to sheep daemon for sd_close()
2013-02-01 14:58:28 +01:00
stream.c
block: move include files to include/block/
2012-12-19 08:31:31 +01:00
vdi.c
g_malloc(0) and g_malloc0(0) return NULL; simplify
2013-01-30 11:14:46 +01:00
vmdk.c
vmdk: Allow space in file name
2013-02-01 14:58:29 +01:00
vpc.c
vpc: Fix bdrv_open() error handling
2013-02-01 14:58:28 +01:00
vvfat.c
Replace remaining gmtime, localtime by gmtime_r, localtime_r
2013-01-11 09:44:37 +01:00
win32-aio.c
win32-aio: use iov utility functions instead of open-coding them
2013-01-18 09:57:51 +01:00