Page MenuHomeFreeBSD

xen: fix XSAs
ClosedPublic

Authored by royger on Jan 4 2016, 3:15 PM.

Details

Summary

Add the following XSA patches: 159, 160, 162, 165, 166.

Security: CVE-2015-8339
Security: CVE-2015-8340
Security: CVE-2015-8341
Security: CVE-2015-7504
Security: CVE-2015-8555
Sponsored by: Citrix Systems R&D
Requested by: junovitch

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

royger retitled this revision from to xen: fix XSAs.Jan 4 2016, 3:15 PM
royger updated this object.
royger edited the test plan for this revision. (Show Details)
royger added a reviewer: junovitch.
royger updated this revision to Diff 11914.
junovitch edited edge metadata.Jan 5 2016, 12:21 AM
junovitch accepted this revision.

Excellent. Approved. Don't forget the PR and MFH metadata in particular as this is a security update.

PR:  205841
MFH:  2016Q1

It looks like XSA-163 and XSA-164 don't effect us. Do you need any assistance preparing a VuXML entry for the rest or would you like me to do that for you? If so I'll close the Bugzilla PR once the commit, MFH, and VuXML are all in place.

This revision is now accepted and ready to land.Jan 5 2016, 12:21 AM
royger added a comment.Jan 5 2016, 9:45 AM

Excellent. Approved. Don't forget the PR and MFH metadata in particular as this is a security update.

PR:  205841
MFH:  2016Q1

It looks like XSA-163 and XSA-164 don't effect us. Do you need any assistance preparing a VuXML entry for the rest or would you like me to do that for you? If so I'll close the Bugzilla PR once the commit, MFH, and VuXML are all in place.

I have no idea about how to prepare a VuXML entry, would you mind helping? Also, can I go ahead and commit this, or the VuXML needs to be prepared before committing so a reference can be added to the commit message?

Thanks, Roger.

I have no idea about how to prepare a VuXML entry, would you mind helping? Also, can I go ahead and commit this, or the VuXML needs to be prepared before committing so a reference can be added to the commit message?
Thanks, Roger.

Sure. Please commit the update as is and I'll prepare the VuXML entry later on. Just take a look afterwards so you can learn.

Thanks again!

This revision was automatically updated to reflect the committed changes.

The MFH: 2016Q1 line here will trigger an automatic email to portmgr@FreeBSD.org and ports-secteam@FreeBSD.org. You should receive an approval to do the MFH commit using the command /usr/ports/Tools/scripts/mfh 2016Q1 405279 (it will be in the email).

Just put an approval entry in for the MFH commit based on who approved it. It would be this for someone with the portmgr hat (see https://wiki.freebsd.org/portmgr)

Approved by: portmgr (name)

Or if the approval comes from someone with the ports-secteam hat (see https://wiki.freebsd.org/ports-secteam)

Approved by: ports-secteam (name)
royger added a comment.Jan 5 2016, 5:09 PM

The MFH: 2016Q1 line here will trigger an automatic email to portmgr@FreeBSD.org and ports-secteam@FreeBSD.org. You should receive an approval to do the MFH commit using the command /usr/ports/Tools/scripts/mfh 2016Q1 405279 (it will be in the email).
Just put an approval entry in for the MFH commit based on who approved it. It would be this for someone with the portmgr hat (see https://wiki.freebsd.org/portmgr)

Approved by: portmgr (name)

Or if the approval comes from someone with the ports-secteam hat (see https://wiki.freebsd.org/ports-secteam)

Approved by: ports-secteam (name)

OK, I *think* I've managed to do it. Thanks!

OK, I *think* I've managed to do it. Thanks!

I'm not entirely sure what the commit message picked up some extra characters but it did commit the correct changes.

-n MFH:
-n  r405279

xen: fix XSAs

It should have automatically filled it out as this:

MFH: r405279

 xen: fix XSAs

Thanks!

royger added a comment.Jan 7 2016, 9:16 AM

OK, I *think* I've managed to do it. Thanks!

I'm not entirely sure what the commit message picked up some extra characters but it did commit the correct changes.

-n MFH:
-n  r405279
xen: fix XSAs

It should have automatically filled it out as this:

MFH: r405279
 xen: fix XSAs

I had a feeling it wasn't entirely right (the -n looked weird), but since the message was auto-generated by the mfh script I wasn't sure if this was some kind of nomenclature for mfh.