The NetBSD Project

CVS log for pkgsrc/sysutils/xenkernel45/Attic/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / sysutils / xenkernel45

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.37, Wed Aug 19 10:39:23 2020 UTC (3 years, 6 months ago) by bouyer
Branch: MAIN
CVS Tags: HEAD
Changes since 1.36: +1 -1 lines
FILE REMOVED

Remove xenkernel and xentools packages older than 4.11.
They're not maintained anymore upstream, and don't build on supported NetBSD
releases.

Revision 1.36 / (download) - annotate - [select for diffs], Mon Jul 15 16:24:18 2019 UTC (4 years, 7 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)

Use https for xenproject.org.

Revision 1.35 / (download) - annotate - [select for diffs], Thu Apr 25 07:33:22 2019 UTC (4 years, 10 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)

PKGREVISION bump for anything using python without a PYPKGPREFIX.

This is a semi-manual PKGREVISION bump.

Revision 1.34 / (download) - annotate - [select for diffs], Tue Jul 24 17:29:08 2018 UTC (5 years, 7 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

sysutils/xen*: invert python version logic, only 2.7 is ok.

Mostly so we don't match python37 on xen 4.11, but also because python3
is a moving target and this saves us having to add the next version.

Revision 1.33 / (download) - annotate - [select for diffs], Tue Jul 3 05:03:34 2018 UTC (5 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)

extend PYTHON_VERSIONS_ for Python 3.7

Revision 1.32 / (download) - annotate - [select for diffs], Mon Jan 15 09:47:54 2018 UTC (6 years, 1 month ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

xen*: Use SSP_SUPPORTED=no instead of PKGSRC_USE_SSP=no.

Revision 1.31 / (download) - annotate - [select for diffs], Mon Jul 24 08:53:45 2017 UTC (6 years, 7 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3
Changes since 1.30: +3 -1 lines
Diff to previous 1.30 (colored)

Don't force enable ssp on xenkernel packages. fixes build

Revision 1.30 / (download) - annotate - [select for diffs], Sat Apr 8 11:47:33 2017 UTC (6 years, 10 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

add patch for XSA-212 from upstream
(http://xenbits.xen.org/xsa/advisory-212.html)

Revision 1.29 / (download) - annotate - [select for diffs], Mon Mar 20 18:11:10 2017 UTC (6 years, 11 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

Apply upstream patch for XSA-207. Bump PKGREVISION

Revision 1.28 / (download) - annotate - [select for diffs], Tue Feb 14 21:36:15 2017 UTC (7 years ago) by joerg
Branch: MAIN
Changes since 1.27: +4 -2 lines
Diff to previous 1.27 (colored)

Ignore a couple more warnings when building with clang.

Revision 1.27 / (download) - annotate - [select for diffs], Sun Jan 1 14:43:58 2017 UTC (7 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

Add python-3.6 to incompatible versions.

Revision 1.26 / (download) - annotate - [select for diffs], Wed Dec 21 15:36:08 2016 UTC (7 years, 2 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Apply patch from upstream, fixing XSA-202

Revision 1.25 / (download) - annotate - [select for diffs], Tue Dec 20 18:15:09 2016 UTC (7 years, 2 months ago) by gdt
Branch: MAIN
Changes since 1.24: +3 -3 lines
Diff to previous 1.24 (colored)

Drop i386 from ONLY_FOR_PLATFORM

Xen 4.5 and 4.6 no longer support i386.  Thus, don't try to build
there.

ok bouyer@

Revision 1.24 / (download) - annotate - [select for diffs], Tue Dec 20 10:22:28 2016 UTC (7 years, 2 months ago) by bouyer
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

Apply upstream patch for XSA-199, XSA-200 and XSA-204.
Bump PKGREVISIONs

Revision 1.23 / (download) - annotate - [select for diffs], Tue Nov 22 20:57:10 2016 UTC (7 years, 3 months ago) by bouyer
Branch: MAIN
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)

Backport upstream patches, fixing today's XSA 191, 192, 195, 196, 197, 198.
Bump PKGREVISIONs

Revision 1.22 / (download) - annotate - [select for diffs], Wed Sep 21 17:03:37 2016 UTC (7 years, 5 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.21: +3 -3 lines
Diff to previous 1.21 (colored)

Update xenkernel45 and xentools45 to 4.5.5.
Changes since 4.5.3: mostly bugfixes, including fixes for
security issues XSA-172, XSA-173, XSA-175, XSA-176, XSA-178, XSA-179, XSA-180,
XSA-181, XSA-182, XSA-183, XSA-184, XSA-185, XSA-186 and XSA-187.
All but XSA-175 were already fixed in pkgsrc.
Complete list of changes and links to the XSA advisories:
https://www.xenproject.org/downloads/xen-archives/xen-45-series/xen-455.html

Revision 1.21 / (download) - annotate - [select for diffs], Thu Sep 8 15:44:07 2016 UTC (7 years, 5 months ago) by bouyer
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)

