summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortron <tron@pkgsrc.org>2011-03-30 19:10:59 +0000
committertron <tron@pkgsrc.org>2011-03-30 19:10:59 +0000
commit5c2046e7fe4f5fdee1e47f6e2f216894c84888c3 (patch)
tree7e397152c3899a047d6c4f4a9e33e48384adaf88
parentd3c364e1bd499fbb160ac8d548f67197af690f11 (diff)
downloadpkgsrc-5c2046e7fe4f5fdee1e47f6e2f216894c84888c3.tar.gz
Pullup ticket #3397 - requested by drochner
sysutils/xenkernel3: security patch sysutils/xenkernel33: security patch Revisions pulled up: - sysutils/xenkernel3/Makefile 1.20 - sysutils/xenkernel3/distinfo 1.13 - sysutils/xenkernel3/patches/patch-ac 1.3 - sysutils/xenkernel33/Makefile 1.13 - sysutils/xenkernel33/distinfo 1.11 - sysutils/xenkernel33/patches/patch-ac 1.1 --- Module Name: pkgsrc Committed By: drochner Date: Thu Mar 24 12:04:57 UTC 2011 Modified Files: pkgsrc/sysutils/xenkernel33: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel33/patches: patch-ac Log Message: add patch from upstream (manually, due to changed #ifdefs and indentation) to fix possible crashes triggered by 64-bit guests (found by Cherry G. Mathew, CVE-2011-1166) bump PKGREV --- Module Name: pkgsrc Committed By: drochner Date: Thu Mar 24 12:43:53 UTC 2011 Modified Files: pkgsrc/sysutils/xenkernel3: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel3/patches: patch-ac Log Message: add patch from upstream (manually, due to changed #ifdefs and indentation) to fix possible crashes triggered by 64-bit guests (found by Cherry G. Mathew, CVE-2011-1166) bump PKGREV
-rw-r--r--sysutils/xenkernel3/Makefile4
-rw-r--r--sysutils/xenkernel3/distinfo3
-rw-r--r--sysutils/xenkernel3/patches/patch-ac18
-rw-r--r--sysutils/xenkernel33/Makefile4
-rw-r--r--sysutils/xenkernel33/distinfo3
-rw-r--r--sysutils/xenkernel33/patches/patch-ac18
6 files changed, 44 insertions, 6 deletions
diff --git a/sysutils/xenkernel3/Makefile b/sysutils/xenkernel3/Makefile
index 5a35594e27a..7f4665b1f14 100644
--- a/sysutils/xenkernel3/Makefile
+++ b/sysutils/xenkernel3/Makefile
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.19 2010/12/07 18:43:48 bouyer Exp $
+# $NetBSD: Makefile,v 1.19.2.1 2011/03/30 19:10:59 tron Exp $
#
VERSION= 3.1.4
DISTNAME= xen-${VERSION}
PKGNAME= xenkernel3-${VERSION}
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= sysutils
MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/
diff --git a/sysutils/xenkernel3/distinfo b/sysutils/xenkernel3/distinfo
index e8a60a5df3c..31330e8cb0f 100644
--- a/sysutils/xenkernel3/distinfo
+++ b/sysutils/xenkernel3/distinfo
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.12 2010/12/07 18:43:48 bouyer Exp $
+$NetBSD: distinfo,v 1.12.2.1 2011/03/30 19:10:59 tron Exp $
SHA1 (xen-3.1.4.tar.gz) = 0d784662776239195df10b3f29d40350f9d0644d
RMD160 (xen-3.1.4.tar.gz) = c02ad2bd64e6306b127a4f37a8aa370dadc11859
