OXT-877 & OXT-878: Upgrade Xen and port latest XSAs. #496
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
See openxt.git related PR: OpenXT/openxt#208 |
eric-ch
changed the title
added 2 commits
January 12, 2017 18:30
Upgrade to 4.6.4. OXT-877 Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
Port latest XSAs released in december 2016. Signed-off-by: Eric Chanudet <chanudete@ainfosec.com> OXT-878
|
Not yet rebased completely... |
added 2 commits
January 12, 2017 19:51
Libxl was ported on Xen 4.6.1 and merged while the PR for 4.6.4 was created, so port the patch-queue on Xen 4.6.4. Signed-off-by: Eric Chanudet <chanudete@ainfosec.com> OXT-877
... to make the recipe more agnotic to versions. Signed-off-by: Eric Chanudet <chanudete@ainfosec.com> OXT-877
|
Testing now |
|
LGTM, though the custom build doesn't include the new measured launch code. |
|
Built here: http://openxt-builder.ainfosec.com:8010/builders/openxt/builds/541 |
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Aug 25, 2017
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Aug 30, 2017
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Dec 5, 2017
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Jan 10, 2018
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Feb 26, 2018
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Mar 8, 2018
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Mar 13, 2018
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
that referenced
this pull request
Mar 20, 2018
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue #496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Mar 23, 2018
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
eric-ch
pushed a commit
to eric-ch/xenclient-oe
that referenced
this pull request
Mar 23, 2018
See Change:
Release 2.2.0 Tue June 21 2016
Security fixes:
OpenXT#537 CVE-2016-0718 -- Fix crash on malformed input
CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
CVE-2015-2716 introduced with Expat 2.1.1
OpenXT#499 CVE-2016-5300 -- Use more entropy for hash initialization
than the original fix to CVE-2012-0876
OpenXT#519 CVE-2012-6702 -- Resolve troublesome internal call to srand
that was introduced with Expat 2.1.0
when addressing CVE-2012-0876 (issue OpenXT#496)
Signed-off-by: Eric Chanudet <chanudete@ainfosec.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Upgrade Xen to 4.6.4.
Port latest XSAs.