![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / sysutils / xenkernel41
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.55, Thu Dec 29 19:13:01 2016 UTC (7 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: HEAD
Changes since 1.54: +1 -1
lines
FILE REMOVED
Remove xenkernel and tools versions 3, 33, and 41. As discussed on pkgsrc-users.
Revision 1.54 / (download) - annotate - [select for diffs], Wed Dec 21 15:35:44 2016 UTC (7 years, 3 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base,
pkgsrc-2016Q4
Changes since 1.53: +2 -2
lines
Diff to previous 1.53 (colored)
Apply patch backported from upstream, fixing XSA-202 Bump PKGREVISION
Revision 1.53 / (download) - annotate - [select for diffs], Tue Dec 20 10:22:28 2016 UTC (7 years, 4 months ago) by bouyer
Branch: MAIN
Changes since 1.52: +2 -2
lines
Diff to previous 1.52 (colored)
Apply upstream patch for XSA-199, XSA-200 and XSA-204. Bump PKGREVISIONs
Revision 1.52 / (download) - annotate - [select for diffs], Tue Nov 22 20:53:40 2016 UTC (7 years, 4 months ago) by bouyer
Branch: MAIN
Changes since 1.51: +2 -2
lines
Diff to previous 1.51 (colored)
Backport upstream patches, fixing today's XSA 191, 192, 195, 197, 198. Bump PKGREVISIONs
Revision 1.51 / (download) - annotate - [select for diffs], Thu Sep 8 15:41:01 2016 UTC (7 years, 7 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base,
pkgsrc-2016Q3
Changes since 1.50: +2 -2
lines
Diff to previous 1.50 (colored)
Backport upstream patches for security issues: XSA-185: x86: Disallow L3 recursive pagetable for 32-bit PV guests XSA-187: x86 HVM: Overflow of sh_ctxt->seg_reg[] bump PKGREVISION
Revision 1.48.4.1 / (download) - annotate - [select for diffs], Thu Jul 28 14:09:14 2016 UTC (7 years, 8 months ago) by spz
Branch: pkgsrc-2016Q2
Changes since 1.48: +2 -2
lines
Diff to previous 1.48 (colored) next main 1.49 (colored)
Pullup ticket #5072 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.50 - sysutils/xenkernel41/distinfo 1.43 - sysutils/xenkernel41/patches/patch-XSA-182 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: bouyer Date: Tue Jul 26 15:59:20 UTC 2016 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-XSA-182 Log Message: Apply security patch from XSA-182. Bump PKGREVISION xen 4.2 is not vulnerable to XSA-183. To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.50 pkgsrc/sysutils/xenkernel41/Makefile cvs rdiff -u -r1.42 -r1.43 pkgsrc/sysutils/xenkernel41/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/sysutils/xenkernel41/patches/patch-XSA-182
Revision 1.50 / (download) - annotate - [select for diffs], Tue Jul 26 15:59:20 2016 UTC (7 years, 8 months ago) by bouyer
Branch: MAIN
Changes since 1.49: +2 -2
lines
Diff to previous 1.49 (colored)
Apply security patch from XSA-182. Bump PKGREVISION xen 4.2 is not vulnerable to XSA-183.
Revision 1.49 / (download) - annotate - [select for diffs], Sat Jul 9 13:04:08 2016 UTC (7 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.48: +2 -2
lines
Diff to previous 1.48 (colored)
Remove python33: adapt all packages that refer to it.
Revision 1.47.2.1 / (download) - annotate - [select for diffs], Mon Jan 11 20:26:11 2016 UTC (8 years, 3 months ago) by bsiegert
Branch: pkgsrc-2015Q4
Changes since 1.47: +2 -2
lines
Diff to previous 1.47 (colored) next main 1.48 (colored)
Pullup ticket #4887 - requested by bouyer sysutils/xenkernel41: security fix sysutils/xentools41: security fix Revisions pulled up: - sysutils/xenkernel41/Makefile 1.48 - sysutils/xenkernel41/distinfo 1.41 - sysutils/xenkernel41/patches/patch-CVE-2015-8339 1.1 - sysutils/xenkernel41/patches/patch-XSA-166 1.1 - sysutils/xentools41/Makefile 1.59 - sysutils/xentools41/distinfo 1.41 - sysutils/xentools41/patches/patch-CVE-2015-8550 1.1 - sysutils/xentools41/patches/patch-CVE-2015-8554 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Thu Jan 7 17:55:55 UTC 2016 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo pkgsrc/sysutils/xentools41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2015-8339 patch-XSA-166 pkgsrc/sysutils/xentools41/patches: patch-CVE-2015-8550 patch-CVE-2015-8554 Log Message: Apply patches from Xen repository, fixing: CVE-2015-8339 and CVE-2015-8340 aka XSA-159 XSA-166 CVE-2015-8550 aka XSA-155 CVE-2015-8554 aka XSA-164 Bump pkgrevision
Revision 1.48 / (download) - annotate - [select for diffs], Thu Jan 7 17:55:55 2016 UTC (8 years, 3 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base,
pkgsrc-2016Q1-base,
pkgsrc-2016Q1
Branch point for: pkgsrc-2016Q2
Changes since 1.47: +2 -2
lines
Diff to previous 1.47 (colored)
Apply patches from Xen repository, fixing: CVE-2015-8339 and CVE-2015-8340 aka XSA-159 XSA-166 CVE-2015-8550 aka XSA-155 CVE-2015-8554 aka XSA-164 Bump pkgrevision
Revision 1.47 / (download) - annotate - [select for diffs], Sat Dec 5 21:26:00 2015 UTC (8 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base
