Ubuntu
qemu package

Merge ~paelzer/ubuntu/+source/qemu:merge-6.0-2exp-impish into ubuntu/+source/qemu:debian/experimental

  1. Git
  2. lp:~paelzer/ubuntu/+source/qemu
  3. merge-6.0-2exp-impish
  4. Merge into debian/experimental
Proposed by Christian Ehrhardt 
Status: Merged
Approved by: Christian Ehrhardt 
Approved revision: 5abe35755e418d2d9afe6f28ed51872e47a874a9
Merge reported by: Bryce Harrington
Merged at revision: 5abe35755e418d2d9afe6f28ed51872e47a874a9
Proposed branch: ~paelzer/ubuntu/+source/qemu:merge-6.0-2exp-impish
Merge into: ubuntu/+source/qemu:debian/experimental
Diff against target: 6906 lines (+6195/-31)
19 files modified
debian/changelog (+4528/-4)
debian/control (+87/-19)
debian/control-in (+56/-6)
debian/optionrom.mak (+1/-1)
debian/patches/series (+8/-0)
debian/patches/ubuntu/avoid-fcf-clashing-with-i486.patch (+23/-0)
debian/patches/ubuntu/define-ubuntu-machine-types.patch (+823/-0)
debian/patches/ubuntu/enable-svm-by-default.patch (+34/-0)
debian/patches/ubuntu/lp-1929926-target-s390x-Fix-translation-exception-on-illegal-in.patch (+101/-0)
debian/patches/ubuntu/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch (+119/-0)
debian/patches/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch (+62/-0)
debian/qemu-block-extra.postinst (+59/-0)
debian/qemu-kvm-init (+89/-0)
debian/qemu-system-common.install (+1/-0)
debian/qemu-system-common.qemu-kvm.default (+8/-0)
debian/qemu-system-common.qemu-kvm.service (+16/-0)
debian/qemu-system-x86.NEWS (+80/-0)
debian/qemu-system-x86.README.Debian (+47/-0)
debian/rules (+53/-1)
Reviewer Review Type Date Requested Status
Christian Ehrhardt  (community) Approve
Canonical Server Pending
Review via email: mp+407157@code.launchpad.net

This proposal supersedes a proposal from 2021-08-16.

To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

PPA: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4644

I had to fix an FTBFS, on s390x that was no problem and there tests looked good already.
I'll retest new qemu and libvirt once all built, but we should try to get the review completed to not get into trouble with the feature freeze.

Debian merged plenty of our changes in this last version as the qemu repo has a way to keep ubuntu-only changes in salsa without a conflict - that I was able to drop. Furthermore I have submitted more of them as requested by the Debian maintainer (https://salsa.debian.org/qemu-team/qemu/-/merge_requests/25).

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

\o/ - With the latest addition of the fix for 1940288 also backward migrations are working now.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

No one in the team found the time, but it was reviewed piece by piece in my work with mjt in Debian, uploading now to meet FF.
It was tested many many times - hopefully not too much was missed.

I accidentally deleted the x86 logs already, but here s390x for some logging
prep (s390x) : Pass 20 F/S/N 0/0/0 - RC 0 (10 min 27470 lin)
migrate (s390x) : Pass 260 F/S/N 0/5/0 - RC 0 (70 min 160610 lin)
cross (s390x) : Pass 46 F/S/N 0/0/1 - RC 0 (50 min 66298 lin)
misc (s390x) : Pass 67 F/S/N 0/0/0 - RC 0 (25 min 33123 lin)

review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

To ssh://git.launchpad.net/~usd-import-team/ubuntu/+source/qemu
 * [new tag] upload/1%6.0+dfsg-2expubuntu1 -> upload/1%6.0+dfsg-2expubuntu1

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading qemu_6.0+dfsg-2expubuntu1.dsc: done.
  Uploading qemu_6.0+dfsg-2expubuntu1.debian.tar.xz: done.
  Uploading qemu_6.0+dfsg-2expubuntu1_source.buildinfo: done.
  Uploading qemu_6.0+dfsg-2expubuntu1_source.changes: done.
Successfully uploaded packages.

Revision history for this message
Bryce Harrington (bryce) wrote :

This has migrated successfully

  - Source Package: qemu
  - Current Version: 1:6.0+dfsg-2expubuntu1
  - Proposed Version: None
  - Old Version: tbd
  - New Version: 1:6.0+dfsg-2expubuntu1
  - Migrated: True
  - Requester: Christian Ehrhardt 

