From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-891372-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 0F89D1382FE
	for <garchives@archives.gentoo.org>; Sat,  9 Jul 2016 15:10:35 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id CD44A21C098;
	Sat,  9 Jul 2016 15:10:30 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 4EFD721C096
	for <gentoo-commits@lists.gentoo.org>; Sat,  9 Jul 2016 15:10:29 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 658D0340E99
	for <gentoo-commits@lists.gentoo.org>; Sat,  9 Jul 2016 15:10:28 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 64671244C
	for <gentoo-commits@lists.gentoo.org>; Sat,  9 Jul 2016 15:10:24 +0000 (UTC)
From: "Matthias Maier" <tamiko@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Matthias Maier" <tamiko@gentoo.org>
Message-ID: <1468077013.b2635367a98aa4e0770c5364f9d354322960cc59.tamiko@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: app-emulation/libvirt/, app-emulation/libvirt/files/
X-VCS-Repository: repo/gentoo
X-VCS-Files: app-emulation/libvirt/Manifest app-emulation/libvirt/files/libvirt-1.3.5-CVE-2016-5008.patch app-emulation/libvirt/libvirt-1.3.5-r1.ebuild
X-VCS-Directories: app-emulation/libvirt/ app-emulation/libvirt/files/
X-VCS-Committer: tamiko
X-VCS-Committer-Name: Matthias Maier
X-VCS-Revision: b2635367a98aa4e0770c5364f9d354322960cc59
X-VCS-Branch: master
Date: Sat,  9 Jul 2016 15:10:24 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: cc0fc2c0-c834-4aa9-b2d3-d71b3302c0b7
X-Archives-Hash: 35fead68c061c1f688552aa0782e26f4

commit:     b2635367a98aa4e0770c5364f9d354322960cc59
Author:     Matthias Maier <tamiko <AT> gentoo <DOT> org>
AuthorDate: Sat Jul  9 15:06:54 2016 +0000
Commit:     Matthias Maier <tamiko <AT> gentoo <DOT> org>
CommitDate: Sat Jul  9 15:10:13 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b2635367

app-emulation/libvirt: 1.3.5-r1: Switch to v1.3.5-maint channel for patches

Package-Manager: portage-2.2.28

 app-emulation/libvirt/Manifest                     |  1 +
 .../files/libvirt-1.3.5-CVE-2016-5008.patch        | 72 ----------------------
 app-emulation/libvirt/libvirt-1.3.5-r1.ebuild      |  5 +-
 3 files changed, 3 insertions(+), 75 deletions(-)

diff --git a/app-emulation/libvirt/Manifest b/app-emulation/libvirt/Manifest
index af8e9bb..9bd7c4c 100644
--- a/app-emulation/libvirt/Manifest
+++ b/app-emulation/libvirt/Manifest
@@ -1,4 +1,5 @@
 DIST libvirt-1.2.21-20160709.tar.xz 3048 SHA256 c2bef1c300099c3ff6ce81488a2678e588d18ca46a27916df160c8304239ca80 SHA512 fdf0cd5e1cc3e0144fa99577c1a8c2d5e69ab610c923071b645465fb58076b2ce7a8e4e7747f3a6c59716917c6d41f369d77565c0f9fe10907a76d9b39edede6 WHIRLPOOL 2816d54588e4a49efd6773982b2b8a281572607c86c5a57c45b1736ce22836ea4cb91cee8d59b8fddcaafd2e552d0422ef5ed4b33d19a1705d4a38f270b9d39d
 DIST libvirt-1.2.21.tar.gz 29848954 SHA256 8d406582f5fe88d739d1d83e0ba7ac7f91f5a8da4be82162ab85631744d8925b SHA512 5c15d0ba5d75c13f735c6a60dfdbad007426f77e113f95894d520f7fc358fa4361d5cce7bb9a548a436f323b845f13b8940abbad568b8b146418430068bb970e WHIRLPOOL d53bbb07c85b3aa2d9b0f38ff2edd3cd0a2a5300627f3e2f0a82bc057303617cab9d6f1d8a9a771bd968b0496d38d3a39a0154f88bdca44dda359a65fdc2c650
+DIST libvirt-1.3.5-20160709.tar.xz 1336 SHA256 d14b14661e9bd89a8805dd84d8ee5f8b39f428a4dcbf70693eea593328e28033 SHA512 08ad8c691f145a3a8c27b594b486b9265777f756099c127e58fd76bac7249a0e84181a3f15da4cf64ffdcf35ff7e3a2f1f1ee50f3882df5d980ad7250a30e44e WHIRLPOOL 8d8106314c2bed984db3947b51b90dadd45680a07d568cc980c6534ba2229bfff8d041ecf40898131030f3db8d6e223fe30ba3dc72b3fe7fedc02a77b5c37331
 DIST libvirt-1.3.5.tar.gz 35109092 SHA256 93a23c44eb431da46c9458f95a66e29c9b98e37515d44b6be09e75b35ec94ac8 SHA512 6c6a09623d3d4d426311bfa7039f5e39584d5f891b8e761bbdb3022601ea066b8e1c3f8d609326e8ba4081ae40b7b03086fbc8ba5759d218b8616ec98200a89d WHIRLPOOL 88ac308cc461efff842c27e40263a3b25ce0bc0ca310fb6e9def9126ab893fe43aed01bda9fc3615439ee797c36e2800f741b346e0b3d96aac64e7909c269879
 DIST libvirt-2.0.0.tar.xz 13161096 SHA256 10e90af55e613953c0ddc60b4ac3a10c73c0f3493d7014259e3f012b2ffc9acb SHA512 1182346e9268ec50cfd191a18172ad8ca80615a111547cc72fbe227cbbe9579263a1236f80cb36542272bdbf092e2184c9060b65c56dc2098076bbd1a89dd66c WHIRLPOOL 3d6d9e307228f54993c6082f7787d678b2afe84d96b47889d1565e38da489fb99691aeb598831dff04cd9fe47448ea35dc1f5a44b3c6638816cf61533155688c

