debian/changelog: add a few missing CVE numbers

Signed-off-by: Hans van Kranenburg <hans@knorrie.org>

diff --git a/debian/changelog b/debian/changelog
index 2f30af981b4c688f421112e0590c4e1e0dacd7dd..bf8cc96f4b7a8d220c64ea9bcf5225c8f6fc5053 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -21,15 +21,15 @@ xen (4.14.0+80-gd101b417b7-1~exp1) experimental; urgency=medium
   * Update to new upstream version 4.14.0+80-gd101b417b7, which also contains
     security fixes for the following issues:
     - Information leak via power sidechannel
-      XSA-351 (no CVE yet)
+      XSA-351 CVE-2020-28368
     - x86 PV guest INVLPG-like flushes may leave stale TLB entries
-      XSA-286 (no CVE yet)
+      XSA-286 CVE-2020-27674
     - unsafe AMD IOMMU page table updates
-      XSA-347 (no CVE yet)
+      XSA-347 CVE-2020-27670
     - undue deferral of IOMMU TLB flushes
-      XSA-346 (no CVE yet)
+      XSA-346 CVE-2020-27671
     - x86: Race condition in Xen mapping code
-      XSA-345 (no CVE yet)
+      XSA-345 CVE-2020-27672
     - lack of preemption in evtchn_reset() / evtchn_destroy()
       XSA-344 CVE-2020-25601
     - races with evtchn_reset()