Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

xen-libs-4.18.2_02-150600.1.12 RPM for x86_64

From OpenSuSE Leap 15.6 for x86_64

Name: xen-libs Distribution: SUSE Linux Enterprise 15
Version: 4.18.2_02 Vendor: SUSE LLC <https://www.suse.com/>
Release: 150600.1.12 Build date: Wed Jun 12 16:51:37 2024
Group: System/Kernel Build host: h04-ch1b
Size: 1752120 Source RPM: xen-4.18.2_02-150600.1.12.src.rpm
Packager: https://www.suse.com/
Url: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
Summary: Xen Virtualization: Libraries
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
performance and resource isolation.

This package contains the libraries used to interact with the Xen
virtual machine monitor.

In addition to this package you need to install xen and xen-tools
to use Xen.


Authors:
--------
    Ian Pratt <ian.pratt@cl.cam.ac.uk>

Provides

Requires

License

GPL-2.0-only

Changelog

* Tue Apr 09 2024 carnold@suse.com
  - Update to Xen 4.18.2 security bug fix release (bsc#1027519)
    xen-4.18.2-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
    trigger Xen bug check (XSA-454)
  - bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
    for BTC/SRSO mitigations (XSA-455)
  - bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
    History Injection (XSA-456)
  - Dropped patch contained in new tarball
    65f83951-x86-mm-use-block_lock_speculation-in.patch
* Mon Mar 25 2024 jbeulich@suse.com
  - bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
    Race Conditions (XSA-453)
    65f83951-x86-mm-use-block_lock_speculation-in.patch
* Fri Mar 15 2024 carnold@suse.com
  - Update to Xen 4.18.1 bug fix release (bsc#1027519)
    xen-4.18.1-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
    Sampling (XSA-452)
  - bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
    Race Conditions (XSA-453)
  - Dropped patches included in new tarball
    654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch
    65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch
    655b2ba9-fix-sched_move_domain.patch
    6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch
    6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch
    656ee5e1-x86emul-avoid-triggering-event-assertions.patch
    656ee602-cpupool-adding-offline-CPU.patch
    656ee6c3-domain_create-error-path.patch
    6571ca95-fix-sched_move_domain.patch
    6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch
    65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch
    65a7a0a4-x86-Intel-GPCC-setup.patch
    65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch
    65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch
    65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch
    65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch
    65b8f9ab-VT-d-else-vs-endif-misplacement.patch
    xsa451.patch
* Tue Feb 13 2024 carnold@suse.com
  - bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
    exceptions from emulation stubs (XSA-451)
    xsa451.patch
* Wed Jan 31 2024 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    6566fef3-x86-vLAPIC-x2APIC-derive-LDR-from-APIC-ID.patch
    6569ad03-libxg-mem-leak-in-cpu-policy-get-set.patch
    656ee5e1-x86emul-avoid-triggering-event-assertions.patch
    656ee602-cpupool-adding-offline-CPU.patch
    656ee6c3-domain_create-error-path.patch
    6571ca95-fix-sched_move_domain.patch
    6578598c-Arm-avoid-pointer-overflow-on-invalidate.patch
    65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch
    65a7a0a4-x86-Intel-GPCC-setup.patch
    65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch
    65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch
    65b29e91-x86-ucode-stability-of-raw-policy-rescan.patch
  - bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
    assigned to incorrect contexts (XSA-449)
    65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch
  - bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
    quarantine devices in !HVM builds (XSA-450)
    65b8f9ab-VT-d-else-vs-endif-misplacement.patch
  - Patches dropped / replaced by newer upstream versions
    xsa449.patch
    xsa450.patch
* Tue Jan 23 2024 carnold@suse.com
  - bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
    quarantine devices in !HVM builds (XSA-450)
    xsa450.patch
* Tue Jan 16 2024 carnold@suse.com
  - bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
    assigned to incorrect contexts (XSA-449)
    xsa449.patch
* Tue Nov 21 2023 carnold@suse.com
  - Enable the Kconfig options REQUIRE_NX and DIT_DEFAULT to
    provide better hypervisor security
    xen.spec
* Tue Nov 21 2023 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    654370e2-x86-x2APIC-remove-ACPI_FADT_APIC_CLUSTER-use.patch
    65437103-x86-i8259-dont-assume-IRQs-always-target-CPU0.patch
    655b2ba9-fix-sched_move_domain.patch
* Mon Nov 20 2023 bwiedemann@suse.com
  - Pass XEN_BUILD_DATE + _TIME to override build date (boo#1047218)
* Thu Nov 16 2023 carnold@suse.com
  - Update to Xen 4.18.0 RC5 release (jsc#PED-4984)
    xen-4.18.0-testing-src.tar.bz2
    * Repurpose command line gnttab_max_{maptrack_,}frames options so they don't
      cap toolstack provided values.
    * Ignore VCPUOP_set_singleshot_timer's VCPU_SSHOTTMR_future flag. The only
      known user doesn't use it properly, leading to in-guest breakage.
    * The "dom0" option is now supported on Arm and "sve=" sub-option can be used
      to enable dom0 guest to use SVE/SVE2 instructions.
    * Physical CPU Hotplug downgraded to Experimental and renamed "ACPI CPU
      Hotplug" for clarity
    * On x86, support for features new in Intel Sapphire Rapids CPUs:
    - PKS (Protection Key Supervisor) available to HVM/PVH guests.
    - VM-Notify used by Xen to mitigate certain micro-architectural pipeline
      livelocks, instead of crashing the entire server.
    - Bus-lock detection, used by Xen to mitigate (by rate-limiting) the system
      wide impact of a guest misusing atomic instructions.
    * xl/libxl can customize SMBIOS strings for HVM guests.
    * Add support for AVX512-FP16 on x86.
    * On Arm, Xen supports guests running SVE/SVE2 instructions. (Tech Preview)
    * On Arm, add suport for Firmware Framework for Arm A-profile (FF-A) Mediator
      (Tech Preview)
    * Add Intel Hardware P-States (HWP) cpufreq driver.
    * On Arm, experimental support for dynamic addition/removal of Xen device tree
      nodes using a device tree overlay binary (.dtbo).
    * Introduce two new hypercalls to map the vCPU runstate and time areas by
      physical rather than linear/virtual addresses.
    * On x86, support for enforcing system-wide operation in Data Operand
      Independent Timing Mode.
    * The project has now officially adopted 6 directives and 65 rules of MISRA-C.
    * On x86, the "pku" command line option has been removed.  It has never
      behaved precisely as described, and was redundant with the unsupported
      "cpuid=no-pku".  Visibility of PKU to guests should be via its vm.cfg file.
    * xenpvnetboot removed as unable to convert to Python 3.
    * xencons is no longer supported or present. See 5d22d69b30
  - Droppped patches contained in new tarballs
    63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch
    643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch
    643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch
    6447a8fd-x86-EFI-permit-crash-dump-analysis.patch
    64d33a57-libxenstat-Linux-nul-terminate-string.patch
    aarch64-rename-PSR_MODE_ELxx-to-match-linux-headers.patch
    xen.stubdom.newlib.patch
    xsa446.patch
    xsa445.patch
    xsa438.patch
    xsa439-00.patch
    xsa439-01.patch
    xsa439-02.patch
    xsa439-03.patch
    xsa439-04.patch
    xsa439-05.patch
    xsa439-06.patch
    xsa439-07.patch
    xsa439-08.patch
    xsa439-09.patch
    xsa443-10.patch
    xsa443-11.patch
    xsa440.patch
  - Dropped xen-utils-0.1.tar.bz2
    The xen-list and xen-destroy commands are removed. Originally
    created as a better replacement for 'xm'. The 'xl' equivalent
    commands should be used instead.
  - Dropped libxl.pvscsi.patch
    Support for PVSCSI devices in the guest is no longer supported.
* Thu Nov 02 2023 carnold@suse.com
  - bsc#1216807 - VUL-0: CVE-2023-46836: xen: x86: BTC/SRSO fixes not
    fully effective (XSA-446)
    xsa446.patch
* Fri Oct 27 2023 carnold@suse.com
  - bsc#1216654 - VUL-0: CVE-2023-46835: xen: x86/AMD: mismatch in
    IOMMU quarantine page table levels (XSA-445)
    xsa445.patch
* Wed Oct 18 2023 jfehlig@suse.com
  - Supportconfig: Adapt plugin to modern supportconfig
    The supportconfig 'scplugin.rc' file is deprecated in favor of
    supportconfig.rc'. Adapt the xen plugin to the new scheme.
    xen-supportconfig
* Tue Oct 17 2023 jbeulich@suse.com
  - bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow
    reference dropped too early for 64-bit PV guests (XSA-438)
    650abbfe-x86-shadow-defer-PV-top-level-release.patch
  - bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional
    execution leak via division by zero (XSA-439)
    64e5b4ac-x86-AMD-extend-Zenbleed-check.patch
    65087000-x86-spec-ctrl-SPEC_CTRL_EXIT_TO_XEN-confusion.patch
    65087001-x86-spec-ctrl-fold-DO_SPEC_CTRL_EXIT_TO_XEN.patch
    65087002-x86-spec-ctrl-SPEC_CTRL-ENTRY-EXIT-asm-macros.patch
    65087003-x86-spec-ctrl-SPEC_CTRL-ENTER-EXIT-comments.patch
    65087004-x86-entry-restore_all_xen-stack_end.patch
    65087005-x86-entry-track-IST-ness-of-entry.patch
    65087006-x86-spec-ctrl-VERW-on-IST-exit-to-Xen.patch
    65087007-x86-AMD-Zen-1-2-predicates.patch
    65087008-x86-spec-ctrl-Zen1-DIV-leakage.patch
  - bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU
    TLB flushing (XSA-442)
    65263470-AMD-IOMMU-flush-TLB-when-flushing-DTE.patch
  - bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple
    vulnerabilities in libfsimage disk handling (XSA-443)
    65263471-libfsimage-xfs-remove-dead-code.patch
    65263472-libfsimage-xfs-amend-mask32lo.patch
    65263473-libfsimage-xfs-sanity-check-superblock.patch
    65263474-libfsimage-xfs-compile-time-check.patch
    65263475-pygrub-remove-unnecessary-hypercall.patch
    65263476-pygrub-small-refactors.patch
    65263477-pygrub-open-output-files-earlier.patch
    65263478-libfsimage-function-to-preload-plugins.patch
    65263479-pygrub-deprivilege.patch
    6526347a-libxl-allow-bootloader-restricted-mode.patch
    6526347b-libxl-limit-bootloader-when-restricted.patch
  - bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD:
    Debug Mask handling (XSA-444)
    6526347c-SVM-fix-AMD-DR-MASK-context-switch-asymmetry.patch
    6526347d-x86-PV-auditing-of-guest-breakpoints.patch
  - Upstream bug fixes (bsc#1027519)
    64e6459b-revert-VMX-sanitize-rIP-before-reentering.patch
    64eef7e9-x86-reporting-spurious-i8259-interrupts.patch
    64f71f50-Arm-handle-cache-flush-at-top.patch
    65084ba5-x86-AMD-dont-expose-TscFreqSel.patch
  - Patches dropped / replaced by newer upstream versions
    xsa438.patch
    xsa439-00.patch
    xsa439-01.patch
    xsa439-02.patch
    xsa439-03.patch
    xsa439-04.patch
    xsa439-05.patch
    xsa439-06.patch
    xsa439-07.patch
    xsa439-08.patch
    xsa439-09.patch
    xsa442.patch
    xsa443-01.patch
    xsa443-02.patch
    xsa443-03.patch
    xsa443-04.patch
    xsa443-05.patch
    xsa443-06.patch
    xsa443-07.patch
    xsa443-08.patch
    xsa443-09.patch
    xsa443-10.patch
    xsa443-11.patch
    xsa444-1.patch
    xsa444-2.patch
* Wed Sep 27 2023 carnold@suse.com
  - bsc#1215744 - VUL-0: CVE-2023-34323: xen: xenstored: A
    transaction conflict can crash C Xenstored (XSA-440)
    xsa440.patch
  - bsc#1215746 - VUL-0: CVE-2023-34326: xen: x86/AMD: missing IOMMU
    TLB flushing (XSA-442)
    xsa442.patch
  - bsc#1215747 - VUL-0: CVE-2023-34325: xen: Multiple
    vulnerabilities in libfsimage disk handling (XSA-443)
    xsa443-01.patch
    xsa443-02.patch
    xsa443-03.patch
    xsa443-04.patch
    xsa443-05.patch
    xsa443-06.patch
    xsa443-07.patch
    xsa443-08.patch
    xsa443-09.patch
    xsa443-10.patch
    xsa443-11.patch
  - bsc#1215748 - VUL-0: CVE-2023-34327,CVE-2023-34328: xen: x86/AMD:
    Debug Mask handling (XSA-444)
    xsa444-1.patch
    xsa444-2.patch
* Mon Sep 18 2023 carnold@suse.com
  - bsc#1215474 - VUL-0: CVE-2023-20588: xen: AMD CPU transitional
    execution leak via division by zero (XSA-439)
    xsa439-00.patch
    xsa439-01.patch
    xsa439-02.patch
    xsa439-03.patch
    xsa439-04.patch
    xsa439-05.patch
    xsa439-06.patch
    xsa439-07.patch
    xsa439-08.patch
    xsa439-09.patch
* Fri Sep 08 2023 carnold@suse.com
  - bsc#1215145 - VUL-0: CVE-2023-34322: xen: top-level shadow
    reference dropped too early for 64-bit PV guests (XSA-438)
    xsa438.patch
* Sun Aug 13 2023 ohering@suse.de
  - Handle potential unaligned access to bitmap in
    libxc-sr-restore-hvm-legacy-superpage.patch
    If setting BITS_PER_LONG at once, the initial bit must be aligned
* Thu Aug 10 2023 jbeulich@suse.com
  - bsc#1212684 - xentop fails with long interface name
    64d33a57-libxenstat-Linux-nul-terminate-string.patch
* Tue Aug 08 2023 carnold@suse.com
  - Update to Xen 4.17.2 bug fix release (bsc#1027519)
    xen-4.17.2-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - bsc#1214082 - VUL-0: CVE-2023-20569: xen: x86/AMD: Speculative
    Return Stack Overflow (XSA-434)
  - bsc#1214083 - VUL-0: CVE-2022-40982: xen: x86/Intel: Gather Data
    Sampling (XSA-435)
  - Dropped patches contained in new tarball
    64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch
    645dec48-AMD-IOMMU-assert-boolean-enum.patch
    64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch
    646b782b-PCI-pci_get_pdev-respect-segment.patch
    647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch
    648863fc-AMD-IOMMU-Invalidate-All-check.patch
    64bea1b2-x86-AMD-Zenbleed.patch
* Tue Aug 01 2023 ohering@suse.de
  - Handle potential off-by-one errors in libxc-sr-xg_sr_bitmap.patch
    A bit is an index in bitmap, while bits is the allocated size
    of the bitmap.
* Fri Jul 28 2023 ohering@suse.de
  - Add more debug to libxc-sr-track-migration-time.patch
    This is supposed to help with doing the math in case xl restore
    fails with ERANGE as reported in bug#1209311
* Tue Jul 25 2023 carnold@suse.com
  - bsc#1213616 - VUL-0: CVE-2023-20593: xen: x86/AMD: Zenbleed
    (XSA-433)
    64bea1b2-x86-AMD-Zenbleed.patch
* Thu Jul 06 2023 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    645dec48-AMD-IOMMU-assert-boolean-enum.patch
    646b782b-PCI-pci_get_pdev-respect-segment.patch
    647dfb0e-x86-missing-unlock-in-microcode_update_helper.patch
    648863fc-AMD-IOMMU-Invalidate-All-check.patch
* Mon May 22 2023 carnold@suse.com
  - bsc#1211433 - VUL-0: CVE-2022-42336: xen: Mishandling of guest
    SSBD selection on AMD hardware (XSA-431)
    64639e84-amd-fix-legacy-setting-of-SSBD-on-AMD-Family-17h.patch
* Thu May 04 2023 carnold@suse.com
  - bsc#1210570 - gcc-13 realloc use-after-free analysis error
    64525c61-tools-libs-guest-assist-gcc13s-realloc-analyzer.patch
* Fri Apr 28 2023 carnold@suse.com
  - bsc#1209237 - xen-syms doesn't contain debug-info
    643e3810-CONFIG_DEBUG_INFO-no-EXPERT.patch
    643e387f-xen-update-CONFIG_DEBUG_INFO-help-text.patch
    6447a8fd-x86-EFI-permit-crash-dump-analysis.patch
* Thu Apr 27 2023 carnold@suse.com
  - Update to Xen 4.17.1 bug fix release (bsc#1027519)
    xen-4.17.1-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - Dropped patches contained in new tarball
    63a03b73-VMX-VMExit-based-BusLock-detection.patch
    63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch
    63a03bce-VMX-Notify-VMExit.patch
    63a03e28-x86-high-freq-TSC-overflow.patch
    63c05478-VMX-calculate-model-specific-LBRs-once.patch
    63c05478-VMX-support-CPUs-without-model-specific-LBR.patch
    63d24e91-tools-xenstore-revert-simplify-loop-handling.patch
    63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch
    63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch
    63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch
    63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch
    63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch
    640f3035-x86-altp2m-help-gcc13.patch
    641041e8-VT-d-constrain-IGD-check.patch
    64104238-bunzip-gcc13.patch
    6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch
    64199e0c-x86-shadow-account-for-log-dirty-mode.patch
    64199e0d-x86-HVM-bound-number-of-pca-regions.patch
    64199e0e-x86-HVM-serialize-pca-list-manipulation.patch
    64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch
    libxl.fix-guest-kexec-skip-cpuid-policy.patch
    xsa430.patch
* Tue Apr 11 2023 carnold@suse.com
  - bsc#1210315 - VUL-0: CVE-2022-42335: xen: x86 shadow paging
    arbitrary pointer dereference (XSA-430)
    xsa430.patch
* Fri Mar 31 2023 carnold@suse.com
  - Not building the shim is correctly handled by --disable-pvshim
    Drop disable-building-pv-shim.patch
* Thu Mar 23 2023 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    63a03b73-VMX-VMExit-based-BusLock-detection.patch
    63a03ba6-VMX-INTR_SHADOW_NMI-helper.patch
    63a03bce-VMX-Notify-VMExit.patch
    63e53ac9-x86-CPUID-leaves-7-1-ecx-edx.patch
    63e53ac9-x86-disable-CET-SS-when-fractured-updates.patch
    63f4d045-x86-ucode-AMD-apply-early-on-all-threads.patch
    63fe06e0-x86-ucode-AMD-apply-late-on-all-threads.patch
    641041e8-VT-d-constrain-IGD-check.patch
    6419697d-AMD-IOMMU-no-XT-x2APIC-phys.patch
  - Use "proper" upstream backports:
    640f3035-x86-altp2m-help-gcc13.patch
    64104238-bunzip-gcc13.patch
    64199e0c-x86-shadow-account-for-log-dirty-mode.patch
    64199e0d-x86-HVM-bound-number-of-pca-regions.patch
    64199e0e-x86-HVM-serialize-pca-list-manipulation.patch
    64199e0f-x86-spec-ctrl-defer-CR4_PV32_RESTORE-for-CSTAR.patch
  - ... in place of:
    bunzip-gcc13.patch
    altp2m-gcc13.patch
    xsa427.patch
    xsa428-1.patch
    xsa428-2.patch
    xsa429.patch
* Thu Mar 16 2023 ohering@suse.de
  - bsc#1209245 - fix host-assisted kexec/kdump for HVM domUs
    libxl.fix-guest-kexec-skip-cpuid-policy.patch
* Tue Mar 07 2023 carnold@suse.com
  - bsc#1209017 - VUL-0: CVE-2022-42332: xen: x86 shadow plus
    log-dirty mode use-after-free (XSA-427)
    xsa427.patch
  - bsc#1209018 - VUL-0: CVE-2022-42333,CVE-2022-42334: xen: x86/HVM
    pinned cache attributes mis-handling (XSA-428)
    xsa428-1.patch
    xsa428-2.patch
  - bsc#1209019 - VUL-0: CVE-2022-42331: xen: x86: speculative
    vulnerability in 32bit SYSCALL path (XSA-429)
    xsa429.patch
* Thu Mar 02 2023 carnold@suse.com
  - bsc#1208736 - GCC 13: xen package fails
    bunzip-gcc13.patch
    altp2m-gcc13.patch
  - Drop gcc13-fixes.patch
* Tue Feb 28 2023 carnold@suse.com
  - bsc#1208736 - GCC 13: xen package fails
    gcc13-fixes.patch
* Wed Feb 15 2023 carnold@suse.com
  - bsc#1208286 - VUL-0: CVE-2022-27672: xen: Cross-Thread Return
    Address Predictions (XSA-426)
    63ebca9c-x86-spec-ctrl-Mitigate-Cross-Thread-Return-Address-Predictions.patch
* Thu Feb 09 2023 carnold@suse.com
  - bsc#1205792 - Partner-L3: launch-xenstore error messages show in
    SLES15 SP4 xen kernel.
    63e4da00-dont-log-errors-when-trying-to-load-PVH-xenstore-stubdom.patch
* Mon Feb 06 2023 jbeulich@suse.com
  - bsc#1026236 - tidy/modernize patch
    xen.bug1026236.suse_vtsc_tolerance.patch
* Mon Feb 06 2023 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    63c05478-VMX-calculate-model-specific-LBRs-once.patch
    63c05478-VMX-support-CPUs-without-model-specific-LBR.patch
  - bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause
    Xenstore crash via soft reset (XSA-425)
    xsa425.patch ->
    63d24e91-tools-xenstore-revert-simplify-loop-handling.patch
* Wed Jan 25 2023 carnold@suse.com
  - bsc#1207544 - VUL-0: CVE-2022-42330: xen: Guests can cause
    Xenstore crash via soft reset (XSA-425)
    xsa425.patch
* Tue Dec 20 2022 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    63a03e28-x86-high-freq-TSC-overflow.patch
* Thu Dec 08 2022 carnold@suse.com
  - Update to Xen 4.17.0 FCS release (jsc#PED-1858)
    xen-4.17.0-testing-src.tar.bz2
    * On x86 "vga=current" can now be used together with GrUB2's gfxpayload setting. Note that
      this requires use of "multiboot2" (and "module2") as the GrUB commands loading Xen.
    * The "gnttab" option now has a new command line sub-option for disabling the
      GNTTABOP_transfer functionality.
    * The x86 MCE command line option info is now updated.
    * Out-of-tree builds for the hypervisor now supported.
    * __ro_after_init support, for marking data as immutable after boot.
    * The project has officially adopted 4 directives and 24 rules of MISRA-C,
      added MISRA-C checker build integration, and defined how to document
      deviations.
    * IOMMU superpage support on x86, affecting PV guests as well as HVM/PVH ones
      when they don't share page tables with the CPU (HAP / EPT / NPT).
    * Support for VIRT_SSBD and MSR_SPEC_CTRL for HVM guests on AMD.
    * Improved TSC, CPU, and APIC clock frequency calibration on x86.
