[Pkg-xen-devel] xen_4.16.0+51-g0941d6cb-1_source.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Sat Feb 19 21:20:52 GMT 2022



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 19 Feb 2022 20:29:32 +0100
Source: xen
Architecture: source
Version: 4.16.0+51-g0941d6cb-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-devel at lists.alioth.debian.org>
Changed-By: Hans van Kranenburg <hans at knorrie.org>
Closes: 976597 988901 992909 1002658
Changes:
 xen (4.16.0+51-g0941d6cb-1) unstable; urgency=medium
 .
   * Update to new upstream version 4.16.0+51-g0941d6cb, which also contains
     security fixes for the following issues:
     - arm: guest_physmap_remove_page not removing the p2m mappings
       XSA-393 CVE-2022-23033
     - A PV guest could DoS Xen while unmapping a grant
       XSA-394 CVE-2022-23034
     - Insufficient cleanup of passed-through device IRQs
       XSA-395 CVE-2022-23035
   * Note that the following XSA are not listed, because...
     - XSA-391 and XSA-392 have patches for the Linux kernel.
   * Upload to unstable now, which obsoletes the Xen 4.14 FTBFS issue.
     (Closes: #1002658)
 .
 xen (4.16.0-1~exp1) experimental; urgency=medium
 .
   Significant changes:
   * Update to new upstream version 4.16.0. This also includes a security fix
     for the following issue, which was not applicable to Xen 4.14 yet:
     - certain VT-d IOMMUs may not work in shared page table mode
       XSA-390 CVE-2021-28710
   * No longer build any package for the i386 architecture. It was already not
     possible to use x86_32 hardware because the i386 packages already
     shipped a 64-bit hypervisor and PV shim. Running 32-bit utils with a
     64-bit hypervisor requires using a compatibility layer that is fragile and
     becomes harder to maintain and test upstream. This change ends the 'grace
     period' in which users should have moved to using a fully 64-bit dom0.
     - debian/{control,rules,salsa-ci.yml,xen-utils-V.install.vsn-in}: make the
       necessary changes
     - Remove the Recommends on libc6-xen, which already actually does not
       exist any more. (Closes: #992909)
     - Drop patch "tools/tests/x86_emulator: Pass -no-pie -fno-pic to gcc on
       x86_32" because it is not relevant any more.
 .
   Changes related to upgrading to Xen 4.16:
   * debian/control: adjust to 4.16  [Maximilian Engelhardt]
   * Drop patches that have been applied upstream
   * Refresh remaining patches if needed
   * debian: follow upstream removal of '.sh' suffix in xl bash_completion file
     [Maximilian Engelhardt]
   * debian/control, debian/libxenstore*: ship a libxenstore4 package instead
     of libxenstore3.0, since upstream bumped the soname
     [Maximilian Engelhardt]
 .
   Packaging minor fixes and improvements  [Maximilian Engelhardt]:
   * debian/rules: set SOURCE_BASE_DIR to the top level build dir so that the
     "Display Debian package version in hypervisor log" patch can use it.
   * Add patch "xen/arch/x86: make objdump output user locale agnostic" to fix
     reproducable builds. This patch will also be sent upstream.
   * d/rules: remove reproducible=+fixfilepath from DEB_BUILD_MAINT_OPTIONS
   * d/salsa-ci.yml: Explicitly set RELEASE variable to unstable
   * d/salsa-ci.yml: disable cross building as it's currently not working
   * debian: call update-grub when installing/removing xen-hypervisor-common
     (Closes: #988901)
   * debian: fix dependency generation for python after dh-python was fixed
     first. (Closes: #976597)
   * debian/rules: remove unused pybuild settings
 .
