./sysutils/xenkernel45, Xen 4.5.x Kernel

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2015Q1, Version: 4.5.0nb5, Package name: xenkernel45-4.5.0nb5, Maintainer: pkgsrc-users

Xen is a virtual machine monitor which supports running multiple
guests operating systems on a single machine. Guest OSes (also
called "domains") require a modified kernel which supports Xen
hypercalls in replacement to access to the physical hardware. At
boot, the xen kernel is loaded along with the guest kernel for the
first domain (called domain0). domain0 has privileges to access
the physical hardware (PCI and ISA devices), administrate other
domains and provide virtual devices (disks and network) to other
domains.

This package contains the 4.5 Xen4 kernel itself. PCI passthrough is
not supported. PAE is mandatory; on i386 one must use XEN3PAE_DOM[0U].


Required to build:
[lang/python27]

Master sites:

SHA1: c4aab5fb366496ad1edc7fe0a935a0d604335637
RMD160: e35ba0cb484492c1a289218eb9bf53b57dbd3a45
Filesize: 17973.567 KB

Version history: (Expand)

CVS history: (Expand)


   2015-06-13 11:13:34 by S.P.Zeidler | Files touched by this commit (3) 
Log message:
Pullup ticket #4743 - requested by khorben
sysutils/xenkernel45: security patch

Revisions pulled up:
- sysutils/xenkernel45/Makefile                                 1.8
- sysutils/xenkernel45/distinfo                                 1.7
- sysutils/xenkernel45/patches/patch-CVE-2015-3456              1.1

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Fri Jun  5 17:15:04 UTC 2015

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   Added Files:
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-3456

   Log message:
   Apply fixes from upstream for XSA-133

   Privilege escalation via emulated floppy disk drive

   The code in qemu which emulates a floppy disk controller did not
   correctly bounds check accesses to an array and therefore was
   vulnerable to a buffer overflow attack.

   A guest which has access to an emulated floppy device can exploit this
   vulnerability to take over the qemu process elevating its privilege to
   that of the qemu process.

   All Xen systems running x86 HVM guests without stubdomains are
   vulnerable to this depending on the specific guest configuration. The
   default configuration is vulnerable.

   Guests using either the traditional "qemu-xen" or upstream qemu device
   models are vulnerable.
   Guests using a qemu-dm stubdomain to run the device model are only
   vulnerable to takeover of that service domain.

   Systems running only x86 PV guests are not vulnerable.
   ARM systems are not vulnerable.

   To generate a diff of this commit:
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/sysutils/xenkernel45/Makefile
   cvs rdiff -u -r1.6 -r1.7 pkgsrc/sysutils/xenkernel45/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/sysutils/xenkernel45/patches/patch-CVE-2015-3456
   2015-04-29 23:16:43 by Matthias Scheler | Files touched by this commit (3) 
Log message:
Pullup ticket #4699 - requested by spz
sysutils/xenkernel45: security patch

Revisions pulled up:
- sysutils/xenkernel45/Makefile                                 1.7
- sysutils/xenkernel45/distinfo                                 1.6
- sysutils/xenkernel45/patches/patch-CVE-2015-2751              1.1

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Sun Apr 19 15:02:12 UTC 2015

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   Added Files:
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-2751

   Log message:
   adding upstream's patch for
   XSA-127 Certain domctl operations may be abused to lock up the host
   2015-04-29 23:11:13 by Matthias Scheler | Files touched by this commit (24) 
Log message:
Pullup ticket #4698 - requested by spz
Pullup ticket #4698 - requested by spz
sysutils/xenkernel41: security patch
sysutils/xenkernel42: security patch
sysutils/xenkernel45: security patch

Revisions pulled up:
- sysutils/xenkernel41/Makefile                                 1.45
- sysutils/xenkernel41/distinfo                                 1.36
- sysutils/xenkernel41/patches/patch-CVE-2015-2752              1.1
- sysutils/xenkernel41/patches/patch-CVE-2015-2756              1.1
- sysutils/xenkernel42/Makefile                                 1.15
- sysutils/xenkernel42/distinfo                                 1.13
- sysutils/xenkernel42/patches/patch-CVE-2015-2752              1.1
- sysutils/xenkernel42/patches/patch-CVE-2015-2756              1.1
- sysutils/xenkernel45/Makefile                                 1.6
- sysutils/xenkernel45/distinfo                                 1.5
- sysutils/xenkernel45/patches/patch-CVE-2015-2752              1.1
- sysutils/xenkernel45/patches/patch-CVE-2015-2756              1.1
- sysutils/xentools41/Makefile                                  1.50
- sysutils/xentools41/distinfo                                  1.38
- sysutils/xentools41/patches/patch-CVE-2015-2752               1.1
- sysutils/xentools41/patches/patch-CVE-2015-2756               1.1
- sysutils/xentools42/Makefile                                  1.27
- sysutils/xentools42/distinfo                                  1.16
- sysutils/xentools42/patches/patch-CVE-2015-2752               1.1
- sysutils/xentools42/patches/patch-CVE-2015-2756               1.1
- sysutils/xentools45/Makefile                                  1.6
- sysutils/xentools45/distinfo                                  1.6
- sysutils/xentools45/patches/patch-CVE-2015-2752               1.1
- sysutils/xentools45/patches/patch-CVE-2015-2756               1.1

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Sun Apr 19 13:13:21 UTC 2015

   Modified Files:
   	pkgsrc/sysutils/xenkernel41: Makefile distinfo
   	pkgsrc/sysutils/xenkernel42: Makefile distinfo
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   	pkgsrc/sysutils/xentools41: Makefile distinfo
   	pkgsrc/sysutils/xentools42: Makefile distinfo
   	pkgsrc/sysutils/xentools45: Makefile distinfo
   Added Files:
   	pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xenkernel42/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xentools41/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xentools42/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xentools45/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756

   Log message:
   apply fixes from upstream for
   XSA-125 Long latency MMIO mapping operations are not preemptible
   XSA-126 Unmediated PCI command register access in qemu