xen: apply patches for XSA-246 & XSA-247 (CVE-2017-{17044,17045})

author: Andreas Rammhold <andreas@rammhold.de> 2017-12-04 20:05:52 +0100
committer: Andreas Rammhold <andreas@rammhold.de> 2017-12-12 13:20:03 +0100
commit: 834bdd25a35e141c860fffe810743a50fb32b746 (patch)
tree: 4ee05c670f50de59d058f8a3c5810b2fbbe83b75 /pkgs
parent: 2d4fdc1b9e7a975165aff1181ad1ecad3d4e934b (diff)
download: nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar
nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.gz
nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.bz2
nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.lz
nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.xz
nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.zst
nixlib-834bdd25a35e141c860fffe810743a50fb32b746.zip
3 files changed, 44 insertions, 0 deletions
diff --git a/pkgs/applications/virtualization/xen/4.5.nix b/pkgs/applications/virtualization/xen/4.5.nix
index 308913adf89c..58a2b193ada6 100644
--- a/pkgs/applications/virtualization/xen/4.5.nix
+++ b/pkgs/applications/virtualization/xen/4.5.nix
@@ -230,6 +230,8 @@ callPackage (import ./generic.nix (rec {
     XSA_243_45
     XSA_244_45
     XSA_245
+    XSA_246_45
+    XSA_247_45
   ];
 
   # Fix build on Glibc 2.24.
diff --git a/pkgs/applications/virtualization/xen/4.8.nix b/pkgs/applications/virtualization/xen/4.8.nix
index 259dd72a960c..06450c18dcec 100644
--- a/pkgs/applications/virtualization/xen/4.8.nix
+++ b/pkgs/applications/virtualization/xen/4.8.nix
@@ -158,6 +158,8 @@ callPackage (import ./generic.nix (rec {
     XSA_243_48
     XSA_244
     XSA_245
+    XSA_246
+    XSA_247_48
   ];
 
   # Fix build on Glibc 2.24.
diff --git a/pkgs/applications/virtualization/xen/xsa-patches.nix b/pkgs/applications/virtualization/xen/xsa-patches.nix
index fd85c85f22bb..7c26f97c44f9 100644
--- a/pkgs/applications/virtualization/xen/xsa-patches.nix
+++ b/pkgs/applications/virtualization/xen/xsa-patches.nix
@@ -771,4 +771,44 @@ in rec {
       sha256 = "1k6z5r7wnrswsczn2j3a1mc4nvxqm4ydj6n6rvgqizk2pszdkqg8";
     })
   ];
+
+  # 4.5 - 4.7
+  XSA_246_45 = [
+    (xsaPatch {
+      name = "246-4.7";
+      sha256 = "13rad4k8z3bq15d67dhgy96kdbrjiq9sy8px0jskbpx9ygjdahkn";
+    })
+  ];
+
+  # 4.8 - 4.9
+  XSA_246 = [
+    (xsaPatch {
+      name = "246-4.9";
+      sha256 = "0z68vm0z5zvv9gm06pxs9kxq2q9fdbl0l0cm71ggzdplg1vw0snz";
+    })
+  ];
+
+  # 4.8
+  XSA_247_48 = [
+    (xsaPatch {
+      name = "247-4.8/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu";
+      sha256 = "0kvjrk90n69s721c2qj2df5raml3pjk6bg80aig353p620w6s3xh";
+    })
+    (xsaPatch {
+      name = "247-4.8/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas";
+      sha256 = "1s9kv6h6dd8psi5qf5l5gpk9qhq8blckwhl76cjbldcgi6imb3nr";
+    })
+  ];
+
+  # 4.5
+  XSA_247_45 = [
+    (xsaPatch {
+      name = "247-4.5/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu";
+      sha256 = "0h1mp5s9si8aw2gipds317f27h9pi7bgnhj0bcmw11p0ch98sg1m";
+    })
+    (xsaPatch {
+      name = "247-4.5/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas";
+      sha256 = "0vjjybxbcm4xl26wbqvcqfiyvvlayswm4f98i1fr5a9abmljn5sb";
+    })
+  ];
 }
author	Andreas Rammhold <andreas@rammhold.de>	2017-12-04 20:05:52 +0100
committer	Andreas Rammhold <andreas@rammhold.de>	2017-12-12 13:20:03 +0100
commit	834bdd25a35e141c860fffe810743a50fb32b746 (patch)
tree	4ee05c670f50de59d058f8a3c5810b2fbbe83b75 /pkgs
parent	2d4fdc1b9e7a975165aff1181ad1ecad3d4e934b (diff)
download	nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.gz nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.bz2 nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.lz nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.xz nixlib-834bdd25a35e141c860fffe810743a50fb32b746.tar.zst nixlib-834bdd25a35e141c860fffe810743a50fb32b746.zip