diff options
author | tron <tron> | 2010-12-10 10:48:45 +0000 |
---|---|---|
committer | tron <tron> | 2010-12-10 10:48:45 +0000 |
commit | f864961daed8e427c4910252701463edb1b52c4a (patch) | |
tree | e79777c2bfc47586ccd255cc96774175fe97b7e1 | |
parent | 39495ef05af59faaa99094271c8129899c600ada (diff) | |
download | pkgsrc-f864961daed8e427c4910252701463edb1b52c4a.tar.gz |
Pullup ticket #3298 - requested by bouyer
sysutils/xenkernel3: security patch
sysutils/xenkernel33: security patch
Revisions pulled up:
- sysutils/xenkernel3/Makefile 1.19
- sysutils/xenkernel3/distinfo 1.12
- sysutils/xenkernel3/patches/patch-dc 1.1
- sysutils/xenkernel33/Makefile 1.12
- sysutils/xenkernel33/distinfo 1.10
- sysutils/xenkernel33/patches/patch-ab 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Dec 7 18:43:49 UTC 2010
Modified Files:
pkgsrc/sysutils/xenkernel3: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel3/patches: patch-dc
Log Message:
Add a fix for CVE-2010-4255, from the xen-devel list and adapted for Xen 3.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Tue Dec 7 18:44:26 UTC 2010
Modified Files:
pkgsrc/sysutils/xenkernel33: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel33/patches: patch-ab
Log Message:
Add a fix for CVE-2010-4255, from the xen-devel list.
Bump PKGREVISION.
-rw-r--r-- | sysutils/xenkernel3/Makefile | 4 | ||||
-rw-r--r-- | sysutils/xenkernel3/distinfo | 3 | ||||
-rw-r--r-- | sysutils/xenkernel3/patches/patch-dc | 16 | ||||
-rw-r--r-- | sysutils/xenkernel33/Makefile | 4 | ||||
-rw-r--r-- | sysutils/xenkernel33/distinfo | 3 | ||||
-rw-r--r-- | sysutils/xenkernel33/patches/patch-ab | 15 |
6 files changed, 39 insertions, 6 deletions
diff --git a/sysutils/xenkernel3/Makefile b/sysutils/xenkernel3/Makefile index 8bc1ac2558e..e8607f4a94c 100644 --- a/sysutils/xenkernel3/Makefile +++ b/sysutils/xenkernel3/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.18 2009/05/03 23:10:50 abs Exp $ +# $NetBSD: Makefile,v 1.18.12.1 2010/12/10 10:48:45 tron Exp $ # VERSION= 3.1.4 DISTNAME= xen-${VERSION} PKGNAME= xenkernel3-${VERSION} -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= sysutils MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/ diff --git a/sysutils/xenkernel3/distinfo b/sysutils/xenkernel3/distinfo index 1893c138152..2ae2412ffa7 100644 --- a/sysutils/xenkernel3/distinfo +++ b/sysutils/xenkernel3/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.11 2009/01/24 18:57:59 bouyer Exp $ +$NetBSD: distinfo,v 1.11.14.1 2010/12/10 10:48:45 tron Exp $ SHA1 (xen-3.1.4.tar.gz) = 0d784662776239195df10b3f29d40350f9d0644d RMD160 (xen-3.1.4.tar.gz) = c02ad2bd64e6306b127a4f37a8aa370dadc11859 @@ -11,3 +11,4 @@ SHA1 (patch-bd) = 2a07955b1285d288458066813f8ebc801b8038c1 SHA1 (patch-cw) = 83a0f34dac9ba9a465c7362d4de6706afb84d688 SHA1 (patch-da) = 6db74e00d15615e71936fa8637a05159f378b454 SHA1 (patch-db) = 8e7b563fd816669fd39e1e8bf5137b5937060968 +SHA1 (patch-dc) = 606ad2af582b88ddfd250b952831af9d3b2b1f5d diff --git a/sysutils/xenkernel3/patches/patch-dc b/sysutils/xenkernel3/patches/patch-dc new file mode 100644 index 00000000000..4d12970a068 --- /dev/null +++ b/sysutils/xenkernel3/patches/patch-dc @@ -0,0 +1,16 @@ +$NetBSD: patch-dc,v 1.1.2.2 2010/12/10 10:48:46 tron Exp $ + +Fix for CVE-2010-4255, from the xen-devel list and adapted for Xen 3.1 + +--- xen/arch/x86/traps.c.orig 2010-12-07 12:53:20.000000000 +0100 ++++ xen/arch/x86/traps.c 2010-12-07 13:11:36.000000000 +0100 +@@ -950,7 +950,8 @@ + { + if ( paging_mode_external(d) && guest_mode(regs) ) + return paging_fault(addr, regs); +- if ( (addr >= GDT_LDT_VIRT_START) && (addr < GDT_LDT_VIRT_END) ) ++ if ( !(regs->error_code & PFEC_user_mode) && ++ (addr >= GDT_LDT_VIRT_START) && (addr < GDT_LDT_VIRT_END) ) + return handle_gdt_ldt_mapping_fault( + addr - GDT_LDT_VIRT_START, regs); + return 0; diff --git a/sysutils/xenkernel33/Makefile b/sysutils/xenkernel33/Makefile index 67ed6c4d81f..f0d44d9660f 100644 --- a/sysutils/xenkernel33/Makefile +++ b/sysutils/xenkernel33/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.11 2009/08/07 12:43:46 cegger Exp $ +# $NetBSD: Makefile,v 1.11.10.1 2010/12/10 10:48:46 tron Exp $ # VERSION= 3.3.2 DISTNAME= xen-${VERSION} PKGNAME= xenkernel33-${VERSION} -#PKGREVISION= 1 +PKGREVISION= 1 CATEGORIES= sysutils MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/ EXTRACT_SUFX= .tar.gz diff --git a/sysutils/xenkernel33/distinfo b/sysutils/xenkernel33/distinfo index 4d0b395d52e..5a26f29df79 100644 --- a/sysutils/xenkernel33/distinfo +++ b/sysutils/xenkernel33/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.9 2009/08/07 12:43:46 cegger Exp $ +$NetBSD: distinfo,v 1.9.10.1 2010/12/10 10:48:46 tron Exp $ SHA1 (xen-3.3.2.tar.gz) = 7f438e73ac81b25cf5e1570709e87001066bafe4 RMD160 (xen-3.3.2.tar.gz) = 28faa56286f2a418e35dcba6079570ea871d6c7b Size (xen-3.3.2.tar.gz) = 11357576 bytes SHA1 (patch-aa) = 0d11c758ad0a0ca657bf2e0f89ca23ff67b76bb7 +SHA1 (patch-ab) = bba70c6a0f884a4bbfd2ce56e41ce0d649300edc diff --git a/sysutils/xenkernel33/patches/patch-ab b/sysutils/xenkernel33/patches/patch-ab new file mode 100644 index 00000000000..f907b01ff1b --- /dev/null +++ b/sysutils/xenkernel33/patches/patch-ab @@ -0,0 +1,15 @@ +$NetBSD: patch-ab,v 1.1.2.2 2010/12/10 10:48:46 tron Exp $ + +Fix for CVE-2010-4255, from the xen-devel list + +--- xen/arch/x86/traps.c.orig 2010-12-07 13:28:23.000000000 +0100 ++++ xen/arch/x86/traps.c 2010-12-07 13:28:43.000000000 +0100 +@@ -1157,7 +1157,7 @@ + trace_trap_two_addr(TRC_PV_PAGING_FIXUP, regs->eip, addr); + return ret; + } +- if ( !(regs->error_code & PFEC_reserved_bit) && ++ if ( !(regs->error_code & (PFEC_user_mode | PFEC_reserved_bit)) && + (addr >= GDT_LDT_VIRT_START) && (addr < GDT_LDT_VIRT_END) ) + return handle_gdt_ldt_mapping_fault( + addr - GDT_LDT_VIRT_START, regs); |