diff options
| author | Peter Korsgaard <peter@korsgaard.com> | 2018-09-30 22:43:54 +0200 |
|---|---|---|
| committer | Peter Korsgaard <peter@korsgaard.com> | 2018-10-01 14:31:35 +0200 |
| commit | 059d655f5cfa321ae3e0847599c80acb238d39c1 (patch) | |
| tree | 6481965a2377b235963c80d4aeffb3bc8b27e932 /package/python-pyopenssl/Config.in | |
| parent | 5e04cdde197f17472a85423f4063b8f6ee19a82c (diff) | |
| download | buildroot-059d655f5cfa321ae3e0847599c80acb238d39c1.tar.gz buildroot-059d655f5cfa321ae3e0847599c80acb238d39c1.zip | |
xen: security bump to version 4.10.2
Drop 0003-memfd-fix-configure-test.patch applied upstream.
The 4.10.2 version brings a large number of fixes:
https://xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4102.html
Including a number of security fixes:
XSA-260: x86: mishandling of debug exceptions (CVE-2018-8897)
XSA-261: x86 vHPET interrupt injection errors (CVE-2018-10982)
XSA-262: qemu may drive Xen into unbounded loop (CVE-2018-10981)
XSA-263: Speculative Store Bypass (CVE-2018-3639)
XSA-264: preemption checks bypassed in x86 PV MM handling (CVE-2018-12891)
XSA-265: x86: #DB exception safety check can be triggered by a guest
(CVE-2018-12893)
XSA-266: libxl fails to honour readonly flag on HVM emulated SCSI disks
(CVE-2018-12892)
XSA-267: Speculative register leakage from lazy FPU context switching
(CVE-2018-3665)
XSA-268: Use of v2 grant tables may cause crash on ARM (CVE-2018-15469)
XSA-269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
(CVE-2018-15468)
XSA-272: oxenstored does not apply quota-maxentity (CVE-2018-15470)
XSA-273: L1 Terminal Fault speculative side channel (CVE-2018-3620,
CVE-2018-3646)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/python-pyopenssl/Config.in')
0 files changed, 0 insertions, 0 deletions