Apply upstream patches for:
XSA-185: x86: Disallow L3 recursive pagetable for 32-bit PV guests
XSA-186: x86: Mishandling of instruction pointer truncation during emulation
XSA-187: x86 HVM: Overflow of sh_ctxt->seg_reg[]
bump PKGREVISION

Revision 1.20 / (download) - annotate - [select for diffs], Sat Aug 6 10:10:10 2016 UTC (7 years, 6 months ago) by spz
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)

add patches for XSAs 176, 180 and 181 from upstream

Revision 1.17.2.1 / (download) - annotate - [select for diffs], Thu Jul 28 13:35:31 2016 UTC (7 years, 7 months ago) by spz
Branch: pkgsrc-2016Q2
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored) next main 1.18 (colored)

Pullup ticket #5070 - requested by bouyer
sysutils/xenkernel45: security patch

Revisions pulled up:
- sysutils/xenkernel45/Makefile                                 1.19
- sysutils/xenkernel45/distinfo                                 1.15
- sysutils/xenkernel45/patches/patch-XSA-182                    1.1
- sysutils/xenkernel45/patches/patch-XSA-183                    1.1

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	bouyer
   Date:		Tue Jul 26 14:31:57 UTC 2016

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   Added Files:
   	pkgsrc/sysutils/xenkernel45/patches: patch-XSA-182 patch-XSA-183

   Log Message:
   Apply security patch from XSA-182 and XSA-183. Bump PKGREVISION


   To generate a diff of this commit:
   cvs rdiff -u -r1.18 -r1.19 pkgsrc/sysutils/xenkernel45/Makefile
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/sysutils/xenkernel45/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/sysutils/xenkernel45/patches/patch-XSA-182 \
       pkgsrc/sysutils/xenkernel45/patches/patch-XSA-183

Revision 1.19 / (download) - annotate - [select for diffs], Tue Jul 26 14:31:56 2016 UTC (7 years, 7 months ago) by bouyer
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)

Apply security patch from XSA-182 and XSA-183. Bump PKGREVISION

Revision 1.18 / (download) - annotate - [select for diffs], Sat Jul 9 13:04:08 2016 UTC (7 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

Remove python33: adapt all packages that refer to it.

Revision 1.17 / (download) - annotate - [select for diffs], Thu Jun 16 09:58:19 2016 UTC (7 years, 8 months ago) by prlw1
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base
Branch point for: pkgsrc-2016Q2
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)

Change compiler selection logic from "gcc 5" to "gcc >= 5"
(&& gcc == 0 was there such a thing?) as requested by joerg@

Revision 1.16 / (download) - annotate - [select for diffs], Tue Jun 14 15:38:54 2016 UTC (7 years, 8 months ago) by prlw1
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

-Wmaybe-uninitialized doesn't exist for NetBSD 6's gcc 4.5.3 and
breaks the build.  It does exist in NetBSD 7's gcc 4.8.4, but the
build is successful without it. So only apply the flag for gcc 5,
as it is necessary for 5.4.0.

Report from jnemeth@

Revision 1.15 / (download) - annotate - [select for diffs], Sat May 21 16:07:01 2016 UTC (7 years, 9 months ago) by prlw1
Branch: MAIN
Changes since 1.14: +4 -1 lines
Diff to previous 1.14 (colored)

-Wno-error=maybe-uninitialized to allow compilation with gcc 5.3 on -current

Revision 1.13.2.1 / (download) - annotate - [select for diffs], Sat May 21 15:48:57 2016 UTC (7 years, 9 months ago) by bsiegert
Branch: pkgsrc-2016Q1
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored) next main 1.14 (colored)

Pullup ticket #5017 - requested by sevan
sysutils/xenkernel45: security fix
sysutils/xentools45: security fix

Revisions pulled up:
- sysutils/xenkernel45/Makefile                                 1.14
- sysutils/xenkernel45/distinfo                                 1.14
- sysutils/xenkernel45/patches/patch-CVE-2015-5307              deleted
- sysutils/xenkernel45/patches/patch-CVE-2015-8339              deleted
- sysutils/xenkernel45/patches/patch-CVE-2015-8555              deleted
- sysutils/xenkernel45/patches/patch-XSA-166                    deleted
- sysutils/xenkernel45/patches/patch-XSA-172                    1.1
- sysutils/xenkernel45/patches/patch-XSA-173                    1.1
- sysutils/xentools45/Makefile                                  1.32
- sysutils/xentools45/distinfo                                  1.22
- sysutils/xentools45/patches/patch-CVE-2015-8341               deleted
- sysutils/xentools45/patches/patch-CVE-2015-8550               deleted
- sysutils/xentools45/patches/patch-CVE-2015-8554               deleted
- sysutils/xentools45/patches/patch-XSA-179                     1.1

---
   Module Name:    pkgsrc
   Committed By:   bouyer
   Date:           Thu May 12 15:42:58 UTC 2016

