diff options
| author | drochner <drochner@pkgsrc.org> | 2013-10-22 19:41:58 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2013-10-22 19:41:58 +0000 |
| commit | 609dd68e89edaf39632bed21e0aac3e15e246cfd (patch) | |
| tree | 345b5899c38572d9675650170cfc533216f512e1 /sysutils/xenkernel41 | |
| parent | 084f9e427b2d0bffee75e0ab6d1c68935b72178f (diff) | |
| download | pkgsrc-609dd68e89edaf39632bed21e0aac3e15e246cfd.tar.gz | |
add patch from upstream to fix information leak through outs instruction
emulation (CVE-2013-4368)
bump PKGREV
Diffstat (limited to 'sysutils/xenkernel41')
| -rw-r--r-- | sysutils/xenkernel41/Makefile | 4 | ||||
| -rw-r--r-- | sysutils/xenkernel41/distinfo | 3 | ||||
| -rw-r--r-- | sysutils/xenkernel41/patches/patch-CVE-2013-4368 | 21 |
3 files changed, 25 insertions, 3 deletions
diff --git a/sysutils/xenkernel41/Makefile b/sysutils/xenkernel41/Makefile index f05f22052dc..41aaf8d4e15 100644 --- a/sysutils/xenkernel41/Makefile +++ b/sysutils/xenkernel41/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.26 2013/10/01 14:54:44 drochner Exp $ +# $NetBSD: Makefile,v 1.27 2013/10/22 19:41:58 drochner Exp $ # VERSION= 4.1.6.1 DISTNAME= xen-${VERSION} PKGNAME= xenkernel41-${VERSION} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= sysutils MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/ diff --git a/sysutils/xenkernel41/distinfo b/sysutils/xenkernel41/distinfo index ba6e58650b6..f559145ebc6 100644 --- a/sysutils/xenkernel41/distinfo +++ b/sysutils/xenkernel41/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.20 2013/10/01 14:54:44 drochner Exp $ +$NetBSD: distinfo,v 1.21 2013/10/22 19:41:58 drochner Exp $ SHA1 (xen-4.1.6.1.tar.gz) = e5f15feb0821578817a65ede16110c6eac01abd0 RMD160 (xen-4.1.6.1.tar.gz) = bff11421fc44a26f2cc3156713267abcb36d7a19 @@ -9,6 +9,7 @@ SHA1 (patch-CVE-2013-4355_2) = 70fd2f2e45a05a53d8ce7d0bd72b18165dd13509 SHA1 (patch-CVE-2013-4355_3) = 93f7bf877945e585fb906dbfc8159e688813c12f SHA1 (patch-CVE-2013-4355_4) = 88f478997d2631ec41adfd42a9d79f2d87bb44d8 SHA1 (patch-CVE-2013-4361) = b9074af976ba98c02aeb84288a10527bf7693241 +SHA1 (patch-CVE-2013-4368) = 77caf392b472e5586eb2fa6a37d173cd856f6f15 SHA1 (patch-Config.mk) = a43ed1b3304d6383dc093acd128a7f373d0ca266 SHA1 (patch-xen_Makefile) = d1c7e4860221f93d90818f45a77748882486f92b SHA1 (patch-xen_arch_x86_Rules.mk) = 6b9b4bfa28924f7d3f6c793a389f1a7ac9d228e2 diff --git a/sysutils/xenkernel41/patches/patch-CVE-2013-4368 b/sysutils/xenkernel41/patches/patch-CVE-2013-4368 new file mode 100644 index 00000000000..b46ec754134 --- /dev/null +++ b/sysutils/xenkernel41/patches/patch-CVE-2013-4368 @@ -0,0 +1,21 @@ +$NetBSD: patch-CVE-2013-4368,v 1.1 2013/10/22 19:41:58 drochner Exp $ + +http://lists.xenproject.org/archives/html/xen-devel/2013-10/msg00812.html + +--- xen/arch/x86/traps.c.orig 2013-09-10 08:42:18.000000000 +0200 ++++ xen/arch/x86/traps.c 2013-10-22 21:11:24.000000000 +0200 +@@ -1965,10 +1965,10 @@ static int emulate_privileged_op(struct + break; + } + } +- else +- read_descriptor(data_sel, v, regs, +- &data_base, &data_limit, &ar, +- 0); ++ else if ( !read_descriptor(data_sel, v, regs, ++ &data_base, &data_limit, &ar, 0) || ++ !(ar & _SEGMENT_S) || !(ar & _SEGMENT_P) ) ++ goto fail; + data_limit = ~0UL; + ar = _SEGMENT_WR|_SEGMENT_S|_SEGMENT_DPL|_SEGMENT_P; + } |