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 921eae4..5d2dcc8 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,69 @@
6+qemu (1:6.0+dfsg-2expubuntu1) impish; urgency=medium
7+
8+ * Merge with Debian experimental, remaining changes:
9+ - qemu-kvm to systemd unit
10+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
11+ hugepages and architecture specifics
12+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
13+ qemu-kvm-init
14+ - d/qemu-system-common.install: install helper script
15+ - d/qemu-system-common.qemu-kvm.default: defaults for
16+ /etc/default/qemu-kvm
17+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
18+ - Distribution specific machine type
19+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
20+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
21+ types containing release versioned machine attributes
22+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
23+ for host-phys-bits=true
24+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
25+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
26+ - Enable nesting by default
27+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
28+ in qemu64 on amd
29+ [ No more strictly needed, but required for backward compatibility ]
30+ - improved dependencies
31+ - Make qemu-system-common depend on qemu-block-extra
32+ - Make qemu-utils depend on qemu-block-extra
33+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
34+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
35+ reference 256k path
36+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
37+ handle incoming migrations from former releases.
38+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
39+ - d/control*, d/rules: disable xen by default, but provide universe
40+ package qemu-system-x86-xen as alternative
41+ [includes compat links changes of 5.0-5ubuntu4]
42+ - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
43+ - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
44+ for v6.0
45+ - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926)
46+ - Ease the use of module retention on upgrades (LP 1913421)
47+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
48+ * Dropped Changes [in 1:6.0+dfsg-2exp]:
49+ - d/control-in: Disable capstone disassembler library support (universe)
50+ - Disable fuse export (universe dependency)
51+ - Ease the use of module retention on upgrades (LP 1913421)
52+ - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
53+ - d/rules: only save modules if /run/qemu isn't noexec
54+ - d/rules: clear all (current and former) modules on purge
55+ - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
56+ upgrade issues (LP 1932264)
57+ - Enable SDL as secondary UI backend (LP 1256185)
58+ - d/control: add build dependency libsdl2-dev
59+ - d/control: enable sdl graphics on build
60+ - d/qemu-system-gui.install: add ui-sdl.so
61+ - d/control: add runtime dependency to libgl1
62+ * Dropped Changes [no more needed]
63+ - let qemu-utils recommend sharutils
64+ * Added changes:
65+ - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
66+ -fcf-protection being unavailble on -march=i486 (LP: #1940029)
67+ - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931
68+ and 3932 machines (LP: #1932175)
69+
70+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 12 Aug 2021 15:35:12 +0200
71+
72 qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
73
74 [ Christian Ehrhardt ]
75@@ -35,6 +101,104 @@ qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
76
77 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 21 Jul 2021 19:43:37 +0300
78
79+qemu (1:6.0+dfsg-1~ubuntu3) impish; urgency=medium
80+
81+ * d/p/u/lp-1935617-target-ppc-Fix-load-endianness-for-lxvwsx-lxvdsx.patch:
82+ fix TCG emulation for ppc64 (LP: #1935617)
83+
84+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 13 Jul 2021 09:34:55 +0200
85+
86+qemu (1:6.0+dfsg-1~ubuntu2) impish; urgency=medium
87+
88+ * d/control: remove fuse2 trial-build (LP 1934510)
89+
90+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 07 Jul 2021 10:26:08 +0200
91+
92+qemu (1:6.0+dfsg-1~ubuntu1) impish; urgency=medium
93+
94+ * Merge with Debian experimental, Among many other things this fixes LP Bugs:
95+ (LP: #1907952) broken arrow keys in -display gtk on aarch64
96+ - qemu-kvm to systemd unit
97+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
98+ hugepages and architecture specifics
99+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
100+ qemu-kvm-init
101+ - d/qemu-system-common.install: install helper script
102+ - d/qemu-system-common.qemu-kvm.default: defaults for
103+ /etc/default/qemu-kvm
104+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
105+ - Distribution specific machine type
106+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
107+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
108+ types containing release versioned machine attributes
109+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
110+ for host-phys-bits=true
111+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
112+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
113+ - Enable nesting by default
114+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
115+ in qemu64 on amd
116+ [ No more strictly needed, but required for backward compatibility ]
117+ - improved dependencies
118+ - Make qemu-system-common depend on qemu-block-extra
119+ - Make qemu-utils depend on qemu-block-extra
120+ - Let qemu-utils recommend sharutils
121+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
122+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
123+ reference 256k path
124+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
125+ handle incoming migrations from former releases.
126+ - d/control-in: Disable capstone disassembler library support (universe)
127+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
128+ - d/control*, d/rules: disable xen by default, but provide universe
129+ package qemu-system-x86-xen as alternative
130+ [includes compat links changes of 5.0-5ubuntu4]
131+ - Fix upgrade module handling (LP 1905377)
132+ --enable-module-upgrades for qemu-xen which doesn't exist in Debian
133+ * Dropped Changes [in 6.0]:
134+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
135+ ld usage of -no-pie (LP 1907789)
136+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
137+ virtio-9p-ccw being missing (LP 1916230)
138+ - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
139+ to glib2.0 >=2.67.3 (LP 1916705)
140+ - d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
141+ on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
142+ (LP 1921754)
143+ - d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
144+ (LP 1921880)
145+ - d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre*:
146+ fix go in qemu-s390x-static (LP 1922010)
147+ * Dropped Changes [in Debian]:
148+ - Allow qemu to load old modules post upgrade (LP 1847361)
149+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
150+ - d/rules: Drop generating package version into maintainer scripts
151+ * Dropped Changes [No more needed >21.04]:
152+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
153+ the bad old prerm (LP 1906245 1905377)
154+ * Added Changes
155+ - Disable fuse export (universe dependency)
156+ - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
157+ - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
158+ for v6.0
159+ - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP: #1929926)
160+ - Ease the use of module retention on upgrades (LP: #1913421)
161+ - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
162+ - d/rules: only save modules if /run/qemu isn't noexec
163+ - d/rules: clear all (current and former) modules on purge
164+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
165+ - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
166+ upgrade issues (LP: #1932264)
167+ - Enable SDL as secondary UI backend (LP: #1256185)
168+ - d/control: add build dependency libsdl2-dev
169+ - d/control: enable sdl graphics on build
170+ - d/qemu-system-gui.install: add ui-sdl.so
