From: Raspbian automatic forward porter Date: Mon, 13 Jan 2020 22:59:37 +0000 (+0000) Subject: Merge version 4.8.5+shim4.10.2+xsa282-1+deb9u11+rpi1 and 4.8.5.final+shim4.10.4-1... X-Git-Tag: archive/raspbian/4.8.5.final+shim4.10.4-1+deb9u12+rpi1 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=b2b85691cb62ff79a3123a8ad5d46e909bdd14f5;p=xen.git Merge version 4.8.5+shim4.10.2+xsa282-1+deb9u11+rpi1 and 4.8.5.final+shim4.10.4-1+deb9u12 to produce 4.8.5.final+shim4.10.4-1+deb9u12+rpi1 --- 589fcb5f3ad40df3e643eafa8fa78252be99c856 diff --cc debian/changelog index 4eb9a4d022,bbcfb66eb3..3ef07e19c4 --- a/debian/changelog +++ b/debian/changelog @@@ -1,15 -1,49 +1,62 @@@ - xen (4.8.5+shim4.10.2+xsa282-1+deb9u11+rpi1) stretch-staging; urgency=medium ++xen (4.8.5.final+shim4.10.4-1+deb9u12+rpi1) stretch-staging; urgency=medium + + [changes brought forward from 4.4.1-9+rpi1 by Peter Michael Green at Sun, 30 Aug 2015 15:43:16 +0000] + * replace "dmb" with "mcr p15, #0, r0, c7, c10, #5" for armv6 + + [changes introduced in 4.6.0-1+rpi1 by Peter Michael Green] + * Use kernel 3.18 for now as I haven't dealt with 4.x yet. + + [changes introduced in 4.8.0-1+rpi1 by Peter Micheal Green] + * Add build-depends on ghostscript. + - -- Raspbian forward porter Tue, 15 Jan 2019 09:56:20 +0000 ++ -- Raspbian forward porter Mon, 13 Jan 2020 22:59:37 +0000 ++ + xen (4.8.5.final+shim4.10.4-1+deb9u12) stretch-security; urgency=medium + + * *NOTE* this will probably be the *LAST UPDATE* for Xen in Debian 9.x + (stretch), since this is the last batch of security patches from + upstream, where Xen 4.8 is out of security support. + + * Update to new upstream final tip of 4.8 stable branch, which I have + dubbed upstream/stable-4.8.5.final. And shim 4.10.4. + * This includes fixes to: + XSA-311 CVE-2019-19577 + XSA-310 CVE-2019-19580 + XSA-309 CVE-2019-19578 + XSA-308 CVE-2019-19583 + XSA-307 CVE-2019-19581 CVE-2019-19582 + XSA-306 CVE-2019-19579 + XSA-305 CVE-2019-11135 + XSA-304 CVE-2018-12207 + XSA-303 CVE-2019-18422 + XSA-302 CVE-2019-18424 + XSA-301 CVE-2019-18423 + XSA-299 CVE-2019-18421 + XSA-298 CVE-2019-18425 + XSA-297 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 + XSA-296 CVE-2019-18420 + XSA-295 CVE-2019-17349 CVE-2019-17350 + XSA-294 CVE-2019-17348 + XSA-293 CVE-2019-17347 + XSA-292 CVE-2019-17346 + XSA-291 CVE-2019-17345 + XSA-290 CVE-2019-17344 + XSA-288 CVE-2019-17343 + XSA-287 CVE-2019-17342 + XSA-285 CVE-2019-17341 + XSA-284 CVE-2019-17340 + * For completeness, the following are not applicable: + XSA-300 CVE-2019-17351 Bug is in Linux + XSA-289 Spectre V1 + L1TF combo; no new fixes + XSA-283 Withdrawn XSA number + XSA-281 Withdrawn XSA number + * The following is *not* fixed at this time: + XSA-286 Still embargoed. + + * README.comet: remove line about PVH support. + [Hans van Kranenburg] Closes:#908453. + + -- Ian Jackson Fri, 10 Jan 2020 17:09:30 +0000 xen (4.8.5+shim4.10.2+xsa282-1+deb9u11) stretch-security; urgency=medium diff --cc debian/patches/series index 29c7314781,6191f80fdb..37b2fd14d4 --- a/debian/patches/series +++ b/debian/patches/series @@@ -29,4 -29,5 +29,6 @@@ ubuntu-tools-libs-abiname.dif 0029-Copy-README.pti-and-README.comet-from-the-XSA-254-ad.patch 0030-tools-utility-to-dump-guest-grant-table-info.patch 0031-gitignore-add-tools-misc-xen-diag-to-.gitignore.patch + 0032-README.comet-remove-alinea-about-PVH-support.patch + 0033-xenstore-Increase-stack-size-for-xs-reader-thread.patch +armv6.diff