revbumps; Sec patches XSA 84, 85 added wrt Sec. Bugs #500536, 500528, rm old

Package-Manager: portage-2.2.8/cvs/Linux x86_64 Manifest-Sign-Key: 0xB8072B0D
author: Ian Delaney <idella4@gentoo.org> 2014-02-07 08:21:50 +0000
committer: Ian Delaney <idella4@gentoo.org> 2014-02-07 08:21:50 +0000
commit: 396ba0b064704928bc04d00d5035b6007bc2ca98 (patch)
tree: ee386be7cdb14bfa0faaa8a7856aa7b6b674f20f /app-emulation
parent: Version bump. (diff)
download: historical-396ba0b064704928bc04d00d5035b6007bc2ca98.tar.gz
historical-396ba0b064704928bc04d00d5035b6007bc2ca98.tar.bz2
historical-396ba0b064704928bc04d00d5035b6007bc2ca98.zip
5 files changed, 212 insertions, 23 deletions
diff --git a/app-emulation/xen/ChangeLog b/app-emulation/xen/ChangeLog
index 7e314c0b9375..01a1a9ac25a7 100644
--- a/app-emulation/xen/ChangeLog
+++ b/app-emulation/xen/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for app-emulation/xen
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v 1.145 2014/01/24 15:37:31 dlan Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v 1.146 2014/02/07 08:21:21 idella4 Exp $
+
+*xen-4.3.1-r5 (07 Feb 2014)
+*xen-4.2.2-r4 (07 Feb 2014)
+
+  07 Feb 2014; Ian Delaney <idella4@gentoo.org>
+  +files/xen-4.3-CVE-2014-263-XSA-84-85.patch, +xen-4.2.2-r4.ebuild,
+  +xen-4.3.1-r5.ebuild, -xen-4.2.2-r3.ebuild, -xen-4.3.1-r4.ebuild:
+  revbumps; Sec patches XSA 84, 85 added wrt Sec. Bugs #500536, 500528, rm old
 
   24 Jan 2014; Yixun Lan <dlan@gentoo.org> -xen-4.2.2-r2.ebuild,
   -xen-4.3.0-r5.ebuild, -xen-4.3.0-r6.ebuild, -xen-4.3.1-r2.ebuild,
diff --git a/app-emulation/xen/Manifest b/app-emulation/xen/Manifest
index 2fe6839c587c..5485a20b965d 100644
--- a/app-emulation/xen/Manifest
+++ b/app-emulation/xen/Manifest
@@ -17,6 +17,7 @@ AUX xen-4.2-XSA-87.patch 616 SHA256 df9c1507d7bb0e5266a2fadd992d1e6ed0f7bf5be746
 AUX xen-4.2-efi.patch 2216 SHA256 0886961e2656fe7e140dd0ac0e6620d4c14ef0796b8f8889bda163e2a9f8db8b SHA512 ecaa4f1f1c3ca737931fe5343529708dfb7ec7040dbf2acf2b155e7c7f019ce3e2630ddb302213570a2647fe220dbf23eb6c28618d6b1be9161e25fcadd71cb4 WHIRLPOOL 63b56e22683b2755ae17e7871c1b535d750f655ff8c003979d039654f5ef3303457b5d4469f216c1744202d4d1f4561f7498c1d93171ab1110a93e3a2fa8db8d
 AUX xen-4.3-CVE-2013-4553-XSA-74.patch 1389 SHA256 b505cdba662b1b1cd91d5611fac998c6b4e89e366780c6b9864b6965075afb38 SHA512 fc0c1a1777a751096bc5990eee04e754deed2f18b8c8a5d65bf19c71ba9788599369f51e2d518f613e8cea8cb0d2d22ad60cec4d1b8805d7bd8e0818a54afb2b WHIRLPOOL e324f4922f61a22840ac0268fe2643a0fe496409d12a5797d7ba057ecd4982f8a9224e20615721c34680d45145d3933090ca1a11644cd2ca8f312995c3cba96f
