%D%/packages/patches/qemu-CVE-2017-10911.patch \
%D%/packages/patches/qemu-CVE-2017-11334.patch \
%D%/packages/patches/qemu-CVE-2017-11434.patch \
+ %D%/packages/patches/qemu-CVE-2017-12809.patch \
%D%/packages/patches/qt4-ldflags.patch \
%D%/packages/patches/qtscript-disable-tests.patch \
%D%/packages/patches/quagga-reproducible-build.patch \
--- /dev/null
+http://openwall.com/lists/oss-security/2017/08/21/2
+https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg01850.html
+
+The block backend changed in a way that flushing empty CDROM drives now
+crashes. Amend IDE to avoid doing so until the root problem can be
+addressed for 2.11.
+
+Original patch by John Snow <address@hidden>.
+
+Reported-by: Kieron Shorrock <address@hidden>
+Signed-off-by: Stefan Hajnoczi <address@hidden>
+---
+ hw/ide/core.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/hw/ide/core.c b/hw/ide/core.c
+index 0b48b64d3a..bea39536b0 100644
+--- a/hw/ide/core.c
++++ b/hw/ide/core.c
+@@ -1063,7 +1063,15 @@ static void ide_flush_cache(IDEState *s)
+ s->status |= BUSY_STAT;
+ ide_set_retry(s);
+ block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH);
+- s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s);
++
++ if (blk_bs(s->blk)) {
++ s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s);
++ } else {
++ /* XXX blk_aio_flush() crashes when blk_bs(blk) is NULL, remove this
++ * temporary workaround when blk_aio_*() functions handle NULL blk_bs.
++ */
++ ide_flush_cb(s, 0);
++ }
+ }
+
+ static void ide_cfata_metadata_inquiry(IDEState *s)
+--
+2.13.3
"qemu-CVE-2017-10806.patch"
"qemu-CVE-2017-10911.patch"
"qemu-CVE-2017-11334.patch"
- "qemu-CVE-2017-11434.patch"))
+ "qemu-CVE-2017-11434.patch"
+ "qemu-CVE-2017-12809.patch"))
(sha256
(base32
"08mhfs0ndbkyqgw7fjaa9vjxf4dinrly656f6hjzvmaz7hzc677h"))))