Displaying 20 results from an estimated 29 matches for "bonaccorso".
2017 Jul 17
2
Updated Xen packages for XSA 216..225
Salvatore Bonaccorso writes ("Re: Updated Xen packages for XSA 216..225"):
> On Tue, Jul 11, 2017 at 11:34:38PM +0200, Moritz Muehlenhoff wrote:
> > On Mon, Jul 03, 2017 at 12:33:54PM +0100, Ian Jackson wrote:
> > > Moritz M?hlenhoff writes ("Re: Updated Xen packages for XSA 216..225&qu...
2017 Apr 04
4
Bug#859560: xen: CVE-2017-7228: x86: broken check in memory_exchange() permits PV guest breakout (XSA-212)
Source: xen
Version: 4.8.1~pre.2017.01.23-1
Severity: grave
Tags: security upstream
Justification: user security hole
Hi,
the following vulnerability was published for xen.
CVE-2017-7228[0]:
| An issue (known as XSA-212) was discovered in Xen, with fixes available
| for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix
| introduced an insufficient check on XENMEM_exchange input,
2015 May 02
2
Bug#784011: xen: CVE-2015-3340: Information leak through XEN_DOMCTL_gettscinfo (XSA-132)
Source: xen
Version: 4.4.1-9
Severity: normal
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for xen.
CVE-2015-3340[0]:
| Xen 4.2.x through 4.5.x does not initialize certain fields, which
| allows certain remote service domains to obtain sensitive information
| from memory via a (1) XEN_DOMCTL_gettscinfo or (2)
| XEN_SYSCTL_getdomaininfolist request.
2020 Jun 16
0
Fix build error with GCC 10 due to multiple definition of `toplevel'
...fixed this with a patch from Dominik Mierzejewski:
https://src.fedoraproject.org/rpms/tftp/c/5e2aa55b6802a52ef480d688b3ae4751220f20e0.patch
Attaching the corresponding patch for git am.
Regards,
Salvatore
>From 9e7641bf58df9dda3bc51f381f371fa7cbce47af Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil at debian.org>
Date: Tue, 16 Jun 2020 14:06:14 +0200
Subject: [PATCH] Fix build error with GCC 10 due to multiple definition of
`toplevel'
GCC is stricter in handling of symbol clashes and throws:
gcc-10 tftp.o main.o ../common/libcommon.a /build/tftp-hpa/lib/libxtra.a -o t...
2020 Sep 29
0
[PATCH RESEND] tftp-hpa: Fix build error with GCC 10 due to multiple definition of `toplevel'
...0e0.patch
Attaching the corresponding patch for git am.
I'm sending the patch which was submitted a while ago to the list. Is
there something you wanted to be changed to be applied?
Regards,
Salvatore
>From 9e7641bf58df9dda3bc51f381f371fa7cbce47af Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil at debian.org>
Date: Tue, 16 Jun 2020 14:06:14 +0200
Subject: [PATCH] Fix build error with GCC 10 due to multiple definition of
`toplevel'
GCC is stricter in handling of symbol clashes and throws:
gcc-10 tftp.o main.o ../common/libcommon.a /build/tftp-hpa/lib/libxtra.a -o t...
2023 Jan 30
1
[PATCH] nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf
On Sun, Jan 29, 2023 at 10:36:31PM +0100, Computer Enthusiastic wrote:
> Hello Greg,
> Hello Salvatore,
>
> On 28/01/2023 20:49, Salvatore Bonaccorso wrote:
> > Hi Greg,
> >
> > I'm not the reporter, so would like to confirm him explicitly, but I
> > believe I can give some context:
> >
> > On Sat, Jan 28, 2023 at 06:51:08PM +0100, Greg KH wrote:
> > > On Sat, Jan 28, 2023 at 03:49:59PM +0100, C...
2023 Mar 21
2
Bug#1033297: xen: CVE-2022-42331 CVE-2022-42332 CVE-2022-42333 CVE-2022-42334
Source: xen
Version: 4.17.0+46-gaaf74a532c-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerabilities were published for xen.
CVE-2022-42331[0]:
| x86: speculative vulnerability in 32bit SYSCALL path Due to an
| oversight in the very original Spectre/Meltdown security work
| (XSA-254),
2020 Nov 15
1
[PATCH] drm/nouveau: bail out of nouveau_channel_new if channel init fails
On Sun, Nov 15, 2020 at 6:43 PM Salvatore Bonaccorso <carnil at debian.org> wrote:
>
> Hi,
>
> On Fri, Aug 28, 2020 at 11:28:46AM +0200, Frantisek Hrbata wrote:
> > Unprivileged user can crash kernel by using DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC
> > ioctl. This was reported by trinity[1] fuzzer.
> >
> > [ 71.073...
Bug#784011: Bug#784011: xen: CVE-2015-3340: Information leak through XEN_DOMCTL_gettscinfo (XSA-132)
2015 May 02
0
Bug#784011: Bug#784011: xen: CVE-2015-3340: Information leak through XEN_DOMCTL_gettscinfo (XSA-132)
On Sat, May 02, 2015 at 07:04:34AM +0200, Salvatore Bonaccorso wrote:
> the following vulnerability was published for xen.
I consider this issue as unimportant. Not sure how I can mark it this
way in the security tracker.
Bastian
--
Knowledge, sir, should be free to all!
-- Harry Mudd, "I, Mudd", stardate 4513.3
2017 Jul 11
2
Updated Xen packages for XSA 216..225
On Mon, Jul 03, 2017 at 12:33:54PM +0100, Ian Jackson wrote:
> Moritz M?hlenhoff writes ("Re: Updated Xen packages for XSA 216..225"):
> > Sorry for the late reply, was on vacation for a week. What's the status
> > of jessie? Most of the XSAs seem to affect oldstable as well.
>
> Sorry, I forgot about them...
>
> I will see what I can do.
Did you look
2017 Sep 04
3
Updated Xen packages for XSA 216..225
On Mon, Aug 07, 2017 at 01:15:56PM +0200, Moritz Muehlenhoff wrote:
> On Mon, Jul 17, 2017 at 03:58:20PM +0100, Ian Jackson wrote:
> > Salvatore Bonaccorso writes ("Re: Updated Xen packages for XSA 216..225"):
> > > On Tue, Jul 11, 2017 at 11:34:38PM +0200, Moritz Muehlenhoff wrote:
> > > > On Mon, Jul 03, 2017 at 12:33:54PM +0100, Ian Jackson wrote:
> > > > > Moritz M?hlenhoff writes ("Re: Updated Xe...
2016 Apr 21
0
xen_4.4.1-9+deb8u5_allonly.changes ACCEPTED into proposed-updates->stable-new
...-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf
Architecture: all source
Version: 4.4.1-9+deb8u5
Distribution: jessie-security
Urgency: high
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil at debian.org>
Description:
libxen-4.4 - Public libs for Xen
libxen-dev - Public headers and libs for Xen
libxenstore3.0 - Xenstore communications library for Xen
xen-hypervisor-4.4-amd64 - Xen Hypervisor on AMD64
xen-hypervisor-4.4-arm64 - Xen Hypervisor on ARM64
xen-hyperviso...
2015 Sep 27
1
Bug#800128: xen: CVE-2015-6654: printk is not rate-limited in xenmem_add_to_physmap_one
Source: xen
Version: 4.4.1-9
Severity: normal
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for xen.
CVE-2015-6654[0]:
| The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x,
| 4.4.x, and earlier does not limit the number of printk console
| messages when reporting a failure to retrieve a reference on a foreign
| page, which allows
2016 Apr 22
0
xen_4.4.1-9+deb8u5_allonly.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
...-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf
Architecture: all source
Version: 4.4.1-9+deb8u5
Distribution: jessie-security
Urgency: high
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil at debian.org>
Description:
libxen-4.4 - Public libs for Xen
libxen-dev - Public headers and libs for Xen
libxenstore3.0 - Xenstore communications library for Xen
xen-hypervisor-4.4-amd64 - Xen Hypervisor on AMD64
xen-hypervisor-4.4-arm64 - Xen Hypervisor on ARM64
xen-hyperviso...
2015 Nov 02
0
xen_4.4.1-9+deb8u2_multi.changes ACCEPTED into proposed-updates->stable-new
...-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf
Architecture: all source
Version: 4.4.1-9+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil at debian.org>
Description:
libxen-4.4 - Public libs for Xen
libxen-dev - Public headers and libs for Xen
libxenstore3.0 - Xenstore communications library for Xen
xen-hypervisor-4.4-amd64 - Xen Hypervisor on AMD64
xen-hypervisor-4.4-arm64 - Xen Hypervisor on ARM64
xen-hyperviso...
2015 Nov 03
0
xen_4.4.1-9+deb8u2_multi.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
...-amd64 xen-system-amd64 xen-hypervisor-4.4-arm64 xen-system-arm64 xen-hypervisor-4.4-armhf xen-system-armhf
Architecture: all source
Version: 4.4.1-9+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil at debian.org>
Description:
libxen-4.4 - Public libs for Xen
libxen-dev - Public headers and libs for Xen
libxenstore3.0 - Xenstore communications library for Xen
xen-hypervisor-4.4-amd64 - Xen Hypervisor on AMD64
xen-hypervisor-4.4-arm64 - Xen Hypervisor on ARM64
xen-hyperviso...
2013 Sep 06
1
Bug#721999: xen: FTBFS: dpkg-shlibdeps: error: couldn't find library libxenstore.so.3.0 needed by debian/libxen-4.3/usr/lib/libxenlight-4.3.so (ELF format: 'elf32-i386'; RPATH: '/usr/lib')
Source: xen
Version: 4.3.0-1
Severity: serious
Justification: FTBFS
Hi
New uploaded xen 4.3.0-1 FTBFS, see [1] for build log for i386.
[1] https://buildd.debian.org/status/fetch.php?pkg=xen&arch=i386&ver=4.3.0-1&stamp=1378426577
Regards,
Salvatore
2013 Aug 12
3
Bug#719506: xen: FTBFS with perl 5.18: POD errors
Source: xen
Version: 4.2.2-1
Severity: important
User: debian-perl at lists.debian.org
Usertags: perl-5.18-transition
This package FTBFS with perl 5.18 (which will soon be uploaded to
unstable) owing to a stricter pod2man:
pod2text man/xl.pod.1 txt/man/xl.1.txt.tmp
man/xl.pod.1 around line 854: Expected text after =item, not a bullet
POD document had syntax errors at /usr/bin/pod2text line 84.
2015 Nov 02
0
xen_4.1.4-3+deb7u9_amd64.changes ACCEPTED into oldstable-proposed-updates->oldstable-new
...ommon xen-utils-4.1 xen-hypervisor-4.1-amd64 xen-system-amd64 xen-hypervisor-4.1-i386 xen-system-i386
Architecture: source all amd64
Version: 4.1.4-3+deb7u9
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil at debian.org>
Description:
libxen-4.1 - Public libs for Xen
libxen-dev - Public headers and libs for Xen
libxen-ocaml - OCaml libraries for controlling Xen
libxen-ocaml-dev - OCaml libraries for controlling Xen (devel package)
libxenstore3.0 - Xenstore communications library fo...
2023 Jan 28
1
[PATCH] nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf
Hi Greg,
I'm not the reporter, so would like to confirm him explicitly, but I
believe I can give some context:
On Sat, Jan 28, 2023 at 06:51:08PM +0100, Greg KH wrote:
> On Sat, Jan 28, 2023 at 03:49:59PM +0100, Computer Enthusiastic wrote:
> > Hello,
> >
> > The patch "[Nouveau] [PATCH] nouveau: explicitly wait on the fence in
> > nouveau_bo_move_m2mf"