   Modified Files:
           pkgsrc/sysutils/xenkernel45: Makefile distinfo
           pkgsrc/sysutils/xentools45: Makefile distinfo
   Added Files:
           pkgsrc/sysutils/xenkernel45/patches: patch-XSA-172 patch-XSA-173
           pkgsrc/sysutils/xentools45/patches: patch-XSA-179
   Removed Files:
           pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-5307
               patch-CVE-2015-8339 patch-CVE-2015-8555 patch-XSA-166
           pkgsrc/sysutils/xentools45/patches: patch-CVE-2015-8341
               patch-CVE-2015-8550 patch-CVE-2015-8554

   Log Message:
   Update xenkernel45 and xentools45 to 4.5.3.
   While there also add patches for security issues XSA-172, XSA-173 and XSA-179
   (others between 170 and 179 are either not yet public, or linux-only).
   Upstream changes since 4.5.2:
   - security issues up to XSA-170 are fixed (these were already patched
     in pkgsrc).
   - other minor performances and functionality fixes.
   full changelog at:
   http://www.xenproject.org/downloads/xen-archives/xen-45-series/xen-453.html

Revision 1.14 / (download) - annotate - [select for diffs], Thu May 12 15:42:58 2016 UTC (7 years, 9 months ago) by bouyer
Branch: MAIN
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

Update xenkernel45 and xentools45 to 4.5.3.
While there also add patches for security issues XSA-172, XSA-173 and XSA-179
(others between 170 and 179 are either not yet public, or linux-only).
Upstream changes since 4.5.2:
- security issues up to XSA-170 are fixed (these were already patched
  in pkgsrc).
- other minor performances and functionality fixes.
full changelog at:
http://www.xenproject.org/downloads/xen-archives/xen-45-series/xen-453.html

Revision 1.11.2.1 / (download) - annotate - [select for diffs], Mon Jan 11 22:12:33 2016 UTC (8 years, 1 month ago) by bsiegert
Branch: pkgsrc-2015Q4
Changes since 1.11: +3 -3 lines
Diff to previous 1.11 (colored) next main 1.12 (colored)

Pullup ticket #4888 - requested by bouyer
sysutils/xenkernel45: security fix
sysutils/xentools45: security fix

Revisions pulled up:
- sysutils/xenkernel45/Makefile                                 1.12-1.13
- sysutils/xenkernel45/distinfo                                 1.12-1.13
- sysutils/xenkernel45/patches/patch-CVE-2015-5307              1.1
- sysutils/xenkernel45/patches/patch-CVE-2015-7835              deleted
- sysutils/xenkernel45/patches/patch-CVE-2015-7969              deleted
- sysutils/xenkernel45/patches/patch-CVE-2015-7970              deleted
- sysutils/xenkernel45/patches/patch-CVE-2015-7971              deleted
- sysutils/xenkernel45/patches/patch-CVE-2015-8339              1.1
- sysutils/xenkernel45/patches/patch-CVE-2015-8555              1.1
- sysutils/xenkernel45/patches/patch-XSA-166                    1.1
- sysutils/xentools45/Makefile                                  1.22-1.24
- sysutils/xentools45/PLIST                                     1.4
- sysutils/xentools45/distinfo                                  1.14-1.16
- sysutils/xentools45/patches/patch-CVE-2015-8341               1.1
- sysutils/xentools45/patches/patch-CVE-2015-8550               1.1
- sysutils/xentools45/patches/patch-CVE-2015-8554               1.1
- sysutils/xentools45/patches/patch-Makefile                    1.2
- sysutils/xentools45/patches/patch-XSA135                      deleted
- sysutils/xentools45/patches/patch-XSA137                      deleted
- sysutils/xentools45/patches/patch-XSA138                      deleted
- sysutils/xentools45/patches/patch-XSA139                      deleted
- sysutils/xentools45/patches/patch-XSA140                      deleted

---
   Module Name:    pkgsrc
   Committed By:   jnemeth
   Date:           Thu Dec 31 13:27:10 UTC 2015

   Modified Files:
           pkgsrc/sysutils/xentools45: Makefile PLIST distinfo
           pkgsrc/sysutils/xentools45/patches: patch-Makefile

   Log Message:
   Stop installing xenbackendd.  It is leftover cruft from the xm toolstack.
   Running it will interfere with the operation of the xl toolstack, so it
   should never be used now that the xm toolstack is gone.

