Ubuntu
qemu package

Merge ~paelzer/ubuntu/+source/qemu:merge-5.2+dfsg-6-hirsute into ubuntu/+source/qemu:debian/sid

  1. Git
  2. lp:~paelzer/ubuntu/+source/qemu
  3. merge-5.2+dfsg-6-hirsute
  4. Merge into debian/sid
Proposed by Christian Ehrhardt 
Status: Merged
Approved by: Christian Ehrhardt 
Approved revision: 9355f8a7b6fc6d04d0f875ebd05af2ba51c6a01c
Merge reported by: Christian Ehrhardt 
Merged at revision: 9355f8a7b6fc6d04d0f875ebd05af2ba51c6a01c
Proposed branch: ~paelzer/ubuntu/+source/qemu:merge-5.2+dfsg-6-hirsute
Merge into: ubuntu/+source/qemu:debian/sid
Diff against target: 6465 lines (+5793/-30)
17 files modified
debian/changelog (+4288/-4)
debian/control (+88/-17)
debian/control-in (+59/-8)
debian/patches/series (+7/-0)
debian/patches/ubuntu/define-ubuntu-machine-types.patch (+784/-0)
debian/patches/ubuntu/enable-svm-by-default.patch (+34/-0)
debian/patches/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch (+76/-0)
debian/patches/ubuntu/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch (+56/-0)
debian/patches/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch (+62/-0)
debian/qemu-kvm-init (+89/-0)
debian/qemu-system-common.install (+1/-0)
debian/qemu-system-common.qemu-kvm.default (+8/-0)
debian/qemu-system-common.qemu-kvm.service (+16/-0)
debian/qemu-system-gui.prerm (+42/-0)
debian/qemu-system-x86.NEWS (+80/-0)
debian/qemu-system-x86.README.Debian (+47/-0)
debian/rules (+56/-1)
Reviewer Review Type Date Requested Status
Lucas Kanashiro (community) Approve
Canonical Server packageset reviewers Pending
Canonical Server Pending
Review via email: mp+398447@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

PPA: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4471/+packages

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

To help review I've also pushed
 * [new tag] split/1%5.2+dfsg-3ubuntu2 -> split/1%5.2+dfsg-3ubuntu2
 * [new tag] logical/1%5.2+dfsg-3ubuntu2 -> logical/1%5.2+dfsg-3ubuntu2

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

back to WIP until I can confirm a successful build in the PPA

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Debian has
libgdk-pixbuf-2.0-0 | 2.42.2+dfsg-1 | testing | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libgdk-pixbuf-2.0-0 | 2.42.2+dfsg-1 | unstable | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x

We have
 libgdk-pixbuf-2.0-0 | 2.42.2+dfsg-1 | hirsute | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 libgdk-pixbuf-2.0-0 | 2.42.2+dfsg-1build1 | hirsute-proposed | arm64, armhf, i386, ppc64el

This is a indirect build dependency, not a change in qemu.
I see:
  Missing build dependencies: libgdk-pixbuf-2.0-0 (>= 2.40.0)

We have build-deps: libgtk-3-dev -> libgdk-pixbuf-2.0-dev (>= 2.40.0) -> libgdk-pixbuf-2.0-0 (= 2.42.2+dfsg-1)

It almost seems that this was just transitioning and therefore breaking builds.

That is resolved - it was indeed just transitioning at the time.

Another minor issue was that the fix for s390x 9p needed a bit of backporting. But that worked on a local build as well now.

Back ready for review.

Revision history for this message
Lucas Kanashiro (lucaskanashiro) wrote :

I am grabbing this MP to review.

Revision history for this message
Lucas Kanashiro (lucaskanashiro) wrote :

* Changelog:
  - [√] old content and logical tag match as expected
  - [√] changelog entry correct version and targeted codename
  - [√] changelog entries correct
  - [√] update-maintainer has been run

* Actual changes:
  - [√] no upstream changes to consider
  - [√] no further upstream version to consider
  - [√] debian changes look safe

* Old Delta:
  - [-] dropped changes are ok to be dropped
  - [√] nothing else to drop
  - [√] changes forwarded upstream/debian (if appropriate)

* New Delta:
  - [-] no new patches added
  - [√] patches match what was proposed upstream
  - [√] patches correctly included in debian/patches/series
  - [√] patches have correct DEP3 metadata

* Build/Test:
  - [√] build is ok
  - [√] verified PPA package installs/uninstalls
  - [-] autopkgtest against the PPA package passes
  - [√] sanity checks test fine

LGTM, +1.

The only thing I found was a typo in this commit message (changelog is fine):

commit 17d5c87a13fda8870bb52c37bb7676e65b35b4bd
Author: Christian Ehrhardt <email address hidden>
Date: Wed Jan 8 16:45:41 2020 +0100

    d/qemu-system-x86.README.Debian: add into about nesting changes

    Signed-off-by: Christian Ehrhardt <email address hidden>

s/into/info.

review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks Lucas!
I've fixed the typo, once tests are complete I'll upload.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

prep (x86_64) : Pass 25 F/S/N 0/0/0 - RC 0 (15 min 44545 lin)
migrate (x86_64) : Pass 288 F/S/N 0/0/0 - RC 0 (59 min 216531 lin)
cross (x86_64) : Pass 58 F/S/N 0/1/2 - RC 0 (80 min 100104 lin)
misc (x86_64) : Pass 73 F/S/N 0/0/0 - RC 0 (29 min 40852 lin)

prep (s390x) : Pass 25 F/S/N 0/0/0 - RC 0 (13 min 31251 lin)
migrate (s390x) : Pass 268 F/S/N 0/5/0 - RC 0 (72 min 163307 lin)
cross (s390x) : Pass 47 F/S/N 1/1/1 - RC 1 (79 min 89294 lin)
misc (s390x) : Pass 48 F/S/N 0/0/0 ...

I've also included a new libvirt and rerun the tests now before uploading both.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

