xen (4.11.3+24-g14b62ab3e5-1ubuntu1) focal; urgency=medium

  * Merge from Debian/Sid. Remaining changes:
    - Enforce python2 usage
      - Build-depend on python2-dev.
      - Build using python2.
      - Build-depend on lmodern.
    - Recommend qemu-system-x86-xen
    - Force fcf-protection off when using -mindirect-branch
    - Strip .note.gnu.property section for intermediate files
    - Add transitional packages for upgrades
    - Handle config file moving between packages

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 06 Feb 2020 15:45:33 +0100

xen (4.11.3+24-g14b62ab3e5-1) unstable; urgency=high

  * Update to new upstream version 4.11.3+24-g14b62ab3e5, which also
    contains the following security fixes: (Closes: #947944)
    - Unlimited Arm Atomics Operations
      XSA-295 CVE-2019-17349 CVE-2019-17350
    - VCPUOP_initialise DoS
      XSA-296 CVE-2019-18420
    - missing descriptor table limit checking in x86 PV emulation
      XSA-298 CVE-2019-18425
    - Issues with restartable PV type change operations
      XSA-299 CVE-2019-18421
    - add-to-physmap can be abused to DoS Arm hosts
      XSA-301 CVE-2019-18423
    - passed through PCI devices may corrupt host memory after deassignment
      XSA-302 CVE-2019-18424
    - ARM: Interrupts are unconditionally unmasked in exception handlers
      XSA-303 CVE-2019-18422
    - x86: Machine Check Error on Page Size Change DoS
      XSA-304 CVE-2018-12207
    - TSX Asynchronous Abort speculative side channel
      XSA-305 CVE-2019-11135
    - Device quarantine for alternate pci assignment methods
      XSA-306 CVE-2019-19579
    - find_next_bit() issues
      XSA-307 CVE-2019-19581 CVE-2019-19582
    - VMX: VMentry failure with debug exceptions and blocked states
      XSA-308 CVE-2019-19583
    - Linear pagetable use / entry miscounts
      XSA-309 CVE-2019-19578
    - Further issues with restartable PV type change operations
      XSA-310 CVE-2019-19580
    - Bugs in dynamic height handling for AMD IOMMU pagetables
      XSA-311 CVE-2019-19577
  * Add missing CVE numbers to previous changelog entries

 -- Hans van Kranenburg <hans@knorrie.org>  Wed, 08 Jan 2020 12:41:42 +0100

xen (4.11.1+92-g6c33308a8d-2) unstable; urgency=high

  * Mention MDS and the need for updated microcode and disabling
    hyper-threading in NEWS.
  * Mention the ucode=scan option in the grub.d/xen documentation.

 -- Hans van Kranenburg <hans@knorrie.org>  Sat, 22 Jun 2019 11:15:08 +0200

xen (4.11.1+92-g6c33308a8d-1) unstable; urgency=high

  * Update to new upstream version 4.11.1+92-g6c33308a8d, which also
    contains the following security fixes:
    - Fix: grant table transfer issues on large hosts
      XSA-284 CVE-2019-17340 (Closes: #929991)
    - Fix: race with pass-through device hotplug
      XSA-285 CVE-2019-17341 (Closes: #929998)
    - Fix: x86: steal_page violates page_struct access discipline
      XSA-287 CVE-2019-17342 (Closes: #930001)
    - Fix: x86: Inconsistent PV IOMMU discipline
      XSA-288 CVE-2019-17343 (Closes: #929994)
    - Fix: missing preemption in x86 PV page table unvalidation
      XSA-290 CVE-2019-17344 (Closes: #929996)
    - Fix: x86/PV: page type reference counting issue with failed IOMMU update
      XSA-291 CVE-2019-17345 (Closes: #929995)
    - Fix: x86: insufficient TLB flushing when using PCID
      XSA-292 CVE-2019-17346 (Closes: #929993)
    - Fix: x86: PV kernel context switch corruption
      XSA-293 CVE-2019-17347 (Closes: #929999)
    - Fix: x86 shadow: Insufficient TLB flushing when using PCID
      XSA-294 CVE-2019-17348 (Closes: #929992)
    - Fix: Microarchitectural Data Sampling speculative side channel
      XSA-297 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091
      (Closes: #929129)
  * Note that the fixes for XSA-297 will only have effect when also loading
    updated cpu microcode with MD_CLEAR functionality. When using the
    intel-microcode package to include microcode in the dom0 initrd, it has to
    be loaded by Xen. Please refer to the hypervisor command line
    documentation about the 'ucode=scan' option.
  * Fixes for XSA-295 "Unlimited Arm Atomics Operations" will be added in the
    next upload.

 -- Hans van Kranenburg <hans@knorrie.org>  Tue, 18 Jun 2019 09:50:19 +0200

xen (4.11.1+26-g87f51bf366-3) unstable; urgency=medium

  Minor useability improvements and fixes:
  * bash-completion: also complete 'xen'  [Hans van Kranenburg]
  * /etc/default/xen: Handle with ucf again, like in stretch.
    Closes:#923401.  [Ian Jackson]

  Build fix:
  * Fix FTBFS when building only arch-indep binaries (eg
    dpkg-buildpackage -A).  Was due to dh-exec bug wrt not-installed.
    Closes:#923013.  [Hans van Kranenburg; report from Santiago Vila]

  Documentation fix:
  * grub.d/xen.cfg: dom0_mem max IS needed  [Hans van Kranenburg]

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Thu, 28 Feb 2019 16:37:04 +0000

xen (4.11.1+26-g87f51bf366-2) unstable; urgency=medium

  * Packaging change: override spurious lintian warning about
    fsimage.so rpath.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 22 Feb 2019 16:07:37 +0000

xen (4.11.1+26-g87f51bf366-1) unstable; urgency=medium

  Significant changes:
  * Update to new upstream version 4.11.1+26-g87f51bf366.
    (This is from the upstream stable branch.)  [Ian Jackson]
  * Build and use oxenstored rather than the C xenstored by default.
    [Ian Jackson and Hans van Kranenburg]
  * xen init script: rewrite and reorganise xenstored start logic.
    [Hans van Kranenburg]

  Documentation etc. improvements:
  * Refresh hypervisor and dom0 command line options documentation.
    (Closes: #919758)  [Hans van Kranenburg; report from Gergely]
  * Ship /etc/default/xen, a striped and tidied version of upstream
    sysconfig.xencommons.in.  [Hans van Kranenburg]

  Significant bugfixes:
  * xen init script: Do nothing if running for wrong Xen package.
    Avoids mystery loss of xenconsoled.  Closes:#851654.
    [Ian Jackson; report from Wolodja Wentland]
  * Make pygrub work again (by fixing python module and shared library
    paths).  Closes:#912381.  [Ian Jackson; earlier, Bastian Blank;
    report from Dimitar Angelov, also Torben Schou Jensen]

  Packaging bugfixes:
  * Have xen-utils-common suggest xen-doc, because it contains a broken
    symlink to it.  Closes:#911046.
    [Hans van Kranenburg; report from Andreas Beckmann]
  * Have xenstore-utils declare Breaks on xen-utils-common to make
    piuparts happy.  Closes:#911045.
    [Hans van Kranenburg, report from Andreas Beckmann]
  * hotplug-common: Strip arch-specific libdir from config file
    Closes:#862236.  [Ian Jackson; report from Stefan Bühler]
  * xendomains init script; Add dependency on $network.
    Closes:#798510.  [Francois Lesueur]
  * xendomains init script; Add should-dependency on nfs-kernel-server
    Closes:#826871.  [Geoffrey McRae]

  Packaging minor fixes and improvements [Hans van Kranenburg]:
  * debian/libxenstore3.0.symbols: revert ea2334dfe0
  * debian/control: add dh-python build-dep
  * d/xen-utils-V...: override xen-shim-syms lintian
  * debian/control: bump debhelper builddep to 10
  * debian/.gitignore: ignore more debhelper snippets
  * bash-completion: install completion rules for xl
  * xen init script: don't fail when being run in domU
  * Remove xend cruft from various init scripts etc.

  Packaging minor fixes and improvements [Ian Jackson]:
  * xen version/upgrade handling: Improve an error message
  * xen init script: silently exit status 0 if not running under xen
  * xen init script: Tidy up wrong/missing Xen version error handling
  * debian/rules: Fix tiny typos
  * hotplug-common: Do not adjust LD_LIBRARY_PATH

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 22 Feb 2019 15:11:45 +0000

xen (4.11.1-1) unstable; urgency=medium

  * debian/control: Add Homepage, Vcs-Browser and Vcs-Git.
    (Closes: #911457)
  * grub.d/xen.cfg: fix default entry when using l10n (Closes: #865086)
  * debian/rules: Don't exclude the actual pygrub script.
  * Update to new upstream version 4.11.1, which also contains:
    - Fix: insufficient TLB flushing / improper large page mappings with AMD
      IOMMUs
      XSA-275 CVE-2018-19961 CVE-2018-19962
    - Fix: resource accounting issues in x86 IOREQ server handling
      XSA-276 CVE-2018-19963
    - Fix: x86: incorrect error handling for guest p2m page removals
      XSA-277 CVE-2018-19964
    - Fix: x86: Nested VT-x usable even when disabled
      XSA-278 CVE-2018-18883
    - Fix: x86: DoS from attempting to use INVPCID with a non-canonical
      addresses
      XSA-279 CVE-2018-19965
    - Fix for XSA-240 conflicts with shadow paging
      XSA-280 CVE-2018-19966
    - Fix: guest use of HLE constructs may lock up host
      XSA-282 CVE-2018-19967
  * Update version handling patching to put the team mailing list address in
    the first hypervisor log line and fix broken other substitutions.
  * Disable handle_iptable hook in vif-common script. See #894013 for more
    information.

 -- Hans van Kranenburg <hans@knorrie.org>  Wed, 02 Jan 2019 20:59:40 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-5) unstable; urgency=medium

  * debian/rules: Cope if xen-utils-common not being built
    (Fixes binary-indep FTBFS.)

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Mon, 15 Oct 2018 18:07:11 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-4) unstable; urgency=medium

  * Many packaging fixes to fix FTBFS on all arches other than amd64.
  * xen-vbd-interface(7): Provide properly-formatted NAME section
  * Add pandoc and markdown to Build-Depends - fixes missing docs.
  * Revert "tools-xenstore-compatibility.diff" apropos of discussion
    https://lists.xenproject.org/archives/html/xen-devel/2018-10/msg00838.html

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Mon, 15 Oct 2018 12:15:36 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-3) unstable; urgency=medium

  * hypervisor package postinst: Actually install (avoids need to
    run update-grub by hand).
  * debian/control: Adding Section to source stanza
  * debian/control: Add missing Replaces on old xen-utils-common
  * debian/rules: Add a -n to a gzip rune to improve reproducibility

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 12 Oct 2018 16:55:48 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-2) unstable; urgency=medium

  * Redo as an upload with binaries, because source-only uploads to NEW
    are not allowed.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 05 Oct 2018 19:38:52 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-1) unstable; urgency=medium

  * Update to new upstream version 4.11.1~pre.20180911.5acdd26fdc+dfsg;
    merging in 4.11.1~pre.20180911.5acdd26fdc+dfsg-1~exp1.

 -- Ian Jackson <ian.jackson@citrix.com>  Fri, 05 Oct 2018 18:39:58 +0100

xen (4.11.1~pre+1.733450b39b-1) unstable; urgency=medium

  * Completely overhauled the packaging.  In the source package, things
    are very much simpler now with only a few hundred loc of templating
    and scriptery.  In the binary packages the resulting changes are:
     - We now provide -dbgsym packages in the standard way
      - Shared libraries with unstable ABI upstream (ie, whose
        ABI changes with the Xen version) are now in
        libxen<version>-misc rather than libxen<version> and
        have more conventional-looking filenames.
     - Shared libraries with a stable ABI upstream are now each in their
       own package, named after the soname (ABI version), as is
       conventional.  The sonames and minor versions of these are
       no longer mangled.
     - xs.h, replaced upstream by xenstore.h, is now in
       /usr/include/xenstore-compat (as shipped upstream), with
       symlinks left behind.
     - fsimage*.h is no longer shipped (it's namespace-grabbish).
     - libxenvchan.h is in /usr/include as it is in upstream,
       not buried in /usr/include/xen/io
     - /etc/xen/cpupool, a not very interesting example config file,
       has been moved into /usr/share/doc/.
     - There is a new xen-doc package, in which the upstream HTML
       documentation, and various other bits, is now provided.  This
       replaces the text format documentation previously provided in
       xen-utils-common (but the manpages are still there).
     - Utilities which use on libraries with stable ABIs upstream
       are no longer subjected to the Xen version wrapper.
     - Several utilities are now provided in /usr/bin which were
       previously only available buried in /usr/lib/xen-<version>:
          xen-detect xenalyze xencons xencov_split xen-cpuid
       (version-wrapped, where necessary).
     - Likewise very many utilities and daemons in /usr/sbin:
          gdbsx xen-bugtool xen-ringwatch xen-tmem-list-parse
          xenmon xenpmd flask-* xen-kdd xen-diag xen-hptool
          xen-hvmcrash xen-hvmctx xen-livepatch xen-lowmemd
          xen-mfndump xenbaked xenconsoled xencov xenlockprof
          xenstored xenwatchdogd
     - xend and xm are long gone, so remove the support for the
       TOOLSTACK setting in /etc/default/xen.  /usr/sbin/xen just
       runs xl now.  Remove mentions of xend-config.sxp and all
       *.sxp files.  Drop the xend init script.
     - There is no longer any Built-Using.  This is no longer true for
       seabios, which is depended on and used at runtime, rather than
       being embedded into hvmloader.  (The source package also previously
       tried to mention ipxe-qemu in Built-Using but that's (i) dependent
       upstream on CONFIG_ROMBIOS which we disable, and not a
       build-dependency either.)
     - The hvmloader and xen-shim binaries no longer have their .note
       and .comment section(s) stripped.  .note is needed for xen-shim
       to work properly and to find the corresponding debug files.
       And .comment is tiny and harmless AFAICT.
     - Hypervisor debug map files are installed in /usr/lib/debug.
     - The xl bash_completion file from upstream is installed.
     - libxenvchan.h is installed.
     - We install xen-*.efi in /boot.
     - Sections of some packages have been rationalised.
     - We install a doc-base control file.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Wed, 03 Oct 2018 18:45:02 +0100

xen (4.11.1~pre.20180911.5acdd26fdc+dfsg-1~exp1) experimental; urgency=medium

  * Update to new upstream version 4.11.1~pre.20180911.5acdd26fdc+dfsg.
  * Remove stubdom/grub.patches/00cvs from the upstream source because it's
    not DFSG compliant. (license-problem-gfdl-invariants)
  * Override statically-linked-binary lintian error about
    usr/lib/xen-4.11/boot/xen-shim

 -- Hans van Kranenburg <hans@knorrie.org>  Tue, 11 Sep 2018 15:34:34 +0200

xen (4.11.1~pre+1.733450b39b-1~exp1) experimental; urgency=medium

  [ Hans van Kranenburg ]
  * Update to 4.11.1-pre commit 733450b39b, which also contains:
    - Additional fix for: Unlimited recursion in linear pagetable de-typing
      XSA-240 CVE-2017-15595 (listed as xsa240-4.8/0004)
    - Fix x86 PV guests may gain access to internally used pages
      XSA-248 CVE-2017-17566
    - Fix broken x86 shadow mode refcount overflow check
      XSA-249 CVE-2017-17563
    - Fix improper x86 shadow mode refcount error handling
      XSA-250 CVE-2017-17564
    - Fix improper bug check in x86 log-dirty handling
      XSA-251 CVE-2017-17565
    - Fix: DoS via non-preemptable L3/L4 pagetable freeing
      XSA-252 CVE-2018-7540
    - Fix x86: memory leak with MSR emulation
      XSA-253 CVE-2018-5244
    - Multiple parts of fixes for...
      Information leak via side effects of speculative execution
      XSA-254 CVE-2017-5753 CVE-2017-5715 CVE-2017-5754
      - XPTI stage 1 a.k.a. 'Meltdown band-aid', XPTI-S1 or XPTI-lite
      - Branch predictor hardening for ARM CPUs
      - Support compiling with indirect branch thunks (e.g. retpoline)
      - Report details of speculative mitigations in boot logging
    - Fix: grant table v2 -> v1 transition may crash Xen
      XSA-255 CVE-2018-7541
    - Fix: x86 PVH guest without LAPIC may DoS the host
      XSA-256 CVE-2018-7542
    - The "Comet" shim, which can be used as a mitigation for Meltdown to
      shield the hypervisor against 64-bit PV guests.
    - Fix: Information leak via crafted user-supplied CDROM
      XSA-258 CVE-2018-10472
    - Fix: x86: PV guest may crash Xen with XPTI
      XSA-259 CVE-2018-10471
    - Fix: x86: mishandling of debug exceptions
      XSA-260 CVE-2018-8897
    - Fix: x86 vHPET interrupt injection errors
      XSA-261 CVE-2018-10982
    - Fix: qemu may drive Xen into unbounded loop
      XSA-262 CVE-2018-10981
    - Fix: Speculative Store Bypass
      XSA-263 CVE-2018-3639
    - Fix: preemption checks bypassed in x86 PV MM handling
      XSA-264 CVE-2018-12891
    - Fix: x86: #DB exception safety check can be triggered by a guest
      XSA-265 CVE-2018-12893
    - Fix: libxl fails to honour readonly flag on HVM emulated SCSI disks
      XSA-266 CVE-2018-12892
    - Fix: Speculative register leakage from lazy FPU context switching
      XSA-267 CVE-2018-3665
    - Fix: Use of v2 grant tables may cause crash on ARM
      XSA-268 CVE-2018-15469
    - Fix: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
      XSA-269 CVE-2018-15468
    - Fix: oxenstored does not apply quota-maxentity
      XSA-272 CVE-2018-15470
    - Fix: L1 Terminal Fault speculative side channel
      XSA-273 CVE-2018-3620
  * Merge changes for 4.9 from the ubuntu packaging (thanks, Stefan Bader):
    - Rebase patches against upstream source (line numbers etc).
    - debian/rules.real:
      - Add a call to build common tool headers.
      - Add a call to install common tool headers.
    - debian/libxen-dev.install, d/p/ubuntu-tools-libs-abiname.diff:
      - Add additional modifications for new libxendevicemodel.
    - debian/patches/tools-fake-xs-restrict.patch:
      - Re-introduce (fake) xs_restrict call to keep libxenstore version at
        3.0 for now.
    - debian/libxenstore3.0.symbols: add xs_control_command
  * Rebase patches against 4.10 upstream source.
  * Rebase patches against 4.11 upstream source.
  * Add README.source.md to document how the packaging works.
  * This package builds correctly with gcc 7. (Closes: #853710)
  * Fix grub config file conflict when upgrading from Stretch. (Closes: #852545)
  * Init scripts: Do not kill per-domain qemu processes. (Closes: #879751)
  * debian/patches: Fix "'vwprintw' is deprecated" gcc 8 compilation error

  [ Mark Pryor ]
  * Fix shared library build dependencies for the new xentoolcore library.