---
   Module Name:	pkgsrc
   Committed By:	bouyer
   Date:		Thu Jan  7 17:48:34 UTC 2016

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   	pkgsrc/sysutils/xentools45: Makefile distinfo
   Added Files:
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-5307
   	    patch-CVE-2015-8339 patch-CVE-2015-8555 patch-XSA-166
   	pkgsrc/sysutils/xentools45/patches: patch-CVE-2015-8341
   	    patch-CVE-2015-8550 patch-CVE-2015-8554

   Log Message:
   Apply patches from Xen repository, fixing:
   CVE-2015-5307 and CVE-2015-8104 aka XSA-156
   CVE-2015-8339 and CVE-2015-8340 aka XSA-159
   CVE-2015-8555 aka XSA-165
   XSA-166
   CVE-2015-8341 aka XSA-160
   CVE-2015-8550 aka XSA-155
   Bump pkgrevision

---
   Module Name:	pkgsrc
   Committed By:	bouyer
   Date:		Fri Jan  8 13:24:29 UTC 2016

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   	pkgsrc/sysutils/xentools45: Makefile distinfo
   Removed Files:
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-7835
   	    patch-CVE-2015-7969 patch-CVE-2015-7970 patch-CVE-2015-7971
   	pkgsrc/sysutils/xentools45/patches: patch-XSA135 patch-XSA137
   	    patch-XSA138 patch-XSA139 patch-XSA140

   Log Message:
   Update xenkernel45 and xentools45 to 4.5.2.
   Changes since 4.5.1 includes security fixes (most of which were already in
   our local patches) and bug fixes. The complete list of changes
   is there:
   http://www.xenproject.org/downloads/xen-archives/xen-45-series/xen-452.html

Revision 1.13 / (download) - annotate - [select for diffs], Fri Jan 8 13:24:29 2016 UTC (8 years, 1 month ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base
Branch point for: pkgsrc-2016Q1
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)

Update xenkernel45 and xentools45 to 4.5.2.
Changes since 4.5.1 includes security fixes (most of which were already in
our local patches) and bug fixes. The complete list of changes
is there:
http://www.xenproject.org/downloads/xen-archives/xen-45-series/xen-452.html

Revision 1.12 / (download) - annotate - [select for diffs], Thu Jan 7 17:48:33 2016 UTC (8 years, 1 month ago) by bouyer
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)

Apply patches from Xen repository, fixing:
CVE-2015-5307 and CVE-2015-8104 aka XSA-156
CVE-2015-8339 and CVE-2015-8340 aka XSA-159
CVE-2015-8555 aka XSA-165
XSA-166
CVE-2015-8341 aka XSA-160
CVE-2015-8550 aka XSA-155
Bump pkgrevision

Revision 1.11 / (download) - annotate - [select for diffs], Sat Dec 5 21:26:00 2015 UTC (8 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base
Branch point for: pkgsrc-2015Q4
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Extend PYTHON_VERSIONS_INCOMPATIBLE to 35

Revision 1.9.4.1 / (download) - annotate - [select for diffs], Wed Nov 4 21:22:27 2015 UTC (8 years, 3 months ago) by bsiegert
Branch: pkgsrc-2015Q3
Changes since 1.9: +2 -1 lines
Diff to previous 1.9 (colored) next main 1.10 (colored)

Pullup ticket #4850 - requested by bouyer
sysutils/xenkernel45: security fix

Revisions pulled up:
- sysutils/xenkernel45/Makefile                                 1.10
- sysutils/xenkernel45/distinfo                                 1.10
- sysutils/xenkernel45/patches/patch-CVE-2015-7835              1.1
- sysutils/xenkernel45/patches/patch-CVE-2015-7969              1.1
- sysutils/xenkernel45/patches/patch-CVE-2015-7970              1.1
- sysutils/xenkernel45/patches/patch-CVE-2015-7971              1.1

---
   Module Name:	pkgsrc
   Committed By:	bouyer
   Date:		Thu Oct 29 20:40:53 UTC 2015

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: Makefile
   Added Files:
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-7835
   	    patch-CVE-2015-7969 patch-CVE-2015-7970 patch-CVE-2015-7971

   Log Message:
   Add patches from Xen security advisory, fixing:
   CVE-2015-7835 aka XSA-148
   CVE-2015-7869 aka XSA-149 + XSA-151
   CVE-2015-7970 aka XSA-150
   CVE-2015-7971 aka XSA-152
   Bump PKGREVISION

---
   Module Name:	pkgsrc
   Committed By:	bouyer
   Date:		Fri Oct 30 07:46:36 UTC 2015

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: distinfo

   Log Message:
   Add patch entries from previous security commit. Pointed out by
   Takahiro Hayashi, thanks !

Revision 1.10 / (download) - annotate - [select for diffs], Thu Oct 29 20:40:53 2015 UTC (8 years, 4 months ago) by bouyer
Branch: MAIN
Changes since 1.9: +2 -1 lines
Diff to previous 1.9 (colored)

Add patches from Xen security advisory, fixing:
CVE-2015-7835 aka XSA-148
CVE-2015-7869 aka XSA-149 + XSA-151
CVE-2015-7970 aka XSA-150
CVE-2015-7971 aka XSA-152
Bump PKGREVISION

Revision 1.9 / (download) - annotate - [select for diffs], Tue Jun 23 17:45:33 2015 UTC (8 years, 8 months ago) by bouyer
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q2-base, pkgsrc-2015Q2
Branch point for: pkgsrc-2015Q3
Changes since 1.8: +2 -3 lines
Diff to previous 1.8 (colored)

Upgrade xenkernel45 and xentools45 to 4.5.1.
Note that the  patch for XSA135 for qemu-traditional, which was
no applied  to the 4.5 branch before the release due to an oversight,
is applied here (xentools45/patches/patch-XSA135).