This is in proposed - set merged

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 7bc0619..18eacd3 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,56 @@
6+qemu (1:5.2+dfsg-6ubuntu1) hirsute; urgency=medium
7+
8+ * Merge with Debian unstable, includes fixes for
9+ - build operates differently if source is a git repo (LP: #1887535)
10+ Remaining changes:
11+ - qemu-kvm to systemd unit
12+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
13+ hugepages and architecture specifics
14+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
15+ qemu-kvm-init
16+ - d/qemu-system-common.install: install helper script
17+ - d/qemu-system-common.qemu-kvm.default: defaults for
18+ /etc/default/qemu-kvm
19+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
20+ - Distribution specific machine type (LP: 1304107 1621042)
21+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
22+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
23+ for host-phys-bits=true (LP: 1776189)
24+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
25+ - provide pseries-bionic-2.11-sxxm type as convenience with all
26+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
27+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
28+ - Enable nesting by default
29+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
30+ in qemu64 on amd
31+ [ No more strictly needed, but required for backward compatibility ]
32+ - improved dependencies
33+ - Make qemu-system-common depend on qemu-block-extra
34+ - Make qemu-utils depend on qemu-block-extra
35+ - let qemu-utils recommend sharutils
36+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
37+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
38+ reference 256k path
39+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
40+ handle incoming migrations from former releases.
41+ - d/control-in: Disable capstone disassembler library support (universe)
42+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
43+ - d/control*, d/rules: disable xen by default, but provide universe
44+ package qemu-system-x86-xen as alternative
45+ [includes compat links changes of 5.0-5ubuntu4]
46+ - allow qemu to load old modules post upgrade (LP 1847361)
47+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
48+ - d/rules: Drop generating package version into maintainer scripts
49+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
50+ the bad old prerm (LP 1906245 1905377)
51+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
52+ ld usage of -no-pie (LP 1907789)
53+ * Added changes
54+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
55+ virtio-9p-ccw being missing (LP: #1916230)
56+
57+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Feb 2021 11:40:36 +0100
58+
59 qemu (1:5.2+dfsg-6) unstable; urgency=medium
60
61 * deprecate qemu-debootstrap. It is not needed anymore with
62@@ -50,6 +103,64 @@ qemu (1:5.2+dfsg-4) unstable; urgency=medium
63
64 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Feb 2021 16:52:10 +0300
65
66+qemu (1:5.2+dfsg-3ubuntu2) hirsute; urgency=medium
67+
68+ * No change rebuild to pick up liburing. (LP: #1914145)
69+
70+ -- Mauricio Faria de Oliveira <mfo@canonical.com> Wed, 03 Feb 2021 19:44:54 -0300
71+
72+qemu (1:5.2+dfsg-3ubuntu1) hirsute; urgency=medium
73+
74+ * Merge with Debian unstable, includes fixes for
75+ - qemu-user-static are partially dynamically linked (LP: #1908331)
76+ - qemu crashing when using spice without qemu-system-gui being
77+ installed (LP: #1908577)
78+ Remaining changes:
79+ - qemu-kvm to systemd unit
80+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
81+ hugepages and architecture specifics
82+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
83+ qemu-kvm-init
84+ - d/qemu-system-common.install: install helper script
85+ - d/qemu-system-common.qemu-kvm.default: defaults for
86+ /etc/default/qemu-kvm
87+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
88+ - Distribution specific machine type (LP: 1304107 1621042)
89+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
90+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
91+ for host-phys-bits=true (LP: 1776189)
92+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
93+ - provide pseries-bionic-2.11-sxxm type as convenience with all
94+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
95+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
96+ - Enable nesting by default
97+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
98+ in qemu64 on amd
99+ [ No more strictly needed, but required for backward compatibility ]
100+ - improved dependencies
101+ - Make qemu-system-common depend on qemu-block-extra
102+ - Make qemu-utils depend on qemu-block-extra
103+ - let qemu-utils recommend sharutils
104+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
105+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
106+ reference 256k path
107+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
108+ handle incoming migrations from former releases.
109+ - d/control-in: Disable capstone disassembler library support (universe)
110+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
111+ - d/control*, d/rules: disable xen by default, but provide universe
112+ package qemu-system-x86-xen as alternative
113+ [includes compat links changes of 5.0-5ubuntu4]
114+ - allow qemu to load old modules post upgrade (LP 1847361)
115+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
116+ - d/rules: Drop generating package version into maintainer scripts
117+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
118+ the bad old prerm (LP 1906245 1905377)
119+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
120+ ld usage of -no-pie (LP 1907789)
121+
122+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jan 2021 12:43:42 +0100
123+
124 qemu (1:5.2+dfsg-3) unstable; urgency=medium
125
126 [ Christian Ehrhardt ]
127@@ -66,6 +177,64 @@ qemu (1:5.2+dfsg-3) unstable; urgency=medium
128
129 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 29 Dec 2020 15:07:03 +0300
130
131+qemu (1:5.2+dfsg-2ubuntu1) hirsute; urgency=medium
132+
133+ * Merge with Debian unstable
134+ - includes fix for CVE-2020-17380
135+ - includes a fix for s390x PCI device reset (LP: #1907656)
136+ Remaining changes:
137+ - qemu-kvm to systemd unit
138+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
139+ hugepages and architecture specifics
140+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
141+ qemu-kvm-init
142+ - d/qemu-system-common.install: install helper script
143+ - d/qemu-system-common.qemu-kvm.default: defaults for
144+ /etc/default/qemu-kvm
145+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
146+ - Distribution specific machine type (LP: 1304107 1621042)
147+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
148+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
149+ for host-phys-bits=true (LP: 1776189)
150+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
151+ - provide pseries-bionic-2.11-sxxm type as convenience with all
152+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
153+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
154+ - Enable nesting by default
155+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
156+ in qemu64 on amd
157+ [ No more strictly needed, but required for backward compatibility ]
158+ - improved dependencies
159+ - Make qemu-system-common depend on qemu-block-extra
160+ - Make qemu-utils depend on qemu-block-extra
161+ - let qemu-utils recommend sharutils
162+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
163+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
164+ reference 256k path
165+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
166+ handle incoming migrations from former releases.
167+ - d/control-in: Disable capstone disassembler library support (universe)
168+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
169+ - d/control*, d/rules: disable xen by default, but provide universe
170+ package qemu-system-x86-xen as alternative
171+ [includes compat links changes of 5.0-5ubuntu4]
172+ - allow qemu to load old modules post upgrade (LP 1847361)
173+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
174+ - d/rules: Drop generating package version into maintainer scripts
175+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
176+ the bad old prerm (LP 1906245 1905377)
177+ * Dropped Changes:
178+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
179+ resolved in gcc-10 (LP: 1890435) [it is flaky still, but no more 100%
180+ fails]
181+ * Added Changes:
182+ - Refreshed ubuntu machine types for hirsute@5.2
183+ - d/control: regenerated from d/control-in
184+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
185+ ld usage of -no-pie (LP: #1907789)
186+
187+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Dec 2020 16:44:47 +0100
188+
189 qemu (1:5.2+dfsg-2) unstable; urgency=medium
190
191 * move ui-opengl.so module from qemu-system-gui to qemu-system-common,
192@@ -111,6 +280,153 @@ qemu (1:5.2+dfsg-1) unstable; urgency=medium
193
194 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 09 Dec 2020 08:57:41 +0300
195
196+qemu (1:5.1+dfsg-4ubuntu3) hirsute; urgency=medium
197+
198+ * d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
199+ the bad old prerm (LP: #1906245)
200+
201+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 30 Nov 2020 12:53:03 +0100
202+
203+qemu (1:5.1+dfsg-4ubuntu2) hirsute; urgency=medium
204+
205+ * Fix upgrade module handling (LP: #1905377)
206+ This was accetped in a slightly different form in qemu_5.0-6 and therefore
207+ allows to drop some former delta that is now conflicting.
208+ Ubuntu still keeps enabling --enable-module-upgrades, but only for
209+ qemu-xen which doesn't exist in Debian
210+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
211+ - d/rules: Drop generating package version into maintainer scripts
212+
213+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Nov 2020 11:16:01 +0100
214+
215+qemu (1:5.1+dfsg-4ubuntu1) hirsute; urgency=medium
216+
217+ * Merge with Debian testing, remaining changes:
218+ Fixes qemu-arm-static Assertion `guest_base != 0' failed (LP: #1897854)
219+ - qemu-kvm to systemd unit
220+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
221+ hugepages and architecture specifics
222+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
223+ qemu-kvm-init
224+ - d/qemu-system-common.install: install helper script
225+ - d/qemu-system-common.qemu-kvm.default: defaults for
226+ /etc/default/qemu-kvm
227+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
228+ - Distribution specific machine type (LP: 1304107 1621042)
229+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
230+ types
231+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
232+ for host-phys-bits=true (LP: 1776189)
233+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
234+ - provide pseries-bionic-2.11-sxxm type as convenience with all
235+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
236+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
237+ - Enable nesting by default
238+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
239+ in qemu64 on amd
240+ [ No more strictly needed, but required for backward compatibility ]
241+ - improved dependencies
242+ - Make qemu-system-common depend on qemu-block-extra
243+ - Make qemu-utils depend on qemu-block-extra
244+ - let qemu-utils recommend sharutils
245+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
246+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
247+ reference 256k path
248+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
249+ handle incoming migrations from former releases.
250+ - d/control-in: Disable capstone disassembler library support (universe)
251+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
252+ - d/control*, d/rules: disable xen by default, but provide universe
253+ package qemu-system-x86-xen as alternative
254+ [includes compat links changes of 5.0-5ubuntu4]
255+ - allow qemu to load old modules post upgrade (LP 1847361)
256+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
257+ upgrade
258+ - d/rules: generate maintainer scripts matching package version on build
259+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
260+ - d/control: regenerate debian/control out of control-in
261+ * Dropped changes [in Debian or no more needed]
262+ - d/control-in: disable pmem on ppc64 as it is currently considered
263+ experimental on that architecture (pmdk v1.8-1)
264+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
265+ - d/rules: report config log from the correct subdir
266+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
267+ - Pick further changes for groovy from debian/master since 5.0-5
268+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
269+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_...patch
270+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
271+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
272+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
273+ - megasas-fix-possible-out-of-bounds-array-access.patch
274+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
275+ - es1370-check-total-frame-count-against-current-...-CVE-2020-13361.patch
276+ - a few patches from the stable series:
277+ - fix-tulip-breakage.patch
278+ - 9p-lock-directory-streams-with-a-CoMutex.patch
279+ Prevent deadlocks in 9pfs readdir code
280+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
281+ Fix newline accidentally sneaked into id string of a nic
282+ - qemu-nbd-close-inherited-stderr.patch
283+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
284+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
285+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
286+ - acpi-tmr-allow-2-byte-reads.patch
287+ - reapply CVE-2020-13253 fixes from upstream
288+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
289+ - linux-user-add-netlink-RTM_SETLINK-command.patch
290+ - d/control: since qemu-system-data now contains module(s),
291+ it can't be multi-arch. Ditto for qemu-block-extra.
292+ - qemu-system-foo: depend on exact version of qemu-system-data,
293+ due to the latter having modules
294+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch'
295+ This is another incarnation of the recent bugfix which actually enabled
296+ memory access constraints, like #964247
297+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
298+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
299+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
300+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
301+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
302+ - do not install outdated (0.12 and before) Changelog
303+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
304+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
305+ Closes: CVE-2020-15863
306+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
307+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
308+ another fix for revert-memory-accept-.. CVE-2020-13754
309+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
310+ - d/control-in: build-dep libcap is no more needed
311+ - arch aware kvm wrappers
312+ [upstream now automatically enables KVM if available and called with
313+ kvm* name, provides KVM as before but with auto-fallback to tcg.
314+ Former behavior of KVM-or-die can be achieved via -machine accel=kvm ]
315+ * Dropped changes [upstream now]
316+ - d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
317+ setup_len
318+ - d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP 1887930)
319+ - d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP 1894942)
320+ - d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
321+ from vfio-ccw (LP 1887935)
322+ - fix qemu-user-static initialization to allow executing systemd (LP 1890881)
323+ - fix assertion failue in net_tx_pkt_add_raw_fragment (LP 1891187)
324+ - d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
325+ SQXBR (LP 1883984)
326+ - d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP 1890154)
327+ - d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
328+ environments (LP 1887763)
329+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
330+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
331+ crashes it on shutdown (LP 1878973)
332+ - update d/p/ubuntu/lp-1835546-* to the final versions
333+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
334+ FTBFS in groovy
335+ * Added Changes:
336+ - update ubuntu machine types for hirsute@5.1
337+ - d/control: regenerated from d/control-in
338+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
339+ resolved in gcc-10 (LP: 1890435)
340+
341+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 29 Oct 2020 12:37:31 +0100
342+
343 qemu (1:5.1+dfsg-4) unstable; urgency=high
344
345 * mention closing of CVE-2020-16092 by 5.1
346@@ -129,7 +445,7 @@ qemu (1:5.1+dfsg-3) unstable; urgency=medium
347
348 qemu (1:5.1+dfsg-2) unstable; urgency=medium
349
350- * fix brown-paper bag bug in last upload
351+ * fix brown-paper bag bug in last upload
352
353 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 17 Aug 2020 20:58:52 +0300
354
355@@ -352,6 +668,298 @@ qemu (1:5.0-6) unstable; urgency=medium
356
357 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 03 Jul 2020 18:24:48 +0300
358
359+qemu (1:5.0-5ubuntu11) hirsute; urgency=medium
360+
361+ * d/p/ubuntu/define-ubuntu-machine-types.patch: update to fix 15.04 wily
362+ machine type to match how it originally was released (LP: #1902654)
363+
364+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Nov 2020 08:19:07 +0100
365+
366+qemu (1:5.0-5ubuntu10) hirsute; urgency=medium
367+
368+ * No-change rebuild for brltty soname change.
369+
370+ -- Matthias Klose <doko@ubuntu.com> Mon, 02 Nov 2020 16:59:33 +0100
371+
372+qemu (1:5.0-5ubuntu9) groovy; urgency=medium
373+
374+ * d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
375+ setup_len
376+ CVE-2020-14364
377+
378+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 22 Sep 2020 16:53:18 +0200
379+
380+qemu (1:5.0-5ubuntu8) groovy; urgency=medium
381+
382+ * d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP: #1887930)
383+
384+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 14 Sep 2020 08:23:49 +0200
385+
386+qemu (1:5.0-5ubuntu7) groovy; urgency=medium
387+
388+ * d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP: #1894942)
389+
390+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Sep 2020 08:47:12 +0200
391+
392+qemu (1:5.0-5ubuntu6) groovy; urgency=medium
393+
394+ * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
395+ from vfio-ccw (LP: #1887935)
396+
397+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Aug 2020 11:09:12 +0200
398+
399+qemu (1:5.0-5ubuntu5) groovy; urgency=medium
400+
401+ * fix qemu-user-static initialization to allow executing systemd
402+ (LP: #1890881)
403+ - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch
404+ - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch
405+ - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch
406+ - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch
407+ - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch
408+ - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch
409+ * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187)
410+ CVE-2020-16092
411+ - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch
412+
413+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 19 Aug 2020 07:19:42 +0200
414+
415+qemu (1:5.0-5ubuntu4) groovy; urgency=medium
416+
417+ * xen: provide compat links to what libxen-dev reports where to find
418+ the binaries (LP: #1890005)
419+ * d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
420+ SQXBR (LP: #1883984)
421+ * d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP: #1890154)
422+
423+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 03 Aug 2020 07:15:28 +0200
424+
425+qemu (1:5.0-5ubuntu3) groovy; urgency=medium
426+
427+ * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
428+ environments (LP: #1887763)
429+ * Pick further changes for groovy from debian/master since 5.0-5
430+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
431+ Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger
432+ infinite recursion via a crafted mm_index value during
433+ ati_mm_read or ati_mm_write call.
434+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch
435+ Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu
436+ devices which uses min_access_size and max_access_size Memory API fields.
437+ Also closes: CVE-2020-13791
438+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
439+ CVE-2020-13659: address_space_map in exec.c can trigger
440+ a NULL pointer dereference related to BounceBuffer
441+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
442+ Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c
443+ has an OOB read via a crafted reply_queue_head field from a guest OS user
444+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
445+ fix other possible cases like in CVE-2020-13362 (#961887)
446+ - megasas-fix-possible-out-of-bounds-array-access.patch
447+ Some tracepoints use a guest-controlled value as an index into the
448+ mfi_frame_desc[] array. Thus a malicious guest could cause a very low
449+ impact OOB errors here
450+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
451+ Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server.
452+ This flaw occurs when an nbd-client sends a spec-compliant request that is
453+ near the boundary of maximum permitted request length. A remote nbd-client
454+ could use this flaw to crash the qemu-nbd server resulting in a DoS.
455+ - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch
456+ Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not
457+ properly validate the frame count, which allows guest OS users to trigger
458+ an out-of-bounds access during an es1370_write() operation
459+ - a few patches from the stable series:
460+ - fix-tulip-breakage.patch
461+ The tulip network driver in a qemu-system-hppa emulation is broken in
462+ the sense that bigger network packages aren't received any longer and
463+ thus even running e.g. "apt update" inside the VM fails. Fix this.
464+ - 9p-lock-directory-streams-with-a-CoMutex.patch
465+ Prevent deadlocks in 9pfs readdir code
466+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
467+ Fix newline accidentally sneaked into id string of a nic
468+ - qemu-nbd-close-inherited-stderr.patch
469+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
470+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
471+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
472+ - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247)
473+ - reapply CVE-2020-13253 fixed from upstream:
474+ sdcard-simplify-realize-a-bit.patch (preparation for the next patch)
475+ sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253)
476+ sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational)
477+ sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch
478+ Closes: #961297, CVE-2020-13253
479+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
480+ (Closes: #965109)
481+ - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289)
482+ - d/control: since qemu-system-data now contains module(s),
483+ it can't be multi-arch. Ditto for qemu-block-extra.
484+ - qemu-system-foo: depend on exact version of qemu-system-data,
485+ due to the latter having modules
486+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793)
487+ This is another incarnation of the recent bugfix which actually enabled
488+ memory access constraints, like #964247
489+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
490+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
491+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
492+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
493+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
494+ - do not install outdated (0.12 and before) Changelog (Closes: #965381)
495+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
496+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
497+ Closes: CVE-2020-15863
498+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
499+ List of patches:
500+ sm501-convert-printf-abort-to-qemu_log_mask.patch
501+ sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
502+ sm501-use-BIT-macro-to-shorten-constant.patch
503+ sm501-clean-up-local-variables-in-sm501_2d_operation.patch
504+ sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
505+ Closes: #961451, CVE-2020-12829
506+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
507+ another fix for revert-memory-accept-.. CVE-2020-13754
508+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
509+
510+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 Jul 2020 13:21:31 +0200
511+
512+qemu (1:5.0-5ubuntu2) groovy; urgency=medium
513+
514+ * No change rebuild against new libnettle8 and libhogweed6 ABI.
515+
516+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 29 Jun 2020 22:32:55 +0100
517+
518+qemu (1:5.0-5ubuntu1) groovy; urgency=medium
519+
520+ * Merge with Debian testing (LP: #1749393), remaining changes:
521+ - qemu-kvm to systemd unit
522+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
523+ hugepages and architecture specifics
524+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
525+ qemu-kvm-init
526+ - d/qemu-system-common.install: install helper script
527+ - d/qemu-system-common.qemu-kvm.default: defaults for
528+ /etc/default/qemu-kvm
529+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
530+ - Distribution specific machine type (LP: 1304107 1621042)
531+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
532+ types
533+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
534+ for host-phys-bits=true (LP: 1776189)
535+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
536+ - provide pseries-bionic-2.11-sxxm type as convenience with all
537+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
538+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
539+ - Enable nesting by default
540+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
541+ in qemu64 on amd
542+ [ No more strictly needed, but required for backward compatibility ]
543+ - improved dependencies
544+ - Make qemu-system-common depend on qemu-block-extra
545+ - Make qemu-utils depend on qemu-block-extra
546+ - let qemu-utils recommend sharutils
547+ - arch aware kvm wrappers
548+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
549+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
550+ reference 256k path
551+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
552+ handle incoming migrations from former releases.
553+ - d/control-in: Disable capstone disassembler library support (universe)
554+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
555+ - d/control*, d/rules: disable xen by default, but provide universe
556+ package qemu-system-x86-xen as alternative
557+ [includes --disable-xen for user-static builds]
558+ - d/control-in: disable pmem on ppc64 as it is currently considered
559+ experimental on that architecture (pmdk v1.8-1)
560+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
561+ - d/rules: report config log from the correct subdir
562+ - allow qemu to load old modules post upgrade (LP 1847361)
563+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
564+ upgrade
565+ - d/rules: generate maintainer scripts matching package version on build
566+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
567+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
568+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
569+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
570+ crashes it on shutdown (LP 1878973)
571+ * Dropped changes (no more needed)
572+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
573+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
574+ in qemu64 cpu type.
575+ - d/control: avoid upgrade issues triggered by moving ivshmem tools after
576+ Debian. Fixed by bumping the related Breaks/Replaces to the
577+ Version Ubuntu introduced the change (LP 1862287)
578+ * Dropped changes (in Debian)
579+ - improved s390x support
580+ - d/binfmt-update-in: fix binfmt being called in some containers
581+ (LP 1840956)
582+ - qemu-system-x86-microvm package
583+ In addition to the generic multi-purpose qemu also provide a minimal
584+ feature binary that is loading faster for use cases with microvm machine
585+ type and qboot bios
586+ - d/control-in: add a new qemu-system-x86-microvm package
587+ - d/rules: add an extra config/build step to get the minimal qemu
588+ - Security and packaging fixes (LP 1872937)
589+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
590+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
591+ CVE-2020-10702
592+ CVE-2020-11102
593+ - fix external spice UI
594+ + install ui-spice-app.so in qemu-system-common
595+ + install ui-spice-app.so only if built, spice is optional
596+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
597+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
598+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
599+ - enable riscv build (LP 1872931)
600+ [ changes picked from Debian ]
601+ - enable support for riscv64 hosts
602+ - only enable librbd on architectures where it is built
603+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
604+ depends on the former
605+ - seccomp grew up, no need in versioned build-dep
606+ - enable seccomp only on architectures where it can be built
607+ * Dropped changes (upstream)
608+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
609+ (LP 1857033)
610+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
611+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
612+ vhost-user-gpu
613+ - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
614+ avoid unnecessary IOTLB transactions (LP 1866207)
615+ - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
616+ patches @qemu-stable (LP 1867519)
617+ - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
618+ to avoid broken nesting (LP 1868692)
619+ - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
620+ (LP 1871830)
621+ - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107)
622+ - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
623+ - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
624+ and clobbered doubles (LP 1872945)
625+ - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
626+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
627+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
628+ - CVE-2020-11869
629+ - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
630+ - async: use explicit memory barriers (LP 1805256)
631+ - aio-wait: delegate polling of main AioContext if BQL not held
632+ - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
633+ supporting to set them (LP 1882774)
634+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
635+ load to a versioned path
636+ * Added Changes:
637+ - d/control: regenerate debian/control out of control-in
638+ - update d/p/ubuntu/lp-1835546-* to the final versions
639+ - 11 patches dropped as they are in 5.0
640+ - 20 patches updated to how they will be in 5.1
641+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
642+ FTBFS in groovy
643+ - Make qemu-system-x86-microvm a transitional package as the binary is now
644+ in qemu-system-x86 itself.
645+ - d/control-in: build-dep libcap is no more needed
646+ - d/rules: update arch aware kvm wrappers
647+ - d/qemu-system-x86.README.Debian: fix typo
648+
649+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 16 Jun 2020 16:50:09 +0200
650+
651 qemu (1:5.0-5) unstable; urgency=medium
652
653 * more binfmt-install updates
654@@ -484,6 +1092,188 @@ qemu (1:4.2-4) unstable; urgency=medium
655
656 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 12:44:43 +0300
657
658+qemu (1:4.2-3ubuntu10) groovy; urgency=medium
659+
660+ * No-change rebuild against libnettle8
661+
662+ -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 20 Jul 2020 16:12:37 +0000
663+
664+qemu (1:4.2-3ubuntu9) groovy; urgency=medium
665+
666+ * debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
667+ crashes it on shutdown (LP: #1878973)
668+ * d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
669+ supporting to set them (LP: #1882774)
670+
671+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 02 Jun 2020 10:42:49 +0200
672+
673+qemu (1:4.2-3ubuntu8) groovy; urgency=medium
674+
675+ * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
676+ - async: use explicit memory barriers (LP: #1805256)
677+ - aio-wait: delegate polling of main AioContext if BQL not held
678+
679+ -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Wed, 27 May 2020 21:47:21 +0000
680+
681+qemu (1:4.2-3ubuntu7) groovy; urgency=medium
682+
683+ * SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
