all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* QEMU update (security)
@ 2016-09-04 20:20 Leo Famulari
  2016-09-05  9:24 ` Efraim Flashner
  0 siblings, 1 reply; 2+ messages in thread
From: Leo Famulari @ 2016-09-04 20:20 UTC (permalink / raw)
  To: guix-devel


[-- Attachment #1.1: Type: text/plain, Size: 202 bytes --]

This updates QEMU to the latest release, 2.7.0.

It fixes at least one security bug (I think that every new QEMU release
fixes security bugs):
http://seclists.org/oss-sec/2016/q3/394

Tested on x86-64.

[-- Attachment #1.2: 0001-gnu-qemu-Update-to-2.7.0-fixes-CVE-2016-7116.patch --]
[-- Type: text/plain, Size: 1638 bytes --]

From a46d80d697e2ed93596a69b9f170b645f8b608a0 Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Sun, 4 Sep 2016 02:53:37 -0400
Subject: [PATCH] gnu: qemu: Update to 2.7.0 [fixes CVE-2016-7116].

* gnu/packages/qemu.scm (qemu): Update to 2.7.0.
[arguments]: Adjust path in 'disable-test-qga' phase.
---
 gnu/packages/qemu.scm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm
index 1b9f0ad..aee6a75 100644
--- a/gnu/packages/qemu.scm
+++ b/gnu/packages/qemu.scm
@@ -69,14 +69,14 @@
 (define-public qemu
   (package
     (name "qemu")
-    (version "2.6.1")
+    (version "2.7.0")
     (source (origin
              (method url-fetch)
              (uri (string-append "http://wiki.qemu-project.org/download/qemu-"
                                  version ".tar.bz2"))
              (sha256
               (base32
-               "1l88iqk0swqccrnjwczgl9arqsvy77bis862zxajy7z3dqdzshj9"))))
+               "0lqyz01z90nvxpc3nx4djbci7hx62cwvs5zwd6phssds0sap6vij"))))
     (build-system gnu-build-system)
     (arguments
      '(;; Running tests in parallel can occasionally lead to failures, like:
@@ -125,7 +125,7 @@
              (setenv "V" "1")))
          (add-before 'check 'disable-test-qga
            (lambda _
-             (substitute* "tests/Makefile"
+             (substitute* "tests/Makefile.include"
                ;; Comment out the test-qga test, which needs /sys and
                ;; fails within the build environment.
                (("check-unit-.* tests/test-qga" all)
-- 
2.10.0


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: QEMU update (security)
  2016-09-04 20:20 QEMU update (security) Leo Famulari
@ 2016-09-05  9:24 ` Efraim Flashner
  0 siblings, 0 replies; 2+ messages in thread
From: Efraim Flashner @ 2016-09-05  9:24 UTC (permalink / raw)
  To: Leo Famulari; +Cc: guix-devel

[-- Attachment #1: Type: text/plain, Size: 2273 bytes --]

On Sun, Sep 04, 2016 at 04:20:44PM -0400, Leo Famulari wrote:
> This updates QEMU to the latest release, 2.7.0.
> 
> It fixes at least one security bug (I think that every new QEMU release
> fixes security bugs):
> http://seclists.org/oss-sec/2016/q3/394
> 
> Tested on x86-64.

> From a46d80d697e2ed93596a69b9f170b645f8b608a0 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Sun, 4 Sep 2016 02:53:37 -0400
> Subject: [PATCH] gnu: qemu: Update to 2.7.0 [fixes CVE-2016-7116].
> 
> * gnu/packages/qemu.scm (qemu): Update to 2.7.0.
> [arguments]: Adjust path in 'disable-test-qga' phase.
> ---
>  gnu/packages/qemu.scm | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/gnu/packages/qemu.scm b/gnu/packages/qemu.scm
> index 1b9f0ad..aee6a75 100644
> --- a/gnu/packages/qemu.scm
> +++ b/gnu/packages/qemu.scm
> @@ -69,14 +69,14 @@
>  (define-public qemu
>    (package
>      (name "qemu")
> -    (version "2.6.1")
> +    (version "2.7.0")
>      (source (origin
>               (method url-fetch)
>               (uri (string-append "http://wiki.qemu-project.org/download/qemu-"
>                                   version ".tar.bz2"))
>               (sha256
>                (base32
> -               "1l88iqk0swqccrnjwczgl9arqsvy77bis862zxajy7z3dqdzshj9"))))
> +               "0lqyz01z90nvxpc3nx4djbci7hx62cwvs5zwd6phssds0sap6vij"))))
>      (build-system gnu-build-system)
>      (arguments
>       '(;; Running tests in parallel can occasionally lead to failures, like:
> @@ -125,7 +125,7 @@
>               (setenv "V" "1")))
>           (add-before 'check 'disable-test-qga
>             (lambda _
> -             (substitute* "tests/Makefile"
> +             (substitute* "tests/Makefile.include"
>                 ;; Comment out the test-qga test, which needs /sys and
>                 ;; fails within the build environment.
>                 (("check-unit-.* tests/test-qga" all)
> -- 
> 2.10.0
> 

I haven't tested it but it looks good.



-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-09-05  9:25 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-09-04 20:20 QEMU update (security) Leo Famulari
2016-09-05  9:24 ` Efraim Flashner

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.