Merge ~paelzer/ubuntu/+source/qemu:merge-5.2-3 into ubuntu/+source/qemu:debian/sid

Proposed by Christian Ehrhardt  on 2021-01-05
Status: Merged
Approved by: Christian Ehrhardt  on 2021-01-06
Approved revision: c16535e7eb7efe1ee38a82554f7049d352b98379
Merge reported by: Bryce Harrington
Merged at revision: c16535e7eb7efe1ee38a82554f7049d352b98379
Proposed branch: ~paelzer/ubuntu/+source/qemu:merge-5.2-3
Merge into: ubuntu/+source/qemu:debian/sid
Diff against target: 6336 lines (+5677/-30)
16 files modified
debian/changelog (+4229/-4)
debian/control (+88/-17)
debian/control-in (+59/-8)
debian/patches/series (+6/-0)
debian/patches/ubuntu/define-ubuntu-machine-types.patch (+784/-0)
debian/patches/ubuntu/enable-svm-by-default.patch (+34/-0)
debian/patches/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch (+76/-0)
debian/patches/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch (+62/-0)
debian/qemu-kvm-init (+89/-0)
debian/qemu-system-common.install (+1/-0)
debian/qemu-system-common.qemu-kvm.default (+8/-0)
debian/qemu-system-common.qemu-kvm.service (+16/-0)
debian/qemu-system-gui.prerm (+42/-0)
debian/qemu-system-x86.NEWS (+80/-0)
debian/qemu-system-x86.README.Debian (+47/-0)
debian/rules (+56/-1)
Reviewer Review Type Date Requested Status
Paride Legovini (community) 2021-01-05 Approve on 2021-01-06
Canonical Server Team 2021-01-05 Pending
Ubuntu Server Dev import team 2021-01-05 Pending
Review via email: mp+395776@code.launchpad.net
To post a comment you must log in.
Christian Ehrhardt  (paelzer) wrote :

Logical tag for the old delta => logical-1%5.2+dfsg-2ubuntu1
This time all delta is retained as-is, only the usual regenerate of d/control and the new changelog entries.

Christian Ehrhardt  (paelzer) wrote :

 * [new tag] logical-1%5.2+dfsg-2ubuntu1 -> logical-1%5.2+dfsg-2ubuntu1

c16535e... by Christian Ehrhardt  on 2021-01-05

changelog: lp-1907789-build-no-pie-is-no-functional-liker-flag.patch is still needed until 6.0 is released

Signed-off-by: Christian Ehrhardt <email address hidden>

Christian Ehrhardt  (paelzer) wrote :

Why do things that worked need to break ... sigh.
There is a build error (that wasn't there yesterday) around sys/kcov.h/timer_create/openpty - looks like some lib changes. I'll need to get that fixed before I can fully build & test it.

Christian Ehrhardt  (paelzer) wrote :

Could have been #979322, rebuilding against libcacard (1:2.8.0-1ubuntu1)

Christian Ehrhardt  (paelzer) wrote :

It was indeed that issue, the builds seem to be green now (3 still running)

Paride Legovini (paride) wrote :

* Changelog:
  - [✓] old content and logical tag match as expected
  - [✓] changelog entry correct version and targeted codename
  - [✓] changelog entries correct
  - [✓] update-maintainer has been run

* Actual changes:
  - [✓] no upstream changes to consider
  - [✓] no further upstream version to consider
  - [✓] debian changes look safe

* Old Delta:
  - [ ] dropped changes are ok to be dropped
  - [✓] nothing else to drop
  - [ ] changes forwarded upstream/debian (if appropriate)

* New Delta:
  - [✓] no new patches added
  - [ ] patches match what was proposed upstream
  - [ ] patches correctly included in debian/patches/series
  - [ ] patches have correct DEP3 metadata

* Build/Test:
  - [✓] build is ok
  - [✓] verified PPA package installs/uninstalls
  - [ ] autopkgtest against the PPA package passes
  - [✓] sanity checks test fine

review: Approve
Christian Ehrhardt  (paelzer) wrote :

Thanks!

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading qemu_5.2+dfsg-3ubuntu1.dsc: done.
  Uploading qemu_5.2+dfsg-3ubuntu1.debian.tar.xz: done.
  Uploading qemu_5.2+dfsg-3ubuntu1_source.buildinfo: done.
  Uploading qemu_5.2+dfsg-3ubuntu1_source.changes: done.
Successfully uploaded packages.

 * [new tag] upload/1%5.2+dfsg-3ubuntu1 -> upload/1%5.2+dfsg-3ubuntu1

Bryce Harrington (bryce) wrote :

