[Pkg-xen-changes] r876 - in branches/lenny-security/xen-3/debian: . patches

Bastian Blank waldi at alioth.debian.org
Mon Apr 18 09:39:10 UTC 2011 

Author: waldi
Date: Mon Apr 18 09:39:05 2011
New Revision: 876

Log:
* debian/changelog: Update.
* debian/patches/CVE-2011-1166.patch: New patch.
* debian/patches/series: Add new patch.

Added:
   branches/lenny-security/xen-3/debian/patches/CVE-2011-1166.patch
Modified:
   branches/lenny-security/xen-3/debian/changelog
   branches/lenny-security/xen-3/debian/patches/series

Modified: branches/lenny-security/xen-3/debian/changelog
==============================================================================
--- branches/lenny-security/xen-3/debian/changelog	Mon Apr 18 09:31:01 2011	(r875)
+++ branches/lenny-security/xen-3/debian/changelog	Mon Apr 18 09:39:05 2011	(r876)
@@ -1,6 +1,8 @@
 xen-3 (3.2.1-3) UNRELEASED; urgency=low
 
   * Fix to build on currently Lenny.
+  * Fix check for existance of user-mode page tables.
+    CVE-2011-1166
 
  -- Bastian Blank <waldi at debian.org>  Mon, 18 Apr 2011 11:30:01 +0200
 

Added: branches/lenny-security/xen-3/debian/patches/CVE-2011-1166.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/lenny-security/xen-3/debian/patches/CVE-2011-1166.patch	Mon Apr 18 09:39:05 2011	(r876)
@@ -0,0 +1,15 @@
+diff -r 671e9863095c xen/arch/x86/domain.c
+--- a/xen/arch/x86/domain.c	Thu Oct 01 12:33:00 2009 +0100
++++ b/xen/arch/x86/domain.c	Mon Apr 18 11:32:24 2011 +0200
+@@ -751,6 +751,11 @@
+ 
+             v->arch.guest_table_user = pagetable_from_pfn(cr3_pfn);
+         }
++        else if ( !(flags & VGCF_in_kernel) )
++        {
++            destroy_gdt(v);
++            return -EINVAL;
++        }
+ #endif
+     }
+ #ifdef CONFIG_COMPAT

Modified: branches/lenny-security/xen-3/debian/patches/series
==============================================================================
--- branches/lenny-security/xen-3/debian/patches/series	Mon Apr 18 09:31:01 2011	(r875)
+++ branches/lenny-security/xen-3/debian/patches/series	Mon Apr 18 09:39:05 2011	(r876)
@@ -1,4 +1,5 @@
 CVE-2008-1952.patch
+CVE-2011-1166.patch
 tools-libxc-loder-bzimage.patch
 config-prefix.diff
 tools-rpath.diff

More information about the Pkg-xen-changes mailing list