Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id AE625A582D for ; Fri, 26 Sep 2014 10:40:48 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 5E2B914A1B8; Fri, 26 Sep 2014 10:40:48 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 25C5E14A18B for ; Fri, 26 Sep 2014 10:40:46 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id ptsStw529Jxq for ; Fri, 26 Sep 2014 10:40:45 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 7E07314A1B3 for ; Fri, 26 Sep 2014 10:40:45 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 7B99798; Fri, 26 Sep 2014 10:40:45 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Fri, 26 Sep 2014 10:40:45 +0000 From: "Manuel Bouyer" Subject: CVS commit: pkgsrc/sysutils/xentools42 To: pkgsrc-changes@NetBSD.org Reply-To: bouyer@netbsd.org X-Mailer: log_accum Message-Id: <20140926104045.7B99798@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: bouyer Date: Fri Sep 26 10:40:45 UTC 2014 Modified Files: pkgsrc/sysutils/xentools42: Makefile Log Message: Update xentools42 and xenkernel42 to Xen 4.2.5, fixing: CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be created CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests pkgsrc also includes patches from the Xen Security Advisory: XSA-104 (CVE-2014-7154) - Race condition in HVMOP_track_dirty_vram XSA-105 (CVE-2014-7155) - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation XSA-106 (CVE-2014-7156) - Missing privilege level checks in x86 emulation of software interrupts To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 pkgsrc/sysutils/xentools42/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.