Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mail.NetBSD.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id C462171205 for ; Thu, 12 Sep 2013 23:37:23 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 3A17614A29D; Thu, 12 Sep 2013 23:37:23 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 2E19014A2A0 for ; Thu, 12 Sep 2013 23:37:19 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id HyUnuYMftXyp for ; Thu, 12 Sep 2013 23:37:18 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 6AADE14A29A for ; Thu, 12 Sep 2013 23:37:18 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 651C696; Thu, 12 Sep 2013 23:37:18 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Thu, 12 Sep 2013 23:37:18 +0000 From: "Patrick Welche" Subject: CVS commit: pkgsrc/sysutils To: pkgsrc-changes@NetBSD.org Reply-To: prlw1@netbsd.org X-Mailer: log_accum Message-Id: <20130912233718.651C696@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: prlw1 Date: Thu Sep 12 23:37:18 UTC 2013 Modified Files: pkgsrc/sysutils/xenkernel42: Makefile distinfo pkgsrc/sysutils/xentools42: Makefile distinfo pkgsrc/sysutils/xentools42/files: xencommons.sh Removed Files: pkgsrc/sysutils/xenkernel42/patches: patch-xen_arch_x86_time.c patch-xen_common_libelf_libelf-private.h pkgsrc/sysutils/xentools42: version.mk Log Message: Update xen to 4.2.3 - Add warning if /kern/xen/privcmd is not readable Fixes the following critical vulnerabilities: * CVE-2013-1918 / XSA-45: Several long latency operations are not preemptible * CVE-2013-1952 / XSA-49: VT-d interrupt remapping source validation flaw for bridges * CVE-2013-2076 / XSA-52: Information leak on XSAVE/XRSTOR capable AMD CPUs * CVE-2013-2077 / XSA-53: Hypervisor crash due to missing exception recovery on XRSTOR * CVE-2013-2078 / XSA-54: Hypervisor crash due to missing exception recovery on XSETBV * CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA-55: Multiple vulnerabilities in libelf PV kernel handling * CVE-2013-2072 / XSA-56: Buffer overflow in xencontrol Python bindings affecting xend * CVE-2013-2211 / XSA-57: libxl allows guest write access to sensitive console related xenstore keys * CVE-2013-1432 / XSA-58: Page reference counting error due to XSA-45/CVE-2013-1918 fixes * XSA-61: libxl partially sets up HVM passthrough even with disabled iommu The following minor vulnerability is also being addressed: * CVE-2013-2007 / XSA-51 qemu guest agent (qga) insecure file permissions Among many bug fixes and improvements: * addressing a regression from the fix for XSA-46 * bug fixes to low level system state handling, including certain hardware errata workarounds To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 pkgsrc/sysutils/xenkernel42/Makefile cvs rdiff -u -r1.3 -r1.4 pkgsrc/sysutils/xenkernel42/distinfo cvs rdiff -u -r1.1 -r0 \ pkgsrc/sysutils/xenkernel42/patches/patch-xen_arch_x86_time.c \ pkgsrc/sysutils/xenkernel42/patches/patch-xen_common_libelf_libelf-private.h cvs rdiff -u -r1.7 -r1.8 pkgsrc/sysutils/xentools42/Makefile cvs rdiff -u -r1.6 -r1.7 pkgsrc/sysutils/xentools42/distinfo cvs rdiff -u -r1.1 -r0 pkgsrc/sysutils/xentools42/version.mk cvs rdiff -u -r1.2 -r1.3 pkgsrc/sysutils/xentools42/files/xencommons.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.