   Packaging minor fixes and improvements:
   * Improve patches for building the PV shim separately. This enables to
     drop the extra Revert of an upstream commit that was done in
     4.14.0+80-gd101b417b7-1~exp1:
     - Drop patch: Revert "pvshim: make PV shim build selectable from
       configure"
     - Update patch "[...] Respect caller's CONFIG_PV_SHIM" to follow moving
       of a line to a different file
     - Drop patch: "tools/firmware/Makefile: CONFIG_PV_SHIM: enable only on
       x86_64" because that's now already the default upstream
   * debian/control.md5sum: remove this obsolete file
   * Merge patches "vif-common: disable handle_iptable" and
     "t/h/L/vif-common.sh: fix handle_iptable return value" into a single
     patch, since the latter was a fix for the first.
   * debian/control: change the Uploaders email address for Ian Jackson,
     since he does not work at Citrix any more now
Checksums-Sha1:
 f2d0ec91131ecff7291ac88a64597f5e7abf6972 4117 xen_4.16.0+51-g0941d6cb-1.dsc
 5938109ceb039a0aaf253cce72da9f8ea0745dfd 4542340 xen_4.16.0+51-g0941d6cb.orig.tar.xz
 ba751d44993de4aa49f5a59f2553b8fb506df8ad 128356 xen_4.16.0+51-g0941d6cb-1.debian.tar.xz
Checksums-Sha256:
 34778578fcbfcbae2c47a6caf6385355af9251ebe978d852f6d88cfd7af4ed7f 4117 xen_4.16.0+51-g0941d6cb-1.dsc
 55bb3071592684dacecf7ab89574bc68afa50faeb14382179dfbe567a3831cbe 4542340 xen_4.16.0+51-g0941d6cb.orig.tar.xz
 4515137736057c0522aa20ce0822bc36c678213e0d31cad8344dd7919afdf077 128356 xen_4.16.0+51-g0941d6cb-1.debian.tar.xz
Files:
 6a9d0424f430e916af82ff14b1f2bbd7 4117 admin optional xen_4.16.0+51-g0941d6cb-1.dsc
 c401b5c8834939e63c63c118e69a3885 4542340 admin optional xen_4.16.0+51-g0941d6cb.orig.tar.xz
 249a0f42c03ad5aeefb39699166a10ac 128356 admin optional xen_4.16.0+51-g0941d6cb-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmIRVBAACgkQssHfcmNh
X2xDfA/8Cld8sXQQfU4Dnv/10iOnsJ/gU0CZhQpD3+IIbqfaayul3ibiEm0hk+nX
dffepKSSEycme4tCCR1DPz7KVSc2LyrnHn2BJP5Fz2vVwiGbbAG9Q0VAXN64+8oN
tupORI4QWee4aC5wqien6hivWuhTNjHo2xQr14U4vMtAUNdNZxRIQ2z/B6tGwj94
m/0x5xPde1BdGeltnEzBENbZhBvJNMD1aRx787rZRXv4jKI2S25Mv5npO8JADPxf
nCGTljbZCcA8i6sk3C7oRB2ip4iVimYB0dR+0qqJi+9G+ZnfJbHYxISPvD5o4b4R
0LZQtp3XnfLjJMifW5eTJeMFR/hyogJZZa63ppgmFSDrprDSZhOvIkPVOF75HVUE
Dcb+kL31i7czJu5+DwXivckbWky2a3XzhhB+uNsRIqYNo36tT9jKJeN5pJPfBE7d
0UcnD7cWOyzZB/XExX0gaV7GGPY/B3uyTO9IN3YzjMRjGjuJZ+Vh4hClFBMxlz+m
06IsBahy0RQU9dPVpulf4HJrxlYYTSllrrO+1JCpyHUj4Z19DNE7bMg/0TPTFiW0
NA5TB4xwnxUrWaOr1YHaEcQIN2qZFJSG7ej8HrvMWfwkYCY4NROsIgpmT0rhGv8Z
/9zBPSby8GRxRu5K1VQc2KLeSwKT6qv/djP63Kq6qVwgTi6DvUg=
=ch60
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the Pkg-xen-devel mailing list