  [ John Keates ]
  * Enable OVMF (Closes: #858962)

 -- Hans van Kranenburg <hans@knorrie.org>  Sun, 08 Jul 2018 14:30:32 +0200

xen (4.9.2-0ubuntu7) focal; urgency=medium

  * No-change rebuild with fixed binutils on arm64.

 -- Matthias Klose <doko@ubuntu.com>  Sat, 08 Feb 2020 11:21:18 +0000

xen (4.9.2-0ubuntu6) focal; urgency=medium

  * Build-depend on python2-dev.
  * Depend on python2.
  * Build using python2.
  * Build-depend on lmodern.

 -- Matthias Klose <doko@ubuntu.com>  Mon, 13 Jan 2020 14:51:35 +0100

xen (4.9.2-0ubuntu5) disco; urgency=medium

  * Fix FTBS in Eoan (LP: #1823441). Except the last two changes, these are
    all cherry picks from Xen upstream to handle gcc8 and gcc9 changes.
    - d/p/x86-e820-fix-build-with-gcc9.patch
    - d/p/x86-IO-APIC-fix-build-with-gcc9.patch
    - d/p/trace-fix-build-with-gcc9.patch
    - d/p/tools-libxc-fix-strncpy-size.patch
    - d/p/tools-misc-fix-hypothetical-buffer-overflow-in-xen-l.patch
    - d/p/tools-xentop-replace-use-of-deprecated-vwprintw.patch
    - d/p/tools-xenpmd-fix-possible-0-truncation.patch
    - d/p/xenpmd-make-32-bit-gcc-8.1-non-debug-build-work.patch
    - d/p/libacpi-fixes-for-iasl-20180427.patch
    - d/p/tools-blktap2-fix-possible-0-truncation.patch
    - d/p/tools-blktap2-fix-hypothetical-buffer-overflow.patch
    - d/p/libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
    - d/p/ubuntu/flags-fcs-protect-none.patch
    - d/p/ubuntu/strip-note-gnu-property.patch
  * Fix decode failed panics with v5.2+ kernels (LP: #1851091)
    - d/p/0001-lz4-refine-commit-9143a6c55ef7-for-the-64-bit-case.patch
    - d/p/0002-lz4-pull-out-constant-tables.patch
    - d/p/0003-lz4-fix-system-halt-at-boot-kernel-on-x86_64.patch

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 11 Dec 2019 17:23:34 +0100

xen (4.9.2-0ubuntu2) cosmic; urgency=medium

  * No-change rebuild for ncurses soname changes.

 -- Matthias Klose <doko@ubuntu.com>  Thu, 03 May 2018 14:20:24 +0000

xen (4.9.2-0ubuntu1) bionic; urgency=medium

  * Update to upstream 4.9.2 release (LP: #1763354).
    Changes include numerous bugfixes, including security fixes/updates.
    4.9.0 -> 4.9.1:
    - XSA-226 / CVE-2017-12135 (replacement)
    - XSA-227 / CVE-2017-12137 (replacement)
    - XSA-228 / CVE-2017-12136 (replacement)
    - XSA-230 / CVE-2017-12855 (replacement)
    - XSA-231 / CVE-2017-14316 (replacement)
    - XSA-232 / CVE-2017-14318 (replacement)
    - XSA-233 / CVE-2017-14317 (replacement)
    - XSA-234 / CVE-2017-14319 (replacement)
    - XSA-235 / CVE-2017-15596 (replacement)
    - XSA-236 / CVE-2017-15597 (new)
    - XSA-237 / CVE-2017-15590 (replacement)
    - XSA-238 / CVE-2017-15591 (replacement)
    - XSA-239 / CVE-2017-15589 (replacement)
    - XSA-240 / CVE-2017-15595 (update)
    - XSA-241 / CVE-2017-15588 (replacement)
    - XSA-242 / CVE-2017-15593 (replacement)
    - XSA-243 / CVE-2017-15592 (replacement)
    - XSA-244 / CVE-2017-15594 (replacement)
    - XSA-245 / CVE-2017-17046 (replacement)
    4.9.1 -> 4.9.2:
    - XSA-246 / CVE-2017-17044 (new)
    - XSA-247 / CVE-2017-17045 (new)
    - XSA-248 / CVE-2017-17566 (new)
    - XSA-249 / CVE-2017-17563 (new)
    - XSA-250 / CVE-2017-17564 (new)
    - XSA-251 / CVE-2017-17565 (new)
    - XSA-252 / CVE-2018-7540  (new)
    - XSA-254 / CVE-2017-5754  (new / XPTI Meltdown mitigation)
    - XSA-255 / CVE-2018-7541  (new)
    - XSA-256 / CVE-2018-7542  (new)
  * Dropped:
    d/p/ubuntu/tools-fix-ftbs-arm.patch (upstream)

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 12 Apr 2018 11:54:57 +0200

xen (4.9.0-0ubuntu4) bionic; urgency=medium

  * Compile and ship vhd-util.
  * Add dh-python to build-depends.

 -- Dimitri John Ledkov <xnox@ubuntu.com>  Fri, 06 Apr 2018 17:35:43 +0100

xen (4.9.0-0ubuntu3) artful; urgency=medium

  * Applying Xen Security Advisories:
    - CVE-2017-12135 / XSA-226
      - Revert: grant_table: Default to v1, and disallow transitive grants
      - gnttab: don't use possibly unbounded tail calls
      - gnttab: fix transitive grant handling
    - CVE-2017-14316 / XSA-231
      - xen/mm: make sure node is less than MAX_NUMNODES
    - CVE-2017-14318 / XSA-232
      - grant_table: fix GNTTABOP_cache_flush handling
    - CVE-2017-14317 / XSA-233
      - tools/xenstore: dont unlink connection object twice
    - CVE-2017-14319 / XSA-234
      - gnttab: also validate PTE permissions upon destroy/replace
    - XSA-235
      - arm/mm: release grant lock on xenmem_add_to_physmap_one() error paths
    - XSA-237
      - x86: don't allow MSI pIRQ mapping on unowned device
      - x86: enforce proper privilege when (un)mapping pIRQ-s
      - x86/MSI: disallow redundant enabling
      - x86/IRQ: conditionally preserve irq <-> pirq mapping on map error paths
      - x86/FLASK: fix unmap-domain-IRQ XSM hook
    - XSA-238
      - x86/ioreq server: correctly handle bogus
        XEN_DMOP_{,un}map_io_range_to_ioreq_server arguments
    - XSA-239
      - x86/HVM: prefill partially used variable on emulation paths
    - XSA-240
      - x86: limit linear page table use to a single level
      - x86/mm: Disable PV linear pagetables by default
    - XSA-241
      - x86: don't store possibly stale TLB flush time stamp
    - XSA-242
      - x86: don't allow page_unlock() to drop the last type reference
    - XSA-243
      - x86/shadow: Don't create self-linear shadow mappings for 4-level
        translated guests
    - XSA-244
      - x86/cpu: Fix IST handling during PCPU bringup
    - XSA-245
      - xen/page_alloc: Cover memory unreserved after boot in first_valid_mfn
      - xen/arm: Correctly report the memory region in the dummy NUMA helpers

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 10 Oct 2017 11:24:52 +0200

xen (4.9.0-0ubuntu2) artful; urgency=medium

  * Add libxendevicemodel references to d/libxen-dev.install

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 18 Aug 2017 17:22:20 +0200

xen (4.9.0-0ubuntu1) artful; urgency=medium

  * Update to upstream 4.9.0 release.
    Changes include numerous bugfixes, including security fixes for:
    XSA-213 / CVE-2017-8903
    XSA-214 / CVE-2017-8904
    XSA-217 / CVE-2017-10912
    XSA-218 / CVE-2017-10913, CVE-2017-10914
    XSA-219 / CVE-2017-10915
    XSA-220 / CVE-2017-10916
    XSA-221 / CVE-2017-10917
    XSA-222 / CVE-2017-10918
    XSA-223 / CVE-2017-10919
    XSA-224 / CVE-2017-10920, CVE-2017-10921, CVE-2017-10922
    XSA-225 / CVE-2017-10923
  * Additional CVE's:
    - XSA-226 / CVE-2017-12135
    - XSA-227 / CVE-2017-12137
    - XSA-228 / CVE-2017-12136
    - XSA-230 / CVE-2017-12855
  * Additional fixes:
    - debian/rules.real:
      - Add a call to build common tool headers
      - Add a call to install common tool headers
    - Add checking of return values of asprintf calls.
      - d/p/ubuntu/tools-xs-test-hardening.patch
    - Add additional modifications for new libxendevicemodel
      - d/p/ubuntu/tools-libs-abiname.diff
    - Fix a segmentation fault when mmio_hole is set in hvm.cfg (from 4.9.y)
      - d/p/upstream-4.9.1-tools-libxl-Fix-a-segment-fault-when-mmio_hole...
    - Enable Local MCE feature
      - d/p/.../0001-x86-mce-make-mce-barriers-private-to-their-users.patch
      - d/p/.../0002-x86-mce-make-found_error-and-mce_fatal_cpus-private-.patch
      - d/p/.../0003-x86-mce-fix-comment-of-struct-mc_telem_cpu_ctl.patch
      - d/p/.../0004-x86-mce-allow-mce_barrier_-enter-exit-to-return-with.patch
      - d/p/.../0005-x86-mce-handle-host-LMCE.patch
      - d/p/.../0006-x86-mce_intel-detect-and-enable-LMCE-on-Intel-host.patch
      - d/p/.../0007-x86-domctl-generalize-the-restore-of-vMCE-parameters.patch
      - d/p/.../0008-x86-vmce-emulate-MSR_IA32_MCG_EXT_CTL.patch
      - d/p/.../0009-x86-vmce-enable-injecting-LMCE-to-guest-on-Intel-hos.patch
      - d/p/.../0010-x86-vmx-expose-LMCE-feature-via-guest-MSR_IA32_FEATU.patch
      - d/p/.../0011-x86-vmce-tools-libxl-expose-LMCE-capability-in-guest.patch
      - d/p/.../0012-x86-mce-add-support-of-vLMCE-injection-to-XEN_MC_inj.patch
    - Re-introduce (fake) xs_restrict call to keep libxenstore version at
      3.0 for now.
      - d/p/ubuntu/tools-fake-xs-restrict.patch
    - debian/libxenstore3.0.symbols:
      - Added xs_control_command
    - xen-4.9.0/debian/xen-hypervisor-4.9.xen.cfg:
      - Modified GRUB_DEFAULT setting to be dynamic (like update-grub does)
        which should handle non English environments (LP: #1321144)

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 17 Aug 2017 11:37:11 +0200

xen (4.8.2+xsa245-0+deb9u1) stretch-security; urgency=high

  * Update to upstream stable 4.8 branch, which is currently at Xen 4.8.2
    plus a number of bugfixes and security fixes.
    Result is that we now include security fixes for:
       XSA-231 CVE-2017-14316
       XSA-232 CVE-2017-14318
       XSA-233 CVE-2017-14317
       XSA-234 CVE-2017-14319
       (235 already included in 4.8.1-1+deb9u3)
       XSA-236 CVE-2017-15597
       XSA-237 CVE-2017-15590
       XSA-238 CVE-2017-15591
       XSA-239 CVE-2017-15589
       XSA-240 CVE-2017-15595
       XSA-241 CVE-2017-15588
       XSA-242 CVE-2017-15593
       XSA-243 CVE-2017-15592
       XSA-244 CVE-2017-15594
       XSA-245 CVE-2017-17046
    and a number of upstream functionality fixes, which are not easily
    disentangled from the security fixes.
  * Apply two more security fixes:
       XSA-246 CVE-2017-17044
       XSA-247 CVE-2017-17045

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Sat, 25 Nov 2017 11:26:37 +0000

xen (4.8.1-1+deb9u3) stretch-security; urgency=high

  * Security fixes for
      XSA-226 CVE-2017-12135
      XSA-227 CVE-2017-12137
      XSA-228 CVE-2017-12136
      XSA-230 CVE-2017-12855
      XSA-235 CVE-2017-15596
  * Adjust changelog entry for 4.8.1-1+deb9u2 to record
    that XSA-225 fix was indeed included.
  * Security fix for XSA-229 not included as that bug is in Linux, not Xen.
  * Security fixes for XSA-231..234 inc. not inclued as still embargoed.

 -- Ian Jackson <ian.jackson@eu.citrix.com>  Thu, 07 Sep 2017 19:17:58 +0100

xen (4.8.1-1+deb9u2) stretch-security; urgency=high

  * Security fixes for
      XSA-216 XSA-217 XSA-218 XSA-219 XSA-220
      XSA-221 XSA-222 XSA-223 XSA-224 XSA-225

 -- Ian Jackson <ian.jackson@eu.citrix.com>  Tue, 20 Jun 2017 14:06:34 +0100

xen (4.8.1-1+deb9u1) unstable; urgency=medium

  * Security fixes for XSA-213 (Closes:#861659) and XSA-214
    (Closes:#861660).  (Xen 4.7 and later is not affected by XSA-215.)

 -- Ian Jackson <ian.jackson@eu.citrix.com>  Tue, 02 May 2017 12:19:57 +0100

xen (4.8.1-1) unstable; urgency=high

  * Update to upstream 4.8.1 release.
    Changes include numerous bugfixes, including security fixes for:
      XSA-212 / CVE-2017-7228   Closes:#859560
      XSA-207 / no cve yet      Closes:#856229
      XSA-206 / no cve yet      no Debian bug

 -- Ian Jackson <ian.jackson@eu.citrix.com>  Tue, 18 Apr 2017 18:05:00 +0100

xen (4.8.1~pre.2017.01.23-1) unstable; urgency=medium

  * Update to current upstream stable-4.8 git branch (Xen 4.8.1-pre).
    Contains bugfixes.
  * debian/control-real etc.: debian.py: Allow version numbers like this.

 -- Ian Jackson <ian.jackson@eu.citrix.com>  Mon, 23 Jan 2017 16:03:31 +0000

xen (4.8.0-1ubuntu2) zesty; urgency=medium

  * Cherry-pick upstream change to fix TSC_ADJUST MSR handling in HVM
    guests running on Intel based hosts (LP: #1671760)

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 14 Mar 2017 09:27:04 +0100

xen (4.8.0-1ubuntu1) zesty; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - Add transitional package definitions to debian/control and
      debian/rules.gen (force hypervisor upgrade).
    - Split xen.init into xenstored.init and xen.init
      * xen.init depends in xenstored.init and optionally schedules itself
        before libvirtd.
      * xenstored.init additionally modprobes xen-acpi-processor
    - Remove update-alternatives call from xen utils (postinst/prerm) scripts.
    - Copy contents of debian/build/install-utils_$(ARCH)/usr/sbin into
      debian/build/install-utils_$ARCH/usr/lib/xen-$(VERSION) (LP: #1396670).

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 26 Jan 2017 12:40:13 +0100

xen (4.8.0-1) unstable; urgency=high

  * Update to upstream Xen 4.8.0.
    Includes the following security fixes:
        XSA-201   CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818
        XSA-198   CVE-2016-9379 CVE-2016-9380
        XSA-196   CVE-2016-9378 CVE-2016-9377   Closes:#845669
        XSA-195   CVE-2016-9383
        XSA-194   CVE-2016-9384                 Closes:#845667
        XSA-193   CVE-2016-9385
        XSA-192   CVE-2016-9382
        XSA-191   CVE-2016-9386
    Includes other bugfixes too:
        Closes:#812166, Closes:#818525.

  Cherry picks from upstream:
  * Security fixes:
        XSA-204   CVE-2016-10013                 Closes:#848713
        XSA-203   CVE-2016-10025
        XSA-202   CVE-2016-10024
    For completeness, the following XSAs do not apply here:
        XSA-197   CVE-2016-9381      Bug is in qemu
        XSA-199   CVE-2016-9637      Bug is in qemu
        XSA-200   CVE-2016-9932      Xen 4.8 is not affected
  * Cherry pick a build failure fix:
      "x86/emul: add likely()/unlikely() to test harness"

  [ Ian Jackson ]
  * Drop -lcrypto search from upstream configure, and from our
    Build-Depends.  Closes:#844419.
  * Change my own email address to my work (Citrix) address.  When
    uploading, I will swap hats to effectively sponsor my own upload.