Selected entries from the relase notes:
    a246727: cpupool: fix shutdown with cpupools with different schedulers [Dario Faggioli]
    5b2f480: libelf: fix elf_parse_bsdsyms call [Roger Pau Monn˝ż
    8faef24: VT-d: extend quirks to newer desktop chipsets [Jan Beulich]
    24fcf17: x86/VPMU: add lost Intel processor [Alan Robinson]
    131889c: x86/crash: don't use set_fixmap() in the crash path [Andrew Cooper]
    8791a30: x86/apic: Disable the LAPIC later in smp_send_stop() [Andrew Cooper]
    fbd26f2: x86/pvh: disable posted interrupts [Roger Pau Monn˝ż
    0d8cbca: libxl: In libxl_set_vcpuonline check for maximum number of VCPUs against the cpumap. [Konrad Rzeszutek Wilk]
    bf06e40: libxl: event handling: ao_inprogress does waits while reports outstanding [Ian Jackson]
    97051bd: libxl: event handling: Break out ao_work_outstanding [Ian Jackson]
    0bc9f98: x86/traps: loop in the correct direction in compat_iret() [Andrew Cooper]
    fcfbdb4: gnttab: add missing version check to GNTTABOP_swap_grant_ref handling [Jan Beulich]
    09f76cb: cpupools: avoid crashing if shutting down with free CPUs [Dario Faggioli]
    f237ee4: cpupool: assigning a CPU to a pool can fail [Dario Faggioli]
    b986072: xen: common: Use unbounded array for symbols_offset. [Ian Campbell]
    5eac1be: x86/irq: limit the maximum number of domain PIRQs [Andrew Cooper]
    9c3d34d: x86: don't unconditionally touch the hvm_domain union during domain construction [Andrew Cooper]
    9d5b2b0: tools/xenconsoled: Increase file descriptor limit [Andrew Cooper]
    cfc4c43: ocaml/xenctrl: Fix stub_xc_readconsolering() [Andrew Cooper]
    032673c: ocaml/xenctrl: Make failwith_xc() thread safe [Andrew Cooper]
    c91ed88: ocaml/xenctrl: Check return values from hypercalls [Andrew Cooper]
    fa62913: libxl: Domain destroy: fork [Ian Jackson]
    c9b13f3: libxl: Domain destroy: unlock userdata earlier [Ian Jackson]
    0b19348: libxl: In domain death search, start search at first domid we want [Ian Jackson]
    ddfe333: x86: don't change affinity with interrupt unmasked [Jan Beulich]
    bf30232: x86: don't clear high 32 bits of RAX on sub-word guest I/O port reads [Jan Beulich]
    a824bf9: x86_emulate: fix EFLAGS setting of CMPXCHG emulation [Eugene Korenevsky]
    f653b7f: x86/hvm: implicitly disable an ioreq server when it is destroyed [Paul Durrant]
    8dbdcc3: x86/hvm: actually release ioreq server pages [Paul Durrant]
    56fe488: x86/hvm: fix the unknown nested vmexit reason 80000021 bug [Liang Li]
    4a52101: VT-d: improve fault info logging [Jan Beulich]
    5a7c042: x86/MSI: fix error handling [Jan Beulich]
    51d8325: LZ4 : fix the data abort issue [JeHyeon Yeon]
    0327c93: hvmloader: don't treat ROM BAR like other BARs [Jan Beulich]
    f2e08aa: domctl/sysctl: don't leak hypervisor stack to toolstacks [Andrew Cooper]
    3771b5a: arm64: fix fls() [Jan Beulich]
    9246d2e: domctl: don't allow a toolstack domain to call domain_pause() on itself [Andrew Cooper]
    f5bca81: Limit XEN_DOMCTL_memory_mapping hypercall to only process up to 64 GFNs (or less) [Konrad Rzeszutek Wilk]
    7fe1c1b: x86: don't apply reboot quirks if reboot set by user [Ross Lagerwall]
    969df12: Revert "cpupools: update domU's node-affinity on the cpupool_unassign_cpu() path" [Jan Beulich]
    483c6cd: honor MEMF_no_refcount in alloc_heap_pages() [Jan Beulich]
    6616c4d: tools: libxl: Explicitly disable graphics backends on qemu cmdline [Ian Campbell]
    d0b141e: x86/tboot: invalidate FIX_TBOOT_MAP_ADDRESS mapping after use [Jan Beulich]
    902998e: x86emul: fully ignore segment override for register-only operations [Jan Beulich]
    25c6ee8: pre-fill structures for certain HYPERVISOR_xen_version sub-ops [Aaron Adams]
    7ef0364: x86/HVM: return all ones on wrong-sized reads of system device I/O ports [Jan Beulich]
    3665563: tools/libxc: Don't leave scratch_pfn uninitialised if the domain has no memory [Andrew Cooper]
    75ac8cf: x86/nmi: fix shootdown of pcpus running in VMX non-root mode [Andrew Cooper]
    1e44c92: x86/hvm: explicitly mark ioreq server pages dirty [Paul Durrant]
    2bfef90: x86/hvm: wait for at least one ioreq server to be enabled [Paul Durrant]
    d976397: x86/VPMU: disable when NMI watchdog is on [Boris Ostrovsky]
    84f2484: libxc: introduce a per architecture scratch pfn for temporary grant mapping [Julien Grall]
    6302c61: Install libxlutil.h [Jim Fehlig]
    d8e78d6: bunzip2: off by one in get_next_block() [Dan Carpenter]
    8a855b3: docs/commandline: correct information for 'x2apic_phys' parameter [Andrew Cooper]
    3a777be: x86: vcpu_destroy_pagetables() must not return -EINTR [Konrad Rzeszutek Wilk]
    1acb3b6: handle XENMEM_get_vnumainfo in compat_memory_op [Wei Liu]
    4eec09f: x86: correctly check for sub-leaf zero of leaf 7 in pv_cpuid() [Jan Beulich]
    7788cbb: x86: don't expose XSAVES capability to PV guests [Jan Beulich]
    4cfc54b: xsm/evtchn: never pretend to have successfully created a Xen event channel [Andrew Cooper]
    2fdd521: common/memory: fix an XSM error path [Jan Beulich]
    ad83ad9: x86emul: tighten CLFLUSH emulation [Jan Beulich]
    1928318: dt-uart: use ':' as separator between path and options [Ian Campbell]
    9ae1853: libxl: Don't ignore error when we fail to give access to ioport/irq/iomem [Julien Grall]

