Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: de1c582f3d5a
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 78e1f59812b1
Choose a head ref
  • 2 commits
  • 1 file changed
  • 2 contributors

Commits on Nov 7, 2019

  1. qemu: add patches for CVE-2019-13164 & CVE-2019-14378 

    (cherry picked from commit 38a4dc2 & adapted)
    @risicle
    risicle committed Nov 7, 2019
    Copy the full SHA
    589ee43 View commit details

Commits on Nov 8, 2019

  1. Merge pull request #73009 from risicle/ris-qemu-CVEs-r19.03 

    [r19.03] qemu: add patches for CVE-2019-13164 & CVE-2019-14378
    @andir
    andir authored Nov 8, 2019

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    78e1f59 View commit details
Showing with 8 additions and 0 deletions.
  1. +8 −0 pkgs/applications/virtualization/qemu/default.nix
8 changes: 8 additions & 0 deletions pkgs/applications/virtualization/qemu/default.nix
View file
Original file line number Diff line number Diff line change
@@ -87,6 +87,14 @@ stdenv.mkDerivation rec {
name = "CVE-2019-12155.patch";
sha256 = "0h2q71mcz3gvlrbfkqcgla74jdg73hvzcrwr4max2ckpxx8x9207";
})
(fetchpatch {
url = "https://sources.debian.org/data/main/q/qemu/1:3.1+dfsg-8+deb10u2/debian/patches/slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch";
sha256 = "1yf7cw4ajiy9pwjfscxyfmmbawpk3rkd046y6fd6h4zpf4cc2fn5";
})
(fetchpatch {
url = "https://sources.debian.org/data/main/q/qemu/1:3.1+dfsg-8+deb10u2/debian/patches/qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch";
sha256 = "1ypcdlpg3nap0kg9xkrgrqw33j5ah4j7l4i2cp6d5ap8vrw9nn3l";
})
] ++ optional nixosTestRunner ./force-uid0-on-9p.patch
++ optional pulseSupport ./fix-hda-recording.patch
++ optionals stdenv.hostPlatform.isMusl [