    * Support for Xen using x86 Control Flow Enforcement technology for its own
      protection. Both Shadow Stacks (ROP protection) and Indirect Branch
      Tracking (COP/JOP protection).
    * Add mwait-idle support for SPR and ADL on x86.
    * Extend security support for hosts to 12 TiB of memory on x86.
    * Add command line option to set cpuid parameters for dom0 at boot time on x86.
    * Improved static configuration options on Arm.
    * cpupools can be specified at boot using device tree on Arm.
    * It is possible to use PV drivers with dom0less guests, allowing statically
      booted dom0less guests with PV devices.
    * On Arm, p2m structures are now allocated out of a pool of memory set aside at
      domain creation.
    * Improved mitigations against Spectre-BHB on Arm.
    * Support VirtIO-MMIO devices device-tree binding creation in toolstack on Arm.
    * Allow setting the number of CPUs to activate at runtime from command line
      option on Arm.
    * Grant-table support on Arm was improved and hardened by implementing
      "simplified M2P-like approach for the xenheap pages"
    * Add Renesas R-Car Gen4 IPMMU-VMSA support on Arm.
    * Add i.MX lpuart and i.MX8QM support on Arm.
    * Improved toolstack build system.
    * Add Xue - console over USB 3 Debug Capability.
    * gitlab-ci automation: Fixes and improvements together with new tests.
    * dropped support for the (x86-only) "vesa-mtrr" and "vesa-remap" command line options
  - Drop patches contained in new tarball or invalid
    62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch
    6306185f-x86-XSTATE-CPUID-subleaf-1-EBX.patch
    631b5ba6-gnttab-acquire-resource-vaddrs.patch
    63455f82-Arm-P2M-prevent-adding-mapping-when-dying.patch
    63455fa8-Arm-P2M-preempt-when-freeing-intermediate.patch
    63455fc3-x86-p2m_teardown-allow-skip-root-pt-removal.patch
    63455fe4-x86-HAP-monitor-table-error-handling.patch
    63456000-x86-tolerate-sh_set_toplevel_shadow-failure.patch
    6345601d-x86-tolerate-shadow_prealloc-failure.patch
    6345603a-x86-P2M-refuse-new-alloc-for-dying.patch
    63456057-x86-P2M-truly-free-paging-pool-for-dying.patch
    63456075-x86-P2M-free-paging-pool-preemptively.patch
    63456090-x86-p2m_teardown-preemption.patch
    63456175-libxl-per-arch-extra-default-paging-memory.patch
    63456177-Arm-construct-P2M-pool-for-guests.patch
    6345617a-Arm-XEN_DOMCTL_shadow_op.patch
    6345617c-Arm-take-P2M-pages-P2M-pool.patch
    634561aa-gnttab-locking-on-transitive-copy-error-path.patch
    634561f1-x86emul-respect-NSCB.patch
    6346e404-VMX-correct-error-handling-in-vmx_create_vmcs.patch
    6351095c-Arm-rework-p2m_init.patch
    6351096a-Arm-P2M-populate-pages-for-GICv2-mapping.patch
    635274c0-EFI-dont-convert-runtime-mem-to-RAM.patch
    635665fb-sched-fix-restore_vcpu_affinity.patch
    63569723-x86-shadow-replace-bogus-assertions.patch
    61dd5f64-limit-support-statement-for-Linux-and-Windows-frontends.patch
    xsa326-01.patch
    xsa326-02.patch
    xsa326-03.patch
    xsa326-04.patch
    xsa326-05.patch
    xsa326-06.patch
    xsa326-07.patch
    xsa326-08.patch
    xsa326-09.patch
    xsa326-10.patch
    xsa326-11.patch
    xsa326-12.patch
    xsa326-13.patch
    xsa326-14.patch
    xsa326-15.patch
    xsa326-16.patch
    xsa412.patch
    xsa414.patch
    xsa415.patch
    xsa416.patch
    xsa417.patch
    xsa418-01.patch
    xsa418-02.patch
    xsa418-03.patch
    xsa418-04.patch
    xsa418-05.patch
    xsa418-06.patch
    xsa418-07.patch
    xsa419-01.patch
    xsa419-02.patch
    xsa419-03.patch
    xsa421-01.patch
    xsa421-02.patch
* Fri Oct 28 2022 carnold@suse.com
  - bsc#1193923 - VUL-1: xen: Frontends vulnerable to backends
    (XSA-376)
    61dd5f64-limit-support-statement-for-Linux-and-Windows-frontends.patch
* Tue Oct 25 2022 jbeulich@suse.com
  - bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may
    take excessively long (XSA-410)
    63455f82-Arm-P2M-prevent-adding-mapping-when-dying.patch
    63455fa8-Arm-P2M-preempt-when-freeing-intermediate.patch
    63455fc3-x86-p2m_teardown-allow-skip-root-pt-removal.patch
    63455fe4-x86-HAP-monitor-table-error-handling.patch
    63456000-x86-tolerate-sh_set_toplevel_shadow-failure.patch
    6345601d-x86-tolerate-shadow_prealloc-failure.patch
    6345603a-x86-P2M-refuse-new-alloc-for-dying.patch
    63456057-x86-P2M-truly-free-paging-pool-for-dying.patch
    63456075-x86-P2M-free-paging-pool-preemptively.patch
    63456090-x86-p2m_teardown-preemption.patch
  - bcs#1203804 - VUL-0: CVE-2022-33747: xen: unbounded memory consumption
    for 2nd-level page tables on ARM systems (XSA-409)
    63456175-libxl-per-arch-extra-default-paging-memory.patch
    63456177-Arm-construct-P2M-pool-for-guests.patch
    6345617a-Arm-XEN_DOMCTL_shadow_op.patch
    6345617c-Arm-take-P2M-pages-P2M-pool.patch
  - bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in
    transitive grant copy handling (XSA-411)
    634561aa-gnttab-locking-on-transitive-copy-error-path.patch
  - Upstream bug fixes (bsc#1027519)
    6306185f-x86-XSTATE-CPUID-subleaf-1-EBX.patch
    631b5ba6-gnttab-acquire-resource-vaddrs.patch
    634561f1-x86emul-respect-NSCB.patch
    6346e404-VMX-correct-error-handling-in-vmx_create_vmcs.patch
    6351095c-Arm-rework-p2m_init.patch
    6351096a-Arm-P2M-populate-pages-for-GICv2-mapping.patch
    635274c0-EFI-dont-convert-runtime-mem-to-RAM.patch
    635665fb-sched-fix-restore_vcpu_affinity.patch
    63569723-x86-shadow-replace-bogus-assertions.patch
  - Drop patches replaced by upstream versions:
    xsa410-01.patch
    xsa410-02.patch
    xsa410-03.patch
    xsa410-04.patch
    xsa410-05.patch
    xsa410-06.patch
    xsa410-07.patch
    xsa410-08.patch
    xsa410-09.patch
    xsa410-10.patch
    xsa411.patch
* Wed Oct 19 2022 carnold@suse.com
  - bsc#1204482 - VUL-0: CVE-2022-42311, CVE-2022-42312,
    CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316,
    CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let
    xenstored run out of memory (XSA-326)
    xsa326-01.patch
    xsa326-02.patch
    xsa326-03.patch
    xsa326-04.patch
    xsa326-05.patch
    xsa326-06.patch
    xsa326-07.patch
    xsa326-08.patch
    xsa326-09.patch
    xsa326-10.patch
    xsa326-11.patch
    xsa326-12.patch
    xsa326-13.patch
    xsa326-14.patch
    xsa326-15.patch
    xsa326-16.patch
  - bsc#1204485 - VUL-0: CVE-2022-42309: xen: Xenstore: Guests can
    crash xenstored (XSA-414)
    xsa414.patch
  - bsc#1204487 - VUL-0: CVE-2022-42310: xen: Xenstore: Guests can
    create orphaned Xenstore nodes (XSA-415)
    xsa415.patch
  - bsc#1204488 - VUL-0: CVE-2022-42319: xen: Xenstore: Guests can
    cause Xenstore to not free temporary memory (XSA-416)
    xsa416.patch
  - bsc#1204489 - VUL-0: CVE-2022-42320: xen: Xenstore: Guests can
    get access to Xenstore nodes of deleted domains (XSA-417)
    xsa417.patch
  - bsc#1204490 - VUL-0: CVE-2022-42321: xen: Xenstore: Guests can
    crash xenstored via exhausting the stack (XSA-418)
    xsa418-01.patch
    xsa418-02.patch
    xsa418-03.patch
    xsa418-04.patch
    xsa418-05.patch
    xsa418-06.patch
    xsa418-07.patch
  - bsc#1204494 - VUL-0: CVE-2022-42322,CVE-2022-42323: xen:
    Xenstore: cooperating guests can create arbitrary numbers of
    nodes (XSA-419)
    xsa419-01.patch
    xsa419-02.patch
    xsa419-03.patch
  - bsc#1204496 - VUL-0: CVE-2022-42325,CVE-2022-42326: xen:
    Xenstore: Guests can create arbitray number of nodes via
    transactions (XSA-421)
    xsa421-01.patch
    xsa421-02.patch
* Wed Oct 19 2022 carnold@suse.com
  - bsc#1204483 - VUL-0: CVE-2022-42327: xen: x86: unintended memory
    sharing between guests (XSA-412)
    xsa412.patch
* Wed Sep 28 2022 carnold@suse.com
  - bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may
    take excessively long (XSA-410)
    xsa410-01.patch
    xsa410-02.patch
    xsa410-03.patch
    xsa410-04.patch
    xsa410-05.patch
    xsa410-06.patch
    xsa410-07.patch
    xsa410-08.patch
    xsa410-09.patch
    xsa410-10.patch
  - bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in
    transitive grant copy handling (XSA-411)
    xsa411.patch
* Mon Aug 29 2022 carnold@suse.com
  - bsc#1201994 - Xen DomU unable to emulate audio device
    62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch
* Tue Aug 23 2022 carnold@suse.com
  - Things are compiling fine now with gcc12.
    Drop gcc12-fixes.patch
* Thu Aug 18 2022 carnold@suse.com
  - Update to Xen 4.16.2 bug fix release (bsc#1027519)
    xen-4.16.2-testing-src.tar.bz2
    * No upstream changelog found in sources or webpage
  - Drop patches contained in new tarball
    625fca42-VT-d-reserved-CAP-ND.patch
    626f7ee8-x86-MSR-handle-P5-MC-reads.patch
    627549d6-IO-shutdown-race.patch
    62a1e594-x86-clean-up-_get_page_type.patch
    62a1e5b0-x86-ABAC-race-in-_get_page_type.patch
    62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch
    62a1e5f0-x86-dont-change-cacheability-of-directmap.patch
    62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch
    62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch
    62a1e649-x86-track-and-flush-non-coherent.patch
    62a99614-IOMMU-x86-gcc12.patch
    62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch
    62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch
    62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch
    62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch
    62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch
    62c56cc0-libxc-fix-compilation-error-with-gcc13.patch
    62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch
    62cc31ee-cmdline-extend-parse_boolean.patch
    62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch
    62cd91d0-x86-spec-ctrl-rework-context-switching.patch
    62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch
    62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch
    62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
    62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch
    62cd91d5-x86-cpuid-BTC_NO-enum.patch
    62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch
    62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch
    xsa408.patch
* Thu Jul 28 2022 ohering@suse.de
  - bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels
    A previous change to the built-in default had a logic error,
    effectively restoring the upstream limit of 1023 channels per domU.
    Fix the logic to calculate the default based on the number of vcpus.
    adjust libxl.max_event_channels.patch
* Wed Jul 13 2022 carnold@suse.com
  - Added --disable-pvshim when running configure in xen.spec.
    We have never shipped the shim and don't need to build it.
* Wed Jul 13 2022 jbeulich@suse.com
  - bsc#1199965 - VUL-0: CVE-2022-26362: xen: Race condition
    in typeref acquisition
    62a1e594-x86-clean-up-_get_page_type.patch
    62a1e5b0-x86-ABAC-race-in-_get_page_type.patch
  - bsc#1199966 - VUL-0: CVE-2022-26363,CVE-2022-26364: xen:
    Insufficient care with non-coherent mappings
    62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch
    62a1e5f0-x86-dont-change-cacheability-of-directmap.patch
    62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch
    62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch
    62a1e649-x86-track-and-flush-non-coherent.patch
  - bsc#1200549 VUL-0: CVE-2022-21123,CVE-2022-21125,CVE-2022-21166:
    xen: x86: MMIO Stale Data vulnerabilities (XSA-404)
    62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch
    62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch
    62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch
  - bsc#1201469 - VUL-0: CVE-2022-23816,CVE-2022-23825,CVE-2022-29900:
    xen: retbleed - arbitrary speculative code execution with return
    instructions (XSA-407)
    62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch
    62cc31ee-cmdline-extend-parse_boolean.patch
    62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch
    62cd91d0-x86-spec-ctrl-rework-context-switching.patch
    62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch
    62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch
    62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
    62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch
    62cd91d5-x86-cpuid-BTC_NO-enum.patch
    62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch
    62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch
  - Upstream bug fixes (bsc#1027519)
    62a99614-IOMMU-x86-gcc12.patch
    62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch
    62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch
  - Drop patches replaced by upstream versions
    xsa401-1.patch
    xsa401-2.patch
    xsa402-1.patch
    xsa402-2.patch
    xsa402-3.patch
    xsa402-4.patch
    xsa402-5.patch
* Tue Jul 12 2022 carnold@suse.com
  - bsc#1201394 - VUL-0: CVE-2022-33745: xen: insufficient TLB flush
    for x86 PV guests in shadow mode (XSA-408)
    xsa408.patch
  - Fix gcc13 compilation error
    62c56cc0-libxc-fix-compilation-error-with-gcc13.patch
* Tue Jun 28 2022 schubi@suse.com
  - Moved logrotate files from user specific directory /etc/logrotate.d
    to vendor specific directory /usr/etc/logrotate.d.
* Wed Jun 08 2022 jbeulich@suse.com
  - bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen:
    Insufficient care with non-coherent mappings
    fix xsa402-5.patch
* Tue May 31 2022 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    625fca42-VT-d-reserved-CAP-ND.patch
    626f7ee8-x86-MSR-handle-P5-MC-reads.patch
    627549d6-IO-shutdown-race.patch
  - bsc#1199965 - VUL-0: EMBARGOED: CVE-2022-26362: xen: Race condition
    in typeref acquisition
    xsa401-1.patch
    xsa401-2.patch
  - bsc#1199966 - VUL-0: EMBARGOED: CVE-2022-26363,CVE-2022-26364: xen:
    Insufficient care with non-coherent mappings
    xsa402-1.patch
    xsa402-2.patch
    xsa402-3.patch
    xsa402-4.patch
    xsa402-5.patch
* Tue May 10 2022 dmueller@suse.com
  - fix python3 >= 3.10 version detection
* Wed Apr 13 2022 carnold@suse.com
  - Update to Xen 4.16.1 bug fix release (bsc#1027519)
    xen-4.16.1-testing-src.tar.bz2
  - Drop patches contained in new tarball
    61b31d5c-x86-restrict-all-but-self-IPI.patch
    61b88e78-x86-CPUID-TSXLDTRK-definition.patch
    61bc429f-revert-hvmloader-PA-range-should-be-UC.patch
    61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch
    61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch
    61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch
    61e0296a-x86-time-calibration-relative-counts.patch
    61e029c8-x86-time-TSC-freq-calibration-accuracy.patch
    61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch
    61e98e88-x86-introduce-get-set-reg-infra.patch
    61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch
    61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch
    61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch
    61eaaa23-x86-get-set-reg-infra-build.patch
    61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch
    61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch
    61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch
    61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch
    61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch
    61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch
    61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch
    61f933a4-x86-cpuid-advertise-SSB_NO.patch
    61f933a5-x86-drop-use_spec_ctrl-boolean.patch
    61f933a6-x86-new-has_spec_ctrl-boolean.patch
    61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch
    61f933a8-x86-SPEC_CTRL-record-last-write.patch
    61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch
    61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch
    61f933ab-x86-AMD-SPEC_CTRL-infra.patch
    61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch
    61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch
    6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch
    6202afa4-x86-TSX-move-has_rtm_always_abort.patch
    6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch
    6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch
    6202afa8-x86-Intel-PSFD-for-guests.patch
    62278667-Arm-introduce-new-processors.patch
    62278668-Arm-move-errata-CSV2-check-earlier.patch
    62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch
    6227866a-Arm-Spectre-BHB-handling.patch
    6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch
    6227866c-x86-AMD-cease-using-thunk-lfence.patch
    6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch
    624ebcef-VT-d-dont-needlessly-look-up-DID.patch
    624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch
    624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch
    xsa397.patch
    xsa399.patch
    xsa400-01.patch
    xsa400-02.patch
    xsa400-03.patch
    xsa400-04.patch
    xsa400-05.patch
    xsa400-06.patch
    xsa400-07.patch
    xsa400-08.patch
    xsa400-09.patch
    xsa400-10.patch
    xsa400-11.patch
    xsa400-12.patch
* Fri Apr 08 2022 jbeulich@suse.com
  - bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
    CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
    map (AMD-Vi) handling issues (XSA-400)
    624ebcef-VT-d-dont-needlessly-look-up-DID.patch
    624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch
    624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch
* Mon Apr 04 2022 carnold@suse.com
  - bsc#1197423 - VUL-0: CVE-2022-26356: xen: Racy interactions
    between dirty vram tracking and paging log dirty hypercalls
    (XSA-397)
    xsa397.patch
  - bsc#1197425 - VUL-0: CVE-2022-26357: xen: race in VT-d domain ID
    cleanup (XSA-399)
    xsa399.patch
  - bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
    CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
    map (AMD-Vi) handling issues (XSA-400)
    xsa400-01.patch
    xsa400-02.patch
    xsa400-03.patch
    xsa400-04.patch
    xsa400-05.patch
    xsa400-06.patch
    xsa400-07.patch
    xsa400-08.patch
    xsa400-09.patch
    xsa400-10.patch
    xsa400-11.patch
    xsa400-12.patch
  - Additional upstream bug fixes for XSA-400 (bsc#1027519)
    61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch
    61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch
    6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch
* Mon Mar 14 2022 jbeulich@suse.com
  - bsc#1196915 - VUL-0: CVE-2022-0001, CVE-2022-0002,CVE-2021-26401:
    xen: BHB speculation issues (XSA-398)
    62278667-Arm-introduce-new-processors.patch
    62278668-Arm-move-errata-CSV2-check-earlier.patch
    62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch
    6227866a-Arm-Spectre-BHB-handling.patch
    6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch
    6227866c-x86-AMD-cease-using-thunk-lfence.patch
* Thu Mar 03 2022 carnold@suse.com
  - bsc#1196545 - GCC 12: xen package fails
    gcc12-fixes.patch
* Mon Feb 14 2022 jbeulich@suse.com
  - Upstream bug fixes (bsc#1027519)
    61e0296a-x86-time-calibration-relative-counts.patch
    61e029c8-x86-time-TSC-freq-calibration-accuracy.patch
    61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch
    61e98e88-x86-introduce-get-set-reg-infra.patch
    61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch
    61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch
    61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch
    61eaaa23-x86-get-set-reg-infra-build.patch
    61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch
    61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch
    61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch
    61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch
    61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch
    61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch
    61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch
    61f933a4-x86-cpuid-advertise-SSB_NO.patch
    61f933a5-x86-drop-use_spec_ctrl-boolean.patch
    61f933a6-x86-new-has_spec_ctrl-boolean.patch
    61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch
    61f933a8-x86-SPEC_CTRL-record-last-write.patch
    61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch
    61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch
    61f933ab-x86-AMD-SPEC_CTRL-infra.patch
    61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch
    61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch
    6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch
    6202afa4-x86-TSX-move-has_rtm_always_abort.patch
    6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch
    6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch
    6202afa8-x86-Intel-PSFD-for-guests.patch
  - Drop patches replaced by the above:
    xsa393.patch
    xsa394.patch
    xsa395.patch
    libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch
    libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch
    libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch
* Thu Jan 13 2022 carnold@suse.com
  - bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm:
    guest_physmap_remove_page not removing the p2m mappings (XSA-393)
    xsa393.patch
  - bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS
    Xen while unmapping a grant (XSA-394)
    xsa394.patch
  - bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of
    passed-through device IRQs (XSA-395)
    xsa395.patch
* Wed Jan 12 2022 carnold@suse.com
  - bsc#1191668 - L3: issue around xl and virsh operation - virsh
    list not giving any output
    libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch
    libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch
* Tue Jan 11 2022 carnold@suse.com
  - bsc#1193307 - pci backend does not exist when attach a vf to a pv
    guest
    libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch
    Drop libxl-PCI-defer-backend-wait.patch
* Thu Jan 06 2022 jbeulich@suse.com
  - bsc#1193447 - Slow execution of hvmloader+ovmf when VM contains
    an sriov device
    61bc429f-revert-hvmloader-PA-range-should-be-UC.patch
  - Upstream bug fixes (bsc#1027519)
    61b31d5c-x86-restrict-all-but-self-IPI.patch
    61b88e78-x86-CPUID-TSXLDTRK-definition.patch
    61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch
* Tue Jan 04 2022 jfehlig@suse.com
  - Collect active VM config files in the supportconfig plugin
    xen-supportconfig
* Mon Jan 03 2022 carnold@suse.com
  - Now that the ovmf package has been updated, reset the configure
    script to use ovmf-x86_64-xen-4m.bin from ovmf-x86_64-ms.bin
    References bsc#1194105, bsc#1193274
    xen.spec
* Thu Dec 09 2021 carnold@suse.com
  - bsc#1193307 - pci backend does not exist when attach a vf to a pv
    guest
    libxl-PCI-defer-backend-wait.patch
* Wed Dec 01 2021 carnold@suse.com
  - Update to Xen 4.16.0 FCS release
    xen-4.16.0-testing-src.tar.bz2
    * Miscellaneous fixes to the TPM manager software in preparation
      for TPM 2.0 support.
    * Increased reliance on the PV shim as 32-bit PV guests will only
      be supported in shim mode going forward. This change reduces
      the attack surface in the hypervisor.
    * Increased hardware support by allowing Xen to boot on Intel
      devices that lack a Programmable Interval Timer.
    * Cleanup of legacy components by no longer building QEMU
      Traditional or PV-Grub by default. Note both projects have
      upstream Xen support merged now, so it is no longer recommended
      to use the Xen specific forks.
    * Initial support for guest virtualized Performance Monitor
      Counters on Arm.
    * Improved support for dom0less mode by allowing the usage on
      Arm 64bit hardware with EFI firmware.
    * Improved support for Arm 64-bit heterogeneous systems by
      leveling the CPU features across all to improve big.LITTLE
      support.
  - bsc#1193274 - [Build67.2][Xen][uefi] xen fullvirt uefi guest can
    not be created with default 'type=plash' in virt-manager
    xen.spec
* Thu Nov 18 2021 carnold@suse.com
  - Update to Xen 4.16.0 RC4 release (jsc#SLE-18467)
    xen-4.16.0-testing-src.tar.bz2
    * Xen can now export Intel Processor Trace (IPT) data from guests to tools in dom0.
