[Buildroot] [PATCH] xen: security bump to version 4.10.1

Peter Korsgaard peter at korsgaard.com
Thu May 31 17:29:13 UTC 2018

>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > The 4.10.1 version brings a large number of fixes:
 > https://www.xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4101.html

 > Including a number of security fixes:

 > XSA-252: DoS via non-preemptable L3/L4 pagetable freeing (CVE-2018-7540)
 > XSA-253: x86: memory leak with MSR emulation (CVE-2018-5244)
 > XSA-254: Information leak via side effects of speculative execution
 > 	 (CVE-2017-5753 CVE-2017-5715 CVE-2017-5754)
 > XSA-255: grant table v2 -> v1 transition may crash Xen (CVE-2018-7541)
 > XSA-256: x86 PVH guest without LAPIC may DoS the host (CVE-2018-7542)
 > XSA-258: Information leak via crafted user-supplied CDROM (CVE-2018-10472)
 > XSA-259: x86: PV guest may crash Xen with XPTI (CVE-2018-10471)

 > Also add a hash for the license file while we are at it.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list