Subject: CVS commit: pkgsrc/sysutils
From: Manuel Bouyer
Date: 2014-09-26 12:39:32
Message id: 20140926103932.1603698@cvs.netbsd.org
Log Message:
Update xentools42 and xenkernel42 to Xen 4.2.5, fixing:
CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible
CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be
  created
CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection
CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests

pkgsrc also includes patches from the Xen Security Advisory:
XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram
XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT,
  LIDT, and LMSW emulation
XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation
  of software interrupts
Files:
RevisionActionfile
1.8modifypkgsrc/sysutils/xenkernel42/Makefile
1.6modifypkgsrc/sysutils/xenkernel42/distinfo
1.12modifypkgsrc/sysutils/xentools42/distinfo
1.1addpkgsrc/sysutils/xenkernel42/patches/patch-xen_arch_x86_mm_shadow_common.c
1.1addpkgsrc/sysutils/xenkernel42/patches/patch-xen_arch_x86_x86_emulate_x86_emulate.c