    * Xen now supports Viridian enlightenments for guests with more than 64 vcpus.
    * Xenstored and oxenstored both now support LiveUpdate (tech preview).
    * Unified boot images
    * Switched x86 MSR accesses to deny by default policy.
    * Named PCI devices for xl/libxl and improved documentation for xl PCI configuration format.
    * Support for zstd-compressed dom0 (x86) and domU kernels.
    * Reduce ACPI verbosity by default.
    * Add ucode=allow-same option to test late microcode loading path.
    * Library improvements from NetBSD ports upstreamed.
    * x86: Allow domains to use AVX-VNNI instructions.
    * Added XEN_SCRIPT_DIR configuration option to specify location for Xen scripts.
    * xennet: Documented a way for the backend (or toolstack) to specify MTU to the frontend.
    * On detecting a host crash, some debug key handlers can automatically triggered to aid in debugging.
    * Increase the maximum number of guests which can share a single IRQ from 7 to 16, and make this configurable with irq-max-guests.
  - Drop iPXE sources and patches. iPXE is only used by QEMU
    traditional which has never shipped with SLE15.
    ipxe.tar.bz2
    ipxe-enable-nics.patch
    ipxe-no-error-logical-not-parentheses.patch
    ipxe-use-rpm-opt-flags.patch
  - Drop building ocaml xenstored in the spec file. There are no
    plans or need to support this version.
  - Drop patches contained in new tarball or no longer required
    5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch
    5ffc58c4-ACPI-reduce-verbosity-by-default.patch
    602ffae9-tools-libs-light-fix-xl-save--c-handling.patch
    608676f2-VT-d-register-based-invalidation-optional.patch
    60a27288-x86emul-gas-2-36-test-harness-build.patch
    60af933d-x86-gcc11-hypervisor-build.patch
    60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
    60afe617-x86-TSX-minor-cleanup-and-improvements.patch
    60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch
    60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch
    60be0e24-credit2-pick-runnable-unit.patch
    60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
    60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
    60bf9e19-Arm-create-dom0less-domUs-earlier.patch
    60bf9e1a-Arm-boot-modules-scrubbing.patch
    60bf9e1b-VT-d-size-qinval-queue-dynamically.patch
    60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch
    60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch
    60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch
    60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch
    60bfa904-AMD-IOMMU-wait-for-command-slot.patch
    60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch
    60c0bf86-x86-TSX-cope-with-deprecation.patch
    60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
    60c8de6e-osdep_xenforeignmemory_map-prototype.patch
    60d49689-VT-d-undo-device-mappings-upon-error.patch
    60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
    60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
    60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
    60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
    61001231-x86-work-around-GNU-ld-2-37-issue.patch
    61122ac6-credit2-avoid-spuriously-picking-idle.patch
    611a7e38-x86-CET-shstk-WARN-manipulation.patch
    611cba4e-VT-d-Tylersburg-errata-more-steppings.patch
    611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch
    6126339d-AMD-IOMMU-global-ER-extending.patch
    6126344f-AMD-IOMMU-unity-map-handling.patch
    61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch
    6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch
    6126349a-AMD-IOMMU-rearrange-reassignment.patch
    612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch
    612634c3-x86-p2m-introduce-p2m_is_special.patch
    612634dc-x86-p2m-guard-identity-mappings.patch
    612634f4-x86-mm-widen-locked-region-in-xatp1.patch
    6126350a-gnttab-release-mappings-preemption.patch
    6126351f-gnttab-replace-mapkind.patch
    6126353d-gnttab-get-status-frames-array-capacity.patch
    61263553-Arm-restrict-maxmem-for-dom0less.patch
    6128a856-gnttab-radix-tree-node-init.patch
    init.xen_loop
    libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch
    libxc-bitmap-longs.patch
    libxc.migrate_tracking.patch
    libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch
    libxc-sr-add-xc_is_known_page_type.patch
    libxc-sr-arrays.patch
    libxc-sr-batch_pfns.patch
    libxc-sr-page_type_has_stream_data.patch
    libxc.sr.superpage.patch
    libxc-sr-use-xc_is_known_page_type.patch
    libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch
    libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch
    libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch
    libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch
    libxl-85760c03d664400368a3f76ae0225307c25049a7.patch
    libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch
    libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch
    libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch
    libxl.fix-libacpi-dependency.patch
    libxl-qemu6-scsi.patch
    libxl-qemu6-vnc-password.patch
    libxl.set-migration-constraints-from-cmdline.patch
    reproducible.patch
    stubdom-have-iovec.patch
    x86-cpufreq-report.patch
    xenstore-launch.patch
    xenwatchdogd-options.patch
    xsa384.patch
* Tue Sep 07 2021 carnold@suse.com
  - bsc#1189632 - VUL-0: CVE-2021-28701: xen: Another race in
    XENMAPSPACE_grant_table handling (XSA-384)
    xsa384.patch
  - Upstream bug fixes (bsc#1027519)
    61001231-x86-work-around-GNU-ld-2-37-issue.patch
    611a7e38-x86-CET-shstk-WARN-manipulation.patch
    611cba4e-VT-d-Tylersburg-errata-more-steppings.patch
    611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch
    6128a856-gnttab-radix-tree-node-init.patch
    61122ac6-credit2-avoid-spuriously-picking-idle.patch (Replaces
      credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch)
    6126339d-AMD-IOMMU-global-ER-extending.patch (Replaces xsa378-1.patch)
    6126344f-AMD-IOMMU-unity-map-handling.patch (Replaces xsa378-2.patch)
    61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch (Replaces xsa378-3.patch)
    6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch (Replaces xsa378-4.patch)
    6126349a-AMD-IOMMU-rearrange-reassignment.patch (Replaces xsa378-5.patch)
    612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch (Replaces xsa378-6.patch)
    612634c3-x86-p2m-introduce-p2m_is_special.patch (Replaces xsa378-7.patch)
    612634dc-x86-p2m-guard-identity-mappings.patch (Replaces xsa378-8.patch)
    612634f4-x86-mm-widen-locked-region-in-xatp1.patch (Replaces xsa379.patch)
    6126350a-gnttab-release-mappings-preemption.patch (Replaces xsa380-1.patch
    6126351f-gnttab-replace-mapkind.patch (Replaces xsa380-2.patch)
    6126353d-gnttab-get-status-frames-array-capacity.patch (Replaces xsa382.patch)
    61263553-Arm-restrict-maxmem-for-dom0less.patch (Replaces xsa383.patch)
* Mon Aug 30 2021 ohering@suse.de
  - bsc#1189882 - refresh libxc.sr.superpage.patch
    prevent superpage allocation in the LAPIC and ACPI_INFO range
* Thu Aug 19 2021 carnold@suse.com
  - bsc#1189373 - VUL-0: CVE-2021-28694,CVE-2021-28695,
    CVE-2021-28696: xen: IOMMU page mapping issues on x86 (XSA-378)
    xsa378-1.patch
    xsa378-2.patch
    xsa378-3.patch
    xsa378-4.patch
    xsa378-5.patch
    xsa378-6.patch
    xsa378-7.patch
    xsa378-8.patch
  - bsc#1189376 - VUL-0: CVE-2021-28697: xen: grant table v2 status
    pages may remain accessible after de-allocation. (XSA-379)
    xsa379.patch
  - bsc#1189378 - VUL-0: CVE-2021-28698: xen: long running loops in
    grant table handling. (XSA-380)
    xsa380-1.patch
    xsa380-2.patch
  - bsc#1189380 - VUL-0: CVE-2021-28699: xen: inadequate grant-v2
    status frames array bounds check. (XSA-382)
    xsa382.patch
  - bsc#1189381 - VUL-0: CVE-2021-28700: xen: xen/arm: No memory
    limit for dom0less domUs. (XSA-383)
    xsa383.patch
* Fri Aug 06 2021 carnold@suse.com
  - bsc#1188050 - L3: Xen guest yval1a80 SLES11SP4 hangs on cluster
    See also bsc#1179246.
    credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch
* Wed Aug 04 2021 carnold@suse.com
  - Drop aarch64-maybe-uninitialized.patch as the fix is in tarball.
* Fri Jul 23 2021 ohering@suse.de
  - refresh the migration patches to state v20210713
    removed libxc-sr-add-xc_is_known_page_type.patch
    removed libxc-sr-arrays.patch
    removed libxc-sr-batch_pfns.patch
    removed libxc-sr-page_type_has_stream_data.patch
    removed libxc-sr-use-xc_is_known_page_type.patch
    removed libxc.migrate_tracking.patch
    removed libxc.sr.superpage.patch
    removed libxl.set-migration-constraints-from-cmdline.patch
    added libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch
    added libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch
    added libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch
    added libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch
    added libxc-sr-abort_if_busy.patch
    added libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch
    added libxc-sr-max_iters.patch
    added libxc-sr-min_remaining.patch
    added libxc-sr-number-of-iterations.patch
    added libxc-sr-precopy_policy.patch
    added libxc-sr-restore-hvm-legacy-superpage.patch
    added libxc-sr-track-migration-time.patch
    added libxc-sr-xg_sr_bitmap-populated_pfns.patch
    added libxc-sr-xg_sr_bitmap.patch
    added libxc-sr-xl-migration-debug.patch
* Wed Jul 21 2021 ohering@suse.de
  - bsc#1176189 - xl monitoring process exits during xl save -p|-c
    keep the monitoring process running to cleanup the domU during shutdown
    xl-save-pc.patch
* Tue Jul 13 2021 jbeulich@suse.com
  - bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest
    60be0e24-credit2-pick-runnable-unit.patch
    60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
  - Upstream bug fixes (bsc#1027519)
    60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch)
    60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch)
    60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch)
    60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch)
    60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch)
    60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch)
    60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch)
    60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch)
    60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch)
    60afe617-x86-TSX-minor-cleanup-and-improvements.patch
    60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch
    60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
    60c0bf86-x86-TSX-cope-with-deprecation.patch
    60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
    60c8de6e-osdep_xenforeignmemory_map-prototype.patch
    60d49689-VT-d-undo-device-mappings-upon-error.patch
    60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
    60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
    60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
    60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
  - Dropped gcc11-fixes.patch
* Tue Jul 06 2021 carnold@suse.com
  - bsc#1183243 - L3: Core cannot be opened when using xl dump-core
    of VM with PTF
    60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch
* Tue Jun 29 2021 ohering@suse.de
  - bsc#1180350 - some long deprecated commands were finally removed
    in qemu6. Adjust libxl to use supported commands.
    libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch
    libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch
    libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch
    libxl-85760c03d664400368a3f76ae0225307c25049a7.patch
    libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch
    libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch
    libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch
    libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch
    libxl-qemu6-vnc-password.patch
    libxl-qemu6-scsi.patch
* Tue Jun 22 2021 ohering@suse.de
  - Update logrotate.conf, move global options into per-file sections
    to prevent globbering of global state (bsc#1187406)
* Mon Jun 07 2021 ohering@suse.de
  - Fix shell macro expansion in xen.spec, so that ExecStart=
    in xendomains-wait-disks.service is created correctly (bsc#1183877)
* Tue Jun 01 2021 jbeulich@suse.com
  - bsc#1186428 - VUL-0: CVE-2021-28693: xen: xen/arm: Boot modules
    are not scrubbed (XSA-372)
    xsa372-1.patch
    xsa372-2.patch
  - bsc#1186429 - VUL-0: CVE-2021-28692: xen: inappropriate x86 IOMMU
    timeout detection / handling (XSA-373)
    xsa373-1.patch
    xsa373-2.patch
    xsa373-3.patch
    xsa373-4.patch
    xsa373-5.patch
  - bsc#1186433 - VUL-0: CVE-2021-0089: xen: Speculative Code Store
    Bypass (XSA-375)
    xsa375.patch
  - bsc#1186434 - VUL-0: CVE-2021-28690: xen: x86: TSX Async Abort
    protections not restored after S3 (XSA-377)
    xsa377.patch
  - Upstream bug fixes (bsc#1027519)
    60a27288-x86emul-gas-2-36-test-harness-build.patch
    60af933d-x86-gcc11-hypervisor-build.patch
    60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
* Thu May 06 2021 carnold@suse.com
  - Upstream bug fix (bsc#1027519)
    608676f2-VT-d-register-based-invalidation-optional.patch
* Wed May 05 2021 ohering@suse.de
  - Add xen.sysconfig-fillup.patch to make sure xencommons is in a
    format as expected by fillup. (bsc#1185682)
    Each comment needs to be followed by an enabled key. Otherwise
    fillup will remove manually enabled key=value pairs, along with
    everything that looks like a stale comment, during next pkg update
* Tue May 04 2021 ohering@suse.de
  - Refresh xenstore-launch.patch to cover also daemon case
* Thu Apr 29 2021 carnold@suse.com
  - Update to Xen 4.14.2 bug fix release (bsc#1027519)
    xen-4.14.2-testing-src.tar.bz2
  - Drop patches contained in new tarball
    5fedf9f4-x86-hpet_setup-fix-retval.patch
    5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
    5ff71655-x86-dpci-EOI-regardless-of-masking.patch
    5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
    600999ad-x86-dpci-do-not-remove-pirqs-from.patch
    600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
    6011bbc7-x86-timer-fix-boot-without-PIT.patch
    6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
    6013e546-x86-HVM-reorder-domain-init-error-path.patch
    601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
    602bd768-page_alloc-only-flush-after-scrubbing.patch
    602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
    602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
    602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
    6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
    60410127-gcc11-adjust-rijndaelEncrypt.patch
    60422428-x86-shadow-avoid-fast-fault-path.patch
    604b9070-VT-d-disable-QI-IR-before-init.patch
    60535c11-libxl-domain-soft-reset.patch
    60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
    60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
    60787714-x86-HPET-avoid-legacy-replacement-mode.patch
* Mon Apr 19 2021 carnold@suse.com
  - bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!"
    60787714-x86-HPET-avoid-legacy-replacement-mode.patch
    60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
  - Upstream bug fixes (bsc#1027519)
    60410127-gcc11-adjust-rijndaelEncrypt.patch
    60422428-x86-shadow-avoid-fast-fault-path.patch
    604b9070-VT-d-disable-QI-IR-before-init.patch
    60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch)
    60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
* Thu Mar 25 2021 ohering@suse.de
  - bsc#1137251 - Restore changes for xen-dom0-modules.service which
    were silently removed on 2019-10-17
* Fri Mar 12 2021 ohering@suse.de
  - bsc#1177112 - Fix libxc.sr.superpage.patch
    The receiving side did detect holes in a to-be-allocated superpage,
    but allocated a superpage anyway. This resulted to over-allocation.
* Mon Mar 08 2021 ohering@suse.de
  - bsc#1167608 - adjust limit for max_event_channels
    A previous change allowed an unbound number of event channels
    to make sure even large domUs can start of of the box.
    This may have a bad side effect in the light of XSA-344.
    Adjust the built-in limit based on the number of vcpus.
    In case this is not enough, max_event_channels=/maxEventChannels=
    has to be used to set the limit as needed for large domUs
    adjust libxl.max_event_channels.patch
* Fri Mar 05 2021 carnold@suse.com
  - bsc#1183072 - VUL-0: CVE-2021-28687: xen: HVM soft-reset crashes
    toolstack (XSA-368). Also resolves,
    bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl
    bsc#1181989 - openQA job causes libvirtd to dump core when
    running kdump inside domain
    xsa368.patch
* Fri Feb 26 2021 jbeulich@suse.com
  - bsc#1177204 - L3-Question: conring size for XEN HV's with huge
    memory to small. Inital Xen logs cut
    5ffc58c4-ACPI-reduce-verbosity-by-default.patch
  - Upstream bug fixes (bsc#1027519)
    601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
    602bd768-page_alloc-only-flush-after-scrubbing.patch
    602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
    602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
    602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
    6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
  - bsc#1181921 - GCC 11: xen package fails
    gcc11-fixes.patch
* Tue Feb 23 2021 carnold@suse.com
  - bsc#1182576 - L3: XEN domU crashed on resume when using the xl
    unpause command
    602ffae9-tools-libs-light-fix-xl-save--c-handling.patch
* Thu Feb 18 2021 carnold@suse.com
  - Start using the %autosetup macro to simplify patch management
    xen.spec
* Wed Feb 10 2021 carnold@suse.com
  - bsc#1181921 - GCC 11: xen package fails
    gcc11-fixes.patch
  - Drop gcc10-fixes.patch
* Tue Feb 02 2021 carnold@suse.com
  - Upstream bug fixes (bsc#1027519)
    5fedf9f4-x86-hpet_setup-fix-retval.patch
    5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
    5ff71655-x86-dpci-EOI-regardless-of-masking.patch
    5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
    600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch)
    600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
    6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
    6013e546-x86-HVM-reorder-domain-init-error-path.patch
  - bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!"
    6011bbc7-x86-timer-fix-boot-without-PIT.patch
* Thu Jan 21 2021 carnold@suse.com
  - bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360)
    xsa360.patch
* Wed Jan 13 2021 carnold@suse.com
  - bsc#1180794 - bogus qemu binary path used when creating fv guest
    under xen
    xen.spec
* Wed Jan 13 2021 carnold@suse.com
  - bsc#1180690 - L3-Question: xen: no needsreboot flag set
    Add Provides: installhint(reboot-needed) in xen.spec for libzypp
* Mon Jan 04 2021 ohering@suse.de
  - Update libxl.set-migration-constraints-from-cmdline.patch
    Remove code which handled --max_factor. The total amount of
    transferred data is no indicator to trigger the final stop+copy.
    This should have been removed during upgrade to Xen 4.7.
    Fix off-by-one in --max_iters, it caused one additional copy cycle.
    Reduce default value of --max_iters from 5 to 2.
    The workload within domU will continue to produce dirty pages.
    It is unreasonable to expect any slowdown during migration.
    Now there is one initial copy of all memory, one instead of four
    iteration for dirty memory, and a final copy iteration prior move.
* Thu Dec 17 2020 carnold@suse.com
  - Update to Xen 4.14.1 bug fix release (bsc#1027519)
    xen-4.14.1-testing-src.tar.bz2
    Contains the following recent security fixes
    bsc#1179516 XSA-359 - CVE-2020-29571
    bsc#1179514 XSA-358 - CVE-2020-29570
    bsc#1179513 XSA-356 - CVE-2020-29567
    bsc#1178963 XSA-355 - CVE-2020-29040
    bsc#1178591 XSA-351 - CVE-2020-28368
    bsc#1179506 XSA-348 - CVE-2020-29566
    bsc#1179502 XSA-325 - CVE-2020-29483
    bsc#1179501 XSA-324 - CVE-2020-29484
    bsc#1179498 XSA-322 - CVE-2020-29481
    bsc#1179496 XSA-115 - CVE-2020-29480
  - Dropped patches contained in new tarball
    5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
    5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
    5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
    5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
    5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
    5f560c42-x86-PV-64bit-segbase-consistency.patch
    5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch
    5f5b6b7a-hypfs-fix-custom-param-writes.patch
    5f607915-x86-HVM-more-consistent-IO-completion.patch
    5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch
    5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch
    5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch
    5f6a008e-x86-MSI-drop-read_msi_msg.patch
    5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch
    5f6a00c4-evtchn-relax-port_is_valid.patch
    5f6a00df-x86-PV-avoid-double-exception-injection.patch
    5f6a00f4-evtchn-add-missing-barriers.patch
    5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch
    5f6a013f-evtchn_reset-shouldnt-succeed-with.patch
    5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch
    5f6a0178-evtchn-address-races-with-evtchn_reset.patch
    5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch
    5f6a01c6-evtchn-preempt-in-evtchn_reset.patch
    5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch
    5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch
    5f71a21e-x86-S3-fix-shadow-stack-resume.patch
    5f76ca65-evtchn-Flask-prealloc-for-send.patch
    5f76caaf-evtchn-FIFO-use-stable-fields.patch
    5f897c25-x86-traps-fix-read_registers-for-DF.patch
    5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch
    5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch
    5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch
    5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch
    5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch
    5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch
    5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch
    5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch
    5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch
    xsa286-1.patch
    xsa286-2.patch
    xsa286-3.patch
    xsa286-4.patch
    xsa286-5.patch
    xsa286-6.patch
    xsa351-1.patch
    xsa351-2.patch
    xsa351-3.patch
    xsa355.patch
* Wed Dec 16 2020 ohering@suse.de
  - Pass --with-rundir to configure to get rid of /var/run
* Tue Dec 15 2020 ohering@suse.de
  - bsc#1178736 - allow restart of xenwatchdogd, enable tuning of
    keep-alive interval and timeout options via XENWATCHDOGD_ARGS=
    add xenwatchdogd-options.patch
    add xenwatchdogd-restart.patch
* Tue Dec 15 2020 ohering@suse.de
  - bsc#1177112 - Fix libxc.sr.superpage.patch
    The receiving side may punch holes incorrectly into optimistically
    allocated superpages. Also reduce overhead in bitmap handling.
    add libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch
    add libxc-bitmap-long.patch
    add libxc-bitmap-longs.patch
* Mon Dec 14 2020 carnold@suse.com
  - boo#1029961 - Move files in xen-tools-domU to /usr/bin from /bin
    xen-destdir.patch
    Drop tmp_build.patch
* Fri Dec 04 2020 carnold@suse.com
  - bsc#1176782 - L3: xl dump-core shows missing nr_pages during
    core. If maxmem and current are the same the issue doesn't happen
    5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch
* Fri Nov 20 2020 carnold@suse.com
  - bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change
    (XSA-355)
    xsa355.patch
* Fri Nov 20 2020 ohering@suse.de
  - Fix build error with libxl.fix-libacpi-dependency.patch
* Fri Nov 20 2020 ohering@suse.de
  - Enhance libxc.migrate_tracking.patch
    Hide SUSEINFO messages from pause/unpause/resume from xl command.
    They are intended for libvirt logging, but lacked info about
    execution context.
    Remove extra logging about dirty pages in each iteration, the
    number of transferred pages + protocol overhead is already
    reported elsewhere.