  [ Ian Campbell ]
  * Start a qemu process in dom0 to service the toolstacks loopback disk
    attaches. (Closes: #770456)
  * Remove correct pidfile when stopping xenconsoled.
  * Check that xenstored has actually started before talking to it.
    Incorporate a timeout so as not to block boot (Mitigates #737613)
  * Correct syntax error in xen-init-list when running with xend
    (Closes: #763102)
  * Apply SELinux labels to directories created by initscripts. Patch from
    Russell Coker. (Closes: #764912)
  * Include a reportbug control file to redirect bugs to src:xen for
    packages which contain the Xen version in the name.  Closes:#796370.

  [ Lubomir Host ]
  * Fix xen-init-name to not fail looking for a nonexistent 'config'
    entry in xl's JSON output.  Closes:#818129.

 -- Ian Jackson <ian.jackson@eu.citrix.com>  Thu, 22 Dec 2016 14:51:46 +0000

xen (4.8.0~rc5-1) unstable; urgency=medium

  * New upstream version, Xen 4.8.0 RC5.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Fri, 11 Nov 2016 15:26:58 +0000

xen (4.8.0~rc3-1) unstable; urgency=medium

  * Upload 4.8.0~rc3 to unstable.  (RC5 is out upstream, but let's not
    update to that in the middle of the Xen 4.6 -> 4.8 transition.)
  * No source changes.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Sat, 05 Nov 2016 15:08:47 +0000

xen (4.8.0~rc3-0exp2) experimental; urgency=medium

  * Build-Depend on iasl on all architectures.  ARM has ACPI now.
    Fixes FTBFS on arm64 (at least).
  * Add qemu-utils and seabios to Suggests.
  * Pass -no-pie -fno-pic to x86 emulator test build.  (Patch
    also submitted upstream.)  Fixes FTBFS on i386 with GCC6.
  * Add myself to Uploaders.

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Tue, 01 Nov 2016 18:00:25 +0000

xen (4.8.0~rc3-0exp1) experimental; urgency=high

  * New upstream version, Xen 4.8.0 RC3.
    Fixes many outstanding CVEs.
  * Incorporated many changes from 4.8.0-0ubuntu2
    - libxen-dev is M-A: same
    - Work around grep bug http://bugs.launchpad.net/bugs/1547466
    - debian/xen-hypervisor-4.6.xen.cfg:
      Additional config file to simplify grub configuration.
    - Use new library/abiname scheme.
    - Document what xl and xm are in default.xen
    - Add libvirtd dependency to xendomains init script
    (Thanks to Stefan Bader and others.)

 -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Mon, 24 Oct 2016 17:31:27 +0100

xen (4.7.0-0ubuntu2) yakkety; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2016-6258 / XSA-182
      * x86/pv: Remove unsafe bits from the mod_l?_entry() fastpath
    - CVE-2016-6259 / XSA-183
      * x86/entry: Avoid SMAP violation in compat_create_bounce_frame()
    - CVE-2016-7092 / XSA-185
      * x86/32on64: don't allow recursive page tables from L3
    - CVE-2016-7093 / XSA-186
      * x86/emulate: Correct boundary interactions of emulated instructions
      * hvm/fep: Allow testing of instructions crossing the -1 -> 0 virtual
        boundary
    - CVE-2016-7094 / XSA-187
      * x86/shadow: Avoid overflowing sh_ctxt->seg_reg[]
      * x86/segment: Bounds check accesses to emulation ctxt->seg_reg[]
    - CVE-2016-7777 / XSA-190
      * x86emul: honor guest CR0.TS and CR0.EM

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 06 Oct 2016 15:24:46 +0200

xen (4.7.0-0ubuntu1) yakkety; urgency=low

  * Rebasing to upstream Xen release 4.7 (LP: #1621618)
    - Renamed all *-4.6* files into *-4.7*. Also moved references within
      various files from 4.6 to 4.7.
    - Follow previous abiname patches to create individual run-time libs
      for the versioned libxen package for libxencall, libxenevtchn,
      libxenforeignmemory, libxengnttab, and libxentoollog.
    - Modified debian/libxen-dev.install to pick up the additional headers
      and drop one which is no longer present. And also add the new libs.
    - Refreshed Debian patchesS
    - Dropped transitional packages <4.6, added a set for 4.6.
    - Dropped tools-allow-configure-time-choice-of-libexec-subdire.patch
      (upstream)
    - Dropped ubuntu-config-prefix-fix.patch (unnecessary)
    - Dropped all security patches since those were all included in
      the new upstream release.
    - Added fix for FTBS on Arm due to unused static variables and
      hardening flags turned on.
    - Switched dependencies of sysvinit scripts from libvirt-bin to
      libvirtd.
    - Added modprobe for xen-acpi-processor (no auto-load alias) to
      xenstrore init script. Otherwise there is no frequency scaling
      if the driver is compiled as a module.
    - Added proposed upstream fix for regression to save PV guests
      with more than 1G of memory.

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 31 Aug 2016 16:12:26 +0200

xen (4.6.0-1+nmu2) unstable; urgency=medium

  * Ensure debian/control.md5sum is correctly updated. Fixes FTBFS of
    4.6.0-1+nmu1 on buildds where linux-support-4.2.0-1 is not expected to be
    installed.

 -- Ian Campbell <ijc@debian.org>  Tue, 09 Feb 2016 16:41:16 +0000

xen (4.6.0-1+nmu1) unstable; urgency=medium

  * Non-maintainer upload.
  * Drop unused patching in of $(PREFIX), $(SBINDIR) and $(BINDIR)
    which are no longer used by the upstream build system.
  * Use correct/consistent LIBEXEC dirs throughout build
    (Closes: #805508).

 -- Ian Campbell <ijc@debian.org>  Tue, 19 Jan 2016 14:43:54 +0000

xen (4.6.0-1ubuntu5) yakkety; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2016-3158, CVE-2016-3159 / XSA-172
      * x86: fix information leak on AMD CPUs
    - CVE-2016-3960 / XSA-173
      * x86: limit GFNs to 32 bits for shadowed superpages.
    - CVE-2016-4962 / XSA-175
      * libxl: Record backend/frontend paths in /libxl/$DOMID
      * libxl: Provide libxl__backendpath_parse_domid
      * libxl: Do not trust frontend in libxl__devices_destroy
      * libxl: Do not trust frontend in libxl__device_nextid
      * libxl: Do not trust frontend for disk eject event
      * libxl: Do not trust frontend for disk in getinfo
      * libxl: Do not trust frontend for vtpm list
      * libxl: Do not trust frontend for vtpm in getinfo
      * libxl: Do not trust frontend for nic in libxl_devid_to_device_nic
      * libxl: Do not trust frontend for nic in getinfo
      * libxl: Do not trust frontend for channel in list
      * libxl: Do not trust frontend for channel in getinfo
      * libxl: Cleanup: Have libxl__alloc_vdev use /libxl
      * libxl: Document ~/serial/ correctly
    - CVE-2016-4480 / XSA-176
      * x86/mm: fully honor PS bits in guest page table walks
    - CVE-2016-4963 / XSA-178
      * libxl: Make copy of every xs backend in /libxl in _generic_add
      * libxl: Do not trust backend in libxl__device_exists
      * libxl: Do not trust backend for vtpm in getinfo (except uuid)
      * libxl: Do not trust backend for vtpm in getinfo (uuid)
      * libxl: cdrom eject and insert: write to /libxl
      * libxl: Do not trust backend for disk eject vdev
      * libxl: Do not trust backend for disk; fix driver domain disks list
      * libxl: Do not trust backend for disk in getinfo
      * libxl: Do not trust backend for cdrom insert
      * libxl: Do not trust backend for channel in getinfo
      * libxl: Rename libxl__device_{nic,channel}_from_xs_be to _from_xenstore
      * libxl: Rename READ_BACKEND to READ_LIBXLDEV
      * libxl: Have READ_LIBXLDEV use libxl_path rather than be_path
      * libxl: Do not trust backend in nic getinfo
      * libxl: Do not trust backend for nic in devid_to_device
      * libxl: Do not trust backend for nic in list
      * libxl: Do not trust backend in channel list
      * libxl: Cleanup: use libxl__backendpath_parse_domid in
               libxl__device_disk_from_xs_be
      * libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
    - CVE-2016-5242 / XSA-181
      * xen/arm: Don't free p2m->first_level in p2m_teardown() before
                 it has been allocated

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 07 Jun 2016 16:30:19 +0200

xen (4.6.0-1ubuntu4) xenial; urgency=low

  * d/rules.real: Set LANG=C.UTF-8 for the builds to avoid a grep bug.

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 19 Feb 2016 12:08:31 +0100

xen (4.6.0-1ubuntu3) xenial; urgency=low

  * Fix unmount error message on shutdown and init script ordering issues:
    - d/xen-utils-common.xenstored.init: Introduce new init script which only
      starts xenstored (but also shuts it down on stop). Prevent this one to
      be run on upgrade.
    - d/xen-utils-common.xen.init:
      * Add X-Start-Before/X-Stop-After dependencies on libvirt-bin
      * Remove xenstored related code
  * d/scripts/xen-init-list: Revert back to unmodified version from Debian.
    With the ordering fixed, libvirt guests should be handled by its own
    script before xendomains is run.
  * d/control, d/libxen-dev.install and d/rules.real:
    Add xenlight.pc and xlutil.pc to be packaged as part of libxen-dev in
    multi-arch suitable location. Also declare libxen-dev as multi-arch
    same.
  * Additional Security Patches:
    - CVE-2016-2270 / XSA-154
      * x86: enforce consistent cachability of MMIO mappings
    - CVE-2016-1570 / XSA-167
      * x86/mm: PV superpage handling lacks sanity checks
    - CVE-2016-1571 / XSA-168
      * x86/VMX: prevent INVVPID failure due to non-canonical guest address
    - CVE-2015-8615 / XSA-169
      * x86: make debug output consistent in hvm_set_callback_via
    - CVE-2016-2271 / XSA-170
      * x86/VMX: sanitize rIP before re-entering guest

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 18 Feb 2016 18:20:38 +0100

xen (4.6.0-1ubuntu2) xenial; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-8550 / XSA-155
      * xen: Add RING_COPY_REQUEST()
      * blktap2: Use RING_COPY_REQUEST
      * libvchan: Read prod/cons only once.
    - CVE-2015-8338 / XSA-158
      * memory: split and tighten maximum order permitted in memops
    - CVE-2015-8339, CVE-2015-8340 / XSA-159
      * memory: fix XENMEM_exchange error handling
    - CVE-2015-8341 / XSA-160
      * libxl: Fix bootloader-related virtual memory leak on pv
        build failure
    - CVE-2015-8555 / XSA-165
      * x86: don't leak ST(n)/XMMn values to domains first using them
    - CVE-2015-???? / XSA-166
      * x86/HVM: avoid reading ioreq state more than once

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 16 Dec 2015 12:06:10 +0100

xen (4.6.0-1ubuntu1) xenial; urgency=low

  * Merge of Xen-4.6 from Debian. Remaining changes:
    - debian/control, debian/rules.gen:
      Generate transitional xen-hypervisor packages.
    - debian/rules.real:
      Install the grub.d config file.
    - debian/scripts/xen-init-list:
      Ignore libxl guests not created by the xl toolstack (e.g. libvirt).
    - debian/tree/xen-utils-common/usr/share/xen-utils-common/default.xen:
      Minor readability improvements (maybe get rid of those)
    - debian/xen-hypervisor-4.6.xen.cfg:
      Additional config file to simplify grub configuration.
    - debian/xen-utils-4.6.postinst, debian/xen-utils-4.6.prerm:
      Remove update-alternatives call.
    - debian/xen-utils-common.xen.init:
      Fix consoled_stop_real and additional code to start and attach a
      qemu instance to dom0 (needed for pygrub booting QCOW2 PVM guests).
      Note: Also contains a work-around for a kernel bug which should be
      dropped in the next release.
    - debian/patches/ubuntu-config-prefix-fix.patch:
      Modifies configure and tools/configure to use the correct (versioned)
      libexec path.
    - Additional security fixes:
      * XSA-156 / CVE-2015-5307
        x86/HVM: always intercept #AC and #DB

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 02 Dec 2015 18:57:48 +0100

xen (4.6.0-1) unstable; urgency=medium

  * New upstream release.
  * CVE-2015-7812
  * CVE-2015-7813
  * CVE-2015-7814
  * CVE-2015-7835
  * CVE-2015-7969
  * CVE-2015-7970
  * CVE-2015-7971
  * CVE-2015-7972

 -- Bastian Blank <waldi@debian.org>  Sun, 01 Nov 2015 21:49:07 +0100

xen (4.5.1-0ubuntu2) xenial; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-7311 / XSA-142
      * libxl: handle read-only drives with qemu-xen
    - CVE-2015-7812 / XSA-145
      * xen/arm: Support hypercall_create_continuation for multicall
    - CVE-2015-7813 / XSA-146
      * xen: arm: rate-limit logging from unimplemented PHYSDEVOP and HVMOP.
    - CVE-2015-7814 / XSA-147
      * xen: arm: handle races between relinquish_memory and
        free_domheap_pages
    - CVE-2015-7835 / XSA-148
      * x86: guard against undue super page PTE creation
    - CVE-2015-7969 / XSA-149
      * xen: free domain's vcpu array
    - CVE-2015-7970 / XSA-150
      * x86/PoD: Eager sweep for zeroed pages
    - CVE-2015-7969 / XSA-151
      * xenoprof: free domain's vcpu array
    - CVE-2015-7971 / XSA-152
      * x86: rate-limit logging in do_xen{oprof,pmu}_op()
    - CVE-2015-7972 / XSA-153
      * libxl: adjust PoD target by memory fudge, too
    - CVE-2015-5307 / XSA-156
      * x86/HVM: always intercept #AC and #DB

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 03 Nov 2015 08:39:07 -0600

xen (4.5.1-0ubuntu1) wily; urgency=low

  * New upstream stable release (4.5.1)
    - Replacing the following security changes by upstream versions:
      * CVE-2014-3969 / XSA-98 (update),
        CVE-2015-0268 / XSA-117, CVE-2015-1563 / XSA-118,
        CVE-2015-2152 / XSA-119, CVE-2015-2044 / XSA-121,
        CVE-2015-2045 / XSA-122, CVE-2015-2151 / XSA-123,
        CVE-2015-2752 / XSA-125, CVE-2015-2751 / XSA-127
    - Included security changes which where not yet applied:
      * CVE-2015-4163 / XSA-134, CVE-2015-4164 / XSA-136
  * Applying additional Xen Security Advisories:
    - CVE-2015-3259 / XSA-137
      * xl: Sane handling of extra config file arguments
    - CVE-2015-6654 / XSA-141
      * xen/arm: mm: Do not dump the p2m when mapping a foreign gfn

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 02 Sep 2015 16:37:39 +0200

xen (4.5.1~rc1-1) experimental; urgency=medium

  [ Ian Campbell ]
  * Use xen-init-dom0 from initscript when it is available.
  * Install some user facing docs in xen-utils-common. (Closes: #688308)

  [ Bastian Blank ]
  * New upstream release candidate.

 -- Bastian Blank <waldi@debian.org>  Sun, 31 May 2015 21:59:56 +0200

xen (4.5.0-1ubuntu4) vivid; urgency=low

  * Applying Xen Security Advisories:
    * CVE-2014-3969 / XSA-98 (update)
      - xen: arm: correct arm64 version of gva_to_ma_par
    * CVE-2015-2752 / XSA-125
      - Limit XEN_DOMCTL_memory_mapping hypercall to only process up
        to 64 GFNs (or less)
    * CVE-2015-2751 / XSA-127
      - domctl: don't allow a toolstack domain to call domain_pause() on
        itself

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 08 Apr 2015 10:10:27 +0200

xen (4.5.0-1ubuntu3) vivid; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2015-0268 / XSA-117
      * xen/arm: vgic-v2: Don't crash the hypervisor if the SGI
        target mode is invalid
    - CVE-2015-1563 / XSA-118
      * xen/arm: vgic: message in the emulation code should be
        rate-limited
    - CVE-2015-2152 / XSA-119
      * tools: libxl: Explicitly disable graphics backends on qemu
        cmdline
    - CVE-2015-2044 / XSA-121
      * x86/HVM: return all ones on wrong-sized reads of system device I/O
        ports
    - CVE-2015-2045 / XSA-122
      * pre-fill structures for certain HYPERVISOR_xen_version sub-ops
    - CVE-2015-2151 / XSA-123
      * x86emul: fully ignore segment override for register-only operations

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 04 Mar 2015 12:34:49 +0100

xen (4.5.0-1ubuntu2) vivid; urgency=low

  * Really add a transitional package for xen-hypervisor-4.4-amd64 for
    i386.

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 27 Feb 2015 15:47:49 +0100

xen (4.5.0-1ubuntu1) vivid; urgency=low

  * Merge lastest upstream release from Debian experimental. Remaining
    changes:
    - d/rules.real:
      * Remove reference to OCAMLDESTDIR [minor cleanup]
      * Install xen.cfg into /etc/default/grub.d
      * Declare transitional packages for hypervisor.
    - d/rules.gen:
      * Add rules for transitional hypervisor packages.
    - d/scripts/xen-init-list:
      * Ignore domains not managed by xl (also works around a bug in
        xl list -l).
    - d/tree/xen-utils-common/usr/share/xen-utils-common/default.xen:
      * Add a little more explanation to a config file.
    - d/xen-hypervisor-4.5.xen.cfg
    - d/xen-utils-4.5.postinst and d/xen-utils-4.5.prerm:
      * Remove call to update-alternatives since we did not have those
        created in any release in the upgrade-path.
    - d/xen-utils-common.xen.init (picked from Debian packaging xen.git):
      * Fix removal of xenconsoled pid file.
      * Add code to start a qemu process for dom0.
      * Replace xenstore-writes by xen-init-dom0 call.
 
