From: Peter Korsgaard Date: Sun, 23 Aug 2020 20:32:36 +0000 (+0200) Subject: package/xen: add upstream security fix for XSA-327 X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=b541b68067f0ef478b2530f4371f2827e9c06e83;p=buildroot.git package/xen: add upstream security fix for XSA-327 Fixes the following security issue: CVE-2020-15564: Missing alignment check in VCPUOP_register_vcpu_info For further details, see the advisory: https://xenbits.xenproject.org/xsa/advisory-327.html Signed-off-by: Peter Korsgaard Signed-off-by: Thomas Petazzoni --- diff --git a/package/xen/xen.hash b/package/xen/xen.hash index ab5f9d9083..0dd2f571a9 100644 --- a/package/xen/xen.hash +++ b/package/xen/xen.hash @@ -1,3 +1,4 @@ # Locally computed sha256 b97ce363e55b12c992063f4466c43cba0a6386ceb7a747b4dc670311f337ef01 xen-4.13.1.tar.gz +sha256 1d057695d5b74ce2857204103e943caeaf773bc4fb9d91ea78016e01a9147ed7 xsa327.patch sha256 36b91794c6d4a678137c70c41e384c03b552c7efba82c0d73e6be842e41ab3d3 COPYING diff --git a/package/xen/xen.mk b/package/xen/xen.mk index 15742b5127..ee5e9847fe 100644 --- a/package/xen/xen.mk +++ b/package/xen/xen.mk @@ -6,6 +6,8 @@ XEN_VERSION = 4.13.1 XEN_SITE = https://downloads.xenproject.org/release/xen/$(XEN_VERSION) +XEN_PATCH = \ + https://xenbits.xenproject.org/xsa/xsa327.patch XEN_LICENSE = GPL-2.0 XEN_LICENSE_FILES = COPYING XEN_DEPENDENCIES = host-acpica host-python3