head 1.55; access; symbols pkgsrc-2016Q4:1.54.0.2 pkgsrc-2016Q4-base:1.54 pkgsrc-2016Q3:1.51.0.2 pkgsrc-2016Q3-base:1.51 pkgsrc-2016Q2:1.48.0.4 pkgsrc-2016Q2-base:1.48 pkgsrc-2016Q1:1.48.0.2 pkgsrc-2016Q1-base:1.48 pkgsrc-2015Q4:1.47.0.2 pkgsrc-2015Q4-base:1.47 pkgsrc-2015Q3:1.45.0.4 pkgsrc-2015Q3-base:1.45 pkgsrc-2015Q2:1.45.0.2 pkgsrc-2015Q2-base:1.45 pkgsrc-2015Q1:1.44.0.2 pkgsrc-2015Q1-base:1.44 pkgsrc-2014Q4:1.42.0.2 pkgsrc-2014Q4-base:1.42 pkgsrc-2014Q3:1.39.0.2 pkgsrc-2014Q3-base:1.39 pkgsrc-2014Q2:1.38.0.2 pkgsrc-2014Q2-base:1.38 pkgsrc-2014Q1:1.35.0.2 pkgsrc-2014Q1-base:1.35 pkgsrc-2013Q4:1.30.0.2 pkgsrc-2013Q4-base:1.30 pkgsrc-2013Q3:1.25.0.2 pkgsrc-2013Q3-base:1.25 pkgsrc-2013Q2:1.23.0.2 pkgsrc-2013Q2-base:1.23 pkgsrc-2013Q1:1.17.0.2 pkgsrc-2013Q1-base:1.17 pkgsrc-2012Q4:1.16.0.2 pkgsrc-2012Q4-base:1.16 pkgsrc-2012Q3:1.13.0.2 pkgsrc-2012Q3-base:1.13 pkgsrc-2012Q2:1.7.0.2 pkgsrc-2012Q2-base:1.7 pkgsrc-2012Q1:1.5.0.4 pkgsrc-2012Q1-base:1.5 pkgsrc-2011Q4:1.5.0.2 pkgsrc-2011Q4-base:1.5 pkgsrc-2011Q3:1.2.0.4 pkgsrc-2011Q3-base:1.2 pkgsrc-2011Q2:1.2.0.2 pkgsrc-2011Q2-base:1.2 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.55 date 2016.12.29.19.13.01; author wiz; state dead; branches; next 1.54; commitid kFYPk8EnajcmFUzz; 1.54 date 2016.12.21.15.35.44; author bouyer; state Exp; branches; next 1.53; commitid 5zvw6vgCfmRBIRyz; 1.53 date 2016.12.20.10.22.28; author bouyer; state Exp; branches; next 1.52; commitid TxndvKOzkEv91Iyz; 1.52 date 2016.11.22.20.53.40; author bouyer; state Exp; branches; next 1.51; commitid o5sczsI7INv1pavz; 1.51 date 2016.09.08.15.41.01; author bouyer; state Exp; branches; next 1.50; commitid c9X7FynnoqZn5vlz; 1.50 date 2016.07.26.15.59.20; author bouyer; state Exp; branches; next 1.49; commitid 3F8y2c70AJcMBQfz; 1.49 date 2016.07.09.13.04.08; author wiz; state Exp; branches; next 1.48; commitid k9A2yv7vTRunbEdz; 1.48 date 2016.01.07.17.55.55; author bouyer; state Exp; branches 1.48.4.1; next 1.47; commitid nI5CmqYKUfq6I1Qy; 1.47 date 2015.12.05.21.26.00; author adam; state Exp; branches 1.47.2.1; next 1.46; commitid bgA0CynThkP3WNLy; 1.46 date 2015.10.29.20.29.56; author bouyer; state Exp; branches; next 1.45; commitid PiMumYjtNfJgO2Hy; 1.45 date 2015.04.19.13.13.20; author spz; state Exp; branches 1.45.4.1; next 1.44; commitid C4uc4kMktu1eBciy; 1.44 date 2015.03.10.20.27.16; author spz; state Exp; branches 1.44.2.1; next 1.43; commitid Mv7xrpIwfpz1i6dy; 1.43 date 2015.03.05.16.37.16; author spz; state Exp; branches; next 1.42; commitid GO71n8NLA3Lebrcy; 1.42 date 2014.12.11.22.15.30; author joerg; state Exp; branches; next 1.41; commitid LjWHnYv4tfgzKF1y; 1.41 date 2014.11.27.15.36.01; author bouyer; state Exp; branches; next 1.40; commitid LdhG8IFZZBWRYPZx; 1.40 date 2014.10.01.17.18.22; author drochner; state Exp; branches; next 1.39; commitid uQZFio3RHGgJnwSx; 1.39 date 2014.09.26.10.45.00; author bouyer; state Exp; branches; next 1.38; commitid R4afNEPClCK9nQRx; 1.38 date 2014.06.18.13.47.08; author drochner; state Exp; branches 1.38.2.1; next 1.37; commitid 2XlxW31RykxRA0Fx; 1.37 date 2014.05.09.07.37.20; author wiz; state Exp; branches; next 1.36; commitid wfzXpL2biguCPPzx; 1.36 date 2014.05.05.13.39.10; author drochner; state Exp; branches; next 1.35; commitid fCmPMDBllSEAXlzx; 1.35 date 2014.03.28.16.07.08; author drochner; state Exp; branches; next 1.34; commitid fQVuxvisEXah0uux; 1.34 date 2014.03.06.15.45.45; author joerg; state Exp; branches; next 1.33; commitid VUsukLeeRLmWAErx; 1.33 date 2014.02.20.17.37.25; author drochner; state Exp; branches; next 1.32; commitid k7qZ4sAC3yUKERpx; 1.32 date 2014.01.25.10.30.22; author wiz; state Exp; branches; next 1.31; commitid VOWgk3vYhVXj8umx; 1.31 date 2014.01.24.17.07.35; author drochner; state Exp; branches; next 1.30; commitid 1NnkckJgyxZrmomx; 1.30 date 2013.12.04.10.35.01; author drochner; state Exp; branches; next 1.29; commitid hw1WPb2QuNAxPNfx; 1.29 date 2013.11.29.19.29.58; author drochner; state Exp; branches; next 1.28; commitid wDkfBReSSkKIWcfx; 1.28 date 2013.11.23.14.04.59; author drochner; state Exp; branches; next 1.27; commitid 7Ss1qFqhvVsrlpex; 1.27 date 2013.10.22.19.41.58; author drochner; state Exp; branches; next 1.26; commitid 0FFM7GPUK22Rekax; 1.26 date 2013.10.01.14.54.44; author drochner; state Exp; branches; next 1.25; commitid 5JKxvOI8cbQPjB7x; 1.25 date 2013.09.27.11.35.07; author joerg; state Exp; branches; next 1.24; commitid xLjA6e7wfOyPl47x; 1.24 date 2013.09.11.18.00.33; author drochner; state Exp; branches; next 1.23; commitid 76aqq1Rgu8ITY25x; 1.23 date 2013.06.19.14.03.41; author gdt; state Exp; branches; next 1.22; commitid niBuv7mDjH11neUw; 1.22 date 2013.05.10.20.07.34; author riastradh; state Exp; branches; next 1.21; commitid 0KgoQQGRojdbF7Pw; 1.21 date 2013.05.03.16.48.37; author drochner; state Exp; branches; next 1.20; 1.20 date 2013.04.19.14.02.45; author bouyer; state Exp; branches; next 1.19; 1.19 date 2013.04.11.19.57.51; author joerg; state Exp; branches; next 1.18; 1.18 date 2013.04.06.13.01.27; author rodent; state Exp; branches; next 1.17; 1.17 date 2013.01.17.19.37.54; author drochner; state Exp; branches 