Re: working for wheezy-security until wheezy-lts starts

To: Moritz Muehlenhoff <jmm@inutil.org>
Cc: Guido Günther <agx@sigxcpu.org>, Mike Gabriel <sunweaver@debian.org>, debian-lts@lists.debian.org, team@security.debian.org
Subject: Re: working for wheezy-security until wheezy-lts starts
From: Brian May <bam@debian.org>
Date: Tue, 22 Mar 2016 09:44:21 +1100
Message-id: <[🔎] 874mbzo3i2.fsf@prune.linuxpenguins.xyz>
In-reply-to: <[🔎] 8760wmx36x.fsf@prune.linuxpenguins.xyz>
References: <20160229152546.Horde.bUTfXxHSPmDu0AWwU5x1bGj@mail.das-netzwerkteam.de> <[🔎] 20160303175559.GA22478@pisco.westfalen.local> <[🔎] 87y49n9qvo.fsf@prune.linuxpenguins.xyz> <[🔎] 20160313115209.GA6851@bogon.m.sigxcpu.org> <[🔎] 87fuvrw19o.fsf@prune.linuxpenguins.xyz> <[🔎] 20160316074449.GB30392@inutil.org> <[🔎] 8760wmx36x.fsf@prune.linuxpenguins.xyz>

Brian May <bam@debian.org> writes:

> So one possible strategy might be to take Ubuntu's package as is and
> port it to Debian wheezy.

Have rebuilt Ubuntu's xen package for wheezy.

The results are available for testing.
https://people.debian.org/~bam/wheezy/xen/

The most significant change I had to remove the
tools-firmware-etherboot-fix-e1000.patch file because Debian wheezy
doesn't have the 8086100e.rom but it does have the e1000_82540.rom file.

---- cut ----
UBUNTU: Fix pxe boot with e1000 emulation

This seems to be a slight revert as the same rom name has been used before.
The main problem is that ipxe builds the e1000_82540.rom with invalid
pci id in the rom header. Which is required by the hvmloader.
The 8086100e.rom is just the same but with a name the build engine can
cope with.

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Index: xen-4.1.2/tools/firmware/etherboot/Config
===================================================================
--- xen-4.1.2.orig/tools/firmware/etherboot/Config	2012-03-06 20:50:36.000000000 +0100
+++ xen-4.1.2/tools/firmware/etherboot/Config	2012-03-06 20:54:11.275153857 +0100
@@ -1,5 +1,5 @@

-NICS = rtl8139 e1000_82540
+NICS = rtl8139 8086100e

 CFLAGS += -UPXE_DHCP_STRICT
 CFLAGS += -DPXE_DHCP_STRICT
---- cut ----

> Wonder how many of the CVEs the Ubuntu version fixes.

Will have a look at this now.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: working for wheezy-security until wheezy-lts starts
  - From: Brian May <bam@debian.org>

References:
- Re: working for wheezy-security until wheezy-lts starts
  - From: Moritz Mühlenhoff <jmm@inutil.org>
- Re: working for wheezy-security until wheezy-lts starts
  - From: Brian May <bam@debian.org>
- Re: working for wheezy-security until wheezy-lts starts
  - From: Guido Günther <agx@sigxcpu.org>
- Re: working for wheezy-security until wheezy-lts starts
  - From: Brian May <bam@debian.org>
- Re: working for wheezy-security until wheezy-lts starts
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Re: working for wheezy-security until wheezy-lts starts
  - From: Brian May <bam@debian.org>

Prev by Date: Re: Bug#818843: debian-security-support: new earlyend type, consider future end of support
Next by Date: Re: working for wheezy-security until wheezy-lts starts
Previous by thread: Re: working for wheezy-security until wheezy-lts starts
Next by thread: Re: working for wheezy-security until wheezy-lts starts
Index(es):
- Date
- Thread