* Fri Nov 20 2020 ohering@suse.de
  - Remove libxl.libxl__domain_pvcontrol.patch
    It is already part of 4.14.0-rc1
* Tue Nov 10 2020 carnold@suse.com
  - bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel
    attack aka PLATYPUS attack aka XSA-351
    xsa351-1.patch
    xsa351-2.patch
    xsa351-3.patch
* Mon Nov 02 2020 ohering@suse.de
  - bsc#1177950 - adjust help for --max_iters, default is 5
    libxl.set-migration-constraints-from-cmdline.patch
* Fri Oct 30 2020 ohering@suse.de
  - jsc#SLE-16899 - improve performance of live migration
    remove allocations and memcpy from hotpaths on sending and
    receiving side to get more throughput on 10Gbs+ connections
    libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch
    libxc-sr-add-xc_is_known_page_type.patch
    libxc-sr-arrays.patch
    libxc-sr-batch_pfns.patch
    libxc-sr-page_type_has_stream_data.patch
    libxc-sr-readv_exact.patch
    libxc-sr-restore-handle_buffered_page_data.patch
    libxc-sr-restore-handle_incoming_page_data.patch
    libxc-sr-restore-map_errs.patch
    libxc-sr-restore-mfns.patch
    libxc-sr-restore-pfns.patch
    libxc-sr-restore-populate_pfns-mfns.patch
    libxc-sr-restore-populate_pfns-pfns.patch
    libxc-sr-restore-read_record.patch
    libxc-sr-restore-types.patch
    libxc-sr-save-errors.patch
    libxc-sr-save-guest_data.patch
    libxc-sr-save-iov.patch
    libxc-sr-save-local_pages.patch
    libxc-sr-save-mfns.patch
    libxc-sr-save-rec_pfns.patch
    libxc-sr-save-show_transfer_rate.patch
    libxc-sr-save-types.patch
    libxc-sr-use-xc_is_known_page_type.patch
    adjust libxc.sr.superpage.patch
    adjust libxc.migrate_tracking.patch
* Wed Oct 21 2020 carnold@suse.com
  - Upstream bug fixes (bsc#1027519)
    5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
    5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
    5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
    5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch
    5f5b6b7a-hypfs-fix-custom-param-writes.patch
    5f607915-x86-HVM-more-consistent-IO-completion.patch
    5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch
    5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch
    5f71a21e-x86-S3-fix-shadow-stack-resume.patch
    5f76ca65-evtchn-Flask-prealloc-for-send.patch
    5f76caaf-evtchn-FIFO-use-stable-fields.patch
    5f897c25-x86-traps-fix-read_registers-for-DF.patch
    5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch
  - Renamed patches
    5f560c42-x86-PV-64bit-segbase-consistency.patch
      Replaces 5f5b6951-x86-PV-64bit-segbase-consistency.patch
    5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch
      Replaces 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch
    5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch
      Replaces 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch
    5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch
      Replaces 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch
    5f6a008e-x86-MSI-drop-read_msi_msg.patch
      Replaces 5f6a05fa-msi-get-rid-of-read_msi_msg.patch
    5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch
      Replaces 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch
    5f6a00c4-evtchn-relax-port_is_valid.patch
      Replaces 5f6a062c-evtchn-relax-port_is_valid.patch
    5f6a00df-x86-PV-avoid-double-exception-injection.patch
      Replaces 5f6a065c-pv-Avoid-double-exception-injection.patch
    5f6a00f4-evtchn-add-missing-barriers.patch
      Replaces 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch
    5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch
      Replaces 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch
    5f6a013f-evtchn_reset-shouldnt-succeed-with.patch
      Replaces 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch
    5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch
      Replaces 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch
    5f6a0178-evtchn-address-races-with-evtchn_reset.patch
      Replaces 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch
    5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch
      Replaces 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch
    5f6a01c6-evtchn-preempt-in-evtchn_reset.patch
      Replaces 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch
* Tue Oct 13 2020 carnold@suse.com
  - bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest
    INVLPG-like flushes may leave stale TLB entries (XSA-286)
    xsa286-1.patch
    xsa286-2.patch
    xsa286-3.patch
    xsa286-4.patch
    xsa286-5.patch
    xsa286-6.patch
  - bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen
    mapping code (XSA-345)
    5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch
    5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch
    5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch
  - bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU
    TLB flushes (XSA-346)
    5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch
    5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch
  - bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page
    table updates (XSA-347)
    5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch
    5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch
    5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch
* Mon Oct 12 2020 ohering@suse.de
  - Update libxc.sr.superpage.patch
    set errno in x86_hvm_alloc_4k (bsc#1177112)
* Tue Sep 22 2020 carnold@suse.com
  - bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when
    handling guest access to MSR_MISC_ENABLE (XSA-333)
    5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch
  - bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in
    XENMEM_acquire_resource error path (XSA-334)
    5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch
  - bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating
    timers between x86 HVM vCPU-s (XSA-336)
    5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch
  - bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code
    reading back hardware registers (XSA-337)
    5f6a05fa-msi-get-rid-of-read_msi_msg.patch
    5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch
  - bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event
    channels may not turn invalid (XSA-338)
    5f6a062c-evtchn-relax-port_is_valid.patch
  - bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel
    DoS via SYSENTER (XSA-339)
    5f6a065c-pv-Avoid-double-exception-injection.patch
  - bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier
    barriers when accessing/allocating an event channel (XSA-340)
    5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch
  - bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event
    channels available to 32-bit x86 domains (XSA-342)
    5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch
  - bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with
    evtchn_reset() (XSA-343)
    5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch
    5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch
    5f6a06f2-evtchn-address-races-with-evtchn_reset.patch
  - bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in
    evtchn_reset() / evtchn_destroy() (XSA-344)
    5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch
    5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch
  - Upstream bug fix (bsc#1027519)
    5f5b6951-x86-PV-64bit-segbase-consistency.patch
* Mon Sep 21 2020 carnold@suse.com
  - Fix problems in xen.spec with building on aarch64
* Fri Sep 18 2020 carnold@suse.com
  - Make use of %service_del_postun_without_restart while preserving
    the old behavior for older distros.
  - In %post tools, remove unnecessary qemu symlinks.
* Thu Sep 17 2020 ohering@suse.de
  - Fix error in xen-tools %post when linking pvgrub64.bin
  - Make paths below libexec more explicit
  - Create symlink also for pvgrub32.bin
* Fri Sep 11 2020 ohering@suse.de
  - Revert previous libexec change for qemu compat wrapper
    The path is used in existing domU.xml files in the emulator field
  - Escape some % chars in xen.spec, they have to appear verbatim
* Wed Sep 09 2020 ohering@suse.de
  - Enhance libxc.migrate_tracking.patch
    Print number of allocated pages on sending side, this is more
    accurate than p2m_size.
* Wed Sep 02 2020 carnold@suse.com
  - jsc#SLE-15926 - Dev: XEN: drop netware support
    Dropped the following patches
    pygrub-netware-xnloader.patch
    xnloader.py
    Refreshed pygrub-boot-legacy-sles.patch
* Tue Sep 01 2020 guillaume.gardet@opensuse.org
  - Fix build on aarch64 with gcc10
  - Package xenhypfs for aarch64
* Wed Aug 05 2020 callumjfarmer13@gmail.com
  - Correct license name
    * GPL-3.0+ is now GPL-3.0-or-later
* Mon Aug 03 2020 carnold@suse.com
  - Upstream bug fixes (bsc#1027519)
    5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
    5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
* Fri Jul 24 2020 carnold@suse.com
  - Update to Xen 4.14.0 FCS release
    xen-4.14.0-testing-src.tar.bz2
    * Linux stubdomains (contributed by QUBES OS)
    * Control-flow Enforcement Technology (CET) Shadow Stack support (contributed by Citrix)
    * Lightweight VM fork for fuzzing / introspection. (contributed by Intel)
    * Livepatch: buildid and hotpatch stack requirements
    * CONFIG_PV32
    * Hypervisor FS support
    * Running Xen as a Hyper-V Guest
    * Domain ID randomization, persistence across save / restore
    * Golang binding autogeneration
    * KDD support for Windows 7, 8.x and 10
  - Dropped patches contained in new tarball
    5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
    5eb51caa-sched-vcpu-pause-flags-atomic.patch
    5ec2a760-x86-determine-MXCSR-mask-always.patch
    5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
    5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
    5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
    5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
    5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
    5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
    5ed69804-x86-ucode-fix-start-end-update.patch
    5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
    5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
    5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
    5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
    5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
    xsa317.patch
    xsa319.patch
    xsa321-1.patch
    xsa321-2.patch
    xsa321-3.patch
    xsa321-4.patch
    xsa321-5.patch
    xsa321-6.patch
    xsa321-7.patch
    xsa328-1.patch
    xsa328-2.patch
* Thu Jul 23 2020 carnold@suse.com
  - bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to
    attach on next reboot while it should be live attached
    ignore-ip-command-script-errors.patch
* Fri Jul 17 2020 ohering@suse.de
  - Enhance libxc.migrate_tracking.patch
    After transfer of domU memory, the target host has to assemble
    the backend devices. Track the time prior xc_domain_unpause.
* Tue Jun 30 2020 ohering@suse.de
  - Add libxc.migrate_tracking.patch to track live migrations
    unconditionally in logfiles, especially in libvirt.
    This will track how long a domU was suspended during transit.
* Mon Jun 29 2020 carnold@suse.com
  - bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect
    error handling in event channel port allocation
    xsa317.patch
  - bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code
    paths in x86 dirty VRAM tracking
    xsa319.patch
  - bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient
    cache write- back under VT-d
    xsa321-1.patch
    xsa321-2.patch
    xsa321-3.patch
    xsa321-4.patch
    xsa321-5.patch
    xsa321-6.patch
    xsa321-7.patch
  - bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic
    modification of live EPT PTE
    xsa328-1.patch
    xsa328-2.patch
* Mon Jun 22 2020 carnold@suse.com
  - bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
    Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
    5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
    5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch)
    5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch)
  - Upstream bug fixes (bsc#1027519)
    5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
    5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
    5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
    5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
    5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
    5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
    5ed69804-x86-ucode-fix-start-end-update.patch
    5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
    5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
* Fri Jun 05 2020 callumjfarmer13@gmail.com
  - Fixes for %_libexecdir changing to /usr/libexec
* Thu May 28 2020 carnold@suse.com
  - bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
    Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
    xsa320-1.patch
    xsa320-2.patch
* Mon May 18 2020 carnold@suse.com
  - Update to Xen 4.13.1 bug fix release (bsc#1027519)
    xen-4.13.1-testing-src.tar.bz2
    5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
    5eb51caa-sched-vcpu-pause-flags-atomic.patch
    5ec2a760-x86-determine-MXCSR-mask-always.patch
  - Drop patches contained in new tarball
    5de65f84-gnttab-map-always-do-IOMMU-part.patch
    5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
    5e15e03d-sched-fix-S3-resume-with-smt=0.patch
    5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
    5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
    5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
    5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
    5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
    5e318cd4-x86-apic-fix-disabling-LVT0.patch
    5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
    5e3bd385-EFI-recheck-variable-name-strings.patch
    5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
    5e3bd3f8-xmalloc-guard-against-overflow.patch
    5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
    5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
    5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
    5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
    5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
    5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
    5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
    5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
    5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
    5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
    5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
    5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
    5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
    5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
    5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch
    5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
    5e86f7fd-credit2-fix-credit-too-few-resets.patch
    5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
    5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
    5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
    5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
    5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
    5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch
* Wed May 13 2020 jfehlig@suse.com
  - spec: Remove invocation of autogen.sh
  - spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares
* Wed May 13 2020 carnold@suse.com
  - bsc#1170968 - GCC 10: xen build fails on i586
    gcc10-fixes.patch
* Tue Apr 14 2020 carnold@suse.com
  - bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation
    handling in GNTTABOP_copy (XSA-318)
    5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch
* Mon Apr 06 2020 carnold@suse.com
  - bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313
    multiple xenoprof issues
    5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
    5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
  - bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing
    memory barriers in read-write unlock paths
    5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
  - bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error
    path in GNTTABOP_map_grant
    5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
  - bsc#1167152 - L3: Xenstored Crashed during VM install Need Core
    analyzed
    5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
  - bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
    bug soft lockup CPU #0 stuck under high load / upstream with
    workaround. See also bsc#1134506
    5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
    5e86f7fd-credit2-fix-credit-too-few-resets.patch
  - Drop for upstream solution (bsc#1165206)
    01-xen-credit2-avoid-vcpus-to.patch
    default-to-credit1-scheduler.patch
  - Upstream bug fixes (bsc#1027519)
    5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
    5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
    5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
    5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
    5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
    5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
    5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
    5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
    5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
    5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
    5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch
* Wed Mar 25 2020 ohering@suse.de
  - bsc#1167608 - unbound limit for max_event_channels
    domUs with many vcpus and/or resources fail to start
    libxl.max_event_channels.patch
* Wed Mar 18 2020 ohering@suse.de
  - bsc#1161480 - Fix xl shutdown for HVM without PV drivers
    add libxl.libxl__domain_pvcontrol.patch
* Thu Mar 12 2020 carnold@suse.com
  - bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
    bug soft lockup CPU #0 stuck under high load / upstream with
    workaround. See also bsc#1134506
    01-xen-credit2-avoid-vcpus-to.patch
* Tue Mar 10 2020 carnold@suse.com
  - bsc#1158414 - GCC 10: xen build fails
    gcc10-fixes.patch
* Wed Mar 04 2020 carnold@suse.com
  - bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
    bug soft lockup CPU #0 stuck under high load / upstream with
    workaround. See also bsc#1134506
    default-to-credit1-scheduler.patch
* Thu Feb 20 2020 carnold@suse.com
  - bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate
    past the ERET instruction
    5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
  - bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch
    hardening
    5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
  - Upstream bug fixes (bsc#1027519)
    5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
    5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
    5e318cd4-x86-apic-fix-disabling-LVT0.patch
    5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
    5e3bd385-EFI-recheck-variable-name-strings.patch
    5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
    5e3bd3f8-xmalloc-guard-against-overflow.patch
    5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
    5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
    5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
* Tue Feb 18 2020 ohering@suse.de
  - bsc#1159755 - use fixed qemu-3.1 machine type for HVM
    This must be done in qemu to preserve PCI layout
    remove libxl.lock-qemu-machine-for-hvm.patch
* Fri Feb 07 2020 ohering@suse.de
  - jsc#SLE-10183 - script to calculate cpuid= mask
    add helper script from https://github.com/twizted/xen_maskcalc
    domUs may be migrated between different cpus from the same vendor
    if their visible cpuid value has incompatible feature bits masked.
* Wed Feb 05 2020 ohering@suse.de
  - jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains
    add helper script and systemd service from
    https://github.com/luizluca/xen-tools-xendomains-wait-disk
    in new sub package xen-tools-xendomains-wait-disk
    See included README for usage instructions
    xendomains-wait-disks.LICENSE
    xendomains-wait-disks.README.md
    xendomains-wait-disks.sh
* Tue Jan 28 2020 ohering@suse.de
  - bsc#1159755 - use fixed qemu-3.1 machine type for HVM
    qemu4 introduced incompatible changes in pc-i440fx, which revealed
    a design bug in 'xenfv'. Live migration from domUs started with
    qemu versions prior qemu4 can not be received with qemu4+.
    libxl.lock-qemu-machine-for-hvm.patch
* Tue Jan 14 2020 carnold@suse.com
  - Upstream bug fixes (bsc#1027519)
    5de65f84-gnttab-map-always-do-IOMMU-part.patch
    5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
    5e15e03d-sched-fix-S3-resume-with-smt=0.patch
    5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
    5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
* Wed Jan 08 2020 dimstar@opensuse.org
  - BuildRequire pkgconfig(libsystemd) instead of systemd-devel:
    Allow OBS to shortcut through the -mini flavors.
* Wed Dec 18 2019 carnold@suse.com
  - bsc#1159320 - Xen logrotate file needs updated
    logrotate.conf
* Wed Dec 18 2019 carnold@suse.com
  - Update to Xen 4.13.0 FCS release
    xen-4.13.0-testing-src.tar.bz2
    * Core Scheduling (contributed by SUSE)
    * Branch hardening to mitigate against Spectre v1 (contributed by Citrix)
    * Late uCode loading (contributed by Intel)
    * Improved live-patching build tools (contributed by AWS)
    * OP-TEE support (contributed by EPAM)
    * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM)
    * Dom0-less passthrough and ImageBuilder (contributed by XILINX)
    * Support for new Hardware
* Tue Dec 03 2019 carnold@suse.com
  - Update to Xen 4.13.0 RC4 release
    xen-4.13.0-testing-src.tar.bz2
  - Rebase libxl.pvscsi.patch
* Mon Nov 25 2019 carnold@suse.com
  - Update to Xen 4.13.0 RC3 release
    xen-4.13.0-testing-src.tar.bz2
  - Drop python38-build.patch
* Tue Nov 12 2019 carnold@suse.com
  - Update to Xen 4.13.0 RC2 release
    xen-4.13.0-testing-src.tar.bz2
* Tue Oct 29 2019 mcepl@suse.com
  - Add python38-build.patch fixing build with Python 3.8 (add
    - -embed to python-config call)
* Mon Oct 14 2019 carnold@suse.com
  - Update to Xen 4.13.0 RC1 release
    xen-4.13.0-testing-src.tar.bz2
  - Drop patches contained in new tarball or invalid
    5ca7660f-x86-entry-drop-unused-includes.patch
    5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
    5cab2ab7-x86-IOMMU-introduce-init-ops.patch
    5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
    5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
    5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
    5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
    5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
    5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
    5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
    5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
    5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
    5d358508-x86-IRQ-desc-affinity-represents-request.patch
    5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
    5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
    5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
    5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
    5d417813-AMD-IOMMU-bitfield-extended-features.patch
    5d417838-AMD-IOMMU-bitfield-control-reg.patch
    5d41785b-AMD-IOMMU-bitfield-IRTE.patch
    5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
    5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
    5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
    5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
    5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
    5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
    5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
    5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
    5d419d49-x86-spec-ctrl-report-proper-status.patch
    5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
    5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
    5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
    5d4afa7a-credit2-fix-memory-leak.patch
    5d4d850a-introduce-bss-percpu-page-aligned.patch
    5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
    5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
    5d6524ca-x86-mm-correctly-init-M2P-entries.patch
    5d67ceaf-x86-properly-gate-PKU-clearing.patch
    5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
    5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
    5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
    5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
    5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
    5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
    5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
    5d80ea13-vpci-honor-read-only-devices.patch
    5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
    5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch
    5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
    5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
    5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
    5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
    5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
    5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
    5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
    5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch
    CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
    blktap2-no-uninit.patch
    libxl.prepare-environment-for-domcreate_stream_done.patch
    pygrub-python3-conversion.patch
    fix-xenpvnetboot.patch
* Thu Oct 10 2019 carnold@suse.com
  - bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
    5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
    5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
    5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch
* Wed Oct 02 2019 ohering@suse.de
  - bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime
    The included README has details about the impact of this change
    libxl.LIBXL_HOTPLUG_TIMEOUT.patch
* Mon Sep 30 2019 carnold@suse.com
  - bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
    5ca7660f-x86-entry-drop-unused-includes.patch
    5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
    5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
    5cab2ab7-x86-IOMMU-introduce-init-ops.patch
    5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
    5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
    5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
    5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
    5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
    5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
    5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
    5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
    5d358508-x86-IRQ-desc-affinity-represents-request.patch
    5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
    5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
    5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
    5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
    5d417813-AMD-IOMMU-bitfield-extended-features.patch
    5d417838-AMD-IOMMU-bitfield-control-reg.patch
    5d41785b-AMD-IOMMU-bitfield-IRTE.patch
    5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
    5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
    5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
    5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
    5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
    5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
    5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
    5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
    5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
    5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
    5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
    5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
    5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
    5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
    5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
    5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
    5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
    5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
  - bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages
    5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
  - bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016
    with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD
    ROME platform
    5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
  - Upstream bug fixes (bsc#1027519)
    5d67ceaf-x86-properly-gate-PKU-clearing.patch
    5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
    5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
    5d80ea13-vpci-honor-read-only-devices.patch
    5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch
* Fri Sep 27 2019 ohering@suse.de
  - bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM
    Fix crash in an error path of libxl_domain_suspend with
    libxl.helper_done-crash.patch
* Wed Aug 28 2019 carnold@suse.com
  - Upstream bug fixes (bsc#1027519)
    5d419d49-x86-spec-ctrl-report-proper-status.patch
    5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
    5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
    5d4afa7a-credit2-fix-memory-leak.patch
    5d4d850a-introduce-bss-percpu-page-aligned.patch
    5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
    5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
    5d6524ca-x86-mm-correctly-init-M2P-entries.patch
  - Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch
* Wed Aug 28 2019 ohering@suse.de
  - Preserve modified files which used to be marked as %config,
    rename file.rpmsave to file
* Fri Aug 09 2019 carnold@suse.com
  - Update to Xen 4.12.1 bug fix release (bsc#1027519)
    xen-4.12.1-testing-src.tar.bz2
  - Drop patches contained in new tarball
    5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
    5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
    5c87b6c8-drop-arch_evtchn_inject.patch
    5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
    5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
    5c8f752c-x86-e820-build-with-gcc9.patch
    5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
    5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
    5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
    5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
    5c9e63c5-credit2-SMT-idle-handling.patch
    5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
    5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
    5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
    5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
    5cd921fb-trace-fix-build-with-gcc9.patch
    5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
    5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
    5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
    5cd926d0-bitmap_fill-zero-sized.patch
    5cd92724-drivers-video-drop-constraints.patch
    5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
    5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
    5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
    5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
    5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
    5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch
    5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch
    5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch
    5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
    5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
    5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
    5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
    5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
    5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
    5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
    5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
    5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
    5d03a0c4-6-Arm64-cmpxchg-simplify.patch
    5d03a0c4-7-Arm32-cmpxchg-simplify.patch
    5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
    5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
    5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
    5d03a0c4-B-bitops-guest-helpers.patch
    5d03a0c4-C-cmpxchg-guest-helpers.patch
    5d03a0c4-D-use-guest-atomics-helpers.patch
    5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
    5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
  - Refreshed patches
    libxl.pvscsi.patch
* Thu Aug 01 2019 carnold@suse.com
  - bsc#1143563 - Speculative mitigation facilities report wrong status
    5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch
* Wed Jul 17 2019 ohering@suse.de
  - Update xen-dom0-modules.service (bsc#1137251)
    Map backend module names from pvops and xenlinux kernels to a
    module alias. This avoids errors from modprobe about unknown
    modules. Ignore a few xenlinux modules that lack aliases.
* Mon Jul 15 2019 carnold@suse.com
  - Gcc9 warnings seem to be cleared up with upstream fixes.
    Drop gcc9-ignore-warnings.patch
* Tue Jun 25 2019 carnold@suse.com
  - bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3
    fix-xenpvnetboot.patch
* Mon Jun 24 2019 ohering@suse.de
  - Move /etc/modprobe.d/xen_loop.conf to /lib/modprobe.d/xen_loop.conf
* Mon Jun 24 2019 ohering@suse.de
  - Remove /etc/xen/xenapiusers and /etc/pam.d/xen-api
* Fri Jun 21 2019 ohering@suse.de
  - Remove all upstream provided files in /etc/xen
    They are not required at runtime. The host admin is now
    responsible if he really needs anything in this subdirectory.
