debian/changelog: finish 4.14.2+25-gb6a8c4f72d-1

author Hans van Kranenburg <hans@knorrie.org>

Sun, 11 Jul 2021 13:02:08 +0000 (15:02 +0200)

committer Hans van Kranenburg <hans@knorrie.org>

Sun, 11 Jul 2021 13:02:08 +0000 (15:02 +0200)
author Hans van Kranenburg <hans@knorrie.org>
Sun, 11 Jul 2021 13:02:08 +0000 (15:02 +0200)
committer Hans van Kranenburg <hans@knorrie.org>
Sun, 11 Jul 2021 13:02:08 +0000 (15:02 +0200)
diff --git a/debian/changelog b/debian/changelog

index 99071ddeea8e3db5c1c3bcb01f8e29305af9e4c5..136c1cfdcf08b88a98987314496056c9e84ffc15 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,22 @@
-xen (4.14.2+25-gb6a8c4f72d-1) UNRELEASED; urgency=medium
+xen (4.14.2+25-gb6a8c4f72d-1) unstable; urgency=medium
  
-  * Update to new upstream version 4.14.2+25-gb6a8c4f72d.
+  * Update to new upstream version 4.14.2+25-gb6a8c4f72d, which also contains
+    security fixes for the following issues:
+    - HVM soft-reset crashes toolstack
+      XSA-368 CVE-2021-28687
+    - xen/arm: Boot modules are not scrubbed
+      XSA-372 CVE-2021-28693
+    - inappropriate x86 IOMMU timeout detection / handling
+      XSA-373 CVE-2021-28692
+    - Speculative Code Store Bypass
+      XSA-375 CVE-2021-0089 CVE-2021-26313
+    - x86: TSX Async Abort protections not restored after S3
+      XSA-377 CVE-2021-28690
+  * Note that the following XSA are not listed, because...
+    - XSA-370 does not contain code changes.
+    - XSA-365, XSA-367, XSA-369, XSA-371 and XSA-374 have patches for the
+      Linux kernel.
+    - XSA-366 only applies to Xen 4.11.
  
   -- Hans van Kranenburg <hans@knorrie.org>  Sun, 11 Jul 2021 14:29:13 +0200
author	Hans van Kranenburg <hans@knorrie.org>
	Sun, 11 Jul 2021 13:02:08 +0000 (15:02 +0200)
committer	Hans van Kranenburg <hans@knorrie.org>
	Sun, 11 Jul 2021 13:02:08 +0000 (15:02 +0200)