Branch point for: pkgsrc-2015Q4
Changes since 1.46: +2 -2
lines
Diff to previous 1.46 (colored)
Extend PYTHON_VERSIONS_INCOMPATIBLE to 35
Revision 1.45.4.1 / (download) - annotate - [select for diffs], Wed Nov 4 19:55:44 2015 UTC (8 years, 5 months ago) by bsiegert
Branch: pkgsrc-2015Q3
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (colored) next main 1.46 (colored)
Pullup ticket #4848 - requested by bouyer sysutils/xenkernel41: security fix Revisions pulled up: - sysutils/xenkernel41/Makefile 1.46 - sysutils/xenkernel41/distinfo 1.38 - sysutils/xenkernel41/patches/patch-CVE-2015-7835 1.1 - sysutils/xenkernel41/patches/patch-CVE-2015-7969 1.1 - sysutils/xenkernel41/patches/patch-CVE-2015-7971 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Thu Oct 29 20:29:56 UTC 2015 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2015-7835 patch-CVE-2015-7969 patch-CVE-2015-7971 Log Message: Add patches, derived from Xen security advisory, fixing: CVE-2015-7835 aka XSA-148 CVE-2015-7869 aka XSA-149 + XSA-151 CVE-2015-7971 aka XSA-152 Bump PKGREVISION
Revision 1.46 / (download) - annotate - [select for diffs], Thu Oct 29 20:29:56 2015 UTC (8 years, 5 months ago) by bouyer
Branch: MAIN
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (colored)
Add patches, derived from Xen security advisory, fixing: CVE-2015-7835 aka XSA-148 CVE-2015-7869 aka XSA-149 + XSA-151 CVE-2015-7971 aka XSA-152 Bump PKGREVISION
Revision 1.44.2.1 / (download) - annotate - [select for diffs], Wed Apr 29 21:11:12 2015 UTC (8 years, 11 months ago) by tron
Branch: pkgsrc-2015Q1
Changes since 1.44: +2 -2
lines
Diff to previous 1.44 (colored) next main 1.45 (colored)
Pullup ticket #4698 - requested by spz Pullup ticket #4698 - requested by spz sysutils/xenkernel41: security patch sysutils/xenkernel42: security patch sysutils/xenkernel45: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.45 - sysutils/xenkernel41/distinfo 1.36 - sysutils/xenkernel41/patches/patch-CVE-2015-2752 1.1 - sysutils/xenkernel41/patches/patch-CVE-2015-2756 1.1 - sysutils/xenkernel42/Makefile 1.15 - sysutils/xenkernel42/distinfo 1.13 - sysutils/xenkernel42/patches/patch-CVE-2015-2752 1.1 - sysutils/xenkernel42/patches/patch-CVE-2015-2756 1.1 - sysutils/xenkernel45/Makefile 1.6 - sysutils/xenkernel45/distinfo 1.5 - sysutils/xenkernel45/patches/patch-CVE-2015-2752 1.1 - sysutils/xenkernel45/patches/patch-CVE-2015-2756 1.1 - sysutils/xentools41/Makefile 1.50 - sysutils/xentools41/distinfo 1.38 - sysutils/xentools41/patches/patch-CVE-2015-2752 1.1 - sysutils/xentools41/patches/patch-CVE-2015-2756 1.1 - sysutils/xentools42/Makefile 1.27 - sysutils/xentools42/distinfo 1.16 - sysutils/xentools42/patches/patch-CVE-2015-2752 1.1 - sysutils/xentools42/patches/patch-CVE-2015-2756 1.1 - sysutils/xentools45/Makefile 1.6 - sysutils/xentools45/distinfo 1.6 - sysutils/xentools45/patches/patch-CVE-2015-2752 1.1 - sysutils/xentools45/patches/patch-CVE-2015-2756 1.1 --- Module Name: pkgsrc Committed By: spz Date: Sun Apr 19 13:13:21 UTC 2015 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo pkgsrc/sysutils/xenkernel42: Makefile distinfo pkgsrc/sysutils/xenkernel45: Makefile distinfo pkgsrc/sysutils/xentools41: Makefile distinfo pkgsrc/sysutils/xentools42: Makefile distinfo pkgsrc/sysutils/xentools45: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xenkernel42/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xentools41/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xentools42/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 pkgsrc/sysutils/xentools45/patches: patch-CVE-2015-2752 patch-CVE-2015-2756 Log Message: apply fixes from upstream for XSA-125 Long latency MMIO mapping operations are not preemptible XSA-126 Unmediated PCI command register access in qemu
Revision 1.45 / (download) - annotate - [select for diffs], Sun Apr 19 13:13:20 2015 UTC (9 years ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base,
pkgsrc-2015Q2-base,
pkgsrc-2015Q2
Branch point for: pkgsrc-2015Q3
Changes since 1.44: +2 -2
lines
Diff to previous 1.44 (colored)
apply fixes from upstream for XSA-125 Long latency MMIO mapping operations are not preemptible XSA-126 Unmediated PCI command register access in qemu
Revision 1.44 / (download) - annotate - [select for diffs], Tue Mar 10 20:27:16 2015 UTC (9 years, 1 month ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base
Branch point for: pkgsrc-2015Q1
Changes since 1.43: +2 -2
lines
Diff to previous 1.43 (colored)
xsa123-4.3-4.2.patch from upstream: x86emul: fully ignore segment override for register-only operations For ModRM encoded instructions with register operands we must not overwrite ea.mem.seg (if a - bogus in that case - segment override was present) as it aliases with ea.reg. This is CVE-2015-2151 / XSA-123.