 AUX xen-4.3-CVE-2013-6375-XSA-75.patch 1748 SHA256 039a74a4ccd1f17a5fd5341d160af87b14875dc1b2e46d8e4d337581031228d8 SHA512 195d147643b626ab9265d83ba2d7fbdef7b5716533682b723f32cbbbde6089fafb49e11c68ba6d323bb120fb0d34d85caf5ec5759048f60ba9096e479729c32b WHIRLPOOL eb52b7334ead997fea54810498be22bf47bcd2230a2ea2552b6125f3f78b5f9f9df49a7625c43ed700b3e56c6ea8979171e6be2e6d54d53c706517fc901d4702
+AUX xen-4.3-CVE-2014-263-XSA-84-85.patch 6086 SHA256 91725c156bae4209f1401b38a37c1a38941ef6e9370ac3425523555fde81d835 SHA512 c26f9b3ecdb2894a72033850a532e0d9b735ba8e73c3cfc379171ec17c8f82e07596e6bd9824242702645d77e37054c0668279ad55effe10461d70e0831c39e8 WHIRLPOOL 94d0bf7fdc5064b0463344e1a09c81d9a41ab5c565c88accc511c547ed4ab3c0c7ac76443eab02c4b0153552ec2dc139da10960c5a8944aa9b49cee03160a911
 AUX xen-4.3-XSA-87.patch 916 SHA256 a13ce270b177d33537d627b85471abaa01215cd458541f4c6524914d7c81eb38 SHA512 a1ad45f8311787ac0e1ed1a186f9c4e9aea924398ec7bbbc5b1e4b2d3b4617e113b385ff2aee854458270b0d73ed11defac5dfe603b1fd7b97f4c951def559b3 WHIRLPOOL b3a36c01d4e0bca3c5df42488f9bfc91e756af8c899d7414b81b7dac2bb60733555321b607ed229817ac546ebce65fddce0f8781909d7021d19b44a931fb85bf
 AUX xen-4.3-fix_dotconfig-gcc.patch 8854 SHA256 4e0d22acdb4ecc4a1d418ec91bc6ddb9ef1c283ee3ca1f67bac85d3116d76ccc SHA512 b4c969b0cf166862ea5c5cb0912d7dae8c5bf7befd6dd6bdf4e56df8a4daf85c0a36c94247053f74edc0f24b1c15a18e7ddae9d24ad28d54b726a1fbbab442be WHIRLPOOL de7b614ae486fd2cc591b405b475745b003c638c9be4c8153b61a368802af36d2a2974d1e022eb14fb58ad9260f9f82c438c84cb65c3499076c579f7e1c3e6ad
 AUX xen-CVE-2013-1442-XSA-62.patch 1350 SHA256 364577f317a714099c068eb1ab771643ada99b5067fdd1eb5149fa5db649b856 SHA512 4738a229a6f18d670da07b3acbaf6e227af5fb3e7b0b414dc98671be02208aefc66ebe07f7396d9158d0fa15993b9d418fd65747880c64694b1a06b8be961419 WHIRLPOOL 758aed345d0c5792a5d5a53200ef5094e662be507823010bb7dcfcccd07bc38b897d67295abf2d5d5b3f1b93efc9c684af78da6e3e3d77ecb65ef69fe2f5fa6d
@@ -33,25 +34,15 @@ AUX xen-CVE-2013-6885-XSA-82.patch 1447 SHA256 db47b9dcb2124995754e7b43d7eedb5aa
 DIST xen-4.2.2.tar.gz 15602746 SHA256 c9bfe91a5e72f8545acebad9889d64368020359bfe18044c0e683133e55ae005 SHA512 4943b18016ed8c2b194a3b55e6655b3b734b39ffb8cb7ee0a0580f2f4460a1d0e92e1de8ac23f5186272914fad1650586af51fd7c3644d0310eb16f2e11c5e80 WHIRLPOOL 519eb87cb2da694696cbc3e72070a0a3bdb07c46fa266d855d8379eec3a92adfa4d434af3ac01c37834ce4a9174081a6c40030b185a70902329b185cb8d0bbea
 DIST xen-4.3.1.tar.gz 16429423 SHA256 3b5b7cc508b1739753585b5c25635471cdcef680e8770a78bf6ef9333d26a9fd SHA512 f5250ad5ad3defc5dc1207eb6208a3928128ef57ac4162018bd92b750dc1df1eaaf37835528aca33a0f9e04c82d5f8c4ba79c03a1780d2b72cbb90cc26f77275 WHIRLPOOL 087390786cea9aee273a5d81988436303991aa5ea92faf111d3b619517368f8c8feef84f4f8c602cac723980a344eb90414887db4ca88a2ee14bc6b0253e36ca
