xen (4.21~rc1-1+ub26u04.1) resolute; urgency=medium

  * HEAD @ eff32008be0d2718d32
    Update Xen version to 4.21.0-rc2-Wed 22 Oct 2025 04:01
  * initial build of 4.21~rc2 in resolute, forward port from Noble
    still using the rc1 tarball with added patches (26)
  * XSA-475
    0017-x86-viridian-Enforce-bounds-check-in-vpmask_set.diff:This is XSA-475 / CVE-2025-58147.
    0018-x86-viridian-Enforce-bounds-check-in-send_ipi.diff:This is XSA-475 / CVE-2025-58148.

 -- Mark Pryor <pryorm09@gmail.com>  Fri, 24 Oct 2025 10:22:11 -0700

xen (4.21~rc1-1+ub24u04.1) noble; urgency=medium

  * HEAD @ d1478321eacbfca57c3
    Update Xen version to 4.21.0-rc1-Tue 7 Oct 2025 07:13
  * initial build of rc1, ported from trixie
  * removed: qemu-xen-traditional
  * d/control: prefer libjson-c over yajl
  * tools/libacpi/Makefile: mk_dsdt, add --dm-version

 -- Mark Pryor <pryorm09@gmail.com>  Fri, 10 Oct 2025 08:51:22 -0700

xen (4.20.1-1+ub24u04.3) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ ae992e68d3ed7a177
    CI: Create initrd fragments explicitly as root-Wed 10 Sep 2025 09:19
  * XSA-472
    0035-x86-viridian-avoid-NULL-pointer-dereference-in-update.diff:This is CVE-2025-27466 / part of XSA-472.
    0036-x86-viridian-avoid-NULL-pointer-dereference-in-viridi.diff:This is CVE-2025-58142 / part of XSA-472.
    0037-x86-viridian-protect-concurrent-modification-of-the-r.diff:This is CVE-2025-58143 / part of XSA-472.
  * XSA-473
    0038-Arm-foreign-page-handling-in-p2m_get_page_from_gfn.diff:This is CVE-2025-58144 / part of XSA-473.
    0039-Arm-adjust-locking-in-p2m_get_page_from_gfn.diff:This is CVE-2025-58145 / part of XSA-473.

 -- Mark Pryor <pryorm09@gmail.com>  Wed, 17 Sep 2025 11:11:06 -0700

xen (4.20.1-1+ub24u04.2) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ 69568ab30622ba09a398
    x86/S3: dont lose previously collected CPU data (AMD extra)-Tue 22 Jul 2025 03:42

 -- Mark Pryor <pryorm09@gmail.com>  Tue, 22 Jul 2025 12:32:51 -0700

xen (4.20.1-1+ub24u04.1) noble; urgency=medium

  * HEAD @ 08f043965a7b1047a
    update Xen version to 4.20.1-Wed 9 Jul 2025 06:57
  * initial build of xen-4.20.1
  * XSA-471
    0138-x86-ucode-Digests-for-TSA-microcode.diff:This is part of XSA-471 / CVE-2024-36350 / CVE-2024-36357.
    0139-x86-idle-Rearrange-VERW-and-MONITOR-in-mwait_idle_wit.diff:This is part of XSA-471 / CVE-2024-36350 / CVE-2024-36357.
    0140-x86-spec-ctrl-Mitigate-Transitive-Scheduler-Attacks.diff:This is part of XSA-471 / CVE-2024-36350 / CVE-2024-36357.
  * XSA-470
    9e1309b0f037a6-x86/emul: Fix extable registration in invoke_stub-Tue 1 Jul 2025 04:57
  * all *efi blobs to usr/lib/efi, not ESP