Revision 1.43 / (download) - annotate - [select for diffs], Thu Mar 5 16:37:16 2015 UTC (9 years, 1 month ago) by spz
Branch: MAIN
Changes since 1.42: +2 -2
lines
Diff to previous 1.42 (colored)
Add patches for XSA-121 and XSA-122 from upstream.
Revision 1.42 / (download) - annotate - [select for diffs], Thu Dec 11 22:15:30 2014 UTC (9 years, 4 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base,
pkgsrc-2014Q4
Changes since 1.41: +3 -2
lines
Diff to previous 1.41 (colored)
Ignore use of always non-null pointers as truth value.
Revision 1.41 / (download) - annotate - [select for diffs], Thu Nov 27 15:36:01 2014 UTC (9 years, 4 months ago) by bouyer
Branch: MAIN
Changes since 1.40: +2 -2
lines
Diff to previous 1.40 (colored)
backport patches from Xen advisory: CVE-2014-7188/XSA-108: x86/HVM: properly bound x2APIC MSR range, fixing: A buggy or malicious HVM guest can crash the host or read data relating to other guests or the hypervisor itself. CVE-2014-8594/XSA-109: x86: don't allow page table updates on non-PV page tables in do_mmu_update(), fixing: Malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 can mount a denial of service attack which, if successful, can affect the whole system. CVE-2014-8595/XSA-110: x86emul: enforce privilege level restrictions when loading CS, fixing: Malicious HVM guest user mode code may be able to elevate its privileges to guest supervisor mode, or to crash the guest. CVE-2014-8866/XSA-111: x86: limit checks in hypercall_xlat_continuation() to actual arguments, fixing: A buggy or malicious HVM guest can crash the host. CVE-2014-8867/XSA-112: x86/HVM: confine internally handled MMIO to solitary regions, fixing: A buggy or malicious HVM guest can crash the host. CVE-2014-9030/XSA-113: x86/mm: fix a reference counting error in MMU_MACHPHYS_UPDATE, fixing: Malicious or buggy stub domain kernels or tool stacks otherwise living outside of Domain0 can mount a denial of service attack which, if successful, can affect the whole system.
Revision 1.40 / (download) - annotate - [select for diffs], Wed Oct 1 17:18:22 2014 UTC (9 years, 6 months ago) by drochner
Branch: MAIN
Changes since 1.39: +2 -2
lines
Diff to previous 1.39 (colored)
fix out-of-bounds memory read access in x2APIC emulation (HVM only) (CVE-2014-7188) bump PKGREV
Revision 1.38.2.1 / (download) - annotate - [select for diffs], Sun Sep 28 12:07:10 2014 UTC (9 years, 6 months ago) by tron
Branch: pkgsrc-2014Q2
Changes since 1.38: +2 -2
lines
Diff to previous 1.38 (colored) next main 1.39 (colored)
Pullup ticket #4505 - requested by bouyer
sysutils/xenkernel41: security patch
Revisions pulled up:
- sysutils/xenkernel41/Makefile 1.39
- sysutils/xenkernel41/distinfo 1.30
- sysutils/xenkernel41/patches/patch-CVE-2014-7154 1.1
- sysutils/xenkernel41/patches/patch-CVE-2014-7155 1.1
- sysutils/xenkernel41/patches/patch-CVE-2014-7156 1.1
---
Module Name: pkgsrc
Committed By: bouyer
Date: Fri Sep 26 10:45:00 UTC 2014
Modified Files:
pkgsrc/sysutils/xenkernel41: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2014-7154
patch-CVE-2014-7155 patch-CVE-2014-7156
Log Message:
Add patch for:
XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram
XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT,
LIDT, and LMSW emulation
XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation
of software interrupts
bump PKGREVISION
Revision 1.39 / (download) - annotate - [select for diffs], Fri Sep 26 10:45:00 2014 UTC (9 years, 6 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base,
pkgsrc-2014Q3
Changes since 1.38: +2 -2
lines
Diff to previous 1.38 (colored)
Add patch for: XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation of software interrupts bump PKGREVISION
Revision 1.38 / (download) - annotate - [select for diffs], Wed Jun 18 13:47:08 2014 UTC (9 years, 10 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base
Branch point for: pkgsrc-2014Q2
Changes since 1.37: +2 -2
lines
Diff to previous 1.37 (colored)
add patch from upstream to fix possible data leak (CVE-2014-4021) bump PKGREV
Revision 1.37 / (download) - annotate - [select for diffs], Fri May 9 07:37:20 2014 UTC (9 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.36: +2 -2
lines
Diff to previous 1.36 (colored)
Mark packages that are not ready for python-3.3 also not ready for 3.4, until proven otherwise.