684+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
685+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
686+ - CVE-2020-11869
687+
688+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 21 May 2020 14:43:19 -0400
689+
690+qemu (1:4.2-3ubuntu6) focal; urgency=medium
691+
692+ [ Christian Ehrhardt ]
693+ * enable riscv build (LP: #1872931)
694+ [ changes picked from Debian ]
695+ - enable support for riscv64 hosts
696+ - only enable librbd on architectures where it is built
697+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
698+ depends on the former
699+ - seccomp grew up, no need in versioned build-dep
700+ - enable seccomp only on architectures where it can be built
701+ * d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
702+ * d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
703+ and clobbered doubles (LP: #1872945)
704+
705+ [ William Grant ]
706+ * d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
707+
708+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 14:27:15 +0200
709+
710+qemu (1:4.2-3ubuntu5) focal; urgency=medium
711+
712+ [ Christian Ehrhardt ]
713+ * d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
714+ (LP: #1871830)
715+ * Security and packaging fixes (LP: #1872937)
716+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
717+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
718+ CVE-2020-10702
719+ CVE-2020-11102
720+ - fix external spice UI
721+ + install ui-spice-app.so in qemu-system-common
722+ + install ui-spice-app.so only if built, spice is optional
723+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
724+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
725+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
726+ * d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872107)
727+
728+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 11:26:44 +0200
729+
730+qemu (1:4.2-3ubuntu4) focal; urgency=medium
731+
732+ * d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546)
733+ * remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
734+ to avoid broken nesting (LP: #1868692)
735+
736+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 20 Mar 2020 08:02:16 +0100
737+
738+qemu (1:4.2-3ubuntu3) focal; urgency=medium
739+
740+ * d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
741+ patches @qemu-stable (LP: #1867519)
742+
743+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 18 Mar 2020 13:57:57 +0100
744+
745+qemu (1:4.2-3ubuntu2) focal; urgency=medium
746+
747+ * allow qemu to load old modules post upgrade (LP: #1847361)
748+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
749+ load to a versioned path
750+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
751+ upgrade
752+ - d/rules: generate maintainer scripts matching package version on build
753+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
754+ * d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
755+ avoid unnecessary IOTLB transactions (LP: #1866207)
756+
757+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 02 Mar 2020 15:21:27 +0100
758+
759+qemu (1:4.2-3ubuntu1) focal; urgency=medium
760+
761+ * Merge with Debian testing, remaining changes:
762+ - qemu-kvm to systemd unit
763+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
764+ hugepages and architecture specifics
765+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
766+ qemu-kvm-init
767+ - d/qemu-system-common.install: install helper script
768+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
769+ - d/qemu-system-common.qemu-kvm.default: defaults for
770+ /etc/default/qemu-kvm
771+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
772+ - Distribution specific machine type (LP: 1304107 1621042)
773+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
774+ types
775+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
776+ for host-phys-bits=true (LP: 1776189)
777+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
778+ - provide pseries-bionic-2.11-sxxm type as convenience with all
779+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
780+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
781+ - Enable nesting by default
782+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
783+ in qemu64 cpu type.
784+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
785+ in qemu64 on amd
786+ [ No more strictly needed, but required for backward compatibility ]
787+ - improved dependencies
788+ - Make qemu-system-common depend on qemu-block-extra
789+ - Make qemu-utils depend on qemu-block-extra
790+ - let qemu-utils recommend sharutils
791+ - improved s390x support
792+ - d/rules: build s390-ccw.img with upstream Makefile
793+ - d/rules: build s390-netboot.img with upstream Makefile
794+ - arch aware kvm wrappers
795+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
796+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
797+ reference 256k path
798+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
799+ handle incoming migrations from former releases.
800+ - d/control-in: Disable capstone disassembler library support (universe)
801+ - d/binfmt-update-in: fix binfmt being called in some containers
802+ (LP 1840956)
803+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
804+ (LP 1857033)
805+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
806+ - d/control*, d/rules: disable xen by default, but provide universe
807+ package qemu-system-x86-xen as alternative
808+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
809+ - Dropped changes [ in Debian ]
810+ - d/control: update VCS links
811+ - d/control-in: bump debhelper build-dep for compat 12
812+ - d/control: disable bluetooth being deprecated
813+ - d/not-installed: ignore new interop docs and extra icons for now
814+ - d/not-installed: do not install elf2dmp until namespaced
815+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
816+ [ not needed ]
817+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
818+ - s390x support
819+ - Create qemu-system-s390x package
820+ - Enable numa support for s390x
821+ - d/control*: enable libpmem support for nvdimms (LP 1790856)
822+ * Added changes
823+ - d/control: regenerate debian/control out of control-in
824+ - qemu-system-x86-microvm package
825+ In addition to the generic multi-purpose qemu also provide a minimal
826+ feature binary that is loading faster for use cases with microvm machine
827+ type and qboot bios
828+ - d/control-in: add a new qemu-system-x86-microvm package
829+ - d/rules: add an extra config/build step to get the minimal qemu
830+ - d/control-in: disable pmem on ppc64 as it is currently considered
831+ experimental on that architecture (pmdk v1.8-1)
832+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
833+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
834+ vhost-user-gpu
835+ - d/rules: report config log from the correct subdir
836+ - d/rules: --disable-xen for user-static builds
837+
838+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Feb 2020 15:21:56 +0100
839+
840 qemu (1:4.2-3) unstable; urgency=medium
841
842 * mention closing of #909743 in previous changelog (Closes: #909743)
843@@ -526,6 +1316,169 @@ qemu (1:4.2-2) unstable; urgency=medium
844
845 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Jan 2020 23:51:09 +0300
846
847+qemu (1:4.2-1ubuntu2) focal; urgency=medium
848+
849+ * d/control: avoid upgrade issues triggered by moving ivshmem tools after
850+ Debian. Fixed by by bumping the related Breaks/Replaces to the
851+ Version Ubuntu introduced the change (LP: #1862287)
852+
853+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 07 Feb 2020 07:31:21 +0100
854+
855+qemu (1:4.2-1ubuntu1) focal; urgency=medium
856+
857+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
858+ LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
859+ LP: #1812822 - avoid crashes on detaching vhost_net interfaces
860+ LP: #1852744 - Crypto Passthrough Interrupt Support
861+ LP: #1853316 - CCW IPL Support
862+ Remaining changes:
863+ - qemu-kvm to systemd unit
864+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
865+ hugepages and architecture specifics
866+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
867+ qemu-kvm-init
868+ - d/qemu-system-common.install: install helper script
869+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
870+ - d/qemu-system-common.qemu-kvm.default: defaults for
871+ /etc/default/qemu-kvm
872+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
873+ - Distribution specific machine type (LP: 1304107 1621042)
874+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
875+ types
876+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
877+ for host-phys-bits=true (LP: 1776189)
878+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
879+ - provide pseries-bionic-2.11-sxxm type as convenience with all
880+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
881+ - Enable nesting by default
882+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
883+ in qemu64 cpu type.
884+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
885+ in qemu64 on amd
886+ [ No more strictly needed, but required for backward compatibility ]
887+ - improved dependencies
888+ - Make qemu-system-common depend on qemu-block-extra
889+ - Make qemu-utils depend on qemu-block-extra
890+ - let qemu-utils recommend sharutils
891+ - s390x support
892+ - Create qemu-system-s390x package
893+ - Enable numa support for s390x
894+ - d/rules: build s390-ccw.img with upstream Makefile
895+ - d/rules: build s390-netboot.img with upstream Makefile
896+ - arch aware kvm wrappers
897+ - d/control: update VCS links
898+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
899+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
900+ reference 256k path
901+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
902+ handle incoming migrations from former releases.
903+ - d/control-in: Disable capstone disassembler library support (universe)
904+ - d/control: disable bluetooth being deprecated
905+ - d/not-installed: ignore new interop docs and extra icons for now
906+ - d/not-installed: do not install elf2dmp until namespaced
907+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
908+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
909+ - d/binfmt-update-in: fix binfmt being called in some containers
910+ (LP 1840956)
911+ - Dropped changes (in Debian)
912+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
913+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
914+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
915+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
916+ - enable RDMA config option
917+ - add libibumad-dev build-dep
918+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
919+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
920+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
921+ replace it with a build-indep using the upstream makefiles.
922+ This is less prone to miss future changes/fixes that are done to the
923+ makefiles
924+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
925+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
926+ - d/rules: fix qemu-kvm service for debhelper compat >=12
927+ - Refreshed patches for v4.0 context changes
928+ - d/control*: remove sdlabi which was removed upstream
929+ - d/control*: enable docs (now explicit) and provide new build-dep
930+ python3-sphinx
931+ - d/qemu-system-data.install: use new paths for formerly used icons
932+ - Merge with Upstream release of qemu 4.0
933+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
934+ - Dropped changes (Upstream)
935+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
936+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
937+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
938+ fix i386 build error
939+ - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
940+ fix naming of the new vector facitlity (LP 1836066)
941+ - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
942+ for missing SIOCGSTAMP definition; final fix is still in discussion
943+ upstream (LP: 1836159)
944+ - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
945+ s390x machines (LP 1836154)
946+ - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
947+ (LP 1841066)
948+ - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
949+ update the z15 model name (LP 1842774)
950+ - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
951+ fix a potential hang when qemu or qemu-img where accessing http backed
952+ disks via libcurl (LP 1848556)
953+ - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*:
954+ fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497)
955+ - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
956+ toleration for future machines (LP 1830704)
957+ - SECURITY UPDATE: Add support for exposing md-clear functionality
958+ to guests
959+ - d/p/ubuntu/enable-md-clear.patch
960+ - d/p/ubuntu/enable-md-no.patch
961+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
962+ - SECURITY UPDATE: heap overflow when loading device tree blob
963+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
964+ copy the device tree blob into is.
965+ - CVE-2018-20815
966+ - SECURITY UPDATE: device driver denial of service via NULL pointer
967+ dereference
968+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
969+ routine
970+ - CVE-2019-5008
971+ - SECURITY UPDATE: information leak in SLiRP
972+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
973+ emulating ident.
974+ - CVE-2019-9824
975+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
976+ unimplement.patch: properly return architecture defined exception
977+ on bad subcodes of diag 308 (LP 1812384)
978+ * Dropped changes (no more needed)
979+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
980+ mv_conffile since the new path is a directory in the old package
981+ version which can not be handled by mv_conffile.
982+ [ only needed between disco and eoan ]
983+ - disable pvrdma
984+ [ CVEs all fixed now ]
985+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
986+ avoid misdetection of simplified nesting blocking all migrations
987+ [ qemu now detects and handles nesting - needs kernel >=4.20 ]
988+ - Enable nesting by default
989+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
990+ (is default on amd)
991+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
992+ without nested=1
993+ [ nesting is default in kernel modules and default selected cpu types ]
994+ * Added changes
995+ - d/control: regenerate debian/control out of control-in
996+ - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
997+ - added ubuntu focal types for qemu 4.2
998+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
999+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1000+ (LP: #1857033)
1001+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1002+ - d/control*, d/rules: disable xen by default, but provide universe
1003+ package qemu-system-x86-xen as alternative
1004+ - fix typos in changelog and d/qemu-system-x86.NEWS
1005+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
1006+ - d/control*: enable libpmem support for nvdimms (LP: #1790856)
1007+
1008+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 08 Jan 2020 15:27:42 +0100
1009+
1010 qemu (1:4.2-1) unstable; urgency=medium
1011
1012 * new upstream release (4.2.0)
1013@@ -602,6 +1555,205 @@ qemu (1:4.1-1) unstable; urgency=medium
1014
1015 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 27 Aug 2019 12:43:43 +0300
1016
1017+qemu (1:4.0+dfsg-0ubuntu10) focal; urgency=medium
1018+
1019+ * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
1020+ fix a potential hang when qemu or qemu-img where accessing http backed
1021+ disks via libcurl (LP: #1848556)
1022+ * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch:
1023+ fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497)
1024+
1025+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 21 Oct 2019 14:51:45 +0200
1026+
1027+qemu (1:4.0+dfsg-0ubuntu9) eoan; urgency=medium
1028+
1029+ * d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
1030+ update the z15 model name (LP: #1842774)
1031+
1032+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Sep 2019 11:42:58 +0200
1033+
1034+qemu (1:4.0+dfsg-0ubuntu8) eoan; urgency=medium
1035+
1036+ * d/binfmt-update-in: fix binfmt being called in some containers
1037+ (LP: #1840956)
1038+
1039+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Sep 2019 11:03:13 +0200
1040+
1041+qemu (1:4.0+dfsg-0ubuntu7) eoan; urgency=medium
1042+
1043+ * No-change upload with strops.h and sys/strops.h removed in glibc.
1044+
1045+ -- Matthias Klose <doko@ubuntu.com> Thu, 05 Sep 2019 11:07:25 +0000
1046+
1047+qemu (1:4.0+dfsg-0ubuntu6) eoan; urgency=medium
1048+
1049+ * d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
1050+ (LP: #1841066)
1051+
1052+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 26 Aug 2019 12:08:04 +0200
1053+
1054+qemu (1:4.0+dfsg-0ubuntu5) eoan; urgency=medium
1055+
1056+ * d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
1057+ s390x machines (LP: #1836154)
1058+
1059+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Jul 2019 13:20:42 +0200
1060+
1061+qemu (1:4.0+dfsg-0ubuntu4) eoan; urgency=medium
1062+
1063+ * d/control-in: promote qemu-efi/ovmf in Ubuntu (LP: #1570617)
1064+ - pick Debian change for (#889885)
1065+ move ovmf to recommends on debian and update aarch ovmf refs
1066+ - stop Ubuntu to drop ovmf/qemu-efi to a suggest
1067+
1068+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 12 Jul 2019 12:48:24 +0200
1069+
1070+qemu (1:4.0+dfsg-0ubuntu3) eoan; urgency=medium
1071+
1072+ * d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
1073+ for missing SIOCGSTAMP definition; final fix is still in discussion
1074+ upstream (LP: 1836159)
1075+
1076+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 10:10:00 +0200
1077+
1078+qemu (1:4.0+dfsg-0ubuntu2) eoan; urgency=medium
1079+
1080+ * d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
1081+ fix naming of the new vector facitlity (LP: #1836066)
1082+ * d/control-in: update VCS links in control template as well
1083+
1084+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 08:18:44 +0200
1085+
1086+qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium
1087+
1088+ * Merge with Upstream release of qemu 4.0.
1089+ Among many other things this fixes LP Bugs:
1090+ LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA)
1091+ LP: #1828038 - Update s390x CPU Model for more HW support
1092+ LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el
1093+ Remaining Changes:
1094+ - qemu-kvm to systemd unit
1095+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1096+ hugepages and architecture specifics
1097+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1098+ qemu-kvm-init
1099+ - d/qemu-system-common.install: install helper script
1100+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1101+ - d/qemu-system-common.qemu-kvm.default: defaults for
1102+ /etc/default/qemu-kvm
1103+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1104+ - Enable nesting by default
1105+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1106+ (is default on amd)
1107+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1108+ without nested=1
1109+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1110+ in qemu64 cpu type.
1111+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1112+ in qemu64 on amd
1113+ - d/qemu-system-x86.README.Debian: document intention of nested being
1114+ default is comfort, not full support
1115+ - Distribution specific machine type (LP: 1304107 1621042)
1116+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1117+ types
1118+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1119+ for host-phys-bits=true (LP: 1776189)
1120+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1121+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1122+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1123+ - improved dependencies
1124+ - Make qemu-system-common depend on qemu-block-extra
1125+ - Make qemu-utils depend on qemu-block-extra
1126+ - let qemu-utils recommend sharutils
1127+ - s390x support
1128+ - Create qemu-system-s390x package
1129+ - Enable numa support for s390x
1130+ - arch aware kvm wrappers
1131+ - d/control: update VCS links
1132+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1133+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1134+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1135+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1136+ - enable RDMA config option
1137+ - add libibumad-dev build-dep
1138+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1139+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1140+ reference 256k path
1141+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1142+ handle incoming migrations from former releases.
1143+ - d/control-in: Disable capstone disassembler library support (universe)
1144+ - Move s390x roms to a new qemu-system-data-s390x
1145+ - d/qemu-system-data.install: install s390x roms as architecture:all in
1146+ qemu-system-data
1147+ - d/rules: build s390-ccw.img with upstream Makefile
1148+ - d/rules: build s390-netboot.img with upstream Makefile
1149+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1150+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1151+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1152+ replace it with a build-indep using the upstream makefiles.
1153+ This is less prone to miss future changes/fixes that are done to the
1154+ makefiles
1155+ - d/control-in: add breaks/replaces for moving s390x roms from
1156+ qemu-system-s390x to qemu-system-data
1157+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1158+ [From not yet uploaded Debian branch]
1159+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1160+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1161+ - disable pvrdma - besides several security holes there are many other
1162+ bugs there as well
1163+ * Dropped patches that are upstream in v4.0
1164+ - d/p/do-not-link-everything-with-xen.patch
1165+ - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
1166+ - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
1167+ - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
1168+ - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778
1169+ - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
1170+ - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor
1171+ (LP: 1759509)
1172+ - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri
1173+ - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and
1174+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement
1175+ - d/p/ubuntu/CVE-2018-20815.patch
1176+ - d/p/ubuntu/CVE-2019-5008.patch
1177+ - d/p/ubuntu/CVE-2019-9824.patch
1178+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1179+ avoid misdetection of simplified nesting blocking all migrations
1180+ * Dropped further patches
1181+ d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665
1182+ [upstream deprecated the whole subsystem instead of applying the fix]
1183+ * Added Changes
1184+ - updated ubuntu machine types for v4.0
1185+ - added eoan types
1186+ - fixed s390x issue of upstream types having a "v" prefix
1187+ - add back dropped machine types to avoid more issues like LP: 1802944
1188+ - fix kvm split irqchip default in ubuntu q35 machine type
1189+ - drop no more needed spapr_machine_2_11_sxxm_instance_options and
1190+ adapt updated CamelCase
1191+ - -hpb types now need to use GlobalProperties
1192+ - pc_compat_2_0 got a _fn suffix and slight changes
1193+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to
1194+ SLOF of qemu 4.0
1195+ - Refreshed patches still needed for v4.0 context changes
1196+ - d/p/use-fixed-data-path.patch
1197+ - d/p/ubuntu/enable-svm-by-default.patch
1198+ - d/p/ubuntu/enable-md-clear.patch
1199+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
1200+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration
1201+ (LP: #1830243)
1202+ - d/control: disable bluetooth being deprecated
1203+ - d/control*: remove sdlabi which was removed upstream
1204+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238)
1205+ - d/control*: enable docs (now explicit) and provide new build-dep
1206+ python3-sphinx
1207+ - d/not-installed: ignore new interop docs and extra icons for now
1208+ - d/not-installed: do not install elf2dmp until namespaced
1209+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1210+ - d/qemu-system-data.install: use new paths for formerly used icons
1211+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
1212+ fix i386 build error
1213+
1214+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 24 Jun 2019 16:33:19 +0200
1215+
1216 qemu (1:3.1+dfsg-8) unstable; urgency=high
1217
1218 * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch
1219@@ -704,6 +1856,232 @@ qemu (1:3.1+dfsg-3) unstable; urgency=medium
1220
1221 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 06 Feb 2019 12:23:01 +0300
1222
1223+qemu (1:3.1+dfsg-2ubuntu5) eoan; urgency=medium
1224+
1225+ * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
1226+ broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
1227+ fix migrations from old machines (LP: #1829868).
1228+ * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
1229+ toleration for future machines (LP: #1830704
1230+
1231+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 May 2019 11:30:42 +0200
1232+
1233+qemu (1:3.1+dfsg-2ubuntu4) eoan; urgency=medium
1234+
1235+ * SECURITY UPDATE: Add support for exposing md-clear functionality
1236+ to guests
1237+ - d/p/ubuntu/enable-md-clear.patch
1238+ - d/p/ubuntu/enable-md-no.patch
1239+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
1240+ * SECURITY UPDATE: heap overflow when loading device tree blob
1241+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
1242+ copy the device tree blob into is.
1243+ - CVE-2018-20815
1244+ * SECURITY UPDATE: device driver denial of service via NULL pointer
1245+ dereference
1246+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
1247+ routine
1248+ - CVE-2019-5008
1249+ * SECURITY UPDATE: information leak in SLiRP
1250+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
1251+ emulating ident.
1252+ - CVE-2019-9824
1253+
1254+ -- Steve Beattie <sbeattie@ubuntu.com> Wed, 08 May 2019 09:27:53 -0700
1255+
1256+qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium
1257+
1258+ * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
1259+ - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
1260+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
1261+ mv_conffile since the new path is a directory in the old package
1262+ version which can not be handled by mv_conffile.
1263+ * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
1264+ OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
1265+ Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
1266+ CVE-2019-3812
1267+
1268+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 18 Mar 2019 09:20:07 +0100
1269+
1270+qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium
1271+
1272+ * disable pvrdma - besides several security holes there are many other
1273+ bugs there as well, and the amount of patches applied upstream after
1274+ 3.1 release is large (Closes, or actuallymakes unimportant again)
1275+ - CVE-2018-20123
1276+ - CVE-2018-20124
1277+ - CVE-2018-20125
1278+ - CVE-2018-20126
1279+ - CVE-2018-20191
1280+ - CVE-2018-20216
1281+ * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
1282+ - CVE-2019-6501
1283+ * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
1284+ - CVE-2019-6778
1285+
1286+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 19 Feb 2019 06:43:04 +0100
1287+
1288+qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium
1289+
1290+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
1291+ LP: #1806104 - fix misleading page size error on ppc64el
1292+ LP: #1782205 - SnowRidge enabled new ISAs
1293+ LP: #1786956 - upgrade to qemu >= 3.0
1294+ LP: #1809083 - Backward migration to Xenial on ppc64el
1295+ LP: #1803315 - s390x Huge page enablement
1296+ LP: #1657409 - enable virglrenderer
1297+ Remaining Changes:
1298+ - qemu-kvm to systemd unit
1299+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1300+ hugepages and architecture specifics
1301+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1302+ - d/qemu-system-common.install: install systemd unit and helper script
1303+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1304+ - d/qemu-system-common.qemu-kvm.default: defaults for
1305+ /etc/default/qemu-kvm
1306+ - d/rules: install /etc/default/qemu-kvm
1307+ - Enable nesting by default
1308+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1309+ (is default on amd)
1310+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1311+ without nested=1
1312+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1313+ in qemu64 cpu type.
1314+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1315+ in qemu64 on amd
1316+ - d/qemu-system-x86.README.Debian: document intention of nested being
1317+ default is comfort, not full support
1318+ - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372)
1319+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1320+ types
1321+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1322+ for host-phys-bits=true (LP: 1776189)
1323+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1324+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
1325+ convenience with all meltdown/spectre workarounds enabled by default.
1326+ (LP: 1761372).
1327+ - improved dependencies
1328+ - Make qemu-system-common depend on qemu-block-extra
1329+ - Make qemu-utils depend on qemu-block-extra
1330+ - let qemu-utils recommend sharutils
1331+ - s390x support
1332+ - Create qemu-system-s390x package
1333+ - Enable numa support for s390x
1334+ - arch aware kvm wrappers
1335+ - d/control: update VCS links (updated to match latest Ubuntu)
1336+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1337+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1338+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1339+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1340+ - enable RDMA config option
1341+ - add libibumad-dev build-dep
1342+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1343+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1344+ reference 256k path
1345+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1346+ handle incoming migrations from former releases.
1347+ - d/control-in: Disable capstone disassembler library support (universe)
1348+ * Added Changes:
1349+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes
1350+ for qemu 3.1 in the Ubuntu Disco release
1351+ - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509)
1352+ - Move s390x roms to a new qemu-system-data-s390x
1353+ - d/qemu-system-data.install: install s390x roms as architecture:all in
1354+ qemu-system-data
1355+ - d/rules: build s390-ccw.img with upstream Makefile
1356+ - d/rules: build s390x-netboot.img with upstream Makefile
1357+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1358+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1359+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1360+ replace it with a build-indep using the upstream makefiles.
1361+ This is less prone to miss future changes/fixes that are done to the
1362+ makefiles
1363+ - d/control-in: add breaks/replaces for moving s390x roms from
1364+ qemu-system-s390x to qemu-system-data
1365+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1366+ [From not yet uploaded Debian branch]
1367+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1368+ (Closes: #918378)
1369+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1370+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1371+ avoid misdetection of simplified nesting blocking all migrations
1372+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
1373+ unimplement.patch: properly return archicture defined exception
1374+ on bad subcodes of diag 308 (LP: #1812384)
1375+ * Dropped Changes:
1376+ - Include s390-ccw.img firmware (old style native build)
1377+ - d/rules enable install s390x-netboot.img (old style native build)
1378+ - libvirt/qemu user/group support
1379+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1380+ trigger.
1381+ [ Droppable since logind properly sets ACLs now ]
1382+ - qemu-system-common.preinst: add kvm group if needed
1383+ [ Droppable because systemd/udev take care of it since 239-6]
1384+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent
1385+ freeze-hook fixes (LP: 1484990)
1386+ [upstream]
1387+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
1388+ merged upstream
1389+ [upstream]
1390+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
1391+ computation while concatenating mbuf.