diff --git a/app-emulation/libvirt/files/libvirt-1.3.5-CVE-2016-5008.patch b/app-emulation/libvirt/files/libvirt-1.3.5-CVE-2016-5008.patch
deleted file mode 100644
index a47b408..0000000
--- a/app-emulation/libvirt/files/libvirt-1.3.5-CVE-2016-5008.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From bb848feec0f3f10e92dd8e5231ae7aa89b5598f3 Mon Sep 17 00:00:00 2001
-From: Jiri Denemark <jdenemar@redhat.com>
-Date: Tue, 28 Jun 2016 14:39:58 +0200
-Subject: [PATCH] qemu: Let empty default VNC password work as documented
-
-CVE-2016-5008
-
-Setting an empty graphics password is documented as a way to disable
-VNC/SPICE access, but QEMU does not always behaves like that. VNC would
-happily accept the empty password. Let's enforce the behavior by setting
-password expiration to "now".
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1180092
-
-Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
----
- src/qemu/qemu_hotplug.c | 14 +++++++-------
- 1 file changed, 7 insertions(+), 7 deletions(-)
-
-diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
-index e0b8230..bf6430d 100644
---- a/src/qemu/qemu_hotplug.c
-+++ b/src/qemu/qemu_hotplug.c
-@@ -3933,6 +3933,7 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
-     time_t now = time(NULL);
-     char expire_time [64];
-     const char *connected = NULL;
-+    const char *password;
-     int ret = -1;
-     virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
- 
-@@ -3940,16 +3941,14 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
-         ret = 0;
-         goto cleanup;
-     }
-+    password = auth->passwd ? auth->passwd : defaultPasswd;
- 
-     if (auth->connected)
-         connected = virDomainGraphicsAuthConnectedTypeToString(auth->connected);
- 
-     if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
-         goto cleanup;
--    ret = qemuMonitorSetPassword(priv->mon,
--                                 type,
--                                 auth->passwd ? auth->passwd : defaultPasswd,
--                                 connected);
-+    ret = qemuMonitorSetPassword(priv->mon, type, password, connected);
- 
-     if (ret == -2) {
-         if (type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
-@@ -3957,14 +3956,15 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
-                            _("Graphics password only supported for VNC"));
-             ret = -1;
-         } else {
--            ret = qemuMonitorSetVNCPassword(priv->mon,
--                                            auth->passwd ? auth->passwd : defaultPasswd);
-+            ret = qemuMonitorSetVNCPassword(priv->mon, password);
-         }
-     }
-     if (ret != 0)
-         goto end_job;
- 
--    if (auth->expires) {
-+    if (password[0] == '\0') {
-+        snprintf(expire_time, sizeof(expire_time), "now");
-+    } else if (auth->expires) {
-         time_t lifetime = auth->validTo - now;
-         if (lifetime <= 0)
-             snprintf(expire_time, sizeof(expire_time), "now");
--- 
-2.7.3
-

diff --git a/app-emulation/libvirt/libvirt-1.3.5-r1.ebuild b/app-emulation/libvirt/libvirt-1.3.5-r1.ebuild
index c5f3f23..b4d3289 100644
--- a/app-emulation/libvirt/libvirt-1.3.5-r1.ebuild
+++ b/app-emulation/libvirt/libvirt-1.3.5-r1.ebuild
@@ -6,7 +6,7 @@ EAPI=5
 
 inherit eutils user autotools-utils linux-info systemd readme.gentoo
 
-BACKPORTS=""
+BACKPORTS="20160709" # CVE-2016-5008
 
 if [[ ${PV} = *9999* ]]; then
 	inherit git-r3
@@ -227,8 +227,7 @@ src_prepare() {
 		"${FILESDIR}"/${PN}-1.2.16-fix_paths_in_libvirt-guests_sh.patch \
 		"${FILESDIR}"/${PN}-1.3.1-fix_paths_for_apparmor.patch \
 		"${FILESDIR}"/${PN}-1.2.21-avoid_deprecated_pc_file.patch \
-		"${FILESDIR}"/${PN}-1.3.4-glibc-2.23.patch \
-		"${FILESDIR}"/${P}-CVE-2016-5008.patch
+		"${FILESDIR}"/${PN}-1.3.4-glibc-2.23.patch
 
 	[[ -n ${BACKPORTS} ]] &&
 		EPATCH_FORCE=yes EPATCH_SUFFIX="patch" \