 qemu | 1:5.2+dfsg-3ubuntu1 | hirsute | source

This has migrated

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 2b6ae16..8b87d5e 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,55 @@
6+qemu (1:5.2+dfsg-3ubuntu1) hirsute; urgency=medium
7+
8+ * Merge with Debian unstable, includes fixes for
9+ - qemu-user-static are partially dynamically linked (LP: #1908331)
10+ - qemu crashing when using spice without qemu-system-gui being
11+ installed (LP: #1908577)
12+ Remaining changes:
13+ - qemu-kvm to systemd unit
14+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
15+ hugepages and architecture specifics
16+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
17+ qemu-kvm-init
18+ - d/qemu-system-common.install: install helper script
19+ - d/qemu-system-common.qemu-kvm.default: defaults for
20+ /etc/default/qemu-kvm
21+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
22+ - Distribution specific machine type (LP: 1304107 1621042)
23+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
24+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
25+ for host-phys-bits=true (LP: 1776189)
26+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
27+ - provide pseries-bionic-2.11-sxxm type as convenience with all
28+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
29+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
30+ - Enable nesting by default
31+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
32+ in qemu64 on amd
33+ [ No more strictly needed, but required for backward compatibility ]
34+ - improved dependencies
35+ - Make qemu-system-common depend on qemu-block-extra
36+ - Make qemu-utils depend on qemu-block-extra
37+ - let qemu-utils recommend sharutils
38+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
39+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
40+ reference 256k path
41+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
42+ handle incoming migrations from former releases.
43+ - d/control-in: Disable capstone disassembler library support (universe)
44+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
45+ - d/control*, d/rules: disable xen by default, but provide universe
46+ package qemu-system-x86-xen as alternative
47+ [includes compat links changes of 5.0-5ubuntu4]
48+ - allow qemu to load old modules post upgrade (LP 1847361)
49+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
50+ - d/rules: Drop generating package version into maintainer scripts
51+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
52+ the bad old prerm (LP 1906245 1905377)
53+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
54+ ld usage of -no-pie (LP 1907789)
55+
56+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jan 2021 12:43:42 +0100
57+
58 qemu (1:5.2+dfsg-3) unstable; urgency=medium
59
60 [ Christian Ehrhardt ]
61@@ -14,6 +66,64 @@ qemu (1:5.2+dfsg-3) unstable; urgency=medium
62
63 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 29 Dec 2020 15:07:03 +0300
64
65+qemu (1:5.2+dfsg-2ubuntu1) hirsute; urgency=medium
66+
67+ * Merge with Debian unstable
68+ - includes fix for CVE-2020-17380
69+ - includes a fix for s390x PCI device reset (LP: #1907656)
70+ Remaining changes:
71+ - qemu-kvm to systemd unit
72+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
73+ hugepages and architecture specifics
74+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
75+ qemu-kvm-init
76+ - d/qemu-system-common.install: install helper script
77+ - d/qemu-system-common.qemu-kvm.default: defaults for
78+ /etc/default/qemu-kvm
79+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
80+ - Distribution specific machine type (LP: 1304107 1621042)
81+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
82+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
83+ for host-phys-bits=true (LP: 1776189)
84+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
85+ - provide pseries-bionic-2.11-sxxm type as convenience with all
86+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
87+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
88+ - Enable nesting by default
89+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
90+ in qemu64 on amd
91+ [ No more strictly needed, but required for backward compatibility ]
92+ - improved dependencies
93+ - Make qemu-system-common depend on qemu-block-extra
94+ - Make qemu-utils depend on qemu-block-extra
95+ - let qemu-utils recommend sharutils
96+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
97+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
98+ reference 256k path
99+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
100+ handle incoming migrations from former releases.
101+ - d/control-in: Disable capstone disassembler library support (universe)
102+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
103+ - d/control*, d/rules: disable xen by default, but provide universe
104+ package qemu-system-x86-xen as alternative
105+ [includes compat links changes of 5.0-5ubuntu4]
106+ - allow qemu to load old modules post upgrade (LP 1847361)
107+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
108+ - d/rules: Drop generating package version into maintainer scripts
109+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
110+ the bad old prerm (LP 1906245 1905377)
111+ * Dropped Changes:
112+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
113+ resolved in gcc-10 (LP: 1890435) [it is flaky still, but no more 100%
114+ fails]
115+ * Added Changes:
116+ - Refreshed ubuntu machine types for hirsute@5.2
117+ - d/control: regenerated from d/control-in
118+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
119+ ld usage of -no-pie (LP: #1907789)
120+
121+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Dec 2020 16:44:47 +0100
122+
123 qemu (1:5.2+dfsg-2) unstable; urgency=medium
124
125 * move ui-opengl.so module from qemu-system-gui to qemu-system-common,
126@@ -59,6 +169,153 @@ qemu (1:5.2+dfsg-1) unstable; urgency=medium
127
128 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 09 Dec 2020 08:57:41 +0300
129
130+qemu (1:5.1+dfsg-4ubuntu3) hirsute; urgency=medium
131+
132+ * d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
133+ the bad old prerm (LP: #1906245)
134+
135+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 30 Nov 2020 12:53:03 +0100
136+
137+qemu (1:5.1+dfsg-4ubuntu2) hirsute; urgency=medium
138+
139+ * Fix upgrade module handling (LP: #1905377)
140+ This was accetped in a slightly different form in qemu_5.0-6 and therefore
141+ allows to drop some former delta that is now conflicting.
142+ Ubuntu still keeps enabling --enable-module-upgrades, but only for
143+ qemu-xen which doesn't exist in Debian
144+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
145+ - d/rules: Drop generating package version into maintainer scripts
146+
147+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Nov 2020 11:16:01 +0100
148+
149+qemu (1:5.1+dfsg-4ubuntu1) hirsute; urgency=medium
150+
151+ * Merge with Debian testing, remaining changes:
152+ Fixes qemu-arm-static Assertion `guest_base != 0' failed (LP: #1897854)
153+ - qemu-kvm to systemd unit
154+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
155+ hugepages and architecture specifics
156+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
157+ qemu-kvm-init
158+ - d/qemu-system-common.install: install helper script
159+ - d/qemu-system-common.qemu-kvm.default: defaults for
160+ /etc/default/qemu-kvm
161+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
162+ - Distribution specific machine type (LP: 1304107 1621042)
163+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
164+ types
165+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
166+ for host-phys-bits=true (LP: 1776189)
167+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
168+ - provide pseries-bionic-2.11-sxxm type as convenience with all
169+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
170+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
171+ - Enable nesting by default
172+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
173+ in qemu64 on amd
174+ [ No more strictly needed, but required for backward compatibility ]
175+ - improved dependencies
176+ - Make qemu-system-common depend on qemu-block-extra
177+ - Make qemu-utils depend on qemu-block-extra
178+ - let qemu-utils recommend sharutils
179+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
180+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
181+ reference 256k path
182+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
183+ handle incoming migrations from former releases.
184+ - d/control-in: Disable capstone disassembler library support (universe)
185+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
186+ - d/control*, d/rules: disable xen by default, but provide universe
187+ package qemu-system-x86-xen as alternative
188+ [includes compat links changes of 5.0-5ubuntu4]
189+ - allow qemu to load old modules post upgrade (LP 1847361)
190+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
191+ upgrade
192+ - d/rules: generate maintainer scripts matching package version on build
193+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
194+ - d/control: regenerate debian/control out of control-in
195+ * Dropped changes [in Debian or no more needed]
196+ - d/control-in: disable pmem on ppc64 as it is currently considered
197+ experimental on that architecture (pmdk v1.8-1)
198+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
199+ - d/rules: report config log from the correct subdir
200+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
201+ - Pick further changes for groovy from debian/master since 5.0-5
202+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
203+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_...patch
204+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
205+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
206+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
207+ - megasas-fix-possible-out-of-bounds-array-access.patch
208+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
209+ - es1370-check-total-frame-count-against-current-...-CVE-2020-13361.patch
210+ - a few patches from the stable series:
211+ - fix-tulip-breakage.patch
212+ - 9p-lock-directory-streams-with-a-CoMutex.patch
213+ Prevent deadlocks in 9pfs readdir code
214+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
215+ Fix newline accidentally sneaked into id string of a nic
216+ - qemu-nbd-close-inherited-stderr.patch
217+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
218+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
219+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
220+ - acpi-tmr-allow-2-byte-reads.patch
221+ - reapply CVE-2020-13253 fixes from upstream
222+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
223+ - linux-user-add-netlink-RTM_SETLINK-command.patch
224+ - d/control: since qemu-system-data now contains module(s),
225+ it can't be multi-arch. Ditto for qemu-block-extra.
226+ - qemu-system-foo: depend on exact version of qemu-system-data,
227+ due to the latter having modules
228+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch'
229+ This is another incarnation of the recent bugfix which actually enabled
230+ memory access constraints, like #964247
231+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
232+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
233+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
234+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
235+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
236+ - do not install outdated (0.12 and before) Changelog
237+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
238+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
239+ Closes: CVE-2020-15863
240+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
241+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
242+ another fix for revert-memory-accept-.. CVE-2020-13754
243+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
244+ - d/control-in: build-dep libcap is no more needed
245+ - arch aware kvm wrappers
246+ [upstream now automatically enables KVM if available and called with
247+ kvm* name, provides KVM as before but with auto-fallback to tcg.
248+ Former behavior of KVM-or-die can be achieved via -machine accel=kvm ]
249+ * Dropped changes [upstream now]
250+ - d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
251+ setup_len
252+ - d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP 1887930)
253+ - d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP 1894942)
254+ - d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
255+ from vfio-ccw (LP 1887935)
256+ - fix qemu-user-static initialization to allow executing systemd (LP 1890881)
257+ - fix assertion failue in net_tx_pkt_add_raw_fragment (LP 1891187)
258+ - d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
259+ SQXBR (LP 1883984)
260+ - d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP 1890154)
261+ - d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
262+ environments (LP 1887763)
263+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
264+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
265+ crashes it on shutdown (LP 1878973)
266+ - update d/p/ubuntu/lp-1835546-* to the final versions
267+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
268+ FTBFS in groovy
269+ * Added Changes:
270+ - update ubuntu machine types for hirsute@5.1
271+ - d/control: regenerated from d/control-in
272+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
273+ resolved in gcc-10 (LP: 1890435)
274+
275+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 29 Oct 2020 12:37:31 +0100
276+
277 qemu (1:5.1+dfsg-4) unstable; urgency=high
278
279 * mention closing of CVE-2020-16092 by 5.1
280@@ -77,7 +334,7 @@ qemu (1:5.1+dfsg-3) unstable; urgency=medium
281
282 qemu (1:5.1+dfsg-2) unstable; urgency=medium
283
284- * fix brown-paper bag bug in last upload
285+ * fix brown-paper bag bug in last upload
286
287 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 17 Aug 2020 20:58:52 +0300
288
289@@ -300,6 +557,298 @@ qemu (1:5.0-6) unstable; urgency=medium
290
291 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 03 Jul 2020 18:24:48 +0300
292
293+qemu (1:5.0-5ubuntu11) hirsute; urgency=medium
294+
295+ * d/p/ubuntu/define-ubuntu-machine-types.patch: update to fix 15.04 wily
296+ machine type to match how it originally was released (LP: #1902654)
297+
298+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Nov 2020 08:19:07 +0100
299+
300+qemu (1:5.0-5ubuntu10) hirsute; urgency=medium
301+
302+ * No-change rebuild for brltty soname change.
303+
304+ -- Matthias Klose <doko@ubuntu.com> Mon, 02 Nov 2020 16:59:33 +0100
305+
306+qemu (1:5.0-5ubuntu9) groovy; urgency=medium
307+
308+ * d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
309+ setup_len
310+ CVE-2020-14364
311+
312+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 22 Sep 2020 16:53:18 +0200
313+
314+qemu (1:5.0-5ubuntu8) groovy; urgency=medium
315+
316+ * d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP: #1887930)
317+
318+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 14 Sep 2020 08:23:49 +0200
319+
320+qemu (1:5.0-5ubuntu7) groovy; urgency=medium
321+
322+ * d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP: #1894942)
323+
324+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Sep 2020 08:47:12 +0200
325+
326+qemu (1:5.0-5ubuntu6) groovy; urgency=medium
327+
328+ * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
329+ from vfio-ccw (LP: #1887935)
330+
331+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Aug 2020 11:09:12 +0200
332+
333+qemu (1:5.0-5ubuntu5) groovy; urgency=medium
334+
335+ * fix qemu-user-static initialization to allow executing systemd
336+ (LP: #1890881)
337+ - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch
338+ - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch
339+ - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch
340+ - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch
341+ - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch
342+ - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch
343+ * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187)
344+ CVE-2020-16092
345+ - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch
346+
347+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 19 Aug 2020 07:19:42 +0200
348+
349+qemu (1:5.0-5ubuntu4) groovy; urgency=medium
350+
351+ * xen: provide compat links to what libxen-dev reports where to find
352+ the binaries (LP: #1890005)
353+ * d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
354+ SQXBR (LP: #1883984)
355+ * d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP: #1890154)
356+
357+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 03 Aug 2020 07:15:28 +0200
358+
359+qemu (1:5.0-5ubuntu3) groovy; urgency=medium
360+
361+ * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
362+ environments (LP: #1887763)
363+ * Pick further changes for groovy from debian/master since 5.0-5
364+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
365+ Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger
366+ infinite recursion via a crafted mm_index value during
367+ ati_mm_read or ati_mm_write call.
368+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch
369+ Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu
370+ devices which uses min_access_size and max_access_size Memory API fields.
371+ Also closes: CVE-2020-13791
372+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
373+ CVE-2020-13659: address_space_map in exec.c can trigger
374+ a NULL pointer dereference related to BounceBuffer
375+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
376+ Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c
377+ has an OOB read via a crafted reply_queue_head field from a guest OS user
378+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
379+ fix other possible cases like in CVE-2020-13362 (#961887)
380+ - megasas-fix-possible-out-of-bounds-array-access.patch
381+ Some tracepoints use a guest-controlled value as an index into the
382+ mfi_frame_desc[] array. Thus a malicious guest could cause a very low
383+ impact OOB errors here
384+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
385+ Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server.
386+ This flaw occurs when an nbd-client sends a spec-compliant request that is
387+ near the boundary of maximum permitted request length. A remote nbd-client
388+ could use this flaw to crash the qemu-nbd server resulting in a DoS.
389+ - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch
390+ Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not
391+ properly validate the frame count, which allows guest OS users to trigger
392+ an out-of-bounds access during an es1370_write() operation
393+ - a few patches from the stable series:
394+ - fix-tulip-breakage.patch
395+ The tulip network driver in a qemu-system-hppa emulation is broken in
396+ the sense that bigger network packages aren't received any longer and
397+ thus even running e.g. "apt update" inside the VM fails. Fix this.
398+ - 9p-lock-directory-streams-with-a-CoMutex.patch
399+ Prevent deadlocks in 9pfs readdir code
400+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
401+ Fix newline accidentally sneaked into id string of a nic
402+ - qemu-nbd-close-inherited-stderr.patch
403+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
404+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
405+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
406+ - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247)
407+ - reapply CVE-2020-13253 fixed from upstream:
408+ sdcard-simplify-realize-a-bit.patch (preparation for the next patch)
409+ sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253)
410+ sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational)
411+ sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch
412+ Closes: #961297, CVE-2020-13253
413+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
414+ (Closes: #965109)
415+ - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289)
416+ - d/control: since qemu-system-data now contains module(s),
417+ it can't be multi-arch. Ditto for qemu-block-extra.
418+ - qemu-system-foo: depend on exact version of qemu-system-data,
419+ due to the latter having modules
420+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793)
421+ This is another incarnation of the recent bugfix which actually enabled
422+ memory access constraints, like #964247
423+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
424+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
425+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
426+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
427+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
428+ - do not install outdated (0.12 and before) Changelog (Closes: #965381)
429+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
430+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
431+ Closes: CVE-2020-15863
432+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
433+ List of patches:
434+ sm501-convert-printf-abort-to-qemu_log_mask.patch
435+ sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
436+ sm501-use-BIT-macro-to-shorten-constant.patch
437+ sm501-clean-up-local-variables-in-sm501_2d_operation.patch
438+ sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
439+ Closes: #961451, CVE-2020-12829
440+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
441+ another fix for revert-memory-accept-.. CVE-2020-13754
442+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
443+
444+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 Jul 2020 13:21:31 +0200
445+
446+qemu (1:5.0-5ubuntu2) groovy; urgency=medium
447+
448+ * No change rebuild against new libnettle8 and libhogweed6 ABI.
449+
450+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 29 Jun 2020 22:32:55 +0100
451+
452+qemu (1:5.0-5ubuntu1) groovy; urgency=medium
453+
454+ * Merge with Debian testing (LP: #1749393), remaining changes:
455+ - qemu-kvm to systemd unit
456+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
457+ hugepages and architecture specifics
458+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
459+ qemu-kvm-init
460+ - d/qemu-system-common.install: install helper script
461+ - d/qemu-system-common.qemu-kvm.default: defaults for
462+ /etc/default/qemu-kvm
463+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
464+ - Distribution specific machine type (LP: 1304107 1621042)
465+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
466+ types
467+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
468+ for host-phys-bits=true (LP: 1776189)
469+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
470+ - provide pseries-bionic-2.11-sxxm type as convenience with all
471+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
472+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
473+ - Enable nesting by default
474+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
475+ in qemu64 on amd
476+ [ No more strictly needed, but required for backward compatibility ]
477+ - improved dependencies
478+ - Make qemu-system-common depend on qemu-block-extra
479+ - Make qemu-utils depend on qemu-block-extra
480+ - let qemu-utils recommend sharutils
481+ - arch aware kvm wrappers
482+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
483+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
484+ reference 256k path
485+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
486+ handle incoming migrations from former releases.
487+ - d/control-in: Disable capstone disassembler library support (universe)
488+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
489+ - d/control*, d/rules: disable xen by default, but provide universe
490+ package qemu-system-x86-xen as alternative
491+ [includes --disable-xen for user-static builds]
492+ - d/control-in: disable pmem on ppc64 as it is currently considered
493+ experimental on that architecture (pmdk v1.8-1)
494+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
495+ - d/rules: report config log from the correct subdir
496+ - allow qemu to load old modules post upgrade (LP 1847361)
497+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
498+ upgrade
499+ - d/rules: generate maintainer scripts matching package version on build
500+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
501+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
502+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
503+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
504+ crashes it on shutdown (LP 1878973)
505+ * Dropped changes (no more needed)
506+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
507+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
508+ in qemu64 cpu type.
509+ - d/control: avoid upgrade issues triggered by moving ivshmem tools after
510+ Debian. Fixed by bumping the related Breaks/Replaces to the
511+ Version Ubuntu introduced the change (LP 1862287)
512+ * Dropped changes (in Debian)
513+ - improved s390x support
514+ - d/binfmt-update-in: fix binfmt being called in some containers
515+ (LP 1840956)
516+ - qemu-system-x86-microvm package
517+ In addition to the generic multi-purpose qemu also provide a minimal
518+ feature binary that is loading faster for use cases with microvm machine
519+ type and qboot bios
520+ - d/control-in: add a new qemu-system-x86-microvm package
521+ - d/rules: add an extra config/build step to get the minimal qemu
522+ - Security and packaging fixes (LP 1872937)
523+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
524+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
525+ CVE-2020-10702
526+ CVE-2020-11102
527+ - fix external spice UI
528+ + install ui-spice-app.so in qemu-system-common
529+ + install ui-spice-app.so only if built, spice is optional
530+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
531+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
532+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
533+ - enable riscv build (LP 1872931)
534+ [ changes picked from Debian ]
535+ - enable support for riscv64 hosts
536+ - only enable librbd on architectures where it is built
537+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
538+ depends on the former
539+ - seccomp grew up, no need in versioned build-dep
540+ - enable seccomp only on architectures where it can be built
541+ * Dropped changes (upstream)
542+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
543+ (LP 1857033)
544+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
545+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
546+ vhost-user-gpu
547+ - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
548+ avoid unnecessary IOTLB transactions (LP 1866207)
549+ - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
550+ patches @qemu-stable (LP 1867519)
551+ - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
552+ to avoid broken nesting (LP 1868692)
553+ - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
554+ (LP 1871830)
555+ - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107)
556+ - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
557+ - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
558+ and clobbered doubles (LP 1872945)
559+ - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
560+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
561+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
562+ - CVE-2020-11869
563+ - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
564+ - async: use explicit memory barriers (LP 1805256)
565+ - aio-wait: delegate polling of main AioContext if BQL not held
566+ - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
567+ supporting to set them (LP 1882774)
568+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
569+ load to a versioned path
570+ * Added Changes:
571+ - d/control: regenerate debian/control out of control-in
572+ - update d/p/ubuntu/lp-1835546-* to the final versions
573+ - 11 patches dropped as they are in 5.0
574+ - 20 patches updated to how they will be in 5.1
575+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
576+ FTBFS in groovy
577+ - Make qemu-system-x86-microvm a transitional package as the binary is now
578+ in qemu-system-x86 itself.
579+ - d/control-in: build-dep libcap is no more needed
580+ - d/rules: update arch aware kvm wrappers
581+ - d/qemu-system-x86.README.Debian: fix typo
582+
583+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 16 Jun 2020 16:50:09 +0200
584+
585 qemu (1:5.0-5) unstable; urgency=medium
586
587 * more binfmt-install updates
588@@ -432,6 +981,188 @@ qemu (1:4.2-4) unstable; urgency=medium
589
590 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 12:44:43 +0300
591
592+qemu (1:4.2-3ubuntu10) groovy; urgency=medium
593+
594+ * No-change rebuild against libnettle8
595+
596+ -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 20 Jul 2020 16:12:37 +0000
597+
598+qemu (1:4.2-3ubuntu9) groovy; urgency=medium
599+
600+ * debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
601+ crashes it on shutdown (LP: #1878973)
602+ * d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
603+ supporting to set them (LP: #1882774)
604+
605+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 02 Jun 2020 10:42:49 +0200
606+
607+qemu (1:4.2-3ubuntu8) groovy; urgency=medium
608+
609+ * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
610+ - async: use explicit memory barriers (LP: #1805256)
611+ - aio-wait: delegate polling of main AioContext if BQL not held
612+
613+ -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Wed, 27 May 2020 21:47:21 +0000
614+
615+qemu (1:4.2-3ubuntu7) groovy; urgency=medium
616+
617+ * SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
618+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
619+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
620+ - CVE-2020-11869
621+
622+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 21 May 2020 14:43:19 -0400
623+
624+qemu (1:4.2-3ubuntu6) focal; urgency=medium
625+
626+ [ Christian Ehrhardt ]
627+ * enable riscv build (LP: #1872931)
628+ [ changes picked from Debian ]
629+ - enable support for riscv64 hosts
630+ - only enable librbd on architectures where it is built
631+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
632+ depends on the former
633+ - seccomp grew up, no need in versioned build-dep
634+ - enable seccomp only on architectures where it can be built
635+ * d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
636+ * d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
637+ and clobbered doubles (LP: #1872945)
638+
639+ [ William Grant ]
640+ * d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
641+
642+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 14:27:15 +0200
643+
644+qemu (1:4.2-3ubuntu5) focal; urgency=medium
645+
646+ [ Christian Ehrhardt ]
647+ * d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
648+ (LP: #1871830)
649+ * Security and packaging fixes (LP: #1872937)
650+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
651+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
652+ CVE-2020-10702
653+ CVE-2020-11102
654+ - fix external spice UI
655+ + install ui-spice-app.so in qemu-system-common
656+ + install ui-spice-app.so only if built, spice is optional
657+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
658+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
659+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
660+ * d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872107)
661+
662+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 11:26:44 +0200
663+
664+qemu (1:4.2-3ubuntu4) focal; urgency=medium
665+
666+ * d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546)
667+ * remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
668+ to avoid broken nesting (LP: #1868692)
669+
670+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 20 Mar 2020 08:02:16 +0100
671+
672+qemu (1:4.2-3ubuntu3) focal; urgency=medium
673+
674+ * d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
675+ patches @qemu-stable (LP: #1867519)
676+
677+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 18 Mar 2020 13:57:57 +0100
678+
679+qemu (1:4.2-3ubuntu2) focal; urgency=medium
680+
681+ * allow qemu to load old modules post upgrade (LP: #1847361)
682+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
683+ load to a versioned path
684+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
685+ upgrade
686+ - d/rules: generate maintainer scripts matching package version on build
687+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
688+ * d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
