| /openbmc/qemu/docs/devel/ |
| H A D | secure-coding-practices.rst | 8 Reporting Security Bugs
10 For details on how to report security bugs or ask questions about potential
11 security bugs, see the `Security Process wiki page
16 Most CVEs (security bugs) reported against QEMU are not specific to
17 virtualization or emulation. They are simply C programming bugs. Therefore
18 it's critical to be aware of common classes of security bugs.
23 covers the most important classes of security bugs.
26 classes of security bugs are mentioned:
33 Some of these classes of bugs can be detected by analyzers. Static analysis is
34 performed regularly by Coverity and the most obvious of these bugs are even
|
| /openbmc/openbmc/poky/meta/recipes-extended/unzip/unzip/ |
| H A D | 18-cve-2014-9913-unzip-buffer-overflow.patch | 3 Bug: https://sourceforge.net/p/infozip/bugs/27/
4 Bug-Debian: https://bugs.debian.org/847485
5 Bug-Ubuntu: https://launchpad.net/bugs/387350
20 + * http://sourceforge.net/p/infozip/bugs/27/ CVE-2014-9913.
|
| H A D | 19-cve-2016-9844-zipinfo-buffer-overflow.patch | 3 Bug-Debian: https://bugs.debian.org/847486
4 Bug-Ubuntu: https://launchpad.net/bugs/1643750
19 + * https://launchpad.net/bugs/1643750
|
| /openbmc/openbmc/meta-openembedded/meta-perl/recipes-perl/libmodule/ |
| H A D | libmodule-runtime-perl_0.016.bb | 12 workarounds for three old Perl core bugs regarding require. These workarounds \
13 are applied on any Perl version where the bugs exist, except for a case where \
14 one of the bugs cannot be adequately worked around in pure Perl."
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/source-han-sans-kr-fonts/ |
| H A D | 44-source-han-sans-kr-fonts.conf | 6 https://bugs.launchpad.net/ubuntu-font-family/+bug/744812
8 https://bugs.launchpad.net/ubuntu/+source/gnome-specimen/+bug/813373
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/source-han-sans-cn-fonts/ |
| H A D | 44-source-han-sans-cn-fonts.conf | 6 https://bugs.launchpad.net/ubuntu-font-family/+bug/744812
8 https://bugs.launchpad.net/ubuntu/+source/gnome-specimen/+bug/813373
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/source-han-sans-jp-fonts/ |
| H A D | 44-source-han-sans-jp-fonts.conf | 6 https://bugs.launchpad.net/ubuntu-font-family/+bug/744812
8 https://bugs.launchpad.net/ubuntu/+source/gnome-specimen/+bug/813373
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-graphics/ttf-fonts/source-han-sans-tw-fonts/ |
| H A D | 44-source-han-sans-tw-fonts.conf | 6 https://bugs.launchpad.net/ubuntu-font-family/+bug/744812
8 https://bugs.launchpad.net/ubuntu/+source/gnome-specimen/+bug/813373
|
| /openbmc/openbmc/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1-1.5.3/ |
| H A D | 0001-Add-a-note-line-to-the-quick-reference.patch | 23 .SH REPORTING BUGS
24 Report bugs in
|
| /openbmc/openbmc/.github/ISSUE_TEMPLATE/ |
| H A D | bug_report.md | 10 **Note on Bugs**
13 for info on how to contact us. Github Issues in openbmc/openbmc are for bugs
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-support/procmail/procmail/ |
| H A D | CVE-2014-3618.patch | 5 Bug-Debian: https://bugs.debian.org/704675
6 Bug-Debian: https://bugs.debian.org/760443
|
| /openbmc/qemu/docs/system/ |
| H A D | security.rst | 35 Bugs affecting these entities are evaluated on whether they can cause damage in
36 real-world use cases and treated as security bugs if this is the case.
