2014-10-01 19:18:23 by Matthias Drochner | Files touched by this commit (3) |
Log message:
fix out-of-bounds memory read access in x2APIC emulation (HVM only)
(CVE-2014-7188)
bump PKGREV
|
2014-09-26 12:45:00 by Manuel Bouyer | Files touched by this commit (5) |
Log message:
Add patch for:
XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram
XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT,
LIDT, and LMSW emulation
XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation
of software interrupts
bump PKGREVISION
|
2014-06-18 15:47:08 by Matthias Drochner | Files touched by this commit (3) |
Log message:
add patch from upstream to fix possible data leak (CVE-2014-4021)
bump PKGREV
|
2014-05-09 09:37:28 by Thomas Klausner | Files touched by this commit (553) |
Log message:
Mark packages that are not ready for python-3.3 also not ready for 3.4,
until proven otherwise.
|
2014-05-05 15:39:10 by Matthias Drochner | Files touched by this commit (4) |
Log message:
fix possible creation of invalid P2M entries, leading to xen crash
The vulnerability is only exposed to service domains for HVM guests
which have privilege over the guest. In a usual configuration that
means only device model emulators (qemu-dm).
bump PKGREV
|
2014-03-28 17:07:08 by Matthias Drochner | Files touched by this commit (3) |
Log message:
add patch from upstream (XSA-89) to fix:
Processing of the HVMOP_set_mem_access HVM control operations does not
check the size of its input and can tie up a physical CPU for extended
periods of time.
bump PKGREV
|
2014-03-06 16:45:45 by Joerg Sonnenberger | Files touched by this commit (1) |
Log message:
Ignore tautologic pointer checks.
|
2014-02-20 18:37:25 by Matthias Drochner | Files touched by this commit (3) |
Log message:
from upstream: fix the fix for CVE-2013-6885
makes the workaround for AMD CPU erratum 793 work not only on
64-bit hypervisors but also for 32bit
bump PKGREV
(compile tested only)
|
2014-01-25 11:30:32 by Thomas Klausner | Files touched by this commit (533) | |
Log message:
Mark packages as not ready for python-3.x where applicable;
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.
Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.
Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.
Whitespace cleanups and other nits corrected, where necessary.
|
2014-01-24 18:07:36 by Matthias Drochner | Files touched by this commit (3) |
Log message:
add patch from upstream to add missing privilege check
from the advisory:
Malicious or misbehaving unprivileged guests can cause the host or other
guests to malfunction. This can result in host-wide denial of service.
Privilege escalation, while seeming to be unlikely, cannot be excluded.
Only PV guests can take advantage of this vulnerability.
(CVE-2014-1666)
bump PKGREV
|