 -- Mark Pryor <pryorm09@gmail.com>  Thu, 10 Jul 2025 13:46:09 -0700

xen (4.20.0-1+ub24u04.5) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ ddec00769cd80a44
    x86/emul: Fix emulation of RDSEED with older toolchains-Fri 16 May 2025 13:34
  * d/control: xen-perf-hypervisor, new package
  * XSA-469
    0100-x86-guest-Remove-use-of-the-Xen-hypercall_page.diff:This is part of XSA-469 / CVE-2024-28956
    0101-x86-thunk-Mis-align-__x86_indirect_thunk_-to-mitigate.diff:This is part of XSA-469 / CVE-2024-28956
    0102-x86-thunk-Mis-align-the-RETs-in-clear_bhb_loops-to-mi.diff:This is part of XSA-469 / CVE-2024-28956
    0103-x86-stubs-Introduce-place_ret-to-abstract-away-raw-0x.diff:This is part of XSA-469 / CVE-2024-28956
    0104-x86-thunk-Build-Xen-with-Return-Thunks.diff:This is part of XSA-469 / CVE-2024-28956
    0105-x86-spec-ctrl-Synthesise-ITS_NO-to-guests-on-unaffect.diff:This is part of XSA-469 / CVE-2024-28956

 -- Mark Pryor <pryorm09@gmail.com>  Mon, 23 Jun 2025 08:42:34 -0700

xen (4.20.0-1+ub24u04.4) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ 35cb38b2220b15e122
    x86: constrain sub-page access length in mmio_ro_emulated_write-Tue 29 Apr 2025 11:47

 -- Mark Pryor <pryorm09@gmail.com>  Tue, 29 Apr 2025 17:53:46 -0700

xen (4.20.0-1+ub24u04.3) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ c607822b5ae946cfc2
    x86/setup: correct off-by-1 in module mapping-Thu 20 Mar 2025 04:55

 -- Mark Pryor <pryorm09@gmail.com>  Thu, 20 Mar 2025 20:04:56 -0700

xen (4.20.0-1+ub24u04.2) noble; urgency=medium

  * remove t64 names, now out-of-transition
    applies to all noble 4.20 xen packages, from here on out

 -- Mark Pryor <pryorm09@gmail.com>  Sun, 09 Mar 2025 09:16:45 -0800

xen (4.20.0-1+ub24u04.1) noble; urgency=medium

  * HEAD @ 3ad5d648cda5add395f
    Update to Xen 4.20-Tue 4 Mar 2025 08:41
  * initial build of 4.20.0
  * XSA-467
    0557-IOMMU-x86-the-bus-to-bridge-lock-needs-to-be-acquired.diff:This is XSA-467 / CVE-2025-1713.

 -- Mark Pryor <pryorm09@gmail.com>  Tue, 04 Mar 2025 17:56:03 -0800

xen (4.20~rc5-1+ub24u04.1) noble; urgency=medium

  * HEAD @ ac8198c532f4e39659d5e5
    Switch to release builds by default-Fri 21 Feb 2025 06:58

 -- Mark Pryor <pryorm09@gmail.com>  Sat, 22 Feb 2025 15:32:09 -0800

xen (4.20~rc2-1+ub24u04.1) noble; urgency=medium

  * HEAD @ 39c45caef271bc2b
    xen/arm: ffa: fix bind/unbind notification-Mon 3 Feb 2025 14:48
  * 4.20 initial rc build
  * qemuu: v9.1.0

 -- Mark Pryor <pryorm09@gmail.com>  Thu, 06 Feb 2025 12:26:43 -0800

xen (4.19.1-1+ub24u04.1) noble; urgency=medium

  * HEAD @ ccf400846780289ae779
    update Xen version to 4.19.1-Tue 3 Dec 2024 23:52
  * qemuu: v8.0.5

