[Buildroot] [PATCH 3/3] package/xen: add upstream security fix for XSA-312

Alistair Francis alistair23 at gmail.com
Mon Jan 20 00:28:24 UTC 2020


On Mon, Jan 20, 2020 at 3:04 AM Peter Korsgaard <peter at korsgaard.com> wrote:
>
> Fixes the following security issue:
>
> XSA-312: arm: a CPU may speculate past the ERET instruction
>
> For further details, see the advisory:
>
> https://xenbits.xenproject.org/xsa/advisory-312.html
>
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Reviewed-by: Alistair Francis <alistair.francis at wdc.com>

Alistair

> ---
>  package/xen/xen.hash | 1 +
>  package/xen/xen.mk   | 2 ++
>  2 files changed, 3 insertions(+)
>
> diff --git a/package/xen/xen.hash b/package/xen/xen.hash
> index ad6220d94b..672ba5cb8d 100644
> --- a/package/xen/xen.hash
> +++ b/package/xen/xen.hash
> @@ -1,3 +1,4 @@
>  # Locally computed
>  sha256 1c75cbe728dfabf02b7f9a17ce96ee7d202d2fd4b4689490018d3a28b63f9fa3 xen-4.12.2.tar.gz
> +sha256 9b2078d448e4815c9ddc6554bf869d64412dc787b1b94830a24e47df6a9f30e7 xsa312.patch
>  sha256 dba0d79260259c013c52e5d4daeaea564a2fbb9ff7fc6778c377a401ec3898de COPYING
> diff --git a/package/xen/xen.mk b/package/xen/xen.mk
> index 7eb2643343..d0c6bebe9d 100644
> --- a/package/xen/xen.mk
> +++ b/package/xen/xen.mk
> @@ -6,6 +6,8 @@
>
>  XEN_VERSION = 4.12.2
>  XEN_SITE = https://downloads.xenproject.org/release/xen/$(XEN_VERSION)
> +XEN_PATCH = \
> +       https://xenbits.xenproject.org/xsa/xsa312.patch
>  XEN_LICENSE = GPL-2.0
>  XEN_LICENSE_FILES = COPYING
>  XEN_DEPENDENCIES = host-acpica host-python
> --
> 2.20.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot


More information about the buildroot mailing list