Revision 1.36 / (download) - annotate - [select for diffs], Mon May 5 13:39:10 2014 UTC (9 years, 11 months ago) by drochner
Branch: MAIN
Changes since 1.35: +2 -2
lines
Diff to previous 1.35 (colored)
fix possible creation of invalid P2M entries, leading to xen crash The vulnerability is only exposed to service domains for HVM guests which have privilege over the guest. In a usual configuration that means only device model emulators (qemu-dm). bump PKGREV
Revision 1.35 / (download) - annotate - [select for diffs], Fri Mar 28 16:07:08 2014 UTC (10 years ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base,
pkgsrc-2014Q1
Changes since 1.34: +2 -2
lines
Diff to previous 1.34 (colored)
add patch from upstream (XSA-89) to fix: Processing of the HVMOP_set_mem_access HVM control operations does not check the size of its input and can tie up a physical CPU for extended periods of time. bump PKGREV
Revision 1.34 / (download) - annotate - [select for diffs], Thu Mar 6 15:45:45 2014 UTC (10 years, 1 month ago) by joerg
Branch: MAIN
Changes since 1.33: +3 -2
lines
Diff to previous 1.33 (colored)
Ignore tautologic pointer checks.
Revision 1.33 / (download) - annotate - [select for diffs], Thu Feb 20 17:37:25 2014 UTC (10 years, 2 months ago) by drochner
Branch: MAIN
Changes since 1.32: +2 -2
lines
Diff to previous 1.32 (colored)
from upstream: fix the fix for CVE-2013-6885 makes the workaround for AMD CPU erratum 793 work not only on 64-bit hypervisors but also for 32bit bump PKGREV (compile tested only)
Revision 1.32 / (download) - annotate - [select for diffs], Sat Jan 25 10:30:22 2014 UTC (10 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.31: +2 -2
lines
Diff to previous 1.31 (colored)
Mark packages as not ready for python-3.x where applicable; either because they themselves are not ready or because a dependency isn't. This is annotated by PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z or PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar respectively, please use the same style for other packages, and check during updates. Use versioned_dependencies.mk where applicable. Use REPLACE_PYTHON instead of handcoded alternatives, where applicable. Reorder Makefile sections into standard order, where applicable. Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default with the next commit. Whitespace cleanups and other nits corrected, where necessary.
Revision 1.31 / (download) - annotate - [select for diffs], Fri Jan 24 17:07:35 2014 UTC (10 years, 2 months ago) by drochner
Branch: MAIN
Changes since 1.30: +2 -2
lines
Diff to previous 1.30 (colored)
add patch from upstream to add missing privilege check from the advisory: Malicious or misbehaving unprivileged guests can cause the host or other guests to malfunction. This can result in host-wide denial of service. Privilege escalation, while seeming to be unlikely, cannot be excluded. Only PV guests can take advantage of this vulnerability. (CVE-2014-1666) bump PKGREV
Revision 1.30 / (download) - annotate - [select for diffs], Wed Dec 4 10:35:01 2013 UTC (10 years, 4 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base,
pkgsrc-2013Q4
Changes since 1.29: +2 -2
lines
Diff to previous 1.29 (colored)
add patch from upstream to fix "Guest triggerable AMD CPU erratum may cause host hang" bump PKGREV
Revision 1.29 / (download) - annotate - [select for diffs], Fri Nov 29 19:29:58 2013 UTC (10 years, 4 months ago) by drochner
Branch: MAIN
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored)
add patches from upstream to fix two security problems: -another lock inversion -privilege escalation (not exploitable in standard setups) bump PKGREV
Revision 1.28 / (download) - annotate - [select for diffs], Sat Nov 23 14:04:59 2013 UTC (10 years, 4 months ago) by drochner
Branch: MAIN
Changes since 1.27: +2 -2
lines
Diff to previous 1.27 (colored)
add patch from upstream to fix lock order inversion possibly leading to deadlock (CVE-2013-4494) bump PKGREV
Revision 1.27 / (download) - annotate - [select for diffs], Tue Oct 22 19:41:58 2013 UTC (10 years, 5 months ago) by drochner
Branch: MAIN
Changes since 1.26: +2 -2
lines
Diff to previous 1.26 (colored)
add patch from upstream to fix information leak through outs instruction emulation (CVE-2013-4368) bump PKGREV
Revision 1.26 / (download) - annotate - [select for diffs], Tue Oct 1 14:54:44 2013 UTC (10 years, 6 months ago) by drochner
Branch: MAIN
Changes since 1.25: +2 -1
lines
Diff to previous 1.25 (colored)
add patches from upstream to fix security problems: -Information leak on AVX and/or LWP capable CPUs (CVE-2013-1442 / XSA-62) -Information leaks through I/O instruction emulation (CVE-2013-4355 / XSA-63) -Information leak through fbld instruction emulation (CVE-2013-4361 / XSA-66) bump PKGREV
Revision 1.25 / (download) - annotate - [select for diffs], Fri Sep 27 11:35:07 2013 UTC (10 years, 6 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base,
pkgsrc-2013Q3
Changes since 1.24: +3 -2
lines
Diff to previous 1.24 (colored)
Make -Wunused-function non-fatal for clang.
