(https://pastebin.ubuntu.com/p/b5hgJggtSp/) ## ## NOTES USING CHANGELOG FILE ## qemu (1:4.2-1ubuntu1) focal; urgency=medium * Merge with Debian testing, Among many other things this fixes LP Bugs: ok LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc ok LP: #1812822 - avoid crashes on detaching vhost_net interfaces Remaining changes: ok - qemu-kvm to systemd unit ok - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, huge... ok - d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-... ok - d/qemu-system-common.install: install helper script ok - d/qemu-system-common.maintscript: clean old sysv and upstart scripts ok - d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm ok - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm ok - Distribution specific machine type (LP: 1304107 1621042) ok - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types ok - d/qemu-system-x86.NEWS Info on fixed machine type definitions for ... ok - add an info about -hpb machine type in debian/qemu-system-x86.NEWS ok - provide pseries-bionic-2.11-sxxm type as convenience with all melt... ok - improved dependencies ok - Make qemu-system-common depend on qemu-block-extra ok - Make qemu-utils depend on qemu-block-extra ok - let qemu-utils recommend sharutils ok - s390x support ok - Create qemu-system-s390x package ok - Enable numa support for s390x ok - d/rules: build s390-ccw.img with upstream Makefile ok - d/rules: build s390-netboot.img with upstream Makefile -- - arch aware kvm wrappers ?? (are you blocking one to run QEMU/KVM on Power8 because sec issues only ?) ?? (is that something worth doing by default ?) ok - d/control: update VCS links ok - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) ok - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types ... ok - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to ... ok - d/control-in: Disable capstone disassembler library support (universe) ok - d/control: disable bluetooth being deprecated ok - d/not-installed: ignore new interop docs and extra icons for now ok - d/not-installed: do not install elf2dmp until namespaced ?? (out of curiosity only, what do you mean by elf2dmp being namespaced ?) ok - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap ok - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617) -- - d/binfmt-update-in: fix binfmt being called in some containers ... ?? (is this upstreamable ?) - Dropped changes (in Debian) ok - qemu-guest-agent: freeze-hook fixes (LP: 1484990) ok - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook ok - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d -- - d/control-in: enable RDMA support in qemu (LP: 1692476) -- - enable RDMA config option -- - add libibumad-dev build-dep ?? (why ? was support dropped from upstream ? is it just us ?) ok - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back... ok - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945) ok - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga ok - d/rules: fix qemu-kvm service for debhelper compat >=12 ok - Refreshed patches for v4.0 context changes ok - d/control*: remove sdlabi which was removed upstream ok - d/control*: enable docs (now explicit) and provide new build-dep ... ok - d/qemu-system-data.install: use new paths for formerly used icons ok - Merge with Upstream release of qemu 4.0 ok - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch - Dropped changes (Upstream) ok - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243) ok - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238) ok - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch: fix ... ok - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector ... ok - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues ... ok - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer ... ok - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags (LP 1... ok - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.p... ok - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.p... ok - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*: ... ok - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch ... ok - SECURITY UPDATE: Add support for exposing md-clear functionality to guests ok - d/p/ubuntu/enable-md-clear.patch ok - d/p/ubuntu/enable-md-no.patch ok - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 ok - SECURITY UPDATE: heap overflow when loading device tree blob ok - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to ... ok - CVE-2018-20815 ok - SECURITY UPDATE: device driver denial of service via NULL pointer der... ok - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read' routine ok - CVE-2019-5008 ok - SECURITY UPDATE: information leak in SLiRP ok - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when emulating ... ok - CVE-2019-9824 ok - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimpl... !! (typo: archicture, prob from upstream) * Dropped changes (no more needed) ok - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for mv_conf... [ only needed between disco and eoan ] ok - disable pvrdma ok [ CVEs all fixed now ] !! (does this mean we now have the pvrdma feature ? should we highlight that ?) ok - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: av... [ qemu now detects and handles nesting - needs kernel >=4.20 ] ok - Enable nesting by default ok - d/qemu-system-x86.modprobe: set nested=1 module option on intel. ... ok - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded ... ok - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default ... ok - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default... ok - d/qemu-system-x86.README.Debian: document intention of nested being ... [ nesting is default in kernel modules and default selected cpu types ] * Added changes ok - d/control: regenerate debian/control out of control-in ok - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal ok - added ubuntu focal types for qemu 4.2 ok - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type ok - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model (LP: #1857033) ok - d/qemu-system-x86.README.Debian: add info abou nesting changes !! (abou <- typo) ok - d/control*, d/rules: disable xen by default, but provide universe pac... ok - fix typos in changelog and d/qemu-system-x86.NEWS ?? (maybe remove typo changes as they are not important for changelog ?) ok - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527) -- Christian Ehrhardt