1392+ CVE-2018-11806
1393+ [upstream]
1394+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
1395+ for powerpc64 to speed up translation (LP: 1781526)
1396+ [upstream]
1397+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
1398+ cpu model for z14 ZR1 (LP: 1780773).
1399+ [upstream]
1400+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
1401+ (Closes: 903562)
1402+ [in Debian]
1403+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
1404+ unreleased Debian version)
1405+ [in Debian]
1406+ - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
1407+ by migrations with UI frontends or frequent guest resolution changes
1408+ (LP #1755912)
1409+ [upstream]
1410+ - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
1411+ extend eieio for POWER9 emulation (LP: 1787408).
1412+ [upstream]
1413+ - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
1414+ ensure that the seccomp blacklist is applied to all threads (LP: 1789551)
1415+ [upstream]
1416+ - improve s390x spectre mitigation with etoken facility (LP: 1790457)
1417+ [upstream]
1418+ - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901)
1419+ [upstream]
1420+ - d/control-in: our addition of a qemu-system-s390x package needs to follow
1421+ the split of qemu-system-data by adding a dependency to it (LP: 1798084)
1422+ [in Debian]
1423+ - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
1424+ Adapters on s390x (LP: 1787405)
1425+ [upstream]
1426+ - enable opengl for vfio-MDEV support (LP: 1804766)
1427+ [in Debian]
1428+ - SECURITY UPDATE: integer overflow in NE2000 NIC emulation
1429+ [upstream]
1430+ - SECURITY UPDATE: integer overflow via crafted QMP command
1431+ [upstream]
1432+ - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
1433+ [upstream]
1434+ - SECURITY UPDATE: buffer overflow in rtl8139
1435+ [upstream]
1436+ - SECURITY UPDATE: buffer overflow in pcnet
1437+ [upstream]
1438+ - SECURITY UPDATE: DoS via large packet sizes
1439+ [upstream]
1440+ - SECURITY UPDATE: DoS in lsi53c895a
1441+ [upstream]
1442+ - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
1443+ [upstream]
1444+ - SECURITY UPDATE: race condition in 9p
1445+ [upstream]
1446+
1447+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Jan 2019 09:41:08 +0100
1448+
1449 qemu (1:3.1+dfsg-2) unstable; urgency=medium
1450
1451 * d/rules: split arch and indep builds
1452@@ -783,6 +2161,249 @@ qemu (1:3.1+dfsg-1) unstable; urgency=medium
1453
1454 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Dec 2018 19:10:27 +0300
1455
1456+qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium
1457+
1458+ [ Marc Deslauriers ]
1459+ * SECURITY UPDATE: integer overflow in NE2000 NIC emulation
1460+ - debian/patches/CVE-2018-10839.patch: use proper type in
1461+ hw/net/ne2000.c.
1462+ - CVE-2018-10839
1463+ * SECURITY UPDATE: integer overflow via crafted QMP command
1464+ - debian/patches/CVE-2018-12617.patch: check bytes count read by
1465+ guest-file-read in qga/commands-posix.c.
1466+ - CVE-2018-12617
1467+ * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
1468+ - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
1469+ - CVE-2018-16847
1470+ * SECURITY UPDATE: buffer overflow in rtl8139
1471+ - debian/patches/CVE-2018-17958.patch: use proper type in
1472+ hw/net/rtl8139.c.
1473+ - CVE-2018-17958
1474+ * SECURITY UPDATE: buffer overflow in pcnet
1475+ - debian/patches/CVE-2018-17962.patch: use proper type in
1476+ hw/net/pcnet.c.
1477+ - CVE-2018-17962
1478+ * SECURITY UPDATE: DoS via large packet sizes
1479+ - debian/patches/CVE-2018-17963.patch: check size in net/net.c.
1480+ - CVE-2018-17963
1481+ * SECURITY UPDATE: DoS in lsi53c895a
1482+ - debian/patches/CVE-2018-18849.patch: check message length value is
1483+ valid in hw/scsi/lsi53c895a.c.
1484+ - CVE-2018-18849
1485+ * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
1486+ - debian/patches/CVE-2018-18954.patch: check size before data buffer
1487+ access in hw/ppc/pnv_lpc.c.
1488+ - CVE-2018-18954
1489+ * SECURITY UPDATE: race condition in 9p
1490+ - debian/patches/CVE-2018-19364-1.patch: use write lock in
1491+ hw/9pfs/cofile.c.
1492+ - debian/patches/CVE-2018-19364-2.patch: use write lock in
1493+ hw/9pfs/9p.c.
1494+ - CVE-2018-19364
1495+
1496+ [ Christian Ehrhardt]
1497+ * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
1498+ Adapters on s390x (LP: #1787405)
1499+ * enable opengl for vfio-MDEV support (LP: #1804766)
1500+ - d/control-in: set --enable-opengl
1501+ - d/control-in: add gl related build-dependencies
1502+
1503+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Nov 2018 13:17:01 -0500
1504+
1505+qemu (1:2.12+dfsg-3ubuntu8) cosmic; urgency=medium
1506+
1507+ * d/control-in: our addition of a qemu-system-s390x package needs to follow
1508+ the split of qemu-system-data by adding a dependency to it (LP: #1798084)
1509+
1510+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Oct 2018 10:50:27 +0200
1511+
1512+qemu (1:2.12+dfsg-3ubuntu7) cosmic; urgency=medium
1513+
1514+ * Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: #1790901)
1515+ The SLOF source pieces in src:qemu are only used for s390x netboot,
1516+ which are independent ROMs (no linking). All other binaries out of this
1517+ are part of src:slof and independent.
1518+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot-2.12-to-3.0.patch
1519+ - d/p/ubuntu/lp-1790901-0*: backport s390x pxelinux netboot capabilities
1520+ and related fixes
1521+
1522+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Sep 2018 13:31:15 +0200
1523+
1524+qemu (1:2.12+dfsg-3ubuntu6) cosmic; urgency=medium
1525+
1526+ * improve s390x spectre mitigation with etoken facility (LP: #1790457)
1527+ - debian/patches/ubuntu/lp-1790457-s390x-kvm-add-etoken-facility.patch
1528+ - debian/patches/ubuntu/lp-1790457-partial-s390x-linux-headers-update.patch
1529+
1530+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Sep 2018 10:06:48 +0200
1531+
1532+qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium
1533+
1534+ * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
1535+ ensure that the seccomp blacklist is applied to all threads (LP: #1789551)
1536+ - CVE-2018-15746
1537+
1538+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 29 Aug 2018 08:50:36 +0200
1539+
1540+qemu (1:2.12+dfsg-3ubuntu4) cosmic; urgency=medium
1541+
1542+ [ Murilo Opsfelder Araujo ]
1543+ * d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
1544+ extend eieio for POWER9 emulation (LP: #1787408).
1545+
1546+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 20 Aug 2018 11:52:39 +0200
1547+
1548+qemu (1:2.12+dfsg-3ubuntu3) cosmic; urgency=medium
1549+
1550+ * d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
1551+ by migrations with UI frontends or frequent guest resolution changes
1552+ (LP: #1755912)
1553+
1554+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 Jul 2018 08:26:52 +0200
1555+
1556+qemu (1:2.12+dfsg-3ubuntu2) cosmic; urgency=medium
1557+
1558+ * Disable capstone disassembler library support (universe dependency)
1559+
1560+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 17 Jul 2018 08:35:32 +0200
1561+
1562+qemu (1:2.12+dfsg-3ubuntu1) cosmic; urgency=medium
1563+
1564+ * Merge with Debian testing, Remaining Changes:
1565+ - Among other things this fixes (LP: #1780768, LP: #1780769, LP: #1780772)
1566+ - qemu-kvm to systemd unit
1567+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1568+ hugepages and architecture specifics
1569+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1570+ - d/qemu-system-common.install: install systemd unit and helper script
1571+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1572+ - d/qemu-system-common.qemu-kvm.default: defaults for
1573+ /etc/default/qemu-kvm
1574+ - d/rules: install /etc/default/qemu-kvm
1575+ - Enable nesting by default
1576+ - set nested=1 module option on intel. (is default on amd)
1577+ - re-load kvm_intel.ko if it was loaded without nested=1
1578+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1579+ in qemu64 cpu type.
1580+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1581+ in qemu64 on amd
1582+ - d/qemu-system-x86.README.Debian: document intention of nested being
1583+ default is comfort, not full support
1584+ - libvirt/qemu user/group support
1585+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1586+ trigger.
1587+ - qemu-system-common.preinst: add kvm group if needed
1588+ - Distribution specific machine type
1589+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1590+ types to ease future live vm migration.
1591+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1592+ - d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
1593+ for host-phys-bits=true (LP: 1776189)
1594+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1595+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
1596+ convenience with all meltdown/spectre workarounds enabled by default.
1597+ (LP: 1761372).
1598+ - improved dependencies
1599+ - Make qemu-system-common depend on qemu-block-extra
1600+ - Make qemu-utils depend on qemu-block-extra
1601+ - let qemu-utils recommend sharutils
1602+ - s390x support
1603+ - Create qemu-system-s390x package
1604+ - Include s390-ccw.img firmware
1605+ - Enable numa support for s390x
1606+ - arch aware kvm wrappers
1607+ - update VCS-git (updated to match cosmic)
1608+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1609+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
1610+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1611+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1612+ - Create and install pxe netboot images for KVM s390x (LP: 1732094)
1613+ - d/rules enable install s390x-netboot.img
1614+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1615+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1616+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1617+ reference 256k path
1618+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1619+ handle incoming migrations from former releases.
1620+ - SECURITY UPDATE: Speculative Store Bypass
1621+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
1622+ CPUID feature bit in target/i386/cpu.*.
1623+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
1624+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
1625+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
1626+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
1627+ target/i386/machine.c.
1628+ - CVE-2018-3639
1629+ * Added Changes:
1630+ - update machine type changes for qemu 2.12 and the Ubuntu Cosmic release
1631+ - add cosmic types for base and -hpb
1632+ - drop no more supported types (zesty and yakkety)
1633+ - d/p/series: group machine type changes
1634+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
1635+ merged upstream
1636+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
1637+ computation while concatenating mbuf.
1638+ CVE-2018-11806
1639+ - d/qemu-kvm-init, d/qemu-system-common.qemu-kvm.default: drop the
1640+ deprecated handling of VHOST_NET_ENABLED and KVM_HUGEPAGES.
1641+ - d/qemu-kvm-init: do not exit early on non x86/ppc64el (LP: #1763275)
1642+ - d/qemu-kvm-init, d/kvm.powerpc: clean up typos and shellcheck warnings
1643+ - d/qemu-kvm-init, d/kvm.powerpc: fix SMT detection and make it only apply
1644+ to POWER8
1645+ - d/qemu-kvm-init: drop old VM detection that was broken in some cases and
1646+ is no more needed with systemd-detect-virt being more mature and always
1647+ present.
1648+ - d/kvm.powerpc: drop old powerpc (non-ppc64el) code.
1649+ - d/control-in: add libibumad-dev which is now needed for rdma
1650+ - d/rules: update s390x delta to match new Debian packaging
1651+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
1652+ for powerpc64 to speed up translation (LP: #1781526)
1653+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
1654+ cpu model for z14 ZR1 (LP: #1780773).
1655+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
1656+ (Closes: 903562)
1657+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
1658+ unreleased Debian version)
1659+ * Dropped Changes:
1660+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
1661+ (No more removed when building DFSG orig tarball in Debian)
1662+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
1663+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
1664+ so we revert related changes to stick with the proven for now:
1665+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
1666+ depends on it)
1667+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
1668+ (Debian switched to gtk which seems to work better and has all
1669+ dependencies in main.)
1670+ - d/control-in: enable seccomp on s390x (in Debian for Linux-any)
1671+ - Changes that are now upstream with qemu 2.12
1672+ - d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with
1673+ newer versions of glibc >=2.27 (LP: 1753826)
1674+ - d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
1675+ - d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
1676+ SSE/AVX/AVX512 cpu features (LP: 1739665)
1677+ - d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
1678+ space+commpage continuous which avoids long startup times on
1679+ qemu-user-static (LP: 1740219)
1680+ - provide pseries-2.12-sxxm type (LP: 1761372)
1681+ - d/p/ubuntu/lp-1704312-1-* provide means to manually handle
1682+ filesystem-dax with pmem by backporting align and unarmed options
1683+ (LP: 1704312).
1684+ - d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
1685+ option to slirp's DHCP server (LP: 1762315)
1686+ - d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying
1687+ Protection information (LP: 1762854).
1688+ - d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9
1689+ migration (LP: 1763468).
1690+ - SECURITY UPDATE: out-of-bounds access during migration via ps2
1691+ CVE-2017-16845
1692+ - SECURITY UPDATE: arbitrary code execution via load_multiboot
1693+ CVE-2018-7550
1694+ - SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
1695+ CVE-2018-7858
1696+
1697+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 21 Jun 2018 14:24:06 +0200
1698+
1699 qemu (1:2.12+dfsg-3) unstable; urgency=medium
1700
1701 * make qemu-system-foo depending
1702@@ -871,6 +2492,239 @@ qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium
1703
1704 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 12 Apr 2018 19:04:03 +0300
1705
1706+qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium
1707+
1708+ * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
1709+ for host-phys-bits=true (LP: #1776189)
1710+ - add an info about this change in debian/qemu-system-x86.NEWS
1711+
1712+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 09:01:00 +0200
1713+
1714+qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium
1715+
1716+ * SECURITY UPDATE: Speculative Store Bypass
1717+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
1718+ CPUID feature bit in target/i386/cpu.*.
1719+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
1720+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
1721+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
1722+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
1723+ target/i386/machine.c.
1724+ - CVE-2018-3639
1725+
1726+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 22 May 2018 09:34:52 -0400
1727+
1728+qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium
1729+
1730+ * SECURITY UPDATE: out-of-bounds access during migration via ps2
1731+ - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers
1732+ in post_load routine in hw/input/ps2.c.
1733+ - CVE-2017-16845
1734+ * SECURITY UPDATE: arbitrary code execution via load_multiboot
1735+ - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being
1736+ zero in hw/i386/multiboot.c.
1737+ - CVE-2018-7550
1738+ * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
1739+ - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in
1740+ hw/display/vga.c.
1741+ - CVE-2018-7858
1742+
1743+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 May 2018 14:14:20 -0400
1744+
1745+qemu (1:2.11+dfsg-1ubuntu8) cosmic; urgency=medium
1746+
1747+ * No-change rebuild for ncurses soname changes.
1748+
1749+ -- Matthias Klose <doko@ubuntu.com> Thu, 03 May 2018 14:18:39 +0000
1750+
1751+qemu (1:2.11+dfsg-1ubuntu7) bionic; urgency=medium
1752+
1753+ * d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying Protection
1754+ information (LP: #1762854).
1755+ * d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 migration
1756+ (LP: #1763468).
1757+
1758+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Apr 2018 07:46:18 +0200
1759+
1760+qemu (1:2.11+dfsg-1ubuntu6) bionic; urgency=medium
1761+
1762+ * Remove LP: 1752026 changes to d/p/ubuntu/define-ubuntu-machine-types.patch.
1763+ The Kernel fixes are preferred and already committed to the kernel.
1764+ Therefore remove the default disabling of the HTM feature (LP: #1761175)
1765+ * d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
1766+ SSE/AVX/AVX512 cpu features (LP: #1739665)
1767+ * d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
1768+ space+commpage continuous which avoids long startup times on
1769+ qemu-user-static (LP: #1740219)
1770+ * d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
1771+ convenience with all meltdown/spectre workarounds enabled by default.
1772+ This is not the default type following upstream and x86 on that.
1773+ (LP: #1761372).
1774+ * d/p/ubuntu/lp-1704312-1-* provide means to manually handle filesystem-dax
1775+ with pmem by backporting align and unarmed options (LP: #1704312).
1776+ * d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
1777+ option to slirp's DHCP server (LP: #1762315)
1778+
1779+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Apr 2018 15:16:07 +0200
1780+
1781+qemu (1:2.11+dfsg-1ubuntu5) bionic; urgency=medium
1782+
1783+ * Revert the slirp changes of 1:2.11+dfsg-1ubuntu3 until they are upstream
1784+ accepted to be better long term maintainable (LP: #1753938)
1785+
1786+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 22 Mar 2018 10:31:23 +0100
1787+
1788+qemu (1:2.11+dfsg-1ubuntu4) bionic; urgency=medium
1789+
1790+ * d/p/ubuntu/define-ubuntu-machine-types.patch: Disable HTM feature for
1791+ ppc64el in spapr to let the defaults not fail on Power9 HW (LP: #1752026).
1792+ * d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with newer
1793+ versions of glibc >=2.27 (LP: #1753826)
1794+
1795+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 05 Mar 2018 16:43:01 +0100
1796+
1797+qemu (1:2.11+dfsg-1ubuntu3) bionic; urgency=medium
1798+
1799+ * d/p/ubuntu/0001-slirp-Add-domainname-option-to-slirp-s-DHCP-server.patch,
1800+ d/p/ubuntu/0002-slirp-Add-classless-static-routes-support-to-DHCP-se.patch:
1801+ Add domainname option and classless static routes support to the user
1802+ networking's DHCP server
1803+
1804+ -- Benjamin Drung <benjamin.drung@profitbricks.com> Fri, 02 Mar 2018 21:08:54 +0100
1805+
1806+qemu (1:2.11+dfsg-1ubuntu2) bionic; urgency=medium
1807+
1808+ * d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
1809+ - among other fixes this adds code to:
1810+ - mitigate the Spectre/Meltdown attacks (LP: #1744882) (CVE-2017-5715)
1811+ However, enabling this functionality requires additional configuration
1812+ beyond just updating QEMU. Also migrations need special consideration.
1813+ Details about that can be found at:
1814+ https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
1815+ - Power9 allocation of max 8 threads per core (LP: #1750526)
1816+ * Drop changes that are part of the upstream stable release
1817+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
1818+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
1819+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
1820+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
1821+ * d/p/ubuntu/define-ubuntu-machine-types.patch: refresh to match stable update
1822+ * d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: unify to only change the
1823+ common compat.h header and add some extra info in the patch header.
1824+
1825+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Feb 2018 11:03:11 +0100
1826+
1827+qemu (1:2.11+dfsg-1ubuntu1) bionic; urgency=medium
1828+
1829+ * Merge with Debian testing, among other fixes this includes
1830+ - fix fatal error on negative maxcpus (LP: #1722495)
1831+ - fix segfault on dump-guest-memory on guests without memory (LP: #1723381)
1832+ - linux user threading issues (LP: #1350435)
1833+ - TOD-Clock Epoch Extension Support on s390x (LP: #1732691)
1834+ Remaining changes:
1835+ - qemu-kvm to systemd unit
1836+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1837+ hugepages and architecture specifics
1838+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1839+ - d/qemu-system-common.install: install systemd unit and helper script
1840+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1841+ - d/qemu-system-common.qemu-kvm.default: defaults for
1842+ /etc/default/qemu-kvm
1843+ - d/rules: install /etc/default/qemu-kvm
1844+ - Enable nesting by default
1845+ - set nested=1 module option on intel. (is default on amd)
1846+ - re-load kvm_intel.ko if it was loaded without nested=1
1847+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1848+ in qemu64 cpu type.
1849+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1850+ in qemu64 on amd
1851+ - libvirt/qemu user/group support
1852+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1853+ trigger.
1854+ - qemu-system-common.preinst: add kvm group if needed
1855+ - Distribution specific machine type
1856+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1857+ types to ease future live vm migration.
1858+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1859+ - improved dependencies
1860+ - Make qemu-system-common depend on qemu-block-extra
1861+ - Make qemu-utils depend on qemu-block-extra
1862+ - let qemu-utils recommend sharutils
1863+ - s390x support
1864+ - Create qemu-system-s390x package
1865+ - Include s390-ccw.img firmware
1866+ - Enable numa support for s390x
1867+ - ppc64[le] support
1868+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
1869+ - arch aware kvm wrappers
1870+ * Added Changes
1871+ - update VCS-git to match the bionic branch
1872+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
1873+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
1874+ so we revert related changes to stick with the proven for now:
1875+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
1876+ depends on it)
1877+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
1878+ - d/qemu-system-x86.README.Debian: document intention of nested being
1879+ default is comfort, not full support
1880+ - update Ubuntu machine types for qemu 2.11
1881+ - qemu-guest-agent: freeze-hook fixes (LP: #1484990)
1882+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
1883+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1884+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1885+ - Create and install pxe netboot images for KVM s390x (LP: #1732094)
1886+ - d/rules enable install s390x-netboot.img
1887+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
1888+ - d/control-in: enable RDMA support in qemu (LP: #1692476)
1889+ - on s390x provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1743560)
1890+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
1891+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
1892+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
1893+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
1894+ - tolerate ipxe size change on migrations to >=18.04 (LP: #1713490)
1895+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1896+ reference 256k path
1897+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1898+ handle incoming migrations from former releases.
1899+ - d/control-in: enable seccomp on s390x
1900+ * Dropped changes (no more needed):
1901+ - Dropped VHOST_NET_ENABLED and KVM_HUGEPAGES from /etc/default/qemu-kvm
1902+ The functionality is retained for upgraders, but is deprecated.
1903+ Post 18.04 the implementation for these configurations will be removed.
1904+ * Dropped changes (in Debian now):
1905+ - ppc64[le] support
1906+ - Enable seccomp for ppc64el
1907+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
1908+ - disable missing x32 architecture
1909+ - d/rules: or32 is now named or1k (since 4a09d0bb)
1910+ - d/qemu-system-common.docs: new paths since (ac06724a)
1911+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
1912+ by qapi-schema.json which is already packaged (since 4d8bb958)
1913+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
1914+ to Debian patch to match qemu 2.10)
1915+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
1916+ since 8508eee7
1917+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
1918+ - make nios2/hppa not installed explicitly until further stablized
1919+ - d/qemu-guest-agent.install: add the new guest agent reference man page
1920+ qemu-ga-ref
1921+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
1922+ along the qapi intro
1923+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
1924+ dh_missing that are already provided in other formats qemu-doc,
1925+ qemu-qmp-ref,qemu-ga-ref
1926+ * Dropped changes (integrated upstream):
1927+ - d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
1928+ on arm64 when doing suspend/resume and reboots due to older kernels not
1929+ supporting ITS (LP 1731051).
1930+ - Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
1931+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
1932+ calls (LP 1726394)
1933+ - update to upstream 2.10.1 point release (LP 1722808)
1934+
1935+
1936+
1937+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Jan 2018 14:35:18 +0100
1938+
1939 qemu (1:2.11+dfsg-1) unstable; urgency=medium
1940
1941 [ Michael Tokarev ]
1942@@ -985,6 +2839,238 @@ qemu (1:2.10.0-1) unstable; urgency=medium
1943
1944 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 23 Sep 2017 16:47:02 +0300
1945
1946+qemu (1:2.10+dfsg-0ubuntu5) bionic; urgency=medium
1947+
1948+ * d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
1949+ on arm64 when doing suspend/resume and reboots due to older kernels not
1950+ supporting ITS (LP: #1731051).
1951+
1952+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 14 Nov 2017 08:30:29 +0100
1953+
1954+qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium
1955+
1956+ * Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
1957+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
1958+ calls (LP: #1726394)
1959+
1960+ -- Julian Andres Klode <juliank@ubuntu.com> Sat, 04 Nov 2017 00:21:14 +0100
1961+
1962+qemu (1:2.10+dfsg-0ubuntu3) artful; urgency=medium
1963+
1964+ * fix enablement of qemu-kvm service (LP: #1720397)
1965+ - rename d/qemu-kvm.service to d/qemu-system-common.qemu-kvm.service
1966+ - d/rules: add proper enablement debhelper calls
1967+ - d/qemu-system-common.install: install covered by dh_installinit
1968+
1969+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Oct 2017 11:28:39 +0200
1970+
1971+qemu (1:2.10+dfsg-0ubuntu2) artful; urgency=medium
1972+
1973+ * update to upstream 2.10.1 point release (LP: #1722808)
1974+
1975+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Oct 2017 15:33:40 +0200
1976+
1977+qemu (1:2.10+dfsg-0ubuntu1) artful; urgency=medium
1978+
1979+ * Merge with Upstream 2.10.0 to pick up final fixes of the 2.10 release
1980+ Remaining changes:
1981+ - qemu-kvm to systemd unit
1982+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1983+ hugepages and architecture specifics
1984+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1985+ - d/qemu-system-common.install: install systemd unit and helper script
1986+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1987+ - d/qemu-system-common.qemu-kvm.default: defaults for
1988+ /etc/default/qemu-kvm
1989+ - d/rules: install /etc/default/qemu-kvm
1990+ - Enable nesting by default
1991+ - set nested=1 module option on intel. (is default on amd)
1992+ - re-load kvm_intel.ko if it was loaded without nested=1
1993+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1994+ in qemu64 cpu type.
1995+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1996+ in qemu64 on amd
1997+ - libvirt/qemu user/group support
1998+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1999+ trigger.
2000+ - qemu-system-common.preinst: add kvm group if needed
2001+ - Distribution specific machine type
2002+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2003+ types to ease future live vm migration.
2004+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2005+ - improved dependencies
2006+ - Make qemu-system-common depend on qemu-block-extra
2007+ - Make qemu-utils depend on qemu-block-extra
2008+ - let qemu-utils recommend sharutils
2009+ - s390x support
2010+ - Create qemu-system-s390x package
2011+ - Include s390-ccw.img firmware
2012+ - Enable numa support for s390x
2013+ - ppc64[le] support
2014+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2015+ - Enable seccomp for ppc64el
2016+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2017+ - arch aware kvm wrappers
2018+ - update VCS-git to match the Artful branch
2019+ - disable missing x32 architecture
2020+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2021+ - d/qemu-system-common.docs: new paths since (ac06724a)
2022+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2023+ by qapi-schema.json which is already packaged (since 4d8bb958)
2024+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2025+ to Debian patch to match qemu 2.10)
2026+ - s390x package now builds correctly on all architectures (LP 1710695)
2027+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2028+ since 8508eee7
2029+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2030+ - make nios2/hppa not installed explicitly until further stablized
2031+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2032+ qemu-ga-ref
2033+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2034+ along the qapi intro
2035+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2036+ dh_missing that are already provided in other formats qemu-doc,
2037+ qemu-qmp-ref,qemu-ga-ref
2038+
2039+
2040+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Sep 2017 08:31:26 +0200
2041+
2042+qemu (1:2.10~rc4+dfsg-0ubuntu1) artful; urgency=medium
2043+
2044+ * Merge with Upstream 2.10-rc4; This fixes a migration issue (LP: #1711602);
2045+ Remaining changes:
2046+ - qemu-kvm to systemd unit
2047+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2048+ hugepages and architecture specifics
2049+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2050+ - d/qemu-system-common.install: install systemd unit and helper script
2051+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2052+ - d/qemu-system-common.qemu-kvm.default: defaults for
2053+ /etc/default/qemu-kvm
2054+ - d/rules: install /etc/default/qemu-kvm
2055+ - Enable nesting by default
2056+ - set nested=1 module option on intel. (is default on amd)
2057+ - re-load kvm_intel.ko if it was loaded without nested=1
2058+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2059+ in qemu64 cpu type.
2060+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2061+ in qemu64 on amd
2062+ - libvirt/qemu user/group support
2063+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2064+ trigger.
2065+ - qemu-system-common.preinst: add kvm group if needed
2066+ - Distribution specific machine type
2067+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2068+ types to ease future live vm migration.
2069+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2070+ - improved dependencies
2071+ - Make qemu-system-common depend on qemu-block-extra
2072+ - Make qemu-utils depend on qemu-block-extra
2073+ - let qemu-utils recommend sharutils
2074+ - s390x support
2075+ - Create qemu-system-s390x package
2076+ - Include s390-ccw.img firmware
2077+ - Enable numa support for s390x
2078+ - ppc64[le] support
2079+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2080+ - Enable seccomp for ppc64el
2081+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2082+ - arch aware kvm wrappers
2083+ - update VCS-git to match the Artful branch
2084+ - disable missing x32 architecture
2085+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2086+ - d/qemu-system-common.docs: new paths since (ac06724a)
2087+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2088+ by qapi-schema.json which is already packaged (since 4d8bb958)
2089+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2090+ to Debian patch to match qemu 2.10)
2091+ - s390x package now builds correctly on all architectures (LP 1710695)
2092+ * Added changes:
2093+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2094+ since 8508eee7