 -- Mark Pryor <pryorm09@gmail.com>  Sat, 14 Dec 2024 15:42:48 -0800

xen (4.19.0-1+ub24u04.4) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ 6a0ef94a8fcd7dfb0
    x86/mm: ensure L2 is always freed if empty-Mon 25 Nov 2024 03:03
  * XSA-463
    0070-x86-HVM-drop-stdvga-s-cache-struct-member.diff:This is part of XSA-463 / CVE-2024-45818
    0071-x86-HVM-drop-stdvga-s-stdvga-struct-member.diff:This is part of XSA-463 / CVE-2024-45818
    0072-x86-HVM-remove-unused-MMIO-handling-code.diff:This is part of XSA-463 / CVE-2024-45818
    0073-x86-HVM-drop-stdvga-s-gr-struct-member.diff:This is part of XSA-463 / CVE-2024-45818
    0074-x86-HVM-drop-stdvga-s-sr-struct-member.diff:This is part of XSA-463 / CVE-2024-45818
    0075-x86-HVM-drop-stdvga-s-g-s-r_index-struct-members.diff:This is part of XSA-463 / CVE-2024-45818
    0076-x86-HVM-drop-stdvga-s-vram_page-struct-member.diff:This is part of XSA-463 / CVE-2024-45818
    0077-x86-HVM-drop-stdvga-s-lock-struct-member.diff:This is part of XSA-463 / CVE-2024-45818
  * XSA-464
    0079-libxl-Use-zero-ed-memory-for-PVH-acpi-tables.diff:This is XSA-464 / CVE-2024-45819.

 -- Mark Pryor <pryorm09@gmail.com>  Mon, 25 Nov 2024 08:36:58 -0800

xen (4.19.0-1+ub24u04.3) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ 2c61ab407172682e13
    xen/ucode: Fix buffer under-run when parsing AMD containers-Tue 24 Sep 2024 05:44
  * XSA-462
    0015-x86-vLAPIC-prevent-undue-recursion-of-vlapic_error.

 -- Mark Pryor <pryorm09@gmail.com>  Tue, 24 Sep 2024 12:33:02 -0700

xen (4.19.0-1+ub24u04.2) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ 0918434e0fbee48c9
    automation: use expect to run QEMU-Fri 16 Aug 2024 15:20
  * XSA-460
    0011-x86-IOMMU-move-tracking-in-iommu_identity_mapping.diff:This is XSA-460 / CVE-2024-31145.
  * XSA-461
    0012-x86-pass-through-documents-as-security-unsupported-wh.diff:This is XSA-461 / CVE-2024-31146

 -- Mark Pryor <pryorm09@gmail.com>  Tue, 20 Aug 2024 09:31:10 -0700

xen (4.19.0-1+ub24u04.1) noble; urgency=medium

  * HEAD @ 026c9fa29716b0ff0f8
    Set 4.19 version-Mon 29 Jul 2024 10:20
  * initial build of 4.19.0

 -- Mark Pryor <pryorm09@gmail.com>  Tue, 30 Jul 2024 07:47:39 -0700

xen (4.19~rc3-1+ub24u04.4) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ 2d7b6170cc69f8a1a
    hotplug: Restore block-tap phy compatibility, again-Wed 24 Jul 2024 02:53
  * XSA-458
    0025-x86-IRQ-avoid-double-unlock-in-map_domain_pirq.patch:This is CVE-2024-31143 / XSA-458

 -- Mark Pryor <pryorm09@gmail.com>  Sat, 27 Jul 2024 08:21:33 -0700

xen (4.19~rc3-1+ub24u04.3) noble; urgency=medium

  * Non-maintainer upload.
  * libs.mk: fully leaf to 4.19

 -- Mark Pryor <pryorm09@gmail.com>  Mon, 22 Jul 2024 10:34:18 -0700

xen (4.19~rc3-1+ub24u04.2) noble; urgency=medium

  * Non-maintainer upload.
  * no debug build
    xen_perf_fix, add: # CONFIG_SELF_TESTS is not set

 -- Mark Pryor <pryorm09@gmail.com>  Fri, 19 Jul 2024 13:41:22 -0700

xen (4.19~rc3-1+ub24u04.1) noble; urgency=medium

  * HEAD @ 1ddc8c1bad93aa6cbf
    CI: Add Ubuntu 22.04-Jammy and 24.04-Noble testing-Fri 12 Jul 2024 10:58

 -- Mark Pryor <pryorm09@gmail.com>  Mon, 15 Jul 2024 16:44:50 -0700

xen (4.19~rc1-1+ub24u04.1) noble; urgency=medium

  * HEAD @ 4a73eb4c205d6b2d3e44f3f
    Update Xen version to 4.19-rc-Mon 1 Jul 2024 10:31
  * initial proto build of 4.19~rc
  * remove qemuu-uncom package from d/control and d/rules.real
    remove pygrub compatibility symlink
  * revert to libxenmisc4.19 & libxenfsutl4.19, post t64 transition
    set: debhelper-compat (=13) in d/control
 