In addition, this release also contains the following fixes to qemu-traditional:

    afaa35b: ... by default. Add a per-device "permissive" mode similar to pciback's to allow restoring previous behavior (and hence break security again, i.e. should be used only for trusted guests). [Jan Beulich]
    3cff7ad: Since the next patch will turn all not explicitly described fields read-only by default, those fields that have guest writable bits need to be given explicit descriptors. [Jan Beulich]
    ec61b93: The adjustments are solely to make the subsequent patches work right (and hence make the patch set consistent), namely if permissive mode (introduced by the last patch) gets used (as both reserved registers and reserved fields must be similarly protected from guest access in default mode, but the guest should be allowed access to them in permissive mode). [Jan Beulich]
    37c77b8: xen_pt_emu_reg_pcie[]'s PCI_EXP_DEVCAP needs to cover all bits as read- only to avoid unintended write-back (just a precaution, the field ought to be read-only in hardware). [Jan Beulich]
    2dc4059: This is just to avoid having to adjust that calculation later in multiple places. [Jan Beulich]
    29d9566: xen_pt_pmcsr_reg_write() needs an adjustment to deal with the RW1C nature of the not passed through bit 15 (PCI_PM_CTRL_PME_STATUS). [Jan Beulich]
    2e19270: There's no point in xen_pt_pmcsr_reg_{read,write}() each ORing PCI_PM_CTRL_STATE_MASK and PCI_PM_CTRL_NO_SOFT_RESET into a local emu_mask variable - we can have the same effect by setting the field descriptor's emu_mask member suitably right away. Note that xen_pt_pmcsr_reg_write() is being retained in order to allow later patches to be less intrusive. [Jan Beulich]
    751d20d: Without this the actual XSA-131 fix would cause the enable bit to not get set anymore (due to the write back getting suppressed there based on the OR of emu_mask, ro_mask, and res_mask). [Jan Beulich]
    51f3b5b: ... to avoid allowing the guest to cause the control domain's disk to fill. [Jan Beulich]
    7f99bb9: It's being used by the hypervisor. For now simply mimic a device not capable of masking, and fully emulate any accesses a guest may issue nevertheless as simple reads/writes without side effects. [Jan Beulich]
    6fc82bf: The old logic didn't work as intended when an access spanned multiple fields (for example a 32-bit access to the location of the MSI Message Data field with the high 16 bits not being covered by any known field). Remove it and derive which fields not to write to from the accessed fields' emulation masks: When they're all ones, there's no point in doing any host write. [Jan Beulich]
    e42b84c: fdc: force the fifo access to be in bounds of the allocated buffer [Petr Matousek]
    62e4158: xen: limit guest control of PCI command register [Jan Beulich]
    3499745: cirrus: fix an uninitialized variable [Jan Beulich]

This release also contains the security fixes for XSA-117 to XSA-136, with the exception of XSA-124 which documents security risks of non-standard PCI device functionality that cannot be addressed in software. It also includes an update to XSA-98 and XSA-59.

