]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3119154) | patch
slirp: update to fix CVE-2020-1983
authorMarc-André Lureau <marcandre.lureau@redhat.com>
Tue, 21 Apr 2020 17:02:27 +0000 (19:02 +0200)
committerPeter Maydell <peter.maydell@linaro.org>
Tue, 21 Apr 2020 17:39:20 +0000 (18:39 +0100)
commit7769c23774d1278f60b9e40d2c0b98784de6425f
tree64250a7fd63d73a1f046f2462b73f667d3a6fc0ctree | snapshot
parent3119154db04890fdf57022a43cf2ee594fd4da5acommit | diff
slirp: update to fix CVE-2020-1983

This is an update on the stable-4.2 branch of libslirp.git:

git shortlog 55ab21c9a3..2faae0f778f81

Marc-André Lureau (1):
      Fix use-afte-free in ip_reass() (CVE-2020-1983)

CVE-2020-1983 is actually a follow up fix for commit
126c04acbabd7ad32c2b018fe10dfac2a3bc1210 ("Fix heap overflow in
ip_reass on big packet input") which was was included in qemu
v4.1 (commit e1a4a24d262ba5ac74ea1795adb3ab1cd574c7fb "slirp: update
with CVE-2019-14378 fix").

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20200421170227.843555-1-marcandre.lureau@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
slirp diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git