From 11d19ca236c62ffdbb98a3a3580caf09cc37b6de Mon Sep 17 00:00:00 2001
From: Leo Famulari <leo@famulari.name>
Date: Tue, 29 Jan 2019 14:57:29 -0500
Subject: gnu: QEMU: Fix CVE-2018-16872 and CVE-2019-6778.

* gnu/packages/patches/qemu-CVE-2018-16872.patch,
gnu/packages/patches/qemu-CVE-2019-6778.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/virtualization.scm (qemu)[source]: Use them.
---
 gnu/packages/virtualization.scm | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'gnu/packages/virtualization.scm')

diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm
index d178a08413..e98e7eb09e 100644
--- a/gnu/packages/virtualization.scm
+++ b/gnu/packages/virtualization.scm
@@ -110,6 +110,8 @@ (define-public qemu
              (method url-fetch)
              (uri (string-append "https://download.qemu.org/qemu-"
                                  version ".tar.xz"))
+             (patches (search-patches "qemu-CVE-2018-16872.patch"
+                                      "qemu-CVE-2019-6778.patch"))
              (sha256
               (base32
                "1z5bd5nfyjvhfi1s95labc82y4hjdjjkdabw931362ls0zghh1ba"))))
-- 
cgit v1.2.3