 -- Mark Pryor <pryorm09@gmail.com>  Wed, 10 Jul 2024 08:44:31 -0700

xen (4.18.2-1+ub24u04.2) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ 01f7a3c792241d348a4
    update Xen version to 4.18.3-pre-Tue 21 May 2024 02:52

 -- Mark Pryor <pryorm09@gmail.com>  Sun, 26 May 2024 13:14:03 -0700

xen (4.18.2-1+ub24u04.1) noble; urgency=medium

  * HEAD @ b2863e468e8119664be6
    Update Xen version to 4.18.2-Tue 9 Apr 2024 08:45
  * XSA-454
    0015-x86-HVM-clear-upper-halves-of-GPRs-upon-entry-from-32.diff:This is part of XSA-454 / CVE-2023-46842.
    0016-hypercall_xlat_continuation-Replace-BUG_ON-with-domai.diff:This is part of XSA-454 / CVE-2023-46842.
  * XSA-455
    0017-x86-spec-ctrl-Fix-BTC-SRSO-mitigations.diff:This is XSA-455 / CVE-2024-31142.
    0038-x86-spec-ctrl-Rename-spec_ctrl_flags-to-scf.diff:XSA-455 was ultimately caused by having fields with too-similar names.
    0046-x86-Use-indirect-calls-in-reset-stack-infrastructure.diff:Luckily due to XSA-348, all C target functions of reset_stack_and_jump_ind()
  * XSA-456
    0046-x86-Use-indirect-calls-in-reset-stack-infrastructure.diff:This is part of XSA-456 / CVE-2024-2201.
    0047-x86-Drop-INDIRECT_JMP.diff:This is part of XSA-456 / CVE-2024-2201.
    0048-x86-tsx-Expose-RTM_ALWAYS_ABORT-to-guests.diff:This is part of XSA-456 / CVE-2024-2201.
    0049-x86-spec-ctrl-Support-BHI_DIS_S-in-order-to-mitigate-.diff:This is part of XSA-456 / CVE-2024-2201.
    0050-x86-spec-ctrl-Software-BHB-clearing-sequences.diff:This is part of XSA-456 / CVE-2024-2201.
    0051-x86-spec-ctrl-Wire-up-the-Native-BHI-software-sequenc.diff:This is part of XSA-456 / CVE-2024-2201.
    0052-x86-spec-ctrl-Support-the-long-BHB-loop-sequence.diff:This is part of XSA-456 / CVE-2024-2201.
 
 -- Mark Pryor <pryorm09@gmail.com>  Mon, 22 Apr 2024 07:44:00 -0700

xen (4.18.1-1+ub24u04.4) noble; urgency=medium

  * Non-maintainer upload.
  * HEAD @ 17cf285d87e28a9ee
    tests/resource: Fix HVM guest in SHADOW builds-Tue 2 Apr 2024 07:23

 -- Mark Pryor <pryorm09@gmail.com>  Thu, 18 Apr 2024 7:50:33 -0700

xen (4.18.1-1+ub24u04.3) noble; urgency=medium

  * Non-maintainer upload.
  * post mass rebuild

 -- Mark Pryor <pryorm09@gmail.com>  Sat, 06 Apr 2024 10:33:24 -0700

xen (4.18.1-1+ub24u04.2) noble; urgency=medium

  * Non-maintainer upload.
  * final time64 build

 -- Mark Pryor <pryorm09@gmail.com>  Fri, 29 Mar 2024 07:48:46 -0700

xen (4.18.1-1+ub24u04.1) noble; urgency=medium

  * HEAD @ ea82c8cdbfe5a6e3bb60
    update Xen version to 4.18.1-Mon 18 Mar 2024 01:27
  * 4.18.1 initial release
  * qemuu: v8.0.4+1-1+ub24u04.1
  * ported from sid/unstable, with time64 support

 -- Mark Pryor <pryorm09@gmail.com>  Wed, 20 Mar 2024 15:03:22 -0700
