slirp: update to fix CVE-2020-1983 · qemu/qemu@8622408

Commit

slirp: update to fix CVE-2020-1983

This is an update on the stable-4.2 branch of libslirp.git:

git shortlog 55ab21c9a3..2faae0f778f81

Marc-André Lureau (1):
      Fix use-afte-free in ip_reass() (CVE-2020-1983)

CVE-2020-1983 is actually a follow up fix for commit
126c04acbabd7ad32c2b018fe10dfac2a3bc1210 ("Fix heap overflow in
ip_reass on big packet input") which was was included in qemu
v4.1 (commit e1a4a24 "slirp: update
with CVE-2019-14378 fix").

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20200421170227.843555-1-marcandre.lureau@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
(cherry picked from commit 7769c23)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

Loading branch information

elmarco authored and mdroth committed Jun 22, 2020

1 parent 1343d33 commit 8622408

slirp

Submodule slirp updated from 126c04 to 2faae0

0 comments on commit `8622408`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `8622408`

Commit

There are no files selected for viewing

0 comments on commit 8622408

0 comments on commit `8622408`