[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PULL v2 0/2] vnc: fix websocket security issues (cve-2
From: |
Peter Maydell |
Subject: |
Re: [Qemu-devel] [PULL v2 0/2] vnc: fix websocket security issues (cve-2015-1779). |
Date: |
Wed, 1 Apr 2015 18:09:00 +0100 |
On 1 April 2015 at 16:16, Gerd Hoffmann <address@hidden> wrote:
> Hi,
>
> $subject says all, here are the cve-2015-1779 fixes for vnc websockets
> from Daniel P. Berrange for 2.3-rc2.
>
> v2 fixes the 32bit build failure.
>
> please pull,
> Gerd
>
> The following changes since commit b8a86c4ac4d04c106ba38fbd707041cba334a155:
>
> Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into
> staging (2015-04-01 11:31:31 +0100)
>
> are available in the git repository at:
>
>
> git://git.kraxel.org/qemu tags/pull-cve-2015-1779-20150401-2
>
> for you to fetch changes up to 2cdb5e142fb93e875fa53c52864ef5eb8d5d8b41:
>
> CVE-2015-1779: limit size of HTTP headers from websockets clients
> (2015-04-01 17:12:55 +0200)
>
> ----------------------------------------------------------------
> vnc: fix websocket security issues (cve-2015-1779).
>
> ----------------------------------------------------------------
Applied, thanks.
-- PMM