2015-12-05 22:26:09 by Adam Ciarcinski | Files touched by this commit (578) |
Log message:
Extend PYTHON_VERSIONS_INCOMPATIBLE to 35
|
2015-11-04 02:32:42 by Alistair G. Crooks | Files touched by this commit (499) |
Log message:
Add SHA512 digests for distfiles for sysutils category
Problems found with existing digests:
Package memconf distfile memconf-2.16/memconf.gz
b6f4b736cac388dddc5070670351cf7262aba048 [recorded]
95748686a5ad8144232f4d4abc9bf052721a196f [calculated]
Problems found locating distfiles:
Package dc-tools: missing distfile dc-tools/abs0-dc-burn-netbsd-1.5-0-gae55ec9
Package ipw-firmware: missing distfile ipw2100-fw-1.2.tgz
Package iwi-firmware: missing distfile ipw2200-fw-2.3.tgz
Package nvnet: missing distfile nvnet-netbsd-src-20050620.tgz
Package syslog-ng: missing distfile syslog-ng-3.7.2.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
2015-10-29 21:29:56 by Manuel Bouyer | Files touched by this commit (5) |
Log message:
Add patches, derived from Xen security advisory, fixing:
CVE-2015-7835 aka XSA-148
CVE-2015-7869 aka XSA-149 + XSA-151
CVE-2015-7971 aka XSA-152
Bump PKGREVISION
|
2015-09-14 15:36:29 by Joerg Sonnenberger | Files touched by this commit (7) |
Log message:
Avoid undefined behavior when left-shifting negative values.
|
2015-04-19 15:13:21 by S.P.Zeidler | Files touched by this commit (24) |
Log message:
apply fixes from upstream for
XSA-125 Long latency MMIO mapping operations are not preemptible
XSA-126 Unmediated PCI command register access in qemu
|
2015-03-10 21:27:16 by S.P.Zeidler | Files touched by this commit (3) |
Log message:
xsa123-4.3-4.2.patch from upstream:
x86emul: fully ignore segment override for register-only operations
For ModRM encoded instructions with register operands we must not
overwrite ea.mem.seg (if a - bogus in that case - segment override was
present) as it aliases with ea.reg.
This is CVE-2015-2151 / XSA-123.
|
2015-03-05 17:37:16 by S.P.Zeidler | Files touched by this commit (4) |
Log message:
Add patches for XSA-121 and XSA-122 from upstream.
|
2014-12-21 18:34:24 by Manuel Bouyer | Files touched by this commit (2) |
Log message:
Remove patch-CVE-2014-7188, it's already in patch-CVE-2013-4355_1
|
2014-12-11 23:15:30 by Joerg Sonnenberger | Files touched by this commit (1) |
Log message:
Ignore use of always non-null pointers as truth value.
|
2014-11-27 16:36:02 by Manuel Bouyer | Files touched by this commit (8) | |
Log message:
backport patches from Xen advisory:
CVE-2014-7188/XSA-108:
x86/HVM: properly bound x2APIC MSR range, fixing:
A buggy or malicious HVM guest can crash the host or read data
relating to other guests or the hypervisor itself.
CVE-2014-8594/XSA-109:
x86: don't allow page table updates on non-PV page tables in do_mmu_update(),
fixing:
Malicious or buggy stub domain kernels or tool stacks otherwise living
outside of Domain0 can mount a denial of service attack which, if
successful, can affect the whole system.
CVE-2014-8595/XSA-110:
x86emul: enforce privilege level restrictions when loading CS, fixing:
Malicious HVM guest user mode code may be able to elevate its
privileges to guest supervisor mode, or to crash the guest.
CVE-2014-8866/XSA-111:
x86: limit checks in hypercall_xlat_continuation() to actual arguments, fixing:
A buggy or malicious HVM guest can crash the host.
CVE-2014-8867/XSA-112:
x86/HVM: confine internally handled MMIO to solitary regions, fixing:
A buggy or malicious HVM guest can crash the host.
CVE-2014-9030/XSA-113:
x86/mm: fix a reference counting error in MMU_MACHPHYS_UPDATE, fixing:
Malicious or buggy stub domain kernels or tool stacks otherwise living
outside of Domain0 can mount a denial of service attack which, if
successful, can affect the whole system.
|