[Buildroot] [PATCH] xen: security bump to version 4.10.1
Peter Korsgaard
peter at korsgaard.com
Thu May 31 17:29:13 UTC 2018
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> The 4.10.1 version brings a large number of fixes:
> https://www.xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4101.html
> Including a number of security fixes:
> XSA-252: DoS via non-preemptable L3/L4 pagetable freeing (CVE-2018-7540)
> XSA-253: x86: memory leak with MSR emulation (CVE-2018-5244)
> XSA-254: Information leak via side effects of speculative execution
> (CVE-2017-5753 CVE-2017-5715 CVE-2017-5754)
> XSA-255: grant table v2 -> v1 transition may crash Xen (CVE-2018-7541)
> XSA-256: x86 PVH guest without LAPIC may DoS the host (CVE-2018-7542)
> XSA-258: Information leak via crafted user-supplied CDROM (CVE-2018-10472)
> XSA-259: x86: PV guest may crash Xen with XPTI (CVE-2018-10471)
> Also add a hash for the license file while we are at it.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list