 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 22 Jan 2015 11:35:47 +0100

xen (4.5.0-1) experimental; urgency=medium

  [ Ian Campbell ]
  * New upstream release

 -- Bastian Blank <waldi@debian.org>  Wed, 21 Jan 2015 20:21:45 +0100

xen (4.5.0~rc3-1) experimental; urgency=medium

  * New upstream release candidate.
  * Re-add xend config.

 -- Bastian Blank <waldi@debian.org>  Wed, 17 Dec 2014 22:37:23 +0100

xen (4.4.1-6) unstable; urgency=medium

  * Fix starvation of writers in locks.
    CVE-2014-9065

 -- Bastian Blank <waldi@debian.org>  Thu, 11 Dec 2014 15:56:08 +0100

xen (4.4.1-5) unstable; urgency=medium

  * Fix excessive checks of hypercall arguments.
    CVE-2014-8866
  * Fix boundary checks of emulated MMIO access.
    CVE-2014-8867
  * Fix additional memory leaks in xl. (closes: #767295)

 -- Bastian Blank <waldi@debian.org>  Sun, 30 Nov 2014 20:13:32 +0100

xen (4.4.1-4) unstable; urgency=medium

  [ Bastian Blank ]
  * Make operations pre-emptible.
    CVE-2014-5146, CVE-2014-5149
  * Don't allow page table updates from non-PV page tables.
    CVE-2014-8594
  * Enforce privilege level while loading code segment.
    CVE-2014-8595
  * Fix reference counter leak.
    CVE-2014-9030
  * Use linux 3.16.0-4 stuff.
  * Fix memory leak in xl. (closes: #767295)

  [ Ian Campbell ]
  * Add licensing for tools/python/logging to debian/copyright.
    (Closes: #759384)
  * Correctly include xen-init-name in xen-utils-common. (Closes: #769543)
  * xen-utils recommends grub-xen-host package (Closes: #770460)

 -- Bastian Blank <waldi@debian.org>  Thu, 27 Nov 2014 20:17:36 +0100

xen (4.4.1-3ubuntu2) vivid; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2014-8594 / XSA-109
      * x86: don't allow page table updates on non-PV page tables in
        do_mmu_update()
    - CVE-2014-8595 / XSA-110
      * x86emul: enforce privilege level restrictions when loading CS
    - CVE-2014-8866 / XSA-111
      * x86: limit checks in hypercall_xlat_continuation() to actual arguments
    - CVE-2014-8867 / XSA-112
      * x86/HVM: confine internally handled MMIO to solitary regions
    - CVE-2014-9030 / XSA-113
      * x86/mm: fix a reference counting error in MMU_MACHPHYS_UPDATE
  * Pulling in Debian change to start qemu in dom0 (LP: #1396068)
  * Picking up Debian change to recommend grub-xen-host from xen-utils.
  * Picking up Debian change to really include xen-init-name.

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 19 Nov 2014 13:47:12 +0100

xen (4.4.1-3ubuntu1) vivid; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/p/series: Completely non-build-affecting additional comments. Just
      helpful hints for maintenance.
    - d/rules.real:
      * Use a separate grub config file in /etc/default/grub.d which auto-
        matically sets the default boot to Xen.
      * Remove OCAMLDESTDIR since all the xend/xm support is gone now.
    - d/scripts/xen-init-list: Avoid calling "xen list -l" without arguments
      as that breaks if there are guests started by libvirt are running.
    - d/xen-utils-4.4.postinst and d/xen-utils-4.4.prerm: Remove call to
      update-alternatives as this has not been used for several releases
      now.
    - d/tree/xen-utils-common/usr/share/xen-utils-common/default.xen:
      Be a bit more verbose in the comments of the file and also point
      out that xm is gone now.

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 28 Oct 2014 17:32:56 +0100

xen (4.4.1-3) unstable; urgency=medium

  [ Bastian Blank ]
  * Remove unused build-depencencies.
  * Extend list affected systems for broken interrupt assignment.
    CVE-2013-3495
  * Fix race in hvm memory management.
    CVE-2014-7154
  * Fix missing privilege checks on instruction emulation.
    CVE-2014-7155, CVE-2014-7156
  * Fix uninitialized control structures in FIFO handling.
    CVE-2014-6268
  * Fix MSR range check in emulation.
    CVE-2014-7188

  [ Ian Campbell ]
  * Install xen.efi into /boot for amd64 builds.

 -- Bastian Blank <waldi@debian.org>  Fri, 17 Oct 2014 16:27:46 +0200

xen (4.4.1-2) unstable; urgency=medium

  * Re-build with correct content.
  * Use dh_lintian.

 -- Bastian Blank <waldi@debian.org>  Wed, 24 Sep 2014 20:23:14 +0200

xen (4.4.1-1) unstable; urgency=medium

  * New upstream release.
    - Fix several vulnerabilities. (closes: #757724)
      CVE-2014-2599, CVE-2014-3124,
      CVE-2014-3967, CVE-2014-3968,
      CVE-2014-4021

 -- Bastian Blank <waldi@debian.org>  Sun, 21 Sep 2014 10:45:47 +0200

xen (4.4.0-5) unstable; urgency=medium

  [ Ian Campbell ]
  * Expand on the descriptions of some packages. (Closes: #466683)
  * Clarify where xen-utils-common is required. (Closes: #612403)
  * No longer depend on gawk. Xen can now use any awk one of which is always
    present. (Closes: #589176)
  * Put core dumps in /var/lib/xen/dump and ensure it exists.
    (Closes: #444000)

  [ Bastian Blank ]
  * Handle JSON output from xl in xendomains init script.

 -- Bastian Blank <waldi@debian.org>  Sat, 06 Sep 2014 22:11:20 +0200

xen (4.4.0-4) unstable; urgency=medium

  [ Bastian Blank ]
  * Also remove unused OCaml packages from control file.
  * Make library packages multi-arch: same. (closes: #730417)
  * Use debhelper compat level 9. (closes: #692352)

  [ Ian Campbell ]
  * Correct contents of /etc/xen/scripts/hotplugpath.sh (Closes: #706283)
  * Drop references cpuperf-xen and cpuperf-perfcntr. (Closes: #733847)
  * Install xentrace_format(1), xentrace(8) and xentop(1). (Closes: #407143)

 -- Bastian Blank <waldi@debian.org>  Sat, 30 Aug 2014 13:34:04 +0200

xen (4.4.0-3) unstable; urgency=medium

  [ Ian Campbell ]
  * Use correct SeaBIOS binary which supports Xen (Closes: #737905).

  [ Bastian Blank ]
  * Really update config.{sub,guess}.

 -- Bastian Blank <waldi@debian.org>  Fri, 29 Aug 2014 16:33:19 +0200

xen (4.4.0-2) unstable; urgency=medium

  * Remove broken and unused OCaml-support.

 -- Bastian Blank <waldi@debian.org>  Mon, 18 Aug 2014 15:18:42 +0200

xen (4.4.0-1) unstable; urgency=medium

  [ Bastian Blank ]
  * New upstream release.
    - Update scripts for compatiblity with latest coreutils.
      (closes: #718898)
    - Fix guest reboot with xl toolstack. (closes: #727100)
    - CVE-2013-6375: Insufficient TLB flushing in VT-d (iommu) code.
      (closes: #730254)
    - xl support for global VNC options. (closes: #744157)
    - vif scripts can now be named relative to /etc/xen/scripts.
      (closes: #744160)
    - Support for arbitrary sized SeaBIOS binaries. (closes: #737905)
    - pygrub searches for extlinux.conf in the expected places.
      (closes: #697407)
    - Update scripts to use correct syntax for ip command.
      (closes: #705659)
  * Fix install of xend configs to not break compatibility.

  [ Ian Campbell ]
  * Disable blktap1 support using new configure option instead of by patching.
  * Disable qemu-traditional and rombios support using new configure option
    instead of by patching. No need to build-depend on ipxe any more.
  * Use system qemu-xen via new configure option instead of patching.
  * Use system seabios via new configure option instead of patching.
  * Use EXTRA_CFLAGS_XEN_TOOLS and APPEND_{CPPFLAGS,LDFLAGS} during build.
  * Add support for armhf and arm64.
  * Update config.{sub,guess}.

 -- Bastian Blank <waldi@debian.org>  Sat, 09 Aug 2014 13:09:00 +0200

xen (4.4.0-0ubuntu9) utopic; urgency=low

  * debian/scripts/xen-init-list: Modify code to only list domains started
    by the xl command (when using libxl). Also working around a bug in the
    "list -l" command of the xl toolstack which causes it to fail if there
    are domains running which are not created by xl (like via libvirt)
    (LP: #1377960).

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 07 Oct 2014 11:05:44 +0200

xen (4.4.0-0ubuntu8) utopic; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2014-5147 / XSA-102
      * xen: arm: handle AArch32 userspace when dumping 64-bit guest state.
      * xen: arm: Correctly handle exception injection from userspace on
        64-bit.
      * xen: arm: Handle traps from 32-bit userspace on 64-bit kernel as undef
    - CVE-2014-5148 / XSA-103
      * xen: arm: Correctly handle do_sysreg exception injection from 64-bit
        userspace
    - CVE-2014-7154 / XSA-104
      * x86/shadow: fix race condition sampling the dirty vram state
    - CVE-2014-7155 / XSA-105
      * x86/emulate: check cpl for all privileged instructions
    - CVE-2014-7156 / XSA-106
      * x86emul: only emulate software interrupt injection for real mode
    - CVE-2014-6268 / XSA-107
      * evtchn: check control block exists when using FIFO-based events
    - CVE-2014-7188 / XSA-108
      * x86/HVM: properly bound x2APIC MSR range

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 26 Sep 2014 09:55:15 +0200

xen (4.4.0-0ubuntu7) utopic; urgency=low

  * d/xen-utils-<version>.postinst: Remove xend config conversion script.
  * d/p/ubuntu-use-seabios-256.patch: Pick the 256K seabios image for
    hvmloader because the 128K default image dropped Xen support.
    (LP: #1370123)

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 16 Sep 2014 17:35:24 +0200

xen (4.4.0-0ubuntu6) utopic; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2014-2599 / XSA-89
      * x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access()
    - CVE-2014-3125 / XSA-91
      * xen/arm: Correctly save/restore CNTKCTL_EL1
    - CVE-2014-3124 / XSA-92
      * x86/HVM: restrict HVMOP_set_mem_type
    - CVE-2014-2915 / XSA-93
      * xen/arm: Inject an undefined instruction when the coproc/sysreg
                 is not handled
      * xen/arm: Don't let the guest access the coprocessors registers
      * xen/arm: Upgrade DCISW into DCCISW
      * xen/arm: Trap cache and TCM lockdown registers
      * xen/arm: Don't expose implementation defined registers (Cp15 c15)
                 to the guest
      * xen/arm: Don't let guess access to Debug and Performance Monitor
                 registers
    - CVE-2014-2986 / XSA-94
      * xen/arm: vgic: Check rank in GICD_ICFGR* emulation before locking
    - CVE-2014-3714, CVE-2014-3715,  CVE-2014-3716, CVE-2014-3717 / XSA-95
      * tools: arm: remove code to check for a DTB appended to the kernel
    - CVE-2014-3967,CVE-2014-3968 / XSA-96
      * x86/HVM: eliminate vulnerabilities from hvm_inject_msi()
    - CVE-2014-3969 / XSA-98
      * xen: arm: check permissions when copying to/from guest virtual
                  addresses
      * xen: arm: ensure we hold a reference to guest pages while we copy
                  to/from them
    - CVE-2014-4021 / XSA-100
      * AMD IOMMU: don't free page table prematurely
      * page-alloc: scrub pages used by hypervisor upon freeing
    - CVE-2014-4022 / XSA-101
      * xen: arm: initialise the grant_table_gpfn array on allocation

 -- Stefan Bader <stefan.bader@canonical.com>  Mon, 23 Jun 2014 15:40:16 +0200

xen (4.4.0-0ubuntu5) trusty; urgency=low

  * Minimal changes to make arm64 build. It produces packages, whatever
    can be done with those is somebody elses problem.

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 11 Apr 2014 15:12:47 +0200

xen (4.4.0-0ubuntu4) trusty; urgency=low

  * Fix up some more stale 4.3 references in xen-utils-4.4 debian
    packaging files.
  * Remove update-alternatives for postinst and prerm of xen-utils-<version>
    as there is no xen-default anymore.
  * debian/rules.real:
    Add etc/default/grub.d and install xen.cfg into it. This adds a
    place to set Xen grub arguments and makes booting into Xen the
    default (with a warning message on running update-grub).
  * debian/rules.real, debian/xen-utils-$(VERSION).postinst, xen-sxp2xm, 
    and xen-migrate-xend-managed-domains:
    Add migration scripts to the xen-utils-$(VERSION) package
    (LP: #1303886).
  * Add transitional packages for migrating xen-hypervisor-4.1-(i386|amd64)
    and xen-hypervisor-4.3-amd64 to add the xen-system-amd64 meta-package
    which is the preferred/recommeded way of installing Xen now.

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 26 Mar 2014 19:25:53 +0100

xen (4.4.0-0ubuntu3) trusty; urgency=low

  * Fixing up changelog history and preparing for FFE (LP: #1290743).

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 20 Mar 2014 12:53:21 +0100

xen (4.4.0-0ubuntu2) trusty; urgency=low

  * debian/patches/tools-ocaml-disable-test.patch: This disables the ocaml
    test build for now until linking issues are resolved.
  * debian/xen-utils-common.xen.init: Write domid for dom0 into xenstore
    (now required).

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 11 Mar 2014 14:26:58 +0100

xen (4.4.0-0ubuntu1) trusty; urgency=low

  * New upstream release (Xen.4.4)
  * Refreshed patches:
    - debian/patches/tools-libxc-abiname.diff
    - debian/patches/tools-libxl-abiname.diff
    - debian/patches/tools-libxl-prefix.diff
  * debian/rules.real: Force xend to be built.
  * debian/rules.real: For utils_<arch> installation move binaries from
    usr/sbin/ to usr/lib/xen-<version>/bin. Several that used to go into
    the private bin directory moved to the public sbin directory.
    Not ideal but quicker to do without side-effects.
  * debian/rules.real: Hypervisor has no .gz type on armhf.
  * debian/control, debian/rules.gen: Manually update version from 4.3 to 4.4.
  * debian/control: Add build dependency for libfdt-dev on armhf.
  * debian/control: Only depend on qemu-system-x86 for i386 and amd64 builds.
  * debian/*: Also rename several versioned packaging files.
  * debian/tree/xen-utils-common/usr/share/xen-utils-common/default.xen:
    Add comment about toolstack names and make xl the default.

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 11 Mar 2014 09:54:35 +0100

xen (4.3.0-3) unstable; urgency=low

  * Revive hypervisor on i386.

 -- Bastian Blank <waldi@debian.org>  Fri, 18 Oct 2013 00:15:16 +0200

xen (4.3.0-2) unstable; urgency=low

  * Force proper install order. (closes: #721999)

 -- Bastian Blank <waldi@debian.org>  Sat, 05 Oct 2013 15:03:36 +0000

xen (4.3.0-1ubuntu5) trusty; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2014-1642 / XSA-83
      * x86/irq: avoid use-after-free on error path in pirq_guest_bind()
    - CVE-2014-1891 / XSA-84
      * flask: fix reading strings from guest memory
    - CVE-2014-1895 / XSA-85
      * xsm/flask: correct off-by-one in flask_security_avc_cachestats
        cpu id check
    - CVE-2014-1896 / XSA-86
      * libvchan: Fix handling of invalid ring buffer indices
    - CVE-2014-1666 / XSA-87
      * x86: PHYSDEVOP_{prepare,release}_msix are privileged
    - CVE-2014-1950 / XSA-88
      * libxc: Fix out-of-memory error handling in xc_cpupool_getinfo()

 -- Stefan Bader <stefan.bader@canonical.com>  Mon, 17 Feb 2014 13:54:15 +0100

xen (4.3.0-1ubuntu4) trusty; urgency=medium

  * Rebuild for ocaml-4.01.

