From 12c52317fefd1f981142eb4a87d955a7bb5285ec Mon Sep 17 00:00:00 2001 From: Hans van Kranenburg Date: Sat, 27 Nov 2021 15:45:55 +0100 Subject: [PATCH] debian/changelog: finish 4.14.3+32-g9de3671772-1 --- debian/changelog | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 6c19404fb6..ce9547ae7a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,27 @@ -xen (4.14.3+32-g9de3671772-1) UNRELEASED; urgency=medium +xen (4.14.3+32-g9de3671772-1) unstable; urgency=medium - * Update to new upstream version 4.14.3+32-g9de3671772. + * Update to new upstream version 4.14.3+32-g9de3671772, which also contains + security fixes for the following issues: + - guests may exceed their designated memory limit + XSA-385 CVE-2021-28706 + - PCI devices with RMRRs not deassigned correctly + XSA-386 CVE-2021-28702 + - PoD operations on misaligned GFNs + XSA-388 CVE-2021-28704 CVE-2021-28707 CVE-2021-28708 + - issues with partially successful P2M updates on x86 + XSA-389 CVE-2021-28705 CVE-2021-28709 + * Note that the following XSA are not listed, because... + - XSA-387 only applies to Xen 4.13 and older + - XSA-390 only applies to Xen 4.15 + * Pick the following upstream commits to fix a regression which prevents + amd64 type hardware to fully power off. The issue was introduced in + version 4.14.0+88-g1d1d1f5391-1 after including upstream commits to + improve Raspberry Pi 4 support. (Closes: #994899): + - 8b6d55c126 ("x86/ACPI: fix mapping of FACS") + - f390941a92 ("x86/DMI: fix table mapping when one lives above 1Mb") + - 0f089bbf43 ("x86/ACPI: fix S3 wakeup vector mapping") + - 16ca5b3f87 ("x86/ACPI: don't invalidate S5 data when S3 wakeup vector + cannot be determined") -- Hans van Kranenburg Sat, 27 Nov 2021 15:09:47 +0100 -- 2.30.2