diff options
| author | bouyer <bouyer> | 2010-12-07 18:43:48 +0000 |
|---|---|---|
| committer | bouyer <bouyer> | 2010-12-07 18:43:48 +0000 |
| commit | 2fbb42e08b9506043274fdffbd8e8a9876e505ce (patch) | |
| tree | e41444169c212a673ef79d578962f75a3aafab95 /sysutils/xenkernel3 | |
| parent | 478ecd2c545ccd3dad162c25f11c0f619bf0ab5e (diff) | |
| download | pkgsrc-2fbb42e08b9506043274fdffbd8e8a9876e505ce.tar.gz | |
Add a fix for CVE-2010-4255, from the xen-devel list and adapted for Xen 3.1
Diffstat (limited to 'sysutils/xenkernel3')
| -rw-r--r-- | sysutils/xenkernel3/Makefile | 4 | ||||
| -rw-r--r-- | sysutils/xenkernel3/distinfo | 3 | ||||
| -rw-r--r-- | sysutils/xenkernel3/patches/patch-dc | 16 |
3 files changed, 20 insertions, 3 deletions
diff --git a/sysutils/xenkernel3/Makefile b/sysutils/xenkernel3/Makefile index 8bc1ac2558e..5a35594e27a 100644 --- a/sysutils/xenkernel3/Makefile +++ b/sysutils/xenkernel3/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.18 2009/05/03 23:10:50 abs Exp $ +# $NetBSD: Makefile,v 1.19 2010/12/07 18:43:48 bouyer Exp $ # VERSION= 3.1.4 DISTNAME= xen-${VERSION} PKGNAME= xenkernel3-${VERSION} -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= sysutils MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/ diff --git a/sysutils/xenkernel3/distinfo b/sysutils/xenkernel3/distinfo index 1893c138152..e8a60a5df3c 100644 --- a/sysutils/xenkernel3/distinfo +++ b/sysutils/xenkernel3/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.11 2009/01/24 18:57:59 bouyer Exp $ +$NetBSD: distinfo,v 1.12 2010/12/07 18:43:48 bouyer Exp $ SHA1 (xen-3.1.4.tar.gz) = 0d784662776239195df10b3f29d40350f9d0644d RMD160 (xen-3.1.4.tar.gz) = c02ad2bd64e6306b127a4f37a8aa370dadc11859 @@ -11,3 +11,4 @@ SHA1 (patch-bd) = 2a07955b1285d288458066813f8ebc801b8038c1 SHA1 (patch-cw) = 83a0f34dac9ba9a465c7362d4de6706afb84d688 SHA1 (patch-da) = 6db74e00d15615e71936fa8637a05159f378b454 SHA1 (patch-db) = 8e7b563fd816669fd39e1e8bf5137b5937060968 +SHA1 (patch-dc) = 606ad2af582b88ddfd250b952831af9d3b2b1f5d diff --git a/sysutils/xenkernel3/patches/patch-dc b/sysutils/xenkernel3/patches/patch-dc new file mode 100644 index 00000000000..50e3e205072 --- /dev/null +++ b/sysutils/xenkernel3/patches/patch-dc @@ -0,0 +1,16 @@ +$NetBSD: patch-dc,v 1.1 2010/12/07 18:43:49 bouyer Exp $ + +Fix for CVE-2010-4255, from the xen-devel list and adapted for Xen 3.1 + +--- xen/arch/x86/traps.c.orig 2010-12-07 12:53:20.000000000 +0100 ++++ xen/arch/x86/traps.c 2010-12-07 13:11:36.000000000 +0100 +@@ -950,7 +950,8 @@ + { + if ( paging_mode_external(d) && guest_mode(regs) ) + return paging_fault(addr, regs); +- if ( (addr >= GDT_LDT_VIRT_START) && (addr < GDT_LDT_VIRT_END) ) ++ if ( !(regs->error_code & PFEC_user_mode) && ++ (addr >= GDT_LDT_VIRT_START) && (addr < GDT_LDT_VIRT_END) ) + return handle_gdt_ldt_mapping_fault( + addr - GDT_LDT_VIRT_START, regs); + return 0; |