171+ - d/control: add runtime dependency to libgl1
172+ - d/rules: qemu-system-x86-xen builds modules as well now (follows the
173+ other packages)
174+
175+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 15 Jun 2021 12:41:33 +0200
176+
177 qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium
178
179 * new upstream release
180@@ -67,6 +231,75 @@ qemu (1:5.2+dfsg-10) unstable; urgency=medium
181
182 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 16 Apr 2021 12:43:36 +0300
183
184+qemu (1:5.2+dfsg-9ubuntu3) hirsute; urgency=medium
185+
186+ * d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
187+ on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
188+ (LP: #1921754)
189+ * d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
190+ (LP: #1921880)
191+
192+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 07 Apr 2021 11:58:29 +0200
193+
194+qemu (1:5.2+dfsg-9ubuntu2) hirsute; urgency=medium
195+
196+ * d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre.patch:
197+ fix go in qemu-s390x-static (LP: #1922010)
198+
199+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 31 Mar 2021 10:01:40 +0200
200+
201+qemu (1:5.2+dfsg-9ubuntu1) hirsute; urgency=medium
202+
203+ * Merge with Debian unstable; Remaining changes:
204+ - qemu-kvm to systemd unit
205+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
206+ hugepages and architecture specifics
207+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
208+ qemu-kvm-init
209+ - d/qemu-system-common.install: install helper script
210+ - d/qemu-system-common.qemu-kvm.default: defaults for
211+ /etc/default/qemu-kvm
212+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
213+ - Distribution specific machine type (LP: 1304107 1621042)
214+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
215+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
216+ for host-phys-bits=true (LP: 1776189)
217+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
218+ - provide pseries-bionic-2.11-sxxm type as convenience with all
219+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
220+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
221+ - Enable nesting by default
222+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
223+ in qemu64 on amd
224+ [ No more strictly needed, but required for backward compatibility ]
225+ - improved dependencies
226+ - Make qemu-system-common depend on qemu-block-extra
227+ - Make qemu-utils depend on qemu-block-extra
228+ - let qemu-utils recommend sharutils
229+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
230+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
231+ reference 256k path
232+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
233+ handle incoming migrations from former releases.
234+ - d/control-in: Disable capstone disassembler library support (universe)
235+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
236+ - d/control*, d/rules: disable xen by default, but provide universe
237+ package qemu-system-x86-xen as alternative
238+ [includes compat links changes of 5.0-5ubuntu4]
239+ - allow qemu to load old modules post upgrade (LP 1847361)
240+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
241+ - d/rules: Drop generating package version into maintainer scripts
242+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
243+ the bad old prerm (LP 1906245 1905377)
244+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
245+ ld usage of -no-pie (LP 1907789)
246+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
247+ virtio-9p-ccw being missing (LP 1916230)
248+ - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
249+ to glib2.0 >=2.67.3 (LP 1916705)
250+
251+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 18 Mar 2021 11:13:49 +0100
252+
253 qemu (1:5.2+dfsg-9) unstable; urgency=medium
254
255 * do not make qemu-system-data dependent on qemu-system-foo
256@@ -106,6 +339,66 @@ qemu (1:5.2+dfsg-7) unstable; urgency=high
257
258 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Mar 2021 11:32:54 +0300
259
260+qemu (1:5.2+dfsg-6ubuntu2) hirsute; urgency=medium
261+
262+ * d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
263+ to glib2.0 >=2.67.3 (LP: #1916705)
264+
265+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 24 Feb 2021 08:39:09 +0100
266+
267+qemu (1:5.2+dfsg-6ubuntu1) hirsute; urgency=medium
268+
269+ * Merge with Debian unstable, includes fixes for
270+ - build operates differently if source is a git repo (LP: #1887535)
271+ Remaining changes:
272+ - qemu-kvm to systemd unit
273+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
274+ hugepages and architecture specifics
275+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
276+ qemu-kvm-init
277+ - d/qemu-system-common.install: install helper script
278+ - d/qemu-system-common.qemu-kvm.default: defaults for
279+ /etc/default/qemu-kvm
280+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
281+ - Distribution specific machine type (LP: 1304107 1621042)
282+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
283+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
284+ for host-phys-bits=true (LP: 1776189)
285+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
286+ - provide pseries-bionic-2.11-sxxm type as convenience with all
287+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
288+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
289+ - Enable nesting by default
290+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
291+ in qemu64 on amd
292+ [ No more strictly needed, but required for backward compatibility ]
293+ - improved dependencies
294+ - Make qemu-system-common depend on qemu-block-extra
295+ - Make qemu-utils depend on qemu-block-extra
296+ - let qemu-utils recommend sharutils
297+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
298+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
299+ reference 256k path
300+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
301+ handle incoming migrations from former releases.
302+ - d/control-in: Disable capstone disassembler library support (universe)
303+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
304+ - d/control*, d/rules: disable xen by default, but provide universe
305+ package qemu-system-x86-xen as alternative
306+ [includes compat links changes of 5.0-5ubuntu4]
307+ - allow qemu to load old modules post upgrade (LP 1847361)
308+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
309+ - d/rules: Drop generating package version into maintainer scripts
310+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
311+ the bad old prerm (LP 1906245 1905377)
312+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
313+ ld usage of -no-pie (LP 1907789)
314+ * Added changes
315+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
316+ virtio-9p-ccw being missing (LP: #1916230)
317+
318+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Feb 2021 11:40:36 +0100
319+
320 qemu (1:5.2+dfsg-6) unstable; urgency=medium
321
322 * deprecate qemu-debootstrap. It is not needed anymore with
323@@ -158,6 +451,64 @@ qemu (1:5.2+dfsg-4) unstable; urgency=medium
324
325 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Feb 2021 16:52:10 +0300
326
327+qemu (1:5.2+dfsg-3ubuntu2) hirsute; urgency=medium
328+
329+ * No change rebuild to pick up liburing. (LP: #1914145)
330+
331+ -- Mauricio Faria de Oliveira <mfo@canonical.com> Wed, 03 Feb 2021 19:44:54 -0300
332+
333+qemu (1:5.2+dfsg-3ubuntu1) hirsute; urgency=medium
334+
335+ * Merge with Debian unstable, includes fixes for
336+ - qemu-user-static are partially dynamically linked (LP: #1908331)
337+ - qemu crashing when using spice without qemu-system-gui being
338+ installed (LP: #1908577)
339+ Remaining changes:
340+ - qemu-kvm to systemd unit
341+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
342+ hugepages and architecture specifics
343+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
344+ qemu-kvm-init
345+ - d/qemu-system-common.install: install helper script
346+ - d/qemu-system-common.qemu-kvm.default: defaults for
347+ /etc/default/qemu-kvm
348+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