689+ avoid unnecessary IOTLB transactions (LP: #1866207)
690+
691+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 02 Mar 2020 15:21:27 +0100
692+
693+qemu (1:4.2-3ubuntu1) focal; urgency=medium
694+
695+ * Merge with Debian testing, remaining changes:
696+ - qemu-kvm to systemd unit
697+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
698+ hugepages and architecture specifics
699+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
700+ qemu-kvm-init
701+ - d/qemu-system-common.install: install helper script
702+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
703+ - d/qemu-system-common.qemu-kvm.default: defaults for
704+ /etc/default/qemu-kvm
705+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
706+ - Distribution specific machine type (LP: 1304107 1621042)
707+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
708+ types
709+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
710+ for host-phys-bits=true (LP: 1776189)
711+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
712+ - provide pseries-bionic-2.11-sxxm type as convenience with all
713+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
714+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
715+ - Enable nesting by default
716+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
717+ in qemu64 cpu type.
718+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
719+ in qemu64 on amd
720+ [ No more strictly needed, but required for backward compatibility ]
721+ - improved dependencies
722+ - Make qemu-system-common depend on qemu-block-extra
723+ - Make qemu-utils depend on qemu-block-extra
724+ - let qemu-utils recommend sharutils
725+ - improved s390x support
726+ - d/rules: build s390-ccw.img with upstream Makefile
727+ - d/rules: build s390-netboot.img with upstream Makefile
728+ - arch aware kvm wrappers
729+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
730+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
731+ reference 256k path
732+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
733+ handle incoming migrations from former releases.
734+ - d/control-in: Disable capstone disassembler library support (universe)
735+ - d/binfmt-update-in: fix binfmt being called in some containers
736+ (LP 1840956)
737+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
738+ (LP 1857033)
739+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
740+ - d/control*, d/rules: disable xen by default, but provide universe
741+ package qemu-system-x86-xen as alternative
742+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
743+ - Dropped changes [ in Debian ]
744+ - d/control: update VCS links
745+ - d/control-in: bump debhelper build-dep for compat 12
746+ - d/control: disable bluetooth being deprecated
747+ - d/not-installed: ignore new interop docs and extra icons for now
748+ - d/not-installed: do not install elf2dmp until namespaced
749+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
750+ [ not needed ]
751+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
752+ - s390x support
753+ - Create qemu-system-s390x package
754+ - Enable numa support for s390x
755+ - d/control*: enable libpmem support for nvdimms (LP 1790856)
756+ * Added changes
757+ - d/control: regenerate debian/control out of control-in
758+ - qemu-system-x86-microvm package
759+ In addition to the generic multi-purpose qemu also provide a minimal
760+ feature binary that is loading faster for use cases with microvm machine
761+ type and qboot bios
762+ - d/control-in: add a new qemu-system-x86-microvm package
763+ - d/rules: add an extra config/build step to get the minimal qemu
764+ - d/control-in: disable pmem on ppc64 as it is currently considered
765+ experimental on that architecture (pmdk v1.8-1)
766+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
767+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
768+ vhost-user-gpu
769+ - d/rules: report config log from the correct subdir
770+ - d/rules: --disable-xen for user-static builds
771+
772+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Feb 2020 15:21:56 +0100
773+
774 qemu (1:4.2-3) unstable; urgency=medium
775
776 * mention closing of #909743 in previous changelog (Closes: #909743)
777@@ -474,6 +1205,169 @@ qemu (1:4.2-2) unstable; urgency=medium
778
779 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Jan 2020 23:51:09 +0300
780
781+qemu (1:4.2-1ubuntu2) focal; urgency=medium
782+
783+ * d/control: avoid upgrade issues triggered by moving ivshmem tools after
784+ Debian. Fixed by by bumping the related Breaks/Replaces to the
785+ Version Ubuntu introduced the change (LP: #1862287)
786+
787+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 07 Feb 2020 07:31:21 +0100
788+
789+qemu (1:4.2-1ubuntu1) focal; urgency=medium
790+
791+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
792+ LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
793+ LP: #1812822 - avoid crashes on detaching vhost_net interfaces
794+ LP: #1852744 - Crypto Passthrough Interrupt Support
795+ LP: #1853316 - CCW IPL Support
796+ Remaining changes:
797+ - qemu-kvm to systemd unit
798+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
799+ hugepages and architecture specifics
800+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
801+ qemu-kvm-init
802+ - d/qemu-system-common.install: install helper script
803+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
804+ - d/qemu-system-common.qemu-kvm.default: defaults for
805+ /etc/default/qemu-kvm
806+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
807+ - Distribution specific machine type (LP: 1304107 1621042)
808+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
809+ types
810+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
811+ for host-phys-bits=true (LP: 1776189)
812+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
813+ - provide pseries-bionic-2.11-sxxm type as convenience with all
814+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
815+ - Enable nesting by default
816+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
817+ in qemu64 cpu type.
818+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
819+ in qemu64 on amd
820+ [ No more strictly needed, but required for backward compatibility ]
821+ - improved dependencies
822+ - Make qemu-system-common depend on qemu-block-extra
823+ - Make qemu-utils depend on qemu-block-extra
824+ - let qemu-utils recommend sharutils
825+ - s390x support
826+ - Create qemu-system-s390x package
827+ - Enable numa support for s390x
828+ - d/rules: build s390-ccw.img with upstream Makefile
829+ - d/rules: build s390-netboot.img with upstream Makefile
830+ - arch aware kvm wrappers
831+ - d/control: update VCS links
832+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
833+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
834+ reference 256k path
835+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
836+ handle incoming migrations from former releases.
837+ - d/control-in: Disable capstone disassembler library support (universe)
838+ - d/control: disable bluetooth being deprecated
839+ - d/not-installed: ignore new interop docs and extra icons for now
840+ - d/not-installed: do not install elf2dmp until namespaced
841+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
842+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
843+ - d/binfmt-update-in: fix binfmt being called in some containers
844+ (LP 1840956)
845+ - Dropped changes (in Debian)
846+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
847+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
848+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
849+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
850+ - enable RDMA config option
851+ - add libibumad-dev build-dep
852+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
853+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
854+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
855+ replace it with a build-indep using the upstream makefiles.
856+ This is less prone to miss future changes/fixes that are done to the
857+ makefiles
858+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
859+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
860+ - d/rules: fix qemu-kvm service for debhelper compat >=12
861+ - Refreshed patches for v4.0 context changes
862+ - d/control*: remove sdlabi which was removed upstream
863+ - d/control*: enable docs (now explicit) and provide new build-dep
864+ python3-sphinx
865+ - d/qemu-system-data.install: use new paths for formerly used icons
866+ - Merge with Upstream release of qemu 4.0
867+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
868+ - Dropped changes (Upstream)
869+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
870+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
871+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
872+ fix i386 build error
873+ - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
874+ fix naming of the new vector facitlity (LP 1836066)
875+ - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
876+ for missing SIOCGSTAMP definition; final fix is still in discussion
877+ upstream (LP: 1836159)
878+ - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
879+ s390x machines (LP 1836154)
880+ - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
881+ (LP 1841066)
882+ - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
883+ update the z15 model name (LP 1842774)
884+ - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
885+ fix a potential hang when qemu or qemu-img where accessing http backed
886+ disks via libcurl (LP 1848556)
887+ - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*:
888+ fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497)
889+ - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
890+ toleration for future machines (LP 1830704)
891+ - SECURITY UPDATE: Add support for exposing md-clear functionality
892+ to guests
893+ - d/p/ubuntu/enable-md-clear.patch
894+ - d/p/ubuntu/enable-md-no.patch
895+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
896+ - SECURITY UPDATE: heap overflow when loading device tree blob
897+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
898+ copy the device tree blob into is.
899+ - CVE-2018-20815
900+ - SECURITY UPDATE: device driver denial of service via NULL pointer
901+ dereference
902+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
903+ routine
904+ - CVE-2019-5008
905+ - SECURITY UPDATE: information leak in SLiRP
906+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
907+ emulating ident.
908+ - CVE-2019-9824
909+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
910+ unimplement.patch: properly return architecture defined exception
911+ on bad subcodes of diag 308 (LP 1812384)
912+ * Dropped changes (no more needed)
913+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
914+ mv_conffile since the new path is a directory in the old package
915+ version which can not be handled by mv_conffile.
916+ [ only needed between disco and eoan ]
917+ - disable pvrdma
918+ [ CVEs all fixed now ]
919+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
920+ avoid misdetection of simplified nesting blocking all migrations
921+ [ qemu now detects and handles nesting - needs kernel >=4.20 ]
922+ - Enable nesting by default
923+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
924+ (is default on amd)
925+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
926+ without nested=1
927+ [ nesting is default in kernel modules and default selected cpu types ]
928+ * Added changes
929+ - d/control: regenerate debian/control out of control-in
930+ - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
931+ - added ubuntu focal types for qemu 4.2
932+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
933+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
934+ (LP: #1857033)
935+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
936+ - d/control*, d/rules: disable xen by default, but provide universe
937+ package qemu-system-x86-xen as alternative
938+ - fix typos in changelog and d/qemu-system-x86.NEWS
939+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
940+ - d/control*: enable libpmem support for nvdimms (LP: #1790856)
941+
942+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 08 Jan 2020 15:27:42 +0100
943+
944 qemu (1:4.2-1) unstable; urgency=medium
945
946 * new upstream release (4.2.0)
947@@ -550,6 +1444,205 @@ qemu (1:4.1-1) unstable; urgency=medium
948
949 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 27 Aug 2019 12:43:43 +0300
950
951+qemu (1:4.0+dfsg-0ubuntu10) focal; urgency=medium
952+
953+ * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
954+ fix a potential hang when qemu or qemu-img where accessing http backed
955+ disks via libcurl (LP: #1848556)
956+ * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch:
957+ fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497)
958+
959+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 21 Oct 2019 14:51:45 +0200
960+
961+qemu (1:4.0+dfsg-0ubuntu9) eoan; urgency=medium
962+
963+ * d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
964+ update the z15 model name (LP: #1842774)
965+
966+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Sep 2019 11:42:58 +0200
967+
968+qemu (1:4.0+dfsg-0ubuntu8) eoan; urgency=medium
969+
970+ * d/binfmt-update-in: fix binfmt being called in some containers
971+ (LP: #1840956)
972+
973+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Sep 2019 11:03:13 +0200
974+
975+qemu (1:4.0+dfsg-0ubuntu7) eoan; urgency=medium
976+
977+ * No-change upload with strops.h and sys/strops.h removed in glibc.
978+
979+ -- Matthias Klose <doko@ubuntu.com> Thu, 05 Sep 2019 11:07:25 +0000
980+
981+qemu (1:4.0+dfsg-0ubuntu6) eoan; urgency=medium
982+
983+ * d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
984+ (LP: #1841066)
985+
986+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 26 Aug 2019 12:08:04 +0200
987+
988+qemu (1:4.0+dfsg-0ubuntu5) eoan; urgency=medium
989+
990+ * d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
991+ s390x machines (LP: #1836154)
992+
993+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Jul 2019 13:20:42 +0200
994+
995+qemu (1:4.0+dfsg-0ubuntu4) eoan; urgency=medium
996+
997+ * d/control-in: promote qemu-efi/ovmf in Ubuntu (LP: #1570617)
998+ - pick Debian change for (#889885)
999+ move ovmf to recommends on debian and update aarch ovmf refs
1000+ - stop Ubuntu to drop ovmf/qemu-efi to a suggest
1001+
1002+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 12 Jul 2019 12:48:24 +0200
1003+
1004+qemu (1:4.0+dfsg-0ubuntu3) eoan; urgency=medium
1005+
1006+ * d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
1007+ for missing SIOCGSTAMP definition; final fix is still in discussion
1008+ upstream (LP: 1836159)
1009+
1010+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 10:10:00 +0200
1011+
1012+qemu (1:4.0+dfsg-0ubuntu2) eoan; urgency=medium
1013+
1014+ * d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
1015+ fix naming of the new vector facitlity (LP: #1836066)
1016+ * d/control-in: update VCS links in control template as well
1017+
1018+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 08:18:44 +0200
1019+
1020+qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium
1021+
1022+ * Merge with Upstream release of qemu 4.0.
1023+ Among many other things this fixes LP Bugs:
1024+ LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA)
1025+ LP: #1828038 - Update s390x CPU Model for more HW support
1026+ LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el
1027+ Remaining Changes:
1028+ - qemu-kvm to systemd unit
1029+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1030+ hugepages and architecture specifics
1031+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1032+ qemu-kvm-init
1033+ - d/qemu-system-common.install: install helper script
1034+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1035+ - d/qemu-system-common.qemu-kvm.default: defaults for
1036+ /etc/default/qemu-kvm
1037+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1038+ - Enable nesting by default
1039+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1040+ (is default on amd)
1041+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1042+ without nested=1
1043+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1044+ in qemu64 cpu type.
1045+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1046+ in qemu64 on amd
1047+ - d/qemu-system-x86.README.Debian: document intention of nested being
1048+ default is comfort, not full support
1049+ - Distribution specific machine type (LP: 1304107 1621042)
1050+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1051+ types
1052+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1053+ for host-phys-bits=true (LP: 1776189)
1054+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1055+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1056+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1057+ - improved dependencies
1058+ - Make qemu-system-common depend on qemu-block-extra
1059+ - Make qemu-utils depend on qemu-block-extra
1060+ - let qemu-utils recommend sharutils
1061+ - s390x support
1062+ - Create qemu-system-s390x package
1063+ - Enable numa support for s390x
1064+ - arch aware kvm wrappers
1065+ - d/control: update VCS links
1066+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1067+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1068+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1069+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1070+ - enable RDMA config option
1071+ - add libibumad-dev build-dep
1072+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1073+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1074+ reference 256k path
1075+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1076+ handle incoming migrations from former releases.
1077+ - d/control-in: Disable capstone disassembler library support (universe)
1078+ - Move s390x roms to a new qemu-system-data-s390x
1079+ - d/qemu-system-data.install: install s390x roms as architecture:all in
1080+ qemu-system-data
1081+ - d/rules: build s390-ccw.img with upstream Makefile
1082+ - d/rules: build s390-netboot.img with upstream Makefile
1083+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1084+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1085+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1086+ replace it with a build-indep using the upstream makefiles.
1087+ This is less prone to miss future changes/fixes that are done to the
1088+ makefiles
1089+ - d/control-in: add breaks/replaces for moving s390x roms from
1090+ qemu-system-s390x to qemu-system-data
1091+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1092+ [From not yet uploaded Debian branch]
1093+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1094+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1095+ - disable pvrdma - besides several security holes there are many other
1096+ bugs there as well
1097+ * Dropped patches that are upstream in v4.0
1098+ - d/p/do-not-link-everything-with-xen.patch
1099+ - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
1100+ - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
1101+ - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
1102+ - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778
1103+ - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
1104+ - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor
1105+ (LP: 1759509)
1106+ - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri
1107+ - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and
1108+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement
1109+ - d/p/ubuntu/CVE-2018-20815.patch
1110+ - d/p/ubuntu/CVE-2019-5008.patch
1111+ - d/p/ubuntu/CVE-2019-9824.patch
1112+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1113+ avoid misdetection of simplified nesting blocking all migrations
1114+ * Dropped further patches
1115+ d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665
1116+ [upstream deprecated the whole subsystem instead of applying the fix]
1117+ * Added Changes
1118+ - updated ubuntu machine types for v4.0
1119+ - added eoan types
1120+ - fixed s390x issue of upstream types having a "v" prefix
1121+ - add back dropped machine types to avoid more issues like LP: 1802944
1122+ - fix kvm split irqchip default in ubuntu q35 machine type
1123+ - drop no more needed spapr_machine_2_11_sxxm_instance_options and
1124+ adapt updated CamelCase
1125+ - -hpb types now need to use GlobalProperties
1126+ - pc_compat_2_0 got a _fn suffix and slight changes
1127+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to
1128+ SLOF of qemu 4.0
1129+ - Refreshed patches still needed for v4.0 context changes
1130+ - d/p/use-fixed-data-path.patch
1131+ - d/p/ubuntu/enable-svm-by-default.patch
1132+ - d/p/ubuntu/enable-md-clear.patch
1133+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
1134+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration
1135+ (LP: #1830243)
1136+ - d/control: disable bluetooth being deprecated
1137+ - d/control*: remove sdlabi which was removed upstream
1138+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238)
1139+ - d/control*: enable docs (now explicit) and provide new build-dep
1140+ python3-sphinx
1141+ - d/not-installed: ignore new interop docs and extra icons for now
1142+ - d/not-installed: do not install elf2dmp until namespaced
1143+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1144+ - d/qemu-system-data.install: use new paths for formerly used icons
1145+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
1146+ fix i386 build error
1147+
1148+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 24 Jun 2019 16:33:19 +0200
1149+
1150 qemu (1:3.1+dfsg-8) unstable; urgency=high
1151
1152 * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch
1153@@ -652,6 +1745,232 @@ qemu (1:3.1+dfsg-3) unstable; urgency=medium
1154
1155 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 06 Feb 2019 12:23:01 +0300
1156
1157+qemu (1:3.1+dfsg-2ubuntu5) eoan; urgency=medium
1158+
1159+ * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
1160+ broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
1161+ fix migrations from old machines (LP: #1829868).
1162+ * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
1163+ toleration for future machines (LP: #1830704
1164+
1165+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 May 2019 11:30:42 +0200
1166+
1167+qemu (1:3.1+dfsg-2ubuntu4) eoan; urgency=medium
1168+
1169+ * SECURITY UPDATE: Add support for exposing md-clear functionality
1170+ to guests
1171+ - d/p/ubuntu/enable-md-clear.patch
1172+ - d/p/ubuntu/enable-md-no.patch
1173+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
1174+ * SECURITY UPDATE: heap overflow when loading device tree blob
1175+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
1176+ copy the device tree blob into is.
1177+ - CVE-2018-20815
1178+ * SECURITY UPDATE: device driver denial of service via NULL pointer
1179+ dereference
1180+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
1181+ routine
1182+ - CVE-2019-5008
1183+ * SECURITY UPDATE: information leak in SLiRP
1184+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
1185+ emulating ident.
1186+ - CVE-2019-9824
1187+
1188+ -- Steve Beattie <sbeattie@ubuntu.com> Wed, 08 May 2019 09:27:53 -0700
1189+
1190+qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium
1191+
1192+ * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
1193+ - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
1194+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
1195+ mv_conffile since the new path is a directory in the old package
1196+ version which can not be handled by mv_conffile.
1197+ * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
1198+ OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
1199+ Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
1200+ CVE-2019-3812
1201+
1202+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 18 Mar 2019 09:20:07 +0100
1203+
1204+qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium
1205+
1206+ * disable pvrdma - besides several security holes there are many other
1207+ bugs there as well, and the amount of patches applied upstream after
1208+ 3.1 release is large (Closes, or actuallymakes unimportant again)
1209+ - CVE-2018-20123
1210+ - CVE-2018-20124
1211+ - CVE-2018-20125
1212+ - CVE-2018-20126
1213+ - CVE-2018-20191
1214+ - CVE-2018-20216
1215+ * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
1216+ - CVE-2019-6501
1217+ * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
1218+ - CVE-2019-6778
1219+
1220+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 19 Feb 2019 06:43:04 +0100
1221+
1222+qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium
1223+
1224+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
1225+ LP: #1806104 - fix misleading page size error on ppc64el
1226+ LP: #1782205 - SnowRidge enabled new ISAs
1227+ LP: #1786956 - upgrade to qemu >= 3.0
1228+ LP: #1809083 - Backward migration to Xenial on ppc64el
1229+ LP: #1803315 - s390x Huge page enablement
1230+ LP: #1657409 - enable virglrenderer
1231+ Remaining Changes:
1232+ - qemu-kvm to systemd unit
1233+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1234+ hugepages and architecture specifics
1235+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1236+ - d/qemu-system-common.install: install systemd unit and helper script
1237+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1238+ - d/qemu-system-common.qemu-kvm.default: defaults for
1239+ /etc/default/qemu-kvm
1240+ - d/rules: install /etc/default/qemu-kvm
1241+ - Enable nesting by default
1242+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1243+ (is default on amd)
1244+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1245+ without nested=1
1246+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1247+ in qemu64 cpu type.
1248+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1249+ in qemu64 on amd
1250+ - d/qemu-system-x86.README.Debian: document intention of nested being
1251+ default is comfort, not full support
1252+ - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372)
1253+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1254+ types
1255+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1256+ for host-phys-bits=true (LP: 1776189)
1257+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1258+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
1259+ convenience with all meltdown/spectre workarounds enabled by default.
1260+ (LP: 1761372).
1261+ - improved dependencies
1262+ - Make qemu-system-common depend on qemu-block-extra
1263+ - Make qemu-utils depend on qemu-block-extra
1264+ - let qemu-utils recommend sharutils
1265+ - s390x support
1266+ - Create qemu-system-s390x package
1267+ - Enable numa support for s390x
1268+ - arch aware kvm wrappers
1269+ - d/control: update VCS links (updated to match latest Ubuntu)
1270+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1271+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1272+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1273+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1274+ - enable RDMA config option
1275+ - add libibumad-dev build-dep
1276+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1277+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1278+ reference 256k path
1279+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1280+ handle incoming migrations from former releases.
1281+ - d/control-in: Disable capstone disassembler library support (universe)
1282+ * Added Changes:
1283+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes
1284+ for qemu 3.1 in the Ubuntu Disco release
1285+ - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509)
1286+ - Move s390x roms to a new qemu-system-data-s390x
1287+ - d/qemu-system-data.install: install s390x roms as architecture:all in
1288+ qemu-system-data
1289+ - d/rules: build s390-ccw.img with upstream Makefile
1290+ - d/rules: build s390x-netboot.img with upstream Makefile
1291+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1292+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1293+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1294+ replace it with a build-indep using the upstream makefiles.
1295+ This is less prone to miss future changes/fixes that are done to the
1296+ makefiles
1297+ - d/control-in: add breaks/replaces for moving s390x roms from
1298+ qemu-system-s390x to qemu-system-data
1299+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1300+ [From not yet uploaded Debian branch]
1301+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1302+ (Closes: #918378)
1303+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1304+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1305+ avoid misdetection of simplified nesting blocking all migrations
1306+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
1307+ unimplement.patch: properly return archicture defined exception
1308+ on bad subcodes of diag 308 (LP: #1812384)
1309+ * Dropped Changes:
1310+ - Include s390-ccw.img firmware (old style native build)
1311+ - d/rules enable install s390x-netboot.img (old style native build)
1312+ - libvirt/qemu user/group support
1313+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1314+ trigger.
1315+ [ Droppable since logind properly sets ACLs now ]
1316+ - qemu-system-common.preinst: add kvm group if needed
1317+ [ Droppable because systemd/udev take care of it since 239-6]
1318+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent
1319+ freeze-hook fixes (LP: 1484990)
1320+ [upstream]
1321+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
1322+ merged upstream
1323+ [upstream]
1324+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
1325+ computation while concatenating mbuf.
1326+ CVE-2018-11806
1327+ [upstream]
1328+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
1329+ for powerpc64 to speed up translation (LP: 1781526)
1330+ [upstream]
1331+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
1332+ cpu model for z14 ZR1 (LP: 1780773).
1333+ [upstream]
1334+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
1335+ (Closes: 903562)
1336+ [in Debian]
1337+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
1338+ unreleased Debian version)
1339+ [in Debian]
1340+ - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
1341+ by migrations with UI frontends or frequent guest resolution changes
1342+ (LP #1755912)
1343+ [upstream]
1344+ - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
1345+ extend eieio for POWER9 emulation (LP: 1787408).
1346+ [upstream]
1347+ - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
1348+ ensure that the seccomp blacklist is applied to all threads (LP: 1789551)
1349+ [upstream]
1350+ - improve s390x spectre mitigation with etoken facility (LP: 1790457)
1351+ [upstream]
1352+ - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901)
1353+ [upstream]
1354+ - d/control-in: our addition of a qemu-system-s390x package needs to follow
1355+ the split of qemu-system-data by adding a dependency to it (LP: 1798084)
1356+ [in Debian]
1357+ - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
1358+ Adapters on s390x (LP: 1787405)
1359+ [upstream]
1360+ - enable opengl for vfio-MDEV support (LP: 1804766)
1361+ [in Debian]
1362+ - SECURITY UPDATE: integer overflow in NE2000 NIC emulation
1363+ [upstream]
1364+ - SECURITY UPDATE: integer overflow via crafted QMP command
1365+ [upstream]
1366+ - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
1367+ [upstream]
1368+ - SECURITY UPDATE: buffer overflow in rtl8139
1369+ [upstream]
1370+ - SECURITY UPDATE: buffer overflow in pcnet
1371+ [upstream]
1372+ - SECURITY UPDATE: DoS via large packet sizes
1373+ [upstream]
1374+ - SECURITY UPDATE: DoS in lsi53c895a
1375+ [upstream]
1376+ - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
1377+ [upstream]
1378+ - SECURITY UPDATE: race condition in 9p
1379+ [upstream]
1380+
1381+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Jan 2019 09:41:08 +0100
1382+
1383 qemu (1:3.1+dfsg-2) unstable; urgency=medium
1384
1385 * d/rules: split arch and indep builds
1386@@ -731,6 +2050,249 @@ qemu (1:3.1+dfsg-1) unstable; urgency=medium
1387
1388 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Dec 2018 19:10:27 +0300
1389
1390+qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium
1391+
1392+ [ Marc Deslauriers ]
1393+ * SECURITY UPDATE: integer overflow in NE2000 NIC emulation
1394+ - debian/patches/CVE-2018-10839.patch: use proper type in
1395+ hw/net/ne2000.c.
1396+ - CVE-2018-10839
1397+ * SECURITY UPDATE: integer overflow via crafted QMP command
