[OE-core] [master][krogoth][PATCH 1/2] qemu: Security fix CVE-2016-2857
Alexander Kanavin
alexander.kanavin at linux.intel.com
Wed May 4 09:58:31 UTC 2016
On 05/04/2016 12:52 PM, Joshua G Lock wrote:
> I've been seeing:
>
> "qemu: uncaught target signal 11 (Segmentation fault) - core dumped"
>
> when trying to build gobject-introspection for qemux86 recently and
> narrowed it down to this change, if I revert this patch the use of
> qemu-native by gobject-introspection no longer causes a segmentation
> fault.
>
> Are we missing some related patches for this CVE fix? I haven't dug
> into the details, but noticed that Fedora's CVE-2016-2857 diffstat[1]
> is much larger than ours[2].
Also this patch is included in qemu 2.5.1 release that happened several
weeks ago, so maybe we should update master to that instead.
Also 2.6.0 will appear any day now.
Alex
More information about the Openembedded-core
mailing list