349+ - Distribution specific machine type (LP: 1304107 1621042)
350+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
351+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
352+ for host-phys-bits=true (LP: 1776189)
353+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
354+ - provide pseries-bionic-2.11-sxxm type as convenience with all
355+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
356+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
357+ - Enable nesting by default
358+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
359+ in qemu64 on amd
360+ [ No more strictly needed, but required for backward compatibility ]
361+ - improved dependencies
362+ - Make qemu-system-common depend on qemu-block-extra
363+ - Make qemu-utils depend on qemu-block-extra
364+ - let qemu-utils recommend sharutils
365+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
366+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
367+ reference 256k path
368+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
369+ handle incoming migrations from former releases.
370+ - d/control-in: Disable capstone disassembler library support (universe)
371+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
372+ - d/control*, d/rules: disable xen by default, but provide universe
373+ package qemu-system-x86-xen as alternative
374+ [includes compat links changes of 5.0-5ubuntu4]
375+ - allow qemu to load old modules post upgrade (LP 1847361)
376+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
377+ - d/rules: Drop generating package version into maintainer scripts
378+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
379+ the bad old prerm (LP 1906245 1905377)
380+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
381+ ld usage of -no-pie (LP 1907789)
382+
383+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jan 2021 12:43:42 +0100
384+
385 qemu (1:5.2+dfsg-3) unstable; urgency=medium
386
387 [ Christian Ehrhardt ]
388@@ -174,6 +525,64 @@ qemu (1:5.2+dfsg-3) unstable; urgency=medium
389
390 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 29 Dec 2020 15:07:03 +0300
391
392+qemu (1:5.2+dfsg-2ubuntu1) hirsute; urgency=medium
393+
394+ * Merge with Debian unstable
395+ - includes fix for CVE-2020-17380
396+ - includes a fix for s390x PCI device reset (LP: #1907656)
397+ Remaining changes:
398+ - qemu-kvm to systemd unit
399+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
400+ hugepages and architecture specifics
401+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
402+ qemu-kvm-init
403+ - d/qemu-system-common.install: install helper script
404+ - d/qemu-system-common.qemu-kvm.default: defaults for
405+ /etc/default/qemu-kvm
406+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
407+ - Distribution specific machine type (LP: 1304107 1621042)
408+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
409+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
410+ for host-phys-bits=true (LP: 1776189)
411+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
412+ - provide pseries-bionic-2.11-sxxm type as convenience with all
413+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
414+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
415+ - Enable nesting by default
416+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
417+ in qemu64 on amd
418+ [ No more strictly needed, but required for backward compatibility ]
419+ - improved dependencies
420+ - Make qemu-system-common depend on qemu-block-extra
421+ - Make qemu-utils depend on qemu-block-extra
422+ - let qemu-utils recommend sharutils
423+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
424+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
425+ reference 256k path
426+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
427+ handle incoming migrations from former releases.
428+ - d/control-in: Disable capstone disassembler library support (universe)
429+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
430+ - d/control*, d/rules: disable xen by default, but provide universe
431+ package qemu-system-x86-xen as alternative
432+ [includes compat links changes of 5.0-5ubuntu4]
433+ - allow qemu to load old modules post upgrade (LP 1847361)
434+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
435+ - d/rules: Drop generating package version into maintainer scripts
436+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
437+ the bad old prerm (LP 1906245 1905377)
438+ * Dropped Changes:
439+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
440+ resolved in gcc-10 (LP: 1890435) [it is flaky still, but no more 100%
441+ fails]
442+ * Added Changes:
443+ - Refreshed ubuntu machine types for hirsute@5.2
444+ - d/control: regenerated from d/control-in
445+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
446+ ld usage of -no-pie (LP: #1907789)
447+
448+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Dec 2020 16:44:47 +0100
449+
450 qemu (1:5.2+dfsg-2) unstable; urgency=medium
451
452 * move ui-opengl.so module from qemu-system-gui to qemu-system-common,
453@@ -219,6 +628,153 @@ qemu (1:5.2+dfsg-1) unstable; urgency=medium
454
455 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 09 Dec 2020 08:57:41 +0300
456
457+qemu (1:5.1+dfsg-4ubuntu3) hirsute; urgency=medium
458+
459+ * d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
460+ the bad old prerm (LP: #1906245)
461+
462+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 30 Nov 2020 12:53:03 +0100
463+
464+qemu (1:5.1+dfsg-4ubuntu2) hirsute; urgency=medium
465+
466+ * Fix upgrade module handling (LP: #1905377)
467+ This was accetped in a slightly different form in qemu_5.0-6 and therefore
468+ allows to drop some former delta that is now conflicting.
469+ Ubuntu still keeps enabling --enable-module-upgrades, but only for
470+ qemu-xen which doesn't exist in Debian
471+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
472+ - d/rules: Drop generating package version into maintainer scripts
473+
474+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Nov 2020 11:16:01 +0100
475+
476+qemu (1:5.1+dfsg-4ubuntu1) hirsute; urgency=medium
477+
478+ * Merge with Debian testing, remaining changes:
479+ Fixes qemu-arm-static Assertion `guest_base != 0' failed (LP: #1897854)
480+ - qemu-kvm to systemd unit
481+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
482+ hugepages and architecture specifics
483+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
484+ qemu-kvm-init
485+ - d/qemu-system-common.install: install helper script
486+ - d/qemu-system-common.qemu-kvm.default: defaults for
487+ /etc/default/qemu-kvm
488+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
489+ - Distribution specific machine type (LP: 1304107 1621042)
490+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
491+ types
492+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
493+ for host-phys-bits=true (LP: 1776189)
494+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
495+ - provide pseries-bionic-2.11-sxxm type as convenience with all
496+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
497+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
498+ - Enable nesting by default
499+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
500+ in qemu64 on amd
501+ [ No more strictly needed, but required for backward compatibility ]
502+ - improved dependencies
503+ - Make qemu-system-common depend on qemu-block-extra
504+ - Make qemu-utils depend on qemu-block-extra
505+ - let qemu-utils recommend sharutils
506+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
507+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
508+ reference 256k path
509+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
510+ handle incoming migrations from former releases.
511+ - d/control-in: Disable capstone disassembler library support (universe)
512+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
513+ - d/control*, d/rules: disable xen by default, but provide universe
514+ package qemu-system-x86-xen as alternative
515+ [includes compat links changes of 5.0-5ubuntu4]