48 Bugs affecting the non-virtualization use case are not considered security
49 bugs at this time. Users with non-virtualization use cases must not rely on
68 The guest must not be able to gain control of QEMU. Bugs in emulated devices
|
| /openbmc/openbmc/poky/meta/recipes-devtools/valgrind/valgrind/ |
| H A D | 0001-configure-Drop-setting-mcpu-cortex-a8-on-arm.patch | 10 [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928224
12 Upstream-Status: Submitted [https://bugs.kde.org/show_bug.cgi?id=454346]
|
| /openbmc/openbmc/poky/meta/recipes-support/attr/acl/ |
| H A D | 0001-test-misc.test-Don-t-mix-stdout-and-stderr.patch | 9 Fixes: https://savannah.nongnu.org/bugs/?66944
22 @@ -440,8 +440,9 @@ Dangling symlink test https://savannah.nongnu.org/bugs/?28131
|
| /openbmc/openbmc/poky/meta/recipes-sato/webkit/webkitgtk/ |
| H A D | fix-ftbfs-riscv64.patch | 7 Bug: https://bugs.webkit.org/show_bug.cgi?id=271371
9 Upstream-Status: Submitted [https://bugs.webkit.org/show_bug.cgi?id=271371#c1]
|
| /openbmc/webui-vue/ |
| H A D | CONTRIBUTING.md | 11 - [Submitting Bugs](#submitting-bugs)
86 ### Submitting Bugs
126 New features and bugs ready for development will be tagged with the
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvstreams/ |
| H A D | gcc-6.patch | 7 Bug-Debian: https://bugs.debian.org/811659
8 Bug-Debian: https://bugs.debian.org/831146
|
| /openbmc/openbmc/meta-openembedded/meta-gnome/recipes-extended/polkit-gnome/polkit-gnome/ |
| H A D | 0004-Use-fresh-X11-timestamps-when-displaying-authenticat.patch | 8 Bug-Debian: https://bugs.debian.org/684300
9 Bug-Ubuntu: https://launchpad.net/bugs/946171
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-extended/enscript/enscript/ |
| H A D | 0001-enscript-does-not-build-with-C23-standard.patch | 7 https://savannah.gnu.org/bugs/?66845
14 Upstream-Status: Submitted [https://savannah.gnu.org/bugs/?66845]
|
| /openbmc/qemu/tests/qtest/ |
| H A D | fuzz-lsi53c895a-test.c | 13 * leading to memory corruption bugs like stack
116 * https://bugs.launchpad.net/qemu/+bug/697510
117 * https://bugs.launchpad.net/qemu/+bug/1905521
118 * https://bugs.launchpad.net/qemu/+bug/1908515
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-support/webkitgtk/ |
| H A D | webkitgtk3_2.48.1.bb | 7 BUGTRACKER = "https://bugs.webkit.org/"
21 file://0001-Fix-build-errors-on-RISCV-https-bugs.webkit.org-show.patch \
129 # https://bugs.webkit.org/show_bug.cgi?id=242172
147 # https://bugs.webkit.org/show_bug.cgi?id=100450, but this was closed as
164 # https://bugs.webkit.org/show_bug.cgi?id=159880
|
| /openbmc/openbmc/poky/meta/recipes-devtools/file/files/ |
| H A D | 0001-Use-4-in-default-reset-previous-negative-offset-in-m.patch | 44 -# Generic zip archives (Greg Roelofs, c/o zip-bugs@wkuvx1.wku.edu)
77 +# Generic zip archives (Greg Roelofs, c/o zip-bugs@wkuvx1.wku.edu)
88 # Zip archives (Greg Roelofs, c/o zip-bugs@wkuvx1.wku.edu)
|
| /openbmc/openbmc/poky/meta/recipes-graphics/fontconfig/ |
| H A D | fontconfig_2.15.0.bb | 12 BUGTRACKER = "https://bugs.freedesktop.org/enter_bug.cgi?product=fontconfig"
32 # work around https://bugs.freedesktop.org/show_bug.cgi?id=101280
|
| /openbmc/openbmc/poky/meta/recipes-devtools/tcf-agent/ |
| H A D | tcf-agent_git.bb | 4 BUGTRACKER = "https://bugs.eclipse.org/bugs/"
|
| /openbmc/qemu/contrib/gitdm/ |
| H A D | group-map-robots | 3 # bugs. Let's group them together here.
|