head 1.2; access; symbols pkgsrc-2016Q4:1.1.0.26 pkgsrc-2016Q4-base:1.1 pkgsrc-2016Q3:1.1.0.24 pkgsrc-2016Q3-base:1.1 pkgsrc-2016Q2:1.1.0.22 pkgsrc-2016Q2-base:1.1 pkgsrc-2016Q1:1.1.0.20 pkgsrc-2016Q1-base:1.1 pkgsrc-2015Q4:1.1.0.18 pkgsrc-2015Q4-base:1.1 pkgsrc-2015Q3:1.1.0.16 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.14 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.12 pkgsrc-2015Q1-base:1.1 pkgsrc-2014Q4:1.1.0.10 pkgsrc-2014Q4-base:1.1 pkgsrc-2014Q3:1.1.0.8 pkgsrc-2014Q3-base:1.1 pkgsrc-2014Q2:1.1.0.6 pkgsrc-2014Q2-base:1.1 pkgsrc-2014Q1:1.1.0.4 pkgsrc-2014Q1-base:1.1 pkgsrc-2013Q4:1.1.0.2 pkgsrc-2013Q4-base:1.1; locks; strict; comment @# @; 1.2 date 2016.12.29.19.13.01; author wiz; state dead; branches; next 1.1; commitid kFYPk8EnajcmFUzz; 1.1 date 2013.10.22.19.41.58; author drochner; state Exp; branches; next ; commitid 0FFM7GPUK22Rekax; desc @@ 1.2 log @Remove xenkernel and tools versions 3, 33, and 41. As discussed on pkgsrc-users. @ text @$NetBSD: patch-CVE-2013-4368,v 1.1 2013/10/22 19:41:58 drochner Exp $ http://lists.xenproject.org/archives/html/xen-devel/2013-10/msg00812.html --- xen/arch/x86/traps.c.orig 2013-09-10 08:42:18.000000000 +0200 +++ xen/arch/x86/traps.c 2013-10-22 21:11:24.000000000 +0200 @@@@ -1965,10 +1965,10 @@@@ static int emulate_privileged_op(struct break; } } - else - read_descriptor(data_sel, v, regs, - &data_base, &data_limit, &ar, - 0); + else if ( !read_descriptor(data_sel, v, regs, + &data_base, &data_limit, &ar, 0) || + !(ar & _SEGMENT_S) || !(ar & _SEGMENT_P) ) + goto fail; data_limit = ~0UL; ar = _SEGMENT_WR|_SEGMENT_S|_SEGMENT_DPL|_SEGMENT_P; } @ 1.1 log @add patch from upstream to fix information leak through outs instruction emulation (CVE-2013-4368) bump PKGREV @ text @d1 1 a1 1 $NetBSD$ @