516+ - allow qemu to load old modules post upgrade (LP 1847361)
517+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
518+ upgrade
519+ - d/rules: generate maintainer scripts matching package version on build
520+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
521+ - d/control: regenerate debian/control out of control-in
522+ * Dropped changes [in Debian or no more needed]
523+ - d/control-in: disable pmem on ppc64 as it is currently considered
524+ experimental on that architecture (pmdk v1.8-1)
525+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
526+ - d/rules: report config log from the correct subdir
527+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
528+ - Pick further changes for groovy from debian/master since 5.0-5
529+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
530+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_...patch
531+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
532+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
533+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
534+ - megasas-fix-possible-out-of-bounds-array-access.patch
535+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
536+ - es1370-check-total-frame-count-against-current-...-CVE-2020-13361.patch
537+ - a few patches from the stable series:
538+ - fix-tulip-breakage.patch
539+ - 9p-lock-directory-streams-with-a-CoMutex.patch
540+ Prevent deadlocks in 9pfs readdir code
541+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
542+ Fix newline accidentally sneaked into id string of a nic
543+ - qemu-nbd-close-inherited-stderr.patch
544+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
545+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
546+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
547+ - acpi-tmr-allow-2-byte-reads.patch
548+ - reapply CVE-2020-13253 fixes from upstream
549+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
550+ - linux-user-add-netlink-RTM_SETLINK-command.patch
551+ - d/control: since qemu-system-data now contains module(s),
552+ it can't be multi-arch. Ditto for qemu-block-extra.
553+ - qemu-system-foo: depend on exact version of qemu-system-data,
554+ due to the latter having modules
555+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch'
556+ This is another incarnation of the recent bugfix which actually enabled
557+ memory access constraints, like #964247
558+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
559+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
560+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
561+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
562+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
563+ - do not install outdated (0.12 and before) Changelog
564+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
565+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
566+ Closes: CVE-2020-15863
567+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
568+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
569+ another fix for revert-memory-accept-.. CVE-2020-13754
570+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
571+ - d/control-in: build-dep libcap is no more needed
572+ - arch aware kvm wrappers
573+ [upstream now automatically enables KVM if available and called with
574+ kvm* name, provides KVM as before but with auto-fallback to tcg.
575+ Former behavior of KVM-or-die can be achieved via -machine accel=kvm ]
576+ * Dropped changes [upstream now]
577+ - d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
578+ setup_len
579+ - d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP 1887930)
580+ - d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP 1894942)
581+ - d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
582+ from vfio-ccw (LP 1887935)
583+ - fix qemu-user-static initialization to allow executing systemd (LP 1890881)
584+ - fix assertion failue in net_tx_pkt_add_raw_fragment (LP 1891187)
585+ - d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
586+ SQXBR (LP 1883984)
587+ - d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP 1890154)
588+ - d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
589+ environments (LP 1887763)
590+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
591+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
592+ crashes it on shutdown (LP 1878973)
593+ - update d/p/ubuntu/lp-1835546-* to the final versions
594+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
595+ FTBFS in groovy
596+ * Added Changes:
597+ - update ubuntu machine types for hirsute@5.1
598+ - d/control: regenerated from d/control-in
599+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
600+ resolved in gcc-10 (LP: 1890435)
601+
602+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 29 Oct 2020 12:37:31 +0100
603+
604 qemu (1:5.1+dfsg-4) unstable; urgency=high
605
606 * mention closing of CVE-2020-16092 by 5.1
607@@ -237,7 +793,7 @@ qemu (1:5.1+dfsg-3) unstable; urgency=medium
608
609 qemu (1:5.1+dfsg-2) unstable; urgency=medium
610
611- * fix brown-paper bag bug in last upload
612+ * fix brown-paper bag bug in last upload
613
614 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 17 Aug 2020 20:58:52 +0300
615
616@@ -460,6 +1016,298 @@ qemu (1:5.0-6) unstable; urgency=medium
617
618 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 03 Jul 2020 18:24:48 +0300
619
620+qemu (1:5.0-5ubuntu11) hirsute; urgency=medium
621+
622+ * d/p/ubuntu/define-ubuntu-machine-types.patch: update to fix 15.04 wily
623+ machine type to match how it originally was released (LP: #1902654)
624+
625+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Nov 2020 08:19:07 +0100
626+
627+qemu (1:5.0-5ubuntu10) hirsute; urgency=medium
628+
629+ * No-change rebuild for brltty soname change.
630+
631+ -- Matthias Klose <doko@ubuntu.com> Mon, 02 Nov 2020 16:59:33 +0100
632+
633+qemu (1:5.0-5ubuntu9) groovy; urgency=medium
634+
635+ * d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
636+ setup_len
637+ CVE-2020-14364
638+
639+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 22 Sep 2020 16:53:18 +0200
640+
641+qemu (1:5.0-5ubuntu8) groovy; urgency=medium
642+
643+ * d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP: #1887930)
644+
645+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 14 Sep 2020 08:23:49 +0200
646+
647+qemu (1:5.0-5ubuntu7) groovy; urgency=medium
648+
649+ * d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP: #1894942)
650+
651+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Sep 2020 08:47:12 +0200
652+
653+qemu (1:5.0-5ubuntu6) groovy; urgency=medium
654+
655+ * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
656+ from vfio-ccw (LP: #1887935)
657+
658+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Aug 2020 11:09:12 +0200
659+
660+qemu (1:5.0-5ubuntu5) groovy; urgency=medium
661+
662+ * fix qemu-user-static initialization to allow executing systemd
663+ (LP: #1890881)
664+ - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch
665+ - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch
666+ - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch
667+ - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch
668+ - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch
669+ - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch
670+ * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187)
671+ CVE-2020-16092
672+ - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch
673+
674+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 19 Aug 2020 07:19:42 +0200
675+
676+qemu (1:5.0-5ubuntu4) groovy; urgency=medium
677+
678+ * xen: provide compat links to what libxen-dev reports where to find
679+ the binaries (LP: #1890005)
680+ * d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
681+ SQXBR (LP: #1883984)
682+ * d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP: #1890154)
683+
684+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 03 Aug 2020 07:15:28 +0200
685+
686+qemu (1:5.0-5ubuntu3) groovy; urgency=medium
687+
688+ * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
689+ environments (LP: #1887763)