Revision 1.24 / (download) - annotate - [select for diffs], Wed Sep 11 18:00:33 2013 UTC (10 years, 7 months ago) by drochner
Branch: MAIN
Changes since 1.23: +2 -3
lines
Diff to previous 1.23 (colored)
update to 4.1.6.1 This release fixes the following critical vulnerabilities: CVE-2013-1918 / XSA-45: Several long latency operations are not preemptible CVE-2013-1952 / XSA-49: VT-d interrupt remapping source validation flaw for bridges CVE-2013-2076 / XSA-52: Information leak on XSAVE/XRSTOR capable AMD CPUs CVE-2013-2077 / XSA-53: Hypervisor crash due to missing exception recovery on XRSTOR CVE-2013-2078 / XSA-54: Hypervisor crash due to missing exception recovery on XSETBV CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA-55: Multiple vulnerabilities in libelf PV kernel handling CVE-2013-2072 / XSA-56: Buffer overflow in xencontrol Python bindings affecting xend CVE-2013-2211 / XSA-57: libxl allows guest write access to sensitive console related xenstore keys CVE-2013-1432 / XSA-58: Page reference counting error due to XSA-45/CVE-2013-1918 fixes XSA-61: libxl partially sets up HVM passthrough even with disabled iommu This release contains many bug fixes and improvements. The highlights are: addressing a regression from the fix for XSA-21 addressing a regression from the fix for XSA-46 bug fixes to low level system state handling, including certain hardware errata workarounds (CVE-2013-1918 and CVE-2013-1952 were patched in pkgsrc before)
Revision 1.23 / (download) - annotate - [select for diffs], Wed Jun 19 14:03:41 2013 UTC (10 years, 10 months ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2
Changes since 1.22: +2 -1
lines
Diff to previous 1.22 (colored)
Explain xen version differences. There are 5 versions of xen in pkgsrc, which is confusing. Explain in DESCR which version is in which package (xenkernel3 contains 3.1), and which versions support PCI passthrough (only 3.1). Explain which versions support non-PAE (3.1) and PAE (3.3, 4.1, 4.2), because the HOWTO is out of date and it's easy to end up with a non-working system on a 3.1 to 3.3 update. Cuation that 2.0 is beyond crufty. This is a DESCR-only change (with PKGREVISION++ of course). (ok during freeze agc@)
Revision 1.22 / (download) - annotate - [select for diffs], Fri May 10 20:07:34 2013 UTC (10 years, 11 months ago) by riastradh
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored)
Partially back out change to PYTHON_FOR_BUILD_ONLY. This broke packages that needed a target Python at build-time. Instead, change it from defined/undefined to yes/no/tool. Most cases of defined used `yes' anyway; fix the few stragglers do that instead. New case `tool' is for TOOL_DEPENDS rather than buildlink3.
Revision 1.21 / (download) - annotate - [select for diffs], Fri May 3 16:48:37 2013 UTC (10 years, 11 months ago) by drochner
Branch: MAIN
Changes since 1.20: +2 -3
lines
Diff to previous 1.20 (colored)
update to 4.1.5 This integrates fixes for all vulnerabilities which were patched in pkgsrc before. Among many bug fixes and improvements (around 50 since Xen 4.1.4): * ACPI APEI/ERST finally working on production systems * Bug fixes for other low level system state handling * Support for xz compressed Dom0 and DomU kernels
Revision 1.17.2.1 / (download) - annotate - [select for diffs], Wed Apr 24 22:25:48 2013 UTC (10 years, 11 months ago) by tron
Branch: pkgsrc-2013Q1
Changes since 1.17: +10 -1
lines
Diff to previous 1.17 (colored) next main 1.18 (colored)
Pullup ticket #4125 - requested by bouyer
sysutils/xenkernel41: security patch
Revisions pulled up:
- sysutils/xenkernel41/Makefile 1.19-1.20
- sysutils/xenkernel41/distinfo 1.15-1.16
- sysutils/xenkernel41/patches/patch-CVE-2013-1917-1 1.1
- sysutils/xenkernel41/patches/patch-CVE-2013-1917-2 1.1
- sysutils/xenkernel41/patches/patch-CVE-2013-1917-3 1.1
- sysutils/xenkernel41/patches/patch-CVE-2013-1920 1.1
- sysutils/xenkernel41/patches/patch-CVE-2013-1964-1 1.1
- sysutils/xenkernel41/patches/patch-CVE-2013-1964-2 1.1
- sysutils/xenkernel41/patches/patch-Config.mk 1.1
- sysutils/xenkernel41/patches/patch-xen_Makefile 1.1
- sysutils/xenkernel41/patches/patch-xen_arch_x86_Rules.mk 1.1
- sysutils/xenkernel41/patches/patch-xen_arch_x86_cpu_mcheck_vmce.c 1.1
- sysutils/xenkernel41/patches/patch-xen_arch_x86_time.c 1.1
---
Module Name: pkgsrc
Committed By: joerg
Date: Thu Apr 11 19:57:53 UTC 2013
Modified Files:
pkgsrc/sysutils/xenkernel3: Makefile distinfo
pkgsrc/sysutils/xenkernel3/patches: patch-cw
pkgsrc/sysutils/xenkernel33: Makefile distinfo
pkgsrc/sysutils/xenkernel41: Makefile distinfo
pkgsrc/sysutils/xentools3: Makefile distinfo
pkgsrc/sysutils/xentools3-hvm: Makefile distinfo
pkgsrc/sysutils/xentools3/patches: patch-.._patch-Config.mk patch-cg
pkgsrc/sysutils/xentools33: Makefile distinfo
pkgsrc/sysutils/xentools33/patches: patch-ab
pkgsrc/sysutils/xentools41: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel3/patches: patch-xen_arch_x86_hvm_io.c
patch-xen_arch_x86_string.c
pkgsrc/sysutils/xenkernel33/patches: patch-Config.mk patch-xen_Makefile
patch-xen_arch_x86_Rules.mk
pkgsrc/sysutils/xenkernel41/patches: patch-Config.mk patch-xen_Makefile
patch-xen_arch_x86_Rules.mk patch-xen_arch_x86_cpu_mcheck_vmce.c
patch-xen_arch_x86_time.c
pkgsrc/sysutils/xentools3-hvm/patches: patch-.._patch-Config.mk
pkgsrc/sysutils/xentools3/patches: patch-libxc_xc__dom__x86.c
pkgsrc/sysutils/xentools33/patches: patch-blktap_drivers_block-qcow.c
patch-ioemu_block-vvfat.c
pkgsrc/sysutils/xentools41/patches:
patch-.._.._ipxe_src_arch_i386_include_librm.h
patch-.._.._ipxe_src_core_settings.c patch-.._.._ipxe_src_net_tls.c
patch-.._Config.mk patch-firmware_hvmloader_Makefile
patch-libcx_xc__dom__boot.c patch-xenstat_libxenstat_Makefile
Log Message:
Allow building Xen infrastructure with Clang. Fix various bugs in
xenkernel3, xenkernel41, xentools3 and xentools41 exposed by Clang
default warnings. Bump revisions for those.