1398+ - debian/patches/CVE-2018-12617.patch: check bytes count read by
1399+ guest-file-read in qga/commands-posix.c.
1400+ - CVE-2018-12617
1401+ * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
1402+ - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
1403+ - CVE-2018-16847
1404+ * SECURITY UPDATE: buffer overflow in rtl8139
1405+ - debian/patches/CVE-2018-17958.patch: use proper type in
1406+ hw/net/rtl8139.c.
1407+ - CVE-2018-17958
1408+ * SECURITY UPDATE: buffer overflow in pcnet
1409+ - debian/patches/CVE-2018-17962.patch: use proper type in
1410+ hw/net/pcnet.c.
1411+ - CVE-2018-17962
1412+ * SECURITY UPDATE: DoS via large packet sizes
1413+ - debian/patches/CVE-2018-17963.patch: check size in net/net.c.
1414+ - CVE-2018-17963
1415+ * SECURITY UPDATE: DoS in lsi53c895a
1416+ - debian/patches/CVE-2018-18849.patch: check message length value is
1417+ valid in hw/scsi/lsi53c895a.c.
1418+ - CVE-2018-18849
1419+ * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
1420+ - debian/patches/CVE-2018-18954.patch: check size before data buffer
1421+ access in hw/ppc/pnv_lpc.c.
1422+ - CVE-2018-18954
1423+ * SECURITY UPDATE: race condition in 9p
1424+ - debian/patches/CVE-2018-19364-1.patch: use write lock in
1425+ hw/9pfs/cofile.c.
1426+ - debian/patches/CVE-2018-19364-2.patch: use write lock in
1427+ hw/9pfs/9p.c.
1428+ - CVE-2018-19364
1429+
1430+ [ Christian Ehrhardt]
1431+ * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
1432+ Adapters on s390x (LP: #1787405)
1433+ * enable opengl for vfio-MDEV support (LP: #1804766)
1434+ - d/control-in: set --enable-opengl
1435+ - d/control-in: add gl related build-dependencies
1436+
1437+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Nov 2018 13:17:01 -0500
1438+
1439+qemu (1:2.12+dfsg-3ubuntu8) cosmic; urgency=medium
1440+
1441+ * d/control-in: our addition of a qemu-system-s390x package needs to follow
1442+ the split of qemu-system-data by adding a dependency to it (LP: #1798084)
1443+
1444+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Oct 2018 10:50:27 +0200
1445+
1446+qemu (1:2.12+dfsg-3ubuntu7) cosmic; urgency=medium
1447+
1448+ * Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: #1790901)
1449+ The SLOF source pieces in src:qemu are only used for s390x netboot,
1450+ which are independent ROMs (no linking). All other binaries out of this
1451+ are part of src:slof and independent.
1452+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot-2.12-to-3.0.patch
1453+ - d/p/ubuntu/lp-1790901-0*: backport s390x pxelinux netboot capabilities
1454+ and related fixes
1455+
1456+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Sep 2018 13:31:15 +0200
1457+
1458+qemu (1:2.12+dfsg-3ubuntu6) cosmic; urgency=medium
1459+
1460+ * improve s390x spectre mitigation with etoken facility (LP: #1790457)
1461+ - debian/patches/ubuntu/lp-1790457-s390x-kvm-add-etoken-facility.patch
1462+ - debian/patches/ubuntu/lp-1790457-partial-s390x-linux-headers-update.patch
1463+
1464+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Sep 2018 10:06:48 +0200
1465+
1466+qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium
1467+
1468+ * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
1469+ ensure that the seccomp blacklist is applied to all threads (LP: #1789551)
1470+ - CVE-2018-15746
1471+
1472+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 29 Aug 2018 08:50:36 +0200
1473+
1474+qemu (1:2.12+dfsg-3ubuntu4) cosmic; urgency=medium
1475+
1476+ [ Murilo Opsfelder Araujo ]
1477+ * d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
1478+ extend eieio for POWER9 emulation (LP: #1787408).
1479+
1480+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 20 Aug 2018 11:52:39 +0200
1481+
1482+qemu (1:2.12+dfsg-3ubuntu3) cosmic; urgency=medium
1483+
1484+ * d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
1485+ by migrations with UI frontends or frequent guest resolution changes
1486+ (LP: #1755912)
1487+
1488+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 Jul 2018 08:26:52 +0200
1489+
1490+qemu (1:2.12+dfsg-3ubuntu2) cosmic; urgency=medium
1491+
1492+ * Disable capstone disassembler library support (universe dependency)
1493+
1494+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 17 Jul 2018 08:35:32 +0200
1495+
1496+qemu (1:2.12+dfsg-3ubuntu1) cosmic; urgency=medium
1497+
1498+ * Merge with Debian testing, Remaining Changes:
1499+ - Among other things this fixes (LP: #1780768, LP: #1780769, LP: #1780772)
1500+ - qemu-kvm to systemd unit
1501+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1502+ hugepages and architecture specifics
1503+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1504+ - d/qemu-system-common.install: install systemd unit and helper script
1505+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1506+ - d/qemu-system-common.qemu-kvm.default: defaults for
1507+ /etc/default/qemu-kvm
1508+ - d/rules: install /etc/default/qemu-kvm
1509+ - Enable nesting by default
1510+ - set nested=1 module option on intel. (is default on amd)
1511+ - re-load kvm_intel.ko if it was loaded without nested=1
1512+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1513+ in qemu64 cpu type.
1514+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1515+ in qemu64 on amd
1516+ - d/qemu-system-x86.README.Debian: document intention of nested being
1517+ default is comfort, not full support
1518+ - libvirt/qemu user/group support
1519+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1520+ trigger.
1521+ - qemu-system-common.preinst: add kvm group if needed
1522+ - Distribution specific machine type
1523+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1524+ types to ease future live vm migration.
1525+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1526+ - d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
1527+ for host-phys-bits=true (LP: 1776189)
1528+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1529+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
1530+ convenience with all meltdown/spectre workarounds enabled by default.
1531+ (LP: 1761372).
1532+ - improved dependencies
1533+ - Make qemu-system-common depend on qemu-block-extra
1534+ - Make qemu-utils depend on qemu-block-extra
1535+ - let qemu-utils recommend sharutils
1536+ - s390x support
1537+ - Create qemu-system-s390x package
1538+ - Include s390-ccw.img firmware
1539+ - Enable numa support for s390x
1540+ - arch aware kvm wrappers
1541+ - update VCS-git (updated to match cosmic)
1542+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1543+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
1544+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1545+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1546+ - Create and install pxe netboot images for KVM s390x (LP: 1732094)
1547+ - d/rules enable install s390x-netboot.img
1548+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1549+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1550+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1551+ reference 256k path
1552+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1553+ handle incoming migrations from former releases.
1554+ - SECURITY UPDATE: Speculative Store Bypass
1555+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
1556+ CPUID feature bit in target/i386/cpu.*.
1557+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
1558+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
1559+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
1560+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
1561+ target/i386/machine.c.
1562+ - CVE-2018-3639
1563+ * Added Changes:
1564+ - update machine type changes for qemu 2.12 and the Ubuntu Cosmic release
1565+ - add cosmic types for base and -hpb
1566+ - drop no more supported types (zesty and yakkety)
1567+ - d/p/series: group machine type changes
1568+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
1569+ merged upstream
1570+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
1571+ computation while concatenating mbuf.
1572+ CVE-2018-11806
1573+ - d/qemu-kvm-init, d/qemu-system-common.qemu-kvm.default: drop the
1574+ deprecated handling of VHOST_NET_ENABLED and KVM_HUGEPAGES.
1575+ - d/qemu-kvm-init: do not exit early on non x86/ppc64el (LP: #1763275)
1576+ - d/qemu-kvm-init, d/kvm.powerpc: clean up typos and shellcheck warnings
1577+ - d/qemu-kvm-init, d/kvm.powerpc: fix SMT detection and make it only apply
1578+ to POWER8
1579+ - d/qemu-kvm-init: drop old VM detection that was broken in some cases and
1580+ is no more needed with systemd-detect-virt being more mature and always
1581+ present.
1582+ - d/kvm.powerpc: drop old powerpc (non-ppc64el) code.
1583+ - d/control-in: add libibumad-dev which is now needed for rdma
1584+ - d/rules: update s390x delta to match new Debian packaging
1585+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
1586+ for powerpc64 to speed up translation (LP: #1781526)
1587+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
1588+ cpu model for z14 ZR1 (LP: #1780773).
1589+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
1590+ (Closes: 903562)
1591+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
1592+ unreleased Debian version)
1593+ * Dropped Changes:
1594+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
1595+ (No more removed when building DFSG orig tarball in Debian)
1596+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
1597+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
1598+ so we revert related changes to stick with the proven for now:
1599+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
1600+ depends on it)
1601+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
1602+ (Debian switched to gtk which seems to work better and has all
1603+ dependencies in main.)
1604+ - d/control-in: enable seccomp on s390x (in Debian for Linux-any)
1605+ - Changes that are now upstream with qemu 2.12
1606+ - d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with
1607+ newer versions of glibc >=2.27 (LP: 1753826)
1608+ - d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
1609+ - d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
1610+ SSE/AVX/AVX512 cpu features (LP: 1739665)
1611+ - d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
1612+ space+commpage continuous which avoids long startup times on
1613+ qemu-user-static (LP: 1740219)
1614+ - provide pseries-2.12-sxxm type (LP: 1761372)
1615+ - d/p/ubuntu/lp-1704312-1-* provide means to manually handle
1616+ filesystem-dax with pmem by backporting align and unarmed options
1617+ (LP: 1704312).
1618+ - d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
1619+ option to slirp's DHCP server (LP: 1762315)
1620+ - d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying
1621+ Protection information (LP: 1762854).
1622+ - d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9
1623+ migration (LP: 1763468).
1624+ - SECURITY UPDATE: out-of-bounds access during migration via ps2
1625+ CVE-2017-16845
1626+ - SECURITY UPDATE: arbitrary code execution via load_multiboot
1627+ CVE-2018-7550
1628+ - SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
1629+ CVE-2018-7858
1630+
1631+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 21 Jun 2018 14:24:06 +0200
1632+
1633 qemu (1:2.12+dfsg-3) unstable; urgency=medium
1634
1635 * make qemu-system-foo depending
1636@@ -819,6 +2381,239 @@ qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium
1637
1638 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 12 Apr 2018 19:04:03 +0300
1639
1640+qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium
1641+
1642+ * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
1643+ for host-phys-bits=true (LP: #1776189)
1644+ - add an info about this change in debian/qemu-system-x86.NEWS
1645+
1646+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 09:01:00 +0200
1647+
1648+qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium
1649+
1650+ * SECURITY UPDATE: Speculative Store Bypass
1651+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
1652+ CPUID feature bit in target/i386/cpu.*.
1653+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
1654+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
1655+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
1656+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
1657+ target/i386/machine.c.
1658+ - CVE-2018-3639
1659+
1660+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 22 May 2018 09:34:52 -0400
1661+
1662+qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium
1663+
1664+ * SECURITY UPDATE: out-of-bounds access during migration via ps2
1665+ - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers
1666+ in post_load routine in hw/input/ps2.c.
1667+ - CVE-2017-16845
1668+ * SECURITY UPDATE: arbitrary code execution via load_multiboot
1669+ - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being
1670+ zero in hw/i386/multiboot.c.
1671+ - CVE-2018-7550
1672+ * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
1673+ - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in
1674+ hw/display/vga.c.
1675+ - CVE-2018-7858
1676+
1677+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 May 2018 14:14:20 -0400
1678+
1679+qemu (1:2.11+dfsg-1ubuntu8) cosmic; urgency=medium
1680+
1681+ * No-change rebuild for ncurses soname changes.
1682+
1683+ -- Matthias Klose <doko@ubuntu.com> Thu, 03 May 2018 14:18:39 +0000
1684+
1685+qemu (1:2.11+dfsg-1ubuntu7) bionic; urgency=medium
1686+
1687+ * d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying Protection
1688+ information (LP: #1762854).
1689+ * d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 migration
1690+ (LP: #1763468).
1691+
1692+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Apr 2018 07:46:18 +0200
1693+
1694+qemu (1:2.11+dfsg-1ubuntu6) bionic; urgency=medium
1695+
1696+ * Remove LP: 1752026 changes to d/p/ubuntu/define-ubuntu-machine-types.patch.
1697+ The Kernel fixes are preferred and already committed to the kernel.
1698+ Therefore remove the default disabling of the HTM feature (LP: #1761175)
1699+ * d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
1700+ SSE/AVX/AVX512 cpu features (LP: #1739665)
1701+ * d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
1702+ space+commpage continuous which avoids long startup times on
1703+ qemu-user-static (LP: #1740219)
1704+ * d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
1705+ convenience with all meltdown/spectre workarounds enabled by default.
1706+ This is not the default type following upstream and x86 on that.
1707+ (LP: #1761372).
1708+ * d/p/ubuntu/lp-1704312-1-* provide means to manually handle filesystem-dax
1709+ with pmem by backporting align and unarmed options (LP: #1704312).
1710+ * d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
1711+ option to slirp's DHCP server (LP: #1762315)
1712+
1713+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Apr 2018 15:16:07 +0200
1714+
1715+qemu (1:2.11+dfsg-1ubuntu5) bionic; urgency=medium
1716+
1717+ * Revert the slirp changes of 1:2.11+dfsg-1ubuntu3 until they are upstream
1718+ accepted to be better long term maintainable (LP: #1753938)
1719+
1720+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 22 Mar 2018 10:31:23 +0100
1721+
1722+qemu (1:2.11+dfsg-1ubuntu4) bionic; urgency=medium
1723+
1724+ * d/p/ubuntu/define-ubuntu-machine-types.patch: Disable HTM feature for
1725+ ppc64el in spapr to let the defaults not fail on Power9 HW (LP: #1752026).
1726+ * d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with newer
1727+ versions of glibc >=2.27 (LP: #1753826)
1728+
1729+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 05 Mar 2018 16:43:01 +0100
1730+
1731+qemu (1:2.11+dfsg-1ubuntu3) bionic; urgency=medium
1732+
1733+ * d/p/ubuntu/0001-slirp-Add-domainname-option-to-slirp-s-DHCP-server.patch,
1734+ d/p/ubuntu/0002-slirp-Add-classless-static-routes-support-to-DHCP-se.patch:
1735+ Add domainname option and classless static routes support to the user
1736+ networking's DHCP server
1737+
1738+ -- Benjamin Drung <benjamin.drung@profitbricks.com> Fri, 02 Mar 2018 21:08:54 +0100
1739+
1740+qemu (1:2.11+dfsg-1ubuntu2) bionic; urgency=medium
1741+
1742+ * d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
1743+ - among other fixes this adds code to:
1744+ - mitigate the Spectre/Meltdown attacks (LP: #1744882) (CVE-2017-5715)
1745+ However, enabling this functionality requires additional configuration
1746+ beyond just updating QEMU. Also migrations need special consideration.
1747+ Details about that can be found at:
1748+ https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
1749+ - Power9 allocation of max 8 threads per core (LP: #1750526)
1750+ * Drop changes that are part of the upstream stable release
1751+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
1752+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
1753+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
1754+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
1755+ * d/p/ubuntu/define-ubuntu-machine-types.patch: refresh to match stable update
1756+ * d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: unify to only change the
1757+ common compat.h header and add some extra info in the patch header.
1758+
1759+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Feb 2018 11:03:11 +0100
1760+
1761+qemu (1:2.11+dfsg-1ubuntu1) bionic; urgency=medium
1762+
1763+ * Merge with Debian testing, among other fixes this includes
1764+ - fix fatal error on negative maxcpus (LP: #1722495)
1765+ - fix segfault on dump-guest-memory on guests without memory (LP: #1723381)
1766+ - linux user threading issues (LP: #1350435)
1767+ - TOD-Clock Epoch Extension Support on s390x (LP: #1732691)
1768+ Remaining changes:
1769+ - qemu-kvm to systemd unit
1770+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1771+ hugepages and architecture specifics
1772+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1773+ - d/qemu-system-common.install: install systemd unit and helper script
1774+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1775+ - d/qemu-system-common.qemu-kvm.default: defaults for
1776+ /etc/default/qemu-kvm
1777+ - d/rules: install /etc/default/qemu-kvm
1778+ - Enable nesting by default
1779+ - set nested=1 module option on intel. (is default on amd)
1780+ - re-load kvm_intel.ko if it was loaded without nested=1
1781+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1782+ in qemu64 cpu type.
1783+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1784+ in qemu64 on amd
1785+ - libvirt/qemu user/group support
1786+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1787+ trigger.
1788+ - qemu-system-common.preinst: add kvm group if needed
1789+ - Distribution specific machine type
1790+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1791+ types to ease future live vm migration.
1792+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1793+ - improved dependencies
1794+ - Make qemu-system-common depend on qemu-block-extra
1795+ - Make qemu-utils depend on qemu-block-extra
1796+ - let qemu-utils recommend sharutils
1797+ - s390x support
1798+ - Create qemu-system-s390x package
1799+ - Include s390-ccw.img firmware
1800+ - Enable numa support for s390x
1801+ - ppc64[le] support
1802+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
1803+ - arch aware kvm wrappers
1804+ * Added Changes
1805+ - update VCS-git to match the bionic branch
1806+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
1807+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
1808+ so we revert related changes to stick with the proven for now:
1809+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
1810+ depends on it)
1811+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
1812+ - d/qemu-system-x86.README.Debian: document intention of nested being
1813+ default is comfort, not full support
1814+ - update Ubuntu machine types for qemu 2.11
1815+ - qemu-guest-agent: freeze-hook fixes (LP: #1484990)
1816+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
1817+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1818+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1819+ - Create and install pxe netboot images for KVM s390x (LP: #1732094)
1820+ - d/rules enable install s390x-netboot.img
1821+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
1822+ - d/control-in: enable RDMA support in qemu (LP: #1692476)
1823+ - on s390x provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1743560)
1824+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
1825+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
1826+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
1827+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
1828+ - tolerate ipxe size change on migrations to >=18.04 (LP: #1713490)
1829+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1830+ reference 256k path
1831+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1832+ handle incoming migrations from former releases.
1833+ - d/control-in: enable seccomp on s390x
1834+ * Dropped changes (no more needed):
1835+ - Dropped VHOST_NET_ENABLED and KVM_HUGEPAGES from /etc/default/qemu-kvm
1836+ The functionality is retained for upgraders, but is deprecated.
1837+ Post 18.04 the implementation for these configurations will be removed.
1838+ * Dropped changes (in Debian now):
1839+ - ppc64[le] support
1840+ - Enable seccomp for ppc64el
1841+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
1842+ - disable missing x32 architecture
1843+ - d/rules: or32 is now named or1k (since 4a09d0bb)
1844+ - d/qemu-system-common.docs: new paths since (ac06724a)
1845+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
1846+ by qapi-schema.json which is already packaged (since 4d8bb958)
1847+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
1848+ to Debian patch to match qemu 2.10)
1849+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
1850+ since 8508eee7
1851+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
1852+ - make nios2/hppa not installed explicitly until further stablized
1853+ - d/qemu-guest-agent.install: add the new guest agent reference man page
1854+ qemu-ga-ref
1855+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
1856+ along the qapi intro
1857+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
1858+ dh_missing that are already provided in other formats qemu-doc,
1859+ qemu-qmp-ref,qemu-ga-ref
1860+ * Dropped changes (integrated upstream):
1861+ - d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
1862+ on arm64 when doing suspend/resume and reboots due to older kernels not
1863+ supporting ITS (LP 1731051).
1864+ - Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
1865+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
1866+ calls (LP 1726394)
1867+ - update to upstream 2.10.1 point release (LP 1722808)
1868+
1869+
1870+
1871+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Jan 2018 14:35:18 +0100
1872+
1873 qemu (1:2.11+dfsg-1) unstable; urgency=medium
1874
1875 [ Michael Tokarev ]
1876@@ -933,6 +2728,238 @@ qemu (1:2.10.0-1) unstable; urgency=medium
1877
1878 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 23 Sep 2017 16:47:02 +0300
1879
1880+qemu (1:2.10+dfsg-0ubuntu5) bionic; urgency=medium
1881+
1882+ * d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
1883+ on arm64 when doing suspend/resume and reboots due to older kernels not
1884+ supporting ITS (LP: #1731051).
1885+
1886+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 14 Nov 2017 08:30:29 +0100
1887+
1888+qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium
1889+
1890+ * Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
1891+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
1892+ calls (LP: #1726394)
1893+
1894+ -- Julian Andres Klode <juliank@ubuntu.com> Sat, 04 Nov 2017 00:21:14 +0100
1895+
1896+qemu (1:2.10+dfsg-0ubuntu3) artful; urgency=medium
1897+
1898+ * fix enablement of qemu-kvm service (LP: #1720397)
1899+ - rename d/qemu-kvm.service to d/qemu-system-common.qemu-kvm.service
1900+ - d/rules: add proper enablement debhelper calls
1901+ - d/qemu-system-common.install: install covered by dh_installinit
1902+
1903+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Oct 2017 11:28:39 +0200
1904+
1905+qemu (1:2.10+dfsg-0ubuntu2) artful; urgency=medium
1906+
1907+ * update to upstream 2.10.1 point release (LP: #1722808)
1908+
1909+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Oct 2017 15:33:40 +0200
1910+
1911+qemu (1:2.10+dfsg-0ubuntu1) artful; urgency=medium
1912+
1913+ * Merge with Upstream 2.10.0 to pick up final fixes of the 2.10 release
1914+ Remaining changes:
1915+ - qemu-kvm to systemd unit
1916+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1917+ hugepages and architecture specifics
1918+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1919+ - d/qemu-system-common.install: install systemd unit and helper script
1920+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1921+ - d/qemu-system-common.qemu-kvm.default: defaults for
1922+ /etc/default/qemu-kvm
1923+ - d/rules: install /etc/default/qemu-kvm
1924+ - Enable nesting by default
1925+ - set nested=1 module option on intel. (is default on amd)
1926+ - re-load kvm_intel.ko if it was loaded without nested=1
1927+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1928+ in qemu64 cpu type.
1929+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1930+ in qemu64 on amd
1931+ - libvirt/qemu user/group support
1932+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1933+ trigger.
1934+ - qemu-system-common.preinst: add kvm group if needed
1935+ - Distribution specific machine type
1936+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1937+ types to ease future live vm migration.
1938+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1939+ - improved dependencies
1940+ - Make qemu-system-common depend on qemu-block-extra
1941+ - Make qemu-utils depend on qemu-block-extra
1942+ - let qemu-utils recommend sharutils
1943+ - s390x support
1944+ - Create qemu-system-s390x package
1945+ - Include s390-ccw.img firmware
1946+ - Enable numa support for s390x
1947+ - ppc64[le] support
1948+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
1949+ - Enable seccomp for ppc64el
1950+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
1951+ - arch aware kvm wrappers
1952+ - update VCS-git to match the Artful branch
1953+ - disable missing x32 architecture
1954+ - d/rules: or32 is now named or1k (since 4a09d0bb)
1955+ - d/qemu-system-common.docs: new paths since (ac06724a)
1956+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
1957+ by qapi-schema.json which is already packaged (since 4d8bb958)
1958+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
1959+ to Debian patch to match qemu 2.10)
1960+ - s390x package now builds correctly on all architectures (LP 1710695)
1961+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
1962+ since 8508eee7
1963+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
1964+ - make nios2/hppa not installed explicitly until further stablized
1965+ - d/qemu-guest-agent.install: add the new guest agent reference man page
1966+ qemu-ga-ref
1967+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
1968+ along the qapi intro
1969+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
1970+ dh_missing that are already provided in other formats qemu-doc,
1971+ qemu-qmp-ref,qemu-ga-ref
1972+
1973+
1974+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Sep 2017 08:31:26 +0200
1975+
1976+qemu (1:2.10~rc4+dfsg-0ubuntu1) artful; urgency=medium
1977+
1978+ * Merge with Upstream 2.10-rc4; This fixes a migration issue (LP: #1711602);
1979+ Remaining changes:
1980+ - qemu-kvm to systemd unit
1981+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1982+ hugepages and architecture specifics
1983+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1984+ - d/qemu-system-common.install: install systemd unit and helper script
1985+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1986+ - d/qemu-system-common.qemu-kvm.default: defaults for
1987+ /etc/default/qemu-kvm
1988+ - d/rules: install /etc/default/qemu-kvm
1989+ - Enable nesting by default
1990+ - set nested=1 module option on intel. (is default on amd)
1991+ - re-load kvm_intel.ko if it was loaded without nested=1
1992+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1993+ in qemu64 cpu type.
1994+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1995+ in qemu64 on amd
1996+ - libvirt/qemu user/group support
1997+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1998+ trigger.
1999+ - qemu-system-common.preinst: add kvm group if needed
2000+ - Distribution specific machine type
2001+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2002+ types to ease future live vm migration.
2003+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2004+ - improved dependencies
2005+ - Make qemu-system-common depend on qemu-block-extra
2006+ - Make qemu-utils depend on qemu-block-extra
2007+ - let qemu-utils recommend sharutils
2008+ - s390x support
2009+ - Create qemu-system-s390x package
2010+ - Include s390-ccw.img firmware
2011+ - Enable numa support for s390x
2012+ - ppc64[le] support
2013+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2014+ - Enable seccomp for ppc64el
2015+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2016+ - arch aware kvm wrappers
2017+ - update VCS-git to match the Artful branch
2018+ - disable missing x32 architecture
2019+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2020+ - d/qemu-system-common.docs: new paths since (ac06724a)
2021+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2022+ by qapi-schema.json which is already packaged (since 4d8bb958)
2023+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2024+ to Debian patch to match qemu 2.10)
2025+ - s390x package now builds correctly on all architectures (LP 1710695)
2026+ * Added changes:
2027+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2028+ since 8508eee7
2029+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2030+ - make nios2/hppa not installed explicitly until further stablized
2031+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2032+ qemu-ga-ref
2033+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2034+ along the qapi intro
2035+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2036+ dh_missing that are already provided in other formats qemu-doc,
2037+ qemu-qmp-ref,qemu-ga-ref
2038+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update to match new
2039+ changes in 2.10-rc4
2040+
2041+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 25 Aug 2017 07:49:30 +0200
2042+
2043+qemu (1:2.10~rc3+dfsg-0ubuntu1) artful; urgency=medium
2044+
2045+ * Merge with Debian unstable (2.8) and Upstream 2.10-rci3; This fixes
2046+ a set of bugs
2047+ - [FFE] Qemu 2.10 in Artful (LP: #1699968)
2048+ - CPU hot unplug fails after migrating a CPU hotplugged guest
2049+ from source (LP: #1677552)
2050+ - [Feature] KNL/KNM: Numa Distance on KVM(LP: #1647902)
2051+ - New KVM 288 Pass Through (LP: #1672447)
2052+ - aarch64: MSI is not supported by interrupt controller (LP: #1706630)
2053+ * Remaining changes:
2054+ - qemu-kvm to systemd unit
2055+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2056+ hugepages and architecture specifics
2057+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2058+ - d/qemu-system-common.install: install systemd unit and helper script
2059+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2060+ - d/qemu-system-common.qemu-kvm.default: defaults for
2061+ /etc/default/qemu-kvm
2062+ - d/rules: install /etc/default/qemu-kvm
2063+ - Enable nesting by default
2064+ - set nested=1 module option on intel. (is default on amd)
2065+ - re-load kvm_intel.ko if it was loaded without nested=1
2066+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2067+ in qemu64 cpu type.
2068+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2069+ in qemu64 on amd
2070+ - libvirt/qemu user/group support
2071+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2072+ trigger.
2073+ - qemu-system-common.preinst: add kvm group if needed
2074+ - Distribution specific machine type
2075+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2076+ types to ease future live vm migration.
2077+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2078+ - improved dependencies
2079+ - Make qemu-system-common depend on qemu-block-extra
2080+ - Make qemu-utils depend on qemu-block-extra
2081+ - let qemu-utils recommend sharutils
2082+ - s390x support
2083+ - Create qemu-system-s390x package
2084+ - Include s390-ccw.img firmware
2085+ - Enable numa support for s390x
2086+ - ppc64[le] support
2087+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2088+ - Enable seccomp for ppc64el