690+ * Pick further changes for groovy from debian/master since 5.0-5
691+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
692+ Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger
693+ infinite recursion via a crafted mm_index value during
694+ ati_mm_read or ati_mm_write call.
695+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch
696+ Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu
697+ devices which uses min_access_size and max_access_size Memory API fields.
698+ Also closes: CVE-2020-13791
699+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
700+ CVE-2020-13659: address_space_map in exec.c can trigger
701+ a NULL pointer dereference related to BounceBuffer
702+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
703+ Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c
704+ has an OOB read via a crafted reply_queue_head field from a guest OS user
705+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
706+ fix other possible cases like in CVE-2020-13362 (#961887)
707+ - megasas-fix-possible-out-of-bounds-array-access.patch
708+ Some tracepoints use a guest-controlled value as an index into the
709+ mfi_frame_desc[] array. Thus a malicious guest could cause a very low
710+ impact OOB errors here
711+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
712+ Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server.
713+ This flaw occurs when an nbd-client sends a spec-compliant request that is
714+ near the boundary of maximum permitted request length. A remote nbd-client
715+ could use this flaw to crash the qemu-nbd server resulting in a DoS.
716+ - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch
717+ Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not
718+ properly validate the frame count, which allows guest OS users to trigger
719+ an out-of-bounds access during an es1370_write() operation
720+ - a few patches from the stable series:
721+ - fix-tulip-breakage.patch
722+ The tulip network driver in a qemu-system-hppa emulation is broken in
723+ the sense that bigger network packages aren't received any longer and
724+ thus even running e.g. "apt update" inside the VM fails. Fix this.
725+ - 9p-lock-directory-streams-with-a-CoMutex.patch
726+ Prevent deadlocks in 9pfs readdir code
727+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
728+ Fix newline accidentally sneaked into id string of a nic
729+ - qemu-nbd-close-inherited-stderr.patch
730+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
731+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
732+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
733+ - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247)
734+ - reapply CVE-2020-13253 fixed from upstream:
735+ sdcard-simplify-realize-a-bit.patch (preparation for the next patch)
736+ sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253)
737+ sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational)
738+ sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch
739+ Closes: #961297, CVE-2020-13253
740+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
741+ (Closes: #965109)
742+ - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289)
743+ - d/control: since qemu-system-data now contains module(s),
744+ it can't be multi-arch. Ditto for qemu-block-extra.
745+ - qemu-system-foo: depend on exact version of qemu-system-data,
746+ due to the latter having modules
747+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793)
748+ This is another incarnation of the recent bugfix which actually enabled
749+ memory access constraints, like #964247
750+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
751+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
752+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
753+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
754+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
755+ - do not install outdated (0.12 and before) Changelog (Closes: #965381)
756+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
757+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
758+ Closes: CVE-2020-15863
759+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
760+ List of patches:
761+ sm501-convert-printf-abort-to-qemu_log_mask.patch
762+ sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
763+ sm501-use-BIT-macro-to-shorten-constant.patch
764+ sm501-clean-up-local-variables-in-sm501_2d_operation.patch
765+ sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
766+ Closes: #961451, CVE-2020-12829
767+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
768+ another fix for revert-memory-accept-.. CVE-2020-13754
769+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
770+
771+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 Jul 2020 13:21:31 +0200
772+
773+qemu (1:5.0-5ubuntu2) groovy; urgency=medium
774+
775+ * No change rebuild against new libnettle8 and libhogweed6 ABI.
776+
777+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 29 Jun 2020 22:32:55 +0100
778+
779+qemu (1:5.0-5ubuntu1) groovy; urgency=medium
780+
781+ * Merge with Debian testing (LP: #1749393), remaining changes:
782+ - qemu-kvm to systemd unit
783+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
784+ hugepages and architecture specifics
785+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
786+ qemu-kvm-init
787+ - d/qemu-system-common.install: install helper script
788+ - d/qemu-system-common.qemu-kvm.default: defaults for
789+ /etc/default/qemu-kvm
790+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
791+ - Distribution specific machine type (LP: 1304107 1621042)
792+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
793+ types
794+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
795+ for host-phys-bits=true (LP: 1776189)
796+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
797+ - provide pseries-bionic-2.11-sxxm type as convenience with all
798+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
799+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
800+ - Enable nesting by default
801+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
802+ in qemu64 on amd
803+ [ No more strictly needed, but required for backward compatibility ]
804+ - improved dependencies
805+ - Make qemu-system-common depend on qemu-block-extra
806+ - Make qemu-utils depend on qemu-block-extra
807+ - let qemu-utils recommend sharutils
808+ - arch aware kvm wrappers
809+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
810+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
811+ reference 256k path
812+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
813+ handle incoming migrations from former releases.
814+ - d/control-in: Disable capstone disassembler library support (universe)
815+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
816+ - d/control*, d/rules: disable xen by default, but provide universe
817+ package qemu-system-x86-xen as alternative
818+ [includes --disable-xen for user-static builds]
819+ - d/control-in: disable pmem on ppc64 as it is currently considered
820+ experimental on that architecture (pmdk v1.8-1)
821+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
822+ - d/rules: report config log from the correct subdir
823+ - allow qemu to load old modules post upgrade (LP 1847361)
824+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
825+ upgrade
826+ - d/rules: generate maintainer scripts matching package version on build
827+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
828+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
829+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
830+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
831+ crashes it on shutdown (LP 1878973)
832+ * Dropped changes (no more needed)
833+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
834+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
835+ in qemu64 cpu type.
836+ - d/control: avoid upgrade issues triggered by moving ivshmem tools after
837+ Debian. Fixed by bumping the related Breaks/Replaces to the
838+ Version Ubuntu introduced the change (LP 1862287)
839+ * Dropped changes (in Debian)