---
Module Name: pkgsrc
Committed By: bouyer
Date: Fri Apr 19 14:02:46 UTC 2013
Modified Files:
pkgsrc/sysutils/xenkernel41: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2013-1917-1
patch-CVE-2013-1917-2 patch-CVE-2013-1917-3 patch-CVE-2013-1920
patch-CVE-2013-1964-1 patch-CVE-2013-1964-2
Log Message:
Add patches from Xen security advisory:
http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html
http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html
http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html
bump PKGREVISION
Revision 1.20 / (download) - annotate - [select for diffs], Fri Apr 19 14:02:45 2013 UTC (11 years ago) by bouyer
Branch: MAIN
Changes since 1.19: +2 -2
lines
Diff to previous 1.19 (colored)
Add patches from Xen security advisory: http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html bump PKGREVISION
Revision 1.19 / (download) - annotate - [select for diffs], Thu Apr 11 19:57:51 2013 UTC (11 years ago) by joerg
Branch: MAIN
Changes since 1.18: +10 -1
lines
Diff to previous 1.18 (colored)
Allow building Xen infrastructure with Clang. Fix various bugs in xenkernel3, xenkernel41, xentools3 and xentools41 exposed by Clang default warnings. Bump revisions for those.
Revision 1.18 / (download) - annotate - [select for diffs], Sat Apr 6 13:01:27 2013 UTC (11 years ago) by rodent
Branch: MAIN
Changes since 1.17: +1 -2
lines
Diff to previous 1.17 (colored)
'EXTRACT_SUFX is ".tar.gz" by default, so this definition may be redundant.' - It was. Removed.
Revision 1.17 / (download) - annotate - [select for diffs], Thu Jan 17 19:37:54 2013 UTC (11 years, 3 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base
Branch point for: pkgsrc-2013Q1
Changes since 1.16: +2 -3
lines
Diff to previous 1.16 (colored)
update to 4.1.4 changes: -fixes for many vulnerabilities (were mostly patched in pkgsrc) -bug fixes and improvements (almost 100 since Xen 4.1.3). Highlights are: -A fix for a long standing time management issue -Bug fixes for S3 (suspend to RAM) handling -Bug fixes for other low level system state handling pkgsrc note: fixes for CVE-2012-5634 (interrupt issue on IOMMU systems) and CVE-2012-6075 (oversized packets from e1000 driver) are already included
Revision 1.16 / (download) - annotate - [select for diffs], Wed Dec 5 19:16:26 2012 UTC (11 years, 4 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base,
pkgsrc-2012Q4
Changes since 1.15: +2 -2
lines
Diff to previous 1.15 (colored)
add another batch of security patches from upstream bump PKGREV
Revision 1.15 / (download) - annotate - [select for diffs], Wed Nov 14 13:42:41 2012 UTC (11 years, 5 months ago) by drochner
Branch: MAIN
Changes since 1.14: +2 -1
lines
Diff to previous 1.14 (colored)
add patches from Xen SA 20..24 to fix various security problems (CVE-2012-4535..4539) bump PKGREV
Revision 1.14 / (download) - annotate - [select for diffs], Tue Oct 23 19:51:36 2012 UTC (11 years, 5 months ago) by asau
Branch: MAIN
Changes since 1.13: +1 -3
lines
Diff to previous 1.13 (colored)
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
Revision 1.13 / (download) - annotate - [select for diffs], Sun Sep 16 19:46:02 2012 UTC (11 years, 7 months ago) by dholland
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base,
pkgsrc-2012Q3
Changes since 1.12: +2 -2
lines
Diff to previous 1.12 (colored)
Fix COMMENT, noted by Mayuresh on pkgsrc-users.