Revision 1.5.2.3 / (download) - annotate - [select for diffs], Sat Jun 13 09:13:34 2015 UTC (8 years, 8 months ago) by spz
Branch: pkgsrc-2015Q1
Changes since 1.5.2.2: +2 -2 lines
Diff to previous 1.5.2.2 (colored) to branchpoint 1.5 (colored) next main 1.6 (colored)

Pullup ticket #4743 - requested by khorben
sysutils/xenkernel45: security patch

Revisions pulled up:
- sysutils/xenkernel45/Makefile                                 1.8
- sysutils/xenkernel45/distinfo                                 1.7
- sysutils/xenkernel45/patches/patch-CVE-2015-3456              1.1

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Fri Jun  5 17:15:04 UTC 2015

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   Added Files:
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-3456

   Log Message:
   Apply fixes from upstream for XSA-133

   Privilege escalation via emulated floppy disk drive

   The code in qemu which emulates a floppy disk controller did not
   correctly bounds check accesses to an array and therefore was
   vulnerable to a buffer overflow attack.

   A guest which has access to an emulated floppy device can exploit this
   vulnerability to take over the qemu process elevating its privilege to
   that of the qemu process.

   All Xen systems running x86 HVM guests without stubdomains are
   vulnerable to this depending on the specific guest configuration. The
   default configuration is vulnerable.

   Guests using either the traditional "qemu-xen" or upstream qemu device
   models are vulnerable.
   Guests using a qemu-dm stubdomain to run the device model are only
   vulnerable to takeover of that service domain.

   Systems running only x86 PV guests are not vulnerable.
   ARM systems are not vulnerable.


   To generate a diff of this commit:
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/sysutils/xenkernel45/Makefile
   cvs rdiff -u -r1.6 -r1.7 pkgsrc/sysutils/xenkernel45/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/sysutils/xenkernel45/patches/patch-CVE-2015-3456

Revision 1.8 / (download) - annotate - [select for diffs], Fri Jun 5 17:15:04 2015 UTC (8 years, 8 months ago) by khorben
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)

Apply fixes from upstream for XSA-133

Privilege escalation via emulated floppy disk drive

The code in qemu which emulates a floppy disk controller did not
correctly bounds check accesses to an array and therefore was
vulnerable to a buffer overflow attack.

A guest which has access to an emulated floppy device can exploit this
vulnerability to take over the qemu process elevating its privilege to
that of the qemu process.

All Xen systems running x86 HVM guests without stubdomains are
vulnerable to this depending on the specific guest configuration. The
default configuration is vulnerable.

Guests using either the traditional "qemu-xen" or upstream qemu device
models are vulnerable.
Guests using a qemu-dm stubdomain to run the device model are only
vulnerable to takeover of that service domain.

Systems running only x86 PV guests are not vulnerable.
ARM systems are not vulnerable.

Revision 1.5.2.2 / (download) - annotate - [select for diffs], Wed Apr 29 21:16:43 2015 UTC (8 years, 10 months ago) by tron
Branch: pkgsrc-2015Q1
Changes since 1.5.2.1: +2 -2 lines
Diff to previous 1.5.2.1 (colored) to branchpoint 1.5 (colored)

Pullup ticket #4699 - requested by spz
sysutils/xenkernel45: security patch

Revisions pulled up:
- sysutils/xenkernel45/Makefile                                 1.7
- sysutils/xenkernel45/distinfo                                 1.6
- sysutils/xenkernel45/patches/patch-CVE-2015-2751              1.1

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Sun Apr 19 15:02:12 UTC 2015

   Modified Files:
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   Added Files:
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-2751

   Log Message:
   adding upstream's patch for
   XSA-127 Certain domctl operations may be abused to lock up the host

Revision 1.5.2.1 / (download) - annotate - [select for diffs], Wed Apr 29 21:11:12 2015 UTC (8 years, 10 months ago) by tron
Branch: pkgsrc-2015Q1
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

Pullup ticket #4698 - requested by spz
Pullup ticket #4698 - requested by spz
sysutils/xenkernel41: security patch
sysutils/xenkernel42: security patch
sysutils/xenkernel45: security patch