840+ - improved s390x support
841+ - d/binfmt-update-in: fix binfmt being called in some containers
842+ (LP 1840956)
843+ - qemu-system-x86-microvm package
844+ In addition to the generic multi-purpose qemu also provide a minimal
845+ feature binary that is loading faster for use cases with microvm machine
846+ type and qboot bios
847+ - d/control-in: add a new qemu-system-x86-microvm package
848+ - d/rules: add an extra config/build step to get the minimal qemu
849+ - Security and packaging fixes (LP 1872937)
850+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
851+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
852+ CVE-2020-10702
853+ CVE-2020-11102
854+ - fix external spice UI
855+ + install ui-spice-app.so in qemu-system-common
856+ + install ui-spice-app.so only if built, spice is optional
857+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
858+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
859+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
860+ - enable riscv build (LP 1872931)
861+ [ changes picked from Debian ]
862+ - enable support for riscv64 hosts
863+ - only enable librbd on architectures where it is built
864+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
865+ depends on the former
866+ - seccomp grew up, no need in versioned build-dep
867+ - enable seccomp only on architectures where it can be built
868+ * Dropped changes (upstream)
869+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
870+ (LP 1857033)
871+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
872+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
873+ vhost-user-gpu
874+ - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
875+ avoid unnecessary IOTLB transactions (LP 1866207)
876+ - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
877+ patches @qemu-stable (LP 1867519)
878+ - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
879+ to avoid broken nesting (LP 1868692)
880+ - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
881+ (LP 1871830)
882+ - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107)
883+ - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
884+ - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
885+ and clobbered doubles (LP 1872945)
886+ - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
887+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
888+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
889+ - CVE-2020-11869
890+ - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
891+ - async: use explicit memory barriers (LP 1805256)
892+ - aio-wait: delegate polling of main AioContext if BQL not held
893+ - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
894+ supporting to set them (LP 1882774)
895+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
896+ load to a versioned path
897+ * Added Changes:
898+ - d/control: regenerate debian/control out of control-in
899+ - update d/p/ubuntu/lp-1835546-* to the final versions
900+ - 11 patches dropped as they are in 5.0
901+ - 20 patches updated to how they will be in 5.1
902+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
903+ FTBFS in groovy
904+ - Make qemu-system-x86-microvm a transitional package as the binary is now
905+ in qemu-system-x86 itself.
906+ - d/control-in: build-dep libcap is no more needed
907+ - d/rules: update arch aware kvm wrappers
908+ - d/qemu-system-x86.README.Debian: fix typo
909+
910+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 16 Jun 2020 16:50:09 +0200
911+
912 qemu (1:5.0-5) unstable; urgency=medium
913
914 * more binfmt-install updates
915@@ -592,6 +1440,188 @@ qemu (1:4.2-4) unstable; urgency=medium
916
917 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 12:44:43 +0300
918
919+qemu (1:4.2-3ubuntu10) groovy; urgency=medium
920+
921+ * No-change rebuild against libnettle8
922+
923+ -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 20 Jul 2020 16:12:37 +0000
924+
925+qemu (1:4.2-3ubuntu9) groovy; urgency=medium
926+
927+ * debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
928+ crashes it on shutdown (LP: #1878973)
929+ * d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
930+ supporting to set them (LP: #1882774)
931+
932+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 02 Jun 2020 10:42:49 +0200
933+
934+qemu (1:4.2-3ubuntu8) groovy; urgency=medium
935+
936+ * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
937+ - async: use explicit memory barriers (LP: #1805256)
938+ - aio-wait: delegate polling of main AioContext if BQL not held
939+
940+ -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Wed, 27 May 2020 21:47:21 +0000
941+
942+qemu (1:4.2-3ubuntu7) groovy; urgency=medium
943+
944+ * SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
945+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
946+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
947+ - CVE-2020-11869
948+
949+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 21 May 2020 14:43:19 -0400
950+
951+qemu (1:4.2-3ubuntu6) focal; urgency=medium
952+
953+ [ Christian Ehrhardt ]
954+ * enable riscv build (LP: #1872931)
955+ [ changes picked from Debian ]
956+ - enable support for riscv64 hosts
957+ - only enable librbd on architectures where it is built
958+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
959+ depends on the former
960+ - seccomp grew up, no need in versioned build-dep
961+ - enable seccomp only on architectures where it can be built
962+ * d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
963+ * d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
964+ and clobbered doubles (LP: #1872945)
965+
966+ [ William Grant ]
967+ * d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
968+
969+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 14:27:15 +0200
970+
971+qemu (1:4.2-3ubuntu5) focal; urgency=medium
972+
973+ [ Christian Ehrhardt ]
974+ * d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
975+ (LP: #1871830)
976+ * Security and packaging fixes (LP: #1872937)
977+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
978+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
979+ CVE-2020-10702
980+ CVE-2020-11102
981+ - fix external spice UI
982+ + install ui-spice-app.so in qemu-system-common
983+ + install ui-spice-app.so only if built, spice is optional
984+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
985+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
986+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
987+ * d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872107)
988+
989+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 11:26:44 +0200
990+
991+qemu (1:4.2-3ubuntu4) focal; urgency=medium
992+
993+ * d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546)
994+ * remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
995+ to avoid broken nesting (LP: #1868692)
996+
997+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 20 Mar 2020 08:02:16 +0100
998+
999+qemu (1:4.2-3ubuntu3) focal; urgency=medium
1000+
1001+ * d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
1002+ patches @qemu-stable (LP: #1867519)
1003+
1004+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 18 Mar 2020 13:57:57 +0100
1005+
1006+qemu (1:4.2-3ubuntu2) focal; urgency=medium
1007+
1008+ * allow qemu to load old modules post upgrade (LP: #1847361)
1009+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
1010+ load to a versioned path
1011+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
1012+ upgrade
1013+ - d/rules: generate maintainer scripts matching package version on build
1014+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
1015+ * d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
1016+ avoid unnecessary IOTLB transactions (LP: #1866207)
1017+
1018+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 02 Mar 2020 15:21:27 +0100
1019+
1020+qemu (1:4.2-3ubuntu1) focal; urgency=medium
1021+
1022+ * Merge with Debian testing, remaining changes:
1023+ - qemu-kvm to systemd unit
1024+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1025+ hugepages and architecture specifics