 -- Matthias Klose <doko@ubuntu.com>  Mon, 23 Dec 2013 16:18:35 +0000

xen (4.3.0-1ubuntu3) trusty; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2013-4553 / XSA-74
      * Lock order reversal between page_alloc_lock and mm_rwlock
    - CVE-2013-4551 / XSA-75
      * Host crash due to guest VMX instruction execution
    - CVE-2013-4554 / XSA-76
      * Hypercalls exposed to privilege rings 1 and 2 of HVM guests
    - CVE-????-???? / XSA-77
      * Disaggregated domain management security status
    - CVE-2013-6375 / XSA-78
      * Insufficient TLB flushing in VT-d (iommu) code
    - CVE-2013-6400 / XSA-80
      * IOMMU TLB flushing may be inadvertently suppressed
    - CVE-2013-6885 / XSA-82
      * Guest triggerable AMD CPU erratum may cause host hang

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 06 Dec 2013 17:51:24 +0100

xen (4.3.0-1ubuntu2) trusty; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2013-1442 / XSA-62
      * Information leak on AVX and/or LWP capable CPUs
    - CVE-2013-4355 / XSA-63
      * Information leaks through I/O instruction emulation
    - CVE-2013-4356 / XSA-64
      * Memory accessible by 64-bit PV guests under live migration
    - CVE-2013-4361 / XSA-66
      Information leak through fbld instruction emulation
    - CVE-2013-4368 / XSA-67
      * Information leak through outs instruction emulation
    - CVE-2013-4369 / XSA-68
      * possible null dereference when parsing vif ratelimiting info
    - CVE-2013-4370 / XSA-69
      * misplaced free in ocaml xc_vcpu_getaffinity stub
    - CVE-2013-4371 / XSA-70
      * use-after-free in libxl_list_cpupool under memory pressure
    - CVE-2013-4416 / XSA-72
      * ocaml xenstored mishandles oversized message replies
    - CVE-2013-4494 / XSA-73
      * Lock order reversal between page allocation and grant table locks

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 05 Nov 2013 16:16:05 +0100

xen (4.3.0-1ubuntu1) saucy; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Add armhf to packages (except ocaml related) and create hypervisor
      and system-meta package. Modify build environment to produce Arm
      packages.
      * debian/control
      * debian/rules.gen
      * debian/rules.real
      * debian/patches/ubuntu-tools-armhf-without-ocaml.patch
        Ocaml source fail to build on Arm.
    - Re-introduce xen-hypervisor-amd64 for i386 builds. Otherwise i386
      would be rendered uninstallable.
      * debian/arch/i386/defines
      * debian/control
    - Keep qemu-dm for now (upstream qemu would not support
      migration, yet). Forward-port some patches from the old Debian
      package which still included qemu-dm:
      * debian/patches/qemu-prefix.diff
        Modify LDFLAGS to point to lib dir for qemu-dm.
      * debian/patches/qemu-disable-blktap.diff
        Blktap never went upstream.
      * debian/patches/ubuntu-qemu-disable-qemu-upstream.diff
        We want to use the binary from qemu-system-x86.
      * debian/patches/ubuntu-qemu-upstream-location.patch
        Modify tools to look for qemu-system-i386 in public path.
    - Fixup hvmloader build to find the correct PXE boot roms.
      * ubuntu-tools-firmware-etherboot-kvm-ipxe.diff
    - Add packaging dependency on libxenstore to libxen (otherwise
      libtool fails to find references for libxenlight).
      * debian/rules.real
    - Add migration helper that removes private paths from xend domain
      configs.
      * debian/scripts/Makefile
      * debian/scripts/xend-domain-config-path-strip
      * debian/xen-utils-common.postinst
    - Fix for using ulong instead of unsigned long in gdbsx.
      * debian/patches/toolchain.diff
  * First test for suitable toolstack in xendomains before using the list
    command as that causes the xapi daemon to hang.
    - debian/xen-utils-common.xendomains.init

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 27 Sep 2013 15:12:17 +0200

xen (4.3.0-1) unstable; urgency=low

  * New upstream release.
    - Fix HVM PCI passthrough. (closes: #706543)
  * Call configure with proper arguments.
  * Remove now empty xen-docs package.
  * Disable external code retrieval.
  * Drop all i386 hypervisor packages.
  * Drop complete blktap support.
  * Create /run/xen.
  * Make xen-utils recommend qemu-system-x86. (closes: #688311)
    - This version comes with audio support. (closes: #635166)
  * Make libxenlight and libxlutil public. (closes: #644390)
    - Set versioned ABI name.
    - Install headers.
    - Move libs into normal library path.
  * Use build flags in the tools build.
    - Fix fallout from harderning flags.
  * Update Standards-Version to 3.9.4. No changes.

 -- Bastian Blank <waldi@debian.org>  Thu, 05 Sep 2013 13:54:03 +0200

xen (4.3.0-0ubuntu4) saucy; urgency=low

  * Re-introduce xen-hypervisor-amd64 for i386 builds. Otherwise i386
    would be rendered uninstallable.

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 19 Sep 2013 15:28:06 -0500

xen (4.3.0-0ubuntu3) saucy; urgency=low

  * Avoid building libxenlight with blktap support (at least for now).
    - ubuntu-tools-force-build-without-blktap2.patch
    - debian/rules.real: Do not install libblktapctl
    - debian/libxen-dev.install: Do not package libblktapctl

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 15 Aug 2013 10:07:46 +0200

xen (4.3.0-0ubuntu2) saucy; urgency=low

  * debian/rules.real: Avoid ocaml install and trying to strip hvmload
    which does not exist on Arm.
  * debian/rules.gen: Remove i386 related rules for arch-flavour which
    would try to build the hypervisor (not supported anymore).
  * debian/rules.gen: Add rules for armhf builds.
  * debian/control: Add armhf to packages (except ocaml related) and
    create hypervisor and system-meta package.

 -- Stefan Bader <stefan.bader@canonical.com>  Sat, 03 Aug 2013 10:23:42 +0100

xen (4.3.0-0ubuntu1) saucy; urgency=low

  * debian/rules.real: Drop installing pdf for docs. Upstream dropped
    the xen-abi documentation.
  * debian/rules.real: Add --prefix=/usr to configure calls.
    (Default prefix is now /usr/local)
  * debian/rules -> debian/rules.real: Move modification of LDFLAGS as
    the latter does the compile and since 4.2.2 includes default.mk
    which would set the values back (either to the gcc version or
    to nothing).
  * debian/rules.real: Hack around checks for wget which the Debian build
    does not allow to use.
  * debian/control: Drop i386 versions of xen-hypervisor and xen-system.
    Upstream dropped i386 support for those.
  * debian/control: Add recommends for qemu-system-x86 to xen-utils-4.3.
    Utils (xl stack) will use the generic qemu-system-i386 when being
    told to use qemu-xen and qemu-dm for qemu-xen-traditional.
  * xen-utils-common.xen.init: Create /var/run/xen if not present on
    startup (this directory is used by libxl for qmp sockets).
  * Add support to allow libvirt to build the libxl driver:
    - tools/libxl: Create versioned variants of libxenlight.so and
      libblktapctl.so
    - debian/rules.real: Add packaging dependency on libxenstore to
      libxen (otherwise libtool fails to find references).
    - debian/libxen-dev.install: Package headers and library files
      of libxenlight.
  * Carried over from previous versions:
    - Keep qemu-dm for now (upstream qemu would not support
      migration, yet). Forward-port some patches from the old Debian
      package which still included qemu-dm:
      - qemu-prefix (modify LDFLAGS to point to lib dir for qemu-dm)
      - qemu-disable-blktap (this is not present in upstream)
      - ubuntu-qemu-disable-qemu-upstream (breaks build and also should
        be provided by qemu/kvm package)

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 25 Jun 2013 16:39:42 +0200

xen (4.2.2-1ubuntu1) saucy; urgency=low

  * Merge with Debian unstable. Dropping the following patches in favour
    of Debian ones:
    - xsa52-4.2-unstable.patch
    - xsa53-4.2.patch
    - xsa54.patch
    - xsa56.patch
  * Remaining changes:
    - Use dpkg-buildflags and strip the gcc prefix for getting LDFLAGS.
      This will again use the Ubuntu specific LDFLAGS (using some
      hardening options). Older releases would always pass those options
      in the environment but that changed.
    - Ressurrect qemu-dm for now (upstream qemu would not support
      migration, yet). Forward-port some patches from the old Debian
      package which still included qemu-dm:
      - qemu-prefix (modify LDFLAGS to point to lib dir for qemu-dm)
      - qemu-disable-blktap (this is not present in upstream)
      - ubuntu-qemu-disable-qemu-upstream (breaks build and also should
        be provided by qemu/kvm package)
  * Remaining additional patches:
    - qemu-fix-librt-test.patch
      Fix build regression caused by glibc not requiring to link against
      librt for the clock_gettime function. Patch picked from xen-devel
      mailing list.
    - tools-gdbsx-fix-build-failure-with-glibc-2.17.patch
      Add direct include to sys/types.h for xg_main.c which likely was
      indirectly done before. Needed to get ulong type definition.
    - tools-ocaml-fix-build: refresh and reenable (and fix the description
      of) this patch.  Without it the ocam native libraries (*.cmxa)
      build in /build local paths rather than appropriatly versioned
      library references.
    - APIC Register Virtualization (backported from Xen 4.3)
      - 0001-xen-enable-APIC-Register-Virtualization.patch
      - 0002-xen-enable-Virtual-interrupt-delivery.patch
      - 0003-xen-add-virtual-x2apic-support-for-apicv.patch
    - TSC Adjust Support (backported from Xen 4.3)
      - 0004-x86-Implement-TSC-adjust-feature-for-HVM-guest.patch
      - 0005-x86-Save-restore-TSC-adjust-during-HVM-guest-migrati.patch
      - 0006-x86-Expose-TSC-adjust-to-HVM-guest.patch
    - Fix FTBS on i386
      - 0007-x86-Fix-i386-virtual-apic.patch
    - silence-gcc-warnings.patch: Silence gcc warnings.

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 17 Jul 2013 09:41:37 +0200

xen (4.2.2-1) unstable; urgency=low

  * New upstream release.
    - Fix build with gcc 4.8. (closes: #712376)
  * Build-depend on libssl-dev. (closes: #712366)
  * Enable hardening as much as possible.
  * Re-enable ocaml build fixes. (closes: #695176)
  * Check for out-of-bound values in CPU affinity setup.
    CVE-2013-2072
  * Fix information leak on AMD CPUs.
    CVE-2013-2076
  * Recover from faults on XRSTOR.
    CVE-2013-2077
  * Properly check guest input to XSETBV.
    CVE-2013-2078

 -- Bastian Blank <waldi@debian.org>  Thu, 11 Jul 2013 00:28:24 +0200

xen (4.2.1-2ubuntu2) saucy; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA55
      * libelf: abolish libelf-relocate.c
      * libxc: introduce xc_dom_seg_to_ptr_pages
      * libxc: Fix range checking in xc_dom_pfn_to_ptr etc.
      * libelf: add `struct elf_binary*' parameter to elf_load_image
      * libelf: abolish elf_sval and elf_access_signed
      * libelf: move include of <asm/guest_access.h> to top of file
      * libelf/xc_dom_load_elf_symtab: Do not use "syms" uninitialised
      * libelf: introduce macros for memory access and pointer handling
      * tools/xcutils/readnotes: adjust print_l1_mfn_valid_note
      * libelf: check nul-terminated strings properly
      * libelf: check all pointer accesses
      * libelf: Check pointer references in elf_is_elfbinary
      * libelf: Make all callers call elf_check_broken
      * libelf: use C99 bool for booleans
      * libelf: use only unsigned integers
      * libelf: check loops for running away
      * libelf: abolish obsolete macros
      * libxc: Add range checking to xc_dom_binloader
      * libxc: check failure of xc_dom_*_to_ptr, xc_map_foreign_range
      * libxc: check return values from malloc
      * libxc: range checks in xc_dom_p2m_host and _guest
      * libxc: check blob size before proceeding in xc_dom_check_gzip
      * libxc: Better range check in xc_dom_alloc_segment
    - CVE-XXXX-XXXX / XSA57
      * libxl: Restrict permissions on PV console device xenstore nodes

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 21 Jun 2013 14:23:14 +0200

xen (4.2.1-2ubuntu1) saucy; urgency=low

  * Merge with Debian unstable. Dropping the following patches in favour
    of Debian ones:
    - xsa33-4.2-unstable.patch
    - xsa36-4.2.patch
    - xsa44-4.2.patch
    - xsa45-4.2-01-vcpu-destroy-pagetables-preemptible.patch
    - xsa45-4.2-02-new-guest-cr3-preemptible.patch
    - xsa45-4.2-03-new-user-base-preemptible.patch
    - xsa45-4.2-04-vcpu-reset-preemptible.patch
    - xsa45-4.2-05-set-info-guest-preemptible.patch
    - xsa45-4.2-06-unpin-preemptible.patch
    - xsa45-4.2-07-mm-error-paths-preemptible.patch
    - xsa46-4.2.patch
    - xsa47-4.2-unstable.patch
    - xsa49-4.2.patch
  * Remaining changes:
    - debian/control: Depend on libssl-dev
    - Use dpkg-buildflags and strip the gcc prefix for getting LDFLAGS.
      This will again use the Ubuntu specific LDFLAGS (using some
      hardening options). Older releases would always pass those options
      in the environment but that changed.
    - Ressurrect qemu-dm for now (upstream qemu would not support
      migration, yet). Forward-port some patches from the old Debian
      package which still included qemu-dm:
      - qemu-prefix (modify LDFLAGS to point to lib dir for qemu-dm)
      - qemu-disable-blktap (this is not present in upstream)
      - ubuntu-qemu-disable-qemu-upstream (breaks build and also should
        be provided by qemu/kvm package)
  * Remaining additional patches:
    - qemu-cve-2012-6075-1.patch / qemu-cve-2012-6075-2.patch
    - xsa34-4.2.patch
    - xsa35-4.2-with-xsa34.patch
    - xsa38.patch
    - xsa52-4.2-unstable.patch
    - xsa53-4.2.patch
    - xsa54.patch
    - xsa56.patch
    - qemu-fix-librt-test.patch
      Fix build regression caused by glibc not requiring to link against
      librt for the clock_gettime function. Patch picked from xen-devel
      mailing list.
    - tools-gdbsx-fix-build-failure-with-glibc-2.17.patch
      Add direct include to sys/types.h for xg_main.c which likely was
      indirectly done before. Needed to get ulong type definition.
    - tools-ocaml-fix-build: refresh and reenable (and fix the description
      of) this patch.  Without it the ocam native libraries (*.cmxa)
      build in /build local paths rather than appropriatly versioned
      library references.
    - APIC Register Virtualization (backported from Xen 4.3)
      - 0001-xen-enable-APIC-Register-Virtualization.patch
      - 0002-xen-enable-Virtual-interrupt-delivery.patch
      - 0003-xen-add-virtual-x2apic-support-for-apicv.patch
    - TSC Adjust Support (backported from Xen 4.3)
      - 0004-x86-Implement-TSC-adjust-feature-for-HVM-guest.patch
      - 0005-x86-Save-restore-TSC-adjust-during-HVM-guest-migrati.patch
      - 0006-x86-Expose-TSC-adjust-to-HVM-guest.patch
    - Fix FTBS on i386
      - 0007-x86-Fix-i386-virtual-apic.patch
    - Fix HVM regression when host supports SMEP
      - 0008-vmx-Simplify-cr0-update-handling-by-deferring-cr4-ch.patch
      - 0009-VMX-disable-SMEP-feature-when-guest-is-in-non-paging.patch
      - 0010-VMX-Always-disable-SMEP-when-guest-is-in-non-paging-.patch
    - silence-gcc-warnings.patch: Silence gcc warnings.
    - gcc48-ftbfs.patch
    - gcc48-ftbfs-2.patch

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 14 Jun 2013 10:01:32 +0200

xen (4.2.1-2) unstable; urgency=low

  * Actually upload to unstable.

 -- Bastian Blank <waldi@debian.org>  Sun, 12 May 2013 00:20:58 +0200

xen (4.2.1-1) experimental; urgency=low

  * New upstream release.
  * Enable usage of seabios.
  * Fix some toolchain issues.

 -- Bastian Blank <waldi@debian.org>  Sat, 11 May 2013 23:55:46 +0200

xen (4.2.1-0ubuntu4) saucy; urgency=low

  [ Stefan Bader ]
  * Applying Xen Security Advisories:
    - CVE-2013-1918 / XSA-45
      * x86: make vcpu_destroy_pagetables() preemptible
      * x86: make new_guest_cr3() preemptible
      * x86: make MMUEXT_NEW_USER_BASEPTR preemptible
      * x86: make vcpu_reset() preemptible
      * x86: make arch_set_info_guest() preemptible
      * x86: make page table unpinning preemptible
      * x86: make page table handling error paths preemptible
    - CVE-2013-1952 / XSA-49
      * VT-d: don't permit SVT_NO_VERIFY entries for known device types
    - CVE-2013-2076 / XSA-52
      * x86/xsave: fix information leak on AMD CPUs
    - CVE-2013-2077 / XSA-53
      * x86/xsave: recover from faults on XRSTOR
    - CVE-2013-2078 / XSA-54
      * x86/xsave: properly check guest input to XSETBV
    - CVE-2013-2072 / XSA-56
      * libxc: limit cpu values when setting vcpu affinity

  [ Marc Deslauriers ]
  * debian/patches/gcc48-ftbfs.patch: Add -Wno-unused-local-typedefs to
    CFLAGS.
  * debian/patches/gcc48-ftbfs-2.patch: fix memset(&p,0,sizeof(p)) idiom in
    several places.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 10 Jun 2013 15:03:13 -0400

xen (4.2.1-0ubuntu3.1) raring-security; urgency=low

  * Applying Xen Security Advisories:
    - CVE-2013-1917 / XSA-44
      x86: clear EFLAGS.NT in SYSENTER entry path
    - CVE-2013-1919 / XSA-46
      x86: fix various issues with handling guest IRQs
    - CVE-2013-1920 / XSA-47
      defer event channel bucket pointer store until after XSM checks

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 10 Apr 2013 14:21:15 +0200

xen (4.2.1-0ubuntu3) raring; urgency=low

  * Fix FTBS on i386
    - 0007-x86-Fix-i386-virtual-apic.patch
  * Fix HVM VCPUs getting stuck on boot when host supports SMEP (LP: #1157757)
    - 0008-vmx-Simplify-cr0-update-handling-by-deferring-cr4-ch.patch
    - 0009-VMX-disable-SMEP-feature-when-guest-is-in-non-paging.patch
    - 0010-VMX-Always-disable-SMEP-when-guest-is-in-non-paging-.patch

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 05 Apr 2013 16:39:45 +0200

xen (4.2.1-0ubuntu2) raring; urgency=low

  * Backporting support for Intel APIC virtualization (LP: #1160373)
    - 0001-xen-enable-APIC-Register-Virtualization.patch
    - 0002-xen-enable-Virtual-interrupt-delivery.patch
    - 0003-xen-add-virtual-x2apic-support-for-apicv.patch
  * Backporting support for Intel TSC adjust (LP: #1160378)
    - 0004-x86-Implement-TSC-adjust-feature-for-HVM-guest.patch
    - 0005-x86-Save-restore-TSC-adjust-during-HVM-guest-migrati.patch
    - 0006-x86-Expose-TSC-adjust-to-HVM-guest.patch

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 26 Mar 2013 09:41:25 +0100

xen (4.2.1-0ubuntu1) raring; urgency=low

  * New upstream stable release. Remaining changes:
    - Fix to qemu for CVE-2012-6075
    - Patches for XSA33-36 and 38
    - qemu-fix-librt-test.patch
      Fix build regression caused by glibc not requiring to link against
      librt for the clock_gettime function. Patch picked from xen-devel
      mailing list.
    - tools-gdbsx-fix-build-failure-with-glibc-2.17.patch
      Add direct include to sys/types.h for xg_main.c which likely was
      indirectly done before. Needed to get ulong type definition.
    - tools-ocaml-fix-build: refresh and reenable (and fix the description
      of) this patch.  Without it the ocam native libraries (*.cmxa)
      build in /build local paths rather than appropriatly versioned
      library references.
    - Use dpkg-buildflags and strip the gcc prefix for getting LDFLAGS.
      This will again use the Ubuntu specific LDFLAGS (using some
      hardening options). Older releases would always pass those options
      in the environment but that changed.
    - Ressurrect qemu-dm for now (upstream qemu would not support
      migration, yet). Forward-port some patches from the old Debian
      package which still included qemu-dm:
      - qemu-prefix (modify LDFLAGS to point to lib dir for qemu-dm)
      - qemu-disable-blktap (this is not present in upstream)
      - ubuntu-qemu-disable-qemu-upstream (breaks build and also should
        be provided by qemu/kvm package)
    - Build depend on kvm-ipxe (instead of ipxe) as it is smaller and fix
      up hvmloader build. kvm-ipxe contains a subset of the rom files from
      which the Xen build only uses two to be embedded in the hvmloader.
    - debian/patches/silence-gcc-warnings.patch: Silence gcc warnings.