Revisions pulled up:
- sysutils/xenkernel41/Makefile                                 1.45
- sysutils/xenkernel41/distinfo                                 1.36
- sysutils/xenkernel41/patches/patch-CVE-2015-2752              1.1
- sysutils/xenkernel41/patches/patch-CVE-2015-2756              1.1
- sysutils/xenkernel42/Makefile                                 1.15
- sysutils/xenkernel42/distinfo                                 1.13
- sysutils/xenkernel42/patches/patch-CVE-2015-2752              1.1
- sysutils/xenkernel42/patches/patch-CVE-2015-2756              1.1
- sysutils/xenkernel45/Makefile                                 1.6
- sysutils/xenkernel45/distinfo                                 1.5
- sysutils/xenkernel45/patches/patch-CVE-2015-2752              1.1
- sysutils/xenkernel45/patches/patch-CVE-2015-2756              1.1
- sysutils/xentools41/Makefile                                  1.50
- sysutils/xentools41/distinfo                                  1.38
- sysutils/xentools41/patches/patch-CVE-2015-2752               1.1
- sysutils/xentools41/patches/patch-CVE-2015-2756               1.1
- sysutils/xentools42/Makefile                                  1.27
- sysutils/xentools42/distinfo                                  1.16
- sysutils/xentools42/patches/patch-CVE-2015-2752               1.1
- sysutils/xentools42/patches/patch-CVE-2015-2756               1.1
- sysutils/xentools45/Makefile                                  1.6
- sysutils/xentools45/distinfo                                  1.6
- sysutils/xentools45/patches/patch-CVE-2015-2752               1.1
- sysutils/xentools45/patches/patch-CVE-2015-2756               1.1

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Sun Apr 19 13:13:21 UTC 2015

   Modified Files:
   	pkgsrc/sysutils/xenkernel41: Makefile distinfo
   	pkgsrc/sysutils/xenkernel42: Makefile distinfo
   	pkgsrc/sysutils/xenkernel45: Makefile distinfo
   	pkgsrc/sysutils/xentools41: Makefile distinfo
   	pkgsrc/sysutils/xentools42: Makefile distinfo
   	pkgsrc/sysutils/xentools45: Makefile distinfo
   Added Files:
   	pkgsrc/sysutils/xenkernel41/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xenkernel42/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xenkernel45/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xentools41/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xentools42/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756
   	pkgsrc/sysutils/xentools45/patches: patch-CVE-2015-2752
   	    patch-CVE-2015-2756

   Log Message:
   apply fixes from upstream for
   XSA-125 Long latency MMIO mapping operations are not preemptible
   XSA-126 Unmediated PCI command register access in qemu

Revision 1.7 / (download) - annotate - [select for diffs], Sun Apr 19 15:02:12 2015 UTC (8 years, 10 months ago) by spz
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)

adding upstream's patch for
XSA-127 Certain domctl operations may be abused to lock up the host

Revision 1.6 / (download) - annotate - [select for diffs], Sun Apr 19 13:13:21 2015 UTC (8 years, 10 months ago) by spz
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

apply fixes from upstream for
XSA-125 Long latency MMIO mapping operations are not preemptible
XSA-126 Unmediated PCI command register access in qemu

Revision 1.5 / (download) - annotate - [select for diffs], Tue Mar 10 20:08:43 2015 UTC (8 years, 11 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base
Branch point for: pkgsrc-2015Q1
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

xsa123.patch from upstream:
x86emul: fully ignore segment override for register-only operations

For ModRM encoded instructions with register operands we must not
overwrite ea.mem.seg (if a - bogus in that case - segment override was
present) as it aliases with ea.reg.

This is CVE-2015-2151 / XSA-123.

Revision 1.4 / (download) - annotate - [select for diffs], Thu Mar 5 14:21:31 2015 UTC (8 years, 11 months ago) by spz
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

Add patches for XSA-121 and XSA-122 from upstream.

Revision 1.3 / (download) - annotate - [select for diffs], Wed Feb 4 20:52:16 2015 UTC (9 years ago) by joerg
Branch: MAIN
Changes since 1.2: +3 -2 lines
Diff to previous 1.2 (colored)

Fix build with clang.

Revision 1.2 / (download) - annotate - [select for diffs], Tue Jan 27 14:52:56 2015 UTC (9 years, 1 month ago) by prlw1
Branch: MAIN
Changes since 1.1: +3 -2 lines
Diff to previous 1.1 (colored)

xen build with python 3.3 fails with:

xenkernel45:
  File "/tmp/pkgsrc/sysutils/xenkernel45/work.x86_64/xen-4.5.0/xen/tools/compat-
build-source.py", line 30
    print line.rstrip()
             ^
SyntaxError: invalid syntax

xentools45:
  File "mkchecker.py", line 40, in <module>
    if compat_arches.has_key(a):
AttributeError: 'dict' object has no attribute 'has_key'
...

XXX Assume the same is true for python 3.4 and mark as not for 33 34

Revision 1.1 / (download) - annotate - [select for diffs], Tue Jan 20 16:42:13 2015 UTC (9 years, 1 month ago) by bouyer
Branch: MAIN

Xen is a virtual machine monitor which supports running multiple
guests operating systems on a single machine. Guest OSes (also
called "domains") require a modified kernel which supports Xen
hypercalls in replacement to access to the physical hardware. At
boot, the xen kernel is loaded along with the guest kernel for the
first domain (called domain0). domain0 has privileges to access
the physical hardware (PCI and ISA devices), administrate other
domains and provide virtual devices (disks and network) to other
domains.

xenkernel45 and xentools45 contains the kernel and tools from
the Xen 4.5.x branch

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>