qemu: add patches for CVE-2016-7994 & CVE-2016-8668

2016-11-17 21:38:56 +01:00 · 2016-11-17 21:38:56 +01:00 · f4a318b528
commit f4a318b528
parent e68d8e05aa
1 changed files with 10 additions and 0 deletions
--- a/pkgs/applications/virtualization/qemu/default.nix
+++ b/pkgs/applications/virtualization/qemu/default.nix
@ -113,6 +113,16 @@ stdenv.mkDerivation rec {
      url = "http://git.qemu.org/?p=qemu.git;a=patch;h=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9";
      sha256 = "0npi3fag52icq7xr799h5zi11xscbakdhqmdab0kyl6q331cc32z";
    })
+    (fetchpatch {
+      name = "qemu-CVE-2016-7994.patch";
+      url = "http://git.qemu.org/?p=qemu.git;a=patch;h=cb3a0522b694cc5bb6424497b3f828ccd28fd1dd";
+      sha256 = "1zhmbqlj0hc69ia4s6h59pi1z3nmijkryxwmf4bzp9gahx8x4xm3";
+    })
+    (fetchpatch {
+      name = "qemu-CVE-2016-8668.patch";
+      url = "http://git.qemu.org/?p=qemu.git;a=patch;h=8caed3d564672e8bc6d2e4c6a35228afd01f4723";
+      sha256 = "19sq6fh7nh8wrk52skky4vwm80029lhm093g11f539krmzjgipik";
+    })

    # FIXME: Fix for CVE-2016-9101 not yet ready: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg03024.html