Date: Wed, 11 Nov 2020 15:51:57 +0000 (UTC) From: Piotr Kubaj <pkubaj@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r554900 - in head/security: . spectre-meltdown-checker Message-ID: <202011111551.0ABFpv4t023019@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pkubaj Date: Wed Nov 11 15:51:57 2020 New Revision: 554900 URL: https://svnweb.freebsd.org/changeset/ports/554900 Log: security/spectre-meltdown-checker: shell script to tell if your system is vulnerable against the several "speculative execution" CVEs that were made public since 2018 Added: head/security/spectre-meltdown-checker/ head/security/spectre-meltdown-checker/Makefile (contents, props changed) head/security/spectre-meltdown-checker/distinfo (contents, props changed) head/security/spectre-meltdown-checker/pkg-descr (contents, props changed) Modified: head/security/Makefile Modified: head/security/Makefile ============================================================================== --- head/security/Makefile Wed Nov 11 15:35:28 2020 (r554899) +++ head/security/Makefile Wed Nov 11 15:51:57 2020 (r554900) @@ -1206,6 +1206,7 @@ SUBDIR += sops SUBDIR += spass SUBDIR += spass-qt5 + SUBDIR += spectre-meltdown-checker SUBDIR += spm SUBDIR += spybye SUBDIR += sqlmap Added: head/security/spectre-meltdown-checker/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/spectre-meltdown-checker/Makefile Wed Nov 11 15:51:57 2020 (r554900) @@ -0,0 +1,23 @@ +# $FreeBSD$ + +PORTNAME= spectre-meltdown-checker +DISTVERSIONPREFIX= v +DISTVERSION= 0.44 +CATEGORIES= security + +MAINTAINER= pkubaj@FreeBSD.org +COMMENT= Checks your system for the speculative execution CVEs + +LICENSE= GPLv3 + +USE_GITHUB= yes +GH_ACCOUNT= speed47 +NO_ARCH= yes +NO_BUILD= yes + +PLIST_FILES= bin/spectre-meltdown-checker.sh + +do-install: + ${INSTALL_SCRIPT} ${WRKSRC}/spectre-meltdown-checker.sh ${STAGEDIR}${PREFIX}/bin + +.include <bsd.port.mk> Added: head/security/spectre-meltdown-checker/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/spectre-meltdown-checker/distinfo Wed Nov 11 15:51:57 2020 (r554900) @@ -0,0 +1,3 @@ +TIMESTAMP = 1605109163 +SHA256 (speed47-spectre-meltdown-checker-v0.44_GH0.tar.gz) = 96765d765275476c36a146da123fa7e9eb310a84e84ae71b179c9ace3b6ab0c8 +SIZE (speed47-spectre-meltdown-checker-v0.44_GH0.tar.gz) = 54325 Added: head/security/spectre-meltdown-checker/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/spectre-meltdown-checker/pkg-descr Wed Nov 11 15:51:57 2020 (r554900) @@ -0,0 +1,24 @@ +A shell script to tell if your system is vulnerable against the several +"speculative execution" CVEs that were made public since 2018. + +* CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' +* CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' +* CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3' +* CVE-2018-3640 [rogue system register read] aka 'Variant 3a' +* CVE-2018-3639 [speculative store bypass] aka 'Variant 4' +* CVE-2018-3615 [L1 terminal fault] aka 'Foreshadow (SGX)' +* CVE-2018-3620 [L1 terminal fault] aka 'Foreshadow-NG (OS)' +* CVE-2018-3646 [L1 terminal fault] aka 'Foreshadow-NG (VMM)' +* CVE-2018-12126 [microarchitectural store buffer data sampling (MSBDS)] aka + 'Fallout' +* CVE-2018-12130 [microarchitectural fill buffer data sampling (MFBDS)] aka + 'ZombieLoad' +* CVE-2018-12127 [microarchitectural load port data sampling (MLPDS)] aka 'RIDL' +* CVE-2019-11091 [microarchitectural data sampling uncacheable memory (MDSUM)] + aka 'RIDL' +* CVE-2019-11135 [TSX asynchronous abort] aka 'TAA' aka 'ZombieLoad V2' +* CVE-2018-12207 [machine check exception on page size changes (MCEPSC)] aka 'No + eXcuses' aka 'iTLB Multihit' +* CVE-2020-0543 [Special Register Buffer Data Sampling (SRBDS)] + +WWW: https://github.com/speed47/spectre-meltdown-checker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202011111551.0ABFpv4t023019>