NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/qemu: security bump to version 8.0.2

Browse Source 
Fixes CVE-2023-0330:
A vulnerability in the lsi53c895a device affects the latest version of
qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs
like stack overflow or use-after-free.

See:
https://lists.gnu.org/archive/html/qemu-devel/2023-06/msg00221.html

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Romain Naour 2023-06-14 23:09:26 +02:00 committed by Peter Korsgaard
parent 59df3875b5
commit 0adcc6d693
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/qemu/qemu.hash
View File

@ -1,4 +1,4 @@
# Locally computed, tarball verified with GPG signature
sha256 bb60f0341531181d6cc3969dd19a013d0427a87f918193970d9adb91131e56d0 qemu-8.0.0.tar.xz
sha256 f060abd435fbe6794125e2c398568ffc3cfa540042596907a8b18edca34cf6a5 qemu-8.0.2.tar.xz
sha256 6f04ae8364d0079a192b14635f4b1da294ce18724c034c39a6a41d1b09df6100 COPYING
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB

2
package/qemu/qemu.mk
View File

@ -6,7 +6,7 @@
# When updating the version, check whether the list of supported targets
# needs to be updated.
QEMU_VERSION = 8.0.0
QEMU_VERSION = 8.0.2
QEMU_SOURCE = qemu-$(QEMU_VERSION).tar.xz
QEMU_SITE = https://download.qemu.org
QEMU_LICENSE = GPL-2.0, LGPL-2.1, MIT, BSD-3-Clause, BSD-2-Clause, Others/BSD-1c