From: Raspbian forward pporter <root@raspbian.org>
Date: Thu, 15 Feb 2018 00:15:16 +0000 (+0000)
Subject: Merge version 4.8.2+xsa245-0+deb9u1+rpi1 and 4.8.3+comet2+shim4.10.0+comet3-1+deb9u4... 
X-Git-Tag: archive/raspbian/4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1+rpi1^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=85d8ffaf92c006d2b8535b781b22a3ed58e86f96;p=xen.git

Merge version 4.8.2+xsa245-0+deb9u1+rpi1 and 4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1 to produce 4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1+rpi1
---

85d8ffaf92c006d2b8535b781b22a3ed58e86f96
diff --cc debian/changelog
index 9a40b7f3b2,dc69a1240c..32ada6db87
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,15 -1,29 +1,42 @@@
- xen (4.8.2+xsa245-0+deb9u1+rpi1) stretch-staging; urgency=medium
++xen (4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1+rpi1) stretch-staging; urgency=medium
 +
 +  [changes brought forward from 4.4.1-9+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 30 Aug 2015 15:43:16 +0000]
 +  * replace "dmb" with "mcr p15, #0, r0, c7, c10, #5" for armv6
 +  
 +  [changes introduced in 4.6.0-1+rpi1 by Peter Michael Green]
 +  * Use kernel 3.18 for now as I haven't dealt with 4.x yet.
 +
 +  [changes introduced in 4.8.0-1+rpi1 by Peter Micheal Green]
 +  * Add build-depends on ghostscript.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Sun, 03 Dec 2017 13:53:45 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Thu, 15 Feb 2018 00:15:16 +0000
++
+ xen (4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1) stretch-security; urgency=high
+ 
+   * Fix builds on other than amd64.
+ 
+  -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 09 Feb 2018 14:42:57 +0000
+ 
+ xen (4.8.3+comet2+shim4.10.0+comet3-1+deb9u4) stretch-security; urgency=high
+ 
+   * Update to new upstream version 4.8.3+comet2+shim4.10.0+comet3.
+     Specifically, this is two upstreams:
+       - Upstream Xen 4.8.3 "git merge"d with upstream
+         Xen Security Team (XSA-254) 4.8.3pre-shim-comet-2, in `.'
+       - Upstream Xen 4.10.0-shim-comet-3 in `shim'.
+     The upstream tarballs are from `git archive' with the
+     gitattributes for mangling .gitarchive-info disabled.
+     Therefore, we include these security fixes:
+        XSA-254 CVE-2017-5754 but SP3 "Meltdown" only
+        XSA-253 CVE-2018-5244
+        XSA-251 CVE-2017-17565
+        XSA-250 CVE-2017-17564
+        XSA-249 CVE-2017-17563
+        XSA-248 CVE-2017-17566
+   * Ship README.pti and README.comet from the upstream XSA-254
+     advisory in /usr/share/doc/xen-utils/common/.
+ 
+  -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Wed, 07 Feb 2018 17:50:45 +0000
  
  xen (4.8.2+xsa245-0+deb9u1) stretch-security; urgency=high
  
diff --cc debian/patches/series
index 96b319f579,6d15b8abd2..dc89cd4f9e
--- a/debian/patches/series
+++ b/debian/patches/series
@@@ -26,7 -26,5 +26,6 @@@ tools-xenmon-install.dif
  tools-xenstore-compatibility.diff
  ubuntu-tools-libs-abiname.diff
  toolstestsx86_emulator-pass--no-pie--fno.patch
- x86pod-prevent-infinite-loop-when-shatte.patch
- p2m-always-check-to-see-if-removing-a-p2.patch
- p2m-check-return-value-of-p2m_set_entry-.patch
+ copy-readme.pti-and-readme.comet-from-th.patch
+ tools-fix-arm-build-after-bdf693ee61b48.patch
 +armv6.diff