Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/qemu: security bump to version 8.0.2

Fixes CVE-2023-0330:
A vulnerability in the lsi53c895a device affects the latest version of
qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs
like stack overflow or use-after-free.

See:
https://lists.gnu.org/archive/html/qemu-devel/2023-06/msg00221.html

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0adcc6d693d97b57586d04955bd68613d78578c3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Romain Naour 2 years ago
parent
a319bd0e31
commit
24ef678979
2 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      package/qemu/qemu.hash
  2. 1 1
      package/qemu/qemu.mk

+ 1 - 1
package/qemu/qemu.hash
View File 

@@ -1,4 +1,4 @@
 
 # Locally computed, tarball verified with GPG signature
 
-sha256  bb60f0341531181d6cc3969dd19a013d0427a87f918193970d9adb91131e56d0  qemu-8.0.0.tar.xz
 
+sha256  f060abd435fbe6794125e2c398568ffc3cfa540042596907a8b18edca34cf6a5  qemu-8.0.2.tar.xz
 
 sha256  6f04ae8364d0079a192b14635f4b1da294ce18724c034c39a6a41d1b09df6100  COPYING
 
 sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING.LIB

+ 1 - 1
package/qemu/qemu.mk
View File 

@@ -6,7 +6,7 @@
 
 
 # When updating the version, check whether the list of supported targets
 
 # needs to be updated.
 
-QEMU_VERSION = 8.0.0
 
+QEMU_VERSION = 8.0.2
 
 QEMU_SOURCE = qemu-$(QEMU_VERSION).tar.xz
 
 QEMU_SITE = https://download.qemu.org
 
 QEMU_LICENSE = GPL-2.0, LGPL-2.1, MIT, BSD-3-Clause, BSD-2-Clause, Others/BSD-1c