* Fri Jun 21 2019 ohering@suse.de
  - In our effort to make /etc fully admin controlled, move /etc/xen/scripts
    to libexec/xen/scripts with xen-tools.etc_pollution.patch
* Wed Jun 19 2019 ohering@suse.de
  - Move /etc/bash_completion.d/xl.sh to %{_datadir}/bash-completion/completions
* Mon Jun 17 2019 carnold@suse.com
  - bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm
    Atomics Operations
    5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
    5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
    5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
    5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
    5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
    5d03a0c4-6-Arm64-cmpxchg-simplify.patch
    5d03a0c4-7-Arm32-cmpxchg-simplify.patch
    5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
    5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
    5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
    5d03a0c4-B-bitops-guest-helpers.patch
    5d03a0c4-C-cmpxchg-guest-helpers.patch
    5d03a0c4-D-use-guest-atomics-helpers.patch
    5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
    5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
  - Upstream bug fixes (bsc#1027519)
    5c87b6c8-drop-arch_evtchn_inject.patch
    5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
    5cd921fb-trace-fix-build-with-gcc9.patch
    5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
    5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
    5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
    5cd926d0-bitmap_fill-zero-sized.patch
    5cd92724-drivers-video-drop-constraints.patch
    5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch)
    5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch)
    5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch)
    5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch)
    5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch)
    5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch)
    5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch)
    5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
    5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
    5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
    5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
    5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
* Fri Jun 14 2019 carnold@suse.com
  - Fix some outdated information in the readme
    README.SUSE
* Tue Jun 11 2019 jfehlig@suse.com
  - spec: xen-tools: require matching version of xen package
    bsc#1137471
* Fri May 17 2019 ohering@suse.de
  - Remove two stale patches
    xen.build-compare.man.patch
    xenpaging.doc.patch
* Tue May 14 2019 mliska@suse.cz
  - Disable LTO (boo#1133296).
* Mon May 13 2019 ohering@suse.de
  - Remove arm32 from ExclusiveArch to fix build
* Mon Apr 29 2019 carnold@suse.com
  - bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4".
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
    xsa297-0a.patch
    xsa297-0b.patch
    xsa297-0c.patch
    xsa297-0d.patch
    xsa297-1.patch
    xsa297-2.patch
    xsa297-3.patch
  - Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and
    drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
    Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
* Wed Apr 17 2019 carnold@suse.com
  - bsc#1131811 - [XEN] internal error: libxenlight failed to create
    new domain. This patch is a workaround for a systemd issue. See
    patch header for additional comments.
    xenstore-launch.patch
* Thu Apr 11 2019 carnold@suse.com
  - bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest
    after upgrading host from sle11sp4 to sle15sp1
    pygrub-python3-conversion.patch
  - Fix "TypeError: virDomainDefineXML() argument 2 must be str or
    None, not bytes" when converting VMs from using the xm/xend
    toolstack to the libxl/libvirt toolstack. (bsc#1123378)
    xen2libvirt.py
* Mon Apr 08 2019 carnold@suse.com
  - bsc#1124560 - Fully virtualized guests crash on boot
    5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
  - bsc#1121391 - GCC 9: xen build fails
    5c8f752c-x86-e820-build-with-gcc9.patch
  - Upstream bug fixes (bsc#1027519)
    5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
    5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
    5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
    5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
    5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
    5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
    5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
    5c9e63c5-credit2-SMT-idle-handling.patch
    5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
    5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
    5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
    5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
* Thu Apr 04 2019 ohering@suse.de
  - Install pkgconfig files into libdir instead of datadir
* Tue Apr 02 2019 carnold@suse.com
  - Update to Xen 4.12.0 FCS release (fate#325107, fate#323901)
    xen-4.12.0-testing-src.tar.bz2
    * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates
      the HVM/PVH and PV code paths in Xen and provides KCONFIG
      options to build a PV only or HVM/PVH only hypervisor.
    * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has
      been vastly improved.
    * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter-
      domain communication mechanism.
    * Improvements to Virtual Machine Introspection: The VMI subsystem
      which allows detection of 0-day vulnerabilities has seen many
      functional and performance improvements.
    * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project
      default scheduler.
    * PVH Support: Grub2 boot support has been added to Xen and Grub2.
    * PVH Dom0: PVH Dom0 support has now been upgraded from experimental
      to tech preview.
    * The Xen 4.12 upgrade also includes improved IOMMU mapping code,
      which is designed to significantly improve the startup times of
      AMD EPYC based systems.
    * The upgrade also features Automatic Dom0 Sizing which allows the
      setting of Dom0 memory size as a percentage of host memory (e.g.
      10%) or with an offset (e.g. 1G+10%).
* Tue Mar 26 2019 carnold@suse.com
  - bsc#1130485 - Please drop Requires on multipath-tools in
    xen-tools. Now using Recommends multipath-tools.
    xen.spec
* Mon Mar 25 2019 carnold@suse.com
  - Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901)
    xen-4.12.0-testing-src.tar.bz2
* Wed Mar 20 2019 carnold@suse.com
  - Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901)
    xen-4.12.0-testing-src.tar.bz2
* Fri Mar 15 2019 ohering@suse.de
  - bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to
    avoid TSC emulation for HVM domUs if their expected frequency
    does not match exactly the frequency of the receiving host
    xen.bug1026236.suse_vtsc_tolerance.patch
* Mon Mar 11 2019 carnold@suse.com
  - Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901)
    xen-4.12.0-testing-src.tar.bz2
* Mon Mar 11 2019 carnold@suse.com
  - jsc#SLE-3059 - Disable Xen auto-ballooning
  - Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory.
    xen.spec
  - Disable autoballooning in xl.con
    xl-conf-disable-autoballoon.patch
* Thu Mar 07 2019 ohering@suse.de
  - Update gcc9-ignore-warnings.patch to fix build in SLE12
* Thu Mar 07 2019 ohering@suse.de
  - bsc#1126325 - fix crash in libxl in error path
    Setup of grant_tables and other variables may fail
    libxl.prepare-environment-for-domcreate_stream_done.patch
* Wed Mar 06 2019 carnold@suse.com
  - bsc#1127620 - Documentation for the xl configuration file allows
    for firmware=pvgrub64 but we don't ship pvgrub64.
    Create a link from grub.xen to pvgrub64
    xen.spec
* Mon Mar 04 2019 carnold@suse.com
  - Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901)
    xen-4.12.0-testing-src.tar.bz2
  - Tarball also contains additional post RC4 security fixes for
    Xen Security Advisories 287, 288, and 290 through 294.
* Tue Feb 19 2019 carnold@suse.com
  - Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901)
    xen-4.12.0-testing-src.tar.bz2
* Mon Feb 04 2019 carnold@suse.com
  - Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901)
    xen-4.12.0-testing-src.tar.bz2
* Fri Jan 25 2019 carnold@suse.com
  - bsc#1121391 - GCC 9: xen build fails
    gcc9-ignore-warnings.patch
* Thu Jan 24 2019 carnold@suse.com
  - bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing
    /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi.
    Keep xen.efi in /usr/lib64/efi for booting older distros.
    xen.spec
* Fri Jan 18 2019 carnold@suse.com
  - fate#326960: Package grub2 as noarch.
    As part of the effort to have a unified bootloader across
    architectures, modify the xen.spec file to move the Xen efi files
    to /usr/share/efi/$(uname -m) from /usr/lib64/efi.
* Wed Jan 16 2019 carnold@suse.com
  - Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901)
    xen-4.12.0-testing-src.tar.bz2
  - Drop
    5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
    5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
    5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
    5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
    5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
    5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
    5b9784d2-x86-HVM-add-known_gla-helper.patch
    5b9784f2-x86-HVM-split-page-straddling-accesses.patch
    5bdc31d5-VMX-fix-vmx_handle_eoi.patch
    gcc8-fix-array-warning-on-i586.patch
    gcc8-fix-format-warning-on-i586.patch
    gcc8-inlining-failed.patch
    xen.bug1079730.patch
* Tue Jan 15 2019 carnold@suse.com
  - bsc#1121960 - xen: sync with Factory
    xen.spec
    xen.changes
* Sat Jan 12 2019 jengelh@inai.de
  - Replace old $RPM_* shell vars.
  - Run fdupes for all architectures, and not crossing
    subvolume boundaries.
* Thu Jan 10 2019 guillaume.gardet@opensuse.org
  - Do not run %fdupes on aarch64 to avoid the hardlink-across-partition
    rpmlint error
* Tue Jan 08 2019 guillaume.gardet@opensuse.org
  - Require qemu-seabios only on x86* as it is not available on non-x86
    systems
* Thu Dec 27 2018 bwiedemann@suse.com
  - Avoid creating dangling symlinks (bsc#1116524)
    This reverts the revert of tmp_build.patch
* Tue Dec 04 2018 carnold@suse.com
  - Update to Xen 4.11.1 bug fix release (bsc#1027519)
    xen-4.11.1-testing-src.tar.bz2
  - 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
    replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
  - 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
    replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
  - Drop the following patches contained in the new tarball
    5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
    5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
    5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
    5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
    5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
    5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
    5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
    5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
    5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
    5b3f8fa5-port-array_index_nospec-from-Linux.patch
    5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
    5b4488e7-x86-spec-ctrl-cmdline-handling.patch
    5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
    5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
    5b4db308-SVM-fix-cleanup-svm_inject_event.patch
    5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
    5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
    5b505fe5-VMX-fix-find-msr-build.patch
    5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
    5b508775-2-x86-possibly-bring-up-all-CPUs.patch
    5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
    5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
    5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
    5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
    5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
    5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
    5b62ca93-VMX-avoid-hitting-BUG_ON.patch
    5b6d84ac-x86-fix-improve-vlapic-read-write.patch
    5b6d8ce2-x86-XPTI-parsing.patch
    5b72fbbe-ARM-disable-grant-table-v2.patch
    5b72fbbe-oxenstored-eval-order.patch
    5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
    5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
    5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
    5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
    5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
    5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
    5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
    5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
    5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
    5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
    5b72fbbf-xl.conf-Add-global-affinity-masks.patch
    5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
    5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
    5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
    5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
    5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
    5b8d5832-x86-assorted-array_index_nospec-insertions.patch
    5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
    5bacae4b-x86-boot-allocate-extra-module-slot.patch
    5bae44ce-x86-silence-false-log-messages.patch
    5bb60c12-x86-split-opt_xpti.patch
    5bb60c4f-x86-split-opt_pv_l1tf.patch
    5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
    5bcf0722-x86-boot-enable-NMIs.patch
    5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
    5bd076e9-x86-boot-init-debug-regs-correctly.patch
    5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
    5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch
    5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
    5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
    5be2a308-x86-extend-get_platform_badpages.patch
    5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
    xsa275-1.patch
    xsa275-2.patch
    xsa276-1.patch
    xsa276-2.patch
    xsa277.patch
    xsa279.patch
    xsa280-1.patch
    xsa280-2.patch
* Wed Nov 21 2018 carnold@suse.com
  - bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken:
    Missing /bin/domu-xenstore.  This was broken because "make
    package build reproducible" change. (boo#1047218, boo#1062303)
    This fix reverses the change to this patch.
    tmp_build.patch
* Mon Nov 12 2018 carnold@suse.com
  - bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen:
    insufficient TLB flushing / improper large page mappings with AMD
    IOMMUs (XSA-275)
    xsa275-1.patch
    xsa275-2.patch
  - bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting
    issues in x86 IOREQ server handling (XSA-276)
    xsa276-1.patch
    xsa276-2.patch
  - bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error
    handling for guest p2m page removals (XSA-277)
    xsa277.patch
  - bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
    when disabled (XSA-278)
    5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
  - bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting
    to use INVPCID with a non-canonical addresses (XSA-279)
    xsa279.patch
  - bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240
    conflicts with shadow paging (XSA-280)
    xsa280-1.patch
    xsa280-2.patch
  - bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE
    constructs may lock up host (XSA-282)
    5be2a308-x86-extend-get_platform_badpages.patch
    5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
  - bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV
    5bdc31d5-VMX-fix-vmx_handle_eoi.patch
  - Upstream bug fixes (bsc#1027519)
    5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
    5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
    5bacae4b-x86-boot-allocate-extra-module-slot.patch
    5bae44ce-x86-silence-false-log-messages.patch
    5bb60c12-x86-split-opt_xpti.patch
    5bb60c4f-x86-split-opt_pv_l1tf.patch
    5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
    5bcf0722-x86-boot-enable-NMIs.patch
    5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
    5bd076e9-x86-boot-init-debug-regs-correctly.patch
    5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
    5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
* Tue Nov 06 2018 carnold@suse.com
  - bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
    when disabled (XSA-278)
    5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch
* Wed Oct 24 2018 ohering@suse.de
  - Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries
* Wed Oct 24 2018 bwiedemann@suse.com
  - make package build reproducible (boo#1047218, boo#1062303)
    * Set SMBIOS_REL_DATE
    * Update tmp_build.patch to use SHA instead of random build-id
    * Add reproducible.patch to use --no-insert-timestamp
* Mon Oct 15 2018 ohering@suse.de
  - Building with ncurses 6.1 will fail without
    xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
  - Building libxl acpi support on aarch64 with gcc 8.2 will fail without
    xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
* Tue Sep 11 2018 carnold@suse.com
  - bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is
    apparently broken
    5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
    5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
    5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
* Tue Sep 11 2018 carnold@suse.com
  - bsc#1094508 - L3: Kernel oops in fs/dcache.c called by
    d_materialise_unique()
    5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
    5b9784d2-x86-HVM-add-known_gla-helper.patch
    5b9784f2-x86-HVM-split-page-straddling-accesses.patch
  - bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen:
    oxenstored does not apply quota-maxentity (XSA-272)
    5b72fbbe-oxenstored-eval-order.patch
  - bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of
    v2 grant tables may cause crash on ARM (XSA-268)
    5b72fbbe-ARM-disable-grant-table-v2.patch
  - Upstream patches from Jan (bsc#1027519)
    5b6d84ac-x86-fix-improve-vlapic-read-write.patch
    5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
    5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
    5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
    5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
    5b8d5832-x86-assorted-array_index_nospec-insertions.patch
  - Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch
* Tue Aug 28 2018 carnold@suse.com
  - bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed
    xen.spec
* Fri Aug 17 2018 carnold@suse.com
  - bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM
    (XSA-273)
    5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
    5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
    5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
    5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
    5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
    5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
    5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
    5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
  - bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect
    MSR_DEBUGCTL handling lets guests enable BTS (XSA-269)
    5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
  - Upstream prereq patches for XSA-273 and other upstream fixes
    (bsc#1027519)
    5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
    5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
    5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
    5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
    5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
    5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
    5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
    5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
    5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
    5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
    5b505fe5-VMX-fix-find-msr-build.patch
    5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
    5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
    5b62ca93-VMX-avoid-hitting-BUG_ON.patch
    5b6d8ce2-x86-XPTI-parsing.patch
    5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
    5b72fbbf-xl.conf-Add-global-affinity-masks.patch
    5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch
* Tue Jul 24 2018 carnold@suse.com
  - Upstream patches from Jan (bsc#1027519)
    5b3f8fa5-port-array_index_nospec-from-Linux.patch
    5b4488e7-x86-spec-ctrl-cmdline-handling.patch
    5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
    5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
    5b4db308-SVM-fix-cleanup-svm_inject_event.patch
    5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
    5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
    5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
    5b508775-2-x86-possibly-bring-up-all-CPUs.patch
    5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
    5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
    5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
    5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
    gcc8-fix-format-warning-on-i586.patch
    gcc8-fix-array-warning-on-i586.patch
  - Drop xen.fuzz-_FORTIFY_SOURCE.patch
    gcc8-fix-warning-on-i586.patch
* Mon Jul 09 2018 carnold@suse.com
  - Update to Xen 4.11.0 FCS (fate#325202, fate#325123)
    xen-4.11.0-testing-src.tar.bz2
    disable-building-pv-shim.patch
  - Dropped patches
    5a33a12f-domctl-improve-locking-during-domain-destruction.patch
    5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
    5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
    5a9985bd-x86-invpcid-support.patch
    5ac72a48-gcc8.patch
    5ac72a5f-gcc8.patch
    5ac72a64-gcc8.patch
    5ac72a69-gcc8.patch
    5ac72a6e-gcc8.patch
    5ac72a74-gcc8.patch
    5ac72a7b-gcc8.patch
    5ad4923e-x86-correct-S3-resume-ordering.patch
    5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
    5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
    5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
    5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
    5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
    5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
    5adde9ed-xpti-fix-double-fault-handling.patch
    5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
    5ae31917-x86-cpuidle-init-stats-lock-once.patch
    5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
    5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
    5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
    5aec7393-1-x86-xpti-avoid-copy.patch
    5aec7393-2-x86-xpti-write-cr3.patch
    5aec744a-3-x86-xpti-per-domain-flag.patch
    5aec744a-4-x86-xpti-use-invpcid.patch
    5aec744a-5-x86-xpti-no-global-pages.patch
    5aec744a-6-x86-xpti-cr3-valid-flag.patch
    5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
    5aec744b-8-x86-xpti-cr3-helpers.patch
    5aec74a8-9-x86-xpti-use-pcid.patch
    5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch
    5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch
    5af1daa9-3-x86-traps-use-IST-for-DB.patch
    5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch
    5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch
    5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch
    5af97999-viridian-cpuid-leaf-40000003.patch
    5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
    5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
    5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
    5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
    5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
    5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
    5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
    5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
    5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
    5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
    5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch
    5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch
    5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch
    5b0bc9da-x86-XPTI-fix-S3-resume.patch
    5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
    5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
    5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
    5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
    5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
    5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch
    5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch
    5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
    5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
    5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
    5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
    5b34882d-x86-mm-dont-bypass-preemption-checks.patch
    5b348874-x86-refine-checks-in-DB-handler.patch
    5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch
    5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch
    5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
    5b348954-x86-guard-against-NM.patch
    libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
    libxl.LIBXL_DESTROY_TIMEOUT.patch
    libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
    xen_fix_build_with_acpica_20180427_and_new_packages.patch
* Wed Jul 04 2018 trenn@suse.de
  - Submit upstream patch libacpi: fixes for iasl >= 20180427
    git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005
    xen_fix_build_with_acpica_20180427_and_new_packages.patch
    This is needed for acpica package to get updated in our build service
* Fri Jun 29 2018 carnold@suse.com
  - Upstream patches from Jan (bsc#1027519)
    5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch)
    5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch)
    5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch)
    5b0bc9da-x86-XPTI-fix-S3-resume.patch
    5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
    5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
    5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
    5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
    5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
    5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch)
    5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch)
    5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
    5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
    5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
    5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
    5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch)
    5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch)
    5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch)
    5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch)
    5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
    5b348954-x86-guard-against-NM.patch
* Mon Jun 25 2018 ohering@suse.de
  - Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch
* Mon Jun 25 2018 ohering@suse.de
  - bsc#1098403 - fix regression introduced by changes for bsc#1079730
    a PV domU without qcow2 and/or vfb has no qemu attached.
    Ignore QMP errors for PV domUs to handle PV domUs with and without
    an attached qemu-xen.
    xen.bug1079730.patch
* Mon Jun 18 2018 carnold@suse.com
  - bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks
    bypassed in x86 PV MM handling (XSA-264)
    xsa264.patch
  - bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception
    safety check can be triggered by a guest (XSA-265)
    xsa265.patch
  - bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour
    readonly flag on HVM emulated SCSI disks (XSA-266)
    xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch
    xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch
* Wed Jun 13 2018 carnold@suse.com
  - bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore
    (XSA-267)
    xsa267-1.patch
    xsa267-2.patch
* Fri Jun 01 2018 carnold@suse.com
  - bsc#1092543 - GCC 8: xen build fails
    gcc8-fix-warning-on-i586.patch
* Fri May 18 2018 carnold@suse.com
  - bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store
    Bypass aka "Memory Disambiguation" (XSA-263)
    5ad4923e-x86-correct-S3-resume-ordering.patch
    5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
    5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
    5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
    5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
    5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
    5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
    5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
    5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
    5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
    5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
    5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
    Spectre-v4-1.patch
    Spectre-v4-2.patch
    Spectre-v4-3.patch
* Thu May 17 2018 ohering@suse.de
  - Always call qemus xen-save-devices-state in suspend/resume to
    fix migration with qcow2 images (bsc#1079730)
    libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
    libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
    xen.bug1079730.patch
* Wed May 16 2018 carnold@suse.com
  - bsc#1087289 - L3: Xen BUG at sched_credit.c:1663
    5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
    5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
  - Upstream patches from Jan (bsc#1027519)
    5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
    5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
    5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
    5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
    5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
    5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
    5ae31917-x86-cpuidle-init-stats-lock-once.patch
    5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
    5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch)
    5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch)
    5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch)
    5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch)
    5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch)
    5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch)
    5af97999-viridian-cpuid-leaf-40000003.patch
* Fri May 11 2018 carnold@suse.com
  - Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254
    5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
    5a9985bd-x86-invpcid-support.patch
    5adde9ed-xpti-fix-double-fault-handling.patch
    5aec7393-1-x86-xpti-avoid-copy.patch
    5aec7393-2-x86-xpti-write-cr3.patch
    5aec744a-3-x86-xpti-per-domain-flag.patch
    5aec744a-4-x86-xpti-use-invpcid.patch
    5aec744a-5-x86-xpti-no-global-pages.patch
    5aec744a-6-x86-xpti-cr3-valid-flag.patch
    5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
    5aec744b-8-x86-xpti-cr3-helpers.patch
    5aec74a8-9-x86-xpti-use-pcid.patch
* Wed May 09 2018 carnold@suse.com
  - bsc#1092543 - GCC 8: xen build fails
    5ac72a48-gcc8.patch
    5ac72a5f-gcc8.patch
    5ac72a64-gcc8.patch
    5ac72a69-gcc8.patch
    5ac72a6e-gcc8.patch
    5ac72a74-gcc8.patch
    5ac72a7b-gcc8.patch
    gcc8-inlining-failed.patch
* Tue May 08 2018 carnold@suse.com
  - Update to Xen 4.10.1 bug fix release (bsc#1027519)
    xen-4.10.1-testing-src.tar.bz2
    disable-building-pv-shim.patch
  - Drop the following patches contained in the new tarball
    5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
    5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
    5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
    5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
    5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
    5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
    5a4caa8c-x86-E820-don-t-overrun-array.patch
    5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
    5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
    5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
    5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
    5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
    5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
    5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
    5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
    5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
    5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
    5a4fd894-4-clarifications-to-wait-infrastructure.patch
    5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
    5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
    5a5e2cff-x86-Meltdown-band-aid.patch
    5a5e2d73-x86-Meltdown-band-aid-conditional.patch
    5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
    5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
    5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
    5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
    5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
    5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
    5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
    5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
    5a5e459c-2-x86-report-domain-id-on-CPUID.patch
    5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
    5a69c0b9-x86-fix-GET_STACK_END.patch
    5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
    5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
    5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
    5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
    5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
    5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
    5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
    5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
    5a6b36cd-9-x86-issue-speculation-barrier.patch
    5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
    5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
    5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
    5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
    5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
    5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
    5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
    5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
    5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
    5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
    5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
    5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
    5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
    5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
    5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
    5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
    5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
    5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
    5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
    xsa258.patch
    xsa259.patch
* Wed Apr 25 2018 carnold@suse.com
  - bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of
    debug exceptions (XSA-260)
    xsa260-1.patch
    xsa260-2.patch
    xsa260-3.patch
    xsa260-4.patch
  - bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt
    injection errors (XSA-261)
    xsa261.patch
  - bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into
    unbounded loop (XSA-262)
    xsa262.patch
* Mon Apr 16 2018 carnold@suse.com
  - bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via
    crafted user-supplied CDROM (XSA-258)
    xsa258.patch
  - bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash
    Xen with XPTI (XSA-259)
    xsa259.patch
* Wed Mar 28 2018 ohering@suse.de
  - Preserve xen-syms from xen-dbg.gz to allow processing vmcores
    with crash(1) (bsc#1087251)
* Mon Mar 26 2018 carnold@suse.com
  - Upstream patches from Jan (bsc#1027519) and fixes related to
    Page Table Isolation (XPTI). See also bsc#1074562 XSA-254
    5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
    5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
    5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
    5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
    5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
    5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
* Thu Mar 01 2018 carnold@suse.com
  - bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from
    0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30)
    5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
  - Upstream patches from Jan (bsc#1027519)
    5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
    5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
    5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
    5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
    5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
    5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
    5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
    5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch)
    5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch)
    5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch)
    5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch)
  - Drop
    xsa252.patch
    xsa255-1.patch
    xsa255-2.patch
    xsa256.patch
* Mon Feb 12 2018 carnold@suse.com
  - bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable
    L3/L4 pagetable freeing (XSA-252)
    xsa252.patch
  - bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1
    transition may crash Xen (XSA-255)
    xsa255-1.patch
    xsa255-2.patch
  - bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without
    LAPIC may DoS the host (XSA-256)
    xsa256.patch
* Fri Feb 09 2018 ohering@suse.de
  - Remove stale systemd presets code for 13.2 and older
* Fri Feb 09 2018 ohering@suse.de
  - fate#324965 - add script, udev rule and systemd service to watch
    for vcpu online/offline events in a HVM domU
    They are triggered via xl vcpu-set domU N
* Fri Feb 09 2018 ohering@suse.de
  - Replace hardcoded xen with Name tag when refering to subpkgs
* Fri Feb 09 2018 ohering@suse.de
  - Make sure tools and tools-domU require libs from the very same build
* Wed Feb 07 2018 jfehlig@suse.com
  - tools-domU: Add support for qemu guest agent. New files
    80-xen-channel-setup.rules and xen-channel-setup.sh configure a
    xen-pv-channel for use by the guest agent
    FATE#324963
* Wed Feb 07 2018 ohering@suse.de
  - Remove outdated /etc/xen/README*
* Mon Jan 29 2018 carnold@suse.com
  - bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with
    MSR emulation (XSA-253)
    5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
  - bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754
    xen: Information leak via side effects of speculative execution
    (XSA-254). Includes Spectre v2 mitigation.
