[Pkg-xen-changes] r1136 - in branches/wheezy/xen/debian: . patches
Bastian Blank
waldi at alioth.debian.org
Sat Jan 19 12:44:34 UTC 2013
Author: waldi
Date: Sat Jan 19 12:44:33 2013
New Revision: 1136
Log:
* debian/changelog: Update.
* debian/patches/CVE-2012-5511: Mention CVE-2012-6333.
Modified:
branches/wheezy/xen/debian/changelog
branches/wheezy/xen/debian/patches/CVE-2012-5511
Modified: branches/wheezy/xen/debian/changelog
==============================================================================
--- branches/wheezy/xen/debian/changelog Sat Jan 19 12:32:09 2013 (r1135)
+++ branches/wheezy/xen/debian/changelog Sat Jan 19 12:44:33 2013 (r1136)
@@ -4,6 +4,8 @@
CVE-2012-5634
* Fix buffer overflow in qemu e1000 emulation.
CVE-2012-6075
+ * Update patch, mention second CVE.
+ CVE-2012-5511, CVE-2012-6333
-- Bastian Blank <waldi at debian.org> Sat, 19 Jan 2013 13:04:21 +0100
Modified: branches/wheezy/xen/debian/patches/CVE-2012-5511
==============================================================================
--- branches/wheezy/xen/debian/patches/CVE-2012-5511 Sat Jan 19 12:32:09 2013 (r1135)
+++ branches/wheezy/xen/debian/patches/CVE-2012-5511 Sat Jan 19 12:44:33 2013 (r1136)
@@ -3,12 +3,12 @@
ties up the physical processor. Integrating preemption into the p2m
updates is hard so simply limit to 1GB which is sufficient for a 15000
* 15000 * 32bpp framebuffer.
- x86/paging: Don't allocate user-controlled amounts of stack memory.
From: Tim Deegan <tim at xen.org>
From: Ian Campbell <ian.campbell at citrix.com>
From: Jan Beulich <JBeulich at suse.com>
Origin: upstream
Id: CVE-2012-5511
+Id: CVE-2012-6333
---
--- a/xen/arch/x86/hvm/hvm.c Mon Nov 19 09:43:48 2012 +0100
+++ b/xen/arch/x86/hvm/hvm.c Mon Nov 19 16:00:33 2012 +0000
@@ -102,7 +102,7 @@
rc = 0;
--- a/xen/arch/x86/mm/paging.c Mon Nov 19 09:43:48 2012 +0100
+++ b/xen/arch/x86/mm/paging.c Mon Nov 19 16:00:33 2012 +0000
-@@ -529,13 +529,18 @@ int paging_log_dirty_range(struct domain
+@@ -529,13 +529,19 @@ int paging_log_dirty_range(struct domain
if ( !d->arch.paging.log_dirty.fault_count &&
!d->arch.paging.log_dirty.dirty_count ) {
@@ -117,7 +117,8 @@
- if ( copy_to_guest_offset(dirty_bitmap, 0, (uint8_t *) zeroes,
- size * BYTES_PER_LONG) != 0 )
- rv = -EFAULT;
-+ for ( off = 0; !rv && off < size; off += sizeof zeroes )
++ off = 0;
++ while ( !rv && off < size )
+ {
+ int todo = min(size - off, (int) PAGE_SIZE);
+ if ( copy_to_guest_offset(dirty_bitmap, off, zeroes, todo) )
More information about the Pkg-xen-changes
mailing list