2089+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2090+ - arch aware kvm wrappers
2091+ - disable missing x32 architecture
2092+ - update VCS links
2093+ * Added changes
2094+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2095+ - d/qemu-system-common.docs: new paths since (ac06724a)
2096+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2097+ by qapi-schema.json which is already packaged (since 4d8bb958)
2098+ - Updates in debian/patches to match qemu 2.10
2099+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream
2100+ - d/p/ubuntu/enable-svm-by-default.patch: target-i386 -> target/i386
2101+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: target-i386 -> target/i386
2102+ - d/p/ubuntu/define-ubuntu-machine-types.patch: new 2.10 ubuntu types
2103+ - update VCS-git to match the Artful branch
2104+ - s390x package now builds correctly on all architectures (LP: #1710695)
2105+ * Dropped changes (integrated upstream):
2106+ - d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
2107+ "spapr/pci: populate PCI DT in reverse order" (LP 1670481).
2108+ - All CVE fixes formerly applied are upstream and thereby dropped.
2109+
2110+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Aug 2017 16:59:19 +0200
2111+
2112 qemu (1:2.8+dfsg-7) unstable; urgency=medium
2113
2114 * uploading to unstable all fixes which went to stretch-security
2115@@ -1042,6 +3069,179 @@ qemu (1:2.8+dfsg-4) unstable; urgency=high
2116
2117 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 03 Apr 2017 16:28:49 +0300
2118
2119+qemu (1:2.8+dfsg-3ubuntu4) artful; urgency=medium
2120+
2121+ * debian/rules: fix installation of /etc/default/qemu-kvm (LP: #1692530)
2122+ This was inadvertently dropped on 2.8 merge.
2123+
2124+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 May 2017 15:45:58 +0200
2125+
2126+qemu (1:2.8+dfsg-3ubuntu3) artful; urgency=medium
2127+
2128+ * SECURITY UPDATE: denial of service via leak in virtFS
2129+ - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in
2130+ hw/9pfs/9p.c.
2131+ - CVE-2017-7377
2132+ * SECURITY UPDATE: denial of service in cirrus_vga
2133+ - debian/patches/CVE-2017-7718.patch: check parameters in
2134+ hw/display/cirrus_vga_rop.h.
2135+ - CVE-2017-7718
2136+ * SECURITY UPDATE: code execution via cirrus_vga OOB r/w
2137+ - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in
2138+ hw/display/cirrus_vga.c.
2139+ - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in
2140+ hw/display/cirrus_vga.c.
2141+ - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling
2142+ in hw/display/cirrus_vga.c.
2143+ - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in
2144+ hw/display/cirrus_vga.c.
2145+ - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch
2146+ in hw/display/cirrus_vga.c.
2147+ - debian/patches/CVE-2017-7980-6.patch: stop passing around dst
2148+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
2149+ hw/display/cirrus_vga_rop2.h.
2150+ - debian/patches/CVE-2017-7980-7.patch: stop passing around src
2151+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
2152+ hw/display/cirrus_vga_rop2.h.
2153+ - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in
2154+ hw/display/cirrus_vga_rop.h.
2155+ - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in
2156+ hw/display/cirrus_vga.c.
2157+ - CVE-2017-7980
2158+ * SECURITY UPDATE: denial of service via memory leak in virtFS
2159+ - debian/patches/CVE-2017-8086.patch: fix leak in hw/9pfs/9p-xattr.c.
2160+ - CVE-2017-8086
2161+ * SECURITY UPDATE: denial of service via leak in audio
2162+ - debian/patches/CVE-2017-8309.patch: release capture buffers in
2163+ audio/audio.c.
2164+ - CVE-2017-8309
2165+ * SECURITY UPDATE: denial of service via leak in keyboard
2166+ - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in
2167+ ui/input.c.
2168+ - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in
2169+ ui/input.c.
2170+ - CVE-2017-8379
2171+
2172+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 18 May 2017 09:20:54 -0400
2173+
2174+qemu (1:2.8+dfsg-3ubuntu2.1) zesty-security; urgency=medium
2175+
2176+ * SECURITY UPDATE: DoS in virtio GPU device
2177+ - debian/patches/CVE-2016-10028.patch: check virgl capabilities
2178+ max_size in hw/display/virtio-gpu-3d.c.
2179+ - CVE-2016-10028
2180+ * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation
2181+ - debian/patches/CVE-2016-8667.patch: limit interval timer reload value
2182+ in hw/dma/rc4030.c.
2183+ - CVE-2016-8667
2184+ * SECURITY UPDATE: host filesystem access via virtFS
2185+ - debian/patches/CVE-2016-9602.patch: don't follow symlinks in
2186+ hw/9pfs/*.
2187+ - CVE-2016-9602
2188+ * SECURITY UPDATE: arbitrary code execution via Cirrus VGA
2189+ - debian/patches/CVE-2016-9603.patch: remove bitblit support from
2190+ console code in hw/display/cirrus_vga.c, include/ui/console.h,
2191+ ui/console.c, ui/vnc.c.
2192+ - CVE-2016-9603
2193+ * SECURITY UPDATE: information leak in virtio GPU device
2194+ - debian/patches/CVE-2016-9908.patch: properly clear out memory in
2195+ hw/display/virtio-gpu-3d.c.
2196+ - CVE-2016-9908
2197+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2198+ - debian/patches/CVE-2016-9912.patch: properly free memory in
2199+ hw/display/virtio-gpu.c.
2200+ - CVE-2016-9912
2201+ * SECURITY UPDATE: DoS via virtFS
2202+ - debian/patches/CVE-2016-9914.patch: add cleanup operations to
2203+ fsdev/file-op-9p.h, hw/9pfs/9p.c.
2204+ - CVE-2016-9914
2205+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2206+ - debian/patches/CVE-2017-5552.patch: check return value in
2207+ hw/display/virtio-gpu-3d.c.
2208+ - CVE-2017-5552
2209+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2210+ - debian/patches/CVE-2017-5578.patch: check res->iov in
2211+ hw/display/virtio-gpu.c.
2212+ - CVE-2017-5578
2213+ * SECURITY UPDATE: DoS via infinite loop in SDHCI device emulation
2214+ - debian/patches/CVE-2017-5987-*.patch: fix transfer mode register
2215+ handling in hw/sd/sdhci.c.
2216+ - CVE-2017-5987
2217+ * SECURITY UPDATE: DoS via infinite loop in USB OHCI emulation
2218+ - debian/patches/CVE-2017-6505.patch: limit the number of link eds in
2219+ hw/usb/hcd-ohci.c.
2220+ - CVE-2017-6505
2221+
2222+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 24 Apr 2017 07:30:11 -0400
2223+
2224+qemu (1:2.8+dfsg-3ubuntu2) zesty; urgency=medium
2225+
2226+ * d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
2227+ "spapr/pci: populate PCI DT in reverse order" (LP: #1670481).
2228+
2229+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2017 09:23:08 +0100
2230+
2231+qemu (1:2.8+dfsg-3ubuntu1) zesty; urgency=medium
2232+
2233+ * Merge with Debian;
2234+ This fixes several CVEs that were reported against qemu 2.8 and also
2235+ includes a few important functional backports (LP: #1667033); remaining
2236+ changes:
2237+ - add qemu-kvm init script and defaults file
2238+ (d/qemu-system-common.qemu-kvm.*)
2239+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
2240+ modules and handling /etc/default/qemu-kvm
2241+ - qemu-system-common.preinst: add kvm group if needed
2242+ - Enable nesting by default on intel.
2243+ - set default module option
2244+ - re-load kvm_intel.ko if it was loaded without nested=1
2245+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
2246+ default in qemu64 cpu type.
2247+ - Enable svm by default for qemu64 on amd
2248+ - d/p/ubuntu/define-ubuntu-machine-types.patch, d/qemu-system-x86.NEWS:
2249+ define distro machine types to ease future live vm migration (includes
2250+ all former follow up fixes).
2251+ - Make qemu-system-common depend on qemu-block-extra
2252+ - Make qemu-utils depend on qemu-block-extra
2253+ - s390x support
2254+ - Create qemu-system-s390x package
2255+ - Include s390-ccw.img firmware
2256+ - qemu-system-common.postinst:
2257+ - change acl placed by udev, and add udevadm trigger.
2258+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
2259+ - Several changes were applied but missing in the changelog so far
2260+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2261+ - arch aware kvm wrapper
2262+ - update VCS links
2263+ - let qemu-utils recommend sharutils
2264+ - disable x32 architecture
2265+ - Enable seccomp for ppc64el
2266+ - Enable numa support for s390x
2267+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
2268+ init.d-script-missing-dependency-on-remote_fs
2269+ - d/qemu-system-common.postinst: fix lintian error type
2270+ command-with-path-in-maintainer-script
2271+ - Transition qemu-kvm to a systemd unit
2272+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
2273+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
2274+ that it shows up where the user expects (sytemctl status, kvm stdout)
2275+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
2276+ - add arch aware kvm wrapper for s390x
2277+ * Dropped Changes (in Debian now):
2278+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
2279+ - d/control-in: change dependencies for fix of wrong acl for newly
2280+ created device node on ubuntu
2281+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
2282+ relationship, but qemu-efi is still in universe right now.
2283+ - Disable glusterfs (Universe dependency)
2284+ - no more skip disable libiscsi on Ubuntu
2285+ - d/rules, d/control-in: avoid people editing d/control
2286+ * Added Changes:
2287+ - d/control: bump libseccomp-dev dependency as enabling libseccomp for
2288+ power makes 2.3 the minimum level.
2289+
2290+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 01 Mar 2017 14:23:16 +0100
2291+
2292 qemu (1:2.8+dfsg-3) unstable; urgency=high
2293
2294 * urgency high due to security fixes
2295@@ -1102,6 +3302,90 @@ qemu (1:2.8+dfsg-3) unstable; urgency=high
2296
2297 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 28 Feb 2017 11:40:18 +0300
2298
2299+qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=medium
2300+
2301+ * Merge with Debian; remaining changes:
2302+ - add qemu-kvm init script and defaults file
2303+ (d/qemu-system-common.qemu-kvm.*)
2304+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
2305+ modules and handling /etc/default/qemu-kvm
2306+ - qemu-system-common.preinst: add kvm group if needed
2307+ - Enable nesting by default on intel.
2308+ - set default module option
2309+ - re-load kvm_intel.ko if it was loaded without nested=1
2310+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
2311+ default in qemu64 cpu type.
2312+ - Enable svm by default for qemu64 on amd
2313+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2314+ types to ease future live vm migration.
2315+ - Make qemu-system-common depend on qemu-block-extra
2316+ - Make qemu-utils depend on qemu-block-extra
2317+ - s390x support
2318+ - Create qemu-system-s390x package
2319+ - Include s390-ccw.img firmware
2320+ - qemu-system-common.postinst:
2321+ - change acl placed by udev, and add udevadm trigger.
2322+ - d/control-in: change dependencies for fix of wrong acl for newly
2323+ created device node on ubuntu
2324+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
2325+ relationship, but qemu-efi is still in universe right now.
2326+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
2327+ - Several changes were applied but missing in the changelog so far
2328+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2329+ - arch aware kvm wrapper
2330+ - update VCS links
2331+ - no more skip disable libiscsi on Ubuntu
2332+ - let qemu-utils recommend sharutils
2333+ - disable x32 architecture
2334+ * Dropped Changes:
2335+ - Several changes were applied but missing in the changelog so far
2336+ but are no more needed
2337+ - no pie for relocatable LD calls, with toolchain defaulting to
2338+ pie (fixed upstream)
2339+ - enable libnuma-dev (now in Debian)
2340+ - transition for moved init scripts (can be dropped after LTS
2341+ containing >=2.5 which is Xenial)
2342+ - --enable-seccomp related whitespace change (had no effect)
2343+ - apport hook for qemu source package (In Debian)
2344+ - add upstart script (d/qemu-system-common.qemu-kvm.upstart)
2345+ - d/qemu-system-x86.maintscript: transition off of
2346+ /etc/init.d/qemu-system-x86 (can be dropped after Xenial)
2347+ - Enable pie by default, on ubuntu/s390x. (Is the default since
2348+ >=Xenial, no cloud archive backport <=Xenial to consider)
2349+ - no pie for relocatable LD calls (fixed upstream in commit
2350+ 7ecf44a5)
2351+ - CVEs: CVE-2016-5403, CVE-2016-6351, CVE-2016-6490 (now Upstream)
2352+ - Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
2353+ (Improved fix included by upstream)
2354+ - Enable GPU Passthru for ppc64le (is upstream in qemu 2.7)
2355+ - Fixed wrong migration blocker when vhost is used (is upstream in
2356+ qemu 2.8)
2357+ * Added Changes:
2358+ - d/rules, d/control-in: avoid people editing d/control by warning
2359+ header and non writable permissions
2360+ - fixed moving trusty machine type definition which made it
2361+ ambiguous (LP: #1641532)
2362+ - d/qemu-system-x86.NEWS describe the issue
2363+ - Enable seccomp for ppc64el (LP: #1644639)
2364+ - Enable numa support for s390x
2365+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
2366+ init.d-script-missing-dependency-on-remote_fs
2367+ - d/qemu-system-common.postinst: fix lintian error type
2368+ command-with-path-in-maintainer-script
2369+ - Transition qemu-kvm to a systemd unit
2370+ - Disable glusterfs (Universe dependency)
2371+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
2372+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
2373+ that it shows up where the user expects (sytemctl status, kvm stdout)
2374+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
2375+ - add arch aware kvm wrapper for s390x
2376+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
2377+ - Enable DDW in Yakkety machine type because "Enable GPU Passthru for
2378+ ppc64le" was released as part of qemu 2.6 (can be dropped at 18.10,
2379+ merged in d/p/ubuntu/define-ubuntu-machine-types.patch)
2380+
2381+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Jan 2017 16:27:11 +0100
2382+
2383 qemu (1:2.8+dfsg-2) unstable; urgency=medium
2384
2385 * Revert "update binfmt registration for mipsn32"
2386@@ -1220,6 +3504,67 @@ qemu (1:2.7+dfsg-1) unstable; urgency=medium
2387
2388 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 14 Oct 2016 13:31:40 +0300
2389
2390+qemu (1:2.6.1+dfsg-0ubuntu5) yakkety; urgency=medium
2391+
2392+ * No-change rebuild to compile against new libxen version.
2393+
2394+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 30 Sep 2016 14:24:37 +0200
2395+
2396+qemu (1:2.6.1+dfsg-0ubuntu4) yakkety; urgency=medium
2397+
2398+ * retain older xenial machine type to avoid issues starting guests
2399+ created on xenial prior to the SRU for bug 1621042. In that regard the old
2400+ broken xenial machine type and the new fixed one have both to be considered
2401+ as valid LTS machine types (LP: #1626070).
2402+
2403+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Sep 2016 14:57:09 +0200
2404+
2405+qemu (1:2.6.1+dfsg-0ubuntu3) yakkety; urgency=medium
2406+
2407+ * fix default ubuntu machine types. (LP: #1621042)
2408+ - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch
2409+ - remove double default and double ubuntu alias
2410+ - drop former devel releases utopic, vivid, wily
2411+ - add xenial and yakkety machine types
2412+ - add q35 based ubuntu machine type starting at xenial
2413+ - add ubuntu machine types on ppc64el and s390x starting at xenial
2414+
2415+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2016 07:50:50 +0200
2416+
2417+qemu (1:2.6.1+dfsg-0ubuntu2) yakkety; urgency=medium
2418+
2419+ * Enable GPU Passthru for ppc64le (LP: #1541902)
2420+ - 0001-spapr-ensure-device-trees-are-always-associated-with.patch
2421+ - 0002-spapr_pci-Use-correct-DMA-LIOBN-when-composing-the-d.patch
2422+ - 0003-spapr_iommu-Finish-renaming-vfio_accel-to-need_vfio.patch
2423+ - 0004-spapr_iommu-Move-table-allocation-to-helpers.patch
2424+ - 0005-vmstate-Define-VARRAY-with-VMS_ALLOC.patch
2425+ - 0006-spapr_iommu-Introduce-enabled-state-for-TCE-table.patch
2426+ - 0007-spapr_iommu-Migrate-full-state.patch
2427+ - 0008-spapr_iommu-Add-root-memory-region.patch
2428+ - 0009-spapr_pci-Reset-DMA-config-on-PHB-reset.patch
2429+ - 0010-spapr_pci-Add-and-export-DMA-resetting-helper.patch
2430+ - 0011-memory-Add-reporting-of-supported-page-sizes.patch
2431+ - 0012-memory-Add-MemoryRegionIOMMUOps.notify_started-stopp.patch
2432+ - 0013-intel_iommu-Throw-hw_error-on-notify_started.patch
2433+ - 0014-spapr_iommu-Realloc-guest-visible-TCE-table-when-sta.patch
2434+ - 0015-vfio-spapr-Add-DMA-memory-preregistering-SPAPR-IOMMU.patch
2435+ - 0016-vfio-Add-host-side-DMA-window-capabilities.patch
2436+ - 0017-vfio-spapr-Create-DMA-window-dynamically-SPAPR-IOMMU.patch
2437+ - 0018-spapr_pci-spapr_pci_vfio-Support-Dynamic-DMA-Windows.patch
2438+ - 0019-vfio-spapr-Remove-stale-ioctl-call.patch
2439+ - 0020-spapr-Fix-undefined-behaviour-in-spapr_tce_reset.patch
2440+ - 0021-memory-Fix-IOMMU-replay-base-address.patch
2441+
2442+ -- Jon Grimm <jon.grimm@canonical.com> Fri, 16 Sep 2016 14:14:47 -0500
2443+
2444+qemu (1:2.6.1+dfsg-0ubuntu1) yakkety; urgency=medium
2445+
2446+ * New upstream release. LP: #1617055.
2447+ * Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
2448+
2449+ -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 09 Sep 2016 23:33:57 +0100
2450+
2451 qemu (1:2.6+dfsg-3.1) unstable; urgency=high
2452
2453 * Non-maintainer upload.
2454@@ -1253,6 +3598,55 @@ qemu (1:2.6+dfsg-3.1) unstable; urgency=high
2455
2456 -- Andrew James <ajames@hpe.com> Wed, 14 Sep 2016 00:56:18 -0600
2457
2458+qemu (1:2.6+dfsg-3ubuntu2) yakkety; urgency=medium
2459+
2460+ * SECURITY UPDATE: DoS via unbounded memory allocation
2461+ - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c.
2462+ - CVE-2016-5403
2463+ * SECURITY UPDATE: oob write access while reading ESP command
2464+ - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for
2465+ maximum CDB size and handle migration in hw/scsi/esp.c,
2466+ include/hw/scsi/esp.h, include/migration/vmstate.h.
2467+ - CVE-2016-6351
2468+ * SECURITY UPDATE: infinite loop in virtqueue_pop
2469+ - debian/patches/CVE-2016-6490.patch: check vring descriptor buffer
2470+ length in hw/virtio/virtio.c.
2471+ - CVE-2016-6490
2472+
2473+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 03 Aug 2016 08:36:16 -0400
2474+
2475+qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium
2476+
2477+ * Merge with Debian; remaining changes:
2478+ - debian/rules: do not drop the init scripts loading kvm modules
2479+ (still needed in precise in cloud archive)
2480+ - qemu-system-common.postinst:
2481+ * remove acl placed by udev, and add udevadm trigger.
2482+ * reload kvm_intel if needed to set nested=1
2483+ - qemu-system-common.preinst: add kvm group if needed
2484+ - add qemu-kvm upstart job and defaults file (rules,
2485+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2486+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2487+ do not auto-load the kvm kernel module. Enable nesting by default
2488+ on intel.
2489+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2490+ in qemu64 cpu type.
2491+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2492+ types to ease future live vm migration.
2493+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2494+ d/qemu-system-common.install
2495+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2496+ to fix errors with missing block backends.
2497+ - s390x:
2498+ * Create qemu-system-s390x package
2499+ * Enable pie by default, on ubuntu/s390x.
2500+ * Enable svm by default for qemu64 on amd
2501+ * Include s390-ccw.img firmware
2502+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2503+ relationship, but qemu-efi is still in universe right now.
2504+
2505+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Jun 2016 16:49:49 -0500
2506+
2507 qemu (1:2.6+dfsg-3) unstable; urgency=high
2508
2509 * more security fixes picked from upstream:
2510@@ -1306,6 +3700,39 @@ qemu (1:2.6+dfsg-2) unstable; urgency=medium
2511
2512 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 13 Jun 2016 12:10:44 +0300
2513
2514+qemu (1:2.6+dfsg-1ubuntu1) yakkety; urgency=medium
2515+
2516+ * Merge with Debian; remaining changes: (LP: #1583775)
2517+ - debian/rules: do not drop the init scripts loading kvm modules
2518+ (still needed in precise in cloud archive)
2519+ - qemu-system-common.postinst:
2520+ * remove acl placed by udev, and add udevadm trigger.
2521+ * reload kvm_intel if needed to set nested=1
2522+ - qemu-system-common.preinst: add kvm group if needed
2523+ - add qemu-kvm upstart job and defaults file (rules,
2524+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2525+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2526+ do not auto-load the kvm kernel module. Enable nesting by default
2527+ on intel.
2528+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2529+ in qemu64 cpu type.
2530+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2531+ types to ease future live vm migration.
2532+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2533+ d/qemu-system-common.install
2534+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2535+ to fix errors with missing block backends. (LP: #1495895)
2536+ - s390x:
2537+ * Create qemu-system-s390x package
2538+ * Enable pie by default, on ubuntu/s390x.
2539+ * Enable svm by default for qemu64 on amd
2540+ * Include s390-ccw.img firmware
2541+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2542+ relationship, but qemu-efi is still in universe right now.
2543+ * Drop patches which have been applied upstream:
2544+
2545+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 19 May 2016 12:11:36 -0500
2546+
2547 qemu (1:2.6+dfsg-1) unstable; urgency=medium
2548
2549 * new upstream release
2550@@ -1343,6 +3770,106 @@ qemu (1:2.6+dfsg-1) unstable; urgency=medium
2551
2552 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 18 May 2016 14:44:14 +0300
2553
2554+qemu (1:2.5+dfsg-5ubuntu12) yakkety; urgency=medium
2555+
2556+ * Cherrypick upstream patches to support the query-gic-version QMP command
2557+ (LP: #1566564)
2558+
2559+ -- dann frazier <dannf@ubuntu.com> Tue, 05 Apr 2016 16:56:11 -0600
2560+
2561+qemu (1:2.5+dfsg-5ubuntu11) yakkety; urgency=medium
2562+
2563+ [Stefan Bader]
2564+ * Enable svm by default for qemu64 on amd (LP: #1561019)
2565+
2566+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Apr 2016 16:53:55 -0500
2567+
2568+qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium
2569+
2570+ * qemu-system-s390x only available on s390x, so qemu-system should only
2571+ depend on it on this arch.
2572+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2573+ relationship, but qemu-efi is still in universe right now.
2574+
2575+ -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 19 Apr 2016 13:41:37 -0700
2576+
2577+qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium
2578+
2579+ * And actually ship the right things in qemu-system-s390x.
2580+
2581+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 19 Apr 2016 16:49:00 +0100
2582+
2583+qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium
2584+
2585+ * Create qemu-system-s390x package on ubuntu only.
2586+
2587+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 18 Apr 2016 10:16:19 +0100
2588+
2589+qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium
2590+
2591+ * Cherrypick patch from mailing list to fix qemu in sandbox. (LP: #1560149)
2592+
2593+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Apr 2016 15:13:06 -0500
2594+
2595+qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium
2596+
2597+ * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch
2598+ (LP: #1556306)
2599+
2600+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 16 Mar 2016 16:35:22 -0700
2601+
2602+qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium
2603+
2604+ * Cherrypick upstream patch to fix snapshot regression (LP: #1533728)
2605+
2606+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 07 Mar 2016 18:53:34 -0800
2607+
2608+qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium
2609+
2610+ * d/control{-in}: Re-generate and build with libiscsi-dev now
2611+ that its in Ubuntu main (LP: #1271653).
2612+
2613+ -- James Page <james.page@ubuntu.com> Wed, 24 Feb 2016 17:59:13 +0000
2614+
2615+qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium
2616+
2617+ * Make -no-pie conditional, on $(CC) supporting -no-pie flag.
2618+
2619+ -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 24 Feb 2016 14:40:19 +0000
2620+
2621+qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium
2622+
2623+ * No-change rebuild for gnutls transition.
2624+
2625+ -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:27:20 +0000
2626+
2627+qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium
2628+
2629+ * Merge with Debian; remaining changes:
2630+ - debian/rules: do not drop the init scripts loading kvm modules
2631+ (still needed in precise in cloud archive)
2632+ - qemu-system-common.postinst:
2633+ * remove acl placed by udev, and add udevadm trigger.
2634+ * reload kvm_intel if needed to set nested=1
2635+ - qemu-system-common.preinst: add kvm group if needed
2636+ - add qemu-kvm upstart job and defaults file (rules,
2637+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2638+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2639+ do not auto-load the kvm kernel module. Enable nesting by default
2640+ on intel.
2641+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2642+ in qemu64 cpu type.
2643+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2644+ types to ease future live vm migration.
2645+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2646+ d/qemu-system-common.install
2647+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2648+ to fix errors with missing block backends. (LP: #1495895)
2649+ - Enable pie by default, on ubuntu/s390x.
2650+ - Include s390-ccw.img firmware.
2651+
2652+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Feb 2016 10:24:49 -0800
2653+
2654 qemu (1:2.5+dfsg-5) unstable; urgency=medium
2655
2656 * fix misspellings in previous debian/changelog entry
2657@@ -1400,6 +3927,113 @@ qemu (1:2.5+dfsg-2) unstable; urgency=high
2658
2659 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 09 Jan 2016 21:40:43 +0300
2660
2661+qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium
2662+
2663+ * SECURITY UPDATE: paravirtualized drivers incautious about shared memory
2664+ contents
2665+ - debian/patches/CVE-2015-8550-1.patch: avoid double access in
2666+ hw/block/xen_blkif.h.
2667+ - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in
2668+ hw/display/xenfb.c.
2669+ - CVE-2015-8550
2670+ * SECURITY UPDATE: infinite loop in ehci_advance_state
2671+ - debian/patches/CVE-2015-8558.patch: make idt processing more robust
2672+ in hw/usb/hcd-ehci.c.
2673+ - CVE-2015-8558
2674+ * SECURITY UPDATE: host memory leakage in vmxnet3
2675+ - debian/patches/CVE-2015-856x.patch: avoid memory leakage in
2676+ hw/net/vmxnet3.c.
2677+ - CVE-2015-8567
2678+ - CVE-2015-8568
2679+ * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info
2680+ - debian/patches/CVE-2015-8613.patch: initialise info object with
2681+ appropriate size in hw/scsi/megasas.c.
2682+ - CVE-2015-8613
2683+ * SECURITY UPDATE: DoS via Human Monitor Interface
2684+ - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write
2685+ in hmp.c, include/ui/console.h, ui/input-legacy.c.
2686+ - CVE-2015-8619
2687+ * SECURITY UPDATE: incorrect array bounds check in rocker
2688+ - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds
2689+ check in hw/net/rocker/rocker.c.
2690+ - CVE-2015-8701
2691+ * SECURITY UPDATE: ne2000 OOB r/w in ioport operations
2692+ - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport
2693+ operations in hw/net/ne2000.c.
2694+ - CVE-2015-8743
2695+ * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands
2696+ - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on
2697+ error in hw/ide/ahci.c.
2698+ - CVE-2016-1568
2699+ * SECURITY UPDATE: DoS via null pointer dereference in vapic_write()
2700+ - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in
2701+ hw/i386/kvmvapic.c.
2702+ - CVE-2016-1922
2703+ * SECURITY UPDATE: e1000 infinite loop
2704+ - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on
2705+ out-of-bounds transfer start in hw/net/e1000.c
2706+ - CVE-2016-1981
2707+ * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB
2708+ engines
2709+ - debian/patches/CVE-2016-2197.patch: add check before calling
2710+ dma_memory_unmap in hw/ide/ahci.c.
2711+ - CVE-2016-2197
2712+ * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write
2713+ - debian/patches/CVE-2016-2198.patch: add capability mmio write
2714+ function in hw/usb/hcd-ehci.c.
2715+ - CVE-2016-2198
2716+
2717+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 01 Feb 2016 09:39:01 -0500
2718+
2719+qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium
2720+
2721+ * debian/qemu-kvm-init: Call systemd-detect-virt instead of the
2722+ Ubuntu specific running-in-container wrapper. (LP: #1539016)
2723+
2724+ -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 28 Jan 2016 13:24:51 +0100
2725+
2726+qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high
2727+
2728+ * Include s390-ccw.img firmware.
2729+
2730+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 12 Jan 2016 15:53:43 +0000
2731+
2732+qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium
2733+
2734+ * Place qemu-kvm.defaults file in qemu-system-common, next to the init
2735+ scripts. Fix the comparison operator when checking KVM_HUGEPAGES.
2736+ Thanks Simon. (LP: #1531191)
2737+
2738+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 06 Jan 2016 09:45:37 -0800
2739+
2740+qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium
2741+
2742+ * Merge with Debian; remaining changes:
2743+ - debian/rules: do not drop the init scripts loading kvm modules
2744+ (still needed in precise in cloud archive)
2745+ - qemu-system-common.postinst:
2746+ * remove acl placed by udev, and add udevadm trigger.
2747+ * reload kvm_intel if needed to set nested=1
2748+ - qemu-system-common.preinst: add kvm group if needed
2749+ - add qemu-kvm upstart job and defaults file (rules,
2750+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2751+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2752+ do not auto-load the kvm kernel module. Enable nesting by default
2753+ on intel.
2754+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2755+ in qemu64 cpu type.
2756+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2757+ types to ease future live vm migration.
2758+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2759+ d/qemu-system-common.install
2760+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2761+ to fix errors with missing block backends. (LP: #1495895)
2762+ - Enable pie by default, on ubuntu/s390x.
2763+ * Drop vGICv3 support patches - all is now upstream
2764+ * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191)
2765+
2766+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Jan 2016 15:42:50 -0800
2767+
2768 qemu (1:2.5+dfsg-1) unstable; urgency=medium
2769
2770 * new upstream release
2771@@ -1426,6 +4060,49 @@ qemu (1:2.5+dfsg-1) unstable; urgency=medium
2772
2773 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 16 Dec 2015 20:00:04 +0300
2774
2775+qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high
2776+
2777+ * Enable pie by default, on ubuntu/s390x.
2778+
2779+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 07 Dec 2015 16:04:16 +0000
2780+
2781+qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium
2782+
2783+ * undo the libseccomp delta from debian. libseccomp is indeed available
2784+ on other arches, but we need qemu's configure script to be fixed before
2785+ we can use it on anything other than amd64|i386. Fixes FTBFS.
2786+ (LP: #1522531)
2787+
2788+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 03 Dec 2015 12:44:46 -0600
2789+
2790+qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium
2791+
2792+ * Merge with Debian; remaining changes:
2793+ - Update the ubuntu machine types patch to reflect upstream churn
2794+ - debian/rules: do not drop the init scripts loading kvm modules
2795+ (still needed in precise in cloud archive)
2796+ - qemu-system-common.postinst:
2797+ * remove acl placed by udev, and add udevadm trigger.
2798+ * reload kvm_intel if needed to set nested=1
2799+ - qemu-system-common.preinst: add kvm group if needed
2800+ - add qemu-kvm upstart job and defaults file (rules,
2801+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2802+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2803+ do not auto-load the kvm kernel module. Enable nesting by default
