- bnc#789945 - VUL-0: CVE-2012-5510: xen: Grant table version

switch list corruption vulnerability (XSA-26) CVE-2012-5510-xsa26.patch - bnc#789944 - VUL-0: CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs (XSA-27) CVE-2012-5511-xsa27.patch - bnc#789951 - VUL-0: CVE-2012-5513: xen: XENMEM_exchange may overwrite hypervisor memory (XSA-29) CVE-2012-5513-xsa29.patch - bnc#789948 - VUL-0: CVE-2012-5514: xen: Missing unlock in guest_physmap_mark_populate_on_demand() (XSA-30) CVE-2012-5514-xsa30.patch - bnc#789950 - VUL-0: CVE-2012-5515: xen: Several memory hypercall operations allow invalid extent order values (XSA-31) CVE-2012-5515-xsa31.patch - bnc#789952 - VUL-0: CVE-2012-5525: xen: Several hypercalls do not validate input GFNs (XSA-32) CVE-2012-5525-xsa32.patch - Upstream patches from Jan 26129-ACPI-BGRT-invalidate.patch 26132-tmem-save-NULL-check.patch 26134-x86-shadow-invlpg-check.patch 26139-cpumap-masking.patch 26148-vcpu-timer-overflow.patch (Replaces CVE-2012-4535-xsa20.patch) 26149-x86-p2m-physmap-error-path.patch (Replaces CVE-2012-4537-xsa22.patch) 26150-x86-shadow-unhook-toplevel-check.patch (Replaces CVE-2012-4538-xsa23.patch) 26151-gnttab-compat-get-status-frames.patch (Replaces CVE-2012-4539-xsa24.patch) 26179-PCI-find-next-cap.patch 26183-x86-HPET-masking.patch 26188-x86-time-scale-asm.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=216
2012-12-03 14:47:23 +00:00
parent a840075ed3
commit 128dffb75f
19 changed files with 1436 additions and 29 deletions
--- a/xen.spec
+++ b/xen.spec
@@ -114,7 +114,7 @@ BuildRequires:  kernel-syms
 BuildRequires:  module-init-tools
 BuildRequires:  xorg-x11
 %endif
-Version:        4.2.0_03
+Version:        4.2.0_04
 Release:        0
 PreReq:         %insserv_prereq %fillup_prereq
 Summary:        Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@@ -232,11 +232,24 @@ Patch26096:     26096-SVM-nested-vmexit-emul.patch
 Patch26098:     26098-perfc-build.patch
 Patch26102:     26102-x86-IOAPIC-legacy-not-first.patch
 Patch26114:     26114-pygrub-list-entries.patch
-Patch20:        CVE-2012-4535-xsa20.patch
-Patch22:        CVE-2012-4537-xsa22.patch
-Patch23:        CVE-2012-4538-xsa23.patch
-Patch24:        CVE-2012-4539-xsa24.patch
+Patch26129:     26129-ACPI-BGRT-invalidate.patch
+Patch26132:     26132-tmem-save-NULL-check.patch
+Patch26134:     26134-x86-shadow-invlpg-check.patch
+Patch26139:     26139-cpumap-masking.patch
+Patch26148:     26148-vcpu-timer-overflow.patch
+Patch26149:     26149-x86-p2m-physmap-error-path.patch
+Patch26150:     26150-x86-shadow-unhook-toplevel-check.patch
+Patch26151:     26151-gnttab-compat-get-status-frames.patch
+Patch26179:     26179-PCI-find-next-cap.patch
+Patch26183:     26183-x86-HPET-masking.patch
+Patch26188:     26188-x86-time-scale-asm.patch
 Patch25:        CVE-2012-4544-xsa25.patch
+Patch26:        CVE-2012-5510-xsa26.patch
+Patch27:        CVE-2012-5511-xsa27.patch
+Patch29:        CVE-2012-5513-xsa29.patch
+Patch30:        CVE-2012-5514-xsa30.patch
+Patch31:        CVE-2012-5515-xsa31.patch
+Patch32:        CVE-2012-5525-xsa32.patch
 # Upstream qemu patches
 Patch100:       VNC-Support-for-ExtendedKeyEvent-client-message.patch
 # Our patches
@@ -758,11 +771,24 @@ tar xfj %{SOURCE6} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools
 %patch26098 -p1
 %patch26102 -p1
 %patch26114 -p1
-%patch20 -p1
-%patch22 -p1
-%patch23 -p1
-%patch24 -p1
+%patch26129 -p1
+%patch26132 -p1
+%patch26134 -p1
+%patch26139 -p1
+%patch26148 -p1
+%patch26149 -p1
+%patch26150 -p1
+%patch26151 -p1
+%patch26179 -p1
+%patch26183 -p1
+%patch26188 -p1
 %patch25 -p1
+%patch26 -p1
+%patch27 -p1
+%patch29 -p1
+%patch30 -p1
+%patch31 -p1
+%patch32 -p1
 # Qemu
 %patch100 -p1
 # Our patches