Size (xen-3.1.4.tar.gz) = 6894493 bytes
SHA1 (patch-aa) = 1be644e7edd3735c2850d3e581002f53bd50eb59
+SHA1 (patch-ac) = 4c237984832ef5532e0451845e8075b95744e48d
SHA1 (patch-ba) = cadfa6f2626e95c9ccb85ae7e3a8a7f318ea343f
SHA1 (patch-bb) = 7338e5a512c909d4b043654dab882761de274f94
SHA1 (patch-bc) = fa35699da6ad2a4950418a02432c2ccdb5d34844
diff --git a/sysutils/xenkernel3/patches/patch-ac b/sysutils/xenkernel3/patches/patch-ac
new file mode 100644
index 00000000000..f942f2e5373
--- /dev/null
+++ b/sysutils/xenkernel3/patches/patch-ac
@@ -0,0 +1,18 @@
+$NetBSD: patch-ac,v 1.3.2.2 2011/03/30 19:10:59 tron Exp $
+
+CVE-2011-1166
+
+--- xen/arch/x86/domain.c.orig 2008-04-25 13:03:12.000000000 +0000
++++ xen/arch/x86/domain.c
+@@ -701,6 +701,11 @@ int arch_set_info_guest(
+
+ v->arch.guest_table_user = pagetable_from_pfn(cr3_pfn);
+ }
++ else if ( !(flags & VGCF_in_kernel) )
++ {
++ destroy_gdt(v);
++ return -EINVAL;
++ }
+ #endif
+ }
+ #ifdef CONFIG_COMPAT
diff --git a/sysutils/xenkernel33/Makefile b/sysutils/xenkernel33/Makefile
index 2ba2c879c3b..c2bc7db7f46 100644
--- a/sysutils/xenkernel33/Makefile
+++ b/sysutils/xenkernel33/Makefile
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.12 2010/12/07 18:44:25 bouyer Exp $
+# $NetBSD: Makefile,v 1.12.2.1 2011/03/30 19:10:59 tron Exp $
#
VERSION= 3.3.2
DISTNAME= xen-${VERSION}
PKGNAME= xenkernel33-${VERSION}
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= sysutils
MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/
EXTRACT_SUFX= .tar.gz
diff --git a/sysutils/xenkernel33/distinfo b/sysutils/xenkernel33/distinfo
index fea08b3ad51..54e8711fe43 100644
--- a/sysutils/xenkernel33/distinfo
+++ b/sysutils/xenkernel33/distinfo
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.10 2010/12/07 18:44:25 bouyer Exp $
+$NetBSD: distinfo,v 1.10.2.1 2011/03/30 19:10:59 tron Exp $
SHA1 (xen-3.3.2.tar.gz) = 7f438e73ac81b25cf5e1570709e87001066bafe4
RMD160 (xen-3.3.2.tar.gz) = 28faa56286f2a418e35dcba6079570ea871d6c7b
Size (xen-3.3.2.tar.gz) = 11357576 bytes
SHA1 (patch-aa) = 0d11c758ad0a0ca657bf2e0f89ca23ff67b76bb7
SHA1 (patch-ab) = bba70c6a0f884a4bbfd2ce56e41ce0d649300edc
+SHA1 (patch-ac) = ed1dc87e4f1d80112befc63372bc91ee621f57e6
diff --git a/sysutils/xenkernel33/patches/patch-ac b/sysutils/xenkernel33/patches/patch-ac
new file mode 100644
index 00000000000..381644aea37
--- /dev/null
+++ b/sysutils/xenkernel33/patches/patch-ac
@@ -0,0 +1,18 @@
+$NetBSD: patch-ac,v 1.1.2.2 2011/03/30 19:10:59 tron Exp $
+
+CVE-2011-1166
+
+--- xen/arch/x86/domain.c.orig 2009-08-06 12:56:41.000000000 +0000
++++ xen/arch/x86/domain.c
+@@ -680,6 +680,11 @@ int arch_set_info_guest(
+
+ v->arch.guest_table_user = pagetable_from_pfn(cr3_pfn);
+ }
++ else if ( !(flags & VGCF_in_kernel) )
++ {
++ destroy_gdt(v);
++ return -EINVAL;
++ }
+ #endif
+ }
+ #ifdef CONFIG_COMPAT