2804+ on intel.
2805+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2806+ in qemu64 cpu type.
2807+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
2808+ machine type to ease future live vm migration.
2809+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2810+ d/qemu-system-common.install
2811+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2812+ to fix errors with missing block backends. (LP: #1495895)
2813+ - control-in: build with libseccomp an all architectures
2814+ - Add vGICv3 support
2815+
2816+ -- Matthias Klose <doko@ubuntu.com> Wed, 02 Dec 2015 21:31:36 +0100
2817+
2818 qemu (1:2.4+dfsg-5) unstable; urgency=medium
2819
2820 * trace-remove-malloc-tracing.patch from upstream.
2821@@ -1438,6 +4115,57 @@ qemu (1:2.4+dfsg-5) unstable; urgency=medium
2822
2823 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 29 Nov 2015 12:22:52 +0300
2824
2825+qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium
2826+
2827+ * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
2828+ - debian/patches/CVE-2015-7504.patch: leave room for CRC code in
2829+ hw/net/pcnet.c.
2830+ - CVE-2015-7504
2831+ * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
2832+ - debian/patches/CVE-2015-7512.patch: check packet length in
2833+ hw/net/pcnet.c.
2834+ - CVE-2015-7512
2835+ * SECURITY UPDATE: infinite loop in eepro100
2836+ - debian/patches/CVE-2015-8345.patch: prevent endless loop in
2837+ hw/net/eepro100.c.
2838+ - CVE-2015-8345
2839+
2840+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 01 Dec 2015 13:36:40 -0500
2841+
2842+qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium
2843+
2844+ * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition.
2845+
2846+ -- dann frazier <dann.frazier@canonical.com> Tue, 03 Nov 2015 08:05:46 -0700
2847+
2848+qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium
2849+
2850+ * Merge 2.4 from unstable. Remaining changes:
2851+ - Update the ubuntu machine types patch to reflect upstream churn
2852+ - debian/rules: do not drop the init scripts loading kvm modules
2853+ (still needed in precise in cloud archive)
2854+ - qemu-system-common.postinst:
2855+ * remove acl placed by udev, and add udevadm trigger.
2856+ * reload kvm_intel if needed to set nested=1
2857+ - qemu-system-common.preinst: add kvm group if needed
2858+ - add qemu-kvm upstart job and defaults file (rules,
2859+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2860+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2861+ do not auto-load the kvm kernel module. Enable nesting by default
2862+ on intel.
2863+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2864+ in qemu64 cpu type.
2865+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
2866+ machine type to ease future live vm migration.
2867+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2868+ d/qemu-system-common.install
2869+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2870+ to fix errors with missing block backends. (LP: #1495895)
2871+ - control-in: build with libseccomp an all architectures.
2872+ * Add vGICv3 support
2873+
2874+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 27 Oct 2015 13:28:58 -0500
2875+
2876 qemu (1:2.4+dfsg-4) unstable; urgency=medium
2877
2878 * applied 3 patches from upstream to fix virtio-net
2879@@ -1452,7 +4180,7 @@ qemu (1:2.4+dfsg-3) unstable; urgency=high
2880 fix for Heap overflow vulnerability in ne2000_receive() function
2881 (Closes: #799074 CVE-2015-5279)
2882 * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch
2883- (Closes: #799073 CVE-2015-5278)
2884+ (Closes: #799073 CVE-2015-5278)
2885 * some binfmt reorg:
2886 - extend aarch64 to include one more byte as other arches do
2887 - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize
2888@@ -1504,6 +4232,137 @@ qemu (1:2.3+dfsg-6) unstable; urgency=high
2889
2890 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 11 Jun 2015 20:03:40 +0300
2891
2892+qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium
2893+
2894+ * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466)
2895+
2896+ -- Ryan Harper <ryan.harper@canonical.com> Wed, 21 Oct 2015 08:59:29 -0500
2897+
2898+qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low
2899+
2900+ * debian/patches/upstream-fix-irq-route-entries.patch
2901+ Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed"
2902+ (LP: #1465935)
2903+
2904+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 09 Oct 2015 15:38:53 +0200
2905+
2906+qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium
2907+
2908+ * Build using libseccomp on all architectures.
2909+
2910+ -- Matthias Klose <doko@ubuntu.com> Sat, 03 Oct 2015 21:12:15 +0200
2911+
2912+qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium
2913+
2914+ * SECURITY UPDATE: denial of service via NE2000 driver
2915+ - debian/patches/CVE-2015-5278.patch: fix infinite loop in
2916+ hw/net/ne2000.c.
2917+ - CVE-2015-5278
2918+ * SECURITY UPDATE: denial of service and possible code execution via
2919+ heap overflow in NE2000 driver
2920+ - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in
2921+ hw/net/ne2000.c.
2922+ - CVE-2015-5279
2923+ * SECURITY UPDATE: denial of service via e1000 infinite loop
2924+ - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c.
2925+ - CVE-2015-6815
2926+ * SECURITY UPDATE: denial of service via illegal ATAPI commands
2927+ - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in
2928+ hw/ide/core.c.
2929+ - CVE-2015-6855
2930+
2931+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 23 Sep 2015 15:05:51 -0400
2932+
2933+qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium
2934+
2935+ * Make qemu-system-common and qemu-utils depend on qemu-block-extra
2936+ to fix errors with missing block backends. (LP: #1495895)
2937+ * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655)
2938+ * Apply fix for memory corruption during live-migration in tcg mode
2939+ (LP: #1493049)
2940+ * Apply tracing patch to remove use of custom vtable in newer glibc
2941+ (LP: #1491972)
2942+
2943+ -- Ryan Harper <ryan.harper@canonical.com> Tue, 15 Sep 2015 09:37:23 -0500
2944+
2945+qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium
2946+
2947+ * Import qcow2-handle-eagain-from-update_refcount from upstream
2948+ to fix errors when using qemu-img convert -c. (LP: #1491050)
2949+
2950+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Sep 2015 16:35:56 -0500
2951+
2952+qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium
2953+
2954+ * SECURITY UPDATE: process heap memory disclosure
2955+ - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c.
2956+ - CVE-2015-5165
2957+ * SECURITY UPDATE: privilege escalation via block device unplugging
2958+ - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend
2959+ in hw/ide/piix.c.
2960+ - CVE-2015-5166
2961+ * SECURITY UPDATE: privilege escalation via memory corruption in vnc
2962+ - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply
2963+ limits in ui/vnc.c.
2964+ - CVE-2015-5225
2965+ * SECURITY UPDATE: denial of service via virtio-serial
2966+ - debian/patches/CVE-2015-5745.patch: don't assume a specific layout
2967+ for control messages in hw/char/virtio-serial-bus.c.
2968+ - CVE-2015-5745
2969+
2970+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 25 Aug 2015 09:38:43 -0400
2971+
2972+qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium
2973+
2974+ * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
2975+ - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
2976+ - CVE-2015-3214
2977+ * SECURITY UPDATE: heap overflow when processing ATAPI commands
2978+ - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
2979+ hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
2980+ - CVE-2015-5154
2981+ * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
2982+ - debian/patches/CVE-2015-5158.patch: check length in
2983+ hw/scsi/scsi-bus.c.
2984+ - CVE-2015-5158
2985+
2986+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jul 2015 10:07:05 -0400
2987+
2988+qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium
2989+
2990+ * SECURITY UPDATE: heap overflow in PCNET controller
2991+ - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c.
2992+ - CVE-2015-3209
2993+
2994+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Jun 2015 14:25:05 -0400
2995+
2996+qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium
2997+
2998+ * Merge 1:2.3+dfsg-5 from Debian.
2999+ * Remaining changes:
3000+ - debian/rules: do not drop the init scripts loading kvm modules
3001+ (still needed in precise in cloud archive)
3002+ - qemu-system-common.postinst:
3003+ * remove acl placed by udev, and add udevadm trigger.
3004+ * reload kvm_intel if needed to set nested=1
3005+ - qemu-system-common.preinst: add kvm group if needed
3006+ - add qemu-kvm upstart job and defaults file (rules,
3007+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3008+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3009+ do not auto-load the kvm kernel module. Enable nesting by default
3010+ on intel.
3011+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3012+ in qemu64 cpu type.
3013+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3014+ machine type to ease future live vm migration.
3015+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3016+ d/qemu-system-common.install
3017+ * Refreshed patches:
3018+ - ubuntu/expose-vmx_qemu64cpu.patch
3019+ - ubuntu/define-ubuntu-machine-types.patch
3020+
3021+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 10 Jun 2015 14:28:39 -0500
3022+
3023 qemu (1:2.3+dfsg-5) unstable; urgency=high
3024
3025 * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch
3026@@ -1515,6 +4374,35 @@ qemu (1:2.3+dfsg-5) unstable; urgency=high
3027
3028 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 03 Jun 2015 17:18:58 +0300
3029
3030+qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium
3031+
3032+ * Merge 1:2.3+dfsg-4 from Debian.
3033+ * Remaining changes:
3034+ - debian/rules: do not drop the init scripts loading kvm modules
3035+ (still needed in precise in cloud archive)
3036+ - qemu-system-common.postinst:
3037+ * remove acl placed by udev, and add udevadm trigger.
3038+ * reload kvm_intel if needed to set nested=1
3039+ - qemu-system-common.preinst: add kvm group if needed
3040+ - add qemu-kvm upstart job and defaults file (rules,
3041+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3042+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3043+ do not auto-load the kvm kernel module. Enable nesting by default
3044+ on intel.
3045+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3046+ in qemu64 cpu type.
3047+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3048+ machine type to ease future live vm migration.
3049+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3050+ d/qemu-system-common.install
3051+ * Dropped all patches which are applied upstream
3052+ * Move the upstart jobs to a generic script
3053+ - add new qemu-kvm-init script
3054+ - call that from upstart and sysvrc qemu-kvm scripts
3055+ - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc}
3056+
3057+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 03 Jun 2015 13:36:36 -0500
3058+
3059 qemu (1:2.3+dfsg-4) unstable; urgency=medium
3060
3061 * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch:
3062@@ -1576,6 +4464,98 @@ qemu (1:2.2+dfsg-6exp) experimental; urgency=medium
3063
3064 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 17 Apr 2015 21:54:53 +0300
3065
3066+qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium
3067+
3068+ * SECURITY UPDATE: denial of service in vnc web
3069+ - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket
3070+ frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h.
3071+ - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from
3072+ websockets clients in ui/vnc-ws.c.
3073+ - CVE-2015-1779
3074+ * SECURITY UPDATE: host code execution via floppy device (VEMON)
3075+ - debian/patches/CVE-2015-3456.patch: force the fifo access to be in
3076+ bounds of the allocated buffer in hw/block/fdc.c.
3077+ - CVE-2015-3456
3078+
3079+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 13 May 2015 07:25:59 -0400
3080+
3081+qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low
3082+
3083+ * CVE-2015-2756 / XSA-126
3084+ - xen: limit guest control of PCI command register
3085+
3086+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 08 Apr 2015 10:17:45 +0200
3087+
3088+qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium
3089+
3090+ * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not
3091+ accidentally create /1
3092+
3093+ -- Steve Beattie <sbeattie@ubuntu.com> Thu, 12 Mar 2015 16:46:51 -0700
3094+
3095+qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low
3096+
3097+ * No-change rebuild to pull in libxl-4.5 (take 2: step to the right).
3098+
3099+ -- Stefan Bader <stefan.bader@canonical.com> Thu, 26 Feb 2015 08:55:35 +0100
3100+
3101+qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low
3102+
3103+ * No-change rebuild to pull in libxl-4.5.
3104+
3105+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 25 Feb 2015 13:58:37 +0100
3106+
3107+qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium
3108+
3109+ * debian/control-in: enable numa on architectures where numa is built
3110+ (LP: #1417937)
3111+
3112+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 23:18:58 -0600
3113+
3114+qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium
3115+
3116+ [Scott Moser]
3117+ * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa
3118+ profile when started by libvirt.
3119+
3120+ [Serge Hallyn]
3121+ * add symlink qemu-system-ppc64le -> qemu-system-ppc64
3122+ * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script
3123+ (LP: #1419855)
3124+
3125+ [Chris J Arges]
3126+ * Determine if we are running inside a virtual environment. If running inside
3127+ a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153)
3128+
3129+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 13:04:21 -0600
3130+
3131+qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium
3132+
3133+ * Merge 1:2.2+dfsg-5exp from Debian. (LP: #1409308)
3134+ - debian/rules: do not drop the init scripts loading kvm modules
3135+ (still needed in precise in cloud archive)
3136+ * Remaining changes:
3137+ - qemu-system-common.postinst:
3138+ * remove acl placed by udev, and add udevadm trigger.
3139+ * reload kvm_intel if needed to set nested=1
3140+ - qemu-system-common.preinst: add kvm group if needed
3141+ - add qemu-kvm upstart job and defaults file (rules,
3142+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3143+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3144+ do not auto-load the kvm kernel module. Enable nesting by default
3145+ on intel.
3146+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3147+ in qemu64 cpu type.
3148+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3149+ machine type to ease future live vm migration.
3150+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3151+ d/qemu-system-common.install
3152+ * Dropped all patches which are applied upstream
3153+ * Update ubuntu-vivid machine type to default to std graphics (following
3154+ upstream's lead for pc-i440fx-2.2 machine type)
3155+
3156+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 09 Feb 2015 22:31:09 -0600
3157+
3158 qemu (1:2.2+dfsg-5exp) experimental; urgency=medium
3159
3160 * fix initscript removal once again
3161@@ -1625,6 +4605,47 @@ qemu (2.2+dfsg-1exp) unstable; urgency=medium
3162
3163 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 09 Dec 2014 23:09:26 +0300
3164
3165+qemu (1:2.1+dfsg-11ubuntu2) vivid; urgency=medium
3166+
3167+ * Cherrypick upstream patch needed to allow ESx hosts to run under
3168+ kvm (LP: #1411575)
3169+
3170+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 16 Jan 2015 16:32:48 -0600
3171+
3172+qemu (1:2.1+dfsg-11ubuntu1) vivid; urgency=medium
3173+
3174+ * Merge 2.1+dfsg-11. Remaining changes:
3175+ - qemu-system-common.postinst:
3176+ * remove acl placed by udev, and add udevadm trigger.
3177+ * reload kvm_intel if needed to set nested=1
3178+ - qemu-system-common.preinst: add kvm group if needed
3179+ - add qemu-kvm upstart job and defaults file (rules,
3180+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3181+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3182+ do not auto-load the kvm kernel module. Enable nesting by default
3183+ on intel.
3184+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3185+ removed the alternatives bit later.
3186+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3187+ in qemu64 cpu type.
3188+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3189+ machine type to ease future live vm migration.
3190+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3191+ d/qemu-system-common.install
3192+ - debian/binfmt-update-in: support ppcle
3193+ * debian/binfmt-update-in
3194+ * Support-ppcle.patch
3195+ - Upstream patches to fix AArch64 emulation ignoring SPSel=0:
3196+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
3197+ * d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
3198+ * d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
3199+ * Dropped patches (upstream or now in debian's tree):
3200+ - upstream-xen_disk-fix-unmapping-of-persistent-grants.patch
3201+ - CVE-2014-7840.patch
3202+ - CVE-2014-8106.patch
3203+
3204+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Dec 2014 13:57:34 -0600
3205+
3206 qemu (1:2.1+dfsg-11) unstable; urgency=medium
3207
3208 * bump epoch and reupload to cancel 2.2+dfsg-1exp upload
3209@@ -1694,6 +4715,81 @@ qemu (2.1+dfsg-8) unstable; urgency=low
3210
3211 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 27 Nov 2014 18:32:45 +0300
3212
3213+qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium
3214+
3215+ * SECURITY UPDATE: code execution via savevm data
3216+ - debian/patches/CVE-2014-7840.patch: validate parameters in
3217+ arch_init.c.
3218+ - CVE-2014-7840
3219+ * SECURITY UPDATE: code execution via cirrus vga blit regions
3220+ (LP: #1400775)
3221+ - debian/patches/CVE-2014-8106.patch: properly validate blit regions in
3222+ hw/display/cirrus_vga.c.
3223+ - CVE-2014-8106
3224+
3225+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Dec 2014 14:11:52 -0500
3226+
3227+qemu (2.1+dfsg-7ubuntu4) vivid; urgency=low
3228+
3229+ * d/rules: Fix vendor check to make kvm-spice symlinks (DEB_VENDOR got
3230+ dropped and VENDOR now will be all capital UBUNTU).
3231+
3232+ -- Stefan Bader <stefan.bader@canonical.com> Mon, 08 Dec 2014 14:45:31 +0100
3233+
3234+qemu (2.1+dfsg-7ubuntu3) vivid; urgency=medium
3235+
3236+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
3237+ d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
3238+ d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
3239+ Cherry-pick of upstream patches in order to fix AArch64 emulation ignoring
3240+ SPSel=0 in certain conditions. (LP: #1349277)
3241+
3242+ -- Chris J Arges <chris.j.arges@canonical.com> Thu, 04 Dec 2014 14:17:01 -0600
3243+
3244+qemu (2.1+dfsg-7ubuntu2) vivid; urgency=low
3245+
3246+ * d/p/upstream-xen_disk-fix-unmapping-of-persistent-grants.patch:
3247+ Cherry-pick of qemu-upstream patch to fix issues with persistent
3248+ grants and the PV backend (Qdisk) (LP: #1394327).
3249+
3250+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 28 Nov 2014 13:14:37 +0100
3251+
3252+qemu (2.1+dfsg-7ubuntu1) vivid; urgency=medium
3253+
3254+ * Merge 2.1+dfsg-7. Remaining changes:
3255+ - qemu-system-common.postinst:
3256+ * remove acl placed by udev, and add udevadm trigger.
3257+ * reload kvm_intel if needed to set nested=1
3258+ - qemu-system-common.preinst: add kvm group if needed
3259+ - add qemu-kvm upstart job and defaults file (rules,
3260+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3261+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3262+ do not auto-load the kvm kernel module. Enable nesting by default
3263+ on intel.
3264+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3265+ removed the alternatives bit later.
3266+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3267+ in qemu64 cpu type.
3268+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3269+ machine type to ease future live vm migration.
3270+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3271+ d/qemu-system-common.install
3272+ - debian/binfmt-update-in: support ppcle
3273+ * debian/binfmt-update-in
3274+ * Support-ppcle.patch
3275+ * Dropped patches (upstream or now in debian's tree):
3276+ - pc-reserve-more-memory-for-acpi.patch
3277+ - CVE-2014-5388.patch
3278+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap and
3279+ 502-block-raw-posic-use-seek-hole-ahead-of-fiemap (combined
3280+ in debian)
3281+ - CVE-2014-3615.patch
3282+ - CVE-2014-3640.patch
3283+ - CVE-2014-3689.patch
3284+ - CVE-2014-7815.patch
3285+
3286+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 22 Nov 2014 18:36:53 -0600
3287+
3288 qemu (2.1+dfsg-7) unstable; urgency=high
3289
3290 * urgency is high due to 2 security fixes
3291@@ -1745,6 +4841,119 @@ qemu (2.1+dfsg-5) unstable; urgency=medium
3292
3293 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 26 Sep 2014 17:43:26 +0400
3294
3295+qemu (2.1+dfsg-4ubuntu9) vivid; urgency=medium
3296+
3297+ * SECURITY UPDATE: information disclosure via vga driver
3298+ - debian/patches/CVE-2014-3615.patch: return the correct memory size,
3299+ sanity check register writes, and don't use fixed buffer sizes in
3300+ hw/display/qxl.c, hw/display/vga.c, hw/display/vga_int.h,
3301+ ui/spice-display.c.
3302+ - CVE-2014-3615
3303+ * SECURITY UPDATE: denial of service via slirp NULL pointer deref
3304+ - debian/patches/CVE-2014-3640.patch: make sure socket is not just a
3305+ stub in slirp/udp.c.
3306+ - CVE-2014-3640
3307+ * SECURITY UPDATE: possible privilege escalation via vmware-vga driver
3308+ - debian/patches/CVE-2014-3689.patch: verify rectangles in
3309+ hw/display/vmware_vga.c.
3310+ - CVE-2014-3689
3311+ * SECURITY UPDATE: denial of service via VNC console
3312+ - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in
3313+ ui/vnc.c.
3314+ - CVE-2014-7815
3315+
3316+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 13 Nov 2014 07:31:03 -0500
3317+
3318+qemu (2.1+dfsg-4ubuntu8) vivid; urgency=medium
3319+
3320+ * Support qemu-kvm on x32, arm64, ppc64 and pp64el architectures
3321+ (LP: #1389897) (Patch thanks to mwhudson, BenC, and infinity)
3322+
3323+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Nov 2014 15:51:47 -0600
3324+
3325+qemu (2.1+dfsg-4ubuntu7) vivid; urgency=medium
3326+
3327+ * Apply two patches to fix intermittent qemu-img corruption
3328+ (LP: #1368815)
3329+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap
3330+ - 502-block-raw-posic-use-seek-hole-ahead-of-fiemap
3331+
3332+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 29 Oct 2014 22:31:43 -0500
3333+
3334+qemu (2.1+dfsg-4ubuntu6) utopic; urgency=medium
3335+
3336+ * debian/control: slof is moving into main, so we can depend on qemu-slof as
3337+ debian does.
3338+
3339+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Oct 2014 22:01:27 +0200
3340+
3341+qemu (2.1+dfsg-4ubuntu5) utopic; urgency=medium
3342+
3343+ * debian/binfmt-update-in: don't blacklist ppc64le on ppc64 and vice
3344+ versa.
3345+ * Drop Support-ppc64le.pach, as that architecture appears to not exist yet.
3346+ * update d/p/ubuntu/define-ubuntu-machine-types.patch to keep -M pc pointing
3347+ to latest upstream machine type, rather than distro one. Add 'ubuntu'
3348+ machine type for that.
3349+
3350+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 06 Oct 2014 13:41:31 -0500
3351+
3352+qemu (2.1+dfsg-4ubuntu4) utopic; urgency=medium
3353+
3354+ * debian/qemu-system-x86.qemu-kvm.upstart: create /dev/kvm in a
3355+ container. (LP: #1370199)
3356+ * load kvm module on ppc64le at boot (LP: #1369785)
3357+ - debian/rules: install qemu-kvm on ppc64el
3358+ - add debian/qemu-system-ppc.qemu-kvm.{upstart,default} to autoload the
3359+ kvm-hv module if available
3360+ * qemu-system-x86.maintscript: remove accidentally installed
3361+ /etc/init.d/qemu-system-x86 (from 2.0.0+dfsg-6ubuntu1 and a few earlier)
3362+ * rename qemu-system-x86 init script to qemu-kvm so it gets installed in
3363+ ubuntu.
3364+
3365+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Sep 2014 14:20:12 -0500
3366+
3367+qemu (2.1+dfsg-4ubuntu3) utopic; urgency=medium
3368+
3369+ * Re-stick the trusty machine type to 2.0 (where it must always stay) and
3370+ define a new, default, pc-i440fx-utopic machine type (LP: #1369481)
3371+
3372+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 15 Sep 2014 14:04:57 -0500
3373+
3374+qemu (2.1+dfsg-4ubuntu2) utopic; urgency=medium
3375+
3376+ * move kvm_intel nested setting to qemu-system-x86.postinst.
3377+
3378+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 12 Sep 2014 23:12:52 +0000
3379+
3380+qemu (2.1+dfsg-4ubuntu1) utopic; urgency=medium
3381+
3382+ * Merge new debian release
3383+ * Remaining changes:
3384+ - qemu-system-common.postinst:
3385+ * remove acl placed by udev, and add udevadm trigger.
3386+ * reload kvm_intel if needed to set nested=1
3387+ - qemu-system-common.preinst: add kvm group if needed
3388+ - add qemu-kvm upstart job and defaults file (rules,
3389+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3390+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3391+ do not auto-load the kvm kernel module. Enable nesting by default
3392+ on intel.
3393+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3394+ removed the alternatives bit later.
3395+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3396+ in qemu64 cpu type.
3397+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3398+ machine type to ease future live vm migration.
3399+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3400+ d/qemu-system-common.install
3401+ - debian/binfmt-update-in: support ppcle
3402+ * debian/binfmt-update-in
3403+ * Support-ppcle.patch
3404+ - d/p/CVE-2014-5388.patch
3405+
3406+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Sep 2014 17:56:15 -0500
3407+
3408 qemu (2.1+dfsg-4) unstable; urgency=medium
3409
3410 * mention libnuma-dev but not enable for now
3411@@ -1762,6 +4971,59 @@ qemu (2.1+dfsg-4) unstable; urgency=medium
3412
3413 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 31 Aug 2014 09:32:59 +0400
3414
3415+qemu (2.1+dfsg-3ubuntu4) utopic; urgency=medium
3416+
3417+ * SECURITY UPDATE: memory disclosure via out-of-bounds array access
3418+ - debian/patches/CVE-2014-5388.patch: fix check in hw/acpi/pcihp.c.
3419+ - CVE-2014-5388
3420+
3421+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 09 Sep 2014 08:26:24 -0400
3422+
3423+qemu (2.1+dfsg-3ubuntu3) utopic; urgency=medium
3424+
3425+ * replace d/p/revert-acpi-table-size-bump with
3426+ pc-reserve-more-memory-for-acpi.patch from upstream
3427+ * debian/binfmt-update-in
3428+ - don't run in a container
3429+ - add ppc64le as target (LP: #1358268)
3430+ * Add experimental ppcle support (LP: #1358268)
3431+
3432+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 27 Aug 2014 18:24:32 -0500
3433+
3434+qemu (2.1+dfsg-3ubuntu2) utopic; urgency=medium
3435+
3436+ * revert-acpi-table-size-bump - get qemu -kernel working again.
3437+
3438+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 15:33:24 -0500
3439+
3440+qemu (2.1+dfsg-3ubuntu1) utopic; urgency=medium
3441+
3442+ * Merge new debian release
3443+ * Remaining changes:
3444+ - control-in: stick to libsdl1.2-dev.
3445+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3446+ qemu-bridge-helper
3447+ - qemu-system-common.postinst: remove acl placed by udev,
3448+ and add udevadm trigger.
3449+ - qemu-system-common.preinst: add kvm group if needed
3450+ - add qemu-kvm upstart job and defaults file (rules,
3451+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3452+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3453+ do not auto-load the kvm kernel module. Enable nesting by default
3454+ on intel.
3455+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3456+ removed the alternatives bit later.
3457+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3458+ in qemu64 cpu type.
3459+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3460+ machine type to ease future live vm migration.
3461+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3462+ d/qemu-system-common.install
3463+ * Upstart job: use getent group to check for kvm group
3464+ * apport: 'qemu' doesn't exist any more, so check for any qemu* tasks
3465+
3466+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 08:44:54 -0500
3467+
3468 qemu (2.1+dfsg-3) unstable; urgency=medium
3469
3470 * set SHELL = /bin/sh -e, so that more complex shell constructs
3471@@ -1788,6 +5050,42 @@ qemu (2.1+dfsg-3) unstable; urgency=medium
3472
3473 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 14 Aug 2014 14:30:24 +0400
3474
3475+qemu (2.1+dfsg-2ubuntu2) utopic; urgency=medium
3476+
3477+ * reload kvm_intel if needed to set the nested=Y flag (LP: #1324174)
3478+
3479+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Aug 2014 12:58:50 -0500
3480+
3481+qemu (2.1+dfsg-2ubuntu1) utopic; urgency=medium
3482+
3483+ * Merge new debian release
3484+ * Remaining changes:
3485+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3486+ have in ipxe-qemu package.
3487+ - control-in: stick to libsdl1.2-dev.
3488+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3489+ qemu-bridge-helper
3490+ - qemu-system-common.postinst: remove acl placed by udev,
3491+ and add udevadm trigger.
3492+ - qemu-system-common.preinst: add kvm group if needed
3493+ - add qemu-kvm upstart job and defaults file (rules,
3494+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3495+ - debian/rules: add qemu-kvm-spice
3496+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3497+ do not auto-load the kvm kernel module. Enable nesting by default
3498+ on intel.
3499+ - binfmt-update-in: make sure to filter out compat arches.
3500+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3501+ removed the alternatives bit later.
3502+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3503+ in qemu64 cpu type.
3504+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3505+ machine type to ease future live vm migration.
3506+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3507+ d/qemu-system-common.install
3508+
3509+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Aug 2014 13:53:06 -0500
3510+
3511 qemu (2.1+dfsg-2) unstable; urgency=medium
3512
3513 * l2tp-linux-only.patch: fix FTBFS on kfreebsd
3514@@ -1822,7 +5120,7 @@ qemu (2.1+dfsg-1) unstable; urgency=medium
3515
3516 qemu (2.0.0+dfsg-7) unstable; urgency=medium
3517
3518- * clarify description of qemu-user-binfmt a bit
3519+ * clarify description of qemu-user-binfmt a bit
3520 * build-depend on acpica-tools (iasl) in order to rebuild .dsl files
3521 * remove qemu-keymaps package, since it is not used by other tools
3522 anymore, and ship keymaps in qemu-system-common.
3523@@ -1839,6 +5137,43 @@ qemu (2.0.0+dfsg-7) unstable; urgency=medium
3524
3525 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 24 Jul 2014 16:51:16 +0400
3526
3527+qemu (2.0.0+dfsg-6ubuntu2) utopic; urgency=medium
3528+
3529+ * d/qemu-system-x86.qemu-kvm.upstart: change the early-exit check from
3530+ /usr/bin/kvm to qemu-system-x86_64. (LP: #1348551)
3531+
3532+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 25 Jul 2014 08:35:02 -0500
3533+
3534+qemu (2.0.0+dfsg-6ubuntu1) utopic; urgency=medium
3535+
3536+ * Merge 2.0.0+dfsg-6. Remaining changes:
3537+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3538+ have in ipxe-qemu package.
3539+ - control-in: stick to libgnutls-dev and libsdl1.2-dev.
3540+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3541+ qemu-bridge-helper
3542+ - qemu-system-common.postinst: remove acl placed by udev,
3543+ and add udevadm trigger.
3544+ - qemu-system-common.preinst: add kvm group if needed
3545+ - add qemu-kvm upstart job and defaults file (rules,
3546+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3547+ - debian/rules: add qemu-kvm-spice
3548+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3549+ do not auto-load the kvm kernel module. Enable nesting by default
3550+ on intel.
3551+ - binfmt-update-in: make sure to filter out compat arches.
3552+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3553+ removed the alternatives bit later.
3554+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3555+ in qemu64 cpu type.
3556+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3557+ machine type to ease future live vm migration.