2095+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2096+ - make nios2/hppa not installed explicitly until further stablized
2097+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2098+ qemu-ga-ref
2099+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2100+ along the qapi intro
2101+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2102+ dh_missing that are already provided in other formats qemu-doc,
2103+ qemu-qmp-ref,qemu-ga-ref
2104+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update to match new
2105+ changes in 2.10-rc4
2106+
2107+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 25 Aug 2017 07:49:30 +0200
2108+
2109+qemu (1:2.10~rc3+dfsg-0ubuntu1) artful; urgency=medium
2110+
2111+ * Merge with Debian unstable (2.8) and Upstream 2.10-rci3; This fixes
2112+ a set of bugs
2113+ - [FFE] Qemu 2.10 in Artful (LP: #1699968)
2114+ - CPU hot unplug fails after migrating a CPU hotplugged guest
2115+ from source (LP: #1677552)
2116+ - [Feature] KNL/KNM: Numa Distance on KVM(LP: #1647902)
2117+ - New KVM 288 Pass Through (LP: #1672447)
2118+ - aarch64: MSI is not supported by interrupt controller (LP: #1706630)
2119+ * Remaining changes:
2120+ - qemu-kvm to systemd unit
2121+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2122+ hugepages and architecture specifics
2123+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2124+ - d/qemu-system-common.install: install systemd unit and helper script
2125+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2126+ - d/qemu-system-common.qemu-kvm.default: defaults for
2127+ /etc/default/qemu-kvm
2128+ - d/rules: install /etc/default/qemu-kvm
2129+ - Enable nesting by default
2130+ - set nested=1 module option on intel. (is default on amd)
2131+ - re-load kvm_intel.ko if it was loaded without nested=1
2132+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2133+ in qemu64 cpu type.
2134+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2135+ in qemu64 on amd
2136+ - libvirt/qemu user/group support
2137+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2138+ trigger.
2139+ - qemu-system-common.preinst: add kvm group if needed
2140+ - Distribution specific machine type
2141+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2142+ types to ease future live vm migration.
2143+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2144+ - improved dependencies
2145+ - Make qemu-system-common depend on qemu-block-extra
2146+ - Make qemu-utils depend on qemu-block-extra
2147+ - let qemu-utils recommend sharutils
2148+ - s390x support
2149+ - Create qemu-system-s390x package
2150+ - Include s390-ccw.img firmware
2151+ - Enable numa support for s390x
2152+ - ppc64[le] support
2153+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2154+ - Enable seccomp for ppc64el
2155+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2156+ - arch aware kvm wrappers
2157+ - disable missing x32 architecture
2158+ - update VCS links
2159+ * Added changes
2160+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2161+ - d/qemu-system-common.docs: new paths since (ac06724a)
2162+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2163+ by qapi-schema.json which is already packaged (since 4d8bb958)
2164+ - Updates in debian/patches to match qemu 2.10
2165+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream
2166+ - d/p/ubuntu/enable-svm-by-default.patch: target-i386 -> target/i386
2167+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: target-i386 -> target/i386
2168+ - d/p/ubuntu/define-ubuntu-machine-types.patch: new 2.10 ubuntu types
2169+ - update VCS-git to match the Artful branch
2170+ - s390x package now builds correctly on all architectures (LP: #1710695)
2171+ * Dropped changes (integrated upstream):
2172+ - d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
2173+ "spapr/pci: populate PCI DT in reverse order" (LP 1670481).
2174+ - All CVE fixes formerly applied are upstream and thereby dropped.
2175+
2176+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Aug 2017 16:59:19 +0200
2177+
2178 qemu (1:2.8+dfsg-7) unstable; urgency=medium
2179
2180 * uploading to unstable all fixes which went to stretch-security
2181@@ -1094,6 +3180,179 @@ qemu (1:2.8+dfsg-4) unstable; urgency=high
2182
2183 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 03 Apr 2017 16:28:49 +0300
2184
2185+qemu (1:2.8+dfsg-3ubuntu4) artful; urgency=medium
2186+
2187+ * debian/rules: fix installation of /etc/default/qemu-kvm (LP: #1692530)
2188+ This was inadvertently dropped on 2.8 merge.
2189+
2190+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 May 2017 15:45:58 +0200
2191+
2192+qemu (1:2.8+dfsg-3ubuntu3) artful; urgency=medium
2193+
2194+ * SECURITY UPDATE: denial of service via leak in virtFS
2195+ - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in
2196+ hw/9pfs/9p.c.
2197+ - CVE-2017-7377
2198+ * SECURITY UPDATE: denial of service in cirrus_vga
2199+ - debian/patches/CVE-2017-7718.patch: check parameters in
2200+ hw/display/cirrus_vga_rop.h.
2201+ - CVE-2017-7718
2202+ * SECURITY UPDATE: code execution via cirrus_vga OOB r/w
2203+ - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in
2204+ hw/display/cirrus_vga.c.
2205+ - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in
2206+ hw/display/cirrus_vga.c.
2207+ - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling
2208+ in hw/display/cirrus_vga.c.
2209+ - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in
2210+ hw/display/cirrus_vga.c.
2211+ - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch
2212+ in hw/display/cirrus_vga.c.
2213+ - debian/patches/CVE-2017-7980-6.patch: stop passing around dst
2214+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
2215+ hw/display/cirrus_vga_rop2.h.
2216+ - debian/patches/CVE-2017-7980-7.patch: stop passing around src
2217+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
2218+ hw/display/cirrus_vga_rop2.h.
2219+ - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in
2220+ hw/display/cirrus_vga_rop.h.
2221+ - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in
2222+ hw/display/cirrus_vga.c.
2223+ - CVE-2017-7980
2224+ * SECURITY UPDATE: denial of service via memory leak in virtFS
2225+ - debian/patches/CVE-2017-8086.patch: fix leak in hw/9pfs/9p-xattr.c.
2226+ - CVE-2017-8086
2227+ * SECURITY UPDATE: denial of service via leak in audio
2228+ - debian/patches/CVE-2017-8309.patch: release capture buffers in
2229+ audio/audio.c.
2230+ - CVE-2017-8309
2231+ * SECURITY UPDATE: denial of service via leak in keyboard
2232+ - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in
2233+ ui/input.c.
2234+ - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in
2235+ ui/input.c.
2236+ - CVE-2017-8379
2237+
2238+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 18 May 2017 09:20:54 -0400
2239+
2240+qemu (1:2.8+dfsg-3ubuntu2.1) zesty-security; urgency=medium
2241+
2242+ * SECURITY UPDATE: DoS in virtio GPU device
2243+ - debian/patches/CVE-2016-10028.patch: check virgl capabilities
2244+ max_size in hw/display/virtio-gpu-3d.c.
2245+ - CVE-2016-10028
2246+ * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation
2247+ - debian/patches/CVE-2016-8667.patch: limit interval timer reload value
2248+ in hw/dma/rc4030.c.
2249+ - CVE-2016-8667
2250+ * SECURITY UPDATE: host filesystem access via virtFS
2251+ - debian/patches/CVE-2016-9602.patch: don't follow symlinks in
2252+ hw/9pfs/*.
2253+ - CVE-2016-9602
2254+ * SECURITY UPDATE: arbitrary code execution via Cirrus VGA
2255+ - debian/patches/CVE-2016-9603.patch: remove bitblit support from
2256+ console code in hw/display/cirrus_vga.c, include/ui/console.h,
2257+ ui/console.c, ui/vnc.c.
2258+ - CVE-2016-9603
2259+ * SECURITY UPDATE: information leak in virtio GPU device
2260+ - debian/patches/CVE-2016-9908.patch: properly clear out memory in
2261+ hw/display/virtio-gpu-3d.c.
2262+ - CVE-2016-9908
2263+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2264+ - debian/patches/CVE-2016-9912.patch: properly free memory in
2265+ hw/display/virtio-gpu.c.
2266+ - CVE-2016-9912
2267+ * SECURITY UPDATE: DoS via virtFS
2268+ - debian/patches/CVE-2016-9914.patch: add cleanup operations to
2269+ fsdev/file-op-9p.h, hw/9pfs/9p.c.
2270+ - CVE-2016-9914
2271+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2272+ - debian/patches/CVE-2017-5552.patch: check return value in
2273+ hw/display/virtio-gpu-3d.c.
2274+ - CVE-2017-5552
2275+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2276+ - debian/patches/CVE-2017-5578.patch: check res->iov in
2277+ hw/display/virtio-gpu.c.
2278+ - CVE-2017-5578
2279+ * SECURITY UPDATE: DoS via infinite loop in SDHCI device emulation
2280+ - debian/patches/CVE-2017-5987-*.patch: fix transfer mode register
2281+ handling in hw/sd/sdhci.c.
2282+ - CVE-2017-5987
2283+ * SECURITY UPDATE: DoS via infinite loop in USB OHCI emulation
2284+ - debian/patches/CVE-2017-6505.patch: limit the number of link eds in
2285+ hw/usb/hcd-ohci.c.
2286+ - CVE-2017-6505
2287+
2288+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 24 Apr 2017 07:30:11 -0400
2289+
2290+qemu (1:2.8+dfsg-3ubuntu2) zesty; urgency=medium
2291+
2292+ * d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
2293+ "spapr/pci: populate PCI DT in reverse order" (LP: #1670481).
2294+
2295+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2017 09:23:08 +0100
2296+
2297+qemu (1:2.8+dfsg-3ubuntu1) zesty; urgency=medium
2298+
2299+ * Merge with Debian;
2300+ This fixes several CVEs that were reported against qemu 2.8 and also
2301+ includes a few important functional backports (LP: #1667033); remaining
2302+ changes:
2303+ - add qemu-kvm init script and defaults file
2304+ (d/qemu-system-common.qemu-kvm.*)
2305+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
2306+ modules and handling /etc/default/qemu-kvm
2307+ - qemu-system-common.preinst: add kvm group if needed
2308+ - Enable nesting by default on intel.
2309+ - set default module option
2310+ - re-load kvm_intel.ko if it was loaded without nested=1
2311+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
2312+ default in qemu64 cpu type.
2313+ - Enable svm by default for qemu64 on amd
2314+ - d/p/ubuntu/define-ubuntu-machine-types.patch, d/qemu-system-x86.NEWS:
2315+ define distro machine types to ease future live vm migration (includes
2316+ all former follow up fixes).
2317+ - Make qemu-system-common depend on qemu-block-extra
2318+ - Make qemu-utils depend on qemu-block-extra
2319+ - s390x support
2320+ - Create qemu-system-s390x package
2321+ - Include s390-ccw.img firmware
2322+ - qemu-system-common.postinst:
2323+ - change acl placed by udev, and add udevadm trigger.
2324+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
2325+ - Several changes were applied but missing in the changelog so far
2326+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2327+ - arch aware kvm wrapper
2328+ - update VCS links
2329+ - let qemu-utils recommend sharutils
2330+ - disable x32 architecture
2331+ - Enable seccomp for ppc64el
2332+ - Enable numa support for s390x
2333+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
2334+ init.d-script-missing-dependency-on-remote_fs
2335+ - d/qemu-system-common.postinst: fix lintian error type
2336+ command-with-path-in-maintainer-script
2337+ - Transition qemu-kvm to a systemd unit
2338+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
2339+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
2340+ that it shows up where the user expects (sytemctl status, kvm stdout)
2341+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
2342+ - add arch aware kvm wrapper for s390x
2343+ * Dropped Changes (in Debian now):
2344+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
2345+ - d/control-in: change dependencies for fix of wrong acl for newly
2346+ created device node on ubuntu
2347+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
2348+ relationship, but qemu-efi is still in universe right now.
2349+ - Disable glusterfs (Universe dependency)
2350+ - no more skip disable libiscsi on Ubuntu
2351+ - d/rules, d/control-in: avoid people editing d/control
2352+ * Added Changes:
2353+ - d/control: bump libseccomp-dev dependency as enabling libseccomp for
2354+ power makes 2.3 the minimum level.
2355+
2356+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 01 Mar 2017 14:23:16 +0100
2357+
2358 qemu (1:2.8+dfsg-3) unstable; urgency=high
2359
2360 * urgency high due to security fixes
2361@@ -1154,6 +3413,90 @@ qemu (1:2.8+dfsg-3) unstable; urgency=high
2362
2363 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 28 Feb 2017 11:40:18 +0300
2364
2365+qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=medium
2366+
2367+ * Merge with Debian; remaining changes:
2368+ - add qemu-kvm init script and defaults file
2369+ (d/qemu-system-common.qemu-kvm.*)
2370+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
2371+ modules and handling /etc/default/qemu-kvm
2372+ - qemu-system-common.preinst: add kvm group if needed
2373+ - Enable nesting by default on intel.
2374+ - set default module option
2375+ - re-load kvm_intel.ko if it was loaded without nested=1
2376+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
2377+ default in qemu64 cpu type.
2378+ - Enable svm by default for qemu64 on amd
2379+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2380+ types to ease future live vm migration.
2381+ - Make qemu-system-common depend on qemu-block-extra
2382+ - Make qemu-utils depend on qemu-block-extra
2383+ - s390x support
2384+ - Create qemu-system-s390x package
2385+ - Include s390-ccw.img firmware
2386+ - qemu-system-common.postinst:
2387+ - change acl placed by udev, and add udevadm trigger.
2388+ - d/control-in: change dependencies for fix of wrong acl for newly
2389+ created device node on ubuntu
2390+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
2391+ relationship, but qemu-efi is still in universe right now.
2392+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
2393+ - Several changes were applied but missing in the changelog so far
2394+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2395+ - arch aware kvm wrapper
2396+ - update VCS links
2397+ - no more skip disable libiscsi on Ubuntu
2398+ - let qemu-utils recommend sharutils
2399+ - disable x32 architecture
2400+ * Dropped Changes:
2401+ - Several changes were applied but missing in the changelog so far
2402+ but are no more needed
2403+ - no pie for relocatable LD calls, with toolchain defaulting to
2404+ pie (fixed upstream)
2405+ - enable libnuma-dev (now in Debian)
2406+ - transition for moved init scripts (can be dropped after LTS
2407+ containing >=2.5 which is Xenial)
2408+ - --enable-seccomp related whitespace change (had no effect)
2409+ - apport hook for qemu source package (In Debian)
2410+ - add upstart script (d/qemu-system-common.qemu-kvm.upstart)
2411+ - d/qemu-system-x86.maintscript: transition off of
2412+ /etc/init.d/qemu-system-x86 (can be dropped after Xenial)
2413+ - Enable pie by default, on ubuntu/s390x. (Is the default since
2414+ >=Xenial, no cloud archive backport <=Xenial to consider)
2415+ - no pie for relocatable LD calls (fixed upstream in commit
2416+ 7ecf44a5)
2417+ - CVEs: CVE-2016-5403, CVE-2016-6351, CVE-2016-6490 (now Upstream)
2418+ - Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
2419+ (Improved fix included by upstream)
2420+ - Enable GPU Passthru for ppc64le (is upstream in qemu 2.7)
2421+ - Fixed wrong migration blocker when vhost is used (is upstream in
2422+ qemu 2.8)
2423+ * Added Changes:
2424+ - d/rules, d/control-in: avoid people editing d/control by warning
2425+ header and non writable permissions
2426+ - fixed moving trusty machine type definition which made it
2427+ ambiguous (LP: #1641532)
2428+ - d/qemu-system-x86.NEWS describe the issue
2429+ - Enable seccomp for ppc64el (LP: #1644639)
2430+ - Enable numa support for s390x
2431+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
2432+ init.d-script-missing-dependency-on-remote_fs
2433+ - d/qemu-system-common.postinst: fix lintian error type
2434+ command-with-path-in-maintainer-script
2435+ - Transition qemu-kvm to a systemd unit
2436+ - Disable glusterfs (Universe dependency)
2437+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
2438+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
2439+ that it shows up where the user expects (sytemctl status, kvm stdout)
2440+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
2441+ - add arch aware kvm wrapper for s390x
2442+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
2443+ - Enable DDW in Yakkety machine type because "Enable GPU Passthru for
2444+ ppc64le" was released as part of qemu 2.6 (can be dropped at 18.10,
2445+ merged in d/p/ubuntu/define-ubuntu-machine-types.patch)
2446+
2447+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Jan 2017 16:27:11 +0100
2448+
2449 qemu (1:2.8+dfsg-2) unstable; urgency=medium
2450
2451 * Revert "update binfmt registration for mipsn32"
2452@@ -1272,6 +3615,67 @@ qemu (1:2.7+dfsg-1) unstable; urgency=medium
2453
2454 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 14 Oct 2016 13:31:40 +0300
2455
2456+qemu (1:2.6.1+dfsg-0ubuntu5) yakkety; urgency=medium
2457+
2458+ * No-change rebuild to compile against new libxen version.
2459+
2460+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 30 Sep 2016 14:24:37 +0200
2461+
2462+qemu (1:2.6.1+dfsg-0ubuntu4) yakkety; urgency=medium
2463+
2464+ * retain older xenial machine type to avoid issues starting guests
2465+ created on xenial prior to the SRU for bug 1621042. In that regard the old
2466+ broken xenial machine type and the new fixed one have both to be considered
2467+ as valid LTS machine types (LP: #1626070).
2468+
2469+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Sep 2016 14:57:09 +0200
2470+
2471+qemu (1:2.6.1+dfsg-0ubuntu3) yakkety; urgency=medium
2472+
2473+ * fix default ubuntu machine types. (LP: #1621042)
2474+ - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch
2475+ - remove double default and double ubuntu alias
2476+ - drop former devel releases utopic, vivid, wily
2477+ - add xenial and yakkety machine types
2478+ - add q35 based ubuntu machine type starting at xenial
2479+ - add ubuntu machine types on ppc64el and s390x starting at xenial
2480+
2481+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2016 07:50:50 +0200
2482+
2483+qemu (1:2.6.1+dfsg-0ubuntu2) yakkety; urgency=medium
2484+
2485+ * Enable GPU Passthru for ppc64le (LP: #1541902)
2486+ - 0001-spapr-ensure-device-trees-are-always-associated-with.patch
2487+ - 0002-spapr_pci-Use-correct-DMA-LIOBN-when-composing-the-d.patch
2488+ - 0003-spapr_iommu-Finish-renaming-vfio_accel-to-need_vfio.patch
2489+ - 0004-spapr_iommu-Move-table-allocation-to-helpers.patch
2490+ - 0005-vmstate-Define-VARRAY-with-VMS_ALLOC.patch
2491+ - 0006-spapr_iommu-Introduce-enabled-state-for-TCE-table.patch
2492+ - 0007-spapr_iommu-Migrate-full-state.patch
2493+ - 0008-spapr_iommu-Add-root-memory-region.patch
2494+ - 0009-spapr_pci-Reset-DMA-config-on-PHB-reset.patch
2495+ - 0010-spapr_pci-Add-and-export-DMA-resetting-helper.patch
2496+ - 0011-memory-Add-reporting-of-supported-page-sizes.patch
2497+ - 0012-memory-Add-MemoryRegionIOMMUOps.notify_started-stopp.patch
2498+ - 0013-intel_iommu-Throw-hw_error-on-notify_started.patch
2499+ - 0014-spapr_iommu-Realloc-guest-visible-TCE-table-when-sta.patch
2500+ - 0015-vfio-spapr-Add-DMA-memory-preregistering-SPAPR-IOMMU.patch
2501+ - 0016-vfio-Add-host-side-DMA-window-capabilities.patch
2502+ - 0017-vfio-spapr-Create-DMA-window-dynamically-SPAPR-IOMMU.patch
2503+ - 0018-spapr_pci-spapr_pci_vfio-Support-Dynamic-DMA-Windows.patch
2504+ - 0019-vfio-spapr-Remove-stale-ioctl-call.patch
2505+ - 0020-spapr-Fix-undefined-behaviour-in-spapr_tce_reset.patch
2506+ - 0021-memory-Fix-IOMMU-replay-base-address.patch
2507+
2508+ -- Jon Grimm <jon.grimm@canonical.com> Fri, 16 Sep 2016 14:14:47 -0500
2509+
2510+qemu (1:2.6.1+dfsg-0ubuntu1) yakkety; urgency=medium
2511+
2512+ * New upstream release. LP: #1617055.
2513+ * Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
2514+
2515+ -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 09 Sep 2016 23:33:57 +0100
2516+
2517 qemu (1:2.6+dfsg-3.1) unstable; urgency=high
2518
2519 * Non-maintainer upload.
2520@@ -1305,6 +3709,55 @@ qemu (1:2.6+dfsg-3.1) unstable; urgency=high
2521
2522 -- Andrew James <ajames@hpe.com> Wed, 14 Sep 2016 00:56:18 -0600
2523
2524+qemu (1:2.6+dfsg-3ubuntu2) yakkety; urgency=medium
2525+
2526+ * SECURITY UPDATE: DoS via unbounded memory allocation
2527+ - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c.
2528+ - CVE-2016-5403
2529+ * SECURITY UPDATE: oob write access while reading ESP command
2530+ - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for
2531+ maximum CDB size and handle migration in hw/scsi/esp.c,
2532+ include/hw/scsi/esp.h, include/migration/vmstate.h.
2533+ - CVE-2016-6351
2534+ * SECURITY UPDATE: infinite loop in virtqueue_pop
2535+ - debian/patches/CVE-2016-6490.patch: check vring descriptor buffer
2536+ length in hw/virtio/virtio.c.
2537+ - CVE-2016-6490
2538+
2539+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 03 Aug 2016 08:36:16 -0400
2540+
2541+qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium
2542+
2543+ * Merge with Debian; remaining changes:
2544+ - debian/rules: do not drop the init scripts loading kvm modules
2545+ (still needed in precise in cloud archive)
2546+ - qemu-system-common.postinst:
2547+ * remove acl placed by udev, and add udevadm trigger.
2548+ * reload kvm_intel if needed to set nested=1
2549+ - qemu-system-common.preinst: add kvm group if needed
2550+ - add qemu-kvm upstart job and defaults file (rules,
2551+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2552+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2553+ do not auto-load the kvm kernel module. Enable nesting by default
2554+ on intel.
2555+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2556+ in qemu64 cpu type.
2557+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2558+ types to ease future live vm migration.
2559+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2560+ d/qemu-system-common.install
2561+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2562+ to fix errors with missing block backends.
2563+ - s390x:
2564+ * Create qemu-system-s390x package
2565+ * Enable pie by default, on ubuntu/s390x.
2566+ * Enable svm by default for qemu64 on amd
2567+ * Include s390-ccw.img firmware
2568+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2569+ relationship, but qemu-efi is still in universe right now.
2570+
2571+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Jun 2016 16:49:49 -0500
2572+
2573 qemu (1:2.6+dfsg-3) unstable; urgency=high
2574
2575 * more security fixes picked from upstream:
2576@@ -1358,6 +3811,39 @@ qemu (1:2.6+dfsg-2) unstable; urgency=medium
2577
2578 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 13 Jun 2016 12:10:44 +0300
2579
2580+qemu (1:2.6+dfsg-1ubuntu1) yakkety; urgency=medium
2581+
2582+ * Merge with Debian; remaining changes: (LP: #1583775)
2583+ - debian/rules: do not drop the init scripts loading kvm modules
2584+ (still needed in precise in cloud archive)
2585+ - qemu-system-common.postinst:
2586+ * remove acl placed by udev, and add udevadm trigger.
2587+ * reload kvm_intel if needed to set nested=1
2588+ - qemu-system-common.preinst: add kvm group if needed
2589+ - add qemu-kvm upstart job and defaults file (rules,
2590+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2591+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2592+ do not auto-load the kvm kernel module. Enable nesting by default
2593+ on intel.
2594+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2595+ in qemu64 cpu type.
2596+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2597+ types to ease future live vm migration.
2598+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2599+ d/qemu-system-common.install
2600+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2601+ to fix errors with missing block backends. (LP: #1495895)
2602+ - s390x:
2603+ * Create qemu-system-s390x package
2604+ * Enable pie by default, on ubuntu/s390x.
2605+ * Enable svm by default for qemu64 on amd
2606+ * Include s390-ccw.img firmware
2607+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2608+ relationship, but qemu-efi is still in universe right now.
2609+ * Drop patches which have been applied upstream:
2610+
2611+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 19 May 2016 12:11:36 -0500
2612+
2613 qemu (1:2.6+dfsg-1) unstable; urgency=medium
2614
2615 * new upstream release
2616@@ -1395,6 +3881,106 @@ qemu (1:2.6+dfsg-1) unstable; urgency=medium
2617
2618 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 18 May 2016 14:44:14 +0300
2619
2620+qemu (1:2.5+dfsg-5ubuntu12) yakkety; urgency=medium
2621+
2622+ * Cherrypick upstream patches to support the query-gic-version QMP command
2623+ (LP: #1566564)
2624+
2625+ -- dann frazier <dannf@ubuntu.com> Tue, 05 Apr 2016 16:56:11 -0600
2626+
2627+qemu (1:2.5+dfsg-5ubuntu11) yakkety; urgency=medium
2628+
2629+ [Stefan Bader]
2630+ * Enable svm by default for qemu64 on amd (LP: #1561019)
2631+
2632+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Apr 2016 16:53:55 -0500
2633+
2634+qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium
2635+
2636+ * qemu-system-s390x only available on s390x, so qemu-system should only
2637+ depend on it on this arch.
2638+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2639+ relationship, but qemu-efi is still in universe right now.
2640+
2641+ -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 19 Apr 2016 13:41:37 -0700
2642+
2643+qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium
2644+
2645+ * And actually ship the right things in qemu-system-s390x.
2646+
2647+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 19 Apr 2016 16:49:00 +0100
2648+
2649+qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium
2650+
2651+ * Create qemu-system-s390x package on ubuntu only.
2652+
2653+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 18 Apr 2016 10:16:19 +0100
2654+
2655+qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium
2656+
2657+ * Cherrypick patch from mailing list to fix qemu in sandbox. (LP: #1560149)
2658+
2659+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Apr 2016 15:13:06 -0500
2660+
2661+qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium
2662+
2663+ * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch
2664+ (LP: #1556306)
2665+
2666+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 16 Mar 2016 16:35:22 -0700
2667+
2668+qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium
2669+
2670+ * Cherrypick upstream patch to fix snapshot regression (LP: #1533728)
2671+
2672+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 07 Mar 2016 18:53:34 -0800
2673+
2674+qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium
2675+
2676+ * d/control{-in}: Re-generate and build with libiscsi-dev now
2677+ that its in Ubuntu main (LP: #1271653).
2678+
2679+ -- James Page <james.page@ubuntu.com> Wed, 24 Feb 2016 17:59:13 +0000
2680+
2681+qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium
2682+
2683+ * Make -no-pie conditional, on $(CC) supporting -no-pie flag.
2684+
2685+ -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 24 Feb 2016 14:40:19 +0000
2686+
2687+qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium
2688+
2689+ * No-change rebuild for gnutls transition.
2690+
2691+ -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:27:20 +0000
2692+
2693+qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium
2694+
2695+ * Merge with Debian; remaining changes:
2696+ - debian/rules: do not drop the init scripts loading kvm modules
2697+ (still needed in precise in cloud archive)
2698+ - qemu-system-common.postinst:
2699+ * remove acl placed by udev, and add udevadm trigger.
2700+ * reload kvm_intel if needed to set nested=1
2701+ - qemu-system-common.preinst: add kvm group if needed
2702+ - add qemu-kvm upstart job and defaults file (rules,
2703+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2704+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2705+ do not auto-load the kvm kernel module. Enable nesting by default
2706+ on intel.
2707+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2708+ in qemu64 cpu type.
2709+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2710+ types to ease future live vm migration.
2711+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2712+ d/qemu-system-common.install
2713+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2714+ to fix errors with missing block backends. (LP: #1495895)
2715+ - Enable pie by default, on ubuntu/s390x.
2716+ - Include s390-ccw.img firmware.
2717+
2718+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Feb 2016 10:24:49 -0800
2719+
2720 qemu (1:2.5+dfsg-5) unstable; urgency=medium
2721
2722 * fix misspellings in previous debian/changelog entry
2723@@ -1452,6 +4038,113 @@ qemu (1:2.5+dfsg-2) unstable; urgency=high
2724
2725 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 09 Jan 2016 21:40:43 +0300
2726
2727+qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium
2728+
2729+ * SECURITY UPDATE: paravirtualized drivers incautious about shared memory
2730+ contents
2731+ - debian/patches/CVE-2015-8550-1.patch: avoid double access in
2732+ hw/block/xen_blkif.h.
2733+ - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in
2734+ hw/display/xenfb.c.
2735+ - CVE-2015-8550
2736+ * SECURITY UPDATE: infinite loop in ehci_advance_state
2737+ - debian/patches/CVE-2015-8558.patch: make idt processing more robust
2738+ in hw/usb/hcd-ehci.c.
2739+ - CVE-2015-8558
2740+ * SECURITY UPDATE: host memory leakage in vmxnet3
2741+ - debian/patches/CVE-2015-856x.patch: avoid memory leakage in
2742+ hw/net/vmxnet3.c.
2743+ - CVE-2015-8567
2744+ - CVE-2015-8568
2745+ * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info
2746+ - debian/patches/CVE-2015-8613.patch: initialise info object with
2747+ appropriate size in hw/scsi/megasas.c.
2748+ - CVE-2015-8613
2749+ * SECURITY UPDATE: DoS via Human Monitor Interface
2750+ - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write
2751+ in hmp.c, include/ui/console.h, ui/input-legacy.c.
2752+ - CVE-2015-8619
2753+ * SECURITY UPDATE: incorrect array bounds check in rocker
2754+ - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds
2755+ check in hw/net/rocker/rocker.c.
2756+ - CVE-2015-8701
2757+ * SECURITY UPDATE: ne2000 OOB r/w in ioport operations
2758+ - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport
2759+ operations in hw/net/ne2000.c.
2760+ - CVE-2015-8743
2761+ * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands
2762+ - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on
2763+ error in hw/ide/ahci.c.
2764+ - CVE-2016-1568
2765+ * SECURITY UPDATE: DoS via null pointer dereference in vapic_write()
2766+ - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in
2767+ hw/i386/kvmvapic.c.
2768+ - CVE-2016-1922
2769+ * SECURITY UPDATE: e1000 infinite loop
2770+ - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on
2771+ out-of-bounds transfer start in hw/net/e1000.c
2772+ - CVE-2016-1981
2773+ * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB
2774+ engines
2775+ - debian/patches/CVE-2016-2197.patch: add check before calling
2776+ dma_memory_unmap in hw/ide/ahci.c.
2777+ - CVE-2016-2197
2778+ * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write
2779+ - debian/patches/CVE-2016-2198.patch: add capability mmio write
2780+ function in hw/usb/hcd-ehci.c.
2781+ - CVE-2016-2198
2782+
2783+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 01 Feb 2016 09:39:01 -0500
2784+
2785+qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium
2786+
2787+ * debian/qemu-kvm-init: Call systemd-detect-virt instead of the
2788+ Ubuntu specific running-in-container wrapper. (LP: #1539016)
2789+
2790+ -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 28 Jan 2016 13:24:51 +0100
2791+
2792+qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high
2793+
2794+ * Include s390-ccw.img firmware.
2795+
2796+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 12 Jan 2016 15:53:43 +0000
2797+
2798+qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium
2799+
2800+ * Place qemu-kvm.defaults file in qemu-system-common, next to the init
2801+ scripts. Fix the comparison operator when checking KVM_HUGEPAGES.
2802+ Thanks Simon. (LP: #1531191)
2803+
2804+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 06 Jan 2016 09:45:37 -0800
2805+
2806+qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium
2807+
2808+ * Merge with Debian; remaining changes:
2809+ - debian/rules: do not drop the init scripts loading kvm modules
2810+ (still needed in precise in cloud archive)
2811+ - qemu-system-common.postinst:
2812+ * remove acl placed by udev, and add udevadm trigger.