Revision 1.12 / (download) - annotate - [select for diffs], Wed Sep 12 11:04:17 2012 UTC (11 years, 7 months ago) by drochner
Branch: MAIN
Changes since 1.11: +2 -3
lines
Diff to previous 1.11 (colored)
update to 4.1.3 also add security patches from upstream (for CVE-2012-3497, no patches are available yet) changes: -fixes for vulnerabilities were integrated -many bug fixes and improvements, Highlights are: -Updates for the latest Intel/AMD CPU revisions -Bug fixes for IOMMU handling (device passthrough to HVM guests) approved by maintainer
Revision 1.11 / (download) - annotate - [select for diffs], Fri Aug 10 09:59:47 2012 UTC (11 years, 8 months ago) by drochner
Branch: MAIN
Changes since 1.10: +2 -2
lines
Diff to previous 1.10 (colored)
add patch from upstream to fix a possible DOS by HVM guests on teardown (CVE-2012-3433) bump PKGREV
Revision 1.10 / (download) - annotate - [select for diffs], Wed Aug 1 12:28:18 2012 UTC (11 years, 8 months ago) by asau
Branch: MAIN
Changes since 1.9: +5 -5
lines
Diff to previous 1.9 (colored)
Slightly simplify build process.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Aug 1 12:22:28 2012 UTC (11 years, 8 months ago) by asau
Branch: MAIN
Changes since 1.8: +1 -3
lines
Diff to previous 1.8 (colored)
Use default WRKSRC.
Revision 1.7.2.1 / (download) - annotate - [select for diffs], Tue Jul 31 18:29:37 2012 UTC (11 years, 8 months ago) by tron
Branch: pkgsrc-2012Q2
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
Pullup ticket #3885 - requested by drochner
sysutils/xenkernel33: security patch
sysutils/xenkernel41: security patch
Revisions pulled up:
- sysutils/xenkernel33/Makefile 1.18
- sysutils/xenkernel33/distinfo 1.16
- sysutils/xenkernel33/patches/patch-CVE-2012-3432 1.1
- sysutils/xenkernel41/Makefile 1.8
- sysutils/xenkernel41/distinfo 1.8
- sysutils/xenkernel41/patches/patch-CVE-2012-3432 1.1
---
Module Name: pkgsrc
Committed By: drochner
Date: Fri Jul 27 18:50:34 UTC 2012
Modified Files:
pkgsrc/sysutils/xenkernel41: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2012-3432
Log Message:
add patch from upstream to fix bug in MMIO emulation which can cause
guest crashes by unprivileged users, only for HVM guests, and if
MMIO is granted to the user process (CVE-2012-3432)
bump PKGREV
---
Module Name: pkgsrc
Committed By: drochner
Date: Sat Jul 28 12:02:16 UTC 2012
Modified Files:
pkgsrc/sysutils/xenkernel33: Makefile distinfo
Added Files:
pkgsrc/sysutils/xenkernel33/patches: patch-CVE-2012-3432
Log Message:
copy security patch from xenkernel41 - it also applies to 3.3
(noticed by Daniel Horecki)
bump PKGREV
Revision 1.8 / (download) - annotate - [select for diffs], Fri Jul 27 18:50:34 2012 UTC (11 years, 8 months ago) by drochner
Branch: MAIN
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored)
add patch from upstream to fix bug in MMIO emulation which can cause guest crashes by unprivileged users, only for HVM guests, and if MMIO is granted to the user process (CVE-2012-3432) bump PKGREV
Revision 1.5.4.2 / (download) - annotate - [select for diffs], Wed Jun 20 17:54:12 2012 UTC (11 years, 10 months ago) by tron
Branch: pkgsrc-2012Q1
Changes since 1.5.4.1: +1 -1
lines
Diff to previous 1.5.4.1 (colored) to branchpoint 1.5 (colored) next main 1.6 (colored)
Pullup ticket #3837 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.7 - sysutils/xenkernel41/patch-xsa7-xsa8-xen-4.1 deleted - sysutils/xenkernel41/patch-xsa9-xen-4.1 deleted - sysutils/xenkernel41/patches/patch-xsa7-xsa8-xen-4.1 1.1 - sysutils/xenkernel41/patches/patch-xsa9-xen-4.1 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Tue Jun 19 20:17:07 UTC 2012 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile Added Files: pkgsrc/sysutils/xenkernel41/patches: patch-xsa7-xsa8-xen-4.1 patch-xsa9-xen-4.1 Removed Files: pkgsrc/sysutils/xenkernel41: patch-xsa7-xsa8-xen-4.1 patch-xsa9-xen-4.1 Log Message: Move patches to the right place. Bump PKGREVISION
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jun 19 20:17:06 2012 UTC (11 years, 10 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base
Branch point for: pkgsrc-2012Q2
Changes since 1.6: +2 -2
lines
Diff to previous 1.6 (colored)
Move patches to the right place. Bump PKGREVISION
Revision 1.5.4.1 / (download) - annotate - [select for diffs], Wed Jun 13 11:06:17 2012 UTC (11 years, 10 months ago) by tron
Branch: pkgsrc-2012Q1
Changes since 1.5: +2 -2
lines
Diff to previous 1.5 (colored)
Pullup ticket #3834 - requested by bouyer sysutils/xenkernel41: security patch Revisions pulled up: - sysutils/xenkernel41/Makefile 1.6 - sysutils/xenkernel41/distinfo 1.7 - sysutils/xenkernel41/patch-xsa7-xsa8-xen-4.1 1.1 - sysutils/xenkernel41/patch-xsa9-xen-4.1 1.1 --- Module Name: pkgsrc Committed By: bouyer Date: Tue Jun 12 15:59:04 UTC 2012 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile distinfo Added Files: pkgsrc/sysutils/xenkernel41: patch-xsa7-xsa8-xen-4.1 patch-xsa9-xen-4.1 Log Message: pull up patches from upstream, fixing XSA7, XSA8 and XSA9. PKGREVISION++
Revision 1.6 / (download) - annotate - [select for diffs], Tue Jun 12 15:59:04 2012 UTC (11 years, 10 months ago) by bouyer
