head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.1.0.2
	pkgsrc-2013Q2-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2013.09.11.18.00.33;	author drochner;	state dead;
branches;
next	1.1;
commitid	76aqq1Rgu8ITY25x;

1.1
date	2013.05.03.16.48.37;	author drochner;	state Exp;
branches;
next	;


desc
@@


1.2
log
@update to 4.1.6.1
This release fixes the following critical vulnerabilities:
CVE-2013-1918 / XSA-45: Several long latency operations are not
 preemptible
CVE-2013-1952 / XSA-49: VT-d interrupt remapping source validation flaw
 for bridges
CVE-2013-2076 / XSA-52: Information leak on XSAVE/XRSTOR capable AMD CPUs
CVE-2013-2077 / XSA-53: Hypervisor crash due to missing exception
 recovery on XRSTOR
CVE-2013-2078 / XSA-54: Hypervisor crash due to missing exception
 recovery on XSETBV
CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA-55: Multiple
 vulnerabilities in libelf PV kernel handling
CVE-2013-2072 / XSA-56: Buffer overflow in xencontrol Python bindings
 affecting xend
CVE-2013-2211 / XSA-57: libxl allows guest write access to sensitive
 console related xenstore keys
CVE-2013-1432 / XSA-58: Page reference counting error due to
 XSA-45/CVE-2013-1918 fixes
XSA-61: libxl partially sets up HVM passthrough even with disabled iommu
This release contains many bug fixes and improvements. The highlights are:
addressing a regression from the fix for XSA-21
addressing a regression from the fix for XSA-46
bug fixes to low level system state handling, including certain
 hardware errata workarounds

(CVE-2013-1918 and CVE-2013-1952 were patched in pkgsrc before)
@
text
@$NetBSD: patch-CVE-2013-1918_12,v 1.1 2013/05/03 16:48:37 drochner Exp $

--- xen/arch/x86/hvm/vlapic.c.orig	2013-04-23 16:44:20.000000000 +0000
+++ xen/arch/x86/hvm/vlapic.c
@@@@ -252,10 +252,13 @@@@ static void vlapic_init_sipi_action(unsi
     {
     case APIC_DM_INIT: {
         bool_t fpu_initialised;
+        int rc;
+
         domain_lock(target->domain);
         /* Reset necessary VCPU state. This does not include FPU state. */
         fpu_initialised = target->fpu_initialised;
-        vcpu_reset(target);
+        rc = vcpu_reset(target);
+        ASSERT(!rc);
         target->fpu_initialised = fpu_initialised;
         vlapic_reset(vcpu_vlapic(target));
         domain_unlock(target->domain);
@


1.1
log
@update to 4.1.5
This integrates fixes for all vulnerabilities which were patched
in pkgsrc before.
Among many bug fixes and improvements (around 50 since Xen 4.1.4):
 * ACPI APEI/ERST finally working on production systems
 * Bug fixes for other low level system state handling
 * Support for xz compressed Dom0 and DomU kernels
@
text
@d1 1
a1 1
$NetBSD$
@