 -- Stefan Bader <stefan.bader@canonical.com>  Fri, 08 Mar 2013 10:34:54 +0100

xen (4.2.0-2) experimental; urgency=low

  * Support JSON output in domain init script helper.

 -- Bastian Blank <waldi@debian.org>  Mon, 01 Oct 2012 15:11:30 +0200

xen (4.2.0-1ubuntu6) raring; urgency=low

  * Applying Xen Security Advisory:
    - VT-d: fix interrupt remapping source validation for devices behind
      legacy bridges
      CVE-2012-5634 / XSA-33
    - x86_32: don't allow use of nested HVM
      CVE-2013-0151 / XSA-34
    - xen: Do not allow guests to enable nested HVM on themselves
      CVE-2013-0152 / XSA-35
    - ACPI: acpi_table_parse() should return handler's error code
      CVE-2013-0153 / XSA-36
    - oxenstored incorrect handling of certain Xenbus ring states
      CVE-2013-0215 / XSA-38
  * Applying qemu security fixes:
    - e1000: Discard packets that are too long if !SBP and !LPE
      CVE-2012-6075 / XSA-41
    - Discard packets longer than 16384 when !SBP to match the hardware
      behavior.
      CVE-2012-6075 / XSA-41
  * qemu-fix-librt-test.patch
    Fix build regression caused by glibc not requiring to link against
    librt for the clock_gettime function. Patch picked from xen-devel
    mailing list.
  * tools-gdbsx-fix-build-failure-with-glibc-2.17.patch
    Add direct include to sys/types.h for xg_main.c which likely was
    indirectly done before. Needed to get ulong type definition.

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 29 Jan 2013 15:48:47 +0100

xen (4.2.0-1ubuntu5) raring; urgency=low

  * Add libssl-dev to Build-Depends. 

 -- Chris J Arges <chris.j.arges@canonical.com>  Tue, 15 Jan 2013 11:13:48 -0600

xen (4.2.0-1ubuntu4) raring; urgency=low

  * Applying Xen Security fixes (LP: #1086875)
    - gnttab: fix releasing of memory upon switches between versions
      CVE-2012-5510
    - hvm: Limit the size of large HVM op batches
      CVE-2012-5511
    - xen: add missing guest address range checks to XENMEM_exchange handlers
      CVE-2012-5513
    - xen: fix error handling of guest_physmap_mark_populate_on_demand()
      CVE-2012-5514
    - memop: limit guest specified extent order
      CVE-2012-5515
    - x86: get_page_from_gfn() must return NULL for invalid GFNs
      CVE-2012-5525

 -- Stefan Bader <stefan.bader@canonical.com>  Wed, 05 Dec 2012 18:13:25 +0100

xen (4.2.0-1ubuntu3) raring; urgency=low

  * tools-ocaml-fix-build: refresh and reenable (and fix the description
    of) this patch.  Without it the ocam native libraries (*.cmxa)
    build in /build local paths rather than appropriatly versioned
    library references.

 -- Andy Whitcroft <apw@ubuntu.com>  Thu, 29 Nov 2012 21:49:00 +0000

xen (4.2.0-1ubuntu2) raring; urgency=low

  * Drop replaces and conflicts for xen3 packages (they are no longer
    in the upgrade path) from debian/control:
    - libxenstore3.0: Conflict and replaces libxen3.
    - libxen-dev: Conflict and replaces libxen3-dev.
    - xenstore-utils: Conflict and replaces libxen3
    - xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
      and xen-utils-3.3
  * Use dpkg-buildflags and strip the gcc prefix for getting LDFLAGS.
    This will again use the Ubuntu specific LDFLAGS (using some
    hardening options). Older releases would always pass those options
    in the environment but that changed.
  * Ressurrect qemu-dm for now (upstream qemu would not support
    migration, yet). Forward-port some patches from the old Debian
    package which still included qemu-dm:
    - qemu-prefix (modify LDFLAGS to point to lib dir for qemu-dm)
    - qemu-disable-blktap (this is not present in upstream)
    - ubuntu-qemu-disable-qemu-upstream (breaks build and also should
      be provided by qemu/kvm package)
  * Build depend on kvm-ipxe (instead of ipxe) as it is smaller and fix
    up hvmloader build. kvm-ipxe contains a subset of the rom files from
    which the Xen build only uses two to be embedded in the hvmloader.
  * XSA-20: Prevent overflow in calculations, leading to DoS vulnerability
    - CVE-2012-4535
  * XSA-22: Prevent incorrect updates of m2p mappings
    - CVE-2012-4537
  * XSA-23: check toplevel pagetables are present before unhooking them
    - CVE-2012-4538
  * XSA-24: Prevent infinite loop in compat code
    - CVE-2012-4539
  * XSA-25: limit maximum size of kernel/ramdisk
    - CVE-2012-4544

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 13 Nov 2012 09:03:58 +0100

xen (4.2.0-1ubuntu1) raring; urgency=low

  * Merge from Debian Experimental, Remaining changes:
    - debian/control:
      - Build depends on ipxe-qemu.
      - libxenstore3.0: Conflict and replaces libxen3.
      - libxen-dev: Conflict and replaces libxen3-dev.
      - xenstore-utils: Conflict and replaces libxen3
      - xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
        and xen-utils-4.1.
      - Make sure the LDFLAGS value passed is suitable for use by ld
        rather than gcc.
    - disable debian/patches/config-etherboot.diff.
    - debian/patches/silence-gcc-warnings.patch: Silence gcc warnings.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 08 Nov 2012 12:14:30 -0600

xen (4.2.0-1) experimental; urgency=low

  * New upstream release.

 -- Bastian Blank <waldi@debian.org>  Tue, 18 Sep 2012 13:54:30 +0200

xen (4.2.0~rc3-1) experimental; urgency=low

  * New upstream snapshot.

 -- Bastian Blank <waldi@debian.org>  Fri, 07 Sep 2012 20:28:46 +0200

xen (4.2.0~rc2-1) experimental; urgency=low

  * New upstream snapshot.
  * Build-depend against libglib2.0-dev and libyajl-dev.
  * Disable seabios build for now.
  * Remove support for Lenny and earlier.
  * Support build-arch and build-indep make targets.

 -- Bastian Blank <waldi@debian.org>  Sun, 13 May 2012 12:21:10 +0000

xen (4.1.4-4) unstable; urgency=high

  * Make several long runing operations preemptible.
    CVE-2013-1918
  * Fix source validation for VT-d interrupt remapping.
    CVE-2013-1952

 -- Bastian Blank <waldi@debian.org>  Thu, 02 May 2013 14:30:29 +0200

xen (4.1.4-3) unstable; urgency=high

  * Fix return from SYSENTER.
    CVE-2013-1917
  * Fix various problems with guest interrupt handling.
    CVE-2013-1919
  * Only save pointer after access checks.
    CVE-2013-1920
  * Fix domain locking for transitive grants.
    CVE-2013-1964

 -- Bastian Blank <waldi@debian.org>  Fri, 19 Apr 2013 13:01:57 +0200

xen (4.1.4-2) unstable; urgency=low

  * Use pre-device interrupt remapping mode per default. Fix removing old
    remappings.
    CVE-2013-0153

 -- Bastian Blank <waldi@debian.org>  Wed, 06 Feb 2013 13:04:52 +0100

xen (4.1.4-1) unstable; urgency=low

  * New upstream release.
    - Disable process-context identifier support in newer CPUs for all
      domains.
    - Add workarounds for AMD errata.
    - Don't allow any non-canonical addresses.
    - Use Multiboot memory map if BIOS emulation does not provide one.
    - Fix several problems in tmem.
      CVE-2012-3497
    - Fix error handling in domain creation.
    - Adjust locking and interrupt handling during S3 resume.
    - Tighten more resource and memory range checks.
    - Reset performance counters. (closes: #698651)
    - Remove special-case for first IO-APIC.
    - Fix MSI handling for HVM domains. (closes: #695123)
    - Revert cache value of disks in HVM domains.

 -- Bastian Blank <waldi@debian.org>  Thu, 31 Jan 2013 15:44:50 +0100

xen (4.1.3-8) unstable; urgency=high

  * Fix error in VT-d interrupt remapping source validation.
    CVE-2012-5634
  * Fix buffer overflow in qemu e1000 emulation.
    CVE-2012-6075
  * Update patch, mention second CVE.
    CVE-2012-5511, CVE-2012-6333

 -- Bastian Blank <waldi@debian.org>  Sat, 19 Jan 2013 13:55:07 +0100

xen (4.1.3-7) unstable; urgency=low

  * Fix clock jump due to incorrect annotated inline assembler.
    (closes: #599161)
  * Add support for XZ compressed Linux kernels to hypervisor and userspace
    based loaders, it is needed for any Linux kernels newer then Wheezy.
    (closes: #695056)

 -- Bastian Blank <waldi@debian.org>  Tue, 11 Dec 2012 18:54:59 +0100

xen (4.1.3-6) unstable; urgency=high

  * Fix error handling in physical to machine memory mapping.
    CVE-2012-5514

 -- Bastian Blank <waldi@debian.org>  Tue, 04 Dec 2012 10:51:43 +0100

xen (4.1.3-5) unstable; urgency=high

  * Fix state corruption due to incomplete grant table switch.
    CVE-2012-5510
  * Check range of arguments to several HVM operations.
    CVE-2012-5511, CVE-2012-6333
  * Check array index before using it in HVM memory operation.
    CVE-2012-5512
  * Check memory range in memory exchange operation.
    CVE-2012-5513
  * Don't allow too large memory size and avoid busy looping.
    CVE-2012-5515

 -- Bastian Blank <waldi@debian.org>  Mon, 03 Dec 2012 19:37:38 +0100

xen (4.1.3-4) unstable; urgency=high

  * Use linux 3.2.0-4 stuff.
  * Fix overflow in timer calculations.
    CVE-2012-4535
  * Check value of physical interrupts parameter before using it.
    CVE-2012-4536
  * Error out on incorrect memory mapping updates.
    CVE-2012-4537
  * Check if toplevel page tables are present.
    CVE-2012-4538
  * Fix infinite loop in compatibility code.
    CVE-2012-4539
  * Limit maximum kernel and ramdisk size.
    CVE-2012-2625, CVE-2012-4544

 -- Bastian Blank <waldi@debian.org>  Tue, 20 Nov 2012 15:51:01 +0100

xen (4.1.3-3ubuntu1) quantal; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - libxenstore3.0: Conflict and replaces libxen3.
    - libxen-dev: Conflict and replaces libxen3-dev.
    - xenstore-utils: Conflict and replaces libxen3.
    - xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
      and xen-utils-4.1.
    - Change depend back to ipxe as we do not have ipxe-qemu.
    - etherboot: Change the config back to include the 8086100e.rom
    - Dropped:
      - Make sure the LDFLAGS value passed is suitable for use by ld
        rather than gcc. Right now there seem to be no LDFLAGS passed.
  * Backported AMD specific improvements from upstream Xen (LP: #1009098):
    - svm: Do not intercept RDTSC(P) when TSC scaling is supported by hardware
    - x86: Use deep C states for off-lined CPUs
    - x86/AMD: Add support for AMD's OSVW feature in guests.
    - hvm: vpmu: Enable HVM VPMU for AMD Family 12h and 14h processors

 -- Stefan Bader <stefan.bader@canonical.com>  Thu, 27 Sep 2012 21:27:44 +0200

xen (4.1.3-3) unstable; urgency=low

  * Xen domain init script:
    - Make sure Open vSwitch is started before any domain.
    - Properly handle and show output of failed migration and save.
    - Ask all domains to shut down before checking them.

 -- Bastian Blank <waldi@debian.org>  Tue, 18 Sep 2012 13:26:32 +0200

xen (4.1.3-2) unstable; urgency=medium

  * Don't allow writing reserved bits in debug register.
    CVE-2012-3494
  * Fix error handling in interrupt assignment.
    CVE-2012-3495
  * Don't trigger bug messages on invalid flags.
    CVE-2012-3496
  * Check array bounds in interrupt assignment.
    CVE-2012-3498
  * Properly check bounds while setting the cursor in qemu.
    CVE-2012-3515
  * Disable monitor in qemu by default.
    CVE-2012-4411

 -- Bastian Blank <waldi@debian.org>  Fri, 07 Sep 2012 19:41:46 +0200

xen (4.1.3-1) unstable; urgency=medium

  * New upstream release: (closes: #683286)
    - Don't leave the x86 emulation in a bad state. (closes: #683279)
      CVE-2012-3432
    - Only check for shared pages while any exist on teardown.
      CVE-2012-3433
    - Fix error handling for unexpected conditions.
    - Update CPUID masking to latest Intel spec.
    - Allow large ACPI ids.
    - Fix IOMMU support for PCI-to-PCIe bridges.
    - Disallow access to some sensitive IO-ports.
    - Fix wrong address in IOTLB.
    - Fix deadlock on CPUs without working cpufreq driver.
    - Use uncached disk access in qemu.
    - Fix buffer size on emulated e1000 device in qemu.
  * Fixup broken and remove applied patches.

 -- Bastian Blank <waldi@debian.org>  Fri, 17 Aug 2012 11:25:02 +0200

xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-5) unstable; urgency=low

  [ Ian Campbell ]
  * Set tap device MAC addresses to fe:ff:ff:ff:ff:ff (Closes: #671018)
  * Only run xendomains initscript if toolstack is xl or xm (Closes: #680528)

  [ Bastian Blank ]
  * Actually build-depend on new enough version of dpkg-dev.
  * Add xen-sytem-* meta-packages. We are finally in a position to do
    automatic upgrades and this package is missing. (closes: #681376)

 -- Bastian Blank <waldi@debian.org>  Sat, 28 Jul 2012 10:23:26 +0200

xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-4ubuntu1) quantal; urgency=low

  [ Ubuntu Merge-o-Matic ]
  * Merge from Debian unstable.  Remaining changes:
      - Thanks to Stefan Bader.
      - libxenstore3.0: Conflict and replaces libxen3.
      - libxen-dev: Conflict and replaces libxen3-dev.
      - xenstore-utils: Conflict and replaces libxen3.
      - xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
        and xen-utils-4.1.
      - Change depend back to ipxe as we do not have ipxe-qemu.
      - etherboot: Change the config back to include the 8086100e.rom
      - Dropped:
        - Make sure the LDFLAGS value passed is suitable for use by ld
          rather than gcc. Right now there seem to be no LDFLAGS passed.


 -- Chuck Short <zulcss@ubuntu.com>  Tue, 03 Jul 2012 08:43:03 -0400

xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-4) unstable; urgency=low

  * Add Build-Using info to xen-utils package.
  * Fix build-arch target.

 -- Bastian Blank <waldi@debian.org>  Sun, 01 Jul 2012 19:52:30 +0200

xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-3) unstable; urgency=low

  * Remove /usr/lib/xen-default. It breaks systems if xenstored is not
    compatible.
  * Fix init script usage.
  * Fix udev rules for emulated network devices:
    - Force names of emulated network devices to a predictable name.

 -- Bastian Blank <waldi@debian.org>  Sun, 01 Jul 2012 16:59:04 +0200

xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-2) unstable; urgency=low

  * Fix pointer missmatch in interrupt functions. Fixes build on i386.

