-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OXT-877 & OXT-878: Upgrade Xen and port latest XSAs. #496
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
See openxt.git related PR: OpenXT/openxt#208 |
eric-ch
changed the title
OXT-877 & OXT-878
OXT-877 & OXT-878: Upgrade Xen and port latest XSAs.
Dec 22, 2016
Upgrade to 4.6.4. OXT-877 Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
Port latest XSAs released in december 2016. Signed-off-by: Eric Chanudet <chanudete@ainfosec.com> OXT-878
Not yet rebased completely... |
Libxl was ported on Xen 4.6.1 and merged while the PR for 4.6.4 was created, so port the patch-queue on Xen 4.6.4. Signed-off-by: Eric Chanudet <chanudete@ainfosec.com> OXT-877
... to make the recipe more agnotic to versions. Signed-off-by: Eric Chanudet <chanudete@ainfosec.com> OXT-877
Testing now |
LGTM, though the custom build doesn't include the new measured launch code. |
Built here: http://openxt-builder.ainfosec.com:8010/builders/openxt/builds/541 |
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Aug 25, 2017
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Aug 30, 2017
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Dec 5, 2017
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Jan 10, 2018
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Feb 26, 2018
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Mar 8, 2018
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Mar 13, 2018
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
that referenced
this pull request
Mar 20, 2018
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: #537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 #499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 #519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue #496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Mar 23, 2018
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Mar 23, 2018
See Change: Release 2.2.0 Tue June 21 2016 Security fixes: OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716 introduced with Expat 2.1.1 OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization than the original fix to CVE-2012-0876 OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand that was introduced with Expat 2.1.0 when addressing CVE-2012-0876 (issue OpenXT#496) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Upgrade Xen to 4.6.4.
Port latest XSAs.