3558+ - re-introduce apport hook for qemu source package:
3559+ d/source_qemu-kvm.py, d/qemu-system-common.install
3560+ * enable-build-dep on libjpeg8-dev - which is now in main
3561+
3562+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 23 Jun 2014 14:52:54 -0500
3563+
3564 qemu (2.0.0+dfsg-6) unstable; urgency=medium
3565
3566 * build-depend on libgnutls28-dev not libgnutls-dev
3567@@ -1882,6 +5217,59 @@ qemu (2.0.0+dfsg-3) unstable; urgency=low
3568
3569 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 21 Apr 2014 12:34:03 +0400
3570
3571+qemu (2.0.0+dfsg-2ubuntu3) utopic; urgency=medium
3572+
3573+ * remove alternatives for qemu: different architectures
3574+ aren't really alternatives and never had been (LP: #1316829)
3575+
3576+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 07 May 2014 15:12:33 +0000
3577+
3578+qemu (2.0.0+dfsg-2ubuntu2) utopic; urgency=medium
3579+
3580+ * debian/rules: install the proper /etc/init/qemu-kvm.conf (LP: #1315402)
3581+ * debian/control: drop the versioning requirement from libfdt-dev
3582+ build-dependency, as it is longer needed (LP: #1295072)
3583+
3584+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 02 May 2014 11:43:44 -0500
3585+
3586+qemu (2.0.0+dfsg-2ubuntu1) trusty-proposed; urgency=medium
3587+
3588+ * Merge 2.0.0+dfsg-2
3589+ * Incorporates a fix for spice users (LP: #1309452)
3590+ * drop patch kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch, as
3591+ the regression requiring it was reverted for 2.0 upstream.
3592+ * remove qemu-system-common depends on the qemu-system-aarch64 metapackage
3593+ * debian/qemu-debootstrap: add arm64
3594+ * Remaining changes from debian:
3595+ - keep qemu 'alternative' (not something to change in SRU)
3596+ - debian/control and debian/control-in:
3597+ * versioned libfdt-dev check, until libfdt is fixed in precise
3598+ * enable rbd
3599+ * remove ovmf Recommends, as it is in multiverse
3600+ * use libsdl1.2, not libsdl2, since libsdl2-dev is in universe
3601+ * add a qemu-system-aarch64 metapackage for transitions from trusty
3602+ development version. This can be removed after trusty.
3603+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3604+ qemu-bridge-helper
3605+ - qemu-system-common.postinst: fix /dev/kvm acls
3606+ - qemu-system-common.preinst: add kvm group if needed
3607+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3608+ have in ipxe-qemu package.
3609+ - qemu-system-x86.modprobe: set module options for older releases
3610+ - qemu-system-x86.qemu-kvm.default: defaults for the upstart job
3611+ - qemu-system-x86.qemu-kvm.upstart: qemu-kvm upstart job
3612+ - qemu-user-static.postinst-in: remove qemu-arm64-static on arm64
3613+ - debian/rules
3614+ * add legacy kvm-spice link
3615+ * fix ppc and arm slections
3616+ * add aarch64 to user_targets
3617+ - debian/patches/ubuntu/define-trusty-machine-type.patch: define a
3618+ pc-i440fx-trusty machine type as the default.
3619+ - debian/patches/ubuntu/expose-vmx_qemu64cpu.patch: support nesting by
3620+ default in qemu64 cpu time.
3621+
3622+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Apr 2014 09:23:27 -0500
3623+
3624 qemu (2.0.0+dfsg-2) unstable; urgency=medium
3625
3626 * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current
3627@@ -1907,7 +5295,7 @@ qemu (2.0.0+dfsg-1) unstable; urgency=low
3628 * kmod dependency is linux-any
3629 * doc-grammify-allows-to.patch: fix some lintian warnings
3630 * remove alternatives for qemu: different architectures
3631- aren't really alternatives and never had been
3632+ aren't really alternatives and never had been
3633 * update Standards-Version to 3.9.5 (no changes needed)
3634 * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff -
3635 fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1
3636@@ -1941,6 +5329,50 @@ qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low
3637
3638 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 05 Apr 2014 16:23:48 +0400
3639
3640+qemu (2.0.0~rc1+dfsg-0ubuntu3) trusty; urgency=medium
3641+
3642+ * d/p/ubuntu/kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch
3643+ don't abort() just because the kernel has no dirty bitmap.
3644+ (LP: #1303926)
3645+
3646+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 22:32:00 -0500
3647+
3648+qemu (2.0.0~rc1+dfsg-0ubuntu2) trusty; urgency=medium
3649+
3650+ * define-trusty-machine-type.patch: update the trusty machine type name to
3651+ pc-i440fx-trusty (LP: #1304107)
3652+
3653+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 11:49:04 -0500
3654+
3655+qemu (2.0.0~rc1+dfsg-0ubuntu1) trusty; urgency=medium
3656+
3657+ * Merge 2.0.0-rc1
3658+ * debian/rules: consolidate ppc filter entries.
3659+ * Move qemu-system-arch64 into qemu-system-arm
3660+ * debian/patches/define-trusty-machine-type.patch: define a trusty machine
3661+ type, currently the same as pc-i440fx-2.0, to put is in a better position
3662+ to enable live migrations from trusty onward. (LP: #1294823)
3663+ * debian/control: build-dep on libfdt >= 1.4.0 (LP: #1295072)
3664+ * Merge latest upstream git to commit dc9528f
3665+ * Debian/rules:
3666+ - remove -enable-uname-release=2.6.32
3667+ - don't make the aarch64 target Ubuntu-specific.
3668+ * Remove patches which are now upstream:
3669+ - fix-smb-security-share.patch
3670+ - slirp-smb-redirect-port-445-too.patch
3671+ - linux-user-Implement-sendmmsg-syscall.patch (better version is upstream)
3672+ - signal-added-a-wrapper-for-sigprocmask-function.patch
3673+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
3674+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
3675+ - ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch
3676+ * add link for /usr/share/qemu/bios-256k.bin
3677+ * Remove all linaro patches.
3678+ * Remove all arm64/ patches. Many but not all are upstream.
3679+ * Remove CVE-2013-4377.patch which is upstream.
3680+ * debian/control-in: don't make qemu-system-aarch64 ubuntu-specific
3681+
3682+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 25 Feb 2014 22:31:43 -0600
3683+
3684 qemu (1.7.0+dfsg-9) unstable; urgency=medium
3685
3686 * remove rbd/rados/ceph support *again*, till they'll actually provide
3687@@ -2005,6 +5437,104 @@ qemu (1.7.0+dfsg-4) unstable; urgency=medium
3688
3689 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 12 Mar 2014 18:34:03 +0400
3690
3691+qemu (1.7.0+dfsg-3ubuntu7) trusty; urgency=low
3692+
3693+ * No-change rebuild to build with libxen-4.4.
3694+
3695+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 21 Mar 2014 10:04:36 +0100
3696+
3697+qemu (1.7.0+dfsg-3ubuntu6) trusty; urgency=medium
3698+
3699+ * d/p/ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch: cherrypick
3700+ upstream patch to force cpu count on ppc to be a power of 2. (LP: #1279682)
3701+
3702+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Mar 2014 00:03:00 -0500
3703+
3704+qemu (1.7.0+dfsg-3ubuntu5) trusty; urgency=medium
3705+
3706+ [ dann frazier ]
3707+ * Add patches from the susematz tree to avoid intermittent segfaults:
3708+ - ubuntu/signal-added-a-wrapper-for-sigprocmask-function.patch
3709+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
3710+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
3711+
3712+ [ Serge Hallyn ]
3713+ * Modify do_sigprocmask to only change behavior for aarch64.
3714+ (LP: #1285363)
3715+
3716+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 06 Mar 2014 16:15:50 -0600
3717+
3718+qemu (1.7.0+dfsg-3ubuntu4) trusty; urgency=medium
3719+
3720+ [ Steve Langasek ]
3721+ * Merge debian/control with unreleased Debian branch: our architecture
3722+ lists should now be in sync.
3723+
3724+ [ Dann Frazier ]
3725+ * ubuntu/linux-user-Implement-sendmmsg-syscall.patch: Fix user mode DNS
3726+ on arm64 and maybe others. (LP: #1284344)
3727+
3728+ [ Serge Hallyn ]
3729+ * Move the OVMF.fd link to the ovmf package.
3730+
3731+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 21 Feb 2014 12:14:53 -0800
3732+
3733+qemu (1.7.0+dfsg-3ubuntu3) trusty; urgency=medium
3734+
3735+ * Add ppc64el to the architecture list (supposedly added in the previous
3736+ upload, but really wasn't).
3737+
3738+ -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 20 Feb 2014 23:40:07 -0800
3739+
3740+qemu (1.7.0+dfsg-3ubuntu2) trusty; urgency=medium
3741+
3742+ * Backport changes to enable qemu-user-static support for aarch64
3743+ * debian/control: add ppc64el to Architectures
3744+ * debian/rules: only install qemu-system-aarch64 on arm64.
3745+ Fixes a FTBFS when built twice in a row on non-arm64 due to a stale
3746+ debian/qemu-system-aarch64 directory
3747+
3748+ -- dann frazier <dann.frazier@canonical.com> Tue, 11 Feb 2014 15:41:53 -0700
3749+
3750+qemu (1.7.0+dfsg-3ubuntu1) trusty; urgency=medium
3751+
3752+ * Fix broken filter_binfmts
3753+ * Remove use of dpkg-version in postinsts, as we're not Depending on
3754+ dpkg-dev.
3755+
3756+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 05 Feb 2014 21:57:38 -0600
3757+
3758+qemu (1.7.0+dfsg-3ubuntu1~ppa1) trusty; urgency=medium
3759+
3760+ * Merge 1.7.0+dfsg-3 from debian. Remaining changes:
3761+ - debian/patches/ubuntu:
3762+ * expose-vmx_qemu64cpu.patch
3763+ * linaro (omap3) and arm64 patches
3764+ * ubuntu/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS
3765+ on ppc
3766+ * ubuntu/CVE-2013-4377.patch: fix denial of service via virtio
3767+ - debian/qemu-system-x86.modprobe: set kvm_intel nested=1 options
3768+ - debian/control:
3769+ * add arm64 to Architectures
3770+ * add qemu-common and qemu-system-aarch64 packages
3771+ - debian/qemu-system-common.install: add debian/tmp/usr/lib
3772+ - debian/qemu-system-common.preinst: add kvm group
3773+ - debian/qemu-system-common.postinst: remove acl placed by udev,
3774+ and add udevadm trigger.
3775+ - qemu-system-x86.links: add eepro100.rom, remove pxe-virtio,
3776+ pxe-e1000 and pxe-rtl8139.
3777+ - add qemu-system-x86.qemu-kvm.upstart and .default
3778+ - qemu-user-static.postinst-in: remove arm64 binfmt
3779+ - debian/rules:
3780+ * allow parallel build
3781+ * add aarch64 to system_targets and sys_systems
3782+ * add qemu-kvm-spice links
3783+ * install qemu-system-x86.modprobe
3784+ - add debian/qemu-system-common.links for OVMF.fd link
3785+ * Remove kvm-img, kvm-nbd, kvm-ifup and kvm-ifdown symlinks.
3786+
3787+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Feb 2014 12:13:08 -0600
3788+
3789 qemu (1.7.0+dfsg-3) unstable; urgency=low
3790
3791 * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86
3792@@ -2030,6 +5560,121 @@ qemu (1.7.0+dfsg-3) unstable; urgency=low
3793
3794 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 16 Jan 2014 15:17:46 +0400
3795
3796+qemu (1.7.0+dfsg-2ubuntu9) trusty; urgency=medium
3797+
3798+ * debian/qemu-user-static.postinst-in: remove arm64 qemu-user binfmt, which
3799+ may have been installed up to 1.6.0+dfsg-2ubuntu4 (LP: #1273654)
3800+
3801+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 Jan 2014 14:41:20 +0000
3802+
3803+qemu (1.7.0+dfsg-2ubuntu8) trusty; urgency=medium
3804+
3805+ * SECURITY UPDATE: denial of service via virtio device hot-plugging
3806+ - debian/patches/CVE-2013-4377.patch: upstream commits to refactor
3807+ virtio device unplugging.
3808+ - CVE-2013-4377
3809+
3810+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jan 2014 09:10:37 -0500
3811+
3812+qemu (1.7.0+dfsg-2ubuntu7) trusty; urgency=medium
3813+
3814+ * d/p/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS on
3815+ powerpc.
3816+
3817+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 22 Jan 2014 11:59:26 -0600
3818+
3819+qemu (1.7.0+dfsg-2ubuntu6) trusty; urgency=medium
3820+
3821+ [ Serge Hallyn ]
3822+ * add arm64 patchset from upstream. The three arm virt patches previously
3823+ pushed are in that set, so drop them.
3824+
3825+ [ dann frazier ]
3826+ * Add packaging for qemu-system-aarch64. This package is currently only
3827+ available for arm64, as full software emulation is not yet supported.
3828+
3829+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 10 Jan 2014 12:19:08 -0600
3830+
3831+qemu (1.7.0+dfsg-2ubuntu5) trusty; urgency=medium
3832+
3833+ * Drop d/p/fix-pci-add: upstream does not intend for pci_add to be
3834+ supported any longer.
3835+ * Add patchset from git://git.linaro.org/qemu/qemu-linaro.git#rebasing
3836+ * Refresh debian/patches/hw_arm_add_virt_platform.patch against context
3837+ churn caused by linaro patchset.
3838+ * debian/rules: enable parallel builds.
3839+
3840+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 03 Jan 2014 10:53:17 -0600
3841+
3842+qemu (1.7.0+dfsg-2ubuntu4) trusty; urgency=medium
3843+
3844+ * d/control: enable usbredir (LP: 1126390)
3845+
3846+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 02 Jan 2014 08:55:43 -0600
3847+
3848+qemu (1.7.0+dfsg-2ubuntu3) trusty; urgency=medium
3849+
3850+ * add missing arm virt patches from the mach-virt-v7 branch of
3851+ git://git.linaro.org/people/cdall/qemu-arm.git
3852+
3853+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 18 Dec 2013 12:25:59 -0600
3854+
3855+qemu (1.7.0+dfsg-2ubuntu2) trusty; urgency=medium
3856+
3857+ * debian/control: add arm64 to list of architectures.
3858+
3859+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Dec 2013 10:22:47 -0600
3860+
3861+qemu (1.7.0+dfsg-2ubuntu1) trusty; urgency=low
3862+
3863+ * Merge 1.7.0+dfsg-2 from debian experimental. Remaining changes:
3864+ - debian/control
3865+ * update maintainer
3866+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
3867+ from build-deps
3868+ * enable rbd
3869+ * add qemu-system and qemu-common B/R to qemu-keymaps
3870+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
3871+ qemu-system-common
3872+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
3873+ - add qemu-common, qemu-kvm, kvm to B/R
3874+ - remove openbios-sparc from qemu-system-sparc D
3875+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
3876+ * qemu-system-x86:
3877+ - add qemu-common to Breaks/Replaces.
3878+ - add cpu-checker to Recommends.
3879+ * qemu-user: add B/R:qemu-kvm
3880+ * qemu-kvm:
3881+ - add armhf armel powerpc sparc to Architecture
3882+ - C/R/P: qemu-kvm-spice
3883+ * add qemu-common package
3884+ * drop qemu-slof which is not packaged in ubuntu
3885+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
3886+ - qemu-system-x86.links:
3887+ * remove pxe rom links which are in kvm-ipxe
3888+ - debian/rules
3889+ * add kvm-spice symlink to qemu-kvm
3890+ * call dh_installmodules for qemu-system-x86
3891+ * update dh_installinit to install upstart script
3892+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
3893+ - Add qemu-utils.links for kvm-* symlinks.
3894+ - Add qemu-system-x86.qemu-kvm.upstart and .default
3895+ - Add qemu-system-x86.modprobe to set nesting=1
3896+ - Add qemu-system-common.preinst to add kvm group
3897+ - qemu-system-common.postinst: remove bad group acl if there, then have
3898+ udev relabel /dev/kvm.
3899+ - New linaro patches from qemu-linaro rebasing branch
3900+ - Dropped patches:
3901+ * linaro patchset
3902+ * mach-virt patchset
3903+ - Kept patches:
3904+ * expose_vms_qemu64cpu.patch
3905+ * fix-pci-add
3906+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
3907+ qemu-bridge-helper
3908+
3909+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 07 Dec 2013 06:08:11 +0000
3910+
3911 qemu (1.7.0+dfsg-2) unstable; urgency=low
3912
3913 * switch from vgabios to seavgabios
3914@@ -2059,6 +5704,73 @@ qemu (1.7.0+dfsg-1) unstable; urgency=low
3915
3916 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 28 Nov 2013 03:14:21 +0400
3917
3918+qemu (1.6.0+dfsg-2ubuntu2) trusty; urgency=low
3919+
3920+ * debian/control: qemu-utils must Replace: qemu-kvm as it did in raring,
3921+ to prevent lts-to-lts updates from breaking. (LP: #1243403)
3922+
3923+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 23 Oct 2013 14:31:05 -0500
3924+
3925+qemu (1.6.0+dfsg-2ubuntu1) trusty; urgency=low
3926+
3927+ * Merge 1.6.0~rc0+dfsg-2exp from debian experimental. Remaining changes:
3928+ - debian/control
3929+ * update maintainer
3930+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
3931+ from build-deps
3932+ * enable rbd
3933+ * add qemu-system and qemu-common B/R to qemu-keymaps
3934+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
3935+ qemu-system-common
3936+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
3937+ - add qemu-kvm to Provides
3938+ - add qemu-common, qemu-kvm, kvm to B/R
3939+ - remove openbios-sparc from qemu-system-sparc D
3940+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
3941+ * qemu-system-x86:
3942+ - add qemu-common to Breaks/Replaces.
3943+ - add cpu-checker to Recommends.
3944+ * qemu-user: add B/R:qemu-kvm
3945+ * qemu-kvm:
3946+ - add armhf armel powerpc sparc to Architecture
3947+ - C/R/P: qemu-kvm-spice
3948+ * add qemu-common package
3949+ * drop qemu-slof which is not packaged in ubuntu
3950+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
3951+ - qemu-system-x86.links:
3952+ * remove pxe rom links which are in kvm-ipxe
3953+ * add symlink for kvm.1 manpage
3954+ - debian/rules
3955+ * add kvm-spice symlink to qemu-kvm
3956+ * call dh_installmodules for qemu-system-x86
3957+ * update dh_installinit to install upstart script
3958+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
3959+ - Add qemu-utils.links for kvm-* symlinks.
3960+ - Add qemu-system-x86.qemu-kvm.upstart and .default
3961+ - Add qemu-system-x86.modprobe to set nesting=1
3962+ - Add qemu-system-common.preinst to add kvm group
3963+ - qemu-system-common.postinst: remove bad group acl if there, then have
3964+ udev relabel /dev/kvm.
3965+ - New linaro patches from qemu-linaro rebasing branch
3966+ - Dropped patches:
3967+ * xen-simplify-xen_enabled.patch
3968+ * sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch
3969+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
3970+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
3971+ * virtio-rng-fix-crash
3972+ - Kept patches:
3973+ * expose_vms_qemu64cpu.patch - updated
3974+ * linaro arm patches from qemu-linaro rebasing branch
3975+ - New patches:
3976+ * fix-pci-add: change CONFIG variable in ifdef to make sure that
3977+ pci_add is defined.
3978+ * Add linaro patches
3979+ * Add experimental mach-virt patches for arm virtualization.
3980+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
3981+ qemu-bridge-helper
3982+
3983+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 22 Oct 2013 22:47:07 -0500
3984+
3985 qemu (1.6.0+dfsg-2) unstable; urgency=low
3986
3987 * Build-depend in seccomp again once it is in -testing
3988@@ -2129,6 +5841,89 @@ qemu (1.5.0+dfsg-4) unstable; urgency=medium
3989
3990 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 06 Jun 2013 01:50:32 +0400
3991
3992+qemu (1.5.0+dfsg-3ubuntu6) trusty; urgency=low
3993+
3994+ * No change rebuild for new seccomp.
3995+
3996+ -- Stéphane Graber <stgraber@ubuntu.com> Mon, 21 Oct 2013 18:34:50 -0400
3997+
3998+qemu (1.5.0+dfsg-3ubuntu5) saucy; urgency=low
3999+
4000+ * Cherrypick upstream patch to fix crash with rng device (LP: #1235017)
4001+ - virtio-rng-fix-crash
4002+
4003+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 09 Oct 2013 17:46:49 -0500
4004+
4005+qemu (1.5.0+dfsg-3ubuntu4) saucy; urgency=low
4006+
4007+ * Re-introduce snippet in upstart job to load kvm modules if needed.
4008+ (LP: #1218459)
4009+
4010+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 16 Sep 2013 22:43:52 +0000
4011+
4012+qemu (1.5.0+dfsg-3ubuntu3) saucy; urgency=low
4013+
4014+ * Cherry-picking three Xen related patches targetted for qemu-stable:
4015+ * xen-simplify-xen_enabled.patch
4016+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
4017+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
4018+
4019+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 26 Jul 2013 15:01:44 +0200
4020+
4021+qemu (1.5.0+dfsg-3ubuntu2) saucy; urgency=low
4022+
4023+ * Drop openbios-ppc and openhackware Depends to Suggests for now.
4024+
4025+ -- Adam Conrad <adconrad@ubuntu.com> Wed, 05 Jun 2013 03:23:56 -0600
4026+
4027+qemu (1.5.0+dfsg-3ubuntu1) saucy; urgency=low
4028+
4029+ * Merge 1.5.0+dfs-3 from debian unstable. Remaining changes:
4030+ - debian/control
4031+ * update maintainer
4032+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4033+ from build-deps
4034+ * enable rbd
4035+ * add qemu-system and qemu-common B/R to qemu-keymaps
4036+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4037+ qemu-system-common
4038+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4039+ - add qemu-kvm to Provides
4040+ - add qemu-common, qemu-kvm, kvm to B/R
4041+ - remove openbios-sparc from qemu-system-sparc D
4042+ * qemu-system-x86:
4043+ - add qemu-common to Breaks/Replaces.
4044+ - add cpu-checker to Recommends.
4045+ * qemu-user: add B/R:qemu-kvm
4046+ * qemu-kvm:
4047+ - add armhf armel powerpc sparc to Architecture
4048+ - C/R/P: qemu-kvm-spice
4049+ * add qemu-common package
4050+ * drop qemu-slof which is not packaged in ubuntu
4051+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4052+ - qemu-system-x86.links:
4053+ * remove pxe rom links which are in kvm-ipxe
4054+ * add symlink for kvm.1 manpage
4055+ - debian/rules
4056+ * add kvm-spice symlink to qemu-kvm
4057+ * call dh_installmodules for qemu-system-x86
4058+ * update dh_installinit to install upstart script
4059+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4060+ - Add qemu-utils.links for kvm-* symlinks.
4061+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4062+ - Add qemu-system-x86.modprobe to set nesting=1
4063+ - Add qemu-system-common.preinst to add kvm group
4064+ - qemu-system-common.postinst: remove bad group acl if there, then have
4065+ udev relabel /dev/kvm.
4066+ - Dropped patches:
4067+ * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4068+ - Kept patches:
4069+ * expose_vms_qemu64cpu.patch - updated
4070+ * gridcentric patch - updated
4071+ * linaro arm patches from qemu-linaro rebasing branch
4072+
4073+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Jun 2013 22:56:43 +0200
4074+
4075 qemu (1.5.0+dfsg-3) unstable; urgency=low
4076
4077 * fix sections: misc => otherosfs
4078@@ -2148,6 +5943,54 @@ qemu (1.5.0+dfsg-3) unstable; urgency=low
4079
4080 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Jun 2013 01:49:47 +0400
4081
4082+qemu (1.5.0+dfsg-2ubuntu1) saucy; urgency=low
4083+
4084+ * Merge 1.5.0+dfs-2 from debian unstable. Remaining changes:
4085+ - debian/control
4086+ * update maintainer
4087+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4088+ from build-deps
4089+ * enable rbd
4090+ * add qemu-system and qemu-common B/R to qemu-keymaps
4091+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4092+ qemu-system-common
4093+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4094+ - add qemu-kvm to Provides
4095+ - add qemu-common, qemu-kvm, kvm to B/R
4096+ - remove openbios-sparc from qemu-system-sparc D
4097+ * qemu-system-x86:
4098+ - add qemu-common to Breaks/Replaces.
4099+ - add cpu-checker to Recommends.
4100+ * qemu-user: add B/R:qemu-kvm
4101+ * qemu-kvm:
4102+ - add armhf armel powerpc sparc to Architecture
4103+ - C/R/P: qemu-kvm-spice
4104+ * add qemu-common package
4105+ * drop qemu-slof which is not packaged in ubuntu
4106+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4107+ - qemu-system-x86.links:
4108+ * remove pxe rom links which are in kvm-ipxe
4109+ * add symlink for kvm.1 manpage
4110+ - debian/rules
4111+ * add kvm-spice symlink to qemu-kvm
4112+ * call dh_installmodules for qemu-system-x86
4113+ * update dh_installinit to install upstart script
4114+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4115+ - Add qemu-utils.links for kvm-* symlinks.
4116+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4117+ - Add qemu-system-x86.modprobe to set nesting=1
4118+ - Add qemu-system-common.preinst to add kvm group
4119+ - qemu-system-common.postinst: remove bad group acl if there, then have
4120+ udev relabel /dev/kvm.
4121+ - Dropped patches:
4122+ * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4123+ - Kept patches:
4124+ * expose_vms_qemu64cpu.patch - updated
4125+ * gridcentric patch - updated
4126+ * linaro arm patches from qemu-linaro rebasing branch
4127+
4128+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 May 2013 08:18:30 -0500
4129+
4130 qemu (1.5.0+dfsg-2) unstable; urgency=low
4131
4132 * merged development history of wheezy and experimental branches.
4133@@ -2215,6 +6058,76 @@ qemu (1.4.0+dfsg-2exp) experimental; urgency=low
4134
4135 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 18 Apr 2013 14:45:30 +0400
4136
4137+qemu (1.4.0+dfsg-1expubuntu4) raring; urgency=low
4138+
4139+ * re-add qemu-system-x86.modprobe to set nesting=1 (LP: #1155177)
4140+ * qemu-system-x86.qemu-kvm.upstart:
4141+ - remove NESTED workarounds from upstart file.
4142+ - remove loading of modules which is now always done
4143+ - remove TAPR define which is no longer used
4144+ * move customizable defines back to qemu-kvm.default
4145+ * copy creation of group kvm to preinst - the group must exist when the
4146+ kvm udev rule is installed (LP: #1103022) (LP: #1092715)
4147+ * add adduser to qemu-system-common Pre-Depends for use by preinst.
4148+
4149+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 14 Mar 2013 14:21:53 -0500
4150+
4151+qemu (1.4.0+dfsg-1expubuntu3) raring; urgency=low
4152+
4153+ * debian/rules: add a symlink from kvm-spice to kvm in qemu-kvm, on
4154+ i386/amd64 targets. (LP: #1126258)
4155+
4156+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 28 Feb 2013 15:17:16 -0600
4157+
4158+qemu (1.4.0+dfsg-1expubuntu2) raring; urgency=low
4159+
4160+ * substitute (apparently identical) patches from 1.4.0 qemu-linaro rebasing
4161+ tree.
4162+ * add qemu-common to qemu-system-common B/R (was accidentally dropped from
4163+ 1.3.0 in 1.4.0 merge).
4164+ * debian/control: fix kvm P/C/B/R:
4165+ - make all C/B/R against kvm versioned
4166+ - don't have any qemu-system-* other than x86 Provides: kvm
4167+
4168+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Feb 2013 13:34:07 -0600
4169+
4170+qemu (1.4.0+dfsg-1expubuntu1) raring; urgency=low
4171+
4172+ * Merge 1.4.0+dfsg-1exp from debian. Remaining changes:
4173+ - debian/control:
4174+ * update maintainer
4175+ * remove libiscsi, usb-redir, vde, and vnc-jpeg from build-deps
4176+ * enable rbd
4177+ * add qemu-system and qemu-common B/R to qemu-keymaps
4178+ * add D:udev and R:qemu to qemu-system-common
4179+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4180+ - add qemu-kvm and kvm to Provides
4181+ - add qemu-common and qemu-kvm to Breaks/Replaces qemu-system-ppc,
4182+ qemu-system-sparc:
4183+ - remove openbios-$arch from Depends
4184+ * qemu-system-x86:
4185+ - add qemu-common to Breaks/Replaces.
4186+ - add cpu-checker to Recommends.
4187+ * qemu-user:
4188+ - add B/R qemu-kvm
4189+ * qemu-utils:
4190+ - add B/R qemu-user and qemu-kvm
4191+ * qemu-kvm: add armhf armel powerpc sparc to Architecture
4192+ * add qemu-common package
4193+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4194+ - qemu-system-x86.links:
4195+ * remove pxe rom links which are in kvm-ipxe
4196+ * add symlink for kvm.1 manpage
4197+ - Add qemu-utils.links for kvm-* symlinks.
4198+ - Add qemu-kvm.conf upstart job to qemu-system
4199+ - Clear /dev/kvm acls on install
4200+ - Add linaro arm patches.
4201+ - Add gridcentric patches.
4202+ - Re-add expose_vms_qemu64cpu.patch (from Daviey)
4203+ * Add 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4204+
4205+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 20 Feb 2013 11:58:27 -0600
4206+
4207 qemu (1.4.0+dfsg-1exp) experimental; urgency=low
4208
4209 [ Michael Tokarev ]
4210@@ -2270,6 +6183,116 @@ qemu (1.4.0~rc0+dfsg-1exp) experimental; urgency=low
4211
4212 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 02 Feb 2013 21:05:28 +0400
4213
4214+qemu (1.3.0+dfsg-5expubuntu5) raring; urgency=low
4215+
4216+ * qemu-system-common.postinst: only run setfacl when /dev/kvm exists.
4217+ (LP: #1130591)
4218+
4219+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 20 Feb 2013 08:58:53 -0600
4220+
4221+qemu (1.3.0+dfsg-5expubuntu4) raring; urgency=low
4222+
4223+ * Update workarounds for udev/inotify: (LP: #1092715)
4224+ - qemu-system-common.udev: go back to original, simple rule
4225+ - qemu-system-common.postinst: manually run setfacl
4226+ - (keep Depends: on acl as well)
4227+ - this can be removed once bug 1092715 is fixed.
4228+
4229+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 19 Feb 2013 12:41:22 -0600
4230+
4231+qemu (1.3.0+dfsg-5expubuntu3) raring; urgency=low
4232+
4233+ * Now that qemu provides spice support, and qemu-kvm-spice is removed from
4234+ the archive, have qemu-kvm (which qemu-kvm-spice always depended on)
4235+ P/C/R qemu-kvm-spice.
4236+
4237+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 14 Feb 2013 13:43:27 -0600
4238+
4239+qemu (1.3.0+dfsg-5expubuntu2) raring; urgency=low
4240+
4241+ * Enable spice.
4242+ * Address lintian warning by adding ${misc:Depends} to qemu-common and
4243+ qemu-kvm.
4244+
4245+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 12 Feb 2013 16:07:04 -0600
4246+
4247+qemu (1.3.0+dfsg-5expubuntu1) raring; urgency=low
4248+
4249+ [ Serge Hallyn ]
4250+ * Merge 1.3.0+dfsg-5exp from Debian.
4251+ * remaining changes from 1.3.0+dfsg-1~exp3ubuntu1:
4252+ - debian/control:
4253+ * update maintainer
4254+ * remove vde2 recommends
4255+ * build-deps: remove libusbredir, libvdeplug2-dev,
4256+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev
4257+ * qemu-system:
4258+ - break/replace qemu-common
4259+ - depend on udev
4260+ - remove openbios-ppc, openbios-sparc, and openhackware from
4261+ Depends. (Intend to add them back once we can build them.)
4262+ * qemu-utils: break/replace qemu-kvm
4263+ - qemu-kvm.upstart:
4264+ - add qemu-system.qemu-kvm.upstart
4265+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4266+ - take the defaults from the old qemu-kvm.defaults, and move them into
4267+ the upstart job
4268+ - debian/patches:
4269+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4270+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4271+ - add links for qemu-ifup/down in qemu-system-common.links
4272+ - debian/qemu-system-common.postinst
4273+ - udevadm trigger to fix up /dev/kvm perms
4274+ - debian/qemu-system.links:
4275+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4276+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4277+ back to qemu-system at some point.
4278+ * remaining changes from after 1.3.0+dfsg-1~exp3ubuntu1:
4279+ - qemu-system-common.links: add link for OVMF
4280+ - Add qemu-utils.links for kvm-img and kvm-nbd utils and manpages.
4281+ - qemu-system.links:
4282+ * Add link to usr/share/ovmf/OVMF.fd
4283+ * Fix target of /etc/kvm/kvm-if{up,down} links
4284+ - debian/control: qemu-system should Recommend cpu-checker
4285+ - Add qemu-kvm breaks/replaces to qemu-user, to handle conflict over
4286+ (i.e.) qemu-x86_64.
4287+ - add qemu-kvm, and qemu-common transitional packages.
4288+ - Add breaks/replaces to qemu-keymaps for qemu-system.
4289+ - Add provides: qemu-kvm and kvm to qemu-system-ppc.
4290+ - Add breaks/replaces to qemu-system-ppc for qemu-kvm and qemu-common.
4291+ - Add breaks/replaces to qemu-kvm for qemu-common.
4292+ - Add breaks/replaces to qemu-utils for qemu-user and qemu-kvm.
4293+ - Add armhf, armel, powerpc and sparc arches to qemu-kvm transitional
4294+ package.
4295+ - Add qemu-common package.
4296+ - Make sure /dev/kvm gets its acls cleared:
4297+ * Add acl to qemu-system.depends
4298+ * update qemu-system.udev to run setfacl to set g::rw acl
4299+ - Remove vnc-jpeg, libiscsi-dev, and vde from debian/configure-opts
4300+ * dropped debian/patches/CVE-2012-6075.patch (duplicate of
4301+ e1000-discard-oversize-packets-based-on-SBP_LPE.patch)
4302+ * debian/{control,configure-opts}: enable rbd (LP: #1118406)
4303+ * add symlink for kvm.1 -> qemu.1 manpage (LP: #1117636)
4304+ * add replaces to qemu-system-common for qemu - we briefly moved conflicting
4305+ docs to qemu, which debian moved to qemu-system-common. This can be
4306+ dropped after raring.
4307+ * move qemu-kvm.upstart from qemu-system to qemu-system-x86.
4308+ * Support upgrade from qemu-kvm on non-x86 arches:
4309+ - Add Provides: qemu-kvm, kvm to qemu-system-{arm,ppc,sparc,x86}
4310+ - Add Breaks/Replaces for qemu-{common,system,kvm} and kvm.
4311+ * Re-add expose_vms_qemu64cpu.patch (from Daviey) from quantal.
4312+
4313+ [ Steve Langasek ]
4314+ * Pass --enable-uname-release=2.6.32 for the user emulation builds, so that
4315+ we have a sensible baseline kernel value regardless of what the