    5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
    5a4caa8c-x86-E820-don-t-overrun-array.patch
    5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
    5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
    5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
    5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
    5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
    5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
    5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
    5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
    5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
    5a4fd894-4-clarifications-to-wait-infrastructure.patch
    5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
    5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
    5a5e2cff-x86-Meltdown-band-aid.patch
    5a5e2d73-x86-Meltdown-band-aid-conditional.patch
    5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
    5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
    5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
    5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
    5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
    5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
    5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
    5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
    5a5e459c-2-x86-report-domain-id-on-CPUID.patch
    5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
    5a69c0b9-x86-fix-GET_STACK_END.patch
    5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
    5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
    5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
    5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
    5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
    5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
    5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
    5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
    5a6b36cd-9-x86-issue-speculation-barrier.patch
    5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
    5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
* Fri Jan 26 2018 carnold@suse.com
  - Fix python3 deprecated atoi call (bsc#1067224)
    pygrub-python3-conversion.patch
  - Drop xenmon-python3-conversion.patch
* Wed Jan 10 2018 ohering@suse.de
  - bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu,
    depending on the libxl disk settings
    libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch
* Mon Jan 08 2018 ohering@suse.de
  - Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch
* Fri Jan 05 2018 carnold@suse.com
  - bsc#1067224 - xen-tools have hard dependency on Python 2
    build-python3-conversion.patch
    bin-python3-conversion.patch
* Wed Dec 20 2017 carnold@suse.com
  - bsc#1070165 - xen crashes after aborted localhost migration
    5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
  - bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb:
    libxl__devices_destroy failed
    5a33a12f-domctl-improve-locking-during-domain-destruction.patch
  - Upstream patches from Jan (bsc#1027519)
    5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
    5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
    5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
    5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
* Wed Dec 13 2017 carnold@suse.com
  - Update to Xen 4.10.0 FCS (fate#321394, fate#322686)
    xen-4.10.0-testing-src.tar.bz2
* Mon Dec 11 2017 ohering@suse.de
  - Rebuild initrd if xen-tools-domU is updated
* Tue Dec 05 2017 carnold@suse.com
  - Update to Xen 4.10.0-rc8 (fate#321394, fate#322686)
    xen-4.10.0-testing-src.tar.bz2
* Tue Nov 28 2017 ohering@suse.de
  - Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds
    If many domUs shutdown in parallel the backends can not keep up
    Add some debug output to track how long backend shutdown takes (bsc#1035442)
    libxl.LIBXL_DESTROY_TIMEOUT.patch
    libxl.LIBXL_DESTROY_TIMEOUT.debug.patch
* Tue Nov 28 2017 ohering@suse.de
  - Adjust xenstore-run-in-studomain.patch to change the defaults
    in the code instead of changing the sysconfig template, to also
    cover the upgrade case
* Fri Nov 24 2017 carnold@suse.com
  - Update to Xen 4.10.0-rc6 (fate#321394, fate#322686)
    xen-4.10.0-testing-src.tar.bz2
* Fri Nov 24 2017 ohering@suse.de
  - Since xen switched to Kconfig, building a debug hypervisor
    was done by default. Adjust make logic to build a non-debug
    hypervisor by default, and continue to provide one as xen-dbg.gz
* Fri Nov 24 2017 ohering@suse.de
  - fate#316614: set migration constraints from cmdline
    fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10
* Thu Nov 23 2017 ohering@suse.de
  - Document the suse-diskcache-disable-flush option in
    xl-disk-configuration(5) (bsc#879425,bsc#1067317)
* Thu Nov 23 2017 rbrown@suse.com
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Thu Nov 16 2017 carnold@suse.com
  - Update to Xen 4.10.0-rc5 (fate#321394, fate#322686)
    xen-4.10.0-testing-src.tar.bz2
  - fate#323663 - Run Xenstore in stubdomain
    xenstore-run-in-studomain.patch
* Thu Nov 09 2017 carnold@suse.com
  - bsc#1067224 - xen-tools have hard dependency on Python 2
    pygrub-python3-conversion.patch
    xenmon-python3-conversion.patch
    migration-python3-conversion.patch
    xnloader.py
    xen2libvirt.py
* Wed Nov 08 2017 ohering@suse.de
  - Remove xendriverdomain.service (bsc#1065185)
    Driver domains must be configured manually with custom .service file
* Thu Nov 02 2017 carnold@suse.com
  - Update to Xen 4.10.0-rc3 (fate#321394, fate#322686)
    xen-4.10.0-testing-src.tar.bz2
  - Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch
* Thu Nov 02 2017 ohering@suse.de
  - Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)
* Fri Oct 27 2017 carnold@suse.com
  - fate#324052 Support migration of Xen HVM domains larger than 1TB
    59f31268-libxc-remove-stale-error-check-for-domain-size.patch
* Wed Oct 25 2017 carnold@suse.com
  - Update to Xen 4.10.0-rc2 (fate#321394, fate#322686)
    xen-4.10.0-testing-src.tar.bz2
* Mon Oct 16 2017 carnold@suse.com
  - Update to Xen 4.10.0-rc1 (fate#321394, fate#322686)
    xen-4.10.0-testing-src.tar.bz2
  - Drop patches included in new tarball
    592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
    596f257e-x86-fix-hvmemul_insn_fetch.patch
    5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
    598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
    598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
    5992f1e5-x86-grant-disallow-misaligned-PTEs.patch
    5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch
    5992f233-gnttab-correct-pin-status-fixup-for-copy.patch
    59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
    59958ebf-gnttab-fix-transitive-grant-handling.patch
    59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
    599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
    59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
    59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
    59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
    59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
    59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
    59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
    59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
    59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
    59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
    59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
    59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
    59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
    gcc7-arm.patch
    gcc7-mini-os.patch
* Tue Oct 03 2017 carnold@suse.com
  - bsc#1061084 - VUL-0: xen: page type reference leak on x86
    (XSA-242)
    xsa242.patch
  - bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear
    shadow mappings with translated guests (XSA-243)
    xsa243.patch
  - bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings
    during CPU hotplug (XSA-244)
    xsa244.patch
* Mon Oct 02 2017 carnold@suse.com
  - bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks
    (XSA-238)
    xsa238.patch
  - bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O
    intercept code (XSA-239)
    xsa239.patch
  - bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable
    de-typing (XSA-240)
    xsa240-1.patch
    xsa240-2.patch
  - bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type
    release race (XSA-241)
    xsa241.patch
* Fri Sep 29 2017 carnold@suse.com
  - bsc#1061075 - VUL-0: xen: pin count / page reference race in
    grant table code (XSA-236)
    xsa236.patch
  - bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86
    (XSA-237)
    xsa237-1.patch
    xsa237-2.patch
    xsa237-3.patch
    xsa237-4.patch
    xsa237-5.patch
* Tue Sep 26 2017 carnold@suse.com
  - bsc#1056278 - VUL-0: xen: Missing NUMA node parameter
    verification (XSA-231)
    59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
  - bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232)
    59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
  - bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup
    (XSA-233)
    59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
  - bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for
    x86 PV guests (XSA-234)
    59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
  - bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to
    release lock on ARM (XSA-235)
    599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
  - Upstream patches from Jan (bsc#1027519)
    59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
    59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
    59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
    59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
    59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
    59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
    59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
    59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
  - Dropped gcc7-xen.patch
* Thu Sep 07 2017 carnold@suse.com
  - bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when
    Secure Boot is Enabled
    xen.spec
* Tue Sep 05 2017 ohering@suse.de
  - bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
    update from v6 to v9 to cover more cases for ballooned domUs
    libxc.sr.superpage.patch
* Mon Aug 28 2017 ohering@suse.de
  - bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen
    drop the patch because it is not upstream acceptable
    remove xen.suse_vtsc_tolerance.patch
* Sat Aug 26 2017 ohering@suse.de
  - bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
    after the save using xl stack
    libxc.sr.superpage.patch
* Tue Aug 22 2017 ohering@suse.de
  - Unignore gcc-PIE
    the toolstack disables PIE for firmware builds as needed
* Mon Aug 21 2017 carnold@suse.com
  - Upstream patches from Jan (bsc#1027519)
    592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
    596f257e-x86-fix-hvmemul_insn_fetch.patch
    5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
    598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
    598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
    5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch)
    5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch)
    5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch)
    59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch)
    59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch)
    59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
* Wed Aug 16 2017 carnold@suse.com
  - bsc#1044974 - xen-tools require python-pam
    xen.spec
* Fri Aug 11 2017 carnold@suse.com
  - Clean up spec file errors and a few warnings. (bsc#1027519)
  - Removed conditional 'with_systemd' and some old deprecated
    'sles_version' checks.
    xen.spec
* Thu Aug 10 2017 jfehlig@suse.com
  - Remove use of brctl utiltiy from supportconfig plugin
    FATE#323639
* Thu Aug 10 2017 ohering@suse.de
  - Use upstream variant of mini-os __udivmoddi4 change
    gcc7-mini-os.patch
* Wed Aug 09 2017 carnold@suse.com
  - fate#323639 Move bridge-utils to legacy
    replace-obsolete-network-configuration-commands-in-s.patch
* Tue Aug 08 2017 carnold@suse.com
  - bsc#1052686 - VUL-0: xen: grant_table: possibly premature
    clearing of GTF_writing / GTF_reading (XSA-230)
    xsa230.patch
* Mon Aug 07 2017 ohering@suse.de
  - bsc#1035231 - migration of HVM domU does not use superpages
    on destination dom0
    libxc.sr.superpage.patch
* Thu Aug 03 2017 carnold@suse.com
  - bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded
    recursion in grant table code (XSA-226)
    xsa226-1.patch
    xsa226-2.patch
  - bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege
    escalation via map_grant_ref (XSA-227)
    xsa227.patch
  - bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race
    conditions with maptrack free list handling (XSA-228)
    xsa228.patch
* Tue Aug 01 2017 jfehlig@suse.com
  - Add a supportconfig plugin
    xen-supportconfig
    FATE#323661
* Tue Jul 25 2017 ohering@suse.de
  - bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen
    To avoid emulation of TSC access from a domU after live migration
    add a global tolerance for the measured host kHz
    xen.suse_vtsc_tolerance.patch
* Thu Jul 20 2017 carnold@suse.com
  - fate#323662 Drop qemu-dm from xen-tools package
    The following tarball and patches have been removed
    qemu-xen-traditional-dir-remote.tar.bz2
    VNC-Support-for-ExtendedKeyEvent-client-message.patch
    0001-net-move-the-tap-buffer-into-TAPState.patch
    0002-net-increase-tap-buffer-size.patch
    0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch
    0004-e1000-secrc-support.patch
    0005-e1000-multi-buffer-packet-support.patch
    0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
    0007-e1000-verify-we-have-buffers-upfront.patch
    0008-e1000-check-buffer-availability.patch
    CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
    CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
    CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
    CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
    CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
    CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
    CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
    CVE-2015-4037-qemut-smb-config-dir-name.patch
    CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
    CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
    CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
    CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
    CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
    CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
    CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
    CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
    CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
    CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
    CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
    CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
    CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
    CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
    CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
    CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
    CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch
    CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
    CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch
    CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
    CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
    CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
    CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
    CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
    blktap.patch
    cdrom-removable.patch
    xen-qemu-iscsi-fix.patch
    qemu-security-etch1.patch
    xen-disable-qemu-monitor.patch
    xen-hvm-default-bridge.patch
    qemu-ifup-set-mtu.patch
    ioemu-vnc-resize.patch
    capslock_enable.patch
    altgr_2.patch
    log-guest-console.patch
    bdrv_open2_fix_flags.patch
    bdrv_open2_flags_2.patch
    ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch
    qemu-dm-segfault.patch
    bdrv_default_rwflag.patch
    kernel-boot-hvm.patch
    ioemu-watchdog-support.patch
    ioemu-watchdog-linkage.patch
    ioemu-watchdog-ib700-timer.patch
    ioemu-hvm-pv-support.patch
    pvdrv_emulation_control.patch
    ioemu-disable-scsi.patch
    ioemu-disable-emulated-ide-if-pv.patch
    xenpaging.qemu.flush-cache.patch
    ioemu-devicemodel-include.patch
  - Cleanup spec file and remove unused KMP patches
    kmp_filelist
    supported_module.patch
    xen_pvonhvm.xen_emul_unplug.patch
* Mon Jul 17 2017 carnold@suse.com
  - bsc#1002573 - Optimize LVM functions in block-dmmd
    block-dmmd
* Fri Jul 14 2017 ohering@suse.de
  - Record initial Xen dmesg in /var/log/xen/xen-boot.log for
    supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log
* Fri Jul 14 2017 ohering@suse.de
  - Remove storytelling from description in xen.rpm
* Wed Jun 28 2017 carnold@suse.com
  - Update to Xen 4.9.0 FCS (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
* Wed Jun 21 2017 carnold@suse.com
  - Update block-dmmd script (bsc#1002573)
    block-dmmd
* Tue Jun 20 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
    gcc7-arm.patch
  - Drop gcc7-error-xenpmd.patch
* Mon Jun 05 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc8 (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
* Thu Jun 01 2017 carnold@suse.com
  - bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop
    due to incorrect return value
    CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
* Tue May 30 2017 carnold@suse.com
  - bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory
    leakage via capture buffer
    CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
* Fri May 26 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc7 (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
* Mon May 22 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc6 (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
* Thu May 18 2017 carnold@suse.com
  - bsc#1031343 - xen fails to build with GCC 7
    gcc7-mini-os.patch
    gcc7-xen.patch
* Wed May 17 2017 carnold@suse.com
  - bsc#1031343 - xen fails to build with GCC 7
    gcc7-error-xenpmd.patch
* Tue May 16 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc5 (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
  - Drop xen-tools-pkgconfig-xenlight.patch
* Wed May 10 2017 carnold@suse.com
  - bsc#1037779 - xen breaks kexec-tools build
    xen-tools-pkgconfig-xenlight.patch
* Tue May 09 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc4 (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
* Tue May 02 2017 carnold@suse.com
  - bsc#1036146 - sles12sp2 xen VM dumps core to wrong path
    xen.spec
* Fri Apr 28 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc3 (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
    aarch64-maybe-uninitialized.patch
* Fri Apr 21 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc2 (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
* Wed Apr 19 2017 carnold@suse.com
  - Update to Xen 4.9.0-rc1 (fate#321394, fate#323108)
    xen-4.9.0-testing-src.tar.bz2
    ioemu-devicemodel-include.patch
  - Dropped patches contained in new tarball
    xen-4.8.0-testing-src.tar.bz2
    0001-xenstore-let-write_node-and-some-callers-return-errn.patch
    0002-xenstore-undo-function-rename.patch
    0003-xenstore-rework-of-transaction-handling.patch
    584806ce-x86emul-correct-PUSHF-POPF.patch
    584fc649-fix-determining-when-domain-creation-is-complete.patch
    58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
    58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
    58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
    5853ed37-VT-d-correct-dma_msi_set_affinity.patch
    5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
    58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
    585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
    585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
    585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
    586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
    587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
    587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
    5882129d-x86emul-LOCK-check-adjustments.patch
    58821300-x86-segment-attribute-handling.patch
    58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
    58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
    5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
    5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
    5887888f-credit2-use-the-correct-scratch-cpumask.patch
    5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
    5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
    589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
    58a44771-IOMMU-always-call-teardown-callback.patch
    58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
    58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch
    58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
    58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
    58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
    58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
    58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch
    58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
    58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
    58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
    58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
    58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
    58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch
    CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
    CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
    glibc-2.25-compatibility-fix.patch
    xs-09-add_change_node-params.patch
    xs-10-call-add_change_node.patch
    xs-11-tdb-record-header.patch
    xs-12-node-gen-count.patch
    xs-13-read-directory-part-support.patch
    xs-14-command-array.patch
    xs-15-command-return-val.patch
    xs-16-function-static.patch
    xs-17-arg-parsing.patch
    xs-18-default-buffer.patch
    xs-19-handle-alloc-failures.patch
    xs-20-tdb-version.patch
    xs-21-empty-tdb-database.patch
    xs-22-reopen_log-fix.patch
    xs-23-XS_DEBUG-rename.patch
    xs-24-xenstored_control.patch
    xs-25-control-enhance.patch
    xs-26-log-control.patch
    xs-27-memory-report.patch
    xs-28-remove-talloc-report.patch
    xs-29-define-off_t.patch
    xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
    xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch
* Wed Apr 05 2017 carnold@suse.com
  - bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom
    58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch
* Wed Mar 29 2017 jfehlig@suse.com
  - bsc#1015348 - L3: libvirtd does not start during boot
    suse-xendomains-service.patch
* Wed Mar 22 2017 carnold@suse.com
  - bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2
    with Xen hypervisor.
    58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
  - bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration
    - latter one much faster
    58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
  - Upstream patch from Jan
    58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
    58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
    58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch
* Mon Mar 20 2017 carnold@suse.com
  - bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block
    add"
    58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
    0001-xenstore-let-write_node-and-some-callers-return-errn.patch
    0002-xenstore-undo-function-rename.patch
    0003-xenstore-rework-of-transaction-handling.patch
  - bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated
    update (XSA-206)
    xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
    xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch
  - bsc#1029827 - Forward port xenstored
    xs-09-add_change_node-params.patch
    xs-10-call-add_change_node.patch
    xs-11-tdb-record-header.patch
    xs-12-node-gen-count.patch
    xs-13-read-directory-part-support.patch
    xs-14-command-array.patch
    xs-15-command-return-val.patch
    xs-16-function-static.patch
    xs-17-arg-parsing.patch
    xs-18-default-buffer.patch
    xs-19-handle-alloc-failures.patch
    xs-20-tdb-version.patch
    xs-21-empty-tdb-database.patch
    xs-22-reopen_log-fix.patch
    xs-23-XS_DEBUG-rename.patch
    xs-24-xenstored_control.patch
    xs-25-control-enhance.patch
    xs-26-log-control.patch
    xs-27-memory-report.patch
    xs-28-remove-talloc-report.patch
    xs-29-define-off_t.patch
* Tue Mar 14 2017 ohering@suse.de
  - bsc#1029128 - fix make xen to really produce xen.efi with gcc48
* Wed Mar 08 2017 carnold@suse.com
  - bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite
    loop issue in ohci_service_ed_list
    CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
  - Upstream patches from Jan (bsc#1027519)
    5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
    5887888f-credit2-use-the-correct-scratch-cpumask.patch
    5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
    589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
    58a44771-IOMMU-always-call-teardown-callback.patch
    58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
    58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
    58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
    58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
    58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
    58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch
* Thu Mar 02 2017 carnold@suse.com
  - bsc#1027654 - XEN fails to build against glibc 2.25
    glibc-2.25-compatibility-fix.patch
    libxl.pvscsi.patch
* Thu Feb 16 2017 ohering@suse.de
  - fate#316613: Refresh and enable libxl.pvscsi.patch
* Fri Feb 10 2017 carnold@suse.com
  - bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo
    does not check if memory region is safe (XSA-209)
    CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
* Wed Feb 08 2017 carnold@suse.com
  - bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault
    happened when adding usbctrl devices via xl
    589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
* Thu Feb 02 2017 carnold@suse.com
  - Upstream patches from Jan (bsc#1027519)
    587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
    587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
    5882129d-x86emul-LOCK-check-adjustments.patch
    58821300-x86-segment-attribute-handling.patch
    58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
    58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
    5887888f-credit2-use-the-correct-scratch-cpumask.patch
    5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
    5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
    5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
* Wed Feb 01 2017 carnold@suse.com
  - bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob
    access while doing bitblt copy backward mode
    CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
* Thu Jan 26 2017 carnold@suse.com
  - fate#322313 and fate#322150 require the acpica package ported to
    aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64
    until these fates are complete.
