diff --git a/fix-CVE-2020-14339.patch b/fix-CVE-2020-14339.patch new file mode 100644 index 0000000000000000000000000000000000000000..72de81a400cf29d4f9fe298fb21020566b66a2c7 --- /dev/null +++ b/fix-CVE-2020-14339.patch @@ -0,0 +1,28 @@ +From 44203bec12f9af7e2c64a870f90e73723cb8fc67 Mon Sep 17 00:00:00 2001 +From: Jiajie Li +Date: Tue, 19 Jan 2021 16:40:44 +0800 +Subject: [PATCH] fix CVE-2020-14339 + +Adapation for openeuler libvirt + +Signed-off-by: Jiajie Li +--- + po/POTFILES.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/po/POTFILES.in b/po/POTFILES.in +index 6f9620d73a..197ff2f3d3 100644 +--- a/po/POTFILES.in ++++ b/po/POTFILES.in +@@ -238,7 +238,7 @@ + @SRCDIR@/src/util/vircrypto.c + @SRCDIR@/src/util/virdaemon.c + @SRCDIR@/src/util/virdbus.c +-@SRCDIR@src/util/virdevmapper.c ++@SRCDIR@/src/util/virdevmapper.c + @SRCDIR@/src/util/virdnsmasq.c + @SRCDIR@/src/util/virerror.c + @SRCDIR@/src/util/virerror.h +-- +2.27.0 + diff --git a/libvirt.spec b/libvirt.spec index a25367ad1caf217a92fdbe84dd5c1f5b63f8d838..5468f6dcbfa0793d62df38e4a0952a797d948351 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -99,7 +99,7 @@ Summary: Library providing a simple virtualization API Name: libvirt Version: 6.2.0 -Release: 10 +Release: 11 License: LGPLv2+ URL: https://libvirt.org/ @@ -137,6 +137,7 @@ Patch0026: rpc-require-write-acl-for-guest-agent-in-virDomainIn.patch Patch0027: qemu-agent-set-ifname-to-NULL-after-freeing.patch Patch0028: util-Move-virIsDevMapperDevice-to-virdevmapper.c.patch Patch0029: virdevmapper-Don-t-use-libdevmapper-to-obtain-depend.patch +Patch0030: fix-CVE-2020-14339.patch Requires: libvirt-daemon = %{version}-%{release} Requires: libvirt-daemon-config-network = %{version}-%{release} @@ -1869,6 +1870,9 @@ exit 0 %changelog +* Thu Jan 21 2021 Huawei Technologies Co., Ltd +- fix CVE-2020-14339 + * Wed Jan 20 2021 Huawei Technologies Co., Ltd - util: Move virIsDevMapperDevice() to virdevmapper.c - virdevmapper: Don't use libdevmapper to obtain dependencies