Re: cve patch wanted

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cve patch wanted

From:	Philippe Mathieu-Daudé
Subject:	Re: cve patch wanted
Date:	Mon, 13 Jul 2020 10:16:37 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0

Hi,

On 7/11/20 2:28 PM, 林奕帆 wrote:
> Hello
>    I am a student from Fudan University in China. I am doing research on
> CVE patch recently. But i can not find the PATCH COMMIT of
> CVE-2019-12247 cve-2019-12155 cve-2019-6778.Can you give me the commit
> fix this cve?

* CVE-2019-12247

I don't know about this one, maybe related to CVE-2018-12617 fixed
by commit 1329651fb4 ("qga: Restrict guest-file-read count to 48 MB")
Cc'ing Michael for CVE-2019-12247.

* CVE-2019-12155

I don't have access to the information (still marked 'private'
one year after), but I *guess* it has been fixed by commit
d52680fc93 ("qxl: check release info object").
Cc'ing Gerd and Prasad.

* CVE-2019-6778

This one is in SLiRP, Cc'ing Samuel and Marc-André.

[Prev in Thread]

Current Thread

[Next in Thread]

cve patch wanted, 林奕帆, 2020/07/11
- Re: cve patch wanted, Philippe Mathieu-Daudé <=
  - Re: cve patch wanted, Marc-André Lureau, 2020/07/13
  - Re: cve patch wanted, P J P, 2020/07/13
  - Re: cve patch wanted, Michael Roth, 2020/07/13

Prev by Date: Re: hw/misc/aspeed_scu: 5d971f9e breaks Supermicro AST2400
Next by Date: Re: [PATCH 1/1] MAINTAINERS: Add Python library stanza
Previous by thread: cve patch wanted
Next by thread: Re: cve patch wanted
Index(es):
- Date
- Thread