 -- Bastian Blank <waldi@debian.org>  Fri, 15 Jun 2012 18:00:51 +0200

xen (4.1.3~rc1+hg-20120614.a9c0a89c08f2-1) unstable; urgency=low

  * New upstream snapshot.
    - Fix privilege escalation and syscall/sysenter DoS while using
      non-canonical addresses by untrusted PV guests. (closes: #677221)
      CVE-2012-0217
      CVE-2012-0218
    - Disable Xen on CPUs affected by AMD Erratum #121. PV guests can
      cause a DoS of the host.
      CVE-2012-2934
  * Don't fail if standard toolstacks are not available. (closes: #677244)

 -- Bastian Blank <waldi@debian.org>  Thu, 14 Jun 2012 17:06:25 +0200

xen (4.1.2-7) unstable; urgency=low

  * Really use ucf.
  * Update init script dependencies:
    - Start $syslog before xen.
    - Start drbd and iscsi before xendomains. (closes: #626356)
    - Start corosync and heartbeat after xendomains.
  * Remove /var/log/xen on purge. (closes: #656216)

 -- Bastian Blank <waldi@debian.org>  Tue, 22 May 2012 10:44:41 +0200

xen (4.1.2-6) unstable; urgency=low

  * Fix generation of architectures for hypervisor packages.
  * Remove information about loop devices, it is incorrect. (closes: #503044)
  * Update xendomains init script:
    - Create directory for domain images only root readable. (closes: #596048)
    - Add missing sanity checks for variables. (closes: #671750)
    - Remove not longer supported config options.
    - Don't fail if no config is available.
    - Remove extra output if domain was restored.

 -- Bastian Blank <waldi@debian.org>  Sun, 06 May 2012 20:07:41 +0200

xen (4.1.2-5) unstable; urgency=low

  * Actually force init script rename. (closes: #669341)
  * Fix long output from xl.
  * Move complete init script setup.
  * Rewrite xendomains init script:
    - Use LSB output functions.
    - Make output more clear.
    - Use xen toolstack wrapper.
    - Use a python script to properly read domain details.
  * Set name for Domain-0.

 -- Bastian Blank <waldi@debian.org>  Mon, 23 Apr 2012 11:56:45 +0200

xen (4.1.2-4) unstable; urgency=low

  [ Bastian Blank ]
  * Build-depend on ipxe-qemu instead of ipxe. (closes: #665070)
  * Don't longer use a4wide latex package.
  * Use ucf for /etc/default/xen.
  * Remove handling for old udev rules link and xenstored directory.
  * Rename xend init script to xen.

  [ Lionel Elie Mamane ]
  * Fix toolstack script to work with old dash. (closes: #648029)

 -- Bastian Blank <waldi@debian.org>  Mon, 16 Apr 2012 08:47:29 +0000

xen (4.1.2-3) unstable; urgency=low

  * Merge xen-common source package.
  * Remove xend wrapper, it should not be called by users.
  * Support xl in init script.
  * Restart xen daemons on upgrade.
  * Restart and stop xenconsoled in init script.
  * Load xen-gntdev module.
  * Create /var/lib/xen. (closes: #658101)
  * Cleanup udev rules. (closes: #657745)

 -- Bastian Blank <waldi@debian.org>  Wed, 01 Feb 2012 19:28:28 +0100

xen (4.1.2-2ubuntu2) precise; urgency=low

  * etherboot: Change the config back to include the 8086100e.rom
    (LP: #948333)

 -- Stefan Bader <stefan.bader@canonical.com>  Tue, 06 Mar 2012 20:58:14 +0100

xen (4.1.2-2ubuntu1) precise; urgency=low

  * Merge from Debian testing.  Remaining changes:
      - libxenstore3.0: Conflict and replaces libxen3.
      - libxen-dev: Conflict and replaces libxen3-dev.
      - xenstore-utils: Conflict and replaces libxen3.
      - xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
        and xen-utils-4.1.
      - Make sure the LDFLAGS value passed is suitable for use by ld
        rather than gcc.
      - Dropped:
        - debian/patches/upstream-23044:d4ca456c0c25
        - debian/patches/upstream-23104:1976adbf2b80
        - debian/patches/upstream-changeset-23146.patch
        - debian/patches/upstream-changeset-23147.patch
        - debian/patches/xen-pirq-resubmit-irq.patch

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 22 Dec 2011 04:53:35 +0000

xen (4.1.2-2) unstable; urgency=low

  [ Jon Ludlam ]
  * Import (partially reworked) upstream changes for OCaml support.
    - Rename the ocamlfind packages.
    - Remove uuid and log libraries.
    - Fix 2 bit-twiddling bugs and an off-by-one
  * Fix build of OCaml libraries.
  * Add OCaml library and development package.
  * Include some missing headers.

 -- Bastian Blank <waldi@debian.org>  Sat, 10 Dec 2011 19:13:25 +0000

xen (4.1.2-1) unstable; urgency=low

  * New upstream release.
  * Build-depend on pkg-config.
  * Add package libxen-4.1. Includes some shared libs.

 -- Bastian Blank <waldi@debian.org>  Sat, 26 Nov 2011 18:28:06 +0100

xen (4.1.1-3ubuntu1) precise; urgency=low

  * Merge from Debian testing.  Remaining changes:
      - libxenstore3.0: Conflict and replaces libxen3.
      - libxen-dev: Conflict and replaces libxen3-dev.
      - xenstore-utils: Conflict and replaces libxen3.
      - xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
        and xen-utils-4.1.
      - Make sure the LDFLAGS value passed is suitable for use by ld
        rather than gcc.
      - debian/patches/upstream-changeset-23146.patch,
        debian/patches/upstream-changeset-23147.patch: Fix booting with hvm
        domU. (LP: #832207)
      - debian/patches/xen-pirq-resubmit-irq.patch: Retrigger pirq events
        when asserted while processing. (LP: #854829)

 -- Chuck Short <zulcss@ubuntu.com>  Sun, 06 Nov 2011 05:51:08 +0000

xen (4.1.1-3) unstable; urgency=low

  [ Julien Danjou ]
  * Remove Julien Danjou from the Uploaders field. (closes: #590439)

  [ Bastian Blank ]
  * Use current version of python. (closes: #646660)
  * Build-depend against liblzma-dev, it is used if available.
    (closes: #646694)
  * Update Standards-Version to 3.9.2. No changes.
  * Don't use brace-expansion in debhelper install files.

 -- Bastian Blank <waldi@debian.org>  Wed, 26 Oct 2011 14:42:33 +0200

xen (4.1.1-2ubuntu4.1) oneiric-proposed; urgency=low

  * debian/patches/xen-pirq-resubmit-irq.patch: Retrigger
    pirq events when asserted while processing. Thanks to Stefan Bader
    (LP: #854829) 

 -- Chuck Short <zulcss@ubuntu.com>  Mon, 10 Oct 2011 19:30:09 -0400

xen (4.1.1-2ubuntu4) oneiric; urgency=low

  * Rebuild to drop build records on armel and powerpc. LP: #823714.

 -- Matthias Klose <doko@ubuntu.com>  Thu, 06 Oct 2011 14:15:35 +0200

xen (4.1.1-2ubuntu2) oneiric; urgency=low

  * Clean up patches. 
  * debian/patches/upstream-changeset-23146.patch,
    debian/patches/upstream-changeset-23147.patch: Fix booting with hvm
    domU. (LP: #832207)

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 01 Sep 2011 13:13:47 -0400

xen (4.1.1-2ubuntu1) oneiric; urgency=low

  * Merge from debian unstable.  Remaining changes:
      - libxenstore3.0: Conflict and replaces libxen3.
      - libxen-dev: Conflict and replaces libxen3-dev.
      - xenstore-utils: Conflict and replaces libxen3.
      - xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
        and xen-utils-4.1.
    + Make sure the LDFLAGS value passed is suitable for use by ld
      rather than gcc.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 11 Aug 2011 14:18:41 +0000

xen (4.1.1-2) unstable; urgency=low

  * Fix hvmloader with gcc 4.6.

 -- Bastian Blank <waldi@debian.org>  Fri, 05 Aug 2011 23:58:36 +0200

xen (4.1.1-1ubuntu1) oneiric; urgency=low

  * Merge from debian unstable.  Remaining changes:
    + Xen 3.3 -> Xen 4.1 migration:
      - libxenstore3.0: Conflict and replaces libxen3.
      - libxen-dev: Conflict and replaces libxen3-dev.
      - xenstore-utils: Conflict and replaces libxen3.
      - xen-utils-4.1: Conflict and replaces libxen3, python-xen-3.3,
        and xen-utils-4.1.
    + Make sure the LDFLAGS value passed is suitable for use by ld
      rather than gcc.
    + Dropped upstream patches:
      - debian/patches/disable-unused-but-not-set-error.patch:
        Applied upstream.
      - debian/patches/xc-dom-restore-set-but-not-used.patch:
        Applied upstream.
      - debian/patches/xc-dom-restore-set-but-not-used.patch:
        Applied upstream.

 -- Chuck Short <zulcss@ubuntu.com>  Tue, 19 Jul 2011 00:11:08 +0000

xen (4.1.1-1) unstable; urgency=low

  * New upstream release.
  * Don't use qemu-dm if it is not needed. (Backport from xen-unstable.)
  * Use dh_python2.

 -- Bastian Blank <waldi@debian.org>  Mon, 18 Jul 2011 19:38:38 +0200

xen (4.1.0-3ubuntu4) oneiric; urgency=low

  * Fix xen 3.3 -> xen 4.1 migration. 

 -- Chuck Short <zulcss@ubuntu.com>  Sat, 04 Jun 2011 15:37:17 -0400

xen (4.1.0-3ubuntu3) oneiric; urgency=low

  * debian/control: Use python2.7 as a build dependency. 

 -- Chuck Short <zulcss@ubuntu.com>  Tue, 31 May 2011 14:50:03 -0400

xen (4.1.0-3ubuntu2) oneiric; urgency=low

  * debian/control: 
     + Move to python 2.7. 
     + Xen 3.3 -> Xen4.1 migration:
       - libxenstore3.0: Conflict and replaces libxen3.
       - libxen-dev: Conflict and replaces libxen3-dev.
       - xenstore-tuils: Conflict and replaces libxen3
       - xen-utils-4.1: Confflict and replaces libxen3, python-xen3.3, 
         and xen-utils-3.3

 -- Chuck Short <zulcss@ubuntu.com>  Tue, 31 May 2011 13:15:08 -0400

xen (4.1.0-3ubuntu1) oneiric; urgency=low

  * Make sure the LDFLAGS value passed is suitable for use by ld,
    rather than gcc.
  * Import a set of gcc 4.6 related build fixes from upstream hg.
    (disable-unused-but-not-set-error.patch,
     ioapic-uninitialised-variables.patch,
     patches/xc-dom-restore-set-but-not-used.patch,
     xc-tmem-set-but-not-used.patch)

 -- Soren Hansen <soren@ubuntu.com>  Thu, 26 May 2011 14:27:18 +0200

xen (4.1.0-3) unstable; urgency=low

  * Add ghostscript to build-deps.
  * Enable qemu-dm build.
    - Add qemu as another orig tar.
    - Remove blktap1, bluetooth and sdl support from qemu.
    - Recommend qemu-keymaps and qemu-utils.

 -- Bastian Blank <waldi@debian.org>  Thu, 28 Apr 2011 15:20:45 +0200

xen (4.1.0-2) unstable; urgency=low

  * Re-enable hvmloader:
    - Use packaged ipxe.
  * Workaround incompatibility with xenstored of Xen 4.0.

 -- Bastian Blank <waldi@debian.org>  Fri, 15 Apr 2011 11:38:25 +0200

xen (4.1.0-1) unstable; urgency=low

  * New upstream release.

 -- Bastian Blank <waldi@debian.org>  Sun, 27 Mar 2011 18:09:28 +0000

xen (4.1.0~rc6-1) unstable; urgency=low

  * New upstream release candidate.
  * Build documentation using pdflatex.
  * Use python 2.6. (closes: #596545)
  * Fix lintian override.
  * Install new tools: xl, xenpaging.
  * Enable blktap2.
    - Use own md5 implementation.
    - Fix includes.
    - Fix linking of blktap2 binaries.
    - Remove optimization setting.
  * Temporarily disable hvmloader, wants to download ipxe.
  * Remove xenstored pid check from xl.

 -- Bastian Blank <waldi@debian.org>  Thu, 17 Mar 2011 16:12:45 +0100

xen (4.0.1-2) unstable; urgency=low

  * Fix races in memory management.
  * Make sure that frame-table compression leaves enough alligned.
  * Disable XSAVE support. (closes: #595490)
  * Check for dying domain instead of raising an assertion.
  * Add C6 state with EOI errata for Intel.
  * Make some memory management interrupt safe. Unsure if really needed.
  * Raise bar for inter-socket migrations on mostly-idle systems.
  * Fix interrupt handling for legacy routed interrupts.
  * Allow to set maximal domain memory even during a running change.
  * Support new partition name in pygrub. (closes: #599243)
  * Fix some comparisions "< 0" that may be optimized away.
  * Check for MWAIT support before using it.
  * Fix endless loop on interrupts on Nehalem cpus.
  * Don't crash upon direct GDT/LDT access. (closes: #609531)
    CVE-2010-4255  
  * Don't loose timer ticks after domain restore.
  * Reserve some space for IOMMU area in dom0. (closes: #608715)
  * Fix hypercall arguments after trace callout.
  * Fix some error paths in vtd support. Memory leak.
  * Reinstate ACPI DMAR table.

 -- Bastian Blank <waldi@debian.org>  Wed, 12 Jan 2011 15:01:40 +0100

xen (4.0.1-1) unstable; urgency=low

  * New upstream release.
    - Fix IOAPIC S3 with interrupt remapping enabled.

 -- Bastian Blank <waldi@debian.org>  Fri, 03 Sep 2010 17:14:28 +0200

xen (4.0.1~rc6-1) unstable; urgency=low

  * New upstream release candidate.
    - Add some missing locks for page table walk.
    - Fix NMU injection into guest.
    - Fix ioapic updates for vt-d.
    - Add check for GRUB2 commandline behaviour.
    - Fix handling of invalid kernel images.
    - Allow usage of powernow.
  * Remove lowlevel python modules usage from pygrub. (closes: #588811)

 -- Bastian Blank <waldi@debian.org>  Tue, 17 Aug 2010 23:15:34 +0200

xen (4.0.1~rc5-1) unstable; urgency=low

  * New upstream release candidate.

 -- Bastian Blank <waldi@debian.org>  Mon, 02 Aug 2010 17:06:27 +0200

xen (4.0.1~rc3-1) unstable; urgency=low

  * New upstream release candidate.
  * Call dh_pyversion with the correct version.
  * Restart xen daemon on upgrade.

 -- Bastian Blank <waldi@debian.org>  Wed, 30 Jun 2010 16:30:47 +0200

xen (4.0.0-2) unstable; urgency=low

  * Fix python dependency. (closes: #586666)
    - Use python-support.
    - Hardcode to use python 2.5 for now.

 -- Bastian Blank <waldi@debian.org>  Mon, 21 Jun 2010 17:23:16 +0200

xen (4.0.0-1) unstable; urgency=low

  * Update to unstable.
  * Fix spelling in README.
  * Remove unnecessary build-depends.
  * Fixup xend to use different filename lookup.

 -- Bastian Blank <waldi@debian.org>  Thu, 17 Jun 2010 11:16:55 +0200

xen (4.0.0-1~experimental.2) experimental; urgency=low

  * Merge changes from 3.4.3-1.

 -- Bastian Blank <waldi@debian.org>  Fri, 28 May 2010 12:58:12 +0200

xen (4.0.0-1~experimental.1) experimental; urgency=low

  * New upstream version.
  * Rename source package to xen.
  * Build depend against iasl and uuid-dev.
  * Disable blktap2 support, it links against OpenSSL.
  * Update copyright file.

 -- Bastian Blank <waldi@debian.org>  Thu, 06 May 2010 15:47:38 +0200

xen-3 (3.4.3-1) unstable; urgency=low

  * New upstream version.
  * Disable blktap support, it is unusable with current kernels.
  * Disable libaio, was only used by blktap.
  * Drop device creation support. (closes: #583283)

 -- Bastian Blank <waldi@debian.org>  Fri, 28 May 2010 11:43:18 +0200

xen-3 (3.4.3~rc6-1) unstable; urgency=low

  * New upstream release candidate.
    - Relocate multiboot modules. (closes: #580045)
    - Support grub2 in pygrub. (closes: #573311)

 -- Bastian Blank <waldi@debian.org>  Sat, 08 May 2010 11:32:29 +0200

xen-3 (3.4.3~rc3-2) unstable; urgency=low

  * Again list the complete version in the hypervisor.
  * Fix path detection for bootloader, document it. (closes: #481105)
  * Rewrite README.

 -- Bastian Blank <waldi@debian.org>  Thu, 08 Apr 2010 16:14:58 +0200

xen-3 (3.4.3~rc3-1) unstable; urgency=low

  * New upstream release candidate.
  * Use 3.0 (quilt) source format.
  * Always use current python version.

 -- Bastian Blank <waldi@debian.org>  Mon, 01 Mar 2010 22:14:22 +0100

xen-3 (3.4.2-2) unstable; urgency=low

  * Remove Jeremy T. Bouse from uploaders.
  * Export blktap lib and headers.
  * Build amd64 hypervisor on i386. (closes: #366315)

 -- Bastian Blank <waldi@debian.org>  Sun, 22 Nov 2009 16:54:47 +0100

xen-3 (3.4.2-1) unstable; urgency=low

  * New upstream version.
  * Strip hvmloader by hand.
  * Remove extra license file from libxen-dev.

 -- Bastian Blank <waldi@debian.org>  Mon, 16 Nov 2009 20:57:07 +0100

xen-3 (3.4.1-1) unstable; urgency=low

  * New upstream version.

