[xen] patch for [XSA-38, CVE-2013-0215] was flawed
myoung
myoung at fedoraproject.org
Fri Feb 15 20:00:03 UTC 2013
commit 3312db208a4ccef99b3517af323df9d2a657f5bc
Author: Michael Young <m.a.young at durham.ac.uk>
Date: Fri Feb 15 19:59:21 2013 +0000
patch for [XSA-38, CVE-2013-0215] was flawed
xen.spec | 5 ++++-
xsa38.patch | 4 ++--
2 files changed, 6 insertions(+), 3 deletions(-)
---
diff --git a/xen.spec b/xen.spec
index 02b1789..e60a5d1 100644
--- a/xen.spec
+++ b/xen.spec
@@ -27,7 +27,7 @@
Summary: Xen is a virtual machine monitor
Name: xen
Version: 4.2.1
-Release: 7%{?dist}
+Release: 8%{?dist}
Group: Development/Libraries
License: GPLv2+ and LGPLv2+ and BSD
URL: http://xen.org/
@@ -747,6 +747,9 @@ rm -rf %{buildroot}
%endif
%changelog
+* Fri Feb 15 2013 Michael Young <m.a.young at durham.ac.uk> - 4.2.1-8
+- patch for [XSA-38, CVE-2013-0215] was flawed
+
* Fri Feb 08 2013 Michael Young <m.a.young at durham.ac.uk> - 4.2.1-7
- BuildRequires for texlive-kpathsea-bin wasn't needed
- correct gcc 4.8 fixes and follow suggestions upstream
diff --git a/xsa38.patch b/xsa38.patch
index f4a5dc0..0c6a015 100644
--- a/xsa38.patch
+++ b/xsa38.patch
@@ -43,11 +43,11 @@ index 00414c5..4888ac5 100644
+ cons = *(volatile uint32*)&intf->req_cons;
+ prod = *(volatile uint32*)&intf->req_prod;
xen_mb();
-+ cons = MASK_XENSTORE_IDX(cons);
-+ prod = MASK_XENSTORE_IDX(prod);
if (prod == cons)
return 0;
- if (MASK_XENSTORE_IDX(prod) > MASK_XENSTORE_IDX(cons))
++ cons = MASK_XENSTORE_IDX(cons);
++ prod = MASK_XENSTORE_IDX(prod);
+ if (prod > cons)
to_read = prod - cons;
else
More information about the scm-commits
mailing list