1.17.2.1; next 1.16; 1.16 date 2012.12.05.19.16.26; author drochner; state Exp; branches; next 1.15; 1.15 date 2012.11.14.13.42.41; author drochner; state Exp; branches; next 1.14; 1.14 date 2012.10.23.19.51.36; author asau; state Exp; branches; next 1.13; 1.13 date 2012.09.16.19.46.02; author dholland; state Exp; branches; next 1.12; 1.12 date 2012.09.12.11.04.17; author drochner; state Exp; branches; next 1.11; 1.11 date 2012.08.10.09.59.47; author drochner; state Exp; branches; next 1.10; 1.10 date 2012.08.01.12.28.18; author asau; state Exp; branches; next 1.9; 1.9 date 2012.08.01.12.22.28; author asau; state Exp; branches; next 1.8; 1.8 date 2012.07.27.18.50.34; author drochner; state Exp; branches; next 1.7; 1.7 date 2012.06.19.20.17.06; author bouyer; state Exp; branches 1.7.2.1; next 1.6; 1.6 date 2012.06.12.15.59.04; author bouyer; state Exp; branches; next 1.5; 1.5 date 2011.11.20.03.12.44; author jym; state Exp; branches 1.5.4.1; next 1.4; 1.4 date 2011.10.21.18.26.58; author cegger; state Exp; branches; next 1.3; 1.3 date 2011.10.16.20.32.44; author bouyer; state Exp; branches; next 1.2; 1.2 date 2011.06.16.10.28.47; author cegger; state Exp; branches 1.2.4.1; next 1.1; 1.1 date 2011.04.06.09.05.53; author cegger; state Exp; branches 1.1.1.1; next ; 1.48.4.1 date 2016.07.28.14.09.14; author spz; state Exp; branches; next ; commitid Wxv8FsHFtVj7W5gz; 1.47.2.1 date 2016.01.11.20.26.11; author bsiegert; state Exp; branches; next ; commitid wxtXbEOcW341qyQy; 1.45.4.1 date 2015.11.04.19.55.44; author bsiegert; state Exp; branches; next ; commitid 665AHWvA1hO4rOHy; 1.44.2.1 date 2015.04.29.21.11.12; author tron; state Exp; branches; next ; commitid XOJeB58WDS2DVwjy; 1.38.2.1 date 2014.09.28.12.07.10; author tron; state Exp; branches; next ; commitid 8pZmS45jOtauL6Sx; 1.17.2.1 date 2013.04.24.22.25.48; author tron; state Exp; branches; next ; 1.7.2.1 date 2012.07.31.18.29.37; author tron; state Exp; branches; next ; 1.5.4.1 date 2012.06.13.11.06.17; author tron; state Exp; branches; next 1.5.4.2; 1.5.4.2 date 2012.06.20.17.54.12; author tron; state Exp; branches; next ; 1.2.4.1 date 2011.10.18.21.38.07; author sbd; state Exp; branches; next ; 1.1.1.1 date 2011.04.06.09.05.53; author cegger; state Exp; branches; next ; desc @@ 1.55 log @Remove xenkernel and tools versions 3, 33, and 41. As discussed on pkgsrc-users. @ text @# $NetBSD: Makefile,v 1.54 2016/12/21 15:35:44 bouyer Exp $ VERSION= 4.1.6.1 DISTNAME= xen-${VERSION} PKGNAME= xenkernel41-${VERSION} PKGREVISION= 23 CATEGORIES= sysutils MASTER_SITES= http://bits.xensource.com/oss-xen/release/${VERSION}/ MAINTAINER= cegger@@NetBSD.org HOMEPAGE= http://xen.org/ COMMENT= Xen 4.1.x Kernel LICENSE= gnu-gpl-v2 ONLY_FOR_PLATFORM= Linux-2.6*-i386 Linux-2.6*-x86_64 ONLY_FOR_PLATFORM+= NetBSD-[5-9].*-x86_64 NetBSD-[5-9].*-i386 NO_CONFIGURE= yes USE_TOOLS+= gmake PYTHON_FOR_BUILD_ONLY= yes PY_PATCHPLIST= NO PYTHON_VERSIONS_INCOMPATIBLE= 34 35 # not yet ported as of 4.1.6.1 # XXX Why does this not work? # See work/xen-4.1.2/Config.mk:41 why PYTHON must be set and what for MAKE_ENV+= PYTHON=${PYTHONBIN:Q} MAKE_ENV+= OCAML_TOOLS=no INSTALLATION_DIRS= xen41-kernel XENKERNELDIR= ${PREFIX}/${INSTALLATION_DIRS} MESSAGE_SUBST+= XENKERNELDIR=${XENKERNELDIR:Q} .include "../../mk/compiler.mk" .if !empty(PKGSRC_COMPILER:Mclang) EXTRA_CFLAGS+= -Qunused-arguments -no-integrated-as -Wno-error=format \ -Wno-error=parentheses-equality -Wno-error=enum-conversion \ -Wno-error=unused-function \ -Wno-error=tautological-pointer-compare \ -Wno-error=pointer-bool-conversion .endif MAKE_ENV+= EXTRA_CFLAGS=${EXTRA_CFLAGS:Q} do-build: cd ${WRKSRC}/xen && ${BUILD_MAKE_CMD} debug=n build ${CP} ${WRKSRC}/xen/xen.gz ${WRKDIR}/xen.gz cd ${WRKSRC}/xen && ${MAKE_PROGRAM} clean cd ${WRKSRC}/xen && ${BUILD_MAKE_CMD} debug=y build ${CP} ${WRKSRC}/xen/xen.gz ${WRKDIR}/xen-debug.gz do-install: ${INSTALL_DATA} ${WRKDIR}/xen.gz \ ${DESTDIR}${XENKERNELDIR}/xen.gz ${INSTALL_DATA} ${WRKDIR}/xen-debug.gz \ ${DESTDIR}${XENKERNELDIR}/xen-debug.gz .include "../../lang/python/application.mk" .include "../../mk/bsd.pkg.mk" @ 1.54 log @Apply patch backported from upstream, fixing XSA-202 Bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.53 2016/12/20 10:22:28 bouyer Exp $ @ 1.53 log @Apply upstream patch for XSA-199, XSA-200 and XSA-204. Bump PKGREVISIONs @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.52 2016/11/22 20:53:40 bouyer Exp $ d6 1 a6 1 PKGREVISION= 22 @ 1.52 log @Backport upstream patches, fixing today's XSA 191, 192, 195, 197, 198. Bump PKGREVISIONs @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.51 2016/09/08 15:41:01 bouyer Exp $ d6 1 a6 1 PKGREVISION= 21 @ 1.51 log @Backport upstream patches for security issues: XSA-185: x86: Disallow L3 recursive pagetable for 32-bit PV guests XSA-187: x86 HVM: Overflow of sh_ctxt->seg_reg[] bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.50 2016/07/26 15:59:20 bouyer Exp $ d6 1 a6 1 PKGREVISION= 20 @ 1.50 log @Apply security patch from XSA-182. Bump PKGREVISION xen 4.2 is not vulnerable to XSA-183. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.49 2016/07/09 13:04:08 wiz Exp $ d6 1 a6 1 PKGREVISION= 19 @ 1.49 log @Remove python33: adapt all packages that refer to it. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.48 2016/01/07 17:55:55 bouyer Exp $ d6 1 a6 1 PKGREVISION= 18 @ 1.48 log @Apply patches from Xen repository, fixing: CVE-2015-8339 and CVE-2015-8340 aka XSA-159 XSA-166 CVE-2015-8550 aka XSA-155 CVE-2015-8554 aka XSA-164 Bump pkgrevision @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.47 2015/12/05 21:26:00 adam Exp $ d24 1 a24 1 PYTHON_VERSIONS_INCOMPATIBLE= 33 34 35 # not yet ported as of 4.1.6.1 @ 1.48.4.1 log @Pullup ticket #5072 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.50 - sysutils/xenkernel41/distinfo 1.43 - sysutils/xenkernel41/patches/patch-XSA-182 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bouyer Date: Tue Jul 26 15:59:20 UTC 2016 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-XSA-182 Log Message: Apply security patch from XSA-182. Bump PKGREVISION xen 4.2 is not vulnerable to XSA-183. To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.50 pkgsrc/sysutils/xenkernel41/Makefile cvs rdiff -u -r1.42 -r1.43 pkgsrc/sysutils/xenkernel41/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/sysutils/xenkernel41/patches/patch-XSA-182 @ text @d1 1 a1 1 # $NetBSD$ d6 1 a6 1 PKGREVISION= 19 @ 1.47 log @Extend PYTHON_VERSIONS_INCOMPATIBLE to 35 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.46 2015/10/29 20:29:56 bouyer Exp $ d6 1 a6 1 PKGREVISION= 17 @ 1.47.2.1 log @Pullup ticket #4887 - requested by bouyer sysutils/xenkernel41: security fix sysutils/xentools41: security fix Revisions pulled up: - sysutils/xenkernel41/Makefile 1.48 - sysutils/xenkernel41/distinfo 1.41 - sysutils/xenkernel41/patches/patch-CVE-2015-8339 1.1 - sysutils/xenkernel41/patches/patch-XSA-166 1.1 - sysutils/xentools41/Makefile 1.59 - sysutils/xentools41/distinfo 1.41 - sysutils/xentools41/patches/patch-CVE-2015-8550 1.1 - sysutils/xentools41/patches/patch-CVE-2015-8554 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Thu Jan 7 17:55:55 UTC 2016 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo pkgsrc/sysutils/xentools41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2015-8339 patch-XSA-166 pkgsrc/sysutils/xentools41/patches: patch-CVE-2015-8550 patch-CVE-2015-8554 Log Message: Apply patches from Xen repository, fixing: CVE-2015-8339 and CVE-2015-8340 aka XSA-159 XSA-166 CVE-2015-8550 aka XSA-155 CVE-2015-8554 aka XSA-164 Bump pkgrevision @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.47 2015/12/05 21:26:00 adam Exp $ d6 1 a6 1 PKGREVISION= 18 @ 1.46 log @Add patches, derived from Xen security advisory, fixing: CVE-2015-7835 aka XSA-148 CVE-2015-7869 aka XSA-149 + XSA-151 CVE-2015-7971 aka XSA-152 Bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.45 2015/04/19 13:13:20 spz Exp $ d24 1 a24 1 PYTHON_VERSIONS_INCOMPATIBLE= 33 34 # not yet ported as of 4.1.6.1 @ 1.45 log @apply fixes from upstream for XSA-125 Long latency MMIO mapping operations are not preemptible XSA-126 Unmediated PCI command register access in qemu @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.44 2015/03/10 20:27:16 spz Exp $ d6 1 a6 1 PKGREVISION= 16 @ 1.45.4.1 log @Pullup ticket #4848 - requested by bouyer sysutils/xenkernel41: security fix Revisions pulled up: - sysutils/xenkernel41/Makefile 1.46 - sysutils/xenkernel41/distinfo 1.38 - sysutils/xenkernel41/patches/patch-CVE-2015-7835 1.1 - sysutils/xenkernel41/patches/patch-CVE-2015-7969 1.1 - sysutils/xenkernel41/patches/patch-CVE-2015-7971 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Thu Oct 29 20:29:56 UTC 2015 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2015-7835 patch-CVE-2015-7969 patch-CVE-2015-7971 Log Message: Add patches, derived from Xen security advisory, fixing: CVE-2015-7835 aka XSA-148 CVE-2015-7869 aka XSA-149 + XSA-151 CVE-2015-7971 aka XSA-152 Bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD$ d6 1 a6 1 PKGREVISION= 17 @ 1.44 log @xsa123-4.3-4.2.patch from upstream: x86emul: fully ignore segment override for register-only operations For ModRM encoded instructions with register operands we must not overwrite ea.mem.seg (if a - bogus in that case - segment override was present) as it aliases with ea.reg. This is CVE-2015-2151 / XSA-123. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.43 2015/03/05 16:37:16 spz Exp $ d6 1 a6 1 PKGREVISION= 15 @ 1.44.2.1 log @Pullup ticket #4698 - requested by spz Pullup ticket #4698 - requested by spz sysutils/xenkernel41: security patch sysutils/xenkernel42: security patch sysutils/xenkernel45: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.45 - sysutils/xenkernel41/distinfo 1.36 - sysutils/xenkernel41/patches/patch-CVE-2015-2752 1.1 - sysutils/xenkernel41/patches/patch-CVE-2015-2756 1.1 - sysutils/xenkernel42/Makefile 1.15 - sysutils/xenkernel42/distinfo 1.13 - sysutils/xenkernel42/patches/patch-CVE-2015-2752 1.1 - sysutils/xenkernel42/patches/patch-CVE-2015-2756 1.1 - sysutils/xenkernel45/Makefile 1.6 - sysutils/xenkernel45/distinfo 1.5 - sysutils/xenkernel45/patches/patch-CVE-2015-2752 1.1 - sysutils/xenkernel45/patches/patch-CVE-2015-2756 1.1 - sysutils/xentools41/Makefile 1.50 - sysutils/xentools41/distinfo 1.38 - sysutils/xentools41/patches/patch-CVE-2015-2752 1.1 - sysutils/xentools41/patches/patch-CVE-2015-2756 1.1 - sysutils/xentools42/Makefile 1.27 - sysutils/xentools42/distinfo 1.16 - sysutils/xentools42/patches/patch-CVE-2015-2752 1.1 - sysutils/xentools42/patches/patch-CVE-2015-2756 1.1 - sysutils/xentools45/Makefile 1.6 - sysutils/xentools45/distinfo 1.6 - sysutils/xentools45/patches/patch-CVE-2015-2752 1.1 - sysutils/xentools45/patches/patch-CVE-2015-2756 1.1 --- Module Name: pkgsrc Committed By: spz Date: Sun Apr 19 13:13:21 UTC 2015 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo pkgsrc/sysutils/xenkernel42: Makefile distinfo pkgsrc/sysutils/xenkernel45: Makefile distinfo pkgsrc/sysutils/xentools41: Makefile distinfo pkgsrc/sysutils/xentools42: Makefile distinfo pkgsrc/sysutils/xentools45: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xenkernel42/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xentools41/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xentools42/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xentools45/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 Log Message: apply fixes from upstream for XSA-125 Long latency MMIO mapping operations are not preemptible XSA-126 Unmediated PCI command register access in qemu @ text @d1 1 a1 1 # $NetBSD$ d6 1 a6 1 PKGREVISION= 16 @ 1.43 log @Add patches for XSA-121 and XSA-122 from upstream. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.42 2014/12/11 22:15:30 joerg Exp $ d6 1 a6 1 PKGREVISION= 14 @ 1.42 log @Ignore use of always non-null pointers as truth value. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.41 2014/11/27 15:36:01 bouyer Exp $ d6 1 a6 1 PKGREVISION= 13 @ 1.41 log @backport patches from Xen advisory: CVE-2014-7188/XSA-108: x86/HVM: properly bound x2APIC MSR range, fixing: A buggy or malicious HVM guest can crash the host or read data relating to other guests or the hypervisor itself. CVE-2014-8594/XSA-109: x86: don't allow page table updates on non-PV page tables in do_mmu_update(), fixing: Malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 can mount a denial of service attack which, if successful, can affect the whole system. CVE-2014-8595/XSA-110: x86emul: enforce privilege level restrictions when loading CS, fixing: Malicious HVM guest user mode code may be able to elevate its privileges to guest supervisor mode, or to crash the guest. CVE-2014-8866/XSA-111: x86: limit checks in hypercall_xlat_continuation() to actual arguments, fixing: A buggy or malicious HVM guest can crash the host. CVE-2014-8867/XSA-112: x86/HVM: confine internally handled MMIO to solitary regions, fixing: A buggy or malicious HVM guest can crash the host. CVE-2014-9030/XSA-113: x86/mm: fix a reference counting error in MMU_MACHPHYS_UPDATE, fixing: Malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 can mount a denial of service attack which, if successful, can affect the whole system. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.40 2014/10/01 17:18:22 drochner Exp $ d41 2 a42 1 -Wno-error=tautological-pointer-compare @ 1.40 log @fix out-of-bounds memory read access in x2APIC emulation (HVM only) (CVE-2014-7188) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.39 2014/09/26 10:45:00 bouyer Exp $ d6 1 a6 1 PKGREVISION= 12 @ 1.39 log @Add patch for: XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation of software interrupts bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.38 2014/06/18 13:47:08 drochner Exp $ d6 1 a6 1 PKGREVISION= 11 @ 1.38 log @add patch from upstream to fix possible data leak (CVE-2014-4021) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.37 2014/05/09 07:37:20 wiz Exp $ d6 1 a6 1 PKGREVISION= 10 @ 1.38.2.1 log @Pullup ticket #4505 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.39 - sysutils/xenkernel41/distinfo 1.30 - sysutils/xenkernel41/patches/patch-CVE-2014-7154 1.1 - sysutils/xenkernel41/patches/patch-CVE-2014-7155 1.1 - sysutils/xenkernel41/patches/patch-CVE-2014-7156 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Fri Sep 26 10:45:00 UTC 2014 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2014-7154 patch-CVE-2014-7155 patch-CVE-2014-7156 Log Message: Add patch for: XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation of software interrupts bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD$ d6 1 a6 1 PKGREVISION= 11 @ 1.37 log @Mark packages that are not ready for python-3.3 also not ready for 3.4, until proven otherwise. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.36 2014/05/05 13:39:10 drochner Exp $ d6 1 a6 1 PKGREVISION= 9 @ 1.36 log @fix possible creation of invalid P2M entries, leading to xen crash The vulnerability is only exposed to service domains for HVM guests which have privilege over the guest. In a usual configuration that means only device model emulators (qemu-dm). bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.35 2014/03/28 16:07:08 drochner Exp $ d24 1 a24 1 PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of 4.1.6.1 @ 1.35 log @add patch from upstream (XSA-89) to fix: Processing of the HVMOP_set_mem_access HVM control operations does not check the size of its input and can tie up a physical CPU for extended periods of time. bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.34 2014/03/06 15:45:45 joerg Exp $ d6 1 a6 1 PKGREVISION= 8 @ 1.34 log @Ignore tautologic pointer checks. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.33 2014/02/20 17:37:25 drochner Exp $ d6 1 a6 1 PKGREVISION= 7 @ 1.33 log @from upstream: fix the fix for CVE-2013-6885 makes the workaround for AMD CPU erratum 793 work not only on 64-bit hypervisors but also for 32bit bump PKGREV (compile tested only) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.32 2014/01/25 10:30:22 wiz Exp $ d40 2 a41 1 -Wno-error=unused-function @ 1.32 log @Mark packages as not ready for python-3.x where applicable; either because they themselves are not ready or because a dependency isn't. This is annotated by PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z or PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar respectively, please use the same style for other packages, and check during updates. Use versioned_dependencies.mk where applicable. Use REPLACE_PYTHON instead of handcoded alternatives, where applicable. Reorder Makefile sections into standard order, where applicable. Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default with the next commit. Whitespace cleanups and other nits corrected, where necessary. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.31 2014/01/24 17:07:35 drochner Exp $ d6 1 a6 1 PKGREVISION= 6 @ 1.31 log @add patch from upstream to add missing privilege check from the advisory: Malicious or misbehaving unprivileged guests can cause the host or other guests to malfunction. This can result in host-wide denial of service. Privilege escalation, while seeming to be unlikely, cannot be excluded. Only PV guests can take advantage of this vulnerability. (CVE-2014-1666) bump PKGREV @ text @d1 1 a1 2 # $NetBSD: Makefile,v 1.30 2013/12/04 10:35:01 drochner Exp $ # d24 1 @ 1.30 log @add patch from upstream to fix "Guest triggerable AMD CPU erratum may cause host hang" bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.29 2013/11/29 19:29:58 drochner Exp $ d7 1 a7 1 PKGREVISION= 5 @ 1.29 log @add patches from upstream to fix two security problems: -another lock inversion -privilege escalation (not exploitable in standard setups) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.28 2013/11/23 14:04:59 drochner Exp $ d7 1 a7 1 PKGREVISION= 4 @ 1.28 log @add patch from upstream to fix lock order inversion possibly leading to deadlock (CVE-2013-4494) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.27 2013/10/22 19:41:58 drochner Exp $ d7 1 a7 1 PKGREVISION= 3 @ 1.27 log @add patch from upstream to fix information leak through outs instruction emulation (CVE-2013-4368) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.26 2013/10/01 14:54:44 drochner Exp $ d7 1 a7 1 PKGREVISION= 2 @ 1.26 log @add patches from upstream to fix security problems: -Information leak on AVX and/or LWP capable CPUs (CVE-2013-1442 / XSA-62) -Information leaks through I/O instruction emulation (CVE-2013-4355 / XSA-63) -Information leak through fbld instruction emulation (CVE-2013-4361 / XSA-66) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.25 2013/09/27 11:35:07 joerg Exp $ d7 1 a7 1 PKGREVISION= 1 @ 1.25 log @Make -Wunused-function non-fatal for clang. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.24 2013/09/11 18:00:33 drochner Exp $ d7 1 @ 1.24 log @update to 4.1.6.1 This release fixes the following critical vulnerabilities: CVE-2013-1918 / XSA-45: Several long latency operations are not preemptible CVE-2013-1952 / XSA-49: VT-d interrupt remapping source validation flaw for bridges CVE-2013-2076 / XSA-52: Information leak on XSAVE/XRSTOR capable AMD CPUs CVE-2013-2077 / XSA-53: Hypervisor crash due to missing exception recovery on XRSTOR CVE-2013-2078 / XSA-54: Hypervisor crash due to missing exception recovery on XSETBV CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA-55: Multiple vulnerabilities in libelf PV kernel handling CVE-2013-2072 / XSA-56: Buffer overflow in xencontrol Python bindings affecting xend CVE-2013-2211 / XSA-57: libxl allows guest write access to sensitive console related xenstore keys CVE-2013-1432 / XSA-58: Page reference counting error due to XSA-45/CVE-2013-1918 fixes XSA-61: libxl partially sets up HVM passthrough even with disabled iommu This release contains many bug fixes and improvements. The highlights are: addressing a regression from the fix for XSA-21 addressing a regression from the fix for XSA-46 bug fixes to low level system state handling, including certain hardware errata workarounds (CVE-2013-1918 and CVE-2013-1952 were patched in pkgsrc before) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.23 2013/06/19 14:03:41 gdt Exp $ d38 2 a39 1 -Wno-error=parentheses-equality -Wno-error=enum-conversion @ 1.23 log @Explain xen version differences. There are 5 versions of xen in pkgsrc, which is confusing. Explain in DESCR which version is in which package (xenkernel3 