1 |
dlan 14/01/24 15:25:38 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: xen-4.3.1-r4.ebuild xen-4.2.2-r3.ebuild |
5 |
Log: |
6 |
fix security bugs #499054, #499124 |
7 |
|
8 |
(Portage version: 2.2.8/cvs/Linux x86_64, signed Manifest commit with key 0xAABEFD55) |
9 |
|
10 |
Revision Changes Path |
11 |
1.144 app-emulation/xen/ChangeLog |
12 |
|
13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen/ChangeLog?rev=1.144&view=markup |
14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen/ChangeLog?rev=1.144&content-type=text/plain |
15 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen/ChangeLog?r1=1.143&r2=1.144 |
16 |
|
17 |
Index: ChangeLog |
18 |
=================================================================== |
19 |
RCS file: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v |
20 |
retrieving revision 1.143 |
21 |
retrieving revision 1.144 |
22 |
diff -u -r1.143 -r1.144 |
23 |
--- ChangeLog 17 Jan 2014 02:44:09 -0000 1.143 |
24 |
+++ ChangeLog 24 Jan 2014 15:25:38 -0000 1.144 |
25 |
@@ -1,6 +1,14 @@ |
26 |
# ChangeLog for app-emulation/xen |
27 |
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 |
28 |
-# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v 1.143 2014/01/17 02:44:09 dlan Exp $ |
29 |
+# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/ChangeLog,v 1.144 2014/01/24 15:25:38 dlan Exp $ |
30 |
+ |
31 |
+*xen-4.3.1-r4 (24 Jan 2014) |
32 |
+*xen-4.2.2-r3 (24 Jan 2014) |
33 |
+ |
34 |
+ 24 Jan 2014; Yixun Lan <dlan@g.o> +xen-4.2.2-r3.ebuild, |
35 |
+ +xen-4.3.1-r4.ebuild, +files/xen-4-XSA-83.patch, +files/xen-4.2-XSA-87.patch, |
36 |
+ +files/xen-4.3-XSA-87.patch: |
37 |
+ fix security bugs #499054, #499124 |
38 |
|
39 |
*xen-4.2.2-r2 (17 Jan 2014) |
40 |
|
41 |
|
42 |
|
43 |
|
44 |
1.1 app-emulation/xen/xen-4.3.1-r4.ebuild |
45 |
|
46 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen/xen-4.3.1-r4.ebuild?rev=1.1&view=markup |
47 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen/xen-4.3.1-r4.ebuild?rev=1.1&content-type=text/plain |
48 |
|
49 |
Index: xen-4.3.1-r4.ebuild |
50 |
=================================================================== |
51 |
# Copyright 1999-2014 Gentoo Foundation |
52 |
# Distributed under the terms of the GNU General Public License v2 |
53 |
# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.3.1-r4.ebuild,v 1.1 2014/01/24 15:25:38 dlan Exp $ |
54 |
|
55 |
EAPI=5 |
56 |
|
57 |
PYTHON_COMPAT=( python2_7 ) |
58 |
|
59 |
if [[ $PV == *9999 ]]; then |
60 |
KEYWORDS="" |
61 |
REPO="xen-unstable.hg" |
62 |
EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" |
63 |
S="${WORKDIR}/${REPO}" |
64 |
live_eclass="mercurial" |
65 |
else |
66 |
# Set to match entry in stable 4.3.1-r1, Bug 493944 |
67 |
KEYWORDS="~amd64 -x86" |
68 |
SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz" |
69 |
fi |
70 |
|
71 |
inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} |
72 |
|
73 |
DESCRIPTION="The Xen virtual machine monitor" |
74 |
HOMEPAGE="http://xen.org/" |
75 |
LICENSE="GPL-2" |
76 |
SLOT="0" |
77 |
IUSE="custom-cflags debug efi flask xsm" |
78 |
|
79 |
DEPEND="${PYTHON_DEPS} |
80 |
efi? ( >=sys-devel/binutils-2.22[multitarget] ) |
81 |
!efi? ( >=sys-devel/binutils-2.22[-multitarget] )" |
82 |
RDEPEND="" |
83 |
PDEPEND="~app-emulation/xen-tools-${PV}" |
84 |
|
85 |
RESTRICT="test" |
86 |
|
87 |
# Approved by QA team in bug #144032 |
88 |
QA_WX_LOAD="boot/xen-syms-${PV}" |
89 |
|
90 |
REQUIRED_USE="flask? ( xsm )" |
91 |
|
92 |
# Security patches |
93 |
XSA_PATCHES=( |
94 |
"${FILESDIR}"/${PN}-CVE-2013-4375-XSA-71.patch |
95 |
"${FILESDIR}"/${PN}-CVE-2013-4494-XSA-73.patch |
96 |
"${FILESDIR}"/${PN}-4.3-CVE-2013-6375-XSA-75.patch |
97 |
"${FILESDIR}"/${PN}-CVE-2013-6375-XSA-78.patch |
98 |
"${FILESDIR}"/${PN}-CVE-2013-6885-XSA-82.patch |
99 |
"${FILESDIR}"/${PN}-4.3-CVE-2013-4553-XSA-74.patch |
100 |
"${FILESDIR}"/${PN}-CVE-2013-4554-XSA-76.patch |
101 |
"${FILESDIR}"/${PN}-CVE-2013-6400-XSA-80.patch |
102 |
"${FILESDIR}"/${PN}-4-XSA-83.patch #bug #499054 |
103 |
"${FILESDIR}"/${PN}-4.3-XSA-87.patch #bug #499124 |
104 |
) |
105 |
|
106 |
pkg_setup() { |
107 |
python-any-r1_pkg_setup |
108 |
if [[ -z ${XEN_TARGET_ARCH} ]]; then |
109 |
if use x86 && use amd64; then |
110 |
die "Confusion! Both x86 and amd64 are set in your use flags!" |
111 |
elif use x86; then |
112 |
export XEN_TARGET_ARCH="x86_32" |
113 |
elif use amd64; then |
114 |
export XEN_TARGET_ARCH="x86_64" |
115 |
else |
116 |
die "Unsupported architecture!" |
117 |
fi |
118 |
fi |
119 |
|
120 |
if use flask ; then |
121 |
export "XSM_ENABLE=y" |
122 |
export "FLASK_ENABLE=y" |
123 |
elif use xsm ; then |
124 |
export "XSM_ENABLE=y" |
125 |
fi |
126 |
} |
127 |
|
128 |
src_prepare() { |
129 |
# Drop .config and fix gcc-4.6 |
130 |
epatch "${FILESDIR}"/${PN/-pvgrub/}-4.3-fix_dotconfig-gcc.patch |
131 |
|
132 |
if use efi; then |
133 |
epatch "${FILESDIR}"/${PN}-4.2-efi.patch |
134 |
export EFI_VENDOR="gentoo" |
135 |
export EFI_MOUNTPOINT="boot" |
136 |
fi |
137 |
|
138 |
# if the user *really* wants to use their own custom-cflags, let them |
139 |
if use custom-cflags; then |
140 |
einfo "User wants their own CFLAGS - removing defaults" |
141 |
# try and remove all the default custom-cflags |
142 |
find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ |
143 |
-e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ |
144 |
-e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ |
145 |
-e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ |
146 |
-e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ |
147 |
-e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ |
148 |
-i {} \; || die "failed to re-set custom-cflags" |
149 |
fi |
150 |
|
151 |
# not strictly necessary to fix this |
152 |
sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" |
153 |
|
154 |
[[ ${XSA_PATCHES[@]} ]] && epatch "${XSA_PATCHES[@]}" |
155 |
|
156 |
epatch_user |
157 |
} |
158 |
|
159 |
src_configure() { |
160 |
use debug && myopt="${myopt} debug=y" |
161 |
|
162 |
if use custom-cflags; then |
163 |
filter-flags -fPIE -fstack-protector |
164 |
replace-flags -O3 -O2 |
165 |
else |
166 |
unset CFLAGS |
167 |
fi |
168 |
} |
169 |
|
170 |
src_compile() { |
171 |
# Send raw LDFLAGS so that --as-needed works |
172 |
emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} |
173 |
} |
174 |
|
175 |
src_install() { |
176 |
local myopt |
177 |
use debug && myopt="${myopt} debug=y" |
178 |
|
179 |
# The 'make install' doesn't 'mkdir -p' the subdirs |
180 |
if use efi; then |
181 |
mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die |
182 |
fi |
183 |
|
184 |
emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install |
185 |
} |
186 |
|
187 |
pkg_postinst() { |
188 |
elog "Official Xen Guide and the unoffical wiki page:" |
189 |
elog " http://www.gentoo.org/doc/en/xen-guide.xml" |
190 |
elog " http://en.gentoo-wiki.com/wiki/Xen/" |
191 |
|
192 |
use efi && einfo "The efi executable is installed in boot/efi/gentoo" |
193 |
} |
194 |
|
195 |
|
196 |
|
197 |
1.1 app-emulation/xen/xen-4.2.2-r3.ebuild |
198 |
|
199 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen/xen-4.2.2-r3.ebuild?rev=1.1&view=markup |
200 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/xen/xen-4.2.2-r3.ebuild?rev=1.1&content-type=text/plain |
201 |
|
202 |
Index: xen-4.2.2-r3.ebuild |
203 |
=================================================================== |
204 |
# Copyright 1999-2014 Gentoo Foundation |
205 |
# Distributed under the terms of the GNU General Public License v2 |
206 |
# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen/xen-4.2.2-r3.ebuild,v 1.1 2014/01/24 15:25:38 dlan Exp $ |
207 |
|
208 |
EAPI=5 |
209 |
|
210 |
PYTHON_COMPAT=( python{2_6,2_7} ) |
211 |
|
212 |
if [[ $PV == *9999 ]]; then |
213 |
KEYWORDS="" |
214 |
REPO="xen-unstable.hg" |
215 |
EHG_REPO_URI="http://xenbits.xensource.com/${REPO}" |
216 |
S="${WORKDIR}/${REPO}" |
217 |
live_eclass="mercurial" |
218 |
else |
219 |
KEYWORDS="~amd64 ~x86" |
220 |
SRC_URI="http://bits.xensource.com/oss-xen/release/${PV}/xen-${PV}.tar.gz" |
221 |
fi |
222 |
|
223 |
inherit mount-boot flag-o-matic python-any-r1 toolchain-funcs eutils ${live_eclass} |
224 |
|
225 |
DESCRIPTION="The Xen virtual machine monitor" |
226 |
HOMEPAGE="http://xen.org/" |
227 |
LICENSE="GPL-2" |
228 |
SLOT="0" |
229 |
IUSE="custom-cflags debug efi flask pae xsm" |
230 |
|
231 |
DEPEND="${PYTHON_DEPS} |
232 |
efi? ( >=sys-devel/binutils-2.22[multitarget] ) |
233 |
!efi? ( >=sys-devel/binutils-2.22[-multitarget] )" |
234 |
RDEPEND="" |
235 |
PDEPEND="~app-emulation/xen-tools-${PV}" |
236 |
|
237 |
RESTRICT="test" |
238 |
|
239 |
# Approved by QA team in bug #144032 |
240 |
QA_WX_LOAD="boot/xen-syms-${PV}" |
241 |
|
242 |
REQUIRED_USE=" |
243 |
flask? ( xsm ) |
244 |
" |
245 |
|
246 |
#Security patches |
247 |
XSA_PATCHES=( |
248 |
"${FILESDIR}"/${PN}-4-CVE-2013-1918-XSA-45_[1-7].patch |
249 |
"${FILESDIR}"/${PN}-4.2-2013-2076-XSA-52to54.patch |
250 |
"${FILESDIR}"/${PN}-4.2-CVE-2013-1432-XSA-58.patch |
251 |
"${FILESDIR}"/${PN}-4.2-CVE-2013-4553-XSA-74.patch |
252 |
"${FILESDIR}"/${PN}-CVE-2013-4554-XSA-76.patch |
253 |
"${FILESDIR}"/${PN}-CVE-2013-6400-XSA-80.patch |
254 |
"${FILESDIR}"/${PN}-4-XSA-83.patch #bug #499054 |
255 |
"${FILESDIR}"/${PN}-4.2-XSA-87.patch #bug #499124 |
256 |
) |
257 |
|
258 |
pkg_setup() { |
259 |
python-any-r1_pkg_setup |
260 |
if [[ -z ${XEN_TARGET_ARCH} ]]; then |
261 |
if use x86 && use amd64; then |
262 |
die "Confusion! Both x86 and amd64 are set in your use flags!" |
263 |
elif use x86; then |
264 |
export XEN_TARGET_ARCH="x86_32" |
265 |
elif use amd64; then |
266 |
export XEN_TARGET_ARCH="x86_64" |
267 |
else |
268 |
die "Unsupported architecture!" |
269 |
fi |
270 |
fi |
271 |
|
272 |
if use flask ; then |
273 |
export "XSM_ENABLE=y" |
274 |
export "FLASK_ENABLE=y" |
275 |
elif use xsm ; then |
276 |
export "XSM_ENABLE=y" |
277 |
fi |
278 |
} |
279 |
|
280 |
src_prepare() { |
281 |
# Drop .config and fix gcc-4.6 |
282 |
epatch "${FILESDIR}"/${PN/-pvgrub/}-4-fix_dotconfig-gcc.patch |
283 |
|
284 |
if use efi; then |
285 |
epatch "${FILESDIR}"/${PN}-4.2-efi.patch |
286 |
export EFI_VENDOR="gentoo" |
287 |
export EFI_MOUNTPOINT="boot" |
288 |
fi |
289 |
|
290 |
# if the user *really* wants to use their own custom-cflags, let them |
291 |
if use custom-cflags; then |
292 |
einfo "User wants their own CFLAGS - removing defaults" |
293 |
# try and remove all the default custom-cflags |
294 |
find "${S}" -name Makefile -o -name Rules.mk -o -name Config.mk -exec sed \ |
295 |
-e 's/CFLAGS\(.*\)=\(.*\)-O3\(.*\)/CFLAGS\1=\2\3/' \ |
296 |
-e 's/CFLAGS\(.*\)=\(.*\)-march=i686\(.*\)/CFLAGS\1=\2\3/' \ |
297 |
-e 's/CFLAGS\(.*\)=\(.*\)-fomit-frame-pointer\(.*\)/CFLAGS\1=\2\3/' \ |
298 |
-e 's/CFLAGS\(.*\)=\(.*\)-g3*\s\(.*\)/CFLAGS\1=\2 \3/' \ |
299 |
-e 's/CFLAGS\(.*\)=\(.*\)-O2\(.*\)/CFLAGS\1=\2\3/' \ |
300 |
-i {} \; || die "failed to re-set custom-cflags" |
301 |
fi |
302 |
|
303 |
# not strictly necessary to fix this |
304 |
sed -i 's/, "-Werror"//' "${S}/tools/python/setup.py" || die "failed to re-set setup.py" |
305 |
|
306 |
[[ ${XSA_PATCHES[@]} ]] && epatch "${XSA_PATCHES[@]}" |
307 |
epatch_user |
308 |
} |
309 |
|
310 |
src_configure() { |
311 |
use debug && myopt="${myopt} debug=y" |
312 |
use pae && myopt="${myopt} pae=y" |
313 |
|
314 |
if use custom-cflags; then |
315 |
filter-flags -fPIE -fstack-protector |
316 |
replace-flags -O3 -O2 |
317 |
else |
318 |
unset CFLAGS |
319 |
fi |
320 |
} |
321 |
|
322 |
src_compile() { |
323 |
# Send raw LDFLAGS so that --as-needed works |
324 |
emake CC="$(tc-getCC)" LDFLAGS="$(raw-ldflags)" LD="$(tc-getLD)" -C xen ${myopt} |
325 |
} |
326 |
|
327 |
src_install() { |
328 |
local myopt |
329 |
use debug && myopt="${myopt} debug=y" |
330 |
use pae && myopt="${myopt} pae=y" |
331 |
|
332 |
# The 'make install' doesn't 'mkdir -p' the subdirs |
333 |
if use efi; then |
334 |
mkdir -p "${D}"${EFI_MOUNTPOINT}/efi/${EFI_VENDOR} || die |
335 |
fi |
336 |
|
337 |
emake LDFLAGS="$(raw-ldflags)" DESTDIR="${D}" -C xen ${myopt} install |
338 |
} |
339 |
|
340 |
pkg_postinst() { |
341 |
elog "Official Xen Guide and the unoffical wiki page:" |
342 |
elog " http://www.gentoo.org/doc/en/xen-guide.xml" |
343 |
elog " http://en.gentoo-wiki.com/wiki/Xen/" |
344 |
|
345 |
use pae && ewarn "This is a PAE build of Xen. It will *only* boot PAE kernels!" |
346 |
use efi && einfo "The efi executable is installed in boot/efi/gentoo" |
347 |
} |