    xen.spec
* Wed Jan 25 2017 carnold@suse.com
  - bsc#1021952 - Virutalization/xen: Bug xen-tools missing
    /usr/bin/domu-xenstore; guests fail to launch
    tmp_build.patch
    xen.spec
* Wed Jan 18 2017 ohering@suse.de
  - No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)
* Thu Jan 12 2017 carnold@suse.com
  - bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/
    xen.spec
* Mon Jan 09 2017 carnold@suse.com
  - 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
    Replaces xsa202.patch (bsc#1014298)
  - 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
    Replaces xsa203.patch (bsc#1014300)
  - 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
    Replaces xsa204.patch (bsc#1016340)
  - Upstream patches from Jan
    58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
    5853ed37-VT-d-correct-dma_msi_set_affinity.patch
    5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
    585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
    586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
* Wed Jan 04 2017 carnold@suse.com
  - bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu:
    display: cirrus_vga: a divide by zero in cirrus_do_copy
    CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
* Mon Dec 19 2016 carnold@suse.com
  - bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of
    SYSCALL singlestep during emulation (XSA-204)
    xsa204.patch
* Thu Dec 15 2016 carnold@suse.com
  - bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation
    fails to ignore operand size override (XSA-200)
    58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
* Wed Dec 14 2016 carnold@suse.com
  - bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be
    able to mask interrupts (XSA-202)
    xsa202.patch
  - bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL
    pointer check in VMFUNC emulation (XSA-203)
    xsa203.patch
  - Upstream patches from Jan
    584806ce-x86emul-correct-PUSHF-POPF.patch
    584fc649-fix-determining-when-domain-creation-is-complete.patch
    58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
    58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
* Mon Dec 05 2016 carnold@suse.com
  - Update to Xen 4.8 FCS
    xen-4.8.0-testing-src.tar.bz2
  - Dropped
    xen-4.7.1-testing-src.tar.bz2
    0001-libxc-Rework-extra-module-initialisation.patch
    0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch
    0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch
    0004-firmware-makefile-install-BIOS-blob.patch
    0005-libxl-Load-guest-BIOS-from-file.patch
    0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch
    0007-hvmloader-Grab-the-hvm_start_info-pointer.patch
    0008-hvmloader-Locate-the-BIOS-blob.patch
    0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch
    0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch
    0011-hvmloader-Load-OVMF-from-modules.patch
    0012-hvmloader-Specific-bios_load-function-required.patch
    0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch
    0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
    57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
    576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
    5769106e-x86-generate-assembler-equates-for-synthesized.patch
    57a1e603-x86-time-adjust-local-system-time-initialization.patch
    57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
    57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
    57a30261-x86-support-newer-Intel-CPU-models.patch
    5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch
    581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
    581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
    58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
    582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
    582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch
    58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
    58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
    58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
    58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
    58343ec2-x86emul-fix-huge-bit-offset-handling.patch
    58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
    58343f44-x86-svm-fix-injection-of-software-interrupts.patch
    58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
    CVE-2016-9381-xsa197-qemut.patch
    CVE-2016-9637-xsa199-qemut.patch
* Tue Nov 22 2016 carnold@suse.com
  - bsc#1011652 - VUL-0: xen: qemu ioport array overflow
    CVE-2016-9637-xsa199-qemut.patch
* Fri Nov 18 2016 carnold@suse.com
  - bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null
    segments not always treated as unusable
    58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
  - bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch
    to VM86 mode mis-handled
    58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
  - bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base
    write emulation lacking canonical address checks
    58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
  - bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit
    ELF symbol table load leaking host data
    58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
  - bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit
    test instruction emulation broken
    58343ec2-x86emul-fix-huge-bit-offset-handling.patch
  - bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen:
    x86 software interrupt injection mis-handled
    58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
    58343f44-x86-svm-fix-injection-of-software-interrupts.patch
  - bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious
    about shared ring processing
    CVE-2016-9381-xsa197-qemut.patch
  - bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen:
    delimiter injection vulnerabilities in pygrub
    58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
  - Upstream patches from Jan
    581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
    581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
    58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
    582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
    582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch
* Tue Nov 15 2016 carnold@suse.com
  - Update to Xen Version 4.7.1
    xen-4.7.1-testing-src.tar.bz2
  - Dropped patches contained in new tarball
    xen-4.7.0-testing-src.tar.bz2
    575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
    57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
    57973099-have-schedulers-revise-initial-placement.patch
    579730e6-remove-buggy-initial-placement-algorithm.patch
    57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
    57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
    57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
    57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
    57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
    57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
    57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
    57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
    57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
    57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
    57c82be2-x86-32on64-adjust-call-gate-emulation.patch
    57c93e52-fix-error-in-libxl_device_usbdev_list.patch
    57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
    57c96e2c-x86-correct-PT_NOTE-file-position.patch
    57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
    57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
    57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
    57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
    57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
    57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
    57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
    57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
    57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
    57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
    57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
    57e93e1d-x86emul-correct-loading-of-ss.patch
    57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
    57e93e89-x86-AMD-apply-erratum-665-workaround.patch
    57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
    57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
    57fb6a91-x86-defer-not-present-segment-checks.patch
    5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
    5800caec-x86emul-fix-pushing-of-selector-registers.patch
    5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
    580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
    57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch
* Mon Nov 07 2016 carnold@suse.com
  - bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI
    systems
    xen.spec
* Thu Nov 03 2016 carnold@suse.com
  - bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not
    always honored for x86 HVM guests (XSA-190)
    57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
  - bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic
    on broadwell-ep
    57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch
  - Upstream patches from Jan
    57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
    57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
    57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
    57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
    57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
    57e93e1d-x86emul-correct-loading-of-ss.patch
    57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
    57e93e89-x86-AMD-apply-erratum-665-workaround.patch
    57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
    57fb6a91-x86-defer-not-present-segment-checks.patch
    5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
    5800caec-x86emul-fix-pushing-of-selector-registers.patch
    5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
    580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
    5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch
* Wed Nov 02 2016 carnold@suse.com
  - bsc#1007941 - Xen tools limit the number of vcpus to 256 when the
    system has 384
    xen-arch-kconfig-nr_cpus.patch
* Tue Nov 01 2016 carnold@suse.com
  - bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite
    loop while transmit in C+ mode
    CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
* Mon Oct 17 2016 carnold@suse.com
  - bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero
    error in set_next_tick
    CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
  - bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero
    error in serial_update_parameters
    CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch
* Wed Oct 05 2016 carnold@suse.com
  - bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in
    mcf_fec_do_tx
    CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
  - bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite
    loop in pcnet_rdra_addr
    CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch
* Mon Sep 12 2016 carnold@suse.com
  - bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3
    recursive pagetable for 32-bit PV guests (XSA-185)
    57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
  - bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of
    instruction pointer truncation during emulation (XSA-186)
    57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
    57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
  - bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of
    sh_ctxt->seg_reg[] (XSA-187)
    57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
    57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
  - bsc#991934 - xen hypervisor crash in csched_acct
    57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
  - Upstream patches from Jan
    57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
    57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
    57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
    57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
    57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
    57c82be2-x86-32on64-adjust-call-gate-emulation.patch
    57c96e2c-x86-correct-PT_NOTE-file-position.patch
    57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
* Mon Sep 12 2016 ohering@suse.de
  - bsc#979002 - add 60-persistent-xvd.rules and helper script
    also to initrd, add the relevant dracut helper
* Mon Sep 05 2016 ohering@suse.de
  - bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for
    upstream unplug protocol
* Fri Sep 02 2016 carnold@suse.com
  - bsc#989679 - [pvusb feature] USB device not found when
    'virsh detach-device guest usb.xml'
    57c93e52-fix-error-in-libxl_device_usbdev_list.patch
* Tue Aug 23 2016 carnold@suse.com
  - bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to
    get contiguous memory for DMA from Xen
    57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
  - bsc#978755 - xen uefi systems fail to boot
  - bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot
    57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
  - Upstream patch from Jan
    57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
* Mon Aug 08 2016 jfehlig@suse.com
  - spec: to stay compatible with the in-tree qemu-xen binary, use
    /usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64
    bsc#986164
* Thu Aug 04 2016 carnold@suse.com
  - bsc#970135 - new virtualization project clock test randomly fails
    on Xen
    576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
    5769106e-x86-generate-assembler-equates-for-synthesized.patch
    57a1e603-x86-time-adjust-local-system-time-initialization.patch
    57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
    57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
  - bsc#991934 - xen hypervisor crash in csched_acct
    57973099-have-schedulers-revise-initial-placement.patch
    579730e6-remove-buggy-initial-placement-algorithm.patch
  - bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation
    in PV guests (XSA-182)
    57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
  - bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP
    whitelisting in 32-bit exception / event delivery (XSA-183)
    57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
  - Upstream patches from Jan
    57a30261-x86-support-newer-Intel-CPU-models.patch
* Mon Aug 01 2016 carnold@suse.com
  - bsc#985503 - vif-route broken
    vif-route.patch
* Thu Jul 28 2016 carnold@suse.com
  - bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3
    failed on sles11sp4 xen host.
    pygrub-handle-one-line-menu-entries.patch
* Wed Jul 27 2016 carnold@suse.com
  - bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB
    write access in esp_do_dma
    CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
* Thu Jun 23 2016 carnold@suse.com
  - bsc#900418 - Dump cannot be performed on SLES12 XEN
    57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
  - Upstream patches from Jan
    575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
    57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
* Tue Jun 21 2016 carnold@suse.com
  - fate#319989 - Update to Xen 4.7 FCS
    xen-4.7.0-testing-src.tar.bz2
  - Drop CVE-2014-3672-qemut-xsa180.patch
* Thu Jun 16 2016 carnold@suse.com
  - bsc#954872 - script block-dmmd not working as expected - libxl:
    error: libxl_dm.c (Additional fixes)
    block-dmmd
* Fri Jun 10 2016 ohering@suse.de
  - Convert with_stubdom into build_conditional to allow adjusting
    via prjconf
  - Convert with_debug into build_conditional to allow adjusting
    via prjconf
* Fri Jun 10 2016 ohering@suse.de
  - bsc#979002 - add 60-persistent-xvd.rules and helper script to
    xen-tools-domU to simplify transition to pvops based kernels
* Fri Jun 10 2016 ohering@suse.de
  - Convert with_oxenstored into build_conditional to allow
    adjusting via prjconf (fate#320836)
* Thu Jun 09 2016 carnold@suse.com
  - bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w
    access while processing ESP_FIFO
    CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
  - bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB
    write when using non-DMA mode in get_cmd
    CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
* Tue Jun 07 2016 carnold@suse.com
  - fate#319989 - Update to Xen 4.7 RC5
    xen-4.7.0-testing-src.tar.bz2
* Wed May 25 2016 carnold@suse.com
  - fate#319989 - Update to Xen 4.7 RC4
    xen-4.7.0-testing-src.tar.bz2
  - Dropped
    xen.pkgconfig-4.7.patch
    xsa164.patch
* Mon May 23 2016 carnold@suse.com
  - bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging
    (XSA-180)
    CVE-2014-3672-qemut-xsa180.patch
* Thu May 19 2016 carnold@suse.com
  - bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write
    while writing to 's->cmdbuf' in get_cmd
    CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
  - bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write
    while writing to 's->cmdbuf' in esp_reg_write
    CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
* Tue May 17 2016 carnold@suse.com
  - fate#319989 - Update to Xen 4.7 RC3
    xen-4.7.0-testing-src.tar.bz2
  - Dropped
    libxl-remove-cdrom-cachemode.patch
    x86-PoD-only-reclaim-if-needed.patch
    gcc6-warnings-as-errors.patch
* Wed May 11 2016 carnold@suse.com
  - bsc#954872 - script block-dmmd not working as expected - libxl:
    error: libxl_dm.c (another modification)
    block-dmmd
* Tue May 10 2016 carnold@suse.com
  - fate#319989 - Update to Xen 4.7 RC2
    xen-4.7.0-testing-src.tar.bz2
* Tue May 10 2016 carnold@suse.com
  - bsc#961600 - L3: poor performance when Xen HVM domU configured
    with max memory > current memory
    x86-PoD-only-reclaim-if-needed.patch
* Fri May 06 2016 ohering@suse.de
  - Mark SONAMEs and pkgconfig as xen 4.7
    xen.pkgconfig-4.7.patch
* Tue May 03 2016 jfehlig@suse.com
  - bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom
    libxl-remove-cdrom-cachemode.patch
* Tue May 03 2016 carnold@suse.com
  - fate#319989 - Update to Xen 4.7 RC1
    xen-4.7.0-testing-src.tar.bz2
* Tue May 03 2016 ohering@suse.de
  - fate#316614: set migration constraints from cmdline
    restore libxl.set-migration-constraints-from-cmdline.patch
* Tue May 03 2016 ohering@suse.de
  - Remove obsolete patch for xen-kmp
    magic_ioport_compat.patch
* Tue May 03 2016 ohering@suse.de
  - fate#316613: update to v12
    libxl.pvscsi.patch
* Fri Apr 29 2016 carnold@suse.com
  - Update to the latest Xen 4.7 pre-release c2994f86
    Drop libxl.migrate-legacy-stream-read.patch
* Fri Apr 15 2016 ohering@suse.de
  - bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host
    to SLES12SP2 Alpha 1 host using xl migrate
    libxl.migrate-legacy-stream-read.patch
* Fri Apr 01 2016 jfehlig@suse.com
  - Add patches from proposed upstream series to load BIOS's from
    the toolstack instead of embedding in hvmloader
    http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
    0001-libxc-Rework-extra-module-initialisation.patch,
    0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch,
    0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch,
    0004-firmware-makefile-install-BIOS-blob.patch,
    0005-libxl-Load-guest-BIOS-from-file.patch,
    0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch,
    0007-hvmloader-Grab-the-hvm_start_info-pointer.patch,
    0008-hvmloader-Locate-the-BIOS-blob.patch,
    0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch,
    0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch,
    0011-hvmloader-Load-OVMF-from-modules.patch,
    0012-hvmloader-Specific-bios_load-function-required.patch,
    0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch,
    0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
  - Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin
    firmware from qemu-ovmf-x86_64. The firmware is preloaded with
    Microsoft keys to more closely resemble firmware on real hardware
    FATE#320490
* Fri Mar 25 2016 carnold@suse.com
  - fate#319989: Update to Xen 4.7 (pre-release)
    xen-4.7.0-testing-src.tar.bz2
  - Dropped:
    xen-4.6.1-testing-src.tar.bz2
    55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
    5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
    5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
    5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
    hotplug-Linux-block-performance-fix.patch
    set-mtu-from-bridge-for-tap-interface.patch
    xendomains-libvirtd-conflict.patch
    xsa154.patch
    xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
    xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
    xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
    xsa170.patch
* Tue Mar 22 2016 jfehlig@suse.com
  - Use system SeaBIOS instead of building/installing another one
    FATE#320638
    Dropped files:
    seabios-dir-remote.tar.bz2
    xen-c99-fix.patch
    xen.build-compare.seabios.patch
* Wed Mar 16 2016 jfehlig@suse.com
  - spec: drop BuildRequires that were only needed for qemu-xen
* Fri Mar 04 2016 carnold@suse.com
  - bsc#969377 - xen does not build with GCC 6
    ipxe-use-rpm-opt-flags.patch
    gcc6-warnings-as-errors.patch
* Thu Mar 03 2016 carnold@suse.com
  - bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite
    loop in ne2000_receive
    CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
  - Drop xsa154-fix.patch
* Wed Mar 02 2016 jfehlig@suse.com
  - Use system qemu instead of building/installing yet another qemu
    FATE#320638
  - Dropped files
    qemu-xen-dir-remote.tar.bz2
    CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
    CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
    CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
    CVE-2015-4037-qemuu-smb-config-dir-name.patch
    CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
    CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
    CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
    CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
    CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
    CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
    CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
    CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
    CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
    CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
    CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
    CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
    CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
    CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
    CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
    CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
    qemu-xen-enable-spice-support.patch
    qemu-xen-upstream-qdisk-cache-unsafe.patch
    tigervnc-long-press.patch
    xsa162-qemuu.patch
* Mon Feb 29 2016 carnold@suse.com
  - bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer
    dereference in vapic_write()
    CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch
* Wed Feb 24 2016 carnold@suse.com
  - bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in
    remote NDIS control message handling
    CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
* Thu Feb 18 2016 carnold@suse.com
  - bsc#954872 - L3: script block-dmmd not working as expected -
    libxl: error: libxl_dm.c
    block-dmmd
  - Update libxl to recognize dmmd and npiv prefix in disk spec
    xen.libxl.dmmd.patch
* Wed Feb 17 2016 carnold@suse.com
  - bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers
    in ohci module leads to null pointer dereference
    CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
    CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
  - bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer
    dereference in remote NDIS control message handling
    CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch
* Thu Feb 11 2016 carnold@suse.com
  - Update to Xen Version 4.6.1
    xen-4.6.1-testing-src.tar.bz2
  - Dropped patches now contained in tarball or unnecessary
    xen-4.6.0-testing-src.tar.bz2
    5604f239-x86-PV-properly-populate-descriptor-tables.patch
    561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
    561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
    561d20a0-x86-hide-MWAITX-from-PV-domains.patch
    561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
    5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
    56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
    56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
    5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
    5632129c-free-domain-s-vcpu-array.patch
    563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
    563212e4-xenoprof-free-domain-s-vcpu-array.patch
    563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
    56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
    56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
    5641ceec-x86-HVM-always-intercept-AC-and-DB.patch
    56549f24-x86-vPMU-document-as-unsupported.patch
    5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
    xsa155-qemut-qdisk-double-access.patch
    xsa155-qemut-xenfb.patch
    xsa155-qemuu-qdisk-double-access.patch
    xsa155-qemuu-xenfb.patch
    xsa159.patch
    xsa160.patch
    xsa162-qemut.patch
    xsa165.patch
    xsa166.patch
    xsa167.patch
    xsa168.patch
* Fri Feb 05 2016 carnold@suse.com
  - bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent
    cachability flags on guest mappings (XSA-154)
    xsa154.patch
  - bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may
    crash guest with non-canonical RIP (XSA-170)
    xsa170.patch
* Fri Feb 05 2016 carnold@suse.com
  - bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in
    hmp_sendkey routine
    CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
* Thu Feb 04 2016 carnold@suse.com
  - bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue
    CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
  - bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref
    in sosendto()
    CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
* Wed Feb 03 2016 carnold@suse.com
  - bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in
    ne2000_receive() function
    CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
  - bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
    infinite loop in processing command block list
    CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
    CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
* Tue Feb 02 2016 carnold@suse.com
  - bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on
    incoming migration
    CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
  - bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table
    size to avoid integer overflows
    CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
  - Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
* Mon Feb 01 2016 carnold@suse.com
  - bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer
    dereference in ehci_caps_write
    CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch
  - bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun
    on incoming migration
    CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
* Wed Jan 27 2016 carnold@suse.com
  - bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop
    in start_xmit and e1000_receive_iov routines
    CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
    CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
* Wed Jan 20 2016 carnold@suse.com
  - bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
    on invalid state load
    CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
* Tue Jan 19 2016 carnold@suse.com
  - bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
    resource limiting in VNC websockets decoder
    CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
    CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
  - bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
    invalid state load
    CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
  - bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
    bits_per_pixel from the client sanitization
    CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
* Mon Jan 18 2016 carnold@suse.com
  - bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
    overun on invalid state
    CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
  - bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
    overflow in non-loopback mode
    CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
    CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
* Wed Jan 13 2016 carnold@suse.com
  - bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
    processing firmware configurations
    CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
    CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
* Mon Jan 11 2016 carnold@suse.com
  - bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
    buffer overflow in megasas_ctrl_get_info
    CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
  - bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
    use-after-free vulnerability in aio port commands
    CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
* Thu Jan 07 2016 carnold@suse.com
  - bsc#959695 - missing docs for xen
    xen.spec
* Wed Jan 06 2016 carnold@suse.com
  - bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
    INVLPG on non-canonical address (XSA-168)
    xsa168.patch
  - bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
    functionality missing sanity checks (XSA-167)
    xsa167.patch
  - bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
    l2 header validation leads to a crash via assert(2) call
    CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
* Tue Jan 05 2016 carnold@suse.com
  - bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
    leads to a crash via assert(2) call
    CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
  - bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
    in ioport r/w functions
    CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
* Mon Jan 04 2016 carnold@suse.com
  - bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional
    logging upon guest changing callback method (XSA-169)
    5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
* Mon Dec 21 2015 ohering@suse.de
  - Adjust xen-dom0-modules.service to run Before xenstored.service
    instead of proc-xen.mount to workaround a bug in systemd "design"
    (bnc#959845)
* Wed Dec 16 2015 carnold@suse.com
  - bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net:
    vmxnet3: host memory leakage
    CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
* Mon Dec 14 2015 carnold@suse.com
  - bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers
    incautious about shared memory contents (XSA-155)
    xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
    xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
    xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
    xsa155-qemuu-qdisk-double-access.patch
    xsa155-qemut-qdisk-double-access.patch
    xsa155-qemuu-xenfb.patch
    xsa155-qemut-xenfb.patch
  - bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop
    in ehci_advance_state results in DoS
    CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
  - bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer
    dereference issue
    CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
  - bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid
    floating point exception
    CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
    CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
  - bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in
    MSI-X handling (XSA-164)
    xsa164.patch
  - bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in
    legacy x86 FPU/XMM initialization (XSA-165)
    xsa165.patch
  - bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to
    multiple read issue (XSA-166)
    xsa166.patch
* Fri Nov 27 2015 carnold@suse.com
  - bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
    infinite loop in processing command block list
    CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
    CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
  - Upstream patches from Jan
    56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
    5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
    5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
    56544a57-VMX-fix-adjust-trap-injection.patch
    56546ab2-sched-fix-insert_vcpu-locking.patch
* Wed Nov 25 2015 carnold@suse.com
  - bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163)
    56549f24-x86-vPMU-document-as-unsupported.patch
  - bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen:
    XENMEM_exchange error handling issues (XSA-159)
    xsa159.patch
  - bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel
    and initrd on error (XSA-160)
    xsa160.patch
  - bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow
    vulnerability in pcnet emulator (XSA-162)
    xsa162-qemuu.patch
    xsa162-qemut.patch
  - bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
    readonly flag on disks with qemu-xen (xsa-142)
    5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
    5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
* Tue Nov 24 2015 carnold@suse.com
  - fate#315712: XEN: Use the PVOPS kernel
    Turn off building the KMPs now that we are using the pvops kernel
    xen.spec
* Thu Nov 19 2015 carnold@suse.com
  - Upstream patches from Jan
    561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
    561d20a0-x86-hide-MWAITX-from-PV-domains.patch
    561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
    5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
    56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
    56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
    5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
    5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch)
    563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
    563212e4-xenoprof-free-domain-s-vcpu-array.patch
    563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
    56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
    56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
    5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
    5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
  - Dropped 55b0a2db-x86-MSI-track-guest-masking.patch
* Thu Nov 19 2015 ohering@suse.de
  - Use upstream variants of block-iscsi and block-nbd
* Thu Nov 19 2015 ohering@suse.de
  - Remove xenalyze.hg, its part of xen-4.6
* Tue Nov 10 2015 carnold@suse.com
  - Update to Xen Version 4.6.0
    xen-4.6.0-testing-src.tar.bz2
    mini-os.tar.bz2
    blktap2-no-uninit.patch
    stubdom-have-iovec.patch
  - Renamed
    xsa149.patch to CVE-2015-7969-xsa149.patch
  - Dropped patches now contained in tarball or unnecessary
    xen-4.5.2-testing-src.tar.bz2
    54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
    54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
    54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
    54f4985f-libxl-fix-libvirtd-double-free.patch
    55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
    551ac326-xentop-add-support-for-qdisk.patch
    552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
    552d0fe8-x86-mtrr-include-asm-atomic.h.patch
    552d293b-x86-vMSI-X-honor-all-mask-requests.patch
    552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
    5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
    5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
    5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
    554c7aee-x86-provide-arch_fetch_and_add.patch
    554c7b00-arm-provide-arch_fetch_and_add.patch
    554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch
    55534b25-arm-provide-add_sized.patch
    5555a4f8-use-ticket-locks-for-spin-locks.patch
    5555a5b9-x86-arm-remove-asm-spinlock-h.patch
    5555a8ec-introduce-non-contiguous-allocation.patch
    556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
    5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
    55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
    557eb55f-gnttab-per-active-entry-locking.patch
    557eb5b6-gnttab-introduce-maptrack-lock.patch
    557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
    557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
    5582bf43-evtchn-simplify-port_is_valid.patch
    5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
    5583d9c5-x86-MSI-X-cleanup.patch
    5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
    5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
    5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
    5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
    5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
    5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
    5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
    55b0a218-x86-PCI-CFG-write-intercept.patch
    55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch
    55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch
    blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch
    blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch
    ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch
    ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch
    ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch
    local_attach_support_for_phy.patch pci-attach-fix.patch
    qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch
    tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch
    xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch
    xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch
    xl-coredump-file-location.patch
* Thu Nov 05 2015 carnold@suse.com
  - bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by
    triggering an infinite loop in microcode via #DB exception
  - bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during
    fault delivery (XSA-156)
    CVE-2015-5307-xsa156.patch
* Wed Nov 04 2015 carnold@suse.com
  - Update to Xen 4.5.2
    xen-4.5.2-testing-src.tar.bz2
  - Drop the following
    xen-4.5.1-testing-src.tar.bz2
    552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
    5576f178-kexec-add-more-pages-to-v1-environment.patch
    55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
    558bfaa0-x86-traps-avoid-using-current-too-early.patch
    5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
    559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
    559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
    559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
    559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
    559bdde5-pull-in-latest-linux-earlycpio.patch
    55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
    55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
    55a77e4f-dmar-device-scope-mem-leak-fix.patch
    55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
    55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
    55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
    55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
    55e43fd8-x86-NUMA-fix-setup_node.patch
    55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
    55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
    55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
    55f9345b-x86-MSI-fail-if-no-hardware-support.patch
    5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
    560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
    560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
    560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
    560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
    560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
    561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
    561d20a0-x86-hide-MWAITX-from-PV-domains.patch
    561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
    563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
    CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch
    CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch
    xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch
    xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch
    xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch
    xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch
    xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch
    xsa151.patch xsa152.patch xsa153-libxl.patch
    CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
    CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
    CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
    CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
    CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
    CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
    CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
    CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"
* Mon Nov 02 2015 carnold@suse.com
  - bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency
    populate-on-demand operation is not preemptible (XSA-150)
    563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
* Wed Oct 28 2015 carnold@suse.com
  - Upstream patches from Jan
    5604f239-x86-PV-properly-populate-descriptor-tables.patch
    561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
    561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
    561d20a0-x86-hide-MWAITX-from-PV-domains.patch
    561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
* Fri Oct 23 2015 carnold@suse.com
  - bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand
    balloon size inaccuracy can crash guests (XSA-153)
    xsa153-libxl.patch
* Fri Oct 16 2015 carnold@suse.com
  - bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain
    vcpu pointer array (DoS) (XSA-149)
    xsa149.patch
  - bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain
    profiling-related vcpu pointer array (DoS) (XSA-151)
    xsa151.patch
  - bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and
    profiling hypercalls log without rate limiting (XSA-152)
    xsa152.patch
  - Dropped
    55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
    5604f239-x86-PV-properly-populate-descriptor-tables.patch
* Thu Oct 15 2015 carnold@suse.com
  - bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure
    temporary file use in /net/slirp.c
    CVE-2015-4037-qemuu-smb-config-dir-name.patch
    CVE-2015-4037-qemut-smb-config-dir-name.patch
  - bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table
    size to avoid integer overflows
    CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
    CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
* Wed Oct 14 2015 carnold@suse.com
  - bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled
    creation of large page mappings by PV guests (XSA-148)
    CVE-2015-7835-xsa148.patch
* Tue Oct 06 2015 jfehlig@suse.com
  - bsc#949138 - Setting vcpu affinity under Xen causes libvirtd
    abort
    54f4985f-libxl-fix-libvirtd-double-free.patch
* Tue Oct 06 2015 carnold@suse.com
  - bsc#949046 - Increase %suse_version in SP1 to 1316
    xen.spec
  - Update README.SUSE detailing dom0 ballooning recommendations
* Mon Oct 05 2015 carnold@suse.com
  - bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’
    secondly show errors
    55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
  - Upstream patches from Jan
    55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
    55f9345b-x86-MSI-fail-if-no-hardware-support.patch
    5604f239-x86-PV-properly-populate-descriptor-tables.patch
    5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
    560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
    560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
    560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
    560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
    560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
* Fri Oct 02 2015 mlatimer@suse.com
  - bsc#941074 - VmError: Device 51728 (vbd) could not be connected.
