qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PULL 0/4] Block layer patches (CVE-2024-4467)


From: Richard Henderson
Subject: Re: [PULL 0/4] Block layer patches (CVE-2024-4467)
Date: Wed, 3 Jul 2024 11:26:13 -0700
User-agent: Mozilla Thunderbird

On 7/2/24 09:39, Kevin Wolf wrote:
The following changes since commit c80a339587fe4148292c260716482dd2f86d4476:

   Merge tag 'pull-target-arm-20240701' 
ofhttps://git.linaro.org/people/pmaydell/qemu-arm  into staging (2024-07-01 
10:41:45 -0700)

are available in the Git repository at:

   https://repo.or.cz/qemu/kevin.git  tags/for-upstream

for you to fetch changes up to 7ead946998610657d38d1a505d5f25300d4ca613:

   block: Parse filenames only when explicitly requested (2024-07-02 18:12:30 
+0200)

----------------------------------------------------------------
Block layer patches (CVE-2024-4467)

- Don't open qcow2 data files in 'qemu-img info'
- Disallow protocol prefixes for qcow2 data files, VMDK extent files and
   other child nodes that are neither 'file' nor 'backing'

Applied, thanks.  Please update https://wiki.qemu.org/ChangeLog/9.1 as 
appropriate.


r~




reply via email to

[Prev in Thread] Current Thread [Next in Thread]