Module Name: src
Committed By: snj
Date: Fri Jan 8 21:25:54 UTC 2016
Modified Files:
src/doc [netbsd-6-1]: CHANGES-6.1.6
Log Message:
1358
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.54 -r1.1.2.55 src/doc/CHANGES-6.1.6
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-6.1.6
diff -u src/doc/CHANGES-6.1.6:1.1.2.54 src/doc/CHANGES-6.1.6:1.1.2.55
--- src/doc/CHANGES-6.1.6:1.1.2.54 Wed Nov 18 07:44:37 2015
+++ src/doc/CHANGES-6.1.6 Fri Jan 8 21:25:54 2016
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-6.1.6,v 1.1.2.54 2015/11/18 07:44:37 msaitoh Exp $
+# $NetBSD: CHANGES-6.1.6,v 1.1.2.55 2016/01/08 21:25:54 snj Exp $
A complete list of changes from the NetBSD 6.1.5 release to the NetBSD 6.1.6
release:
@@ -6818,3 +6818,20 @@ sys/net/if_gif.c 1.91, 1.92
Fix panic after "ifconfig gifX tunnel src dst" failed because of
duplicate pair address.
[knakahara, ticket #1345]
+
+sys/arch/xen/include/xen-public/io/ring.h 1.3 via patch
+sys/arch/xen/xen/pciback.c 1.10 via patch
+sys/arch/xen/xen/xbdback_xenbus.c 1.62 via patch
+sys/arch/xen/xen/xennetback_xenbus.c 1.54 via patch
+
+ Apply patch from xsa155: make sure that the backend won't read
+ parts of the request again (possibly because of compiler
+ optimisations), by using copies and barrier.
+ From XSA155:
+ The compiler can emit optimizations in the PV backend drivers
+ which can lead to double fetch vulnerabilities. Specifically
+ the shared memory between the frontend and backend can be fetched
+ twice (during which time the frontend can alter the contents)
+ possibly leading to arbitrary code execution in backend.
+ [bouyer, ticket #1358]
+