4316+ underlying host kernel is. This makes eglibc happier when running under
4317+ emulation on a very old kernel for instance (whose host syscall ABI has
4318+ nothing to do with what emulated syscalls are supported), and probably
4319+ also lets us steer clear for the moment of code that has problem with
4320+ the new kernel upstream versioning convention. LP: #921078.
4321+
4322+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 07 Feb 2013 14:15:26 -0600
4323+
4324 qemu (1.3.0+dfsg-5exp) experimental; urgency=low
4325
4326 * qemu-system-split: split qemu-system into several target-specific packages:
4327@@ -2349,6 +6372,106 @@ qemu (1.3.0+dfsg-2exp) experimental; urgency=low
4328
4329 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 20 Jan 2013 22:12:11 +0400
4330
4331+qemu (1.3.0+dfsg-1~exp3ubuntu8) raring; urgency=low
4332+
4333+ * qemu-system.links:
4334+ - Add link to usr/share/ovmf/OVMF.fd (LP: #1074207)
4335+ - Fix target of /etc/kvm/kvm-if{up,down} links
4336+
4337+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 29 Jan 2013 10:52:22 -0600
4338+
4339+qemu (1.3.0+dfsg-1~exp3ubuntu7) raring; urgency=low
4340+
4341+ * debian/control: qemu-system should Recommend cpu-checker (LP: #1103982)
4342+
4343+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 28 Jan 2013 11:52:10 -0600
4344+
4345+qemu (1.3.0+dfsg-1~exp3ubuntu6) raring; urgency=low
4346+
4347+ * configure-opts: add audio-cards list (LP: #1102487)
4348+ * configure-opts: change order of audio-drv-list for ubuntu, putting pa
4349+ first.
4350+
4351+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 21 Jan 2013 12:02:09 -0600
4352+
4353+qemu (1.3.0+dfsg-1~exp3ubuntu5) raring; urgency=low
4354+
4355+ * Add qemu-kvm breaks/replaces to qemu-user, to handle conflict over
4356+ (i.e.) qemu-x86_64. (LP: #1102332)
4357+
4358+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 21 Jan 2013 08:58:07 -0600
4359+
4360+qemu (1.3.0+dfsg-1~exp3ubuntu4) raring; urgency=low
4361+
4362+ * Move three docs from qemu-system.install to qemu.docs (LP: #1101798)
4363+
4364+ -- Adam Conrad <adconrad@ubuntu.com> Sat, 19 Jan 2013 20:12:48 -0700
4365+
4366+qemu (1.3.0+dfsg-1~exp3ubuntu3) raring; urgency=low
4367+
4368+ * debian/patches/CVE-2012-6075.patch: Fix guest denial of service and
4369+ possible code execution in hw/e1000.c by dropping oversize packets.
4370+
4371+ -- Adam Conrad <adconrad@ubuntu.com> Sat, 19 Jan 2013 07:31:50 -0700
4372+
4373+qemu (1.3.0+dfsg-1~exp3ubuntu2) raring; urgency=low
4374+
4375+ * debian/rules: empty MAKEFLAGS when building spapr-rtas.bin on powerpc, to
4376+ fix FTBFS due to parallel compile.
4377+
4378+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Jan 2013 15:51:09 -0600
4379+
4380+qemu (1.3.0+dfsg-1~exp3ubuntu1) raring; urgency=low
4381+
4382+ * Merge 1.3.0+dfsg-1~exp3. Remaining ubuntu delta:
4383+ - debian/control:
4384+ * update maintainer
4385+ * remove vde2 recommends
4386+ * build-deps: remove libusbredir, libvdeplug2-dev,
4387+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev,
4388+ and libxen-dev.
4389+ * qemu-keymaps: break/replace qemu-common
4390+ * qemu-system:
4391+ - break/replace qemu-common
4392+ - depend on udev
4393+ - remove openbios-ppc, openbios-sparc, and openhackware from
4394+ Depends. (Intend to add them back once we can build them.)
4395+ - provides: qemu-kvm
4396+ * qemu-utils: break/replace qemu-kvm
4397+ * set up transitional packages for qemu-kvm, qemu-common, and kvm.
4398+ - qemu-kvm.upstart:
4399+ - add qemu-system.qemu-kvm.upstart
4400+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4401+ - take the defaults from the old qemu-kvm.defaults, and move them into
4402+ the upstart job
4403+ - debian/patches:
4404+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4405+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4406+ - ifup/down:
4407+ - copy Debian qemu-kvm's kvm-ifup/down into debian/
4408+ - fix dh_install for kvm-ifup/down in debian/rules
4409+ - add links for qemu-ifup/down in qemu-system.links
4410+ - remove (debian's original) qemu-ifup from qemu-system.install
4411+ - debian/qemu-system.postinst
4412+ - udevadm trigger to fix up /dev/kvm perms
4413+ - make the 'qemu' symlink point to qemu-system-x86_64, not -i386.
4414+ - debian/qemu-system.links:
4415+ - point 'kvm' to qemu-system-x86_64
4416+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4417+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4418+ back to qemu-system at some point.
4419+ * Add note about kvm to qemu-system.README.debian.
4420+ * Copy kvm-ifup and kvm-ifdown from debian's qemu-kvm
4421+ * Remove TAPBR from qemu-kvm.conf.
4422+ * Make sure /dev/kvm gets its acls cleared:
4423+ - Add acl to qemu-system.depends
4424+ - update qemu-system.udev to run setfacl to set g::rw acl
4425+ * qemu-system.qemu-kvm.conf: don't rmmod at stop
4426+ * Remove vnc-jpeg, libiscsi-dev, and vde from debian/configure-opts
4427+ * Remove hugepages sysctl file - qemu now supports transparent hugepages.
4428+
4429+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 14 Jan 2013 23:22:51 -0600
4430+
4431 qemu (1.3.0+dfsg-1~exp3) experimental; urgency=low
4432
4433 * enable vde on kFreebsd too (no idea why it was disabled)
4434@@ -2433,6 +6556,107 @@ qemu (1.3.0+dfsg-1~exp1) experimental; urgency=low
4435
4436 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 30 Dec 2012 01:52:21 +0400
4437
4438+qemu (1.2.0.dfsg-1~exp1-0ubuntu2) raring; urgency=low
4439+
4440+ * Remove kvm package
4441+ - make qemu-system P/C/B: kvm.
4442+
4443+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 14 Jan 2013 12:03:19 -0600
4444+
4445+qemu (1.2.0.dfsg-1~exp1-0ubuntu1) raring; urgency=low
4446+
4447+ [ Serge Hallyn ]
4448+ * debian/control:
4449+ - update maintainer
4450+ - remove vde2 recommends
4451+ - build-deps: remove libusbredir, libvdeplug2-dev,
4452+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev,
4453+ and libxen-dev.
4454+ - qemu-keymaps: break/replace qemu-common
4455+ - qemu-system:
4456+ - break/replace qemu-common
4457+ - depend on udev
4458+ - remove openbios-ppc, openbios-sparc, and openhackware from
4459+ Depends. (Intend to add them back once we can build them.)
4460+ - provides: qemu-kvm
4461+ - qemu-utils: break/replace qemu-kvm
4462+ - set up transitional packages for qemu-kvm, qemu-common, and kvm.
4463+ * debian/rules:
4464+ - install kvm-ifup and kvm-ifdown
4465+ - dh_installinit the qemu-kvm upstart job
4466+ * install a 30-qemu-kvm.conf into /etc/sysctl.c for nr_hugepages.
4467+ * qemu-kvm.upstart:
4468+ - add qemu-system.qemu-kvm.upstart
4469+ - add mv_confile to qemu-system.preinst, postinst, and .postrm to rename
4470+ /etc/init/qemu-kvm.conf to qemu-system.conf
4471+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4472+ - take the defaults from the old qemu-kvm.defaults, and move them into
4473+ the upstart job
4474+ * debian/patches:
4475+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4476+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4477+ - apply nbd-fixes-to-read-only-handling.patch from upstream to
4478+ make read-write mount after read-only mount work. (LP: #1077838)
4479+ * ifup/down:
4480+ - copy Ubuntu qemu-kvm's kvm-ifup/down into debian/
4481+ - fix dh_install for kvm-ifup/down in debian/rules
4482+ - add links for qemu-ifup/down in qemu-system.links
4483+ - remove (debian's original) qemu-ifup from qemu-system.install
4484+ * debian/qemu-system.postinst
4485+ - udevadm trigger to fix up /dev/kvm perms
4486+ - make the 'qemu' symlink point to qemu-system-x86_64, not -i386.
4487+ * debian/qemu-system.links:
4488+ - point 'kvm' to qemu-system-x86_64
4489+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4490+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4491+ back to qemu-system at some point.
4492+ - add qemu-ifdown and qemu-ifup links
4493+ * debian/qemu-system.install:
4494+ - remove /etc/qemu-ifup link
4495+ - add /etc/sysctl.d/30-qemu-kvm.conf
4496+
4497+ [ Adam Conrad ]
4498+ * Appease apt-get's dist-upgrade resolver by creating a qemu-common
4499+ transitional package to upgrade more gracefully to qemu-keymaps.
4500+ * Move all the empty transitional packages to the oldlibs section.
4501+ * Restore the versioned dep from qemu-kvm (and kvm) to qemu-system.
4502+
4503+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Jan 2013 08:50:24 -0600
4504+
4505+qemu (1.2.0+dfsg-1~exp1) UNRELEASED; urgency=low
4506+
4507+ [ Michael Tokarev ]
4508+ * new upstream version (1.3.0)
4509+ (Closes: #676374, #622319, #597527, #593547, #660154)
4510+ - Removed patches included upstream:
4511+ do-not-include-libutil.h.patch
4512+ configure-nss-usbredir.patch
4513+ tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch
4514+ net-add--netdev-options-to-man-page.patch
4515+ - update 02_kfreebsd.patch
4516+ - do not build mpc8544ds.dtb
4517+ - include new targets
4518+ * Cleaned up the build system ALOT. Larger changes:
4519+ - used explicit lists of emulated targets in debian/rules
4520+ and generate everything else from there, instead of repeating
4521+ these lists in lots of places.
4522+ - stop using debian/$pkg.manpages and other auxilary files like this,
4523+ moving eveything to debian/$pkg.install, because with the number
4524+ of packages growing, amount of these small files becomes very
4525+ large and the result is difficult to maintain.
4526+ * ship forgotten target-x86_64.conf in qemu-system.
4527+ * ship virtfs-proxy-helper in qemu-utils.
4528+ * stop shipping tundev.c, since it does not reflect the reality for
4529+ a long time now (Closes: #325761, #325754).
4530+ * re-introduce support parallel build using DEB_BUILD_OPTIONS=parallel=N,
4531+ this time by adding to $MAKEFLAGS instead of passing down to submakes
4532+ * build-depend on libcap-ng-dev (for virtfs-proxy-helper)
4533+
4534+ [ Vagrant Cascadian ]
4535+ * Add libcap-dev to Build-Depends to support virtfs-proxy-helper.
4536+
4537+ -- Michael Tokarev <mjt@tls.msk.ru> Sun, 30 Dec 2012 01:52:21 +0400
4538+
4539 qemu (1.1.2+dfsg-6a) unstable; urgency=low
4540
4541 * reupload to remove two unrelated files slipped in debian/
4542@@ -4366,3 +8590,4 @@ qemu (0.5.2-1) unstable; urgency=low
4543 * Initial Release. (Closes: #187407)
4544
4545 -- Paul Russell <prussell@debian.org> Wed, 3 Mar 2004 02:18:54 +0100
4546+
4547diff --git a/debian/control b/debian/control
4548index ef66508..79d6d49 100644
4549--- a/debian/control
4550+++ b/debian/control
4551@@ -2,7 +2,8 @@
4552 Source: qemu
4553 Section: otherosfs
4554 Priority: optional
4555-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
4556+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
4557+XSBC-Original-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
4558 Uploaders: Riku Voipio <riku.voipio@iki.fi>,
4559 Michael Tokarev <mjt@tls.msk.ru>
4560 Build-Depends: debhelper-compat (= 12),
4561@@ -17,8 +18,6 @@ Build-Depends: debhelper-compat (= 12),
4562 texinfo, python3-sphinx,
4563 # iasl (from acpica-tools) is used only in a single test these days, not for building
4564 # acpica-tools,
4565-# --enable-capstone=system
4566- libcapstone-dev (>> 4.0.2~),
4567 # --enable-linux-aio linux-*
4568 libaio-dev [linux-any],
4569 # --audio-drv-list=pa,alsa,oss linux-*
4570@@ -50,8 +49,6 @@ Build-Depends: debhelper-compat (= 12),
4571 libvirglrenderer-dev [linux-any],
4572 # --enable-opengl linux-*
4573 libepoxy-dev [linux-any], libdrm-dev [linux-any], libgbm-dev [linux-any],
4574-# --enable-libnfs
4575- libnfs-dev (>> 1.9.3),
4576 # --enable-numa i386|amd64|ia64|mips|mipsel|powerpc|powerpcspe|x32|ppc64|ppc64el|arm64|sparc|s390x|riscv64
4577 libnuma-dev [i386 amd64 ia64 mips mipsel mips64 mips64el powerpc powerpcspe x32 ppc64 ppc64el arm64 sparc s390x riscv64],
4578 # --enable-smartcard
4579@@ -61,8 +58,6 @@ Build-Depends: debhelper-compat (= 12),
4580 librbd-dev [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x ppc64 sparc64],
4581 # glusterfs is debian-only since ubuntu/glusterfs is in universe (MIR LP: #1274247)
4582 # before buster it was glusterfs-common so keep it for now for bpo
4583-# --enable-glusterfs linux-any
4584- libglusterfs-dev [linux-any] | glusterfs-common [linux-any],
4585 # --enable-vnc-sasl
4586 libsasl2-dev,
4587 # --disable-sdl
4588@@ -83,9 +78,6 @@ Build-Depends: debhelper-compat (= 12),
4589 # --enable-libssh
4590 libssh-dev,
4591 # vde is debian-only since ubuntu/vde2 is in universe
4592-# --enable-vde
4593- libvdeplug-dev,
4594-# --enable-xen linux-amd64|linux-i386
4595 libxen-dev [linux-amd64 linux-i386],
4596 # --enable-nettle
4597 nettle-dev,
4598@@ -129,8 +121,10 @@ Build-Depends-Indep:
4599 Build-Conflicts: oss4-dev
4600 Standards-Version: 4.5.1
4601 Homepage: http://www.qemu.org/
4602-Vcs-Browser: https://salsa.debian.org/qemu-team/qemu
4603-Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git
4604+XS-Debian-Vcs-Browser: https://salsa.debian.org/qemu-team/qemu
4605+XS-Debian-Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git
4606+Vcs-Browser: https://git.launchpad.net/ubuntu/+source/qemu
4607+Vcs-Git: https://git.launchpad.net/ubuntu/+source/qemu
4608
4609 Package: qemu
4610 Architecture: amd64 arm arm64 armel armhf i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4611@@ -161,6 +155,7 @@ Depends: ${misc:Depends},
4612 qemu-system-ppc,
4613 qemu-system-sparc,
4614 qemu-system-x86,
4615+ qemu-system-s390x,
4616 qemu-system-misc
4617 Description: QEMU full system emulation binaries
4618 QEMU is a fast processor emulator: currently the package supports
4619@@ -194,6 +189,8 @@ Multi-Arch: foreign
4620 Conflicts: sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof,
4621 Replaces: qemu-system-common (<< 1:2.12+dfsg-2~), sgabios,
4622 openbios-sparc, openbios-ppc, qemu-slof, qemu-system-sparc (<< 1:4.2-4~), qemu-system-ppc (<< 1:4.2-4~),
4623+ qemu-system-s390x (<< 1:3.1+dfsg-2ubuntu1~)
4624+Breaks: qemu-system-s390x (<< 1:3.1+dfsg-2ubuntu1~)
4625 Provides: qemu-keymaps, sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof,
4626 Depends: ${misc:Depends}
4627 Description: QEMU full system emulation (data files)
4628@@ -207,7 +204,9 @@ Multi-Arch: no
4629 Replaces: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4630 Breaks: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4631 Depends: ${misc:Depends}, ${shlibs:Depends},
4632+ qemu-block-extra (= ${binary:Version}),
4633 # to fix wrong acl for newly created device node on ubuntu:
4634+ acl
4635 Description: QEMU full system emulation binaries (common files)
4636 QEMU is a fast processor emulator: currently the package supports
4637 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
4638@@ -258,6 +257,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Ver
4639 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4640 # aarch64 arm uses bootroms
4641 ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~),
4642+ ipxe-qemu-256k-compat-efi-roms,
4643 qemu-efi-aarch64, qemu-efi-arm
4644 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4645 Provides: qemu-kvm [linux-arm64 linux-armhf linux-armel], ${sysprovides:arm}
4646@@ -304,6 +304,7 @@ Multi-Arch: foreign
4647 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4648 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4649 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4650+ ipxe-qemu-256k-compat-efi-roms,
4651 # ppc targets use vgabios-stdvga and bootroms
4652 seabios, ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4653 Provides: qemu-kvm [linux-ppc64 linux-ppc64el linux-powerpc], ${sysprovides:ppc}
4654@@ -348,14 +349,16 @@ Package: qemu-system-x86
4655 Architecture: amd64 arm arm64 armel armhf i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4656 Multi-Arch: foreign
4657 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4658+ ipxe-qemu-256k-compat-efi-roms,
4659 seabios (>= 1.10.2-1~), ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4660 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4661 ovmf,
4662+ cpu-checker
4663 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4664 sgabios,
4665-Provides: qemu-kvm [linux-amd64 linux-i386], ${sysprovides:x86}
4666-Breaks: qemu-kvm [linux-amd64 linux-i386]
4667-Replaces: qemu-kvm [linux-amd64 linux-i386]
4668+Provides: qemu-kvm [linux-amd64 linux-i386], ${sysprovides:x86}, qemu-system-x86-microvm
4669+Breaks: qemu-kvm [linux-amd64 linux-i386], qemu-system-x86-microvm (<< 1:5.0-5ubuntu1~)
4670+Replaces: qemu-kvm [linux-amd64 linux-i386], qemu-system-x86-microvm (<< 1:5.0-5ubuntu1~)
4671 Description: QEMU full system emulation binaries (x86)
4672 QEMU is a fast processor emulator: currently the package supports
4673 i386 and x86-64 emulation. By using dynamic translation it achieves
4674@@ -372,6 +375,16 @@ Description: QEMU full system emulation binaries (x86)
4675 On x86 host hardware this package also enables KVM kernel virtual machine
4676 usage on systems which supports it.
4677
4678+Package: qemu-system-x86-microvm
4679+Architecture: amd64
4680+Multi-Arch: foreign
4681+Section: oldlibs
4682+Depends: qemu-system-x86 (>= 1:5.0-5ubuntu1~), ${misc:Depends}
4683+Description: QEMU full system emulation binaries (x86)
4684+ The microvm binaries are now part of qemu-system-x86.
4685+ .
4686+ This is a transitional package. You can safely remove it.
4687+
4688 Package: qemu-user
4689 Architecture: amd64 arm arm64 armel armhf i386 ia64 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4690 Multi-Arch: foreign
4691@@ -438,8 +451,10 @@ Package: qemu-utils
4692 Architecture: amd64 arm arm64 armel armhf hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4693 Multi-Arch: foreign
4694 Breaks: qemu-system-common (<< 1:3.1+dfsg-3~)
4695-Depends: ${shlibs:Depends}, ${misc:Depends}
4696-Suggests: debootstrap, qemu-block-extra (= ${binary:Version}),
4697+Depends: ${shlibs:Depends}, ${misc:Depends},
4698+ qemu-block-extra (= ${binary:Version})
4699+Recommends: sharutils
4700+Suggests: debootstrap,
4701 Description: QEMU utilities
4702 QEMU is a fast processor emulator: currently the package supports
4703 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
4704@@ -475,3 +490,59 @@ Description: Guest-side qemu-system agent
4705 .
4706 Install this package on a system which is running as guest inside
4707 qemu virtual machine. It is not used on the host.
4708+
4709+Package: qemu-system-s390x
4710+Architecture: amd64 arm arm64 armel armhf hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64
4711+Multi-Arch: foreign
4712+Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4713+Recommends: qemu-utils,
4714+Suggests: qemu-block-extra (= ${binary:Version}),
4715+Provides: qemu-kvm [linux-s390x], ${sysprovides:s390x}
4716+Breaks: qemu-kvm [linux-s390x], qemu-system-misc (<< 1:2.5+dfsg-5ubuntu8~)
4717+Replaces: qemu-kvm [linux-s390x], qemu-system-misc (<< 1:2.5+dfsg-5ubuntu8~)
4718+Description: QEMU full system emulation binaries (s390x)
4719+ QEMU is a fast processor emulator: currently the package supports
4720+ s390x emulation. By using dynamic translation it achieves reasonable
4721+ speed while being easy to port on new host CPUs.
4722+ .
4723+ This package provides the full system emulation binaries to emulate
4724+ the following s390x hardware: ${sysarch:s390x}.
4725+ .
4726+ In system emulation mode QEMU emulates a full system, including a processor
4727+ and various peripherals. It enables easier testing and debugging of system
4728+ code. It can also be used to provide virtual hosting of several virtual
4729+ machines on a single server.
4730+
4731+# xen support generally is disabled, this is an extra build with xen enabled
4732+# as needed by xen-utils-4.11 [amd64 arm64 armhf i386]
4733+# Xen will depend on this; this package and the main qemu-system-x86 are
4734+# mutually exclusive
4735+Package: qemu-system-x86-xen
4736+Architecture: amd64 i386
4737+Multi-Arch: foreign
4738+Depends:
4739+ ${shlibs:Depends},
4740+ ${misc:Depends},
4741+ qemu-system-common (>> ${source:Version}~),
4742+ qemu-system-data (>> ${source:Version}~),
4743+ ipxe-qemu,
4744+Recommends:
4745+ qemu-system-gui (= ${binary:Version}),
4746+ qemu-utils,
4747+ seabios,
4748+Suggests:
4749+ qemu-block-extra (= ${binary:Version}),
4750+ ovmf,
4751+Conflicts: qemu-system-x86
4752+Description: QEMU full system emulation binaries (x86)
4753+ QEMU is a fast processor emulator: currently the package supports
4754+ i386 and x86-64 emulation. By using dynamic translation it achieves
4755+ reasonable speed while being easy to port on new host CPUs.
4756+ .
4757+ This package provides the full system emulation binaries to emulate
4758+ the following x86 hardware: ${sysarch:x86-xen}.
4759+ .
4760+ In comparison to the main qemu-system-x86 this package has xen support
4761+ enabled, but is only maintained as universe package. Qemu with xen support
4762+ is needed to run Xen in HVM mode. For any other use case you should install
4763+ and use qemu-system-x86 instead.
4764diff --git a/debian/control-in b/debian/control-in
4765index f3e6d72..39b58d1 100644
4766--- a/debian/control-in
4767+++ b/debian/control-in
4768@@ -18,8 +18,8 @@ Build-Depends: debhelper-compat (= 12),
4769 texinfo, python3-sphinx,
4770 # iasl (from acpica-tools) is used only in a single test these days, not for building
4771 # acpica-tools,
4772-# --enable-capstone=system
4773- libcapstone-dev (>> 4.0.2~),
4774+:debian:# --enable-capstone=system
4775+:debian: libcapstone-dev (>> 4.0.2~),
4776 # --enable-linux-aio linux-*
4777 libaio-dev [linux-any],
4778 # --audio-drv-list=pa,alsa,oss linux-*
4779@@ -86,7 +86,7 @@ Build-Depends: debhelper-compat (= 12),
4780 # vde is debian-only since ubuntu/vde2 is in universe
4781 :debian:# --enable-vde
4782 :debian: libvdeplug-dev,
4783-# --enable-xen linux-amd64|linux-i386
4784+:debian:# --enable-xen linux-amd64|linux-i386
4785 libxen-dev [linux-amd64 linux-i386],
4786 # --enable-nettle
4787 nettle-dev,
4788@@ -215,6 +215,7 @@ Multi-Arch: no
4789 Replaces: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4790 Breaks: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4791 Depends: ${misc:Depends}, ${shlibs:Depends},
4792+:ubuntu: qemu-block-extra (= ${binary:Version}),
4793 # to fix wrong acl for newly created device node on ubuntu:
4794 :ubuntu: acl
4795 Description: QEMU full system emulation binaries (common files)
4796@@ -267,6 +268,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Ver
4797 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4798 # aarch64 arm uses bootroms
4799 ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~),
4800+:ubuntu: ipxe-qemu-256k-compat-efi-roms,
4801 qemu-efi-aarch64, qemu-efi-arm
4802 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4803 Provides: qemu-kvm [linux-arm64 linux-armhf linux-armel], ${sysprovides:arm}
4804@@ -313,6 +315,7 @@ Multi-Arch: foreign
4805 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4806 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4807 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4808+:ubuntu: ipxe-qemu-256k-compat-efi-roms,
4809 # ppc targets use vgabios-stdvga and bootroms
4810 seabios, ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4811 Provides: qemu-kvm [linux-ppc64 linux-ppc64el linux-powerpc], ${sysprovides:ppc}
4812@@ -357,15 +360,16 @@ Package: qemu-system-x86
4813 Architecture: amd64 arm arm64 armel armhf i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4814 Multi-Arch: foreign
4815 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4816+:ubuntu: ipxe-qemu-256k-compat-efi-roms,
4817 seabios (>= 1.10.2-1~), ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4818 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4819 ovmf,
4820 :ubuntu: cpu-checker
4821 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4822 sgabios,
4823-Provides: qemu-kvm [linux-amd64 linux-i386], ${sysprovides:x86}
4824-Breaks: qemu-kvm [linux-amd64 linux-i386]
4825-Replaces: qemu-kvm [linux-amd64 linux-i386]
4826+Provides: qemu-kvm [linux-amd64 linux-i386], ${sysprovides:x86}, qemu-system-x86-microvm
4827+Breaks: qemu-kvm [linux-amd64 linux-i386], qemu-system-x86-microvm (<< 1:5.0-5ubuntu1~)
4828+Replaces: qemu-kvm [linux-amd64 linux-i386], qemu-system-x86-microvm (<< 1:5.0-5ubuntu1~)
4829 Description: QEMU full system emulation binaries (x86)
4830 QEMU is a fast processor emulator: currently the package supports
4831 i386 and x86-64 emulation. By using dynamic translation it achieves
4832@@ -382,6 +386,16 @@ Description: QEMU full system emulation binaries (x86)
4833 On x86 host hardware this package also enables KVM kernel virtual machine
4834 usage on systems which supports it.
4835
4836+Package: qemu-system-x86-microvm
4837+Architecture: amd64
4838+Multi-Arch: foreign
4839+Section: oldlibs
4840+Depends: qemu-system-x86 (>= 1:5.0-5ubuntu1~), ${misc:Depends}
4841+Description: QEMU full system emulation binaries (x86)
4842+ The microvm binaries are now part of qemu-system-x86.
4843+ .
4844+ This is a transitional package. You can safely remove it.
4845+
4846 Package: qemu-user
4847 Architecture: amd64 arm arm64 armel armhf i386 ia64 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4848 Multi-Arch: foreign
4849@@ -448,8 +462,11 @@ Package: qemu-utils
4850 Architecture: amd64 arm arm64 armel armhf hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4851 Multi-Arch: foreign
4852 Breaks: qemu-system-common (<< 1:3.1+dfsg-3~)
4853-Depends: ${shlibs:Depends}, ${misc:Depends}
4854-Suggests: debootstrap, qemu-block-extra (= ${binary:Version}),
4855+Depends: ${shlibs:Depends}, ${misc:Depends},
4856+:ubuntu: qemu-block-extra (= ${binary:Version})
4857+:ubuntu:Recommends: sharutils
4858+Suggests: debootstrap,
4859+:debian: qemu-block-extra (= ${binary:Version}),
4860 Description: QEMU utilities
4861 QEMU is a fast processor emulator: currently the package supports
4862 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
4863@@ -507,3 +524,37 @@ Description: Guest-side qemu-system agent
4864 :ubuntu: and various peripherals. It enables easier testing and debugging of system
4865 :ubuntu: code. It can also be used to provide virtual hosting of several virtual
4866 :ubuntu: machines on a single server.
4867+
4868+:ubuntu:# xen support generally is disabled, this is an extra build with xen enabled
4869+:ubuntu:# as needed by xen-utils-4.11 [amd64 arm64 armhf i386]
4870+:ubuntu:# Xen will depend on this; this package and the main qemu-system-x86 are
4871+:ubuntu:# mutually exclusive
4872+:ubuntu:Package: qemu-system-x86-xen
4873+:ubuntu:Architecture: amd64 i386
4874+:ubuntu:Multi-Arch: foreign
4875+:ubuntu:Depends:
4876+:ubuntu: ${shlibs:Depends},
4877+:ubuntu: ${misc:Depends},
4878+:ubuntu: qemu-system-common (>> ${source:Version}~),
4879+:ubuntu: qemu-system-data (>> ${source:Version}~),
4880+:ubuntu: ipxe-qemu,
4881+:ubuntu:Recommends:
4882+:ubuntu: qemu-system-gui (= ${binary:Version}),
4883+:ubuntu: qemu-utils,
4884+:ubuntu: seabios,
4885+:ubuntu:Suggests:
4886+:ubuntu: qemu-block-extra (= ${binary:Version}),
4887+:ubuntu: ovmf,
4888+:ubuntu:Conflicts: qemu-system-x86
4889+:ubuntu:Description: QEMU full system emulation binaries (x86)
4890+:ubuntu: QEMU is a fast processor emulator: currently the package supports
4891+:ubuntu: i386 and x86-64 emulation. By using dynamic translation it achieves
4892+:ubuntu: reasonable speed while being easy to port on new host CPUs.
4893+:ubuntu: .
4894+:ubuntu: This package provides the full system emulation binaries to emulate
4895+:ubuntu: the following x86 hardware: ${sysarch:x86-xen}.
4896+:ubuntu: .
4897+:ubuntu: In comparison to the main qemu-system-x86 this package has xen support
4898+:ubuntu: enabled, but is only maintained as universe package. Qemu with xen support
4899+:ubuntu: is needed to run Xen in HVM mode. For any other use case you should install
4900+:ubuntu: and use qemu-system-x86 instead.
4901diff --git a/debian/patches/series b/debian/patches/series
4902index 1fc84e9..7826812 100644
4903--- a/debian/patches/series
4904+++ b/debian/patches/series
4905@@ -10,3 +10,9 @@ slof-remove-user-and-host-from-release-version.patch
4906 slof-ensure-ld-is-called-with-C-locale.patch
4907 spelling.diff
4908 memory-clamp-cached-translation-if-points-to-MMIO-region-CVE-2020-27821.patch
4909+
4910+# ubuntu patches
4911+ubuntu/enable-svm-by-default.patch
4912+ubuntu/define-ubuntu-machine-types.patch
4913+ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
4914+ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch
4915diff --git a/debian/patches/ubuntu/define-ubuntu-machine-types.patch b/debian/patches/ubuntu/define-ubuntu-machine-types.patch
4916new file mode 100644
4917index 0000000..d1f890a
4918--- /dev/null
4919+++ b/debian/patches/ubuntu/define-ubuntu-machine-types.patch
4920@@ -0,0 +1,784 @@
4921+Description: Carry Ubuntu specific machine types
4922+
4923+Since Ubuntu is a downstream of qemu carrying patches it needs custom machine
4924+types to be able to identify and manage the delta that might affect machine
4925+types.
4926+
4927+This is an important piece to keep cross release migration supported for any
4928+downstream.
4929+
4930+Since the p->t transition these types are mostly stable copies of the upstream
4931+type (in the past this was more unstable upstream, so there was more delta),
4932+but they need to stay specific to reflect the delta we have. And even more so
4933+to have something to base off for affecting SRU changes.
4934+
4935+Also add a hint if instantiating fails due to now unsupported old guest
4936+types (LP: #1637936).
4937+
4938+Package maintainers please see https://wiki.ubuntu.com/QemuKVMMigration when
4939+maintaining this patch on SRU, merge or other packaging activity.
4940+While support on a type is dropped with the Release going EOL we never drop the
4941+type itself as long as it is maintainable. This will give people an extra
4942+chance to migrate and avoid issues like LP: 1802944.
4943+
4944+##
4945+
4946+This later on got extended by further ubuntu specific machine type changes:
4947+LP 1776189: Add a -hpb Ubuntu specific machine type suffix
4948+
4949+This works already fine on commandline, but Libvirt and other stacks above
4950+have no exploitation yet. Using a machine type has the benefit of being already
4951+controllable by most upper layer software like Libvirt (type= in os tag) but
4952+even up to Openstack (nova.conf or per image metadata on hw_machine_type).
4953+
4954+This is based on a discussion:
4955+ https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1769053
4956+
4957+A similar change is in CentOS/RH (there the default is switched, without
4958+even a way to go back.
4959+But since this can cause issues e.g. when migrating
4960+across hosts with different characteristics, it is not set as the default
4961+in Ubuntu with this change.
4962+
4963+Further we want to avoid "machine type proliferation", so we certainly won't
4964+add a type for every feature. But using a huge guest is more common and
4965+otherwise not yet achievable.
4966+
4967+This can be dropped when:
4968+ - libvirt exposes phys-bits/host-phys-bits natively
4969+ - at least the important stacks above exploit that config
4970+As an alternative we might decide at some point to make it the default without
4971+a way to switch back in following releases, but for now we don't want to do so.
4972+
4973+##
4974+
4975+This later on got extended by further ubuntu specific machine type changes:
4976+LP 1761372: special type for ppc64 meltdown/spectre defaults
4977+
4978+Upstresm 2.12 is not yet set in stone (almost but not full), and we ship 2.11
4979+with backports. SO we don't want to make a 2.12 machine type fully recommended
4980+yet.
4981+PPC was following x86 in providing a non default convenience type that has the
4982+spectre/meltdown flags toggled - in bug 1761372 we were requested to carry the
4983+same - but we agreed to do so as a 2.11 based type.
4984+
4985+Note I: x86 changes CPU types with -IBRS suffix, power chose to change machine
4986+types.
4987+
4988+Note II: this change can be squashed into ubuntu-machine-types.patch >=2.12
4989+where the base content will exist in the upstream source instead of
4990+patches on top.
4991+
4992+##
4993+
4994+[1] introduced a major regression into the 4.0 types by setting split
4995+irqchip to be the default. This was corrected by [2] and the fix further
4996+modified by [3] which overall adds a 4.0.1 machine type in qemu 4.1 (not
4997+yet released) and probably eventually stable branches.
4998+We will follow upstream with the upstream types, but the Ubuntu types so
4999+far didn't release a 4.0 type yet so for us we can fix it on the initial
5000+release right away.
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches