similar to: Help wanted with Debian Xen packages ?

On 31.08.2016 10:43, Stefan Bader wrote: > On 30.08.2016 18:56, Ian Jackson wrote: >> Hi. I've been looking at the BTS and PTS and security tracker, and it >> looks like maybe you could do with some help ? >> >> Issues I noticed include: >> >> * 4.7, the latest Xen upstream release, is not in sid > > If it is of any help, I did some initial work

Hi Eric, It's the unsolved problems on the pass-MCTargetOptions-everywhere path that are my main concern with that approach rather than the amount of work. The first problem is that the result of IRObjectFile::CollectAsmUndefinedRefs() depends on the ABI but IRObjectFile doesn't know it. How would you deliver the ABI to IRObjectFile? The second problem is that IRLinker will link

Hi, Having recently enabled IAS by default for the MIPS O32 ABI, I'm now trying to do the same thing for the MIPS N64 ABI. Unfortunately, it is not currently possible to enable IAS by default for the N64 ABI without also enabling it for the N32 ABI because this information is not reflected in the triple and that's the only information MipsMCAsmInfo has. This would be fine if it N32 was

Ian Jackson writes ("64bit PV guest breakout [XSA-213]"): > Source: xen > Version: 4.4.1-9 > Severity: important > Tags: security upstream fixed-upstream > > See > https://xenbits.xen.org/xsa/advisory-213.html Ian Jackson writes ("grant transfer allows PV guest to elevate privileges [XSA-214]"): > Source: xen > Version: 4.4.1-9 > Severity:

On 23 May 2015 at 00:08, Jim Grosbach <grosbach at apple.com> wrote: > This is the key question. The LLVM assumption is that these sorts of things > are inferable from the triple. Your observation here that the GNU world’s > notion of triples and LLVM’s need not be the same is a good one. Having a > split and a translation up in clang seems an interesting avenue to explore. >

Control: retitle -1 max grant frames problem (domu freeze with linux-image-4.9.0-4-amd64) Control: severity -1 important Control: reassign -1 src:xen 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9 Just gardening here. (i) Bug title should mention grant frames. (ii) This does not affect all use cases and is not, IMO, RC. Although we should certainly see if we can improve it. (iii) Britney is confused

> CentOS repos. There are others that do. Some of the repos that overwrite > core packages do so with little packages like sqlite (yum uses sqlite so > changing the version of it is not a Good Thing for system stabilty). > Other repos in that list have been effectively unmaintained for a number > of years so they contain packages that may have severe unfixed security >

Source: xen Version: 4.8.1~pre.2017.01.23-1 Severity: grave Tags: security upstream Justification: user security hole Hi, the following vulnerability was published for xen. CVE-2017-7228[0]: | An issue (known as XSA-212) was discovered in Xen, with fixes available | for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix | introduced an insufficient check on XENMEM_exchange input,

Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"): > On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote: > > Should I put jessie-security in the debian/changelog and dgit push it > > (ie, from many people's pov, dput it) ? > > Yes, the distribution line should be jessie-security, but please send > a

Hans van Kranenburg writes ("Re: Plans for buster"): > On 08/23/2018 07:12 PM, Ian Jackson wrote: > > IDK if this > > should have its own deb. Putting it in the libxenstore one is > > probably tolerable. > > Yes, shipping a 4.x specific file in libxenstore3.0 (which happens now) > is not right. But, if the library ABI is independent from the 4.x >

Knorrie and I just discussed our plans for sid and buster, on the phone. Here's my notes of the discussion. Plan is to upload Knorrie's 4.11 packages to experimental, to make them more public, while we fix the bugs in them. There's a list of Salsa issues and the BTS bugs list. This duplication is not ideal. We agreed that new things should go to the BTS. For now we'll keep

Daniel: Thanks for your detailed response. I had seen the discussion from earlier this year, but when I read it, I didn't expect it would be so difficult to get just one bit of information where I wanted it. :-) Thanks for the heads up about clang not necessarily setting ABIname. I have at least enough of that working already that I can generate the appropriate assembly source. After doing a

I am implementing a defined, but currently unimplemented by LLVM, ABI. This ABI differs from an existing ABI in its ELF object format by implementing a subset of an existing ABI, but encoded differently and by setting the e_ident EI_CLASS field. I am trying to use MCTargetOptions::getABIName to set a boolean in the modified subclass of MCELFObjectTargetWriter to indicate which relocation encoding

Source: xen Version: 4.4.1-9 Severity: normal Tags: security upstream patch fixed-upstream Hi, the following vulnerability was published for xen. CVE-2015-3340[0]: | Xen 4.2.x through 4.5.x does not initialize certain fields, which | allows certain remote service domains to obtain sensitive information | from memory via a (1) XEN_DOMCTL_gettscinfo or (2) | XEN_SYSCTL_getdomaininfolist request.

On Wed, Jan 14, 2015 at 3:26 PM, John R. Dennison <jrd at gerdesas.com> wrote: > On Wed, Jan 14, 2015 at 03:09:01PM -0800, PatrickD Garvey wrote: >> >> Proposal: >> The Third Party Repositories section should not list any other repositories, >> but should only note there are difficulties in making several independent >> repositories safely usable and give a

I heard Debian's trying to freeze soon. I have a few points about rsync's Debian package. I'll see what I can do to close some Debian/rsync bugs. Fortunately some of the bad ones seem to be already addressed in our regular tarballs. It would be pretty cool if I could be automatically cc'd on Debian bug reports about rsync, if the BTS supports that. The debian/copyright file

Package: xen-3 Version: 3.1.1-1 See the transcript below, where I * dpkg-source -x debian/xen-3_3.1.1-1.dsc * add an entry to debian/changelog at the top * run dpkg-buildpackage, which fails I installed the build-dependencies on sid and lenny and the path it's looking for doesn't exist there either. Thanks, Ian. mariner:d> dpkg-source -x ../debian/xen-3_3.1.1-1.dsc gpg:

Hans van Kranenburg writes ("Re: Plans for buster"): > This can be done from tag debian/4.11.1_pre+1.733450b39b-1_exp1 (which > is right now the same as the master branch). Thanks for doing all this work. I have just sent it to experimental. I did some reviewing and diffing. I have some comments, or, at least, things I noticed. None of them were IMO blockers for experimental.

I'm confused a bit about the following and was hoping to get some answers on this group - What is exactly implied when we say asterisk can connect to a PSTN. Does it mean connecting to the PSTN via PRI/T1/E1? If yes, then I assume asterisk does not need to do any SS7 signaling and all it does (playing the role of a PBX) is to connect to a Class 5 Switch at the CO. Is this a correct statement?

On Wednesday 10 July 2013 22:18:23 Jevin Sweval wrote: > http://www.cs.fsu.edu/~baker/devices/lxr/http/source/linux/arch/x86/include/ > asm/bitops.h#L68 > > Here is one example that I found. Are the inline assembly arguments > ambiguous in size? It would help us for sure to build the kernel and others. -- JS