From ff6fd454f402c2b079e5e06db0a11bff2a43c75a Mon Sep 17 00:00:00 2001
From: Hans van Kranenburg <hans@knorrie.org>
Date: Tue, 5 May 2020 17:49:04 +0200
Subject: [PATCH] debian/changelog: add info about security fixes

Signed-off-by: Hans van Kranenburg <hans@knorrie.org>
---
 debian/changelog | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index 1739032cf8..2a1a5367cc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,17 @@
 xen (4.11.4-1) UNRELEASED; urgency=medium
 
-  * Update to new upstream version 4.11.4.
+  * Update to new upstream version 4.11.4, which also contains security fixes
+    for the following issues:
+    - arm: a CPU may speculate past the ERET instruction
+      XSA-312 (no CVE yet)
+    - multiple xenoprof issues
+      XSA-313 CVE-2020-11740 CVE-2020-11741
+    - Missing memory barriers in read-write unlock paths
+      XSA-314 CVE-2020-11739
+    - Bad error path in GNTTABOP_map_grant
+      XSA-316 CVE-2020-11743
+    - Bad continuation handling in GNTTABOP_copy
+      XSA-318 CVE-2020-11742
 
  -- Hans van Kranenburg <hans@knorrie.org>  Tue, 05 May 2020 18:03:26 +0200
 
-- 
2.30.2