diff options
| author | prlw1 <prlw1@pkgsrc.org> | 2014-02-22 01:22:49 +0000 |
|---|---|---|
| committer | prlw1 <prlw1@pkgsrc.org> | 2014-02-22 01:22:49 +0000 |
| commit | d6183a8f84aec2290e2491a7680ff2eade1202e2 (patch) | |
| tree | aba6a9976e4179edafcdcfb459203f2fee2366a8 /sysutils | |
| parent | 721e0cb7b6c15bd8171befab498a95ff84bdd0c3 (diff) | |
| download | pkgsrc-d6183a8f84aec2290e2491a7680ff2eade1202e2.tar.gz | |
Update xenkernel42 to 4.2.4
This fixes the following critical vulnerabilities:
- CVE-2013-2212 / XSA-60 Excessive time to disable caching with HVM guests with PCI passthrough
- CVE-2013-1442 / XSA-62 Information leak on AVX and/or LWP capable CPUs
- CVE-2013-4355 / XSA-63 Information leaks through I/O instruction emulation
- CVE-2013-4361 / XSA-66 Information leak through fbld instruction emulation
- CVE-2013-4368 / XSA-67 Information leak through outs instruction emulation
- CVE-2013-4369 / XSA-68 possible null dereference when parsing vif ratelimiting info
- CVE-2013-4370 / XSA-69 misplaced free in ocaml xc_vcpu_getaffinity stub
- CVE-2013-4371 / XSA-70 use-after-free in libxl_list_cpupool under memory pressure
- CVE-2013-4375 / XSA-71 qemu disk backend (qdisk) resource leak
- CVE-2013-4416 / XSA-72 ocaml xenstored mishandles oversized message replies
- CVE-2013-4494 / XSA-73 Lock order reversal between page allocation and grant table locks
- CVE-2013-4553 / XSA-74 Lock order reversal between page_alloc_lock and mm_rwlock
- CVE-2013-4551 / XSA-75 Host crash due to guest VMX instruction execution
- CVE-2013-4554 / XSA-76 Hypercalls exposed to privilege rings 1 and 2 of HVM guests
- CVE-2013-6375 / XSA-78 Insufficient TLB flushing in VT-d (iommu) code
- CVE-2013-6400 / XSA-80 IOMMU TLB flushing may be inadvertently suppressed
- CVE-2013-6885 / XSA-82 Guest triggerable AMD CPU erratum may cause host hang
- CVE-2014-1642 / XSA-83 Out-of-memory condition yielding memory corruption during IRQ setup
- CVE-2014-1891 / XSA-84 integer overflow in several XSM/Flask hypercalls
- CVE-2014-1895 / XSA-85 Off-by-one error in FLASK_AVC_CACHESTAT hypercall
- CVE-2014-1896 / XSA-86 libvchan failure handling malicious ring indexes
- CVE-2014-1666 / XSA-87 PHYSDEVOP_{prepare,release}_msix exposed to unprivileged guests
- CVE-2014-1950 / XSA-88 use-after-free in xc_cpupool_getinfo() under memory pressure
Apart from those there are many further bug fixes and improvements.
Diffstat (limited to 'sysutils')
| -rw-r--r-- | sysutils/xenkernel42/Makefile | 4 | ||||
| -rw-r--r-- | sysutils/xenkernel42/distinfo | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/sysutils/xenkernel42/Makefile b/sysutils/xenkernel42/Makefile index 29e4200e815..8f98e3e12cd 100644 --- a/sysutils/xenkernel42/Makefile +++ b/sysutils/xenkernel42/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.5 2014/01/25 10:30:22 wiz Exp $ +# $NetBSD: Makefile,v 1.6 2014/02/22 01:22:49 prlw1 Exp $ -VERSION= 4.2.3 +VERSION= 4.2.4 DISTNAME= xen-${VERSION} PKGNAME= xenkernel42-${VERSION} CATEGORIES= sysutils diff --git a/sysutils/xenkernel42/distinfo b/sysutils/xenkernel42/distinfo index 4c5d8c97917..2fa941b41bd 100644 --- a/sysutils/xenkernel42/distinfo +++ b/sysutils/xenkernel42/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.4 2013/09/12 23:37:18 prlw1 Exp $ +$NetBSD: distinfo,v 1.5 2014/02/22 01:22:49 prlw1 Exp $ -SHA1 (xen-4.2.3.tar.gz) = 7c72e1aa870cc938afdc50bd9f2d879118aa8b99 -RMD160 (xen-4.2.3.tar.gz) = da0fbb7bbc0796bd83c223f7d21015ce0d4c8553 -Size (xen-4.2.3.tar.gz) = 15613235 bytes +SHA1 (xen-4.2.4.tar.gz) = ab661bf0f64a18155f971343a9c07b7e7d1410f1 +RMD160 (xen-4.2.4.tar.gz) = b2210d3ff6a9fdf9cae1a5a38b829667dfd6fd2f +Size (xen-4.2.4.tar.gz) = 15663999 bytes SHA1 (patch-Config.mk) = a43ed1b3304d6383dc093acd128a7f373d0ca266 SHA1 (patch-xen_Makefile) = e0d1b74518b9675ddc64295d1523ded9a8757c0a SHA1 (patch-xen_arch_x86_Rules.mk) = 6b9b4bfa28924f7d3f6c793a389f1a7ac9d228e2 |