- xen (4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7+rpi1) stretch-staging; urgency=medium
++xen (4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8+rpi1) stretch-staging; urgency=medium
+
+ [changes brought forward from 4.4.1-9+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 30 Aug 2015 15:43:16 +0000]
+ * replace "dmb" with "mcr p15, #0, r0, c7, c10, #5" for armv6
+
+ [changes introduced in 4.6.0-1+rpi1 by Peter Michael Green]
+ * Use kernel 3.18 for now as I haven't dealt with 4.x yet.
+
+ [changes introduced in 4.8.0-1+rpi1 by Peter Micheal Green]
+ * Add build-depends on ghostscript.
+
- -- Raspbian forward porter <root@raspbian.org> Sun, 27 May 2018 13:50:48 +0000
++ -- Raspbian forward porter <root@raspbian.org> Fri, 22 Jun 2018 03:45:56 +0000
++
+ xen (4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8) stretch-security; urgency=high
+
+ * Update to new upstream version 4.8.3+xsa267+shim4.10.1+xsa267.
+ XSA-267 CVE-2018-3665
+
+ I have actually taken upstream's staging-4.8 CI input branch, which is
+ identical to the CI-tested stable-4.8 except that it also has the
+ XSA-267 patches. There are additional patches in upstream's
+ stable-4.8 branch, beyond what was in the previous Debian stretch
+ security update, which are prerequisites for the XSA-267 patches.
+
+ For the shim, I have updated to upstream's staging-4.10, which is
+ identical to the CI-tested stable-4.10q except, again, for
+ XSA-267-related patches. The 4.10.0-comet branch lacks speculation
+ control entirely and has been superseded upstream.
+
+ -- Ian Jackson <ian.jackson@citrix.com> Mon, 18 Jun 2018 16:10:38 +0100
xen (4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7) stretch-security; urgency=high
tools-xenmon-install.diff
tools-xenstore-compatibility.diff
ubuntu-tools-libs-abiname.diff
- toolstestsx86_emulator-pass--no-pie--fno.patch
- copy-readme.pti-and-readme.comet-from-th.patch
- tools-utility-to-dump-guest-grant-table-.patch
- gitignore-add-toolsmiscxen-diag-to-.giti.patch
- x86emul-fix-emulator-test-harness-build-.patch
- x86emul-fix-emulator-test-harness-build-.patch1
- x86-correct-ordering-of-operations-durin.patch
- x86-suppress-bti-mitigations-around-s3-s.patch
- x86spec_ctrl-updates-to-retpoline-safety.patch
- x86hpet-fix-race-triggering-assertcpu--n.patch
- x86hvm-never-retain-emulated-insn-cache-.patch
- xpti-fix-bug-in-double-fault-handling.patch
- x86cpuidle-dont-init-stats-lock-more-tha.patch
- xen-introduce-vcpu_sleep_nosync_locked.patch
- xenschedule-fix-races-in-vcpu-migration.patch
- x86-fix-x86-further-cpuid-handling-adjus.patch
- x86spec_ctrl-read-msr_arch_capabilities-.patch
- x86spec_ctrl-express-xens-choice-of-msr_.patch
- x86spec_ctrl-merge-bti_ist_info-and-use_.patch
- x86spec_ctrl-fold-the-xen_ibrs_setclear-.patch
- x86spec_ctrl-rename-bits-of-infrastructu.patch
- x86spec_ctrl-elide-msr_spec_ctrl-handlin.patch
- x86spec_ctrl-split-x86_feature_sc_msr-in.patch
- x86spec_ctrl-explicitly-set-xens-default.patch
- x86cpuid-improvements-to-guest-policies-.patch
- x86spec_ctrl-introduce-a-new-spec-ctrl=-.patch
- x86amd-mitigations-for-gpz-sp4---specula.patch
- x86intel-mitigations-for-gpz-sp4---specu.patch
- x86msr-virtualise-msr_spec_ctrl.ssbd-for.patch
+ 0028-tools-tests-x86_emulator-Pass-no-pie-fno-pic-to-gcc-.patch
+ 0029-Copy-README.pti-and-README.comet-from-the-XSA-254-ad.patch
+ 0030-tools-utility-to-dump-guest-grant-table-info.patch
+ 0031-gitignore-add-tools-misc-xen-diag-to-.gitignore.patch
+armv6.diff
projects / xen.git / commitdiff