[Buildroot] [PATCH 2/3] package/xen: security bump to version 4.12.2

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 2/3] package/xen: security bump to version 4.12.2
Date: Sun, 19 Jan 2020 18:03:57 +0100	[thread overview]
Message-ID: <20200119170358.5408-2-peter@korsgaard.com> (raw)
In-Reply-To: <20200119170358.5408-1-peter@korsgaard.com>

The 4.12.2 release brings a large number of fixes:

https://xenproject.org/downloads/xen-project-archives/xen-project-4-12-series/xen-project-4-12-2/

Including a number of security fixes:

XSA-296: VCPUOP_initialise DoS (CVE-2019-18420)
XSA-298: missing descriptor table limit checking in x86 PV emulation
	 (CVE-2019-18425)
XSA-299: Issues with restartable PV type change operations (CVE-2019-18421)
XSA-301: add-to-physmap can be abused to DoS Arm hosts (CVE-2019-18423)
XSA-302: passed through PCI devices may corrupt host memory after
         deassignment (CVE-2019-18424)
XSA-303: ARM: Interrupts are unconditionally unmasked in exception handlers
	 (CVE-2019-18422)
XSA-304: x86: Machine Check Error on Page Size Change DoS (CVE-2018-12207)
XSA-305: TSX Asynchronous Abort speculative side channel (CVE-2019-11135)
XSA-306: Device quarantine for alternate pci assignment methods
	 (CVE-2019-19579)
XSA-307: find_next_bit() issues (CVE-2019-19581 CVE-2019-19582)
XSA-308: VMX: VMentry failure with debug exceptions and blocked states
	 (CVE-2019-19583)
XSA-309: Linear pagetable use / entry miscounts (CVE-2019-19578)
XSA-310: Further issues with restartable PV type change operations
	 (CVE-2019-19580)
XSA-311: Bugs in dynamic height handling for AMD IOMMU pagetables
	 (CVE-2019-19577)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/xen/xen.hash | 2 +-
 package/xen/xen.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/xen/xen.hash b/package/xen/xen.hash
index a15bc7d852..ad6220d94b 100644
--- a/package/xen/xen.hash
+++ b/package/xen/xen.hash
@@ -1,3 +1,3 @@
 # Locally computed
-sha256 5450a85497b84167df1d229b3ab98fb24ef4d6b0510dce522798c13c1b090159 xen-4.12.1.tar.gz
+sha256 1c75cbe728dfabf02b7f9a17ce96ee7d202d2fd4b4689490018d3a28b63f9fa3 xen-4.12.2.tar.gz
 sha256 dba0d79260259c013c52e5d4daeaea564a2fbb9ff7fc6778c377a401ec3898de COPYING
diff --git a/package/xen/xen.mk b/package/xen/xen.mk
index 167f0ad638..7eb2643343 100644
--- a/package/xen/xen.mk
+++ b/package/xen/xen.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-XEN_VERSION = 4.12.1
+XEN_VERSION = 4.12.2
 XEN_SITE = https://downloads.xenproject.org/release/xen/$(XEN_VERSION)
 XEN_LICENSE = GPL-2.0
 XEN_LICENSE_FILES = COPYING
-- 
2.20.1

next prev parent reply	other threads:[~2020-01-19 17:03 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-19 17:03 [Buildroot] [PATCH 1/3] package/xen: explicitly disable checkpolicy logic Peter Korsgaard
2020-01-19 17:03 ` Peter Korsgaard [this message]
2020-01-20  0:26   ` [Buildroot] [PATCH 2/3] package/xen: security bump to version 4.12.2 Alistair Francis
2020-01-20  7:39   ` Peter Korsgaard
2020-03-05 20:25   ` Peter Korsgaard
2020-01-19 17:03 ` [Buildroot] [PATCH 3/3] package/xen: add upstream security fix for XSA-312 Peter Korsgaard
2020-01-20  0:28   ` Alistair Francis
2020-01-20  7:39   ` Peter Korsgaard
2020-03-05 20:25   ` Peter Korsgaard
2020-01-20  0:23 ` [Buildroot] [PATCH 1/3] package/xen: explicitly disable checkpolicy logic Alistair Francis
2020-01-20  7:39 ` Peter Korsgaard
2020-01-21 21:29 ` Arnout Vandecappelle
2020-01-21 21:45   ` Peter Korsgaard
2020-01-22  7:57     ` Arnout Vandecappelle
2020-03-05 20:21 ` Peter Korsgaard

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:a15bc7d85 dfblob:ad6220d94 dfblob:167f0ad63 dfblob:7eb264334 )
 OR (
bs:"[Buildroot] [PATCH 2/3] package/xen: security bump to version 4.12.2" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200119170358.5408-2-peter@korsgaard.com \
    --to=peter@korsgaard.com \
    --cc=buildroot@busybox.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.