xen: remove XSA_458 patch

    })

  ];

  # Xen Security Advisory #458: (4.16.6 - 4.19-rc3)

  "XSA_458" = xsaPatch {

    id = "458";

    title = "Double unlock in x86 guest IRQ handling";

    description = ''

      An optional feature of PCI MSI called "Multiple Message" allows a device

      to use multiple consecutive interrupt vectors.  Unlike for MSI-X, the

      setting up of these consecutive vectors needs to happen all in one go.

      In this handling an error path could be taken in different situations,

      with or without a particular lock held. This error path wrongly releases

      the lock even when it is not currently held.

    '';

    cve = [ "CVE-2024-31143" ];

    hash = "sha256-yHI9Sp/7Ed40iIYQ/HOOIULlfzAzL0c0MGqdF+GR+AQ=";

  };

  # Xen Security Advisory #460: (4.16.6 - 4.19.0)

  "XSA_460" = xsaPatch {

    id = "460";

    echo -e "Found the following patches:\n  \e[1;32mXen\e[0m:     \e[1;33m$discoveredXenPatchesEcho\e[0m\n  \e[1;36mQEMU\e[0m:    \e[1;33m$discoveredQEMUPatchesEcho\e[0m\n  \e[1;36mSeaBIOS\e[0m: \e[1;33m$discoveredSeaBIOSPatchesEcho\e[0m\n  \e[1;36mOVMF\e[0m:    \e[1;33m$discoveredOVMFPatchesEcho\e[0m\n  \e[1;36miPXE\e[0m:    \e[1;33m$discoveredIPXEPatchesEcho\e[0m"

    # Prepare patches that are called in ./patches.nix.

    defaultPatchListInit=("QUBES_REPRODUCIBLE_BUILDS" "XSA_458" "XSA_460" "XSA_461" )

    defaultPatchListInit=("QUBES_REPRODUCIBLE_BUILDS" "XSA_460" "XSA_461" )

    read -r -a defaultPatchList -p $'\nWould you like to override the \e[1;34mupstreamPatches\e[0m list for \e[1;32mXen '"$version"$'\e[0m? If no, press \e[1;34menter\e[0m to use the default patch list: [ \e[1;34m'"${defaultPatchListInit[*]}"$' \e[0m]: '

    defaultPatchList=(${defaultPatchList[@]:-${defaultPatchListInit[@]}})

    upstreamPatches=${defaultPatchList[*]}