head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.2 pkgsrc-2013Q2-base:1.2 pkgsrc-2013Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2013.05.03.16.48.38; author drochner; state dead; branches; next 1.1; 1.1 date 2013.04.19.14.03.51; author bouyer; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2013.04.19.14.03.51; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2013.04.24.21.11.06; author tron; state Exp; branches; next ; desc @@ 1.2 log @update to 4.1.5 This integrates fixes for all vulnerabilities which were patched in pkgsrc before. Among many bug fixes and improvements (around 50 since Xen 4.1.4): * ACPI APEI/ERST finally working on production systems * Bug fixes for other low level system state handling * Support for xz compressed Dom0 and DomU kernels @ text @$NetBSD: patch-CVE-2013-0215-1,v 1.1 2013/04/19 14:03:51 bouyer Exp $ http://lists.xen.org/archives/html/xen-announce/2013-02/msg00005.html --- ocaml/libs/xb/partial.ml.orig +++ ocaml/libs/xb/partial.ml @@@@ -27,8 +27,15 @@@@ external header_size: unit -> int = "stub_header_size" external header_of_string_internal: string -> int * int * int * int = "stub_header_of_string" +let xenstore_payload_max = 4096 (* xen/include/public/io/xs_wire.h *) + let of_string s = let tid, rid, opint, dlen = header_of_string_internal s in + (* A packet which is bigger than xenstore_payload_max is illegal. + This will leave the guest connection is a bad state and will + be hard to recover from without restarting the connection + (ie rebooting the guest) *) + let dlen = min xenstore_payload_max dlen in { tid = tid; rid = rid; @@@@ -38,6 +45,7 @@@@ let of_string s = } let append pkt s sz = + if pkt.len > 4096 then failwith "Buffer.add: cannot grow buffer"; Buffer.add_string pkt.buf (String.sub s 0 sz) let to_complete pkt = @ 1.1 log @Add patch from Xen security advisory: http://lists.xen.org/archives/html/xen-announce/2013-02/msg00005.html @ text @d1 1 a1 1 $NetBSD: patch-CVE-2012-6075,v 1.1 2013/01/20 15:21:55 drochner Exp $ @ 1.1.2.1 log @file patch-CVE-2013-0215-1 was added on branch pkgsrc-2013Q1 on 2013-04-24 21:11:06 +0000 @ text @d1 30 @ 1.1.2.2 log @Pullup ticket #4124 - requested by bouyer sysutils/xentools41: security patch Revisions pulled up: - sysutils/xentools41/Makefile 1.30-1.31 - sysutils/xentools41/distinfo 1.27-1.28 - sysutils/xentools41/patches/patch-.._.._ipxe_src_arch_i386_include_librm.h 1.1 - sysutils/xentools41/patches/patch-.._.._ipxe_src_core_settings.c 1.1 - sysutils/xentools41/patches/patch-.._.._ipxe_src_net_tls.c 1.1 - sysutils/xentools41/patches/patch-.._Config.mk 1.1 - sysutils/xentools41/patches/patch-CVE-2013-0215-1 1.1 - sysutils/xentools41/patches/patch-CVE-2013-0215-2 1.1 - sysutils/xentools41/patches/patch-firmware_hvmloader_Makefile 1.1 - sysutils/xentools41/patches/patch-libcx_xc__dom__boot.c 1.1 - sysutils/xentools41/patches/patch-xenstat_libxenstat_Makefile 1.1 --- Module Name: pkgsrc Committed By: joerg Date: Thu Apr 11 19:57:53 UTC 2013 Modified Files: pkgsrc/sysutils/xenkernel3: Makefile distinfo pkgsrc/sysutils/xenkernel3/patches: patch-cw pkgsrc/sysutils/xenkernel33: Makefile distinfo pkgsrc/sysutils/xenkernel41: Makefile distinfo pkgsrc/sysutils/xentools3: Makefile distinfo pkgsrc/sysutils/xentools3-hvm: Makefile distinfo pkgsrc/sysutils/xentools3/patches: patch-.._patch-Config.mk patch-cg pkgsrc/sysutils/xentools33: Makefile distinfo pkgsrc/sysutils/xentools33/patches: patch-ab pkgsrc/sysutils/xentools41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel3/patches: patch-xen_arch_x86_hvm_io.c patch-xen_arch_x86_string.c pkgsrc/sysutils/xenkernel33/patches: patch-Config.mk patch-xen_Makefile patch-xen_arch_x86_Rules.mk pkgsrc/sysutils/xenkernel41/patches: patch-Config.mk patch-xen_Makefile patch-xen_arch_x86_Rules.mk patch-xen_arch_x86_cpu_mcheck_vmce.c patch-xen_arch_x86_time.c pkgsrc/sysutils/xentools3-hvm/patches: patch-.._patch-Config.mk pkgsrc/sysutils/xentools3/patches: patch-libxc_xc__dom__x86.c pkgsrc/sysutils/xentools33/patches: patch-blktap_drivers_block-qcow.c patch-ioemu_block-vvfat.c pkgsrc/sysutils/xentools41/patches: patch-.._.._ipxe_src_arch_i386_include_librm.h patch-.._.._ipxe_src_core_settings.c patch-.._.._ipxe_src_net_tls.c patch-.._Config.mk patch-firmware_hvmloader_Makefile patch-libcx_xc__dom__boot.c patch-xenstat_libxenstat_Makefile Log Message: Allow building Xen infrastructure with Clang. Fix various bugs in xenkernel3, xenkernel41, xentools3 and xentools41 exposed by Clang default warnings. Bump revisions for those. --- Module Name: pkgsrc Committed By: bouyer Date: Fri Apr 19 14:03:52 UTC 2013 Modified Files: pkgsrc/sysutils/xentools41: Makefile distinfo Added Files: pkgsrc/sysutils/xentools41/patches: patch-CVE-2013-0215-1 patch-CVE-2013-0215-2 Log Message: Add patch from Xen security advisory: http://lists.xen.org/archives/html/xen-announce/2013-02/msg00005.html @ text @a0 30 $NetBSD$ http://lists.xen.org/archives/html/xen-announce/2013-02/msg00005.html --- ocaml/libs/xb/partial.ml.orig +++ ocaml/libs/xb/partial.ml @@@@ -27,8 +27,15 @@@@ external header_size: unit -> int = "stub_header_size" external header_of_string_internal: string -> int * int * int * int = "stub_header_of_string" +let xenstore_payload_max = 4096 (* xen/include/public/io/xs_wire.h *) + let of_string s = let tid, rid, opint, dlen = header_of_string_internal s in + (* A packet which is bigger than xenstore_payload_max is illegal. + This will leave the guest connection is a bad state and will + be hard to recover from without restarting the connection + (ie rebooting the guest) *) + let dlen = min xenstore_payload_max dlen in { tid = tid; rid = rid; @@@@ -38,6 +45,7 @@@@ let of_string s = } let append pkt s sz = + if pkt.len > 4096 then failwith "Buffer.add: cannot grow buffer"; Buffer.add_string pkt.buf (String.sub s 0 sz) let to_complete pkt = @