cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
112,778 Commits 1 Branch 0 Tags
Commit Graph

162 Commits

Author SHA1 Message Date
bluhm
15a7367811 Add wxneeded flag when linking qemu. 
Add build dependency for msgfmt.
OK jca@ jung@ Brad Smith (maintainer)
 2016-08-16 10:59:47 +00:00
ajacoutot
e3006d696d Update to qemu-2.6.0. 
from Brad (maintainer)
 2016-05-13 07:20:46 +00:00
ajacoutot
45393be551 Update to qemu-2.5.1.1. 2016-05-10 16:08:13 +00:00
ajacoutot
93f3563ace Update to qemu-2.5.1. 
from Brad (maintainer)
 2016-04-11 05:56:45 +00:00
ajacoutot
eb809066a9 Tweak for CFLAGS handling. No change in resulting binary. 
from Brad (maintainer)
 2016-03-15 08:26:06 +00:00
ajacoutot
12142f4442 Major update to qemu-2.5.0. 
Please direct any runtime fallout to Brad.

from Brad (maintainer)
 2016-03-14 19:46:12 +00:00
ajacoutot
562c51d947 Fix for CVE-2016-2538. 
from Brad (maintainer)
 2016-03-01 10:18:25 +00:00
ajacoutot
d0d12a862e Security fix for CVE-2016-2391 and CVE-2016-2393. 
from Brad (maintainer)
ok sthen@
 2016-02-20 22:46:46 +00:00
sthen
e7fb0a762a Add a patch from QEMU upstream to fix CVE-2016-2198. From Brad, ok aja@ 
"USB Ehci emulation supports host controller capability registers.
But its mmio '.write' function was missing, which lead to a null
pointer dereference issue. Add a do nothing 'ehci_caps_write'
definition to avoid it; Do nothing because capability registers
are Read Only(RO)."
 2016-02-14 11:27:32 +00:00
ajacoutot
14fc4e7dee SECURITY fix for CVE-2016-1981. 
from Brad (maintainer)
 2016-01-22 07:00:15 +00:00
ajacoutot
1731f561b1 SECURITY fix for CVE-2016-1714. 
from Brad (maintainer)
 2016-01-14 06:12:10 +00:00
ajacoutot
46b621ab9d SECURITY fixes for: 
CVE-2015-8619, CVE-2015-8666, CVE-2015-8743, CVE-2015-8744, and CVE-2015-8745

from Brad (maintainer)
 2016-01-05 06:56:12 +00:00
ajacoutot
0986de7918 SECURITY fix for CVE-2015-8613; from Brad (maintainer) 
While here, fix path to smbd(8); reported by mlarkin@
 2015-12-22 06:43:05 +00:00
ajacoutot
f1ac26cc40 SECURITY fixes for: 
CVE-2015-7549, CVE-2015-8504, CVE-2015-8558, CVE-2015-8567 and CVE-2015-8568

from Brad (maintainer)
 2015-12-16 06:41:06 +00:00
ajacoutot
b8cd4fd2ab SECURITY fixes for CVE-2015-7504, CVE-2015-7512, CVE-2015-8345. 
from Brad (maintainer)
 2015-12-08 06:55:13 +00:00
sthen
6f8fbf707d Remove malloc tracing from QEMU, this was removed in newer glib and results 
in annoying messages:

(process:23283): GLib-WARNING **: gmem.c:482: custom memory allocation vtable not supported

From Brad.
 2015-11-03 16:25:24 +00:00
sthen
783a43b006 tap(4) and sudo cleanup for QEMU, from Brad. 2015-10-28 09:17:31 +00:00
sthen
ac0240b63f Adjust Qemu following the split of tun(4)'s "link0" mode into tap(4). 2015-10-23 15:15:28 +00:00
ajacoutot
15b06e762f SECURITY: CVE-2015-5278, CVE-2015-5279, CVE-2015-6815 
Some more fixes, mostly security related.

from Brad (maintainer)
 2015-09-16 09:18:13 +00:00
ajacoutot
1fe8b1ca1f SECURITY: CVE-2015-5745 
virtio-serial: fix ANY_LAYOUT
Don't assume a specific layout for control messages.
Required by virtio 1.

from Brad (maintainer)
 2015-09-16 07:08:41 +00:00
ajacoutot
2be6e94ebb Enable USB support now that libusb1>=1.0.20 is in. 
from Brad (maintainer)
 2015-09-15 12:48:39 +00:00
ajacoutot
e6c71023c7 SECURITY: vnc, fix memory corruption (CVE-2015-5225). 
from Brad (maintainer)
 2015-09-04 14:20:29 +00:00
ajacoutot
e07c6dbcdb Enable the built-in iSCSI and NFS clients, the LZO support and the UUID 
support.

