[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc-2014Q2 2014-09-28T12:07:10Z 2014-09-28T12:07:10Z tron tron@pkgsrc.org 2014-09-28T12:07:10Z urn:sha1:4be01e6bb362760df542a225d1e2ed2e93564809 sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.39 - sysutils/xenkernel41/distinfo 1.30 - sysutils/xenkernel41/patches/patch-CVE-2014-7154 1.1 - sysutils/xenkernel41/patches/patch-CVE-2014-7155 1.1 - sysutils/xenkernel41/patches/patch-CVE-2014-7156 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Fri Sep 26 10:45:00 UTC 2014 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2014-7154 patch-CVE-2014-7155 patch-CVE-2014-7156 Log Message: Add patch for: XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation of software interrupts bump PKGREVISION 2014-06-18T13:47:08Z drochner drochner@pkgsrc.org 2014-06-18T13:47:08Z urn:sha1:a074e753bb976501c384991f1cb8fb97d66f7723 bump PKGREV 2014-05-09T07:36:53Z wiz wiz@pkgsrc.org 2014-05-09T07:36:53Z urn:sha1:6110b3907a630ba5f56311a5b07f346b35648583 until proven otherwise. 2014-05-05T13:39:10Z drochner drochner@pkgsrc.org 2014-05-05T13:39:10Z urn:sha1:ad3b985ffa0500211c526d6e4227ce99c895ef2e The vulnerability is only exposed to service domains for HVM guests which have privilege over the guest. In a usual configuration that means only device model emulators (qemu-dm). bump PKGREV 2014-03-28T16:07:08Z drochner drochner@pkgsrc.org 2014-03-28T16:07:08Z urn:sha1:9f9c014ff8dbf64b94e004d2d36b95fcc095bea0 Processing of the HVMOP_set_mem_access HVM control operations does not check the size of its input and can tie up a physical CPU for extended periods of time. bump PKGREV 2014-03-06T15:45:45Z joerg joerg@pkgsrc.org 2014-03-06T15:45:45Z urn:sha1:0f91d092aa58de6ea9c9d0f51b51ceb2f53aa42a 2014-02-20T17:37:25Z drochner drochner@pkgsrc.org 2014-02-20T17:37:25Z urn:sha1:21aa0ee486177d741c23588593468a32f473a73b makes the workaround for AMD CPU erratum 793 work not only on 64-bit hypervisors but also for 32bit bump PKGREV (compile tested only) 2014-01-25T10:29:56Z wiz wiz@pkgsrc.org 2014-01-25T10:29:56Z urn:sha1:4fc0b0ed6a186ccd83fc93c34cc9ed91862930d8 either because they themselves are not ready or because a dependency isn't. This is annotated by PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z or PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar respectively, please use the same style for other packages, and check during updates. Use versioned_dependencies.mk where applicable. Use REPLACE_PYTHON instead of handcoded alternatives, where applicable. Reorder Makefile sections into standard order, where applicable. Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default with the next commit. Whitespace cleanups and other nits corrected, where necessary. 2014-01-24T17:07:35Z drochner drochner@pkgsrc.org 2014-01-24T17:07:35Z urn:sha1:f74ce96bea92245e8c2fd575d448b1d3f98dc1bd from the advisory: Malicious or misbehaving unprivileged guests can cause the host or other guests to malfunction. This can result in host-wide denial of service. Privilege escalation, while seeming to be unlikely, cannot be excluded. Only PV guests can take advantage of this vulnerability. (CVE-2014-1666) bump PKGREV 2013-12-04T10:35:01Z drochner drochner@pkgsrc.org 2013-12-04T10:35:01Z urn:sha1:5f1e951453cf263c6d3a01d5998f2dade00011ac "Guest triggerable AMD CPU erratum may cause host hang" bump PKGREV