contains 3.1), and which versions support PCI passthrough (only 3.1). Explain which versions support non-PAE (3.1) and PAE (3.3, 4.1, 4.2), because the HOWTO is out of date and it's easy to end up with a non-working system on a 3.1 to 3.3 update. Cuation that 2.0 is beyond crufty. This is a DESCR-only change (with PKGREVISION++ of course). (ok during freeze agc@@) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.22 2013/05/10 20:07:34 riastradh Exp $ d4 1 a4 1 VERSION= 4.1.5 a6 1 PKGREVISION= 1 @ 1.22 log @Partially back out change to PYTHON_FOR_BUILD_ONLY. This broke packages that needed a target Python at build-time. Instead, change it from defined/undefined to yes/no/tool. Most cases of defined used `yes' anyway; fix the few stragglers do that instead. New case `tool' is for TOOL_DEPENDS rather than buildlink3. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.21 2013/05/03 16:48:37 drochner Exp $ d7 1 @ 1.21 log @update to 4.1.5 This integrates fixes for all vulnerabilities which were patched in pkgsrc before. Among many bug fixes and improvements (around 50 since Xen 4.1.4): * ACPI APEI/ERST finally working on production systems * Bug fixes for other low level system state handling * Support for xz compressed Dom0 and DomU kernels @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.20 2013/04/19 14:02:45 bouyer Exp $ d22 1 a22 1 PYTHON_FOR_BUILD_ONLY= # empty @ 1.20 log @Add patches from Xen security advisory: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.19 2013/04/11 19:57:51 joerg Exp $ d4 1 a4 1 VERSION= 4.1.4 a6 1 PKGREVISION= 2 @ 1.19 log @Allow building Xen infrastructure with Clang. Fix various bugs in xenkernel3, xenkernel41, xentools3 and xentools41 exposed by Clang default warnings. Bump revisions for those. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.18 2013/04/06 13:01:27 rodent Exp $ d7 1 a7 1 PKGREVISION= 1 @ 1.18 log @'EXTRACT_SUFX is ".tar.gz" by default, so this definition may be redundant.' - It was. Removed. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.17 2013/01/17 19:37:54 drochner Exp $ d7 1 d36 8 @ 1.17 log @update to 4.1.4 changes: -fixes for many vulnerabilities (were mostly patched in pkgsrc) -bug fixes and improvements (almost 100 since Xen 4.1.3). Highlights are: -A fix for a long standing time management issue -Bug fixes for S3 (suspend to RAM) handling -Bug fixes for other low level system state handling pkgsrc note: fixes for CVE-2012-5634 (interrupt issue on IOMMU systems) and CVE-2012-6075 (oversized packets from e1000 driver) are already included @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.16 2012/12/05 19:16:26 drochner Exp $ a8 1 EXTRACT_SUFX= .tar.gz @ 1.17.2.1 log @Pullup ticket #4125 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.19-1.20 - sysutils/xenkernel41/distinfo 1.15-1.16 - sysutils/xenkernel41/patches/patch-CVE-2013-1917-1 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1917-2 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1917-3 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1920 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1964-1 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1964-2 1.1 - sysutils/xenkernel41/patches/patch-Config.mk 1.1 - sysutils/xenkernel41/patches/patch-xen_Makefile 1.1 - sysutils/xenkernel41/patches/patch-xen_arch_x86_Rules.mk 1.1 - sysutils/xenkernel41/patches/patch-xen_arch_x86_cpu_mcheck_vmce.c 1.1 - sysutils/xenkernel41/patches/patch-xen_arch_x86_time.c 1.1 --- Module Name: pkgsrc Committed By: joerg Date: Thu Apr 11 19:57:53 UTC 2013 Modified Files: pkgsrc/sysutils/xenkernel3: Makefile distinfo pkgsrc/sysutils/xenkernel3/patches: patch-cw pkgsrc/sysutils/xenkernel33: Makefile distinfo pkgsrc/sysutils/xenkernel41: Makefile distinfo pkgsrc/sysutils/xentools3: Makefile distinfo pkgsrc/sysutils/xentools3-hvm: Makefile distinfo pkgsrc/sysutils/xentools3/patches: patch-.._patch-Config.mk patch-cg pkgsrc/sysutils/xentools33: Makefile distinfo pkgsrc/sysutils/xentools33/patches: patch-ab pkgsrc/sysutils/xentools41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel3/patches: patch-xen_arch_x86_hvm_io.c patch-xen_arch_x86_string.c pkgsrc/sysutils/xenkernel33/patches: patch-Config.mk patch-xen_Makefile patch-xen_arch_x86_Rules.mk pkgsrc/sysutils/xenkernel41/patches: patch-Config.mk patch-xen_Makefile patch-xen_arch_x86_Rules.mk patch-xen_arch_x86_cpu_mcheck_vmce.c patch-xen_arch_x86_time.c pkgsrc/sysutils/xentools3-hvm/patches: patch-.._patch-Config.mk pkgsrc/sysutils/xentools3/patches: patch-libxc_xc__dom__x86.c pkgsrc/sysutils/xentools33/patches: patch-blktap_drivers_block-qcow.c patch-ioemu_block-vvfat.c pkgsrc/sysutils/xentools41/patches: patch-.._.._ipxe_src_arch_i386_include_librm.h patch-.._.._ipxe_src_core_settings.c patch-.._.._ipxe_src_net_tls.c patch-.._Config.mk patch-firmware_hvmloader_Makefile patch-libcx_xc__dom__boot.c patch-xenstat_libxenstat_Makefile Log Message: Allow building Xen infrastructure with Clang. Fix various bugs in xenkernel3, xenkernel41, xentools3 and xentools41 exposed by Clang default warnings. Bump revisions for those. --- Module Name: pkgsrc Committed By: bouyer