L1 Terminal Fault speculative side channel patch bundle [XSA-273,
CVE-2018-3620, CVE-2018-3646]
Use of v2 grant tables may cause crash on ARM [XSA-268]
x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS [XSA-269]
oxenstored does not apply quota-maxentity [XSA-272]
no longer need to set python_sitearch