Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xen: 4.8.1 -> 4.8.2; apply XSAs #30896

Merged
merged 1 commit into from Oct 31, 2017
Merged

xen: 4.8.1 -> 4.8.2; apply XSAs #30896

merged 1 commit into from Oct 31, 2017

Conversation

NeQuissimus
Copy link
Member

@NeQuissimus NeQuissimus commented Oct 28, 2017
edited

Motivation for this change

We were way behind on the Xen Security Advisory patches.
Also, since a lot of them are reused, I moved them into a separate file.
I even prepared the XSAs for 4.9 but have not added the actual build for it.
Updated 4.8.x in the process.

Fixes #30745

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

/cc @michalpalka @grahamc

@michalpalka
Copy link

Thanks a lot @NeQuissimus 👍

Some comments:

  • We might not need XSA-233, because we are using oxenstored
  • Similarly, XSA-235 and XSA-245 seem to only affect ARM

It's probably a good idea to apply them anyway. What would you say @grahamc?

@grahamc
Copy link
Member

grahamc commented Oct 29, 2017 via email

@NeQuissimus NeQuissimus merged commit 69050c7 into NixOS:master Oct 31, 2017
@NeQuissimus NeQuissimus deleted the xen_xsa branch October 31, 2017 11:03
@samueldr samueldr removed the 9.needs: port to stable A PR needs a backport to the stable release. label Apr 17, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
1.severity: security 8.has: package (update) 10.rebuild-linux: 11-100
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Expired source urls for xen hypervisor.
4 participants
@NeQuissimus @michalpalka @grahamc @samueldr