diff options
| author | spz <spz> | 2015-03-13 10:27:48 +0000 |
|---|---|---|
| committer | spz <spz> | 2015-03-13 10:27:48 +0000 |
| commit | 9c4d9a3e73e2f72e115e6c7d38c05c01e441ee4b (patch) | |
| tree | f874a15f62402ed775c7c17b5524b6059d7a755f /sysutils/xentools45 | |
| parent | a2649c7ae71e0d9f689a34ee4667c2bb5699c785 (diff) | |
| download | pkgsrc-9c4d9a3e73e2f72e115e6c7d38c05c01e441ee4b.tar.gz | |
xsa119-unstable.patch from upstream:
By default qemu will try to create some sort of backend for the
emulated VGA device, either SDL or VNC.
However when the user specifies sdl=0 and vnc=0 in their configuration
libxl was not explicitly disabling either backend, which could lead to
one unexpectedly running.
If either sdl=1 or vnc=1 is configured then both before and after this
change only the backends which are explicitly enabled are configured,
i.e. this issue only occurs when all backends are supposed to have
been disabled.
This affects qemu-xen and qemu-xen-traditional differently.
If qemu-xen was compiled with SDL support then this would result in an
SDL window being opened if $DISPLAY is valid, or a failure to start
the guest if not. Passing "-display none" to qemu before any further
-sdl options disables this default behaviour and ensures that SDL is
only started if the libxl configuration demands it.
If qemu-xen was compiled without SDL support then qemu would instead
start a VNC server listening on ::1 (IPv6 localhost) or 127.0.0.1
(IPv4 localhost) with IPv6 preferred if available. Explicitly pass
"-vnc none" when vnc is not enabled in the libxl configuration to
remove this possibility.
qemu-xen-traditional would never start a vnc backend unless asked.
However by default it will start an SDL backend, the way to disable
this is to pass a -vnc option. In other words passing "-vnc none" will
disable both vnc and sdl by default. sdl can then be reenabled if
configured by subsequent use of the -sdl option.
Tested with both qemu-xen and qemu-xen-traditional built with SDL
support and:
xl cr # defaults
xl cr sdl=0 vnc=0
xl cr sdl=1 vnc=0
xl cr sdl=0 vnc=1
xl cr sdl=0 vnc=0 vga=\"none\"
xl cr sdl=0 vnc=0 nographic=1
with both valid and invalid $DISPLAY.
This is XSA-119.
Diffstat (limited to 'sysutils/xentools45')
| -rw-r--r-- | sysutils/xentools45/Makefile | 4 | ||||
| -rw-r--r-- | sysutils/xentools45/distinfo | 3 | ||||
| -rw-r--r-- | sysutils/xentools45/patches/patch-CVE-2015-2152 | 42 |
3 files changed, 46 insertions, 3 deletions
diff --git a/sysutils/xentools45/Makefile b/sysutils/xentools45/Makefile index 9eb1d22c31b..657b5f9f189 100644 --- a/sysutils/xentools45/Makefile +++ b/sysutils/xentools45/Makefile @@ -1,11 +1,11 @@ -# $NetBSD: Makefile,v 1.4 2015/01/29 21:33:47 joerg Exp $ +# $NetBSD: Makefile,v 1.5 2015/03/13 10:27:48 spz Exp $ VERSION= 4.5.0 VERSION_IPXE= 9a93db3f0947484e30e753bbd61a10b17336e20e DISTNAME= xen-${VERSION} PKGNAME= xentools45-${VERSION} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= sysutils MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/ diff --git a/sysutils/xentools45/distinfo b/sysutils/xentools45/distinfo index 71d3030c265..af4cc837da6 100644 --- a/sysutils/xentools45/distinfo +++ b/sysutils/xentools45/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.4 2015/01/29 21:33:47 joerg Exp $ +$NetBSD: distinfo,v 1.5 2015/03/13 10:27:48 spz Exp $ SHA1 (ipxe-git-9a93db3f0947484e30e753bbd61a10b17336e20e.tar.gz) = fecadf952821e830ce1a1d19655288eef8488f88 RMD160 (ipxe-git-9a93db3f0947484e30e753bbd61a10b17336e20e.tar.gz) = 539bfa12db7054228250d6dd380bbf96c1a040f8 @@ -15,6 +15,7 @@ SHA1 (patch-.._docs_man_xl.cfg.pod.5) = e2058495b6fe85af338e22560d46996d36aeedab SHA1 (patch-.._docs_man_xl.conf.pod.5) = 015da24a45388468d56f1ecfa60f6acf07bdfef8 SHA1 (patch-.._docs_man_xl.pod.1) = b194f2c5608c6f0e80a4abd8655808cf91355cd5 SHA1 (patch-.._docs_man_xlcpupool.cfg.pod.5) = b44813af965e4d9d0d51c18b22d286736a4663b2 +SHA1 (patch-CVE-2015-2152) = 5a1cabf330b3a1bd902adf2b33dd5c4c32b8ab9d SHA1 (patch-Makefile) = 5d5b9678ed9764275ee95f49d24e8538a0e8a01c SHA1 (patch-Rules.mk) = e0dc4234c35dc2d78afad4a90b0af829a6a10b50 SHA1 (patch-blktap_drivers_Makefile) = 7cc53b2a0dea1694a969046ab8542271ca63f9e7 diff --git a/sysutils/xentools45/patches/patch-CVE-2015-2152 b/sysutils/xentools45/patches/patch-CVE-2015-2152 new file mode 100644 index 00000000000..57e042091c6 --- /dev/null +++ b/sysutils/xentools45/patches/patch-CVE-2015-2152 @@ -0,0 +1,42 @@ +$NetBSD: patch-CVE-2015-2152,v 1.1 2015/03/13 10:27:49 spz Exp $ + +xsa119-unstable.patch from upstream. +XSA-119 is "HVM qemu unexpectedly enabling emulated VGA graphics backends" + +--- libxl/libxl_dm.c.orig 2015-01-12 16:53:24.000000000 +0000 ++++ libxl/libxl_dm.c +@@ -180,7 +180,14 @@ static char ** libxl__build_device_model + if (libxl_defbool_val(vnc->findunused)) { + flexarray_append(dm_args, "-vncunused"); + } +- } ++ } else ++ /* ++ * VNC is not enabled by default by qemu-xen-traditional, ++ * however passing -vnc none causes SDL to not be ++ * (unexpectedly) enabled by default. This is overridden by ++ * explicitly passing -sdl below as required. ++ */ ++ flexarray_append_pair(dm_args, "-vnc", "none"); + + if (sdl) { + flexarray_append(dm_args, "-sdl"); +@@ -513,7 +520,17 @@ static char ** libxl__build_device_model + } + + flexarray_append(dm_args, vncarg); +- } ++ } else ++ /* ++ * Ensure that by default no vnc server is created. ++ */ ++ flexarray_append_pair(dm_args, "-vnc", "none"); ++ ++ /* ++ * Ensure that by default no display backend is created. Further ++ * options given below might then enable more. ++ */ ++ flexarray_append_pair(dm_args, "-display", "none"); + + if (sdl) { + flexarray_append(dm_args, "-sdl"); |