2813+ * reload kvm_intel if needed to set nested=1
2814+ - qemu-system-common.preinst: add kvm group if needed
2815+ - add qemu-kvm upstart job and defaults file (rules,
2816+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2817+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2818+ do not auto-load the kvm kernel module. Enable nesting by default
2819+ on intel.
2820+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2821+ in qemu64 cpu type.
2822+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2823+ types to ease future live vm migration.
2824+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2825+ d/qemu-system-common.install
2826+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2827+ to fix errors with missing block backends. (LP: #1495895)
2828+ - Enable pie by default, on ubuntu/s390x.
2829+ * Drop vGICv3 support patches - all is now upstream
2830+ * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191)
2831+
2832+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Jan 2016 15:42:50 -0800
2833+
2834 qemu (1:2.5+dfsg-1) unstable; urgency=medium
2835
2836 * new upstream release
2837@@ -1478,6 +4171,49 @@ qemu (1:2.5+dfsg-1) unstable; urgency=medium
2838
2839 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 16 Dec 2015 20:00:04 +0300
2840
2841+qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high
2842+
2843+ * Enable pie by default, on ubuntu/s390x.
2844+
2845+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 07 Dec 2015 16:04:16 +0000
2846+
2847+qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium
2848+
2849+ * undo the libseccomp delta from debian. libseccomp is indeed available
2850+ on other arches, but we need qemu's configure script to be fixed before
2851+ we can use it on anything other than amd64|i386. Fixes FTBFS.
2852+ (LP: #1522531)
2853+
2854+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 03 Dec 2015 12:44:46 -0600
2855+
2856+qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium
2857+
2858+ * Merge with Debian; remaining changes:
2859+ - Update the ubuntu machine types patch to reflect upstream churn
2860+ - debian/rules: do not drop the init scripts loading kvm modules
2861+ (still needed in precise in cloud archive)
2862+ - qemu-system-common.postinst:
2863+ * remove acl placed by udev, and add udevadm trigger.
2864+ * reload kvm_intel if needed to set nested=1
2865+ - qemu-system-common.preinst: add kvm group if needed
2866+ - add qemu-kvm upstart job and defaults file (rules,
2867+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2868+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2869+ do not auto-load the kvm kernel module. Enable nesting by default
2870+ on intel.
2871+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2872+ in qemu64 cpu type.
2873+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
2874+ machine type to ease future live vm migration.
2875+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2876+ d/qemu-system-common.install
2877+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2878+ to fix errors with missing block backends. (LP: #1495895)
2879+ - control-in: build with libseccomp an all architectures
2880+ - Add vGICv3 support
2881+
2882+ -- Matthias Klose <doko@ubuntu.com> Wed, 02 Dec 2015 21:31:36 +0100
2883+
2884 qemu (1:2.4+dfsg-5) unstable; urgency=medium
2885
2886 * trace-remove-malloc-tracing.patch from upstream.
2887@@ -1490,6 +4226,57 @@ qemu (1:2.4+dfsg-5) unstable; urgency=medium
2888
2889 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 29 Nov 2015 12:22:52 +0300
2890
2891+qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium
2892+
2893+ * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
2894+ - debian/patches/CVE-2015-7504.patch: leave room for CRC code in
2895+ hw/net/pcnet.c.
2896+ - CVE-2015-7504
2897+ * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
2898+ - debian/patches/CVE-2015-7512.patch: check packet length in
2899+ hw/net/pcnet.c.
2900+ - CVE-2015-7512
2901+ * SECURITY UPDATE: infinite loop in eepro100
2902+ - debian/patches/CVE-2015-8345.patch: prevent endless loop in
2903+ hw/net/eepro100.c.
2904+ - CVE-2015-8345
2905+
2906+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 01 Dec 2015 13:36:40 -0500
2907+
2908+qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium
2909+
2910+ * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition.
2911+
2912+ -- dann frazier <dann.frazier@canonical.com> Tue, 03 Nov 2015 08:05:46 -0700
2913+
2914+qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium
2915+
2916+ * Merge 2.4 from unstable. Remaining changes:
2917+ - Update the ubuntu machine types patch to reflect upstream churn
2918+ - debian/rules: do not drop the init scripts loading kvm modules
2919+ (still needed in precise in cloud archive)
2920+ - qemu-system-common.postinst:
2921+ * remove acl placed by udev, and add udevadm trigger.
2922+ * reload kvm_intel if needed to set nested=1
2923+ - qemu-system-common.preinst: add kvm group if needed
2924+ - add qemu-kvm upstart job and defaults file (rules,
2925+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2926+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2927+ do not auto-load the kvm kernel module. Enable nesting by default
2928+ on intel.
2929+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2930+ in qemu64 cpu type.
2931+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
2932+ machine type to ease future live vm migration.
2933+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2934+ d/qemu-system-common.install
2935+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2936+ to fix errors with missing block backends. (LP: #1495895)
2937+ - control-in: build with libseccomp an all architectures.
2938+ * Add vGICv3 support
2939+
2940+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 27 Oct 2015 13:28:58 -0500
2941+
2942 qemu (1:2.4+dfsg-4) unstable; urgency=medium
2943
2944 * applied 3 patches from upstream to fix virtio-net
2945@@ -1504,7 +4291,7 @@ qemu (1:2.4+dfsg-3) unstable; urgency=high
2946 fix for Heap overflow vulnerability in ne2000_receive() function
2947 (Closes: #799074 CVE-2015-5279)
2948 * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch
2949- (Closes: #799073 CVE-2015-5278)
2950+ (Closes: #799073 CVE-2015-5278)
2951 * some binfmt reorg:
2952 - extend aarch64 to include one more byte as other arches do
2953 - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize
2954@@ -1556,6 +4343,137 @@ qemu (1:2.3+dfsg-6) unstable; urgency=high
2955
2956 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 11 Jun 2015 20:03:40 +0300
2957
2958+qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium
2959+
2960+ * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466)
2961+
2962+ -- Ryan Harper <ryan.harper@canonical.com> Wed, 21 Oct 2015 08:59:29 -0500
2963+
2964+qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low
2965+
2966+ * debian/patches/upstream-fix-irq-route-entries.patch
2967+ Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed"
2968+ (LP: #1465935)
2969+
2970+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 09 Oct 2015 15:38:53 +0200
2971+
2972+qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium
2973+
2974+ * Build using libseccomp on all architectures.
2975+
2976+ -- Matthias Klose <doko@ubuntu.com> Sat, 03 Oct 2015 21:12:15 +0200
2977+
2978+qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium
2979+
2980+ * SECURITY UPDATE: denial of service via NE2000 driver
2981+ - debian/patches/CVE-2015-5278.patch: fix infinite loop in
2982+ hw/net/ne2000.c.
2983+ - CVE-2015-5278
2984+ * SECURITY UPDATE: denial of service and possible code execution via
2985+ heap overflow in NE2000 driver
2986+ - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in
2987+ hw/net/ne2000.c.
2988+ - CVE-2015-5279
2989+ * SECURITY UPDATE: denial of service via e1000 infinite loop
2990+ - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c.
2991+ - CVE-2015-6815
2992+ * SECURITY UPDATE: denial of service via illegal ATAPI commands
2993+ - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in
2994+ hw/ide/core.c.
2995+ - CVE-2015-6855
2996+
2997+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 23 Sep 2015 15:05:51 -0400
2998+
2999+qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium
3000+
3001+ * Make qemu-system-common and qemu-utils depend on qemu-block-extra
3002+ to fix errors with missing block backends. (LP: #1495895)
3003+ * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655)
3004+ * Apply fix for memory corruption during live-migration in tcg mode
3005+ (LP: #1493049)
3006+ * Apply tracing patch to remove use of custom vtable in newer glibc
3007+ (LP: #1491972)
3008+
3009+ -- Ryan Harper <ryan.harper@canonical.com> Tue, 15 Sep 2015 09:37:23 -0500
3010+
3011+qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium
3012+
3013+ * Import qcow2-handle-eagain-from-update_refcount from upstream
3014+ to fix errors when using qemu-img convert -c. (LP: #1491050)
3015+
3016+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Sep 2015 16:35:56 -0500
3017+
3018+qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium
3019+
3020+ * SECURITY UPDATE: process heap memory disclosure
3021+ - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c.
3022+ - CVE-2015-5165
3023+ * SECURITY UPDATE: privilege escalation via block device unplugging
3024+ - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend
3025+ in hw/ide/piix.c.
3026+ - CVE-2015-5166
3027+ * SECURITY UPDATE: privilege escalation via memory corruption in vnc
3028+ - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply
3029+ limits in ui/vnc.c.
3030+ - CVE-2015-5225
3031+ * SECURITY UPDATE: denial of service via virtio-serial
3032+ - debian/patches/CVE-2015-5745.patch: don't assume a specific layout
3033+ for control messages in hw/char/virtio-serial-bus.c.
3034+ - CVE-2015-5745
3035+
3036+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 25 Aug 2015 09:38:43 -0400
3037+
3038+qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium
3039+
3040+ * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
3041+ - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
3042+ - CVE-2015-3214
3043+ * SECURITY UPDATE: heap overflow when processing ATAPI commands
3044+ - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
3045+ hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
3046+ - CVE-2015-5154
3047+ * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
3048+ - debian/patches/CVE-2015-5158.patch: check length in
3049+ hw/scsi/scsi-bus.c.
3050+ - CVE-2015-5158
3051+
3052+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jul 2015 10:07:05 -0400
3053+
3054+qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium
3055+
3056+ * SECURITY UPDATE: heap overflow in PCNET controller
3057+ - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c.
3058+ - CVE-2015-3209
3059+
3060+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Jun 2015 14:25:05 -0400
3061+
3062+qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium
3063+
3064+ * Merge 1:2.3+dfsg-5 from Debian.
3065+ * Remaining changes:
3066+ - debian/rules: do not drop the init scripts loading kvm modules
3067+ (still needed in precise in cloud archive)
3068+ - qemu-system-common.postinst:
3069+ * remove acl placed by udev, and add udevadm trigger.
3070+ * reload kvm_intel if needed to set nested=1
3071+ - qemu-system-common.preinst: add kvm group if needed
3072+ - add qemu-kvm upstart job and defaults file (rules,
3073+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3074+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3075+ do not auto-load the kvm kernel module. Enable nesting by default
3076+ on intel.
3077+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3078+ in qemu64 cpu type.
3079+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3080+ machine type to ease future live vm migration.
3081+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3082+ d/qemu-system-common.install
3083+ * Refreshed patches:
3084+ - ubuntu/expose-vmx_qemu64cpu.patch
3085+ - ubuntu/define-ubuntu-machine-types.patch
3086+
3087+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 10 Jun 2015 14:28:39 -0500
3088+
3089 qemu (1:2.3+dfsg-5) unstable; urgency=high
3090
3091 * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch
3092@@ -1567,6 +4485,35 @@ qemu (1:2.3+dfsg-5) unstable; urgency=high
3093
3094 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 03 Jun 2015 17:18:58 +0300
3095
3096+qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium
3097+
3098+ * Merge 1:2.3+dfsg-4 from Debian.
3099+ * Remaining changes:
3100+ - debian/rules: do not drop the init scripts loading kvm modules
3101+ (still needed in precise in cloud archive)
3102+ - qemu-system-common.postinst:
3103+ * remove acl placed by udev, and add udevadm trigger.
3104+ * reload kvm_intel if needed to set nested=1
3105+ - qemu-system-common.preinst: add kvm group if needed
3106+ - add qemu-kvm upstart job and defaults file (rules,
3107+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3108+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3109+ do not auto-load the kvm kernel module. Enable nesting by default
3110+ on intel.
3111+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3112+ in qemu64 cpu type.
3113+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3114+ machine type to ease future live vm migration.
3115+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3116+ d/qemu-system-common.install
3117+ * Dropped all patches which are applied upstream
3118+ * Move the upstart jobs to a generic script
3119+ - add new qemu-kvm-init script
3120+ - call that from upstart and sysvrc qemu-kvm scripts
3121+ - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc}
3122+
3123+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 03 Jun 2015 13:36:36 -0500
3124+
3125 qemu (1:2.3+dfsg-4) unstable; urgency=medium
3126
3127 * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch:
3128@@ -1628,6 +4575,98 @@ qemu (1:2.2+dfsg-6exp) experimental; urgency=medium
3129
3130 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 17 Apr 2015 21:54:53 +0300
3131
3132+qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium
3133+
3134+ * SECURITY UPDATE: denial of service in vnc web
3135+ - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket
3136+ frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h.
3137+ - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from
3138+ websockets clients in ui/vnc-ws.c.
3139+ - CVE-2015-1779
3140+ * SECURITY UPDATE: host code execution via floppy device (VEMON)
3141+ - debian/patches/CVE-2015-3456.patch: force the fifo access to be in
3142+ bounds of the allocated buffer in hw/block/fdc.c.
3143+ - CVE-2015-3456
3144+
3145+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 13 May 2015 07:25:59 -0400
3146+
3147+qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low
3148+
3149+ * CVE-2015-2756 / XSA-126
3150+ - xen: limit guest control of PCI command register
3151+
3152+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 08 Apr 2015 10:17:45 +0200
3153+
3154+qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium
3155+
3156+ * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not
3157+ accidentally create /1
3158+
3159+ -- Steve Beattie <sbeattie@ubuntu.com> Thu, 12 Mar 2015 16:46:51 -0700
3160+
3161+qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low
3162+
3163+ * No-change rebuild to pull in libxl-4.5 (take 2: step to the right).
3164+
3165+ -- Stefan Bader <stefan.bader@canonical.com> Thu, 26 Feb 2015 08:55:35 +0100
3166+
3167+qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low
3168+
3169+ * No-change rebuild to pull in libxl-4.5.
3170+
3171+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 25 Feb 2015 13:58:37 +0100
3172+
3173+qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium
3174+
3175+ * debian/control-in: enable numa on architectures where numa is built
3176+ (LP: #1417937)
3177+
3178+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 23:18:58 -0600
3179+
3180+qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium
3181+
3182+ [Scott Moser]
3183+ * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa
3184+ profile when started by libvirt.
3185+
3186+ [Serge Hallyn]
3187+ * add symlink qemu-system-ppc64le -> qemu-system-ppc64
3188+ * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script
3189+ (LP: #1419855)
3190+
3191+ [Chris J Arges]
3192+ * Determine if we are running inside a virtual environment. If running inside
3193+ a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153)
3194+
3195+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 13:04:21 -0600
3196+
3197+qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium
3198+
3199+ * Merge 1:2.2+dfsg-5exp from Debian. (LP: #1409308)
3200+ - debian/rules: do not drop the init scripts loading kvm modules
3201+ (still needed in precise in cloud archive)
3202+ * Remaining changes:
3203+ - qemu-system-common.postinst:
3204+ * remove acl placed by udev, and add udevadm trigger.
3205+ * reload kvm_intel if needed to set nested=1
3206+ - qemu-system-common.preinst: add kvm group if needed
3207+ - add qemu-kvm upstart job and defaults file (rules,
3208+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3209+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3210+ do not auto-load the kvm kernel module. Enable nesting by default
3211+ on intel.
3212+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3213+ in qemu64 cpu type.
3214+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3215+ machine type to ease future live vm migration.
3216+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3217+ d/qemu-system-common.install
3218+ * Dropped all patches which are applied upstream
3219+ * Update ubuntu-vivid machine type to default to std graphics (following
3220+ upstream's lead for pc-i440fx-2.2 machine type)
3221+
3222+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 09 Feb 2015 22:31:09 -0600
3223+
3224 qemu (1:2.2+dfsg-5exp) experimental; urgency=medium
3225
3226 * fix initscript removal once again
3227@@ -1677,6 +4716,47 @@ qemu (2.2+dfsg-1exp) unstable; urgency=medium
3228
3229 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 09 Dec 2014 23:09:26 +0300
3230
3231+qemu (1:2.1+dfsg-11ubuntu2) vivid; urgency=medium
3232+
3233+ * Cherrypick upstream patch needed to allow ESx hosts to run under
3234+ kvm (LP: #1411575)
3235+
3236+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 16 Jan 2015 16:32:48 -0600
3237+
3238+qemu (1:2.1+dfsg-11ubuntu1) vivid; urgency=medium
3239+
3240+ * Merge 2.1+dfsg-11. Remaining changes:
3241+ - qemu-system-common.postinst:
3242+ * remove acl placed by udev, and add udevadm trigger.
3243+ * reload kvm_intel if needed to set nested=1
3244+ - qemu-system-common.preinst: add kvm group if needed
3245+ - add qemu-kvm upstart job and defaults file (rules,
3246+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3247+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3248+ do not auto-load the kvm kernel module. Enable nesting by default
3249+ on intel.
3250+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3251+ removed the alternatives bit later.
3252+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3253+ in qemu64 cpu type.
3254+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3255+ machine type to ease future live vm migration.
3256+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3257+ d/qemu-system-common.install
3258+ - debian/binfmt-update-in: support ppcle
3259+ * debian/binfmt-update-in
3260+ * Support-ppcle.patch
3261+ - Upstream patches to fix AArch64 emulation ignoring SPSel=0:
3262+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
3263+ * d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
3264+ * d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
3265+ * Dropped patches (upstream or now in debian's tree):
3266+ - upstream-xen_disk-fix-unmapping-of-persistent-grants.patch
3267+ - CVE-2014-7840.patch
3268+ - CVE-2014-8106.patch
3269+
3270+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Dec 2014 13:57:34 -0600
3271+
3272 qemu (1:2.1+dfsg-11) unstable; urgency=medium
3273
3274 * bump epoch and reupload to cancel 2.2+dfsg-1exp upload
3275@@ -1746,6 +4826,81 @@ qemu (2.1+dfsg-8) unstable; urgency=low
3276
3277 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 27 Nov 2014 18:32:45 +0300
3278
3279+qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium
3280+
3281+ * SECURITY UPDATE: code execution via savevm data
3282+ - debian/patches/CVE-2014-7840.patch: validate parameters in
3283+ arch_init.c.
3284+ - CVE-2014-7840
3285+ * SECURITY UPDATE: code execution via cirrus vga blit regions
3286+ (LP: #1400775)
3287+ - debian/patches/CVE-2014-8106.patch: properly validate blit regions in
3288+ hw/display/cirrus_vga.c.
3289+ - CVE-2014-8106
3290+
3291+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Dec 2014 14:11:52 -0500
3292+
3293+qemu (2.1+dfsg-7ubuntu4) vivid; urgency=low
3294+
3295+ * d/rules: Fix vendor check to make kvm-spice symlinks (DEB_VENDOR got
3296+ dropped and VENDOR now will be all capital UBUNTU).
3297+
3298+ -- Stefan Bader <stefan.bader@canonical.com> Mon, 08 Dec 2014 14:45:31 +0100
3299+
3300+qemu (2.1+dfsg-7ubuntu3) vivid; urgency=medium
3301+
3302+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
3303+ d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
3304+ d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
3305+ Cherry-pick of upstream patches in order to fix AArch64 emulation ignoring
3306+ SPSel=0 in certain conditions. (LP: #1349277)
3307+
3308+ -- Chris J Arges <chris.j.arges@canonical.com> Thu, 04 Dec 2014 14:17:01 -0600
3309+
3310+qemu (2.1+dfsg-7ubuntu2) vivid; urgency=low
3311+
3312+ * d/p/upstream-xen_disk-fix-unmapping-of-persistent-grants.patch:
3313+ Cherry-pick of qemu-upstream patch to fix issues with persistent
3314+ grants and the PV backend (Qdisk) (LP: #1394327).
3315+
3316+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 28 Nov 2014 13:14:37 +0100
3317+
3318+qemu (2.1+dfsg-7ubuntu1) vivid; urgency=medium
3319+
3320+ * Merge 2.1+dfsg-7. Remaining changes:
3321+ - qemu-system-common.postinst:
3322+ * remove acl placed by udev, and add udevadm trigger.
3323+ * reload kvm_intel if needed to set nested=1
3324+ - qemu-system-common.preinst: add kvm group if needed
3325+ - add qemu-kvm upstart job and defaults file (rules,
3326+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3327+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3328+ do not auto-load the kvm kernel module. Enable nesting by default
3329+ on intel.
3330+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3331+ removed the alternatives bit later.
3332+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3333+ in qemu64 cpu type.
3334+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3335+ machine type to ease future live vm migration.
3336+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3337+ d/qemu-system-common.install
3338+ - debian/binfmt-update-in: support ppcle
3339+ * debian/binfmt-update-in
3340+ * Support-ppcle.patch
3341+ * Dropped patches (upstream or now in debian's tree):
3342+ - pc-reserve-more-memory-for-acpi.patch
3343+ - CVE-2014-5388.patch
3344+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap and
3345+ 502-block-raw-posic-use-seek-hole-ahead-of-fiemap (combined
3346+ in debian)
3347+ - CVE-2014-3615.patch
3348+ - CVE-2014-3640.patch
3349+ - CVE-2014-3689.patch
3350+ - CVE-2014-7815.patch
3351+
3352+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 22 Nov 2014 18:36:53 -0600
3353+
3354 qemu (2.1+dfsg-7) unstable; urgency=high
3355
3356 * urgency is high due to 2 security fixes
3357@@ -1797,6 +4952,119 @@ qemu (2.1+dfsg-5) unstable; urgency=medium
3358
3359 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 26 Sep 2014 17:43:26 +0400
3360
3361+qemu (2.1+dfsg-4ubuntu9) vivid; urgency=medium
3362+
3363+ * SECURITY UPDATE: information disclosure via vga driver
3364+ - debian/patches/CVE-2014-3615.patch: return the correct memory size,
3365+ sanity check register writes, and don't use fixed buffer sizes in
3366+ hw/display/qxl.c, hw/display/vga.c, hw/display/vga_int.h,
3367+ ui/spice-display.c.
3368+ - CVE-2014-3615
3369+ * SECURITY UPDATE: denial of service via slirp NULL pointer deref
3370+ - debian/patches/CVE-2014-3640.patch: make sure socket is not just a
3371+ stub in slirp/udp.c.
3372+ - CVE-2014-3640
3373+ * SECURITY UPDATE: possible privilege escalation via vmware-vga driver
3374+ - debian/patches/CVE-2014-3689.patch: verify rectangles in
3375+ hw/display/vmware_vga.c.
3376+ - CVE-2014-3689
3377+ * SECURITY UPDATE: denial of service via VNC console
3378+ - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in
3379+ ui/vnc.c.
3380+ - CVE-2014-7815
3381+
3382+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 13 Nov 2014 07:31:03 -0500
3383+
3384+qemu (2.1+dfsg-4ubuntu8) vivid; urgency=medium
3385+
3386+ * Support qemu-kvm on x32, arm64, ppc64 and pp64el architectures
3387+ (LP: #1389897) (Patch thanks to mwhudson, BenC, and infinity)
3388+
3389+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Nov 2014 15:51:47 -0600
3390+
3391+qemu (2.1+dfsg-4ubuntu7) vivid; urgency=medium
3392+
3393+ * Apply two patches to fix intermittent qemu-img corruption
3394+ (LP: #1368815)
3395+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap
3396+ - 502-block-raw-posic-use-seek-hole-ahead-of-fiemap
3397+
3398+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 29 Oct 2014 22:31:43 -0500
3399+
3400+qemu (2.1+dfsg-4ubuntu6) utopic; urgency=medium
3401+
3402+ * debian/control: slof is moving into main, so we can depend on qemu-slof as
3403+ debian does.
3404+
3405+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Oct 2014 22:01:27 +0200
3406+
3407+qemu (2.1+dfsg-4ubuntu5) utopic; urgency=medium
3408+
3409+ * debian/binfmt-update-in: don't blacklist ppc64le on ppc64 and vice
3410+ versa.
3411+ * Drop Support-ppc64le.pach, as that architecture appears to not exist yet.
3412+ * update d/p/ubuntu/define-ubuntu-machine-types.patch to keep -M pc pointing
3413+ to latest upstream machine type, rather than distro one. Add 'ubuntu'
3414+ machine type for that.
3415+
3416+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 06 Oct 2014 13:41:31 -0500
3417+
3418+qemu (2.1+dfsg-4ubuntu4) utopic; urgency=medium
3419+
3420+ * debian/qemu-system-x86.qemu-kvm.upstart: create /dev/kvm in a
3421+ container. (LP: #1370199)
3422+ * load kvm module on ppc64le at boot (LP: #1369785)
3423+ - debian/rules: install qemu-kvm on ppc64el
3424+ - add debian/qemu-system-ppc.qemu-kvm.{upstart,default} to autoload the
3425+ kvm-hv module if available
3426+ * qemu-system-x86.maintscript: remove accidentally installed
3427+ /etc/init.d/qemu-system-x86 (from 2.0.0+dfsg-6ubuntu1 and a few earlier)
3428+ * rename qemu-system-x86 init script to qemu-kvm so it gets installed in
3429+ ubuntu.
3430+
3431+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Sep 2014 14:20:12 -0500
3432+
3433+qemu (2.1+dfsg-4ubuntu3) utopic; urgency=medium
3434+
3435+ * Re-stick the trusty machine type to 2.0 (where it must always stay) and
3436+ define a new, default, pc-i440fx-utopic machine type (LP: #1369481)
3437+
3438+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 15 Sep 2014 14:04:57 -0500
3439+
3440+qemu (2.1+dfsg-4ubuntu2) utopic; urgency=medium
3441+
3442+ * move kvm_intel nested setting to qemu-system-x86.postinst.
3443+
3444+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 12 Sep 2014 23:12:52 +0000
3445+
3446+qemu (2.1+dfsg-4ubuntu1) utopic; urgency=medium
3447+
3448+ * Merge new debian release
3449+ * Remaining changes:
3450+ - qemu-system-common.postinst:
3451+ * remove acl placed by udev, and add udevadm trigger.
3452+ * reload kvm_intel if needed to set nested=1
3453+ - qemu-system-common.preinst: add kvm group if needed
3454+ - add qemu-kvm upstart job and defaults file (rules,
3455+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3456+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3457+ do not auto-load the kvm kernel module. Enable nesting by default
3458+ on intel.
3459+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3460+ removed the alternatives bit later.
3461+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3462+ in qemu64 cpu type.
3463+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3464+ machine type to ease future live vm migration.
3465+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3466+ d/qemu-system-common.install
3467+ - debian/binfmt-update-in: support ppcle
3468+ * debian/binfmt-update-in
3469+ * Support-ppcle.patch
3470+ - d/p/CVE-2014-5388.patch
3471+
3472+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Sep 2014 17:56:15 -0500
3473+
3474 qemu (2.1+dfsg-4) unstable; urgency=medium
3475
3476 * mention libnuma-dev but not enable for now
3477@@ -1814,6 +5082,59 @@ qemu (2.1+dfsg-4) unstable; urgency=medium
3478
3479 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 31 Aug 2014 09:32:59 +0400
3480
3481+qemu (2.1+dfsg-3ubuntu4) utopic; urgency=medium
3482+
3483+ * SECURITY UPDATE: memory disclosure via out-of-bounds array access
3484+ - debian/patches/CVE-2014-5388.patch: fix check in hw/acpi/pcihp.c.
3485+ - CVE-2014-5388
3486+
3487+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 09 Sep 2014 08:26:24 -0400
3488+
3489+qemu (2.1+dfsg-3ubuntu3) utopic; urgency=medium
3490+
3491+ * replace d/p/revert-acpi-table-size-bump with
3492+ pc-reserve-more-memory-for-acpi.patch from upstream
3493+ * debian/binfmt-update-in
3494+ - don't run in a container
3495+ - add ppc64le as target (LP: #1358268)
3496+ * Add experimental ppcle support (LP: #1358268)
3497+
3498+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 27 Aug 2014 18:24:32 -0500
3499+
3500+qemu (2.1+dfsg-3ubuntu2) utopic; urgency=medium
3501+
3502+ * revert-acpi-table-size-bump - get qemu -kernel working again.
3503+
3504+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 15:33:24 -0500
3505+
3506+qemu (2.1+dfsg-3ubuntu1) utopic; urgency=medium
3507+
3508+ * Merge new debian release
3509+ * Remaining changes:
3510+ - control-in: stick to libsdl1.2-dev.
3511+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3512+ qemu-bridge-helper
3513+ - qemu-system-common.postinst: remove acl placed by udev,
3514+ and add udevadm trigger.
3515+ - qemu-system-common.preinst: add kvm group if needed
3516+ - add qemu-kvm upstart job and defaults file (rules,
3517+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3518+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3519+ do not auto-load the kvm kernel module. Enable nesting by default
3520+ on intel.
3521+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3522+ removed the alternatives bit later.
3523+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3524+ in qemu64 cpu type.
3525+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3526+ machine type to ease future live vm migration.
3527+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3528+ d/qemu-system-common.install
3529+ * Upstart job: use getent group to check for kvm group
3530+ * apport: 'qemu' doesn't exist any more, so check for any qemu* tasks
3531+
3532+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 08:44:54 -0500
3533+
3534 qemu (2.1+dfsg-3) unstable; urgency=medium
3535
3536 * set SHELL = /bin/sh -e, so that more complex shell constructs
3537@@ -1840,6 +5161,42 @@ qemu (2.1+dfsg-3) unstable; urgency=medium
3538
3539 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 14 Aug 2014 14:30:24 +0400
3540
3541+qemu (2.1+dfsg-2ubuntu2) utopic; urgency=medium
3542+
3543+ * reload kvm_intel if needed to set the nested=Y flag (LP: #1324174)
3544+
3545+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Aug 2014 12:58:50 -0500
3546+
3547+qemu (2.1+dfsg-2ubuntu1) utopic; urgency=medium
3548+
3549+ * Merge new debian release
3550+ * Remaining changes:
3551+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3552+ have in ipxe-qemu package.
3553+ - control-in: stick to libsdl1.2-dev.
3554+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3555+ qemu-bridge-helper
3556+ - qemu-system-common.postinst: remove acl placed by udev,
3557+ and add udevadm trigger.
3558+ - qemu-system-common.preinst: add kvm group if needed
3559+ - add qemu-kvm upstart job and defaults file (rules,
3560+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3561+ - debian/rules: add qemu-kvm-spice
3562+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3563+ do not auto-load the kvm kernel module. Enable nesting by default
3564+ on intel.
3565+ - binfmt-update-in: make sure to filter out compat arches.
3566+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3567+ removed the alternatives bit later.
3568+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3569+ in qemu64 cpu type.
