changelog: Document security fixes

author Ian Jackson <ian.jackson@eu.citrix.com>

Wed, 21 Dec 2016 15:05:47 +0000 (15:05 +0000)

committer Ian Jackson <Ian.Jackson@eu.citrix.com>

Mon, 23 Jan 2017 16:23:57 +0000 (16:23 +0000)
author Ian Jackson <ian.jackson@eu.citrix.com>
Wed, 21 Dec 2016 15:05:47 +0000 (15:05 +0000)
committer Ian Jackson <Ian.Jackson@eu.citrix.com>
Mon, 23 Jan 2017 16:23:57 +0000 (16:23 +0000)
diff --git a/debian/changelog b/debian/changelog

index 172370d66f375f5c586764f19b0833b0ec945532..11b36fc4e5a77411675ac7143e26bc1e1628e244 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -11,6 +11,16 @@ xen (4.8.0-1~) unstable; urgency=high
          XSA-192   CVE-2016-9382
          XSA-191   CVE-2016-9386
  
+  * Apply security fixes from upstream:
+        XSA-204   CVE-2016-10013                 Closes:#848713
+        XSA-203   CVE-2016-10025
+        XSA-202   CVE-2016-10024
+
+  * For completeness, the following XSAs do not apply here:
+        XSA-197                      Bug is in qemu
+        XSA-199                      Bug is in qemu
+        XSA-200   CVE-2016-9932      Xen 4.8 is not affected
+
    * Drop -lcrypto search from upstream configure, and from our
      Build-Depends.  Closes:#844419.
author	Ian Jackson <ian.jackson@eu.citrix.com>
	Wed, 21 Dec 2016 15:05:47 +0000 (15:05 +0000)
committer	Ian Jackson <Ian.Jackson@eu.citrix.com>
	Mon, 23 Jan 2017 16:23:57 +0000 (16:23 +0000)