from Brad (maintainer)
 2015-08-25 06:43:35 +00:00
sthen
de389f3209 Backport SECURITY fixes for qemu, from Brad. 
ide/atapi: Fix START STOP UNIT command completion
rtl8139: avoid nested ifs in IP header parsing (CVE-2015-5165)
rtl8139: drop tautologous if (ip) {...} statement (CVE-2015-5165)
rtl8139: skip offload on short Ethernet/IP header (CVE-2015-5165)
rtl8139: check IP Header Length field (CVE-2015-5165)
rtl8139: check IP Total Length field (CVE-2015-5165)
rtl8139: skip offload on short TCP header (CVE-2015-5165)
rtl8139: check TCP Data Offset field (CVE-2015-5165)
scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158)
slirp: use less predictable directory name in /tmp for smb config (CVE-2015-4037)
i8254: fix out-of-bounds memory access in pit_ioport_read() (CVE-2015-3214)
incrementally decode websocket frames (CVE-2015-1779)
limit size of HTTP headers from websockets clients (CVE-2015-1779)
 2015-08-11 21:28:53 +00:00
jung
2083baf13b remove sudo as run dependency and switch to doas in readme and scripts 
ok sthen deraadt
 2015-08-03 19:14:56 +00:00
sthen
3c9b0fc32d add security fix for qemu CVE-2015-5154, from brad: 
ide: Check array bounds before writing to io_buffer
 2015-07-28 09:51:20 +00:00
sthen
78402cc18f Security fixes for qemu, from brad: 
CVE-2015-3456  fdc: force the fifo access to be in bounds of the allocated buffer

During processing of certain commands such as FD_CMD_READ_ID and
FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could
get out of bounds leading to memory corruption with values coming
from the guest.

Fix this by making sure that the index is always bounded by the
allocated memory.


CVE-2015-3209  pcnet: force the buffer access to be in bounds during tx

4096 is the maximum length per TMD and it is also currently the size of
the relay buffer pcnet driver uses for sending the packet data to QEMU
for further processing. With packet spanning multiple TMDs it can
happen that the overall packet size will be bigger than sizeof(buffer),
which results in memory corruption.

Fix this by only allowing to queue maximum sizeof(buffer) bytes.
 2015-07-18 20:36:56 +00:00
ajacoutot
16a0151b00 ifdow/ifup require security/sudo. 
ok brad@ (maintainer)
 2015-07-18 05:48:43 +00:00
sthen
35319542e1 Update to QEMU 2.2.1, from Brad (maintainer). 
"The QEMU update was also Ok'd by rpe@ bcallah@"
 2015-04-09 20:12:15 +00:00
brad
6abaf2e78d Update to QEMU 2.2.0. 
ok rpe@
 2014-12-15 18:19:51 +00:00
brad
30facbd95e Update to QEMU 2.1.2. 
ok bcallah@
 2014-09-28 21:36:45 +00:00
brad
c0d02750eb Update to QEMU 2.1.1. 
ok bcallah@
 2014-09-20 03:03:19 +00:00
brad
a5111197c2 and this too. 2014-08-14 22:34:54 +00:00
brad
331885c656 commit from the right dir so the actual 2.1.0 Makefile goes in. 2014-08-14 21:14:09 +00:00
brad
fce588d812 Update to QEMU 2.1.0 
ok bcallah@ rpe@
 2014-08-14 01:05:03 +00:00
brad
33fe61d150 Update to QEMU 2.0.0 
ok bcallah@ gsoares@ rpe@
 2014-04-25 20:59:43 +00:00
brad
ffdba50c3d Update to QEMU 1.7.1. 
ok gsoares@
 2014-03-26 14:14:47 +00:00
brad
990f95de44 - Sync PIE bits with what was commited upstream 
- Use stack protector strong instead of all

ok sthen@
 2014-03-09 22:50:17 +00:00
brad
dbbfb242e6 Update to QEMU 1.7.0. 
ok rpe@
 2013-11-29 21:21:38 +00:00
sthen
701c91e413 kill VMEM_WARNING 2013-11-25 14:16:22 +00:00
brad
5396b30573 Update to QEMU 1.6.1. 
ok sthen@
 2013-10-30 19:53:29 +00:00
brad
afc65a9928 Update to QEMU 1.6.0. 
ok sthen@ rpe@
 2013-09-08 14:15:00 +00:00
brad
002dee61a3 Switch TIME_MAX from int to long long. 
ok sthen@
 2013-08-19 05:28:20 +00:00
brad
06578bfc85 Update to QEMU 1.5.1. 
ok sthen@
 2013-07-18 20:20:18 +00:00
brad
dd7b90b352 Back port a commit from master to make use of external libfdt 
instead of the integrated copy.

ok sthen@
 2013-06-23 21:27:55 +00:00
brad
d1f37b1012 Update to QEMU 1.5.0. 
ok sthen@
 2013-06-03 22:34:24 +00:00
brad
770c6df8bc Update to QEMU 1.4.2. Includes a fix for CVE-2013-2007. 
ok sthen@
 2013-05-24 22:05:51 +00:00
brad
e1fc1f0ef4 Update to QEMU 1.4.1. Includes a fix for CVE-2013-1922. 
ok sthen@
 2013-04-19 02:47:43 +00:00
brad
6f9fb3668a Make use of the testsuite. 
ok sthen@
 2013-04-14 20:28:56 +00:00
brad
0ba56332b3 Update the get_clock() function so it will utilize clock_gettime() with 
monotonic time on OpenBSD instead of using gettimeofday().

ok sthen@
 2013-04-01 13:40:32 +00:00