3570+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3571+ machine type to ease future live vm migration.
3572+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3573+ d/qemu-system-common.install
3574+
3575+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Aug 2014 13:53:06 -0500
3576+
3577 qemu (2.1+dfsg-2) unstable; urgency=medium
3578
3579 * l2tp-linux-only.patch: fix FTBFS on kfreebsd
3580@@ -1874,7 +5231,7 @@ qemu (2.1+dfsg-1) unstable; urgency=medium
3581
3582 qemu (2.0.0+dfsg-7) unstable; urgency=medium
3583
3584- * clarify description of qemu-user-binfmt a bit
3585+ * clarify description of qemu-user-binfmt a bit
3586 * build-depend on acpica-tools (iasl) in order to rebuild .dsl files
3587 * remove qemu-keymaps package, since it is not used by other tools
3588 anymore, and ship keymaps in qemu-system-common.
3589@@ -1891,6 +5248,43 @@ qemu (2.0.0+dfsg-7) unstable; urgency=medium
3590
3591 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 24 Jul 2014 16:51:16 +0400
3592
3593+qemu (2.0.0+dfsg-6ubuntu2) utopic; urgency=medium
3594+
3595+ * d/qemu-system-x86.qemu-kvm.upstart: change the early-exit check from
3596+ /usr/bin/kvm to qemu-system-x86_64. (LP: #1348551)
3597+
3598+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 25 Jul 2014 08:35:02 -0500
3599+
3600+qemu (2.0.0+dfsg-6ubuntu1) utopic; urgency=medium
3601+
3602+ * Merge 2.0.0+dfsg-6. Remaining changes:
3603+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3604+ have in ipxe-qemu package.
3605+ - control-in: stick to libgnutls-dev and libsdl1.2-dev.
3606+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3607+ qemu-bridge-helper
3608+ - qemu-system-common.postinst: remove acl placed by udev,
3609+ and add udevadm trigger.
3610+ - qemu-system-common.preinst: add kvm group if needed
3611+ - add qemu-kvm upstart job and defaults file (rules,
3612+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3613+ - debian/rules: add qemu-kvm-spice
3614+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3615+ do not auto-load the kvm kernel module. Enable nesting by default
3616+ on intel.
3617+ - binfmt-update-in: make sure to filter out compat arches.
3618+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3619+ removed the alternatives bit later.
3620+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3621+ in qemu64 cpu type.
3622+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3623+ machine type to ease future live vm migration.
3624+ - re-introduce apport hook for qemu source package:
3625+ d/source_qemu-kvm.py, d/qemu-system-common.install
3626+ * enable-build-dep on libjpeg8-dev - which is now in main
3627+
3628+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 23 Jun 2014 14:52:54 -0500
3629+
3630 qemu (2.0.0+dfsg-6) unstable; urgency=medium
3631
3632 * build-depend on libgnutls28-dev not libgnutls-dev
3633@@ -1934,6 +5328,59 @@ qemu (2.0.0+dfsg-3) unstable; urgency=low
3634
3635 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 21 Apr 2014 12:34:03 +0400
3636
3637+qemu (2.0.0+dfsg-2ubuntu3) utopic; urgency=medium
3638+
3639+ * remove alternatives for qemu: different architectures
3640+ aren't really alternatives and never had been (LP: #1316829)
3641+
3642+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 07 May 2014 15:12:33 +0000
3643+
3644+qemu (2.0.0+dfsg-2ubuntu2) utopic; urgency=medium
3645+
3646+ * debian/rules: install the proper /etc/init/qemu-kvm.conf (LP: #1315402)
3647+ * debian/control: drop the versioning requirement from libfdt-dev
3648+ build-dependency, as it is longer needed (LP: #1295072)
3649+
3650+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 02 May 2014 11:43:44 -0500
3651+
3652+qemu (2.0.0+dfsg-2ubuntu1) trusty-proposed; urgency=medium
3653+
3654+ * Merge 2.0.0+dfsg-2
3655+ * Incorporates a fix for spice users (LP: #1309452)
3656+ * drop patch kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch, as
3657+ the regression requiring it was reverted for 2.0 upstream.
3658+ * remove qemu-system-common depends on the qemu-system-aarch64 metapackage
3659+ * debian/qemu-debootstrap: add arm64
3660+ * Remaining changes from debian:
3661+ - keep qemu 'alternative' (not something to change in SRU)
3662+ - debian/control and debian/control-in:
3663+ * versioned libfdt-dev check, until libfdt is fixed in precise
3664+ * enable rbd
3665+ * remove ovmf Recommends, as it is in multiverse
3666+ * use libsdl1.2, not libsdl2, since libsdl2-dev is in universe
3667+ * add a qemu-system-aarch64 metapackage for transitions from trusty
3668+ development version. This can be removed after trusty.
3669+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3670+ qemu-bridge-helper
3671+ - qemu-system-common.postinst: fix /dev/kvm acls
3672+ - qemu-system-common.preinst: add kvm group if needed
3673+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3674+ have in ipxe-qemu package.
3675+ - qemu-system-x86.modprobe: set module options for older releases
3676+ - qemu-system-x86.qemu-kvm.default: defaults for the upstart job
3677+ - qemu-system-x86.qemu-kvm.upstart: qemu-kvm upstart job
3678+ - qemu-user-static.postinst-in: remove qemu-arm64-static on arm64
3679+ - debian/rules
3680+ * add legacy kvm-spice link
3681+ * fix ppc and arm slections
3682+ * add aarch64 to user_targets
3683+ - debian/patches/ubuntu/define-trusty-machine-type.patch: define a
3684+ pc-i440fx-trusty machine type as the default.
3685+ - debian/patches/ubuntu/expose-vmx_qemu64cpu.patch: support nesting by
3686+ default in qemu64 cpu time.
3687+
3688+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Apr 2014 09:23:27 -0500
3689+
3690 qemu (2.0.0+dfsg-2) unstable; urgency=medium
3691
3692 * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current
3693@@ -1959,7 +5406,7 @@ qemu (2.0.0+dfsg-1) unstable; urgency=low
3694 * kmod dependency is linux-any
3695 * doc-grammify-allows-to.patch: fix some lintian warnings
3696 * remove alternatives for qemu: different architectures
3697- aren't really alternatives and never had been
3698+ aren't really alternatives and never had been
3699 * update Standards-Version to 3.9.5 (no changes needed)
3700 * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff -
3701 fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1
3702@@ -1993,6 +5440,50 @@ qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low
3703
3704 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 05 Apr 2014 16:23:48 +0400
3705
3706+qemu (2.0.0~rc1+dfsg-0ubuntu3) trusty; urgency=medium
3707+
3708+ * d/p/ubuntu/kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch
3709+ don't abort() just because the kernel has no dirty bitmap.
3710+ (LP: #1303926)
3711+
3712+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 22:32:00 -0500
3713+
3714+qemu (2.0.0~rc1+dfsg-0ubuntu2) trusty; urgency=medium
3715+
3716+ * define-trusty-machine-type.patch: update the trusty machine type name to
3717+ pc-i440fx-trusty (LP: #1304107)
3718+
3719+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 11:49:04 -0500
3720+
3721+qemu (2.0.0~rc1+dfsg-0ubuntu1) trusty; urgency=medium
3722+
3723+ * Merge 2.0.0-rc1
3724+ * debian/rules: consolidate ppc filter entries.
3725+ * Move qemu-system-arch64 into qemu-system-arm
3726+ * debian/patches/define-trusty-machine-type.patch: define a trusty machine
3727+ type, currently the same as pc-i440fx-2.0, to put is in a better position
3728+ to enable live migrations from trusty onward. (LP: #1294823)
3729+ * debian/control: build-dep on libfdt >= 1.4.0 (LP: #1295072)
3730+ * Merge latest upstream git to commit dc9528f
3731+ * Debian/rules:
3732+ - remove -enable-uname-release=2.6.32
3733+ - don't make the aarch64 target Ubuntu-specific.
3734+ * Remove patches which are now upstream:
3735+ - fix-smb-security-share.patch
3736+ - slirp-smb-redirect-port-445-too.patch
3737+ - linux-user-Implement-sendmmsg-syscall.patch (better version is upstream)
3738+ - signal-added-a-wrapper-for-sigprocmask-function.patch
3739+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
3740+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
3741+ - ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch
3742+ * add link for /usr/share/qemu/bios-256k.bin
3743+ * Remove all linaro patches.
3744+ * Remove all arm64/ patches. Many but not all are upstream.
3745+ * Remove CVE-2013-4377.patch which is upstream.
3746+ * debian/control-in: don't make qemu-system-aarch64 ubuntu-specific
3747+
3748+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 25 Feb 2014 22:31:43 -0600
3749+
3750 qemu (1.7.0+dfsg-9) unstable; urgency=medium
3751
3752 * remove rbd/rados/ceph support *again*, till they'll actually provide
3753@@ -2057,6 +5548,104 @@ qemu (1.7.0+dfsg-4) unstable; urgency=medium
3754
3755 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 12 Mar 2014 18:34:03 +0400
3756
3757+qemu (1.7.0+dfsg-3ubuntu7) trusty; urgency=low
3758+
3759+ * No-change rebuild to build with libxen-4.4.
3760+
3761+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 21 Mar 2014 10:04:36 +0100
3762+
3763+qemu (1.7.0+dfsg-3ubuntu6) trusty; urgency=medium
3764+
3765+ * d/p/ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch: cherrypick
3766+ upstream patch to force cpu count on ppc to be a power of 2. (LP: #1279682)
3767+
3768+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Mar 2014 00:03:00 -0500
3769+
3770+qemu (1.7.0+dfsg-3ubuntu5) trusty; urgency=medium
3771+
3772+ [ dann frazier ]
3773+ * Add patches from the susematz tree to avoid intermittent segfaults:
3774+ - ubuntu/signal-added-a-wrapper-for-sigprocmask-function.patch
3775+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
3776+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
3777+
3778+ [ Serge Hallyn ]
3779+ * Modify do_sigprocmask to only change behavior for aarch64.
3780+ (LP: #1285363)
3781+
3782+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 06 Mar 2014 16:15:50 -0600
3783+
3784+qemu (1.7.0+dfsg-3ubuntu4) trusty; urgency=medium
3785+
3786+ [ Steve Langasek ]
3787+ * Merge debian/control with unreleased Debian branch: our architecture
3788+ lists should now be in sync.
3789+
3790+ [ Dann Frazier ]
3791+ * ubuntu/linux-user-Implement-sendmmsg-syscall.patch: Fix user mode DNS
3792+ on arm64 and maybe others. (LP: #1284344)
3793+
3794+ [ Serge Hallyn ]
3795+ * Move the OVMF.fd link to the ovmf package.
3796+
3797+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 21 Feb 2014 12:14:53 -0800
3798+
3799+qemu (1.7.0+dfsg-3ubuntu3) trusty; urgency=medium
3800+
3801+ * Add ppc64el to the architecture list (supposedly added in the previous
3802+ upload, but really wasn't).
3803+
3804+ -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 20 Feb 2014 23:40:07 -0800
3805+
3806+qemu (1.7.0+dfsg-3ubuntu2) trusty; urgency=medium
3807+
3808+ * Backport changes to enable qemu-user-static support for aarch64
3809+ * debian/control: add ppc64el to Architectures
3810+ * debian/rules: only install qemu-system-aarch64 on arm64.
3811+ Fixes a FTBFS when built twice in a row on non-arm64 due to a stale
3812+ debian/qemu-system-aarch64 directory
3813+
3814+ -- dann frazier <dann.frazier@canonical.com> Tue, 11 Feb 2014 15:41:53 -0700
3815+
3816+qemu (1.7.0+dfsg-3ubuntu1) trusty; urgency=medium
3817+
3818+ * Fix broken filter_binfmts
3819+ * Remove use of dpkg-version in postinsts, as we're not Depending on
3820+ dpkg-dev.
3821+
3822+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 05 Feb 2014 21:57:38 -0600
3823+
3824+qemu (1.7.0+dfsg-3ubuntu1~ppa1) trusty; urgency=medium
3825+
3826+ * Merge 1.7.0+dfsg-3 from debian. Remaining changes:
3827+ - debian/patches/ubuntu:
3828+ * expose-vmx_qemu64cpu.patch
3829+ * linaro (omap3) and arm64 patches
3830+ * ubuntu/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS
3831+ on ppc
3832+ * ubuntu/CVE-2013-4377.patch: fix denial of service via virtio
3833+ - debian/qemu-system-x86.modprobe: set kvm_intel nested=1 options
3834+ - debian/control:
3835+ * add arm64 to Architectures
3836+ * add qemu-common and qemu-system-aarch64 packages
3837+ - debian/qemu-system-common.install: add debian/tmp/usr/lib
3838+ - debian/qemu-system-common.preinst: add kvm group
3839+ - debian/qemu-system-common.postinst: remove acl placed by udev,
3840+ and add udevadm trigger.
3841+ - qemu-system-x86.links: add eepro100.rom, remove pxe-virtio,
3842+ pxe-e1000 and pxe-rtl8139.
3843+ - add qemu-system-x86.qemu-kvm.upstart and .default
3844+ - qemu-user-static.postinst-in: remove arm64 binfmt
3845+ - debian/rules:
3846+ * allow parallel build
3847+ * add aarch64 to system_targets and sys_systems
3848+ * add qemu-kvm-spice links
3849+ * install qemu-system-x86.modprobe
3850+ - add debian/qemu-system-common.links for OVMF.fd link
3851+ * Remove kvm-img, kvm-nbd, kvm-ifup and kvm-ifdown symlinks.
3852+
3853+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Feb 2014 12:13:08 -0600
3854+
3855 qemu (1.7.0+dfsg-3) unstable; urgency=low
3856
3857 * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86
3858@@ -2082,6 +5671,121 @@ qemu (1.7.0+dfsg-3) unstable; urgency=low
3859
3860 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 16 Jan 2014 15:17:46 +0400
3861
3862+qemu (1.7.0+dfsg-2ubuntu9) trusty; urgency=medium
3863+
3864+ * debian/qemu-user-static.postinst-in: remove arm64 qemu-user binfmt, which
3865+ may have been installed up to 1.6.0+dfsg-2ubuntu4 (LP: #1273654)
3866+
3867+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 Jan 2014 14:41:20 +0000
3868+
3869+qemu (1.7.0+dfsg-2ubuntu8) trusty; urgency=medium
3870+
3871+ * SECURITY UPDATE: denial of service via virtio device hot-plugging
3872+ - debian/patches/CVE-2013-4377.patch: upstream commits to refactor
3873+ virtio device unplugging.
3874+ - CVE-2013-4377
3875+
3876+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jan 2014 09:10:37 -0500
3877+
3878+qemu (1.7.0+dfsg-2ubuntu7) trusty; urgency=medium
3879+
3880+ * d/p/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS on
3881+ powerpc.
3882+
3883+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 22 Jan 2014 11:59:26 -0600
3884+
3885+qemu (1.7.0+dfsg-2ubuntu6) trusty; urgency=medium
3886+
3887+ [ Serge Hallyn ]
3888+ * add arm64 patchset from upstream. The three arm virt patches previously
3889+ pushed are in that set, so drop them.
3890+
3891+ [ dann frazier ]
3892+ * Add packaging for qemu-system-aarch64. This package is currently only
3893+ available for arm64, as full software emulation is not yet supported.
3894+
3895+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 10 Jan 2014 12:19:08 -0600
3896+
3897+qemu (1.7.0+dfsg-2ubuntu5) trusty; urgency=medium
3898+
3899+ * Drop d/p/fix-pci-add: upstream does not intend for pci_add to be
3900+ supported any longer.
3901+ * Add patchset from git://git.linaro.org/qemu/qemu-linaro.git#rebasing
3902+ * Refresh debian/patches/hw_arm_add_virt_platform.patch against context
3903+ churn caused by linaro patchset.
3904+ * debian/rules: enable parallel builds.
3905+
3906+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 03 Jan 2014 10:53:17 -0600
3907+
3908+qemu (1.7.0+dfsg-2ubuntu4) trusty; urgency=medium
3909+
3910+ * d/control: enable usbredir (LP: 1126390)
3911+
3912+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 02 Jan 2014 08:55:43 -0600
3913+
3914+qemu (1.7.0+dfsg-2ubuntu3) trusty; urgency=medium
3915+
3916+ * add missing arm virt patches from the mach-virt-v7 branch of
3917+ git://git.linaro.org/people/cdall/qemu-arm.git
3918+
3919+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 18 Dec 2013 12:25:59 -0600
3920+
3921+qemu (1.7.0+dfsg-2ubuntu2) trusty; urgency=medium
3922+
3923+ * debian/control: add arm64 to list of architectures.
3924+
3925+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Dec 2013 10:22:47 -0600
3926+
3927+qemu (1.7.0+dfsg-2ubuntu1) trusty; urgency=low
3928+
3929+ * Merge 1.7.0+dfsg-2 from debian experimental. Remaining changes:
3930+ - debian/control
3931+ * update maintainer
3932+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
3933+ from build-deps
3934+ * enable rbd
3935+ * add qemu-system and qemu-common B/R to qemu-keymaps
3936+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
3937+ qemu-system-common
3938+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
3939+ - add qemu-common, qemu-kvm, kvm to B/R
3940+ - remove openbios-sparc from qemu-system-sparc D
3941+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
3942+ * qemu-system-x86:
3943+ - add qemu-common to Breaks/Replaces.
3944+ - add cpu-checker to Recommends.
3945+ * qemu-user: add B/R:qemu-kvm
3946+ * qemu-kvm:
3947+ - add armhf armel powerpc sparc to Architecture
3948+ - C/R/P: qemu-kvm-spice
3949+ * add qemu-common package
3950+ * drop qemu-slof which is not packaged in ubuntu
3951+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
3952+ - qemu-system-x86.links:
3953+ * remove pxe rom links which are in kvm-ipxe
3954+ - debian/rules
3955+ * add kvm-spice symlink to qemu-kvm
3956+ * call dh_installmodules for qemu-system-x86
3957+ * update dh_installinit to install upstart script
3958+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
3959+ - Add qemu-utils.links for kvm-* symlinks.
3960+ - Add qemu-system-x86.qemu-kvm.upstart and .default
3961+ - Add qemu-system-x86.modprobe to set nesting=1
3962+ - Add qemu-system-common.preinst to add kvm group
3963+ - qemu-system-common.postinst: remove bad group acl if there, then have
3964+ udev relabel /dev/kvm.
3965+ - New linaro patches from qemu-linaro rebasing branch
3966+ - Dropped patches:
3967+ * linaro patchset
3968+ * mach-virt patchset
3969+ - Kept patches:
3970+ * expose_vms_qemu64cpu.patch
3971+ * fix-pci-add
3972+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
3973+ qemu-bridge-helper
3974+
3975+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 07 Dec 2013 06:08:11 +0000
3976+
3977 qemu (1.7.0+dfsg-2) unstable; urgency=low
3978
3979 * switch from vgabios to seavgabios
3980@@ -2111,6 +5815,73 @@ qemu (1.7.0+dfsg-1) unstable; urgency=low
3981
3982 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 28 Nov 2013 03:14:21 +0400
3983
3984+qemu (1.6.0+dfsg-2ubuntu2) trusty; urgency=low
3985+
3986+ * debian/control: qemu-utils must Replace: qemu-kvm as it did in raring,
3987+ to prevent lts-to-lts updates from breaking. (LP: #1243403)
3988+
3989+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 23 Oct 2013 14:31:05 -0500
3990+
3991+qemu (1.6.0+dfsg-2ubuntu1) trusty; urgency=low
3992+
3993+ * Merge 1.6.0~rc0+dfsg-2exp from debian experimental. Remaining changes:
3994+ - debian/control
3995+ * update maintainer
3996+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
3997+ from build-deps
3998+ * enable rbd
3999+ * add qemu-system and qemu-common B/R to qemu-keymaps
4000+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4001+ qemu-system-common
4002+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4003+ - add qemu-kvm to Provides
4004+ - add qemu-common, qemu-kvm, kvm to B/R
4005+ - remove openbios-sparc from qemu-system-sparc D
4006+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
4007+ * qemu-system-x86:
4008+ - add qemu-common to Breaks/Replaces.
4009+ - add cpu-checker to Recommends.
4010+ * qemu-user: add B/R:qemu-kvm
4011+ * qemu-kvm:
4012+ - add armhf armel powerpc sparc to Architecture
4013+ - C/R/P: qemu-kvm-spice
4014+ * add qemu-common package
4015+ * drop qemu-slof which is not packaged in ubuntu
4016+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4017+ - qemu-system-x86.links:
4018+ * remove pxe rom links which are in kvm-ipxe
4019+ * add symlink for kvm.1 manpage
4020+ - debian/rules
4021+ * add kvm-spice symlink to qemu-kvm
4022+ * call dh_installmodules for qemu-system-x86
4023+ * update dh_installinit to install upstart script
4024+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4025+ - Add qemu-utils.links for kvm-* symlinks.
4026+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4027+ - Add qemu-system-x86.modprobe to set nesting=1
4028+ - Add qemu-system-common.preinst to add kvm group
4029+ - qemu-system-common.postinst: remove bad group acl if there, then have
4030+ udev relabel /dev/kvm.
4031+ - New linaro patches from qemu-linaro rebasing branch
4032+ - Dropped patches:
4033+ * xen-simplify-xen_enabled.patch
4034+ * sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch
4035+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
4036+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
4037+ * virtio-rng-fix-crash
4038+ - Kept patches:
4039+ * expose_vms_qemu64cpu.patch - updated
4040+ * linaro arm patches from qemu-linaro rebasing branch
4041+ - New patches:
4042+ * fix-pci-add: change CONFIG variable in ifdef to make sure that
4043+ pci_add is defined.
4044+ * Add linaro patches
4045+ * Add experimental mach-virt patches for arm virtualization.
4046+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
4047+ qemu-bridge-helper
4048+
4049+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 22 Oct 2013 22:47:07 -0500
4050+
4051 qemu (1.6.0+dfsg-2) unstable; urgency=low
4052
4053 * Build-depend in seccomp again once it is in -testing
4054@@ -2181,6 +5952,89 @@ qemu (1.5.0+dfsg-4) unstable; urgency=medium
4055
4056 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 06 Jun 2013 01:50:32 +0400
4057
4058+qemu (1.5.0+dfsg-3ubuntu6) trusty; urgency=low
4059+
4060+ * No change rebuild for new seccomp.
4061+
4062+ -- Stéphane Graber <stgraber@ubuntu.com> Mon, 21 Oct 2013 18:34:50 -0400
4063+
4064+qemu (1.5.0+dfsg-3ubuntu5) saucy; urgency=low
4065+
4066+ * Cherrypick upstream patch to fix crash with rng device (LP: #1235017)
4067+ - virtio-rng-fix-crash
4068+
4069+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 09 Oct 2013 17:46:49 -0500
4070+
4071+qemu (1.5.0+dfsg-3ubuntu4) saucy; urgency=low
4072+
4073+ * Re-introduce snippet in upstart job to load kvm modules if needed.
4074+ (LP: #1218459)
4075+
4076+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 16 Sep 2013 22:43:52 +0000
4077+
4078+qemu (1.5.0+dfsg-3ubuntu3) saucy; urgency=low
4079+
4080+ * Cherry-picking three Xen related patches targetted for qemu-stable:
4081+ * xen-simplify-xen_enabled.patch
4082+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
4083+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
4084+
4085+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 26 Jul 2013 15:01:44 +0200
4086+
4087+qemu (1.5.0+dfsg-3ubuntu2) saucy; urgency=low
4088+
4089+ * Drop openbios-ppc and openhackware Depends to Suggests for now.
4090+
4091+ -- Adam Conrad <adconrad@ubuntu.com> Wed, 05 Jun 2013 03:23:56 -0600
4092+
4093+qemu (1.5.0+dfsg-3ubuntu1) saucy; urgency=low
4094+
4095+ * Merge 1.5.0+dfs-3 from debian unstable. Remaining changes:
4096+ - debian/control
4097+ * update maintainer
4098+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4099+ from build-deps
4100+ * enable rbd
4101+ * add qemu-system and qemu-common B/R to qemu-keymaps
4102+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4103+ qemu-system-common
4104+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4105+ - add qemu-kvm to Provides
4106+ - add qemu-common, qemu-kvm, kvm to B/R
4107+ - remove openbios-sparc from qemu-system-sparc D
4108+ * qemu-system-x86:
4109+ - add qemu-common to Breaks/Replaces.
4110+ - add cpu-checker to Recommends.
4111+ * qemu-user: add B/R:qemu-kvm
4112+ * qemu-kvm:
4113+ - add armhf armel powerpc sparc to Architecture
4114+ - C/R/P: qemu-kvm-spice
4115+ * add qemu-common package
4116+ * drop qemu-slof which is not packaged in ubuntu
4117+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4118+ - qemu-system-x86.links:
4119+ * remove pxe rom links which are in kvm-ipxe
4120+ * add symlink for kvm.1 manpage
4121+ - debian/rules
4122+ * add kvm-spice symlink to qemu-kvm
4123+ * call dh_installmodules for qemu-system-x86
4124+ * update dh_installinit to install upstart script
4125+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4126+ - Add qemu-utils.links for kvm-* symlinks.
4127+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4128+ - Add qemu-system-x86.modprobe to set nesting=1
4129+ - Add qemu-system-common.preinst to add kvm group
4130+ - qemu-system-common.postinst: remove bad group acl if there, then have
4131+ udev relabel /dev/kvm.
4132+ - Dropped patches:
4133+ * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4134+ - Kept patches:
4135+ * expose_vms_qemu64cpu.patch - updated
4136+ * gridcentric patch - updated
4137+ * linaro arm patches from qemu-linaro rebasing branch
4138+
4139+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Jun 2013 22:56:43 +0200
4140+
4141 qemu (1.5.0+dfsg-3) unstable; urgency=low
4142
4143 * fix sections: misc => otherosfs
4144@@ -2200,6 +6054,54 @@ qemu (1.5.0+dfsg-3) unstable; urgency=low
4145
4146 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Jun 2013 01:49:47 +0400
4147
4148+qemu (1.5.0+dfsg-2ubuntu1) saucy; urgency=low
4149+
4150+ * Merge 1.5.0+dfs-2 from debian unstable. Remaining changes:
4151+ - debian/control
4152+ * update maintainer
4153+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4154+ from build-deps
4155+ * enable rbd
4156+ * add qemu-system and qemu-common B/R to qemu-keymaps
4157+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4158+ qemu-system-common
4159+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4160+ - add qemu-kvm to Provides
4161+ - add qemu-common, qemu-kvm, kvm to B/R
4162+ - remove openbios-sparc from qemu-system-sparc D
4163+ * qemu-system-x86:
4164+ - add qemu-common to Breaks/Replaces.
4165+ - add cpu-checker to Recommends.
4166+ * qemu-user: add B/R:qemu-kvm
4167+ * qemu-kvm:
4168+ - add armhf armel powerpc sparc to Architecture
4169+ - C/R/P: qemu-kvm-spice
4170+ * add qemu-common package
4171+ * drop qemu-slof which is not packaged in ubuntu
4172+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4173+ - qemu-system-x86.links:
4174+ * remove pxe rom links which are in kvm-ipxe
4175+ * add symlink for kvm.1 manpage
4176+ - debian/rules
4177+ * add kvm-spice symlink to qemu-kvm
4178+ * call dh_installmodules for qemu-system-x86
4179+ * update dh_installinit to install upstart script
4180+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4181+ - Add qemu-utils.links for kvm-* symlinks.
4182+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4183+ - Add qemu-system-x86.modprobe to set nesting=1
4184+ - Add qemu-system-common.preinst to add kvm group
4185+ - qemu-system-common.postinst: remove bad group acl if there, then have
4186+ udev relabel /dev/kvm.
4187+ - Dropped patches:
4188+ * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4189+ - Kept patches:
4190+ * expose_vms_qemu64cpu.patch - updated
4191+ * gridcentric patch - updated
4192+ * linaro arm patches from qemu-linaro rebasing branch
4193+
4194+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 May 2013 08:18:30 -0500
4195+
4196 qemu (1.5.0+dfsg-2) unstable; urgency=low
4197
4198 * merged development history of wheezy and experimental branches.
4199@@ -2267,6 +6169,76 @@ qemu (1.4.0+dfsg-2exp) experimental; urgency=low
4200
4201 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 18 Apr 2013 14:45:30 +0400
4202
4203+qemu (1.4.0+dfsg-1expubuntu4) raring; urgency=low
4204+
4205+ * re-add qemu-system-x86.modprobe to set nesting=1 (LP: #1155177)
4206+ * qemu-system-x86.qemu-kvm.upstart:
4207+ - remove NESTED workarounds from upstart file.
4208+ - remove loading of modules which is now always done
4209+ - remove TAPR define which is no longer used
4210+ * move customizable defines back to qemu-kvm.default
4211+ * copy creation of group kvm to preinst - the group must exist when the
4212+ kvm udev rule is installed (LP: #1103022) (LP: #1092715)
4213+ * add adduser to qemu-system-common Pre-Depends for use by preinst.
4214+
4215+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 14 Mar 2013 14:21:53 -0500
4216+
4217+qemu (1.4.0+dfsg-1expubuntu3) raring; urgency=low
4218+
4219+ * debian/rules: add a symlink from kvm-spice to kvm in qemu-kvm, on
4220+ i386/amd64 targets. (LP: #1126258)
4221+
4222+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 28 Feb 2013 15:17:16 -0600
4223+
4224+qemu (1.4.0+dfsg-1expubuntu2) raring; urgency=low
4225+
4226+ * substitute (apparently identical) patches from 1.4.0 qemu-linaro rebasing
4227+ tree.
4228+ * add qemu-common to qemu-system-common B/R (was accidentally dropped from
4229+ 1.3.0 in 1.4.0 merge).
4230+ * debian/control: fix kvm P/C/B/R:
4231+ - make all C/B/R against kvm versioned
4232+ - don't have any qemu-system-* other than x86 Provides: kvm
4233+
4234+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Feb 2013 13:34:07 -0600
4235+
4236+qemu (1.4.0+dfsg-1expubuntu1) raring; urgency=low
4237+
4238+ * Merge 1.4.0+dfsg-1exp from debian. Remaining changes:
4239+ - debian/control:
4240+ * update maintainer
4241+ * remove libiscsi, usb-redir, vde, and vnc-jpeg from build-deps
4242+ * enable rbd
4243+ * add qemu-system and qemu-common B/R to qemu-keymaps
4244+ * add D:udev and R:qemu to qemu-system-common
4245+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4246+ - add qemu-kvm and kvm to Provides
4247+ - add qemu-common and qemu-kvm to Breaks/Replaces qemu-system-ppc,
4248+ qemu-system-sparc:
4249+ - remove openbios-$arch from Depends
4250+ * qemu-system-x86:
4251+ - add qemu-common to Breaks/Replaces.
4252+ - add cpu-checker to Recommends.
4253+ * qemu-user:
4254+ - add B/R qemu-kvm
4255+ * qemu-utils:
4256+ - add B/R qemu-user and qemu-kvm
4257+ * qemu-kvm: add armhf armel powerpc sparc to Architecture
4258+ * add qemu-common package
4259+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4260+ - qemu-system-x86.links:
4261+ * remove pxe rom links which are in kvm-ipxe
4262+ * add symlink for kvm.1 manpage
4263+ - Add qemu-utils.links for kvm-* symlinks.
4264+ - Add qemu-kvm.conf upstart job to qemu-system
4265+ - Clear /dev/kvm acls on install
4266+ - Add linaro arm patches.
4267+ - Add gridcentric patches.
4268+ - Re-add expose_vms_qemu64cpu.patch (from Daviey)
4269+ * Add 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4270+
4271+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 20 Feb 2013 11:58:27 -0600
4272+
4273 qemu (1.4.0+dfsg-1exp) experimental; urgency=low
4274
4275 [ Michael Tokarev ]
4276@@ -2322,6 +6294,116 @@ qemu (1.4.0~rc0+dfsg-1exp) experimental; urgency=low
4277
4278 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 02 Feb 2013 21:05:28 +0400
4279
4280+qemu (1.3.0+dfsg-5expubuntu5) raring; urgency=low
4281+
4282+ * qemu-system-common.postinst: only run setfacl when /dev/kvm exists.
4283+ (LP: #1130591)
4284+
4285+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 20 Feb 2013 08:58:53 -0600
4286+
4287+qemu (1.3.0+dfsg-5expubuntu4) raring; urgency=low
4288+
4289+ * Update workarounds for udev/inotify: (LP: #1092715)
4290+ - qemu-system-common.udev: go back to original, simple rule
4291+ - qemu-system-common.postinst: manually run setfacl
4292+ - (keep Depends: on acl as well)
4293+ - this can be removed once bug 1092715 is fixed.
4294+
4295+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 19 Feb 2013 12:41:22 -0600
4296+
4297+qemu (1.3.0+dfsg-5expubuntu3) raring; urgency=low
4298+
4299+ * Now that qemu provides spice support, and qemu-kvm-spice is removed from
4300+ the archive, have qemu-kvm (which qemu-kvm-spice always depended on)
4301+ P/C/R qemu-kvm-spice.
4302+
4303+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 14 Feb 2013 13:43:27 -0600
4304+
4305+qemu (1.3.0+dfsg-5expubuntu2) raring; urgency=low
4306+
4307+ * Enable spice.
4308+ * Address lintian warning by adding ${misc:Depends} to qemu-common and
4309+ qemu-kvm.
4310+
4311+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 12 Feb 2013 16:07:04 -0600
4312+
4313+qemu (1.3.0+dfsg-5expubuntu1) raring; urgency=low
4314+
4315+ [ Serge Hallyn ]
4316+ * Merge 1.3.0+dfsg-5exp from Debian.
4317+ * remaining changes from 1.3.0+dfsg-1~exp3ubuntu1:
4318+ - debian/control:
4319+ * update maintainer
4320+ * remove vde2 recommends
4321+ * build-deps: remove libusbredir, libvdeplug2-dev,
4322+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev
4323+ * qemu-system:
4324+ - break/replace qemu-common
4325+ - depend on udev
4326+ - remove openbios-ppc, openbios-sparc, and openhackware from
4327+ Depends. (Intend to add them back once we can build them.)
4328+ * qemu-utils: break/replace qemu-kvm
4329+ - qemu-kvm.upstart:
4330+ - add qemu-system.qemu-kvm.upstart
4331+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4332+ - take the defaults from the old qemu-kvm.defaults, and move them into
4333+ the upstart job
4334+ - debian/patches:
4335+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4336+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4337+ - add links for qemu-ifup/down in qemu-system-common.links
4338+ - debian/qemu-system-common.postinst
