diff options
| author |   Maxim Koltsov <maksbotan@gentoo.org> | 2013-05-19 08:33:06 +0000 |
|---|---|---|
| committer | Maxim Koltsov <maksbotan@gentoo.org> | 2013-05-19 08:33:06 +0000 |
| commit | c66e6a6adddfc895834043da9164605b87672b93 (patch) | |
| tree | 7e615b76824e94ab4f85dada0d42223a3274eb42 /sys-kernel/openvz-sources | |
| parent | Remove broken version. (diff) | |
| download | gentoo-2-c66e6a6adddfc895834043da9164605b87672b93.tar.gz gentoo-2-c66e6a6adddfc895834043da9164605b87672b93.tar.bz2 gentoo-2-c66e6a6adddfc895834043da9164605b87672b93.zip | |
Bump to 2.6.32.76.8: security fix for local root exploit aka CVE-2013-2094
(Portage version: 2.1.12/cvs/Linux x86_64, signed Manifest commit with key F8DBDADE)
Diffstat (limited to 'sys-kernel/openvz-sources')
| -rw-r--r-- | sys-kernel/openvz-sources/ChangeLog | 8 | ||||
| -rw-r--r-- | sys-kernel/openvz-sources/openvz-sources-2.6.32.76.8.ebuild | 57 |
2 files changed, 64 insertions, 1 deletions
diff --git a/sys-kernel/openvz-sources/ChangeLog b/sys-kernel/openvz-sources/ChangeLog index 614f6c30bc77..4457cbd376b3 100644 --- a/sys-kernel/openvz-sources/ChangeLog +++ b/sys-kernel/openvz-sources/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-kernel/openvz-sources # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openvz-sources/ChangeLog,v 1.195 2013/05/12 19:58:44 maksbotan Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openvz-sources/ChangeLog,v 1.196 2013/05/19 08:33:06 maksbotan Exp $ + +*openvz-sources-2.6.32.76.8 (19 May 2013) + + 19 May 2013; Maxim Koltsov <maksbotan@gentoo.org> + +openvz-sources-2.6.32.76.8.ebuild: + Bump to 2.6.32.76.8: security fix for local root exploit aka CVE-2013-2094 12 May 2013; Maxim Koltsov <maksbotan@gentoo.org> -openvz-sources-2.6.32.49.6.ebuild: diff --git a/sys-kernel/openvz-sources/openvz-sources-2.6.32.76.8.ebuild b/sys-kernel/openvz-sources/openvz-sources-2.6.32.76.8.ebuild new file mode 100644 index 000000000000..a530b543c618 --- /dev/null +++ b/sys-kernel/openvz-sources/openvz-sources-2.6.32.76.8.ebuild @@ -0,0 +1,57 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/openvz-sources/openvz-sources-2.6.32.76.8.ebuild,v 1.1 2013/05/19 08:33:06 maksbotan Exp $ + +EAPI="5" + +inherit versionator + +OVZ_KV="0$(get_version_component_range 4).$(get_version_component_range 5)" + +CKV=$(get_version_component_range 1-3) +OKV=${OKV:-${CKV}} +EXTRAVERSION=-${PN/-*}-${OVZ_KV} +ETYPE="sources" +KV_FULL=${CKV}${EXTRAVERSION} +if [[ ${PR} != "r0" ]]; then + KV_FULL+=-${PR} + EXTRAVERSION+=-${PR} +fi +S=${WORKDIR}/linux-${KV_FULL} + +# ${KV_MAJOR}.${KV_MINOR}.${KV_PATCH} should succeed. +KV_MAJOR=$(get_version_component_range 1 ${OKV}) +KV_MINOR=$(get_version_component_range 2 ${OKV}) +KV_PATCH=$(get_version_component_range 3 ${OKV}) + +KERNEL_URI="mirror://kernel/linux/kernel/v${KV_MAJOR}.${KV_MINOR}/linux-${OKV}.tar.xz" + +inherit kernel-2 +#detect_version + +KEYWORDS="~amd64 ~ppc64 ~sparc ~x86" +IUSE="" + +DESCRIPTION="Kernel sources with OpenVZ patchset" +HOMEPAGE="http://www.openvz.org" +SRC_URI="${KERNEL_URI} ${ARCH_URI} + http://download.openvz.org/kernel/branches/rhel6-${CKV}/042stab${OVZ_KV}/patches/patch-042stab${OVZ_KV}-combined.gz" + +UNIPATCH_STRICTORDER=1 +UNIPATCH_LIST="${DISTDIR}/patch-042stab${OVZ_KV}-combined.gz" + +K_EXTRAEINFO="This openvz kernel uses RHEL6 patchset instead of vanilla kernel. +This patchset considered to be more stable and security supported by upstream, +but for us RHEL6 patchset is very fragile and fails to build in many +configurations so if you have problems use config files from openvz team +http://wiki.openvz.org/Download/kernel/rhel6/042stab${OVZ_KV} + +For info in next paragraph, see +http://bugzilla.openvz.org/show_bug.cgi?id=2012#1 + +In general, RHEL kernels are very sensitive to compiler version and therefore +should be compiled by RHEL compiler, otherwise there might be stability issues, +sometimes as bad as this case." + +K_EXTRAEWARN="This kernel is stable only when built with gcc-4.4.x and is known +to oops in random places if built with newer compilers." |