diff options
author | bouyer <bouyer@pkgsrc.org> | 2014-12-21 17:34:24 +0000 |
---|---|---|
committer | bouyer <bouyer@pkgsrc.org> | 2014-12-21 17:34:24 +0000 |
commit | 20bcbad77efe88294b117b865605d4ef9c72831c (patch) | |
tree | 657259be19190e8b3bacabe1b09e52a30be52dc7 /sysutils/xenkernel41 | |
parent | f297d0be03ab98dacb4852c6476cc8d5c606b319 (diff) | |
download | pkgsrc-20bcbad77efe88294b117b865605d4ef9c72831c.tar.gz |
Remove patch-CVE-2014-7188, it's already in patch-CVE-2013-4355_1
Diffstat (limited to 'sysutils/xenkernel41')
-rw-r--r-- | sysutils/xenkernel41/distinfo | 3 | ||||
-rw-r--r-- | sysutils/xenkernel41/patches/patch-CVE-2014-7188 | 38 |
2 files changed, 1 insertions, 40 deletions
diff --git a/sysutils/xenkernel41/distinfo b/sysutils/xenkernel41/distinfo index 3fbb85fb7e3..66b7d4e2f40 100644 --- a/sysutils/xenkernel41/distinfo +++ b/sysutils/xenkernel41/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.32 2014/11/27 15:36:01 bouyer Exp $ +$NetBSD: distinfo,v 1.33 2014/12/21 17:34:24 bouyer Exp $ SHA1 (xen-4.1.6.1.tar.gz) = e5f15feb0821578817a65ede16110c6eac01abd0 RMD160 (xen-4.1.6.1.tar.gz) = bff11421fc44a26f2cc3156713267abcb36d7a19 @@ -20,7 +20,6 @@ SHA1 (patch-CVE-2014-4021) = ee8ee800b35f7eaa242b06536c1ffa6568305b36 SHA1 (patch-CVE-2014-7154) = 5f0541559d911778aa5267bb5c0e1e8a9a3904e2 SHA1 (patch-CVE-2014-7155) = 0f1aa6a5d4fdb8403fc1e01b884491a63de501f8 SHA1 (patch-CVE-2014-7156) = 85043bdcf2644227d135f725cb442aade565c9d6 -SHA1 (patch-CVE-2014-7188) = b6bac1d466ba5bc276bc3aea9d4c9df37f2b9b0f SHA1 (patch-CVE-2014-8594) = 39d9d220d89c2356fa745dad5bf8c7ef5e8f2516 SHA1 (patch-CVE-2014-8595) = 46bd285b7eb8f2e23984f7917b12af2191bfef80 SHA1 (patch-CVE-2014-8866) = ee0bc3afb767b50e973d6065b84adc7e51949def diff --git a/sysutils/xenkernel41/patches/patch-CVE-2014-7188 b/sysutils/xenkernel41/patches/patch-CVE-2014-7188 deleted file mode 100644 index 5108be77b6b..00000000000 --- a/sysutils/xenkernel41/patches/patch-CVE-2014-7188 +++ /dev/null @@ -1,38 +0,0 @@ -$NetBSD: patch-CVE-2014-7188,v 1.1 2014/11/27 15:36:02 bouyer Exp $ - -x86/HVM: properly bound x2APIC MSR range - -While the write path change appears to be purely cosmetic (but still -gets done here for consistency), the read side mistake permitted -accesses beyond the virtual APIC page. - -Note that while this isn't fully in line with the specification -(digesting MSRs 0x800-0xBFF for the x2APIC), this is the minimal -possible fix addressing the security issue and getting x2APIC related -code into a consistent shape (elsewhere a 256 rather than 1024 wide -window is being used too). This will be dealt with subsequently. - -This is XSA-108. - -Signed-off-by: Jan Beulich <jbeulich@suse.com> - ---- xen/arch/x86/hvm/hvm.c.orig -+++ xen/arch/x86/hvm/hvm.c -@@ -4380,7 +4380,7 @@ int hvm_msr_read_intercept(unsigned int - *msr_content = vcpu_vlapic(v)->hw.apic_base_msr; - break; - -- case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0x3ff: -+ case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0xff: - if ( hvm_x2apic_msr_read(v, msr, msr_content) ) - goto gp_fault; - break; -@@ -4506,7 +4506,7 @@ int hvm_msr_write_intercept(unsigned int - vlapic_tdt_msr_set(vcpu_vlapic(v), msr_content); - break; - -- case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0x3ff: -+ case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0xff: - if ( hvm_x2apic_msr_write(v, msr, msr_content) ) - goto gp_fault; - break; |