Branch: MAIN
Changes since 1.5: +2 -2
lines
Diff to previous 1.5 (colored)
pull up patches from upstream, fixing XSA7, XSA8 and XSA9. PKGREVISION++
Revision 1.5 / (download) - annotate - [select for diffs], Sun Nov 20 03:12:44 2011 UTC (12 years, 5 months ago) by jym
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base,
pkgsrc-2011Q4-base,
pkgsrc-2011Q4
Branch point for: pkgsrc-2012Q1
Changes since 1.4: +8 -3
lines
Diff to previous 1.4 (colored)
Add a MESSAGE so that we can point to the right location for Xen kernels.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Oct 21 18:26:58 2011 UTC (12 years, 6 months ago) by cegger
Branch: MAIN
Changes since 1.3: +5 -5
lines
Diff to previous 1.3 (colored)
Update to Xen 4.1.2 Fixes/features include: * New XL toolstack * kexec/kdump * Remus * Device passthrough to HVM guests * Interrupt handling * Support for Supervisor Mode Execution Protection (SMEP)
Revision 1.2.4.1 / (download) - annotate - [select for diffs], Tue Oct 18 21:38:07 2011 UTC (12 years, 6 months ago) by sbd
Branch: pkgsrc-2011Q3
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored) next main 1.3 (colored)
Pullup ticket #3570 - requested by bouyer sysutils/xenkernel41 build fix Revisions pulled up: - sysutils/xenkernel41/Makefile 1.3 - sysutils/xentools41/Makefile 1.12 --- Module Name: pkgsrc Committed By: bouyer Date: Sun Oct 16 20:32:44 UTC 2011 Modified Files: pkgsrc/sysutils/xenkernel41: Makefile Log Message: This builds fine on netbsd-5, so relax ONLY_FOR_PLATFORM --- Module Name: pkgsrc Committed By: bouyer Date: Sun Oct 16 20:33:35 UTC 2011 Modified Files: pkgsrc/sysutils/xentools41: Makefile Log Message: This needs iasl to build, so depend on acpica-utils if /usr/bin/iasl doens't exist.
Revision 1.3 / (download) - annotate - [select for diffs], Sun Oct 16 20:32:44 2011 UTC (12 years, 6 months ago) by bouyer
Branch: MAIN
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored)
This builds fine on netbsd-5, so relax ONLY_FOR_PLATFORM
Revision 1.2 / (download) - annotate - [select for diffs], Thu Jun 16 10:28:47 2011 UTC (12 years, 10 months ago) by cegger
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2
Branch point for: pkgsrc-2011Q3
Changes since 1.1: +4 -4
lines
Diff to previous 1.1 (colored)
Xen 4.1.1 (maintenance release) * Security fixes including CVE-2011-1583 CVE-2011-1898 * Enhancements to guest introspection (VM single stepping support for very fine-grained access control) * Many stability improvements, such as: PV-on-HVM stability fixes (fixing some IRQ issues), XSAVE cpu feature support for PV guests (allows safe use of latest multimedia instructions), RAS fixes for high availability, fixes for offlining bad pages and changes to libxc, mainly of benefit to libvirt * Compatibility fixes for newer Linux guests, newer compilers, some old guest savefiles, newer Python, grub2, some hardware/BIOS bugs.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Apr 6 09:05:53 2011 UTC (13 years ago) by cegger
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
Xen is a virtual machine monitor which supports running multiple
guests operating systems on a single machine. Guest OSes (also called "domains"
)
require a modified kernel which supports Xen hypercalls in replacement
to access to the physical hardware. At boot, the xen kernel is loaded
along with the guest kernel for the first domain (called domain0).
domain0 has privileges to access the physical hardware (PCI
and ISA devices), administrate other domains and provide virtual
devices (disks and network) to other domains.
This package contains the Xen4 kernel itself.
Release notes:
The Xen team is pleased to announce the release of Xen 4.1.
The result of nearly 12 months of development, new features include:
* A re-architected and improved XL toolstack replacing XM/XEND
* Prototype credit2 scheduler designed for latency-sensitive workloads and
very large systems.
* CPU Pools for advanced partitioning.
* Support for large systems (>255 processors)
* Support for x86 Advanced Vector eXtension (AVX).
* New Memory Access API enabling integration of 3rd party security
solutions into Xen virtualized environments.
* Many IOMMU fixes (both Intel VT-d IOMMU and AMD IOMMU).
* Many toolstack and buildsystem fixes for Linux and NetBSD hosts.
* Thirdparty libs: libvirt driver for libxl has been merged to upstream
libvirt.
* HVM guest PXE boot enhancements, replacing gPXE with iPXE.
* Even better stability through our new automated regression tests.
Detailed release notes, including a more extensive feature list:
http://wiki.xen.org/xenwiki/Xen4.1
To download tarballs:
http://xen.org/products/xen_source.html
Or the Mercurial source repository (tag 'RELEASE-4.1.0'):
http://xenbits.xen.org/xen-unstable.hg
And the announcement on the Xen blog:
http://blog.xen.org/index.php/2011/03/25/xen-4-1-releases/
Thanks to the many people who have contributed to this release!
Regards,
The Xen Team
Revision 1.1 / (download) - annotate - [select for diffs], Wed Apr 6 09:05:53 2011 UTC (13 years ago) by cegger
Branch: MAIN
Initial revision