kumquat-buildroot/package/xen/xen.hash
Peter Korsgaard 059d655f5c xen: security bump to version 4.10.2
Drop 0003-memfd-fix-configure-test.patch applied upstream.

The 4.10.2 version brings a large number of fixes:

https://xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4102.html

Including a number of security fixes:

XSA-260: x86: mishandling of debug exceptions (CVE-2018-8897)
XSA-261: x86 vHPET interrupt injection errors (CVE-2018-10982)
XSA-262: qemu may drive Xen into unbounded loop (CVE-2018-10981)
XSA-263: Speculative Store Bypass (CVE-2018-3639)
XSA-264: preemption checks bypassed in x86 PV MM handling (CVE-2018-12891)
XSA-265: x86: #DB exception safety check can be triggered by a guest
         (CVE-2018-12893)
XSA-266: libxl fails to honour readonly flag on HVM emulated SCSI disks
         (CVE-2018-12892)
XSA-267: Speculative register leakage from lazy FPU context switching
         (CVE-2018-3665)
XSA-268: Use of v2 grant tables may cause crash on ARM (CVE-2018-15469)
XSA-269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
         (CVE-2018-15468)
XSA-272: oxenstored does not apply quota-maxentity (CVE-2018-15470)
XSA-273: L1 Terminal Fault speculative side channel (CVE-2018-3620,
         CVE-2018-3646)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 14:31:35 +02:00

4 lines
189 B
Plaintext

# Locally computed
sha256 d5a944a34e47e9d52b2837f616821eb4a9514c8fd0955dcc723111dba499acd4 xen-4.10.2.tar.gz
sha256 dba0d79260259c013c52e5d4daeaea564a2fbb9ff7fc6778c377a401ec3898de COPYING