Subject: CVS commit: pkgsrc/sysutils
From: Patrick Welche
Date: 2013-09-13 01:37:18
Message id: 20130912233718.651C696@cvs.netbsd.org
Log Message:
Update xen to 4.2.3

- Add warning if /kern/xen/privcmd is not readable

Fixes the following critical vulnerabilities:
 * CVE-2013-1918 / XSA-45:
    Several long latency operations are not preemptible
 * CVE-2013-1952 / XSA-49:
    VT-d interrupt remapping source validation flaw for bridges
 * CVE-2013-2076 / XSA-52:
    Information leak on XSAVE/XRSTOR capable AMD CPUs
 * CVE-2013-2077 / XSA-53:
    Hypervisor crash due to missing exception recovery on XRSTOR
 * CVE-2013-2078 / XSA-54:
    Hypervisor crash due to missing exception recovery on XSETBV
 * CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA-55:
    Multiple vulnerabilities in libelf PV kernel handling
 * CVE-2013-2072 / XSA-56:
    Buffer overflow in xencontrol Python bindings affecting xend
 * CVE-2013-2211 / XSA-57:
    libxl allows guest write access to sensitive console related xenstore keys
 * CVE-2013-1432 / XSA-58:
    Page reference counting error due to XSA-45/CVE-2013-1918 fixes
 * XSA-61:
    libxl partially sets up HVM passthrough even with disabled iommu

The following minor vulnerability is also being addressed:
 * CVE-2013-2007 / XSA-51
    qemu guest agent (qga) insecure file permissions

Among many bug fixes and improvements:
 * addressing a regression from the fix for XSA-46
 * bug fixes to low level system state handling, including certain
    hardware errata workarounds
Files:
RevisionActionfile
1.3modifypkgsrc/sysutils/xenkernel42/Makefile
1.4modifypkgsrc/sysutils/xenkernel42/distinfo
1.8modifypkgsrc/sysutils/xentools42/Makefile
1.7modifypkgsrc/sysutils/xentools42/distinfo
1.3modifypkgsrc/sysutils/xentools42/files/xencommons.sh
1.1removepkgsrc/sysutils/xenkernel42/patches/patch-xen_arch_x86_time.c
1.1removepkgsrc/sysutils/xenkernel42/patches/patch-xen_common_libelf_libelf-private.h
1.1removepkgsrc/sysutils/xentools42/version.mk