Module Name: src Committed By: snj Date: Fri Jan 8 21:06:58 UTC 2016
Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.1 Log Message: 1071 To generate a diff of this commit: cvs rdiff -u -r1.1.2.23 -r1.1.2.24 src/doc/CHANGES-7.0.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/doc/CHANGES-7.0.1 diff -u src/doc/CHANGES-7.0.1:1.1.2.23 src/doc/CHANGES-7.0.1:1.1.2.24 --- src/doc/CHANGES-7.0.1:1.1.2.23 Tue Jan 5 22:27:26 2016 +++ src/doc/CHANGES-7.0.1 Fri Jan 8 21:06:57 2016 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.1,v 1.1.2.23 2016/01/05 22:27:26 snj Exp $ +# $NetBSD: CHANGES-7.0.1,v 1.1.2.24 2016/01/08 21:06:57 snj Exp $ A complete list of changes from the NetBSD 7.0 release to the NetBSD 7.0.1 release: @@ -845,3 +845,19 @@ etc/namedb/root.cache 1.19 * Make IPv6 address lower case. [taca, ticket #1055] +sys/arch/xen/include/xen-public/io/ring.h 1.3 via patch +sys/arch/xen/xen/pciback.c 1.10 via patch +sys/arch/xen/xen/xbdback_xenbus.c 1.62 via patch +sys/arch/xen/xen/xennetback_xenbus.c 1.54 via patch + + Apply patch from xsa155: make sure that the backend won't read + parts of the request again (possibly because of compiler + optimisations), by using copies and barrier. + From XSA155: + The compiler can emit optimizations in the PV backend drivers + which can lead to double fetch vulnerabilities. Specifically + the shared memory between the frontend and backend can be fetched + twice (during which time the frontend can alter the contents) + possibly leading to arbitrary code execution in backend. + [bouyer, ticket #1071] +