From: Raspbian automatic forward porter <root@raspbian.org>
Date: Tue, 15 Jan 2019 09:56:20 +0000 (+0000)
Subject: Merge version 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10+rpi1 and 4.8.5+shim4.10.2... 
X-Git-Tag: archive/raspbian/4.8.5+shim4.10.2+xsa282-1+deb9u11+rpi1^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=85e65eebf6ce92e14862183d14ec01a76e095da7;p=xen.git

Merge version 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10+rpi1 and 4.8.5+shim4.10.2+xsa282-1+deb9u11 to produce 4.8.5+shim4.10.2+xsa282-1+deb9u11+rpi1
---

85e65eebf6ce92e14862183d14ec01a76e095da7
diff --cc debian/changelog
index 135e384ed1,cef7734b1a..4eb9a4d022
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,15 -1,26 +1,39 @@@
- xen (4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10+rpi1) stretch-staging; urgency=medium
++xen (4.8.5+shim4.10.2+xsa282-1+deb9u11+rpi1) stretch-staging; urgency=medium
 +
 +  [changes brought forward from 4.4.1-9+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 30 Aug 2015 15:43:16 +0000]
 +  * replace "dmb" with "mcr p15, #0, r0, c7, c10, #5" for armv6
 +  
 +  [changes introduced in 4.6.0-1+rpi1 by Peter Michael Green]
 +  * Use kernel 3.18 for now as I haven't dealt with 4.x yet.
 +
 +  [changes introduced in 4.8.0-1+rpi1 by Peter Micheal Green]
 +  * Add build-depends on ghostscript.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Thu, 16 Aug 2018 23:20:32 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Tue, 15 Jan 2019 09:56:20 +0000
++
+ xen (4.8.5+shim4.10.2+xsa282-1+deb9u11) stretch-security; urgency=medium
+ 
+   * Update to new upstream versions:
+      * Main tree updated to Xen 4.8.5
+      * Shim updated to current upstream stable-4.10 branch, to
+        avoid errors trying to cherry-pick security patches.
+   * This includes fixes to:
+        XSA-282 	CVE-2018-19967                 Xen 4.8 and 4.10 shim
+        XSA-280 	CVE-2018-19966                 Xen 4.8 and 4.10 shim
+        XSA-279 	CVE-2018-19965                 Xen 4.8 and 4.10 shim
+        XSA-275 	CVE-2018-19961 CVE-2018-19962  Xen 4.8 and 4.10 shim
+        XSA-278 	CVE-2018-18883                 Xen 4.10 shim only
+   * For completeness, the following fixes are not applicable:
+        XSA-274 	CVE-2018-14678        Bug is in Linux
+        XSA-270 	CVE-2018-15471        Bug is in Linux
+        XSA-271 	CVE-2018-14007        Bug is in XAPI (not in Debian)
+        XSA-277 	CVE-2018-19964        Bug not in either 4.8 or 4.10
+        XSA-276 	CVE-2018-19963        Bug not in either 4.8 or 4.10
+   * Added CVEs to previous changelog entries:
+        4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10
+        4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
+ 
+  -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 11 Jan 2019 18:01:30 +0000
  
  xen (4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10) stretch-security; urgency=medium