4339+ - udevadm trigger to fix up /dev/kvm perms
4340+ - debian/qemu-system.links:
4341+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4342+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4343+ back to qemu-system at some point.
4344+ * remaining changes from after 1.3.0+dfsg-1~exp3ubuntu1:
4345+ - qemu-system-common.links: add link for OVMF
4346+ - Add qemu-utils.links for kvm-img and kvm-nbd utils and manpages.
4347+ - qemu-system.links:
4348+ * Add link to usr/share/ovmf/OVMF.fd
4349+ * Fix target of /etc/kvm/kvm-if{up,down} links
4350+ - debian/control: qemu-system should Recommend cpu-checker
4351+ - Add qemu-kvm breaks/replaces to qemu-user, to handle conflict over
4352+ (i.e.) qemu-x86_64.
4353+ - add qemu-kvm, and qemu-common transitional packages.
4354+ - Add breaks/replaces to qemu-keymaps for qemu-system.
4355+ - Add provides: qemu-kvm and kvm to qemu-system-ppc.
4356+ - Add breaks/replaces to qemu-system-ppc for qemu-kvm and qemu-common.
4357+ - Add breaks/replaces to qemu-kvm for qemu-common.
4358+ - Add breaks/replaces to qemu-utils for qemu-user and qemu-kvm.
4359+ - Add armhf, armel, powerpc and sparc arches to qemu-kvm transitional
4360+ package.
4361+ - Add qemu-common package.
4362+ - Make sure /dev/kvm gets its acls cleared:
4363+ * Add acl to qemu-system.depends
4364+ * update qemu-system.udev to run setfacl to set g::rw acl
4365+ - Remove vnc-jpeg, libiscsi-dev, and vde from debian/configure-opts
4366+ * dropped debian/patches/CVE-2012-6075.patch (duplicate of
4367+ e1000-discard-oversize-packets-based-on-SBP_LPE.patch)
4368+ * debian/{control,configure-opts}: enable rbd (LP: #1118406)
4369+ * add symlink for kvm.1 -> qemu.1 manpage (LP: #1117636)
4370+ * add replaces to qemu-system-common for qemu - we briefly moved conflicting
4371+ docs to qemu, which debian moved to qemu-system-common. This can be
4372+ dropped after raring.
4373+ * move qemu-kvm.upstart from qemu-system to qemu-system-x86.
4374+ * Support upgrade from qemu-kvm on non-x86 arches:
4375+ - Add Provides: qemu-kvm, kvm to qemu-system-{arm,ppc,sparc,x86}
4376+ - Add Breaks/Replaces for qemu-{common,system,kvm} and kvm.
4377+ * Re-add expose_vms_qemu64cpu.patch (from Daviey) from quantal.
4378+
4379+ [ Steve Langasek ]
4380+ * Pass --enable-uname-release=2.6.32 for the user emulation builds, so that
4381+ we have a sensible baseline kernel value regardless of what the
4382+ underlying host kernel is. This makes eglibc happier when running under
4383+ emulation on a very old kernel for instance (whose host syscall ABI has
4384+ nothing to do with what emulated syscalls are supported), and probably
4385+ also lets us steer clear for the moment of code that has problem with
4386+ the new kernel upstream versioning convention. LP: #921078.
4387+
4388+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 07 Feb 2013 14:15:26 -0600
4389+
4390 qemu (1.3.0+dfsg-5exp) experimental; urgency=low
4391
4392 * qemu-system-split: split qemu-system into several target-specific packages:
4393@@ -2401,6 +6483,106 @@ qemu (1.3.0+dfsg-2exp) experimental; urgency=low
4394
4395 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 20 Jan 2013 22:12:11 +0400
4396
4397+qemu (1.3.0+dfsg-1~exp3ubuntu8) raring; urgency=low
4398+
4399+ * qemu-system.links:
4400+ - Add link to usr/share/ovmf/OVMF.fd (LP: #1074207)
4401+ - Fix target of /etc/kvm/kvm-if{up,down} links
4402+
4403+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 29 Jan 2013 10:52:22 -0600
4404+
4405+qemu (1.3.0+dfsg-1~exp3ubuntu7) raring; urgency=low
4406+
4407+ * debian/control: qemu-system should Recommend cpu-checker (LP: #1103982)
4408+
4409+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 28 Jan 2013 11:52:10 -0600
4410+
4411+qemu (1.3.0+dfsg-1~exp3ubuntu6) raring; urgency=low
4412+
4413+ * configure-opts: add audio-cards list (LP: #1102487)
4414+ * configure-opts: change order of audio-drv-list for ubuntu, putting pa
4415+ first.
4416+
4417+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 21 Jan 2013 12:02:09 -0600
4418+
4419+qemu (1.3.0+dfsg-1~exp3ubuntu5) raring; urgency=low
4420+
4421+ * Add qemu-kvm breaks/replaces to qemu-user, to handle conflict over
4422+ (i.e.) qemu-x86_64. (LP: #1102332)
4423+
4424+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 21 Jan 2013 08:58:07 -0600
4425+
4426+qemu (1.3.0+dfsg-1~exp3ubuntu4) raring; urgency=low
4427+
4428+ * Move three docs from qemu-system.install to qemu.docs (LP: #1101798)
4429+
4430+ -- Adam Conrad <adconrad@ubuntu.com> Sat, 19 Jan 2013 20:12:48 -0700
4431+
4432+qemu (1.3.0+dfsg-1~exp3ubuntu3) raring; urgency=low
4433+
4434+ * debian/patches/CVE-2012-6075.patch: Fix guest denial of service and
4435+ possible code execution in hw/e1000.c by dropping oversize packets.
4436+
4437+ -- Adam Conrad <adconrad@ubuntu.com> Sat, 19 Jan 2013 07:31:50 -0700
4438+
4439+qemu (1.3.0+dfsg-1~exp3ubuntu2) raring; urgency=low
4440+
4441+ * debian/rules: empty MAKEFLAGS when building spapr-rtas.bin on powerpc, to
4442+ fix FTBFS due to parallel compile.
4443+
4444+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Jan 2013 15:51:09 -0600
4445+
4446+qemu (1.3.0+dfsg-1~exp3ubuntu1) raring; urgency=low
4447+
4448+ * Merge 1.3.0+dfsg-1~exp3. Remaining ubuntu delta:
4449+ - debian/control:
4450+ * update maintainer
4451+ * remove vde2 recommends
4452+ * build-deps: remove libusbredir, libvdeplug2-dev,
4453+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev,
4454+ and libxen-dev.
4455+ * qemu-keymaps: break/replace qemu-common
4456+ * qemu-system:
4457+ - break/replace qemu-common
4458+ - depend on udev
4459+ - remove openbios-ppc, openbios-sparc, and openhackware from
4460+ Depends. (Intend to add them back once we can build them.)
4461+ - provides: qemu-kvm
4462+ * qemu-utils: break/replace qemu-kvm
4463+ * set up transitional packages for qemu-kvm, qemu-common, and kvm.
4464+ - qemu-kvm.upstart:
4465+ - add qemu-system.qemu-kvm.upstart
4466+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4467+ - take the defaults from the old qemu-kvm.defaults, and move them into
4468+ the upstart job
4469+ - debian/patches:
4470+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4471+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4472+ - ifup/down:
4473+ - copy Debian qemu-kvm's kvm-ifup/down into debian/
4474+ - fix dh_install for kvm-ifup/down in debian/rules
4475+ - add links for qemu-ifup/down in qemu-system.links
4476+ - remove (debian's original) qemu-ifup from qemu-system.install
4477+ - debian/qemu-system.postinst
4478+ - udevadm trigger to fix up /dev/kvm perms
4479+ - make the 'qemu' symlink point to qemu-system-x86_64, not -i386.
4480+ - debian/qemu-system.links:
4481+ - point 'kvm' to qemu-system-x86_64
4482+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4483+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4484+ back to qemu-system at some point.
4485+ * Add note about kvm to qemu-system.README.debian.
4486+ * Copy kvm-ifup and kvm-ifdown from debian's qemu-kvm
4487+ * Remove TAPBR from qemu-kvm.conf.
4488+ * Make sure /dev/kvm gets its acls cleared:
4489+ - Add acl to qemu-system.depends
4490+ - update qemu-system.udev to run setfacl to set g::rw acl
4491+ * qemu-system.qemu-kvm.conf: don't rmmod at stop
4492+ * Remove vnc-jpeg, libiscsi-dev, and vde from debian/configure-opts
4493+ * Remove hugepages sysctl file - qemu now supports transparent hugepages.
4494+
4495+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 14 Jan 2013 23:22:51 -0600
4496+
4497 qemu (1.3.0+dfsg-1~exp3) experimental; urgency=low
4498
4499 * enable vde on kFreebsd too (no idea why it was disabled)
4500@@ -2485,6 +6667,107 @@ qemu (1.3.0+dfsg-1~exp1) experimental; urgency=low
4501
4502 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 30 Dec 2012 01:52:21 +0400
4503
4504+qemu (1.2.0.dfsg-1~exp1-0ubuntu2) raring; urgency=low
4505+
4506+ * Remove kvm package
4507+ - make qemu-system P/C/B: kvm.
4508+
4509+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 14 Jan 2013 12:03:19 -0600
4510+
4511+qemu (1.2.0.dfsg-1~exp1-0ubuntu1) raring; urgency=low
4512+
4513+ [ Serge Hallyn ]
4514+ * debian/control:
4515+ - update maintainer
4516+ - remove vde2 recommends
4517+ - build-deps: remove libusbredir, libvdeplug2-dev,
4518+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev,
4519+ and libxen-dev.
4520+ - qemu-keymaps: break/replace qemu-common
4521+ - qemu-system:
4522+ - break/replace qemu-common
4523+ - depend on udev
4524+ - remove openbios-ppc, openbios-sparc, and openhackware from
4525+ Depends. (Intend to add them back once we can build them.)
4526+ - provides: qemu-kvm
4527+ - qemu-utils: break/replace qemu-kvm
4528+ - set up transitional packages for qemu-kvm, qemu-common, and kvm.
4529+ * debian/rules:
4530+ - install kvm-ifup and kvm-ifdown
4531+ - dh_installinit the qemu-kvm upstart job
4532+ * install a 30-qemu-kvm.conf into /etc/sysctl.c for nr_hugepages.
4533+ * qemu-kvm.upstart:
4534+ - add qemu-system.qemu-kvm.upstart
4535+ - add mv_confile to qemu-system.preinst, postinst, and .postrm to rename
4536+ /etc/init/qemu-kvm.conf to qemu-system.conf
4537+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4538+ - take the defaults from the old qemu-kvm.defaults, and move them into
4539+ the upstart job
4540+ * debian/patches:
4541+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4542+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4543+ - apply nbd-fixes-to-read-only-handling.patch from upstream to
4544+ make read-write mount after read-only mount work. (LP: #1077838)
4545+ * ifup/down:
4546+ - copy Ubuntu qemu-kvm's kvm-ifup/down into debian/
4547+ - fix dh_install for kvm-ifup/down in debian/rules
4548+ - add links for qemu-ifup/down in qemu-system.links
4549+ - remove (debian's original) qemu-ifup from qemu-system.install
4550+ * debian/qemu-system.postinst
4551+ - udevadm trigger to fix up /dev/kvm perms
4552+ - make the 'qemu' symlink point to qemu-system-x86_64, not -i386.
4553+ * debian/qemu-system.links:
4554+ - point 'kvm' to qemu-system-x86_64
4555+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4556+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4557+ back to qemu-system at some point.
4558+ - add qemu-ifdown and qemu-ifup links
4559+ * debian/qemu-system.install:
4560+ - remove /etc/qemu-ifup link
4561+ - add /etc/sysctl.d/30-qemu-kvm.conf
4562+
4563+ [ Adam Conrad ]
4564+ * Appease apt-get's dist-upgrade resolver by creating a qemu-common
4565+ transitional package to upgrade more gracefully to qemu-keymaps.
4566+ * Move all the empty transitional packages to the oldlibs section.
4567+ * Restore the versioned dep from qemu-kvm (and kvm) to qemu-system.
4568+
4569+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Jan 2013 08:50:24 -0600
4570+
4571+qemu (1.2.0+dfsg-1~exp1) UNRELEASED; urgency=low
4572+
4573+ [ Michael Tokarev ]
4574+ * new upstream version (1.3.0)
4575+ (Closes: #676374, #622319, #597527, #593547, #660154)
4576+ - Removed patches included upstream:
4577+ do-not-include-libutil.h.patch
4578+ configure-nss-usbredir.patch
4579+ tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch
4580+ net-add--netdev-options-to-man-page.patch
4581+ - update 02_kfreebsd.patch
4582+ - do not build mpc8544ds.dtb
4583+ - include new targets
4584+ * Cleaned up the build system ALOT. Larger changes:
4585+ - used explicit lists of emulated targets in debian/rules
4586+ and generate everything else from there, instead of repeating
4587+ these lists in lots of places.
4588+ - stop using debian/$pkg.manpages and other auxilary files like this,
4589+ moving eveything to debian/$pkg.install, because with the number
4590+ of packages growing, amount of these small files becomes very
4591+ large and the result is difficult to maintain.
4592+ * ship forgotten target-x86_64.conf in qemu-system.
4593+ * ship virtfs-proxy-helper in qemu-utils.
4594+ * stop shipping tundev.c, since it does not reflect the reality for
4595+ a long time now (Closes: #325761, #325754).
4596+ * re-introduce support parallel build using DEB_BUILD_OPTIONS=parallel=N,
4597+ this time by adding to $MAKEFLAGS instead of passing down to submakes
4598+ * build-depend on libcap-ng-dev (for virtfs-proxy-helper)
4599+
4600+ [ Vagrant Cascadian ]
4601+ * Add libcap-dev to Build-Depends to support virtfs-proxy-helper.
4602+
4603+ -- Michael Tokarev <mjt@tls.msk.ru> Sun, 30 Dec 2012 01:52:21 +0400
4604+
4605 qemu (1.1.2+dfsg-6a) unstable; urgency=low
4606
4607 * reupload to remove two unrelated files slipped in debian/
4608@@ -4418,3 +8701,4 @@ qemu (0.5.2-1) unstable; urgency=low
4609 * Initial Release. (Closes: #187407)
4610
4611 -- Paul Russell <prussell@debian.org> Wed, 3 Mar 2004 02:18:54 +0100
4612+
4613diff --git a/debian/control b/debian/control
4614index f925148..3a0248f 100644
4615--- a/debian/control
4616+++ b/debian/control
4617@@ -2,7 +2,8 @@
4618 Source: qemu
4619 Section: otherosfs
4620 Priority: optional
4621-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
4622+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
4623+XSBC-Original-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
4624 Uploaders: Riku Voipio <riku.voipio@iki.fi>,
4625 Michael Tokarev <mjt@tls.msk.ru>
4626 Build-Depends: debhelper-compat (= 12),
4627@@ -17,8 +18,6 @@ Build-Depends: debhelper-compat (= 12),
4628 texinfo, python3-sphinx,
4629 # iasl (from acpica-tools) is used only in a single test these days, not for building
4630 # acpica-tools,
4631-# --enable-capstone=system
4632- libcapstone-dev (>> 4.0.2~),
4633 # --enable-linux-aio linux-*
4634 libaio-dev [linux-any],
4635 # --audio-drv-list=pa,alsa,oss linux-*
4636@@ -50,8 +49,6 @@ Build-Depends: debhelper-compat (= 12),
4637 libvirglrenderer-dev [linux-any],
4638 # --enable-opengl linux-*
4639 libepoxy-dev [linux-any], libdrm-dev [linux-any], libgbm-dev [linux-any],
4640-# --enable-libnfs
4641- libnfs-dev (>> 1.9.3),
4642 # --enable-numa i386|amd64|ia64|mips|mipsel|powerpc|powerpcspe|x32|ppc64|ppc64el|arm64|sparc|s390x|riscv64
4643 libnuma-dev [i386 amd64 ia64 mips mipsel mips64 mips64el powerpc powerpcspe x32 ppc64 ppc64el arm64 sparc s390x riscv64],
4644 # --enable-smartcard
4645@@ -61,8 +58,6 @@ Build-Depends: debhelper-compat (= 12),
4646 librbd-dev [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x ppc64 sparc64],
4647 # glusterfs is debian-only since ubuntu/glusterfs is in universe (MIR LP: #1274247)
4648 # before buster it was glusterfs-common so keep it for now for bpo
4649-# --enable-glusterfs linux-any
4650- libglusterfs-dev [linux-any] | glusterfs-common [linux-any],
4651 # --enable-vnc-sasl
4652 libsasl2-dev,
4653 # --disable-sdl
4654@@ -83,9 +78,6 @@ Build-Depends: debhelper-compat (= 12),
4655 # --enable-libssh
4656 libssh-dev,
4657 # vde is debian-only since ubuntu/vde2 is in universe
4658-# --enable-vde
4659- libvdeplug-dev,
4660-# --enable-xen linux-amd64|linux-i386
4661 libxen-dev [linux-amd64 linux-i386],
4662 # --enable-nettle
4663 nettle-dev,
4664@@ -129,8 +121,10 @@ Build-Depends-Indep:
4665 Build-Conflicts: oss4-dev
4666 Standards-Version: 4.5.1
4667 Homepage: http://www.qemu.org/
4668-Vcs-Browser: https://salsa.debian.org/qemu-team/qemu
4669-Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git
4670+XS-Debian-Vcs-Browser: https://salsa.debian.org/qemu-team/qemu
4671+XS-Debian-Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git
4672+Vcs-Browser: https://git.launchpad.net/ubuntu/+source/qemu
4673+Vcs-Git: https://git.launchpad.net/ubuntu/+source/qemu
4674
4675 Package: qemu
4676 Architecture: amd64 arm arm64 armel armhf i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4677@@ -161,6 +155,7 @@ Depends: ${misc:Depends},
4678 qemu-system-ppc,
4679 qemu-system-sparc,
4680 qemu-system-x86,
4681+ qemu-system-s390x,
4682 qemu-system-misc
4683 Description: QEMU full system emulation binaries
4684 QEMU is a fast processor emulator: currently the package supports
4685@@ -195,6 +190,8 @@ Multi-Arch: foreign
4686 Conflicts: sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof,
4687 Replaces: qemu-system-common (<< 1:2.12+dfsg-2~), sgabios,
4688 openbios-sparc, openbios-ppc, qemu-slof, qemu-system-sparc (<< 1:4.2-4~), qemu-system-ppc (<< 1:4.2-4~),
4689+ qemu-system-s390x (<< 1:3.1+dfsg-2ubuntu1~)
4690+Breaks: qemu-system-s390x (<< 1:3.1+dfsg-2ubuntu1~)
4691 Provides: qemu-keymaps, sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof,
4692 Depends: ${misc:Depends}
4693 qemu-system-x86 (= ${binary:Version}) | qemu-system-arm (= ${binary:Version}) | qemu-system-mips (= ${binary:Version}) | qemu-system-ppc (= ${binary:Version}) | qemu-system-sparc (= ${binary:Version}) | qemu-system-misc (= ${binary:Version}) | qemu-system-s390x (= ${binary:Version}) | qemu-system-x86-xen (= ${binary:Version}),
4694@@ -210,7 +207,9 @@ Replaces: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4695 Breaks: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4696 Depends: ${misc:Depends}, ${shlibs:Depends},
4697 qemu-system-x86 (= ${binary:Version}) | qemu-system-arm (= ${binary:Version}) | qemu-system-mips (= ${binary:Version}) | qemu-system-ppc (= ${binary:Version}) | qemu-system-sparc (= ${binary:Version}) | qemu-system-misc (= ${binary:Version}) | qemu-system-s390x (= ${binary:Version}) | qemu-system-x86-xen (= ${binary:Version}),
4698+ qemu-block-extra (= ${binary:Version}),
4699 # to fix wrong acl for newly created device node on ubuntu:
4700+ acl
4701 Description: QEMU full system emulation binaries (common files)
4702 QEMU is a fast processor emulator: currently the package supports
4703 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
4704@@ -262,6 +261,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Ver
4705 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4706 # aarch64 arm uses bootroms
4707 ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~),
4708+ ipxe-qemu-256k-compat-efi-roms,
4709 qemu-efi-aarch64, qemu-efi-arm
4710 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4711 Provides: qemu-kvm [linux-arm64 linux-armhf linux-armel], ${sysprovides:arm}
4712@@ -308,6 +308,7 @@ Multi-Arch: foreign
4713 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4714 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4715 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4716+ ipxe-qemu-256k-compat-efi-roms,
4717 # ppc targets use vgabios-stdvga and bootroms
4718 seabios, ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4719 Provides: qemu-kvm [linux-ppc64 linux-ppc64el linux-powerpc], ${sysprovides:ppc}
4720@@ -352,14 +353,16 @@ Package: qemu-system-x86
4721 Architecture: amd64 arm arm64 armel armhf i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4722 Multi-Arch: foreign
4723 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4724+ ipxe-qemu-256k-compat-efi-roms,
4725 seabios (>= 1.10.2-1~), ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4726 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4727 ovmf,
4728+ cpu-checker
4729 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4730 sgabios,
4731-Provides: qemu-kvm [linux-amd64 linux-i386], ${sysprovides:x86}
4732-Breaks: qemu-kvm [linux-amd64 linux-i386]
4733-Replaces: qemu-kvm [linux-amd64 linux-i386]
4734+Provides: qemu-kvm [linux-amd64 linux-i386], ${sysprovides:x86}, qemu-system-x86-microvm
4735+Breaks: qemu-kvm [linux-amd64 linux-i386], qemu-system-x86-microvm (<< 1:5.0-5ubuntu1~)
4736+Replaces: qemu-kvm [linux-amd64 linux-i386], qemu-system-x86-microvm (<< 1:5.0-5ubuntu1~)
4737 Description: QEMU full system emulation binaries (x86)
4738 QEMU is a fast processor emulator: currently the package supports
4739 i386 and x86-64 emulation. By using dynamic translation it achieves
4740@@ -376,6 +379,16 @@ Description: QEMU full system emulation binaries (x86)
4741 On x86 host hardware this package also enables KVM kernel virtual machine
4742 usage on systems which supports it.
4743
4744+Package: qemu-system-x86-microvm
4745+Architecture: amd64
4746+Multi-Arch: foreign
4747+Section: oldlibs
4748+Depends: qemu-system-x86 (>= 1:5.0-5ubuntu1~), ${misc:Depends}
4749+Description: QEMU full system emulation binaries (x86)
4750+ The microvm binaries are now part of qemu-system-x86.
4751+ .
4752+ This is a transitional package. You can safely remove it.
4753+
4754 Package: qemu-user
4755 Architecture: amd64 arm arm64 armel armhf i386 ia64 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4756 Multi-Arch: foreign
4757@@ -442,8 +455,10 @@ Package: qemu-utils
4758 Architecture: amd64 arm arm64 armel armhf hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4759 Multi-Arch: foreign
4760 Breaks: qemu-system-common (<< 1:3.1+dfsg-3~)
4761-Depends: ${shlibs:Depends}, ${misc:Depends}
4762-Suggests: debootstrap, qemu-block-extra (= ${binary:Version}),
4763+Depends: ${shlibs:Depends}, ${misc:Depends},
4764+ qemu-block-extra (= ${binary:Version})
4765+Recommends: sharutils
4766+Suggests: debootstrap,
4767 Description: QEMU utilities
4768 QEMU is a fast processor emulator: currently the package supports
4769 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
4770@@ -479,3 +494,59 @@ Description: Guest-side qemu-system agent
4771 .
4772 Install this package on a system which is running as guest inside
4773 qemu virtual machine. It is not used on the host.
4774+
4775+Package: qemu-system-s390x
4776+Architecture: amd64 arm arm64 armel armhf hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64
4777+Multi-Arch: foreign
4778+Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4779+Recommends: qemu-utils,
4780+Suggests: qemu-block-extra (= ${binary:Version}),
4781+Provides: qemu-kvm [linux-s390x], ${sysprovides:s390x}
4782+Breaks: qemu-kvm [linux-s390x], qemu-system-misc (<< 1:2.5+dfsg-5ubuntu8~)
4783+Replaces: qemu-kvm [linux-s390x], qemu-system-misc (<< 1:2.5+dfsg-5ubuntu8~)
4784+Description: QEMU full system emulation binaries (s390x)
4785+ QEMU is a fast processor emulator: currently the package supports
4786+ s390x emulation. By using dynamic translation it achieves reasonable
4787+ speed while being easy to port on new host CPUs.
4788+ .
4789+ This package provides the full system emulation binaries to emulate
4790+ the following s390x hardware: ${sysarch:s390x}.
4791+ .
4792+ In system emulation mode QEMU emulates a full system, including a processor
4793+ and various peripherals. It enables easier testing and debugging of system
4794+ code. It can also be used to provide virtual hosting of several virtual
4795+ machines on a single server.
4796+
4797+# xen support generally is disabled, this is an extra build with xen enabled
4798+# as needed by xen-utils-4.11 [amd64 arm64 armhf i386]
4799+# Xen will depend on this; this package and the main qemu-system-x86 are
4800+# mutually exclusive
4801+Package: qemu-system-x86-xen
4802+Architecture: amd64 i386
4803+Multi-Arch: foreign
4804+Depends:
4805+ ${shlibs:Depends},
4806+ ${misc:Depends},
4807+ qemu-system-common (>> ${source:Version}~),
4808+ qemu-system-data (>> ${source:Version}~),
4809+ ipxe-qemu,
4810+Recommends:
4811+ qemu-system-gui (= ${binary:Version}),
4812+ qemu-utils,
4813+ seabios,
4814+Suggests:
4815+ qemu-block-extra (= ${binary:Version}),
4816+ ovmf,
4817+Conflicts: qemu-system-x86
4818+Description: QEMU full system emulation binaries (x86)
4819+ QEMU is a fast processor emulator: currently the package supports
4820+ i386 and x86-64 emulation. By using dynamic translation it achieves
4821+ reasonable speed while being easy to port on new host CPUs.
4822+ .
4823+ This package provides the full system emulation binaries to emulate
4824+ the following x86 hardware: ${sysarch:x86-xen}.
4825+ .
4826+ In comparison to the main qemu-system-x86 this package has xen support
4827+ enabled, but is only maintained as universe package. Qemu with xen support
4828+ is needed to run Xen in HVM mode. For any other use case you should install
4829+ and use qemu-system-x86 instead.
4830diff --git a/debian/control-in b/debian/control-in
4831index c75b1fb..e5b10b6 100644
4832--- a/debian/control-in
4833+++ b/debian/control-in
4834@@ -18,8 +18,8 @@ Build-Depends: debhelper-compat (= 12),
4835 texinfo, python3-sphinx,
4836 # iasl (from acpica-tools) is used only in a single test these days, not for building
4837 # acpica-tools,
4838-# --enable-capstone=system
4839- libcapstone-dev (>> 4.0.2~),
4840+:debian:# --enable-capstone=system
4841+:debian: libcapstone-dev (>> 4.0.2~),
4842 # --enable-linux-aio linux-*
4843 libaio-dev [linux-any],
4844 # --audio-drv-list=pa,alsa,oss linux-*
4845@@ -86,7 +86,7 @@ Build-Depends: debhelper-compat (= 12),
4846 # vde is debian-only since ubuntu/vde2 is in universe
4847 :debian:# --enable-vde
4848 :debian: libvdeplug-dev,
4849-# --enable-xen linux-amd64|linux-i386
4850+:debian:# --enable-xen linux-amd64|linux-i386
4851 libxen-dev [linux-amd64 linux-i386],
4852 # --enable-nettle
4853 nettle-dev,
4854@@ -218,6 +218,7 @@ Replaces: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4855 Breaks: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4856 Depends: ${misc:Depends}, ${shlibs:Depends},
4857 qemu-system-x86 (= ${binary:Version}) | qemu-system-arm (= ${binary:Version}) | qemu-system-mips (= ${binary:Version}) | qemu-system-ppc (= ${binary:Version}) | qemu-system-sparc (= ${binary:Version}) | qemu-system-misc (= ${binary:Version}) | qemu-system-s390x (= ${binary:Version}) | qemu-system-x86-xen (= ${binary:Version}),
4858+:ubuntu: qemu-block-extra (= ${binary:Version}),
4859 # to fix wrong acl for newly created device node on ubuntu:
4860 :ubuntu: acl
4861 Description: QEMU full system emulation binaries (common files)
4862@@ -271,6 +272,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Ver
4863 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4864 # aarch64 arm uses bootroms
4865 ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~),
4866+:ubuntu: ipxe-qemu-256k-compat-efi-roms,
4867 qemu-efi-aarch64, qemu-efi-arm
4868 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4869 Provides: qemu-kvm [linux-arm64 linux-armhf linux-armel], ${sysprovides:arm}
4870@@ -317,6 +319,7 @@ Multi-Arch: foreign
4871 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4872 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4873 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4874+:ubuntu: ipxe-qemu-256k-compat-efi-roms,
4875 # ppc targets use vgabios-stdvga and bootroms
4876 seabios, ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4877 Provides: qemu-kvm [linux-ppc64 linux-ppc64el linux-powerpc], ${sysprovides:ppc}
4878@@ -361,15 +364,16 @@ Package: qemu-system-x86
4879 Architecture: amd64 arm arm64 armel armhf i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4880 Multi-Arch: foreign
4881 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4882+:ubuntu: ipxe-qemu-256k-compat-efi-roms,
4883 seabios (>= 1.10.2-1~), ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4884 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4885 ovmf,
4886 :ubuntu: cpu-checker
4887 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4888 sgabios,
4889-Provides: qemu-kvm [linux-amd64 linux-i386], ${sysprovides:x86}
4890-Breaks: qemu-kvm [linux-amd64 linux-i386]
4891-Replaces: qemu-kvm [linux-amd64 linux-i386]
4892+Provides: qemu-kvm [linux-amd64 linux-i386], ${sysprovides:x86}, qemu-system-x86-microvm
4893+Breaks: qemu-kvm [linux-amd64 linux-i386], qemu-system-x86-microvm (<< 1:5.0-5ubuntu1~)
4894+Replaces: qemu-kvm [linux-amd64 linux-i386], qemu-system-x86-microvm (<< 1:5.0-5ubuntu1~)
4895 Description: QEMU full system emulation binaries (x86)
4896 QEMU is a fast processor emulator: currently the package supports
4897 i386 and x86-64 emulation. By using dynamic translation it achieves
4898@@ -386,6 +390,16 @@ Description: QEMU full system emulation binaries (x86)
4899 On x86 host hardware this package also enables KVM kernel virtual machine
4900 usage on systems which supports it.
4901
4902+Package: qemu-system-x86-microvm
4903+Architecture: amd64
4904+Multi-Arch: foreign
4905+Section: oldlibs
4906+Depends: qemu-system-x86 (>= 1:5.0-5ubuntu1~), ${misc:Depends}
4907+Description: QEMU full system emulation binaries (x86)
4908+ The microvm binaries are now part of qemu-system-x86.
4909+ .
4910+ This is a transitional package. You can safely remove it.
4911+
4912 Package: qemu-user
4913 Architecture: amd64 arm arm64 armel armhf i386 ia64 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4914 Multi-Arch: foreign
4915@@ -452,8 +466,11 @@ Package: qemu-utils
4916 Architecture: amd64 arm arm64 armel armhf hppa i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4917 Multi-Arch: foreign
4918 Breaks: qemu-system-common (<< 1:3.1+dfsg-3~)
4919-Depends: ${shlibs:Depends}, ${misc:Depends}
4920-Suggests: debootstrap, qemu-block-extra (= ${binary:Version}),
4921+Depends: ${shlibs:Depends}, ${misc:Depends},
4922+:ubuntu: qemu-block-extra (= ${binary:Version})
4923+:ubuntu:Recommends: sharutils
4924+Suggests: debootstrap,
4925+:debian: qemu-block-extra (= ${binary:Version}),
4926 Description: QEMU utilities
4927 QEMU is a fast processor emulator: currently the package supports
4928 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
4929@@ -511,3 +528,37 @@ Description: Guest-side qemu-system agent
4930 :ubuntu: and various peripherals. It enables easier testing and debugging of system
4931 :ubuntu: code. It can also be used to provide virtual hosting of several virtual
4932 :ubuntu: machines on a single server.
4933+
4934+:ubuntu:# xen support generally is disabled, this is an extra build with xen enabled
4935+:ubuntu:# as needed by xen-utils-4.11 [amd64 arm64 armhf i386]
4936+:ubuntu:# Xen will depend on this; this package and the main qemu-system-x86 are
4937+:ubuntu:# mutually exclusive
4938+:ubuntu:Package: qemu-system-x86-xen
4939+:ubuntu:Architecture: amd64 i386
4940+:ubuntu:Multi-Arch: foreign
4941+:ubuntu:Depends:
4942+:ubuntu: ${shlibs:Depends},
4943+:ubuntu: ${misc:Depends},
4944+:ubuntu: qemu-system-common (>> ${source:Version}~),
4945+:ubuntu: qemu-system-data (>> ${source:Version}~),
4946+:ubuntu: ipxe-qemu,
4947+:ubuntu:Recommends:
4948+:ubuntu: qemu-system-gui (= ${binary:Version}),
4949+:ubuntu: qemu-utils,
4950+:ubuntu: seabios,
4951+:ubuntu:Suggests:
4952+:ubuntu: qemu-block-extra (= ${binary:Version}),
4953+:ubuntu: ovmf,
4954+:ubuntu:Conflicts: qemu-system-x86
4955+:ubuntu:Description: QEMU full system emulation binaries (x86)
4956+:ubuntu: QEMU is a fast processor emulator: currently the package supports
4957+:ubuntu: i386 and x86-64 emulation. By using dynamic translation it achieves
4958+:ubuntu: reasonable speed while being easy to port on new host CPUs.
4959+:ubuntu: .
4960+:ubuntu: This package provides the full system emulation binaries to emulate
4961+:ubuntu: the following x86 hardware: ${sysarch:x86-xen}.
4962+:ubuntu: .
4963+:ubuntu: In comparison to the main qemu-system-x86 this package has xen support
4964+:ubuntu: enabled, but is only maintained as universe package. Qemu with xen support
4965+:ubuntu: is needed to run Xen in HVM mode. For any other use case you should install
4966+:ubuntu: and use qemu-system-x86 instead.
4967diff --git a/debian/patches/series b/debian/patches/series
4968index 470008c..ff4186f 100644
4969--- a/debian/patches/series
4970+++ b/debian/patches/series
4971@@ -18,3 +18,10 @@ arm_gic-fix-interrupt-ID-in-GICD_SGIR-CVE-2021-20221.patch
4972 virtiofsd-extract-lo_do_open-from-lo_open.patch
4973 virtiofsd-optionally-return-inode-pointer-from-lo_do_lookup.patch
4974 virtiofsd-prevent-opening-of-special-files-CVE-2020-35517.patch
4975+
4976+# ubuntu patches
4977+ubuntu/enable-svm-by-default.patch
4978+ubuntu/define-ubuntu-machine-types.patch
4979+ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
4980+ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch
4981+ubuntu/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch
4982diff --git a/debian/patches/ubuntu/define-ubuntu-machine-types.patch b/debian/patches/ubuntu/define-ubuntu-machine-types.patch
4983new file mode 100644
4984index 0000000..d1f890a
4985--- /dev/null
4986+++ b/debian/patches/ubuntu/define-ubuntu-machine-types.patch
4987@@ -0,0 +1,784 @@
4988+Description: Carry Ubuntu specific machine types
4989+
4990+Since Ubuntu is a downstream of qemu carrying patches it needs custom machine
4991+types to be able to identify and manage the delta that might affect machine
4992+types.
4993+
4994+This is an important piece to keep cross release migration supported for any
4995+downstream.
4996+
4997+Since the p->t transition these types are mostly stable copies of the upstream
4998+type (in the past this was more unstable upstream, so there was more delta),
4999+but they need to stay specific to reflect the delta we have. And even more so
5000+to have something to base off for affecting SRU changes.
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches