Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.
Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.
Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.
Whitespace cleanups and other nits corrected, where necessary.
This release fixes the following critical vulnerabilities:
CVE-2013-1918 / XSA-45: Several long latency operations are not
preemptible
CVE-2013-1952 / XSA-49: VT-d interrupt remapping source validation flaw
for bridges
CVE-2013-2076 / XSA-52: Information leak on XSAVE/XRSTOR capable AMD CPUs
CVE-2013-2077 / XSA-53: Hypervisor crash due to missing exception
recovery on XRSTOR
CVE-2013-2078 / XSA-54: Hypervisor crash due to missing exception
recovery on XSETBV
CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA-55: Multiple
vulnerabilities in libelf PV kernel handling
CVE-2013-2072 / XSA-56: Buffer overflow in xencontrol Python bindings
affecting xend
CVE-2013-2211 / XSA-57: libxl allows guest write access to sensitive
console related xenstore keys
CVE-2013-1432 / XSA-58: Page reference counting error due to
XSA-45/CVE-2013-1918 fixes
XSA-61: libxl partially sets up HVM passthrough even with disabled iommu
This release contains many bug fixes and improvements. The highlights are:
addressing a regression from the fix for XSA-21
addressing a regression from the fix for XSA-46
bug fixes to low level system state handling, including certain
hardware errata workarounds
(CVE-2013-1918 and CVE-2013-1952 were patched in pkgsrc before)
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
This integrates fixes for all vulnerabilities which were patched
in pkgsrc before.
Among many bug fixes and improvements (around 50 since Xen 4.1.4):
* ACPI APEI/ERST finally working on production systems
* Bug fixes for other low level system state handling
* Support for xz compressed Dom0 and DomU kernels
Aaron J. Grier, with implementation changes by myself:
- rules to add the run-time path correctly when building shared versions
of libraries. Using -dllpath to ocamlmklib for this - ',' would need
to be clumsily escaped from gmake.
(This also needs a patched ocamlmklib - from ocaml 4.00.1nb2 -
that has -elfmode which prevents -L paths being added to the
run-time path).
- Path fixes, but not using fixed paths as originally proposed,
but the SUBST framework.
- Trim whitespace off a numeric string read out of the kernel.
Instead of open coding the function, use String.trim, as the
String library is used, anyway. (available in ocaml >= 4.00.1)
also add security patches from upstream
changes:
-fixes for vulnerabilities were integrated
-many bug fixes and improvements, Highlights are:
-Bug fixes and improvements to the libxl tool stack
approved by maintainer
Heap-based buffer overflow in the process_tx_desc function in the
e1000 emulation allows the guest to cause a denial of service (QEMU
crash) and possibly execute arbitrary code via crafted legacy mode
packets.
Bump PKGREVISION
from qemu upstream:
Fill in word 64 of IDENTIFY data to indicate support for PIO modes 3 and 4.
This allows NetBSD guests to use UltraDMA modes instead of just PIO mode 0.
With this patch I can no longer reproduce PR 42455.
Bump package revision.
