Merge version 4.14.3-1~deb11u1+rpi1 and 4.14.3+32-g9de3671772-1~deb11u1 to produce...

diff --cc debian/changelog
index 5cee9034f03d7ab2297728caf3ea6511c8c70c28,193395101f0bf4018eed617375ad6ecaa6972a31..824ebee17bcd7e6850d6f6b3acdd727c437d27a3
--- 1/debian/changelog
--- 2/debian/changelog
+++ b/debian/changelog
@@@ -1,21 -1,36 +1,49 @@@
- xen (4.14.3-1~deb11u1+rpi1) bullseye-staging; urgency=medium
++xen (4.14.3+32-g9de3671772-1~deb11u1+rpi1) bullseye-staging; urgency=medium
 +
 +  [changes brought forward from 4.4.1-9+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 30 Aug 2015 15:43:16 +0000]
 +  * replace "dmb" with "mcr p15, #0, r0, c7, c10, #5" for armv6
 +  
 +  [changes introduced in 4.6.0-1+rpi1 by Peter Michael Green]
 +  * Use kernel 3.18 for now as I haven't dealt with 4.x yet.
 +
 +  [changes introduced in 4.11.1+26-g87f51bf366-3+rpi1 by Peter Michael Green]
 +  * Do not fail on files that are not installed.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Tue, 21 Sep 2021 18:53:21 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sun, 05 Dec 2021 19:06:23 +0000
 +
- xen (4.14.3-1~deb11u1) bullseye-security; urgency=medium
+ xen (4.14.3+32-g9de3671772-1~deb11u1) bullseye-security; urgency=medium
  
+   * d/salsa-ci.yml: Set RELEASE variable to bullseye
    * Rebuild for bullseye-security
  
-  -- Hans van Kranenburg <hans@knorrie.org>  Mon, 13 Sep 2021 16:28:21 +0200
+  -- Hans van Kranenburg <hans@knorrie.org>  Thu, 02 Dec 2021 21:45:55 +0100
+ 
+ xen (4.14.3+32-g9de3671772-1) unstable; urgency=medium
+ 
+   * Update to new upstream version 4.14.3+32-g9de3671772, which also contains
+     security fixes for the following issues:
+     - guests may exceed their designated memory limit
+       XSA-385 CVE-2021-28706
+     - PCI devices with RMRRs not deassigned correctly
+       XSA-386 CVE-2021-28702
+     - PoD operations on misaligned GFNs
+       XSA-388 CVE-2021-28704 CVE-2021-28707 CVE-2021-28708
+     - issues with partially successful P2M updates on x86
+       XSA-389 CVE-2021-28705 CVE-2021-28709
+   * Note that the following XSA are not listed, because...
+     - XSA-387 only applies to Xen 4.13 and older
+     - XSA-390 only applies to Xen 4.15
+   * Pick the following upstream commits to fix a regression which prevents
+     amd64 type hardware to fully power off. The issue was introduced in
+     version 4.14.0+88-g1d1d1f5391-1 after including upstream commits to
+     improve Raspberry Pi 4 support. (Closes: #994899):
+     - 8b6d55c126 ("x86/ACPI: fix mapping of FACS")
+     - f390941a92 ("x86/DMI: fix table mapping when one lives above 1Mb")
+     - 0f089bbf43 ("x86/ACPI: fix S3 wakeup vector mapping")
+     - 16ca5b3f87 ("x86/ACPI: don't invalidate S5 data when S3 wakeup vector
+                    cannot be determined")
+ 
+  -- Hans van Kranenburg <hans@knorrie.org>  Sat, 27 Nov 2021 15:09:47 +0100
  
  xen (4.14.3-1) unstable; urgency=high
  

diff --cc debian/patches/series
index 91b9c31b861d898702bd8b6dfe01277b2aae2eb6,87a7cd0ec5264a135636c6b924f81817a36f20c1..b847f30e83d5cd50d5e804e213bb34548b1c22fb
--- 1/debian/patches/series
--- 2/debian/patches/series
+++ b/debian/patches/series
@@@ -38,4 -38,7 +38,8 @@@ misc/toolstestsx86_emulator-pass--no-pi
  0038-x86-EFI-don-t-insert-timestamp-when-SOURCE_DATE_EPOC.patch
  0039-docs-use-predictable-ordering-in-generated-documenta.patch
  0040-docs-set-date-to-SOURCE_DATE_EPOCH-if-available.patch
+ 0041-x86-ACPI-fix-mapping-of-FACS.patch
+ 0042-x86-DMI-fix-table-mapping-when-one-lives-above-1Mb.patch
+ 0043-x86-ACPI-fix-S3-wakeup-vector-mapping.patch
+ 0044-x86-ACPI-don-t-invalidate-S5-data-when-S3-wakeup-vec.patch
 +armv6.diff