[Buildroot] [PATCH] package/xen: security bump to version 4.14.1

Peter Korsgaard peter at korsgaard.com
Thu Dec 24 08:49:24 UTC 2020


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Includes security fixes up to XSA-359:
 > XSA-345: x86: Race condition in Xen mapping code
 > XSA-346: undue deferral of IOMMU TLB flushes
 > XSA-347: unsafe AMD IOMMU page table updates
 > XSA-348: undue recursion in x86 HVM context switch code (CVE-2020-29566)
 > XSA-351: Information leak via power sidechannel (CVE-2020-28368)
 > XSA-352: oxenstored: node ownership can be changed by unprivileged clients
 >          (CVE-2020-29486)
 > XSA-353: oxenstored: permissions not checked on root node (CVE-2020-29479)
 > XSA-355: stack corruption from XSA-346 change
 > XSA-356: infinite loop when cleaning up IRQ vectors (CVE-2020-29567)
 > XSA-358: FIFO event channels control block related ordering (CVE-2020-29570)
 > XSA-359: FIFO event channels control structure ordering (CVE-2020-29571)

 > And drop now upstreamed security patches.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2020.11.x, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list