[yocto] [OE-core] [PATCH 1/1] Qemu security patch: CVE-2014-3471
Burton, Ross
ross.burton at intel.com
Tue Jul 15 06:47:44 PDT 2014
On 15 July 2014 14:30, Daniel BORNAZ <daniel.bornaz at enea.com> wrote:
> +++ b/meta/recipes-devtools/qemu/files/pcie_better_hotplug_support.patch
> @@ -0,0 +1,74 @@
> +The current code is broken: it does surprise removal which crashes guests.
> +
> +Reimplemented the steps:
> + - Hotplug triggers both 'present detect change' and
> + 'attention button pressed'.
> +
> + - Hotunplug starts by triggering 'attention button pressed',
> + then waits for the OS to power off the device and only
> + then detaches it.
> +
> +Fixes CVE-2014-3471.
> +
> +Originated-by: Marcel Apfelbaum <address at hidden>
> +Updated-by: Daniel BORNAZ <daniel.bornaz at enea.com>
Missing upstream-status (and a proper signed-off-by).
Ross
More information about the yocto
mailing list