head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.2 pkgsrc-2013Q2-base:1.2 pkgsrc-2013Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2013.05.03.16.48.37; author drochner; state dead; branches; next 1.1; 1.1 date 2013.04.19.14.02.45; author bouyer; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2013.04.19.14.02.45; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2013.04.24.22.25.48; author tron; state Exp; branches; next ; desc @@ 1.2 log @update to 4.1.5 This integrates fixes for all vulnerabilities which were patched in pkgsrc before. Among many bug fixes and improvements (around 50 since Xen 4.1.4): * ACPI APEI/ERST finally working on production systems * Bug fixes for other low level system state handling * Support for xz compressed Dom0 and DomU kernels @ text @$NetBSD: patch-CVE-2013-1917-1,v 1.1 2013/04/19 14:02:45 bouyer Exp $ http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html --- xen/arch/x86/acpi/suspend.c.orig +++ xen/arch/x86/acpi/suspend.c @@@@ -81,8 +81,12 @@@@ void restore_rest_processor_state(void) } #else /* !defined(CONFIG_X86_64) */ - if ( supervisor_mode_kernel && cpu_has_sep ) - wrmsr(MSR_IA32_SYSENTER_ESP, &this_cpu(init_tss).esp1, 0); + if ( cpu_has_sep ) + { + wrmsr(MSR_IA32_SYSENTER_CS, 0, 0); + if ( supervisor_mode_kernel ) + wrmsr(MSR_IA32_SYSENTER_ESP, &this_cpu(init_tss).esp1, 0); + } #endif /* Maybe load the debug registers. */ @ 1.1 log @Add patches from Xen security advisory: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html bump PKGREVISION @ text @d1 1 a1 1 $NetBSD: patch-CVE-2012-5511_2,v 1.2 2013/01/17 19:37:55 drochner Exp $ @ 1.1.2.1 log @file patch-CVE-2013-1917-1 was added on branch pkgsrc-2013Q1 on 2013-04-24 22:25:48 +0000 @ text @d1 21 @ 1.1.2.2 log @Pullup ticket #4125 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.19-1.20 - sysutils/xenkernel41/distinfo 1.15-1.16 - sysutils/xenkernel41/patches/patch-CVE-2013-1917-1 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1917-2 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1917-3 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1920 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1964-1 1.1 - sysutils/xenkernel41/patches/patch-CVE-2013-1964-2 1.1 - sysutils/xenkernel41/patches/patch-Config.mk 1.1 - sysutils/xenkernel41/patches/patch-xen_Makefile 1.1 - sysutils/xenkernel41/patches/patch-xen_arch_x86_Rules.mk 1.1 - sysutils/xenkernel41/patches/patch-xen_arch_x86_cpu_mcheck_vmce.c 1.1 - sysutils/xenkernel41/patches/patch-xen_arch_x86_time.c 1.1 --- Module Name: pkgsrc Committed By: joerg Date: Thu Apr 11 19:57:53 UTC 2013 Modified Files: pkgsrc/sysutils/xenkernel3: Makefile distinfo pkgsrc/sysutils/xenkernel3/patches: patch-cw pkgsrc/sysutils/xenkernel33: Makefile distinfo pkgsrc/sysutils/xenkernel41: Makefile distinfo pkgsrc/sysutils/xentools3: Makefile distinfo pkgsrc/sysutils/xentools3-hvm: Makefile distinfo pkgsrc/sysutils/xentools3/patches: patch-.._patch-Config.mk patch-cg pkgsrc/sysutils/xentools33: Makefile distinfo pkgsrc/sysutils/xentools33/patches: patch-ab pkgsrc/sysutils/xentools41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel3/patches: patch-xen_arch_x86_hvm_io.c patch-xen_arch_x86_string.c pkgsrc/sysutils/xenkernel33/patches: patch-Config.mk patch-xen_Makefile patch-xen_arch_x86_Rules.mk pkgsrc/sysutils/xenkernel41/patches: patch-Config.mk patch-xen_Makefile patch-xen_arch_x86_Rules.mk patch-xen_arch_x86_cpu_mcheck_vmce.c patch-xen_arch_x86_time.c pkgsrc/sysutils/xentools3-hvm/patches: patch-.._patch-Config.mk pkgsrc/sysutils/xentools3/patches: patch-libxc_xc__dom__x86.c pkgsrc/sysutils/xentools33/patches: patch-blktap_drivers_block-qcow.c patch-ioemu_block-vvfat.c pkgsrc/sysutils/xentools41/patches: patch-.._.._ipxe_src_arch_i386_include_librm.h patch-.._.._ipxe_src_core_settings.c patch-.._.._ipxe_src_net_tls.c patch-.._Config.mk patch-firmware_hvmloader_Makefile patch-libcx_xc__dom__boot.c patch-xenstat_libxenstat_Makefile Log Message: Allow building Xen infrastructure with Clang. Fix various bugs in xenkernel3, xenkernel41, xentools3 and xentools41 exposed by Clang default warnings. Bump revisions for those. --- Module Name: pkgsrc Committed By: bouyer Date: Fri Apr 19 14:02:46 UTC 2013 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2013-1917-1 patch-CVE-2013-1917-2 patch-CVE-2013-1917-3 patch-CVE-2013-1920 patch-CVE-2013-1964-1 patch-CVE-2013-1964-2 Log Message: Add patches from Xen security advisory: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html bump PKGREVISION @ text @a0 21 $NetBSD$ http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html --- xen/arch/x86/acpi/suspend.c.orig +++ xen/arch/x86/acpi/suspend.c @@@@ -81,8 +81,12 @@@@ void restore_rest_processor_state(void) } #else /* !defined(CONFIG_X86_64) */ - if ( supervisor_mode_kernel && cpu_has_sep ) - wrmsr(MSR_IA32_SYSENTER_ESP, &this_cpu(init_tss).esp1, 0); + if ( cpu_has_sep ) + { + wrmsr(MSR_IA32_SYSENTER_CS, 0, 0); + if ( supervisor_mode_kernel ) + wrmsr(MSR_IA32_SYSENTER_ESP, &this_cpu(init_tss).esp1, 0); + } #endif /* Maybe load the debug registers. */ @