---
- branch: MAIN
  date: Mon May  5 13:39:10 UTC 2014
  files:
  - new: '1.36'
    old: '1.35'
    path: pkgsrc/sysutils/xenkernel41/Makefile
    pathrev: pkgsrc/sysutils/xenkernel41/Makefile@1.36
    type: modified
  - new: '1.28'
    old: '1.27'
    path: pkgsrc/sysutils/xenkernel41/distinfo
    pathrev: pkgsrc/sysutils/xenkernel41/distinfo@1.28
    type: modified
  - new: '1.4'
    old: '1.3'
    path: pkgsrc/sysutils/xenkernel41/patches/patch-CVE-2013-4355_1
    pathrev: pkgsrc/sysutils/xenkernel41/patches/patch-CVE-2013-4355_1@1.4
    type: modified
  - new: '1.1'
    old: '0'
    path: pkgsrc/sysutils/xenkernel41/patches/patch-CVE-2014-3124
    pathrev: pkgsrc/sysutils/xenkernel41/patches/patch-CVE-2014-3124@1.1
    type: added
  id: 20140505T133910Z.aa83f61b0c00434b97ea572b5194bd8ca9c3dcae
  log: |
    fix possible creation of invalid P2M entries, leading to xen crash
    The vulnerability is only exposed to service domains for HVM guests
    which have privilege over the guest.  In a usual configuration that
    means only device model emulators (qemu-dm).
    bump PKGREV
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/sysutils/xenkernel41'
  unixtime: '1399297150'
  user: drochner