    Hotplug scripts not working.
    hotplug-Linux-block-performance-fix.patch
* Wed Sep 23 2015 carnold@suse.com
  - bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
    readonly flag on disks with qemu-xen (xsa-142)
    CVE-2015-7311-xsa142.patch
* Wed Sep 16 2015 cyliu@suse.com
  - bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1
    pci-attach-fix.patch
* Tue Sep 15 2015 jfehlig@suse.com
  - bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1
    5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
* Wed Sep 09 2015 carnold@suse.com
  - Upstream patches from Jan
    55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
    55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
    55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
    55e43fd8-x86-NUMA-fix-setup_node.patch
    55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
    55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
    54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
    54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
    54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
* Tue Sep 08 2015 carnold@suse.com
  - bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in
    vnc_client_read() and protocol_client_msg()
    CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
    CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch
  - bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite
    loop issue
    CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
    CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
* Wed Aug 26 2015 carnold@suse.com
  - bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
    config handling stack overflow
    55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
* Tue Aug 18 2015 carnold@suse.com
  - bsc#907514 - Bus fatal error & sles12 sudden reboot has been
    observed
  - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after
    shutdown of guest with VT-d NIC
  - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
    observed
  - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden
    reboot has been observed
    552d293b-x86-vMSI-X-honor-all-mask-requests.patch
    552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
    5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
    55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
    5583d9c5-x86-MSI-X-cleanup.patch
    5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
    55b0a218-x86-PCI-CFG-write-intercept.patch
    55b0a255-x86-MSI-X-maskall.patch
    55b0a283-x86-MSI-X-teardown.patch
    55b0a2ab-x86-MSI-X-enable.patch
    55b0a2db-x86-MSI-track-guest-masking.patch
  - Upstream patches from Jan
    552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
    559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
    559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
    559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
    55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
    55a77e4f-dmar-device-scope-mem-leak-fix.patch
    55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
    55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
  - Dropped for upstream version
    x86-MSI-mask.patch
    x86-MSI-pv-unmask.patch
    x86-MSI-X-enable.patch
    x86-MSI-X-maskall.patch
    x86-MSI-X-teardown.patch
    x86-pci_cfg_okay.patch
    x86-PCI-CFG-write-intercept.patch
* Tue Jul 28 2015 carnold@suse.com
  - bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap
    memory in rtl8139 device model
    xsa140-qemuu-1.patch
    xsa140-qemuu-2.patch
    xsa140-qemuu-3.patch
    xsa140-qemuu-4.patch
    xsa140-qemuu-5.patch
    xsa140-qemuu-6.patch
    xsa140-qemuu-7.patch
    xsa140-qemut-1.patch
    xsa140-qemut-2.patch
    xsa140-qemut-3.patch
    xsa140-qemut-4.patch
    xsa140-qemut-5.patch
    xsa140-qemut-6.patch
    xsa140-qemut-7.patch
  - bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen
    block unplug protocol
    xsa139-qemuu.patch
* Tue Jul 21 2015 ohering@suse.de
  - bsc#937371 - xen vm's running after reboot
    xendomains-libvirtd-conflict.patch
* Thu Jul 16 2015 carnold@suse.com
  - bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code
    execution via IDE subsystem CD-ROM
    CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
    CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
    CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
    CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
    CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
    CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
* Wed Jul 15 2015 ohering@suse.de
  - Remove xendomains.service from systemd preset file because it
    conflicts with libvirt-guests.service (bnc#937371)
    Its up to the admin to run systemctl enable xendomains.service
* Wed Jul 08 2015 carnold@suse.com
  - bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
    config handling stack overflow
    CVE-2015-3259-xsa137.patch
  - Upstream patches from Jan
    558bfaa0-x86-traps-avoid-using-current-too-early.patch
    5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
    559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
    559bdde5-pull-in-latest-linux-earlycpio.patch
  - Upstream patches from Jan pending review
    552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
    552d0fe8-x86-mtrr-include-asm-atomic.h.patch
    552d293b-x86-vMSI-X-honor-all-mask-requests.patch
    552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
    554c7aee-x86-provide-arch_fetch_and_add.patch
    554c7b00-arm-provide-arch_fetch_and_add.patch
    55534b0a-x86-provide-add_sized.patch
    55534b25-arm-provide-add_sized.patch
    5555a4f8-use-ticket-locks-for-spin-locks.patch
    5555a5b9-x86-arm-remove-asm-spinlock-h.patch
    5555a8ec-introduce-non-contiguous-allocation.patch
    55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
    557eb55f-gnttab-per-active-entry-locking.patch
    557eb5b6-gnttab-introduce-maptrack-lock.patch
    557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
    557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
    5582bf43-evtchn-simplify-port_is_valid.patch
    5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
    5583d9c5-x86-MSI-X-cleanup.patch
    5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
    5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
    5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
    5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
    5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
    5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
    5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
    x86-MSI-pv-unmask.patch
    x86-pci_cfg_okay.patch
    x86-PCI-CFG-write-intercept.patch
    x86-MSI-X-maskall.patch
    x86-MSI-X-teardown.patch
    x86-MSI-X-enable.patch
    x86-MSI-mask.patch
* Tue Jul 07 2015 ohering@suse.de
  - Adjust more places to use br0 instead of xenbr0
* Tue Jun 30 2015 carnold@suse.com
  - bnc#936516 - xen fails to build with kernel update(4.1.0 from
    stable)
    556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
* Fri Jun 26 2015 carnold@suse.com
  - Update to Xen Version 4.5.1 FCS (fate#315675)
    xen-4.5.1-testing-src.tar.bz2
  - Dropped patches now contained in tarball
    556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
    556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
    556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
    556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch
    55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
    55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
    55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
    55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
    5513b458-allow-reboot-overrides-when-running-under-EFI.patch
    5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
    5576f178-kexec-add-more-pages-to-v1-environment.patch
    5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
    CVE-2015-3456-xsa133-qemuu.patch
    CVE-2015-3456-xsa133-qemut.patch
    qemu-MSI-X-enable-maskall.patch
    qemu-MSI-X-latch-writes.patch
    x86-MSI-X-guest-mask.patch
* Thu Jun 25 2015 jfehlig@suse.com
  - Replace 5124efbe-add-qxl-support.patch with the variant that
    finally made it upstream, 554cc211-libxl-add-qxl.patch
* Wed Jun 10 2015 carnold@suse.com
  - bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
    qemu MSI-X pass-through error messages
    qemu-MSI-X-latch-writes.patch
  - bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed
  - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown
    of guest with VT-d NIC
  - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
    observed
  - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot
    has been observed
    x86-MSI-X-teardown.patch
    x86-MSI-X-enable.patch
    x86-MSI-X-guest-mask.patch
    x86-MSI-X-maskall.patch
    qemu-MSI-X-enable-maskall.patch
  - Upstream patches from Jan
    55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
    55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
    55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
    55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
    55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
    55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
    5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
  - Dropped the following patches now contained in the tarball
    xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch
    CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch
    CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch
    CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch
    CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch
    CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch
* Wed Jun 03 2015 carnold@suse.com
  - Update to Xen 4.5.1 RC2
  - bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI
    register access in qemu
    CVE-2015-4106-xsa131-1.patch
    CVE-2015-4106-xsa131-2.patch
    CVE-2015-4106-xsa131-3.patch
    CVE-2015-4106-xsa131-4.patch
    CVE-2015-4106-xsa131-5.patch
    CVE-2015-4106-xsa131-6.patch
    CVE-2015-4106-xsa131-7.patch
    CVE-2015-4106-xsa131-8.patch
    CVE-2015-4106-xsa131-9.patch
  - bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
    qemu MSI-X pass-through error messages
    CVE-2015-4105-xsa130.patch
  - bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask
    bits inadvertently exposed to guests
    CVE-2015-4104-xsa129.patch
  - bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential
    unintended writes to host MSI message data field via qemu
    CVE-2015-4103-xsa128.patch
  - Upstream patches from Jan
    5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
    556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
    556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
    556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
    556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
    556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch
* Wed May 20 2015 ohering@suse.de
  - Add DefaultDependencies=no to xen-dom0-modules.service because
    it has to run before proc-xen.mount
* Tue May 19 2015 carnold@suse.com
  - Update to Xen 4.5.1 RC1
* Fri May 15 2015 ohering@suse.de
  - Update blktap-no-uninit.patch to work with gcc-4.5
* Mon May 11 2015 carnold@suse.com
  - bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through
    XEN_DOMCTL_gettscinfo (XSA-132)
    5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
* Thu May 07 2015 carnold@suse.com
  - bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu
    floppy driver host code execution
    CVE-2015-3456-xsa133-qemuu.patch
    CVE-2015-3456-xsa133-qemut.patch
* Mon Apr 27 2015 carnold@suse.com
  - bsc#928783 - Reboot failure; Request backport of upstream Xen
    patch to 4.5.0, or update pkgs to 4.5.1
    5513b458-allow-reboot-overrides-when-running-under-EFI.patch
    5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
* Tue Apr 21 2015 ohering@suse.de
  - bnc#927750 - Avoid errors reported by system-modules-load.service
* Wed Apr 08 2015 rguenther@suse.com
  - Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively
    turn errors back to warnings to fix build with GCC 5.
  - Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to
    avoid implicit-fortify-decl rpmlint error.
  - Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.
* Fri Apr 03 2015 carnold@suse.com
  - xentop: Fix memory leak on read failure
    551ac326-xentop-add-support-for-qdisk.patch
* Tue Mar 31 2015 carnold@suse.com
  - Dropped xentop-add-support-for-qdisk.patch in favor of upstream
    version
    551ac326-xentop-add-support-for-qdisk.patch
* Mon Mar 16 2015 carnold@suse.com
  - Enable spice support in qemu for x86_64
    5124efbe-add-qxl-support.patch
    qemu-xen-enable-spice-support.patch
* Thu Mar 12 2015 rguenther@suse.com
  - Add xen-c99-fix.patch to remove pointless inline specifier on
    function declarations which break build with a C99 compiler which
    GCC 5 is by default. (bsc#921994)
  - Add ipxe-no-error-logical-not-parentheses.patch to supply
    - Wno-logical-not-parentheses to the ipxe build to fix
    breakage with GCC 5. (bsc#921994)
* Wed Mar 11 2015 carnold@suse.com
  - bnc#921842 - Xentop doesn't display disk statistics for VMs using
    qdisks
    xentop-add-support-for-qdisk.patch
* Tue Feb 24 2015 meissner@suse.com
  - Disable the PIE enablement done for Factory, as the XEN code
    is not buildable with PIE and it does not make much sense
    to build the hypervisor code with it.
* Tue Feb 17 2015 carnold@suse.com
  - bnc#918169 - XEN fixes required to work with Kernel 3.19.0
    xen.spec
* Tue Feb 10 2015 ohering@suse.de
  - Package xen.changes because its referenced in xen.spec
* Wed Jan 28 2015 carnold@suse.com
  - Update seabios to rel-1.7.5 which is the correct version for
    Xen 4.5
* Wed Jan 14 2015 carnold@suse.com
  - Update to Xen 4.5.0 FCS
* Wed Jan 14 2015 ohering@suse.de
  - Include systemd presets in 13.2 and older
* Mon Jan 12 2015 ohering@suse.de
  - bnc#897352 - Enable xencommons/xendomains only during fresh install
  - disable restart on upgrade because the toolstack is not restartable
* Tue Dec 16 2014 ohering@suse.de
  - adjust seabios, vgabios, stubdom and hvmloader build to reduce
    build-compare noise
    xen.build-compare.mini-os.patch
    xen.build-compare.smbiosdate.patch
    xen.build-compare.ipxe.patch
    xen.build-compare.vgabios.patch
    xen.build-compare.seabios.patch
    xen.build-compare.man.patch
* Mon Dec 15 2014 carnold@suse.com
  - Update to Xen 4.5.0 RC4
* Wed Dec 10 2014 ohering@suse.de
  - Remove xend specific if-up scripts
    Recording bridge slaves is a generic task which should be handled
    by generic network code
* Tue Dec 09 2014 ohering@suse.de
  - Use systemd features from upstream
    requires updated systemd-presets-branding package
* Thu Dec 04 2014 carnold@suse.com
  - Update to Xen 4.5.0 RC3
* Thu Dec 04 2014 ohering@suse.de
  - Set GIT, WGET and FTP to /bin/false
* Wed Dec 03 2014 ohering@suse.de
  - Use new configure features instead of make variables
    xen.stubdom.newlib.patch
* Wed Nov 19 2014 ohering@suse.de
  - adjust docs and xen build to reduce build-compare noise
    xen.build-compare.doc_html.patch
    xen.build-compare.xen_compile_h.patch
* Mon Nov 17 2014 ohering@suse.de
  - Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise
* Tue Nov 11 2014 carnold@suse.com
  - Update to Xen 4.5.0 RC2
* Thu Oct 23 2014 carnold@suse.com
  - Update to Xen 4.5.0 RC1
    xen-4.5.0-testing-src.tar.bz2
  - Remove all patches now contained in the new tarball
    xen-4.4.1-testing-src.tar.bz2
    5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch
    5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch
    53299d8f-xenconsole-reset-tty-on-failure.patch
    53299d8f-xenconsole-tolerate-tty-errors.patch
    5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
    53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
    537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch
    537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
    537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch
    539ebe62-x86-EFI-improve-boot-time-diagnostics.patch
    53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
    53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
    53d124e7-fix-list_domain_details-check-config-data-length-0.patch
    53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
    53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
    53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
    53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
    53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
    53fcebab-xen-pass-kernel-initrd-to-qemu.patch
    53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
    53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
    53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
    53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
    53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
    54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
    540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch
    540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch
    541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch
    541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch
    541ad3ca-x86-HVM-batch-vCPU-wakeups.patch
    541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
    54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch
    54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch
    542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch
    54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
    5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
    5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
    542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
    542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch
    54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
    54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
    54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
    54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
    54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch
    54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch
    CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch
    qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch
    libxc-pass-errno-to-callers-of-xc_domain_save.patch
    libxl.honor-more-top-level-vfb-options.patch
    libxl.add-option-for-discard-support-to-xl-disk-conf.patch
    libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
    x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch
    xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch
  - Xend/xm is no longer supported and is not part of the upstream code. Remove
    all xend/xm specific patches, configs, and scripts
    xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh
    init.xend xend-relocation.sh xend.service xend-relocation-server.fw
    domUloader.py xmexample.domUloader xmexample.disks
    bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch
    network-nat-open-SuSEfirewall2-FORWARD.patch
    xend-set-migration-constraints-from-cmdline.patch
    xen.migrate.tools-xend_move_assert_to_exception_block.patch
    xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch
    xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch
    xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch
    xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch
    xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch
    xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch
    xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch
    xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch
    xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch
    xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch
    xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch
    xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch
    xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch
    tmp-initscript-modprobe.patch init.xendomains xendomains.service
    xen-watchdog.service xen-updown.sh
* Thu Oct 16 2014 carnold@suse.com
  - bnc#901317 - L3: increase limit domUloader to 32MB
    domUloader.py
* Tue Oct 14 2014 carnold@suse.com
  - bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF
    device (SR-IOV) to guest
    54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
  - bnc#882089 - Windows 2012 R2 fails to boot up with greater than
    60 vcpus
    54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
  - bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d
    Interrupt Remapping engines can be evaded by native NMI interrupts
    541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
  - Upstream patches from Jan
    540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch)
    54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch)
    54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch)
    542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch)
    54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
    5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
    5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
    542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
    542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch)
    54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
    54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
    54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch)
    54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch

Files

/usr/lib64/libxencall.so.1
/usr/lib64/libxencall.so.1.3
/usr/lib64/libxenctrl.so.4.18
/usr/lib64/libxenctrl.so.4.18.0
/usr/lib64/libxendevicemodel.so.1
/usr/lib64/libxendevicemodel.so.1.4
/usr/lib64/libxenevtchn.so.1
/usr/lib64/libxenevtchn.so.1.2
/usr/lib64/libxenforeignmemory.so.1
/usr/lib64/libxenforeignmemory.so.1.4
/usr/lib64/libxenfsimage.so.4.18
/usr/lib64/libxenfsimage.so.4.18.0
/usr/lib64/libxengnttab.so.1
/usr/lib64/libxengnttab.so.1.2
/usr/lib64/libxenguest.so.4.18
/usr/lib64/libxenguest.so.4.18.0
/usr/lib64/libxenhypfs.so.1
/usr/lib64/libxenhypfs.so.1.0
/usr/lib64/libxenlight.so.4.18
/usr/lib64/libxenlight.so.4.18.0
/usr/lib64/libxenstat.so.4.18
/usr/lib64/libxenstat.so.4.18.0
/usr/lib64/libxenstore.so.4
/usr/lib64/libxenstore.so.4.0
/usr/lib64/libxentoolcore.so.1
/usr/lib64/libxentoolcore.so.1.0
/usr/lib64/libxentoollog.so.1
/usr/lib64/libxentoollog.so.1.0
/usr/lib64/libxenvchan.so.4.18
/usr/lib64/libxenvchan.so.4.18.0
/usr/lib64/libxlutil.so.4.18
/usr/lib64/libxlutil.so.4.18.0
/usr/lib64/xenfsimage
/usr/lib64/xenfsimage/ext2fs
/usr/lib64/xenfsimage/ext2fs/fsimage.so
/usr/lib64/xenfsimage/fat
/usr/lib64/xenfsimage/fat/fsimage.so
/usr/lib64/xenfsimage/iso9660
/usr/lib64/xenfsimage/iso9660/fsimage.so
/usr/lib64/xenfsimage/reiserfs
/usr/lib64/xenfsimage/reiserfs/fsimage.so
/usr/lib64/xenfsimage/ufs
/usr/lib64/xenfsimage/ufs/fsimage.so
/usr/lib64/xenfsimage/xfs
/usr/lib64/xenfsimage/xfs/fsimage.so
/usr/lib64/xenfsimage/zfs
/usr/lib64/xenfsimage/zfs/fsimage.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 20:06:21 2024