 -- Bastian Blank <waldi@debian.org>  Fri, 21 Aug 2009 21:34:38 +0200

xen-3 (3.4.0-2) unstable; urgency=low

  * Add symbols file for libxenstore3.0. (closes: #536173)
  * Document that ioemu is currently unsupported. (closes: #536175)
  * Fix location of fsimage plugins. (closes: #536174)

 -- Bastian Blank <waldi@debian.org>  Sat, 18 Jul 2009 18:05:35 +0200

xen-3 (3.4.0-1) unstable; urgency=low

  [ Bastian Blank ]
  * New upstream version.
  * Remove ioemu for now. (closes: #490409, #496367)
  * Remove non-pae hypervisor.
  * Use debhelper compat level 7.
  * Make the init script start all daemons.

 -- Bastian Blank <waldi@debian.org>  Tue, 30 Jun 2009 22:33:22 +0200

xen-3 (3.2.1-2) unstable; urgency=low

  * Use e2fslibs based ext2 support for pygrub. (closes: #476366)
  * Fix missing checks in pvfb code.
    See CVE-2008-1952. (closes: #487095)
  * Add support for loading bzImage files. (closes: #474509)
  * Enable TLS support in ioemu code.
  * Drop libcrypto usage because of GPL-incompatibility.
  * Remove AES code from blktap drivers. Considered broken.

 -- Bastian Blank <waldi@debian.org>  Sat, 28 Jun 2008 11:30:43 +0200

xen-3 (3.2.1-1) unstable; urgency=low

  * New upstream version.
  * Set rpath relative to ${ORIGIN}.
  * Add lintian override to xen-utils package.

 -- Bastian Blank <waldi@debian.org>  Thu, 22 May 2008 14:01:47 +0200

xen-3 (3.2.0-5) unstable; urgency=low

  * Provide correct directory to dh_pycentral.

 -- Bastian Blank <waldi@debian.org>  Mon, 14 Apr 2008 21:43:49 +0200

xen-3 (3.2.0-4) unstable; urgency=low

  * Pull in newer xen-utils-common.
  * Fix missing size checks in the ioemu block driver. (closes: #469654)
    See: CVE-2008-0928

 -- Bastian Blank <waldi@debian.org>  Fri, 07 Mar 2008 14:21:38 +0100

xen-3 (3.2.0-3) unstable; urgency=low

  * Clean environment for build.
  * Add packages libxenstore3.0 and xenstore-utils.
  * Move docs package in docs section to match overwrites.
  * Make the hypervisor only recommend the utils.
  * Cleanup installation. (closes: #462989)

 -- Bastian Blank <waldi@debian.org>  Tue, 12 Feb 2008 12:40:56 +0000

xen-3 (3.2.0-2) unstable; urgency=low

  * Fix broken patch. (closes: #462522)

 -- Bastian Blank <waldi@debian.org>  Sat, 26 Jan 2008 17:21:52 +0000

xen-3 (3.2.0-1) unstable; urgency=low

  * New upstream version.
  * Add package libxen-dev. Including public headers and static libs.
    (closes: #402249)
  * Don't longer install xenfb, removed upstream.

 -- Bastian Blank <waldi@debian.org>  Tue, 22 Jan 2008 12:51:49 +0000

xen-3 (3.1.2-2) unstable; urgency=low

  * Add missing rpath definitions.
  * Fix building of pae version.

 -- Bastian Blank <waldi@debian.org>  Sat, 08 Dec 2007 12:07:42 +0000

xen-3 (3.1.2-1) unstable; urgency=high

  * New upstream release:
    - Move shared file into /var/run. (closes: #447795)
      See CVE-2007-3919.
    - x86: Fix various problems with debug-register handling. (closes: #451626)
      See CVE-2007-5906.

 -- Bastian Blank <waldi@debian.org>  Sat, 24 Nov 2007 13:24:45 +0000

xen-3 (3.1.1-1) unstable; urgency=low

  * New upstream release:
    - Don't use exec with untrusted values in pygrub. (closes: #444430)
      See CVE-2007-4993.

 -- Bastian Blank <waldi@debian.org>  Fri, 19 Oct 2007 16:02:37 +0000

xen-3 (3.1.0-2) unstable; urgency=low

  * Switch to texlive for documentation.
  * Drop unused transfig.
  * Drop unused latex features from documentation.
  * Build depend against gcc-multilib for amd64. (closes: #439662)

 -- Bastian Blank <waldi@debian.org>  Fri, 31 Aug 2007 08:15:50 +0000

xen-3 (3.1.0-1) unstable; urgency=low

  [ Julien Danjou ]
  * New upstream version.

  [ Ralph Passgang ]
  * Added graphviz to Build-Indeps

  [ Bastian Blank ]
  * Upstream removed one part of the version. Do it also.
  * Merge utils packages.
  * Install blktap support.
  * Install pygrub.
  * Install xenfb tools.
  * xenconsoled startup is racy, wait a little bit.

 -- Bastian Blank <waldi@debian.org>  Mon, 20 Aug 2007 15:05:08 +0000

xen-3.0 (3.0.4-1-1) unstable; urgency=low

  [ Bastian Blank ]
  * New upstream version (closes: #394411)

  [ Guido Trotter ]
  * Actually try to build and release xen 3.0.4
  * Update build dependencies

 -- Guido Trotter <ultrotter@debian.org>  Wed, 23 May 2007 11:57:29 +0100

xen-3.0 (3.0.3-0-2) unstable; urgency=medium

  [Bastian Blank]
  * Remove device recreate code.
  * Remove build dependency on linux-support-X

  [ Guido Trotter ]
  * Add missing build dependency on zlib1g-dev (closes: #396557)
  * Add missing build dependencies on libncurses5-dev and x11proto-core-dev
    (closes: #396561, #396567)

 -- Guido Trotter <ultrotter@debian.org>  Thu,  2 Nov 2006 16:38:02 +0000

xen-3.0 (3.0.3-0-1) unstable; urgency=low

  * New upstream version.

 -- Bastian Blank <waldi@debian.org>  Fri, 20 Oct 2006 11:04:35 +0000

xen-3.0 (3.0.3~rc4+hg11760-1) unstable; urgency=low

  * New upstream snapshot.
  * Ignore update-grub errors. (closes: #392534)

 -- Bastian Blank <waldi@debian.org>  Sat, 14 Oct 2006 13:09:53 +0000

xen-3.0 (3.0.3~rc1+hg11686-1) unstable; urgency=low

  * New upstream snapshot.
  * Rename ioemu package to include the complete version.
  * Fix name of hypervisor. (closes: #391771)

 -- Bastian Blank <waldi@debian.org>  Mon,  9 Oct 2006 12:48:13 +0000

xen-3.0 (3.0.2-3+hg9762-1) unstable; urgency=low

  * New upstream snapshot.
  * Rename hypervisor and utils packages to include the complete version.
  * Redo build environment.

 -- Bastian Blank <waldi@debian.org>  Mon,  4 Sep 2006 18:43:12 +0000

xen-3.0 (3.0.2+hg9697-2) unstable; urgency=low

  [ Guido Trotter ]
  * Update xen-utils' README.Debian (closes: #372524)

  [ Bastian Blank ]
  * Adopt new python policy. (closes: #380990)
  * Add patch to make new kernels working on the hypervisor.

 -- Bastian Blank <waldi@debian.org>  Tue, 15 Aug 2006 19:20:08 +0000

xen-3.0 (3.0.2+hg9697-1) unstable; urgency=low

  [ Guido Trotter ]
  * Update Standards Version
  * Merge upstream fixes trunk (upstream 3.0.2-3 + a couple of fixes)

  [ Bastian Blank ]
  * Add xen-ioemu-3.0 package to support HVM guests (closes: #368496)

 -- Guido Trotter <ultrotter@debian.org>  Wed, 31 May 2006 10:50:05 +0200

xen-3.0 (3.0.2+hg9681-1) unstable; urgency=low

  * Update xen-hypervisor-3.0-i386 and xen-hypervisor-3.0-i386-pae
    descriptions, specifying what the difference between the two packages is
    (closes: #366019)
  * Merge upstream fixes trunk

 -- Guido Trotter <ultrotter@debian.org>  Thu, 18 May 2006 15:25:02 +0200

xen-3.0 (3.0.2+hg9656-1) unstable; urgency=low

  * Merge upstream fixes trunk
    - This includes a fix for CVE-2006-1056

 -- Guido Trotter <ultrotter@debian.org>  Thu, 27 Apr 2006 17:34:03 +0200

xen-3.0 (3.0.2+hg9651-1) unstable; urgency=low

  * Merge upstream fixes trunk
  * Fix PAE disabled in pae build (Closes: #364875) 

 -- Julien Danjou <acid@debian.org>  Wed, 26 Apr 2006 13:19:39 +0200

xen-3.0 (3.0.2+hg9646-1) unstable; urgency=low

  [ Guido Trotter ]
  * Merge upstream fixes trunk

  [ Bastian Blank ]
  * debian/patches/libdir.dpatch: Update to make xm save work

 -- Julien Danjou <acid@debian.org>  Mon, 24 Apr 2006 18:02:07 +0200

xen-3.0 (3.0.2+hg9611-1) unstable; urgency=low

  * Merge upstream bug fixes
  * Fix bug with xend init.d script

 -- Julien Danjou <acid@debian.org>  Wed, 12 Apr 2006 17:35:35 +0200

xen-3.0 (3.0.2+hg9598-1) unstable; urgency=low

  * New upstream release
  * Fix copyright file

 -- Julien Danjou <acid@debian.org>  Mon, 10 Apr 2006 17:02:55 +0200

xen-3.0 (3.0.1+hg8762-1) unstable; urgency=low

  * The "preserve our homes" release
  * Now cooperatively maintained by the Debian Xen Team
  * New upstream release (closes: #327493, #342249)
  * Build depend on transfig (closes: #321157)
  * Use gcc rather than gcc-3.4 to compile (closes: #323698)
  * Split xen-hypervisor-3.0 and xen-utils-3.0
  * Build both normal and pae hypervisor packages
  * Change maintainer and add uploaders field
  * Add force-reload support for init script xendomains
  * Remove dependency against bash
  * Bump standards version to 3.6.2.2
  * xen-utils-3.0 conflicts and replaces xen
  * Add dpatch structure to the package
  * Remove build-dependency on gcc (it's build essential anyway)
  * Make SrvServer.py not executable
  * Create NEWS.Debian file with important upgrade notices
  * Update copyright file
  * Remove the linux-patch-xen package
  * Removed useless build-dependencies: libncurses5-dev, wget
  * Changed xendomains config path to /etc/default
  * xen-utils-3.0 now provides xen-utils and xen-hypervisor-3.0-i386 &
    xen-hypervisor-3.0-i386-pae & xen-hypervizor-amd64 now provide
    xen-hypervisor
  * Made xen-utils-3.0.postinst more fault-tolerant, so that upgrading
    xen2 -> xen3 don't fail because of a running xen2 hypervisor
  * Updated the "Replaces & Conflicts"
  * Install only and correctly udev files
  * Compile date is no more in current locale
  * Add patch which add the debian version and maintainer in the version
    string and removes the banner.
  * Don't install unusable cruft in xen-utils
  * Remove libxen packages (no stable API/ABI)

 -- Julien Danjou <acid@debian.org>  Wed,  5 Apr 2006 16:05:07 +0200

xen (2.0.6-1) unstable; urgency=low

  * Patches applied upstream: non-xen-init-exit.patch, add-build.patch,
    python-install.patch, disable-html-docs.patch.
  * New upstream released.  Closes: #311336.
  * Remove comparison to UML from xen short description.  Closes: #317066.
  * Make packages conflicts with 1.2 doc debs.  Closes: #304285.
  * Add iproute to xen depends, as it uses /bin/ip.  Closes: #300488,
    #317468.

 -- Adam Heath <doogie@brainfood.com>  Wed, 06 Jul 2005 12:35:50 -0500

xen (2.0.5-3) experimental; urgency=low

  * Change priority/section to match the overrides file.

 -- Adam Heath <doogie@brainfood.com>  Fri, 18 Mar 2005 12:43:50 -0600

xen (2.0.5-2) experimental; urgency=low

  * Mike McCallister <mike+debian@metalogue.com>,
    Tommi Virtanen <tv@debian.org>, Tom Hibbert <tom@nsp.co.nz>:
    Fix missing '.' in update-rc.d call in xen.postinst.  Closes: #299384

 -- Adam Heath <doogie@brainfood.com>  Fri, 18 Mar 2005 11:39:56 -0600

xen (2.0.5-1) experimental; urgency=low

  * New upstream.
  * Remove pic-lib.patch, tools-misc-TARGETS.patch, and clean-mttr.patch
    as they have been applied upstream(in various forms).
  * xend now starts at priority 20, stops at 21, while xendomains starts
    at 21, and stops at 20.

 -- Adam Heath <doogie@brainfood.com>  Fri, 11 Mar 2005 14:33:33 -0600

xen (2.0.4-4) experimental; urgency=low

  * Bah, major booboo.  Add /boot to debian/xen.install, so xen.gz will
    get shipped.  Reported by Clint Adams <schizo@debian.org>.

 -- Adam Heath <doogie@brainfood.com>  Tue, 15 Feb 2005 13:00:57 -0600

xen (2.0.4-3) experimental; urgency=low

  * Fix file overlap(/usr/share/doc/xen/examples/*) between xen and
    xen-docs.  Reported by Tupshin Harper <tupshin@tupshin.com>.

 -- Adam Heath <doogie@brainfood.com>  Sun, 06 Feb 2005 01:22:45 -0600

xen (2.0.4-2) experimental; urgency=low

  * Fix kernel patch generation.  It was broken when I integrated with
    debian's kernel source.  I used a symlink, and diff doesn't follow
    those.

 -- Adam Heath <doogie@brainfood.com>  Sat, 05 Feb 2005 18:16:35 -0600

xen (2.0.4-1) experimental; urgency=low

  * New upstream.
  * xen.deb can now install on a plain kernel; that is, the init scripts
    exit successfully if /proc/xen/privcmd doesn't exist.  This allows
    for dual-boot setups.
  * Manpages do not yet exist xend, xenperf, xensv, xfrd, nor xm.  xend
    xfrd are daemons, and take little if any options.  I've not had a need
    to use xenperf nor xensv yet.  xm has nice built in help(xm help).
  * Upstream now requires either linux 2.4.29, or 2.6.10.  Since 2.4.29 is
    not yet in debian, disable the 2.4 patch generation.  Closes: #271245.
  * Not certain how the kernel-patch-xen was empty.  It's not now, with
    the repackaging.  Closes: #272299.
  * Xen no longer produces kernel images, so problems about missing features
    are no longer valid.  Closes: #253924.
  * Acknowledge nmu bugs:
    * No longer build-depend on gcc 3.3, as the default gcc works. Closes:
      #243048.

 -- Adam Heath <doogie@brainfood.com>  Sat, 05 Feb 2005 18:04:27 -0600

xen (2.0.3-0.1) unstable; urgency=low

  * Changes from Tommi Virtanen:
    * Added dh-kpatches and libcurl3-dev to Build-Depends.
    * Add /etc/xen/sv/params.py and /etc/xen/xend/params.py.
    * Add xmexample1 and xmexample2 to xen/doc/examples.

 -- Adam Heath <doogie@brainfood.com>  Wed, 26 Jan 2005 10:55:07 -0600

xen (2.0.3-0) unstable; urgency=low

  * New upstream.  Closes: #280733.
  * Repackaged from scratch.
  * Using unreleased patch management system.  See debian/README.build.
    * After extracting the .dsc, there are no special steps needed
    * Those wanting to change the source, use the normal procedures for
      any package, including using interdiff(or other tool) to send a
      patch to me or the bts.
  * No longer try to do anything fancy with regard to the layout of the
    built kernels.  Now, only patches are distributed.  Please make use of
    the xen support in kernel-package.
  * Early preview release to #debian-devel.

 -- Adam Heath <doogie@brainfood.com>  Tue, 25 Jan 2005 13:24:54 -0600

xen (1.2-4.1) unstable; urgency=high

  * NMU
  * Remove gcc-3.2 from Build-Depends as isn't used during build
    (Closes: #243048)

 -- Frank Lichtenheld <djpig@debian.org>  Sat, 21 Aug 2004 17:42:28 +0200

xen (1.2-4) unstable; urgency=low

  * Added xen-docs.README.Debian, which explains the kernel image layout,
    and contains references on the locations differ from what is mentioned
    by the upstream documentation.  Closes: #230345.

 -- Adam Heath <doogie@brainfood.com>  Fri, 26 Mar 2004 17:36:41 -0600

xen (1.2-3) unstable; urgency=low

  * Add kernel-source-2.4.25 and kernel-patch-debian-2.4.25 to
    Build-Depends-Indep.

 -- Adam Heath <doogie@brainfood.com>  Tue, 23 Mar 2004 20:14:39 -0600

xen (1.2-2) unstable; urgency=low

  * xen: moved /boot/xen.gz to /usr/lib/kernels/xen-i386/images/vmlinuz
  * kernel-image, kernel-modules: swapped i386/xeno to xeno/i386 in
    /usr/lib/kernels.
  * Add kernel-patch-nfs-swap deb.
  * Apply additional patches to kernel-image-xen:
    * nfs-group
    * nfs-swap

 -- Adam Heath <doogie@brainfood.com>  Thu, 04 Mar 2004 12:47:47 -0600

xen (1.2-1) unstable; urgency=low

  * Initial version.

 -- Adam Heath <doogie@brainfood.com>  Tue, 02 Mar 2004 13:21:52 -0600
