Changelog
xen (4.14.3+32-g9de3671772-1) unstable; urgency=medium
* Update to new upstream version 4.14.3+32-g9de3671772, which also contains
security fixes for the following issues:
- guests may exceed their designated memory limit
XSA-385 CVE-2021-28706
- PCI devices with RMRRs not deassigned correctly
XSA-386 CVE-2021-28702
- PoD operations on misaligned GFNs
XSA-388 CVE-2021-28704 CVE-2021-28707 CVE-2021-28708
- issues with partially successful P2M updates on x86
XSA-389 CVE-2021-28705 CVE-2021-28709
* Note that the following XSA are not listed, because...
- XSA-387 only applies to Xen 4.13 and older
- XSA-390 only applies to Xen 4.15
* Pick the following upstream commits to fix a regression which prevents
amd64 type hardware to fully power off. The issue was introduced in
version 4.14.0+88-g1d1d1f5391-1 after including upstream commits to
improve Raspberry Pi 4 support. (Closes: #994899):
- 8b6d55c126 ("x86/ACPI: fix mapping of FACS")
- f390941a92 ("x86/DMI: fix table mapping when one lives above 1Mb")
- 0f089bbf43 ("x86/ACPI: fix S3 wakeup vector mapping")
- 16ca5b3f87 ("x86/ACPI: don't invalidate S5 data when S3 wakeup vector
cannot be determined")
-- Hans van Kranenburg <email address hidden> Sat, 27 Nov 2021 15:09:47 +0100