 EBUILD xen-4.2.2-r1.ebuild 3756 SHA256 2ad7f2faed080ea2e4d991d7dd902826059e4a22b444e2f1b74b5bc1e54d50a2 SHA512 c6041bf852ffa425d93134e9c08334c71e96dc9cb795c8bc7a5eb485fa46d55f5de61ff9db55d484cbe0b641d9e850e4eb7c0eefd1b021ed21a050e1e78c4177 WHIRLPOOL 86e7873cc84b01064c1e7cd46003a43104257a3f7330a1433d85ce841b658a0a35e18f9284b8520a497b408d4b5ab6ce76cb1af67fb42019b86517f4b51f2d61
-EBUILD xen-4.2.2-r3.ebuild 4069 SHA256 d1f43bd402e14a42fa082804d9c7aa0644f77999b2ec11bae346cd066f652571 SHA512 44d4fd1df859e5ac8ab88b3312417e097ad16c72716d80c121ea98a2cfe257a5a96a42a31dbd23b06912528cb4ff438028e4c6031c7a200d8f45f11fc270c7a5 WHIRLPOOL 0f99b062996ce66959dfbda005bcadb58bda37fe7ce3f99363e2612c3afa26a8f2cc5c7d695ffd6868ff6b28e40e1a219c0576418b53b1db13e76ad78efe9785
+EBUILD xen-4.2.2-r4.ebuild 4150 SHA256 6846e0753c012c5d891532e8ae32d7d0a2405cca8840f6530fca080815702b13 SHA512 99208b6ce2b1e98e892fb289970cc4499a7b61fd66590f04aaab513f9cb5c37f7d2796f025630500df51c57c02a9b9e53b33d32a4d574db95e23d34a4ee1cfcb WHIRLPOOL 4bb4a3fae926cf69c3cbe0aae91303e932be25aa5fae7133f256d80ef444eb84f6001d9c76470cd3171bc213e111258fc17de1e207cb1d0177199b4fd381399c
 EBUILD xen-4.3.1-r1.ebuild 3901 SHA256 a94af83d0bb8ffcebd66223309818da75c60507ae2c9e803eac7488fd3970de9 SHA512 12ea99f6475d9c40c00b3aae81ba620a28fd65f72e93c93c5cd516e61966a6fc3d7a5b17919cb2704e08c9ff354b9d7fa610c461ff71ec99e11eed82ad7735f5 WHIRLPOOL 0c8ba609acb43bdc3df00b1298519b1bbabb941f032f43a6b386b5570da83767d929fbd1ef07e2b5a80b538544fcd2ec1cd0807f4f58840b6f7d7e25205fafc4
-EBUILD xen-4.3.1-r4.ebuild 4043 SHA256 3bfdc26ab446d9fcef07f19135b15ea251dcc6e07f86dcf21adb7c8df606fc0b SHA512 d4c7c35268f6f69eeef12445dd96d5fe67fe5a3d6e67a8199d6b52e2e84da02a6b245f7d2b4262e8e50d0f63d30040a26b685e1c1c7348dbfb5e4cb4f6774568 WHIRLPOOL b59b698829b6572cedef7cb4527e2e99afa3b61b680147f8534970b9a8045fd0371847d73a5fabeca43d0b60593a797d34d4f794e6794412855f2764137eda98
-MISC ChangeLog 26747 SHA256 bbc11bbaf9745c40c97d28bc7bd7cdb5d2a64a509efc2bdeffcf7aeb95328311 SHA512 0f20b173463cdde9a403bf7054b6ee8d51ff310055a36790d0c79988de7968e35710e8b4c1c68e090444ee73ab72b6550fe92b6775b80cfb93110d395132738e WHIRLPOOL 4fb138df07d5a25f10542b84ae65ef5391f7edf44fe4a89f54021a0df8a09052144876f20d67718ed8de52f6d0e68d9780fd20050f1e6ec059d5ca815c51d5e1
+EBUILD xen-4.3.1-r5.ebuild 4123 SHA256 02c497740315c3c0fdde279d61a64bdb4cd7eee92a1033f141750600e9051406 SHA512 ff02eed18fdf2cbf85ff2d63060996ab44b65e95e18e5d8f186719a5d9e440fdd5c05b891e727b86308da652e45197f058fc58f72fb4d27c0d7108be5b2d0760 WHIRLPOOL 8c521375d879b14d6110228c7c1175303a428a709eee9f836ca19cb06443c49d8e5f36db2e2d7f238e0ddf6468cffaf471db07bc7a66b96e96822c3e6bb1c2d3
