1. 23 Oct, 2014 1 commit
    • Natanael Copa's avatar
      main/xen: security upgrade to 4.2.5 and patches · 9cba7900
      Natanael Copa authored
      The 4.2.5 release fixes:
      CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible
      CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be
                             created
      CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection
      CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests
      
      In addition we add patches for:
      CVE-2014-7154 / XSA-104 Race condition in HVMOP_track_dirty_vram
      CVE-2014-7155 / XSA-105 Missing privilege level checks in x86 HLT, LGDT,
                              LIDT, and LMSW emulation
      CVE-2014-7156 / XSA-106 Missing privilege level checks in x86 emulation of
                              software interrupts
      CVE-2014-7188 / XSA-108 Improper MSR range used for x2APIC emulation
      
      fixes #3412
      fixes #3457
      9cba7900
  2. 22 Oct, 2014 2 commits
  3. 16 Oct, 2014 1 commit
  4. 02 Oct, 2014 1 commit
  5. 01 Oct, 2014 2 commits
  6. 30 Sep, 2014 4 commits
  7. 27 Sep, 2014 1 commit
  8. 25 Sep, 2014 1 commit
  9. 24 Sep, 2014 1 commit
  10. 12 Sep, 2014 1 commit
  11. 10 Sep, 2014 1 commit
  12. 03 Sep, 2014 1 commit
  13. 01 Sep, 2014 1 commit
  14. 27 Aug, 2014 2 commits
  15. 26 Aug, 2014 1 commit
  16. 21 Aug, 2014 4 commits
  17. 07 Aug, 2014 1 commit
    • Timo Teräs's avatar
      main/openssl: security ugprade to 1.0.1i (multiple CVE) · fca2b4fd
      Timo Teräs authored
      CVE-2014-3508 Information leak in pretty printing functions
      CVE-2014-5139 Crash with SRP ciphersuite in Server Hello message
      CVE-2014-3509 Race condition in ssl_parse_serverhello_tlsext
      CVE-2014-3505 Double Free when processing DTLS packets
      CVE-2014-3506 DTLS memory exhaustion
      CVE-2014-3507 DTLS memory leak from zero-length fragments
      CVE-2014-3510 OpenSSL DTLS anonymous EC(DH) denial of service
      CVE-2014-3511 OpenSSL TLS protocol downgrade attack
      CVE-2014-3512 SRP buffer overrun
      
      (cherry picked from commit a662e7df)
      
      Conflicts:
      	main/openssl/APKBUILD
      fca2b4fd
  18. 25 Jul, 2014 1 commit
  19. 22 Jul, 2014 2 commits
  20. 21 Jul, 2014 4 commits
  21. 18 Jul, 2014 1 commit
  22. 16 Jul, 2014 4 commits
  23. 07 Jul, 2014 2 commits