* Longer sleep (increase stability but won't affect runtime).
* Work around JRuby problem.
* Spec environment unset in parent is unset in parent when set in grandparent.
* Remove environment variables not in ENV that are in ProcessBuilder
environment.
* Remove unnecessary stringification of ENV keys MSP-11414
Unlike @environment, which is a generic Hash, ENV is guarenteed to be
<String, String>, so remove the keys #to_s calls for ENV.
By default qemu will try to create some sort of backend for the
emulated VGA device, either SDL or VNC.
However when the user specifies sdl=0 and vnc=0 in their configuration
libxl was not explicitly disabling either backend, which could lead to
one unexpectedly running.
If either sdl=1 or vnc=1 is configured then both before and after this
change only the backends which are explicitly enabled are configured,
i.e. this issue only occurs when all backends are supposed to have
been disabled.
This affects qemu-xen and qemu-xen-traditional differently.
If qemu-xen was compiled with SDL support then this would result in an
SDL window being opened if $DISPLAY is valid, or a failure to start
the guest if not. Passing "-display none" to qemu before any further
-sdl options disables this default behaviour and ensures that SDL is
only started if the libxl configuration demands it.
If qemu-xen was compiled without SDL support then qemu would instead
start a VNC server listening on ::1 (IPv6 localhost) or 127.0.0.1
(IPv4 localhost) with IPv6 preferred if available. Explicitly pass
"-vnc none" when vnc is not enabled in the libxl configuration to
remove this possibility.
qemu-xen-traditional would never start a vnc backend unless asked.
However by default it will start an SDL backend, the way to disable
this is to pass a -vnc option. In other words passing "-vnc none" will
disable both vnc and sdl by default. sdl can then be reenabled if
configured by subsequent use of the -sdl option.
Tested with both qemu-xen and qemu-xen-traditional built with SDL
support and:
xl cr # defaults
xl cr sdl=0 vnc=0
xl cr sdl=1 vnc=0
xl cr sdl=0 vnc=1
xl cr sdl=0 vnc=0 vga=\"none\"
xl cr sdl=0 vnc=0 nographic=1
with both valid and invalid $DISPLAY.
This is XSA-119.
From b6e327fde6c365086594e2b46edf435aa1671b1a Mon Sep 17 00:00:00 2001
From: Ian Campbell <ian.campbell@citrix.com>
Date: Fri, 20 Feb 2015 14:41:09 +0000
Subject: [PATCH] tools: libxl: Explicitly disable graphics backends on qemu
cmdline
By default qemu will try to create some sort of backend for the
emulated VGA device, either SDL or VNC.
However when the user specifies sdl=0 and vnc=0 in their configuration
libxl was not explicitly disabling either backend, which could lead to
one unexpectedly running.
If either sdl=1 or vnc=1 is configured then both before and after this
change only the backends which are explicitly enabled are configured,
i.e. this issue only occurs when all backends are supposed to have
been disabled.
This affects qemu-xen and qemu-xen-traditional differently.
If qemu-xen was compiled with SDL support then this would result in an
SDL window being opened if $DISPLAY is valid, or a failure to start
the guest if not. Passing "-display none" to qemu before any further
-sdl options disables this default behaviour and ensures that SDL is
only started if the libxl configuration demands it.
If qemu-xen was compiled without SDL support then qemu would instead
start a VNC server listening on ::1 (IPv6 localhost) or 127.0.0.1
(IPv4 localhost) with IPv6 preferred if available. Explicitly pass
"-vnc none" when vnc is not enabled in the libxl configuration to
remove this possibility.
qemu-xen-traditional would never start a vnc backend unless asked.
However by default it will start an SDL backend, the way to disable
this is to pass a -vnc option. In other words passing "-vnc none" will
disable both vnc and sdl by default. sdl can then be reenabled if
configured by subsequent use of the -sdl option.
Tested with both qemu-xen and qemu-xen-traditional built with SDL
support and:
xl cr # defaults
xl cr sdl=0 vnc=0
xl cr sdl=1 vnc=0
xl cr sdl=0 vnc=1
xl cr sdl=0 vnc=0 vga=\"none\"
xl cr sdl=0 vnc=0 nographic=1
with both valid and invalid $DISPLAY.
This is XSA-119.
Changelog is :
3.8.8 -> 3.8.9
- Add new directive "createolddir" and "nocreateolddir". These directives
can be used to create the directory specified by olddir with particular
"mode", "owner" and "group".
- Continue with rotation even when first log from logset is removed
during the rotation.
- Fix crash on BSD systems introduced in 3.8.8 caused by different qsort_r
function. Function qsort is now used instead.
- Fix potential buffer overflow in usage of strncat function.
- Fix compilation with musl-libc.
- Add experimental 'renamecopy' directive to allow 'olddir' on different
physical device. See the "man logrotate" for more information.
3.8.7 -> 3.8.8
- Add support for building using autotools/automake. Using "./autogen.sh",
"./configure" and "make" is now preferred way how to build logrotate.
Old Makefile remains available, but it is deprecated and will be removed
in the future. Please report any problem related to new build system.
- Add support for systems which do not support fork (use vfork instead)
and madvise.
- Fix bug when wrong log file has been removed in case of dateext and
dateformat %d-%m-%Y.
- Do not expect that the name of root account is 'root'.
- Do not stop rotation with an error when olddir and log file
are on different devices and copy or copytruncate is used.
- Return an error code when parent directory of log does not exist,
"su" directive is not used, logrotate is running as root and missingok
is not specified. [vcizek]
- Prepend error printed by compression program with the log name even when
the compression program exits with zero exit code.
pkgsrc change : took over maintainership.
x86emul: fully ignore segment override for register-only operations
For ModRM encoded instructions with register operands we must not
overwrite ea.mem.seg (if a - bogus in that case - segment override was
present) as it aliases with ea.reg.
This is CVE-2015-2151 / XSA-123.
x86emul: fully ignore segment override for register-only operations
For ModRM encoded instructions with register operands we must not
overwrite ea.mem.seg (if a - bogus in that case - segment override was
present) as it aliases with ea.reg.
This is CVE-2015-2151 / XSA-123.
x86emul: fully ignore segment override for register-only operations
For ModRM encoded instructions with register operands we must not
overwrite ea.mem.seg (if a - bogus in that case - segment override was
present) as it aliases with ea.reg.
This is CVE-2015-2151 / XSA-123.
lsof for legacy reasons includes sys/mount.h without _KERNEL but
msdosfs/msdosfsmount.h with _KERNEL.
Fixes:
/usr/include/msdosfs/msdosfsmount.h:255:12: error: a parameter list without types is only allowed in a function definition
VFS_PROTOS(msdosfs);