+MISC ChangeLog 27072 SHA256 d45dae9167f0614bda67b0bf6637d7609139b74cecba99bf26dc008c4749228e SHA512 67af955fee4b176b4493bc4633925836ae087d15696be906cb0be5e986d049e9e94b6353570033432936fc9cd2afc63b5e95318366709439c8259c778df25056 WHIRLPOOL 77ac012b2374efefb26d48e28218f2c91a7144608072c7ee8cb3ff24b9052a1c28b88872b0a4620d019eb139e516b865ff3db08de0c56ad3635cead121c83957
 MISC metadata.xml 572 SHA256 0f510aa5a7261b30e5eff6961fa9dd95b19db63e0eea93cfad1d47460318ba07 SHA512 8bbca8d353aa3b556783bddd4822b97c0372b169edb89ff2907a00895e014ff9dba9e8efccf04f45de8a69ce63849505455e9735c224700d1ebf93aa3f097ac5 WHIRLPOOL 1f5517720776198868cf5a0165b9daf2ee48187bde4ad4d86533c65898da608bde779289df7ef83eaf076e0ce284607fc21f61fc3ca0baaf86873ca400491d0e
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
-iQIcBAEBCAAGBQJS4ojIAAoJEJIMDbyqvv1VUWwQAK/zuDVB8BOdToSxOIPrD3uU
-w8aklyqsly+D7dOL0fvVhlIN85xBdYwbBMUZRWt/AvCW5ITrjfFF8UXZKAG8t3g5
-WFTUs37xcgiR68rzCyg+mQv1aw1m54HZ+1mRg3qf920rP0gpbRDKFpjKSIm5bQ4e
-16sfVgC2Qi//XOjOIFNQwxCAztkMV2Y6IRLfg+SQtaqj7ABiEUqRJ2mmPt+Iop1b
-CJdZOS9LadCHB0nk9b7E6hhoKQpfMRhHZdNvJPdnI1OF5n7ky00YS3S6gul44Tic
-VZ/E247+fKSbEIWF8A0aAYTh4fl7Gfab8B4scCLGhbEngn63Vj6YcwPBPqOy7dOe
-vcj2nhrLSQbnvtksX92uK4e2tKeyVJbvppNVThwF17NQNuyU9C3F4OXZf8MwjVGk
-bNEuR/2Tj7t+aNEZ0o8OvrELxfDkncs9QxIZUP9X8JHU6g+Y5a5iMsB4pYMHfa7Q
-WL+ZRncUs8DCVP4sCPzVMl7zRvjDrVSAW+HylOi8Q0BEBth1JVtSIRhke+/tK//M
-S8pzNHNt24u0WSFzxBILpXrFY5HJLRHjCqskOymHdCVQZubLmv01GolRJlv5PQlJ
-NrEX00jp4to2JX3b2u+JA5RuipdYOusJ6dEK6ukfqiBNRl/4DGh0aWTOKLWEwPx/
-VygipFpolbTjv8+5deAK
-=wzfF
+iEYEAREIAAYFAlL0lh8ACgkQso7CE7gHKw0zIACeIejC6rYwwJK+AAYku5eF0zbb
+qoAAnAkQXDJMZbg43Odjlce9/hjHW9za
+=PS18
 -----END PGP SIGNATURE-----
diff --git a/app-emulation/xen/files/xen-4.3-CVE-2014-263-XSA-84-85.patch b/app-emulation/xen/files/xen-4.3-CVE-2014-263-XSA-84-85.patch
new file mode 100644
index 000000000000..3c44c353c9fc
--- /dev/null
+++ b/app-emulation/xen/files/xen-4.3-CVE-2014-263-XSA-84-85.patch
@@ -0,0 +1,188 @@
+From: Xen.org security team <security () xen org>
+Date: Thu, 06 Feb 2014 14:18:48 +0000
+
+flask: fix reading strings from guest memory
+
+Since the string size is being specified by the guest, we must range
+check it properly before doing allocations based on it. While for the
+two cases that are exposed only to trusted guests (via policy
+restriction) this just uses an arbitrary upper limit (PAGE_SIZE), for
+the FLASK_[GS]ETBOOL case (which any guest can use) the upper limit
+gets enforced based on the longest name across all boolean settings.
+
+This is XSA-84.
+
+Reported-by: Matthew Daley <mattd@bugfuzz.com>
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
+===================================================================
+From: Xen.org security team <security () xen org>
+Date: Thu, 06 Feb 2014 12:38:51 +0000
+
+From 593bc8c63d582ec0fc2b3a35336106cf9c3a8b34 Mon Sep 17 00:00:00 2001
+From: Matthew Daley <mattd@bugfuzz.com>
+Date: Sun, 12 Jan 2014 14:29:32 +1300
+Subject: [PATCH] xsm/flask: correct off-by-one in
+ flask_security_avc_cachestats cpu id check
+
+This is XSA-85
+
+Signed-off-by: Matthew Daley <mattd@bugfuzz.com>
+Reviewed-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Ian Campbell <ian.campbell@citrix.com>
+---
+ xen/xsm/flask/flask_op.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c
+index 4426ab9..22878f5 100644
+--- a/xen/xsm/flask/flask_op.c
++++ b/xen/xsm/flask/flask_op.c
+@@ -53,6 +53,7 @@ static DEFINE_SPINLOCK(sel_sem);
+ /* global data for booleans */
+ static int bool_num = 0;
+ static int *bool_pending_values = NULL;
++static size_t bool_maxstr;
+ static int flask_security_make_bools(void);
+ 
+ extern int ss_initialized;
+@@ -71,9 +72,15 @@ static int domain_has_security(struct do
+                         perms, NULL);
+ }
+ 
+-static int flask_copyin_string(XEN_GUEST_HANDLE_PARAM(char) u_buf, char **buf, uint32_t size)
++static int flask_copyin_string(XEN_GUEST_HANDLE_PARAM(char) u_buf, char **buf,
++                               size_t size, size_t max_size)
+ {
+-    char *tmp = xmalloc_bytes(size + 1);
++    char *tmp;
++
++    if ( size > max_size )
++        return -ENOENT;
++
++    tmp = xmalloc_array(char, size + 1);
+     if ( !tmp )
+         return -ENOMEM;
+ 
+@@ -99,7 +106,7 @@ static int flask_security_user(struct xe
+     if ( rv )
+         return rv;
+ 
+-    rv = flask_copyin_string(arg->u.user, &user, arg->size);
++    rv = flask_copyin_string(arg->u.user, &user, arg->size, PAGE_SIZE);
+     if ( rv )
+         return rv;
+ 
+@@ -210,7 +217,7 @@ static int flask_security_context(struct
+     if ( rv )
+         return rv;
+ 
+-    rv = flask_copyin_string(arg->context, &buf, arg->size);
++    rv = flask_copyin_string(arg->context, &buf, arg->size, PAGE_SIZE);
+     if ( rv )
+         return rv;
+ 
+@@ -303,7 +310,7 @@ static int flask_security_resolve_bool(s
+     if ( arg->bool_id != -1 )
+         return 0;
+ 
+-    rv = flask_copyin_string(arg->name, &name, arg->size);
++    rv = flask_copyin_string(arg->name, &name, arg->size, bool_maxstr);
+     if ( rv )
+         return rv;
+ 
+@@ -334,7 +341,7 @@ static int flask_security_set_bool(struc
+         int num;