Date: Fri Apr 19 14:02:46 UTC 2013 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2013-1917-1 patch-CVE-2013-1917-2 patch-CVE-2013-1917-3 patch-CVE-2013-1920 patch-CVE-2013-1964-1 patch-CVE-2013-1964-2 Log Message: Add patches from Xen security advisory: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD$ a6 1 PKGREVISION= 2 a35 8 .include "../../mk/compiler.mk" .if !empty(PKGSRC_COMPILER:Mclang) EXTRA_CFLAGS+= -Qunused-arguments -no-integrated-as -Wno-error=format \ -Wno-error=parentheses-equality -Wno-error=enum-conversion .endif MAKE_ENV+= EXTRA_CFLAGS=${EXTRA_CFLAGS:Q} @ 1.16 log @add another batch of security patches from upstream bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.15 2012/11/14 13:42:41 drochner Exp $ d4 1 a4 1 VERSION= 4.1.3 a6 1 PKGREVISION= 2 @ 1.15 log @add patches from Xen SA 20..24 to fix various security problems (CVE-2012-4535..4539) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.14 2012/10/23 19:51:36 asau Exp $ d7 1 a7 1 PKGREVISION= 1 @ 1.14 log @Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.13 2012/09/16 19:46:02 dholland Exp $ d7 1 @ 1.13 log @Fix COMMENT, noted by Mayuresh on pkgsrc-users. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.12 2012/09/12 11:04:17 drochner Exp $ a16 2 PKG_DESTDIR_SUPPORT= user-destdir @ 1.12 log @update to 4.1.3 also add security patches from upstream (for CVE-2012-3497, no patches are available yet) changes: -fixes for vulnerabilities were integrated -many bug fixes and improvements, Highlights are: -Updates for the latest Intel/AMD CPU revisions -Bug fixes for IOMMU handling (device passthrough to HVM guests) approved by maintainer @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.11 2012/08/10 09:59:47 drochner Exp $ d13 1 a13 1 COMMENT= Xen 4.1.2 Kernel @ 1.11 log @add patch from upstream to fix a possible DOS by HVM guests on teardown (CVE-2012-3433) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10 2012/08/01 12:28:18 asau Exp $ d4 1 a4 1 VERSION= 4.1.2 a6 1 PKGREVISION= 4 @ 1.10 log @Slightly simplify build process. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.9 2012/08/01 12:22:28 asau Exp $ d7 1 a7 1 PKGREVISION= 3 @ 1.9 log @Use default WRKSRC. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 2012/07/27 18:50:34 drochner Exp $ d40 2 a41 2 cd ${WRKSRC} && ${BUILD_MAKE_CMD} debug=n xen ${CP} ${WRKSRC}/dist/install/boot/xen.gz ${WRKDIR}/xen.gz d43 2 a44 2 cd ${WRKSRC} && ${BUILD_MAKE_CMD} debug=y xen ${CP} ${WRKSRC}/dist/install/boot/xen.gz ${WRKDIR}/xen-debug.gz @ 1.8 log @add patch from upstream to fix bug in MMIO emulation which can cause guest crashes by unprivileged users, only for HVM guests, and if MMIO is granted to the user process (CVE-2012-3432) bump PKGREV @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 2012/06/19 20:17:06 bouyer Exp $ a22 2 WRKSRC= ${WRKDIR}/xen-${VERSION} @ 1.7 log @Move patches to the right place. Bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2012/06/12 15:59:04 bouyer Exp $ d7 1 a7 1 PKGREVISION= 2 @ 1.7.2.1 log @Pullup ticket #3885 - requested by drochner sysutils/xenkernel33: security patch sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel33/Makefile 1.18 - sysutils/xenkernel33/distinfo 1.16 - sysutils/xenkernel33/patches/patch-CVE-2012-3432 1.1 - sysutils/xenkernel41/Makefile 1.8 - sysutils/xenkernel41/distinfo 1.8 - sysutils/xenkernel41/patches/patch-CVE-2012-3432 1.1 --- Module Name: pkgsrc Committed By: drochner Date: Fri Jul 27 18:50:34 UTC 2012 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2012-3432 Log Message: add patch from upstream to fix bug in MMIO emulation which can cause guest crashes by unprivileged users, only for HVM guests, and if MMIO is granted to the user process (CVE-2012-3432) bump PKGREV --- Module Name: pkgsrc Committed By: drochner Date: Sat Jul 28 12:02:16 UTC 2012 Modified Files: pkgsrc/sysutils/xenkernel33: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel33/patches: patch-CVE-2012-3432 Log Message: copy security patch from xenkernel41 - it also applies to 3.3 (noticed by Daniel Horecki) bump PKGREV @ text @d1 1 a1 1 # $NetBSD$ d7 1 a7 1 PKGREVISION= 3 @ 1.6 log @pull up patches from upstream, fixing XSA7, XSA8 and XSA9. PKGREVISION++ @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 2011/11/20 03:12:44 jym Exp $ d7 1 a7 1 PKGREVISION= 1 @ 1.5 log @Add a MESSAGE so that we can point to the right location for Xen kernels. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2011/10/21 18:26:58 cegger Exp $ d7 1 a7 1 #PKGREVISION= 1 @ 1.5.4.1 log @Pullup ticket #3834 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.6 - sysutils/xenkernel41/distinfo 1.7 - sysutils/xenkernel41/patch-xsa7-xsa8-xen-4.1 1.1 - sysutils/xenkernel41/patch-xsa9-xen-4.1 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Tue Jun 12 15:59:04 UTC 2012 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41: patch-xsa7-xsa8-xen-4.1 patch-xsa9-xen-4.1 Log Message: pull up patches from upstream, fixing XSA7, XSA8 and XSA9. PKGREVISION++ @ text @d1 1 a1 1 # $NetBSD$ d7 1 a7 1 PKGREVISION= 1 @ 1.5.4.2 log @Pullup ticket #3837 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.7 - sysutils/xenkernel41/patch-xsa7-xsa8-xen-4.1 deleted - sysutils/xenkernel41/patch-xsa9-xen-4.1 deleted - sysutils/xenkernel41/patches/patch-xsa7-xsa8-xen-4.1 1.1 - sysutils/xenkernel41/patches/patch-xsa9-xen-4.1 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Tue Jun 19 20:17:07 UTC 2012 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-xsa7-xsa8-xen-4.1 patch-xsa9-xen-4.1 Removed Files: pkgsrc/sysutils/xenkernel41: patch-xsa7-xsa8-xen-4.1 patch-xsa9-xen-4.1 Log Message: Move patches to the right place. Bump PKGREVISION @ text @d7 1 a7 1 PKGREVISION= 2 @ 1.4 log @Update to Xen 4.1.2 Fixes/features include: * New XL toolstack * kexec/kdump * Remus * Device passthrough to HVM guests * Interrupt handling * Support for Supervisor Mode Execution Protection (SMEP) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.3 2011/10/16 20:32:44 bouyer Exp $ d37 3 d49 4 a52 2 ${INSTALL_DATA} ${WRKDIR}/xen.gz ${DESTDIR}${PREFIX}/${INSTALLATION_DIRS}/xen.gz ${INSTALL_DATA} ${WRKDIR}/xen-debug.gz ${DESTDIR}${PREFIX}/${INSTALLATION_DIRS}/xen-debug.gz @ 1.3 log @This builds fine on netbsd-5, so relax ONLY_FOR_PLATFORM @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.2 2011/06/16 10:28:47 cegger Exp $ d4 1 a4 1 VERSION= 4.1.1 d14 1 a14 1 COMMENT= Xen 4.1.1 Kernel d32 1 a32 1 # See work/xen-4.1.1/Config.mk:41 why PYTHON must be set and what for d41 1 a41 1 cd ${WRKSRC} && ${MAKE_PROGRAM} clean @ 1.2 log @Xen 4.1.1 (maintenance release) * Security fixes including CVE-2011-1583 CVE-2011-1898 * Enhancements to guest introspection (VM single stepping support for very fine-grained access control) * Many stability improvements, such as: PV-on-HVM stability fixes (fixing some IRQ issues), XSAVE cpu feature support for PV guests (allows safe use of latest multimedia instructions), RAS fixes for high availability, fixes for offlining bad pages and changes to libxc, mainly of benefit to libvirt * Compatibility fixes for newer Linux guests, newer compilers, some old guest savefiles, newer Python, grub2, some hardware/BIOS bugs. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1.1.1 2011/04/06 09:05:53 cegger Exp $ d21 1 a21 1 ONLY_FOR_PLATFORM+= NetBSD-[5-9].99.*-x86_64 NetBSD-[5-9].99.*-i386 @ 1.2.4.1 log @Pullup ticket #3570 - requested by bouyer sysutils/xenkernel41 build fix Revisions pulled up: - sysutils/xenkernel41/Makefile 1.3 - sysutils/xentools41/Makefile 1.12 --- Module Name: pkgsrc Committed By: bouyer Date: Sun Oct 16 20:32:44 UTC 2011 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile Log Message: This builds fine on netbsd-5, so relax ONLY_FOR_PLATFORM --- Module Name: pkgsrc Committed By: bouyer Date: Sun Oct 16 20:33:35 UTC 2011 Modified Files: pkgsrc/sysutils/xentools41: Makefile Log Message: This needs iasl to build, so depend on acpica-utils if /usr/bin/iasl doens't exist. @ text @d1 1 a1 1 # $NetBSD$ d21 1 a21 1 ONLY_FOR_PLATFORM+= NetBSD-[5-9].*-x86_64 NetBSD-[5-9].*-i386 @ 1.1 log @Initial revision @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.11 2009/08/07 12:43:46 cegger Exp $ d4 1 a4 1 VERSION= 4.1.0 d14 1 a14 1 COMMENT= Xen 4.1.0 Kernel d32 1 a32 1 # See work/xen-4.1.0/Config.mk:41 why PYTHON must be set and what for @ 1.1.1.1 log @Xen is a virtual machine monitor which supports running multiple guests operating systems on a single machine. Guest OSes (also called "domains" ) require a modified kernel which supports Xen hypercalls in replacement to access to the physical hardware. At boot, the xen kernel is loaded along with the guest kernel for the first domain (called domain0). domain0 has privileges to access the physical hardware (PCI and ISA devices), administrate other domains and provide virtual devices (disks and network) to other domains. This package contains the Xen4 kernel itself. Release notes: The Xen team is pleased to announce the release of Xen 4.1. The result of nearly 12 months of development, new features include: * A re-architected and improved XL toolstack replacing XM/XEND * Prototype credit2 scheduler designed for latency-sensitive workloads and very large systems. * CPU Pools for advanced partitioning. * Support for large systems (>255 processors) * Support for x86 Advanced Vector eXtension (AVX). * New Memory Access API enabling integration of 3rd party security solutions into Xen virtualized environments. * Many IOMMU fixes (both Intel VT-d IOMMU and AMD IOMMU). * Many toolstack and buildsystem fixes for Linux and NetBSD hosts. * Thirdparty libs: libvirt driver for libxl has been merged to upstream libvirt. * HVM guest PXE boot enhancements, replacing gPXE with iPXE. * Even better stability through our new automated regression tests. Detailed release notes, including a more extensive feature list: http://wiki.xen.org/xenwiki/Xen4.1 To download tarballs: http://xen.org/products/xen_source.html Or the Mercurial source repository (tag 'RELEASE-4.1.0'): http://xenbits.xen.org/xen-unstable.hg And the announcement on the Xen blog: http://blog.xen.org/index.php/2011/03/25/xen-4-1-releases/ Thanks to the many people who have contributed to this release! Regards, The Xen Team @ text @@