+         int *values;
+ 
+-        rv = security_get_bools(&num, NULL, &values);
++        rv = security_get_bools(&num, NULL, &values, NULL);
+         if ( rv != 0 )
+             goto out;
+ 
+@@ -440,7 +447,7 @@ static int flask_security_make_bools(voi
+     
+     xfree(bool_pending_values);
+     
+-    ret = security_get_bools(&num, NULL, &values);
++    ret = security_get_bools(&num, NULL, &values, &bool_maxstr);
+     if ( ret != 0 )
+         goto out;
+ 
+@@ -457,7 +457,7 @@ static int flask_security_avc_cachestats(struct xen_flask_cache_stats *arg)
+ {
+     struct avc_cache_stats *st;
+ 
+-    if ( arg->cpu > nr_cpu_ids )
++    if ( arg->cpu >= nr_cpu_ids )
+         return -ENOENT;
+     if ( !cpu_online(arg->cpu) )
+         return -ENOENT;
+-- 
+1.8.5.2
+--- a/xen/xsm/flask/include/conditional.h
++++ b/xen/xsm/flask/include/conditional.h
+@@ -13,7 +13,9 @@
+ #ifndef _FLASK_CONDITIONAL_H_
+ #define _FLASK_CONDITIONAL_H_
+ 
+-int security_get_bools(int *len, char ***names, int **values);
++#include <xen/types.h>
++
++int security_get_bools(int *len, char ***names, int **values, size_t *maxstr);
+ 
+ int security_set_bools(int len, int *values);
+ 
+--- a/xen/xsm/flask/ss/services.c
++++ b/xen/xsm/flask/ss/services.c
+@@ -1850,7 +1850,7 @@ int security_find_bool(const char *name)
+     return rv;
+ }
+ 
+-int security_get_bools(int *len, char ***names, int **values)
++int security_get_bools(int *len, char ***names, int **values, size_t *maxstr)
+ {
+     int i, rc = -ENOMEM;
+ 
+@@ -1858,6 +1858,8 @@ int security_get_bools(int *len, char **
+     if ( names )
+         *names = NULL;
+     *values = NULL;
++    if ( maxstr )
++        *maxstr = 0;
+ 
+     *len = policydb.p_bools.nprim;
+     if ( !*len )
+@@ -1879,16 +1881,17 @@ int security_get_bools(int *len, char **
+ 
+     for ( i = 0; i < *len; i++ )
+     {
+-        size_t name_len;
++        size_t name_len = strlen(policydb.p_bool_val_to_name[i]);
++
+         (*values)[i] = policydb.bool_val_to_struct[i]->state;
+         if ( names ) {
+-            name_len = strlen(policydb.p_bool_val_to_name[i]) + 1;
+-            (*names)[i] = (char*)xmalloc_array(char, name_len);
++            (*names)[i] = xmalloc_array(char, name_len + 1);
+             if ( !(*names)[i] )
+                 goto err;
+-            strlcpy((*names)[i], policydb.p_bool_val_to_name[i], name_len);
+-            (*names)[i][name_len - 1] = 0;
++            strlcpy((*names)[i], policydb.p_bool_val_to_name[i], name_len + 1);
+         }
++        if ( maxstr && name_len > *maxstr )
++            *maxstr = name_len;
+     }
+     rc = 0;
+ out:
+@@ -2006,7 +2009,7 @@ static int security_preserve_bools(struc
+     struct cond_bool_datum *booldatum;
+     struct cond_node *cur;
+ 
+-    rc = security_get_bools(&nbools, &bnames, &bvalues);
++    rc = security_get_bools(&nbools, &bnames, &bvalues, NULL);
+     if ( rc )
+         goto out;
+     for ( i = 0; i < nbools; i++ )
+
diff --git a/app-emulation/xen/xen-4.2.2-r3.ebuild b/app-emulation/xen/xen-4.2.2-r4.ebuild
index 4d59d8294604..592b34852b77 100644
--- a/app-emulation/xen/xen-4.2.2-r3.ebuild
+++ b/app-emulation/xen/xen-4.2.2-r4.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.2.2-r3.ebuild,v 1.1 2014/01/24 15:25:38 dlan Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.2.2-r4.ebuild,v 1.1 2014/02/07 08:21:21 idella4 Exp $
 
 EAPI=5
 
@@ -48,8 +48,9 @@ XSA_PATCHES=(
 	"${FILESDIR}"/${PN}-4.2-CVE-2013-4553-XSA-74.patch
 	"${FILESDIR}"/${PN}-CVE-2013-4554-XSA-76.patch
 	"${FILESDIR}"/${PN}-CVE-2013-6400-XSA-80.patch
-	"${FILESDIR}"/${PN}-4-XSA-83.patch						#bug #499054
-	"${FILESDIR}"/${PN}-4.2-XSA-87.patch					#bug #499124
+	"${FILESDIR}"/${PN}-4-XSA-83.patch					# bug #499054
+	"${FILESDIR}"/${PN}-4.2-CVE-2014-263-XSA-84-85.patch			# bug #500528 500536
+	"${FILESDIR}"/${PN}-4.2-XSA-87.patch					# bug #499124
 )
 
 pkg_setup() {
diff --git a/app-emulation/xen/xen-4.3.1-r4.ebuild b/app-emulation/xen/xen-4.3.1-r5.ebuild
index c3bae933263c..7ee3b79f1d07 100644
--- a/app-emulation/xen/xen-4.3.1-r4.ebuild
+++ b/app-emulation/xen/xen-4.3.1-r5.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.1-r4.ebuild,v 1.1 2014/01/24 15:25:38 dlan Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.1-r5.ebuild,v 1.1 2014/02/07 08:21:21 idella4 Exp $
 
 EAPI=5
 
@@ -49,8 +49,9 @@ XSA_PATCHES=(
 	"${FILESDIR}"/${PN}-4.3-CVE-2013-4553-XSA-74.patch
 	"${FILESDIR}"/${PN}-CVE-2013-4554-XSA-76.patch
 	"${FILESDIR}"/${PN}-CVE-2013-6400-XSA-80.patch
-	"${FILESDIR}"/${PN}-4-XSA-83.patch					#bug #499054
-	"${FILESDIR}"/${PN}-4.3-XSA-87.patch				#bug #499124
+	"${FILESDIR}"/${PN}-4-XSA-83.patch				# bug #499054
+	"${FILESDIR}"/${PN}-4.3-CVE-2014-263-XSA-84-85.patch		# bug #500528 500536
+	"${FILESDIR}"/${PN}-4.3-XSA-87.patch				# bug #499124
 )
 
 pkg_setup() {
author	Ian Delaney <idella4@gentoo.org>	2014-02-07 08:21:50 +0000
committer	Ian Delaney <idella4@gentoo.org>	2014-02-07 08:21:50 +0000
commit	396ba0b064704928bc04d00d5035b6007bc2ca98 (patch)
tree	ee386be7cdb14bfa0faaa8a7856aa7b6b674f20f /app-emulation
parent	Version bump. (diff)
download	historical-396ba0b064704928bc04d00d5035b6007bc2ca98.tar.gz historical-396ba0b064704928bc04d00d5035b6007bc2ca98.tar.bz2 historical-396ba0b064704928bc04d00d5035b6007bc2ca98.zip