1026+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1027+ qemu-kvm-init
1028+ - d/qemu-system-common.install: install helper script
1029+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1030+ - d/qemu-system-common.qemu-kvm.default: defaults for
1031+ /etc/default/qemu-kvm
1032+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1033+ - Distribution specific machine type (LP: 1304107 1621042)
1034+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1035+ types
1036+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1037+ for host-phys-bits=true (LP: 1776189)
1038+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1039+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1040+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1041+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1042+ - Enable nesting by default
1043+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1044+ in qemu64 cpu type.
1045+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1046+ in qemu64 on amd
1047+ [ No more strictly needed, but required for backward compatibility ]
1048+ - improved dependencies
1049+ - Make qemu-system-common depend on qemu-block-extra
1050+ - Make qemu-utils depend on qemu-block-extra
1051+ - let qemu-utils recommend sharutils
1052+ - improved s390x support
1053+ - d/rules: build s390-ccw.img with upstream Makefile
1054+ - d/rules: build s390-netboot.img with upstream Makefile
1055+ - arch aware kvm wrappers
1056+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1057+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1058+ reference 256k path
1059+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1060+ handle incoming migrations from former releases.
1061+ - d/control-in: Disable capstone disassembler library support (universe)
1062+ - d/binfmt-update-in: fix binfmt being called in some containers
1063+ (LP 1840956)
1064+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1065+ (LP 1857033)
1066+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1067+ - d/control*, d/rules: disable xen by default, but provide universe
1068+ package qemu-system-x86-xen as alternative
1069+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
1070+ - Dropped changes [ in Debian ]
1071+ - d/control: update VCS links
1072+ - d/control-in: bump debhelper build-dep for compat 12
1073+ - d/control: disable bluetooth being deprecated
1074+ - d/not-installed: ignore new interop docs and extra icons for now
1075+ - d/not-installed: do not install elf2dmp until namespaced
1076+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1077+ [ not needed ]
1078+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
1079+ - s390x support
1080+ - Create qemu-system-s390x package
1081+ - Enable numa support for s390x
1082+ - d/control*: enable libpmem support for nvdimms (LP 1790856)
1083+ * Added changes
1084+ - d/control: regenerate debian/control out of control-in
1085+ - qemu-system-x86-microvm package
1086+ In addition to the generic multi-purpose qemu also provide a minimal
1087+ feature binary that is loading faster for use cases with microvm machine
1088+ type and qboot bios
1089+ - d/control-in: add a new qemu-system-x86-microvm package
1090+ - d/rules: add an extra config/build step to get the minimal qemu
1091+ - d/control-in: disable pmem on ppc64 as it is currently considered
1092+ experimental on that architecture (pmdk v1.8-1)
1093+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
1094+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
1095+ vhost-user-gpu
1096+ - d/rules: report config log from the correct subdir
1097+ - d/rules: --disable-xen for user-static builds
1098+
1099+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Feb 2020 15:21:56 +0100
1100+
1101 qemu (1:4.2-3) unstable; urgency=medium
1102
1103 * mention closing of #909743 in previous changelog (Closes: #909743)
1104@@ -634,6 +1664,169 @@ qemu (1:4.2-2) unstable; urgency=medium
1105
1106 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Jan 2020 23:51:09 +0300
1107
1108+qemu (1:4.2-1ubuntu2) focal; urgency=medium
1109+
1110+ * d/control: avoid upgrade issues triggered by moving ivshmem tools after
1111+ Debian. Fixed by by bumping the related Breaks/Replaces to the
1112+ Version Ubuntu introduced the change (LP: #1862287)
1113+
1114+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 07 Feb 2020 07:31:21 +0100
1115+
1116+qemu (1:4.2-1ubuntu1) focal; urgency=medium
1117+
1118+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
1119+ LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
1120+ LP: #1812822 - avoid crashes on detaching vhost_net interfaces
1121+ LP: #1852744 - Crypto Passthrough Interrupt Support
1122+ LP: #1853316 - CCW IPL Support
1123+ Remaining changes:
1124+ - qemu-kvm to systemd unit
1125+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1126+ hugepages and architecture specifics
1127+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1128+ qemu-kvm-init
1129+ - d/qemu-system-common.install: install helper script
1130+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1131+ - d/qemu-system-common.qemu-kvm.default: defaults for
1132+ /etc/default/qemu-kvm
1133+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1134+ - Distribution specific machine type (LP: 1304107 1621042)
1135+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1136+ types
1137+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1138+ for host-phys-bits=true (LP: 1776189)
1139+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1140+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1141+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1142+ - Enable nesting by default
1143+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1144+ in qemu64 cpu type.
1145+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1146+ in qemu64 on amd
1147+ [ No more strictly needed, but required for backward compatibility ]
1148+ - improved dependencies
1149+ - Make qemu-system-common depend on qemu-block-extra
1150+ - Make qemu-utils depend on qemu-block-extra
1151+ - let qemu-utils recommend sharutils
1152+ - s390x support
1153+ - Create qemu-system-s390x package
1154+ - Enable numa support for s390x
1155+ - d/rules: build s390-ccw.img with upstream Makefile
1156+ - d/rules: build s390-netboot.img with upstream Makefile
1157+ - arch aware kvm wrappers
1158+ - d/control: update VCS links
1159+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1160+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1161+ reference 256k path
1162+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1163+ handle incoming migrations from former releases.
1164+ - d/control-in: Disable capstone disassembler library support (universe)
1165+ - d/control: disable bluetooth being deprecated
1166+ - d/not-installed: ignore new interop docs and extra icons for now
1167+ - d/not-installed: do not install elf2dmp until namespaced
1168+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1169+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
1170+ - d/binfmt-update-in: fix binfmt being called in some containers
1171+ (LP 1840956)
1172+ - Dropped changes (in Debian)
1173+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1174+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1175+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1176+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1177+ - enable RDMA config option
1178+ - add libibumad-dev build-dep
1179+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1180+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1181+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1182+ replace it with a build-indep using the upstream makefiles.
1183+ This is less prone to miss future changes/fixes that are done to the
1184+ makefiles
1185+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1186+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1187+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1188+ - Refreshed patches for v4.0 context changes
1189+ - d/control*: remove sdlabi which was removed upstream
1190+ - d/control*: enable docs (now explicit) and provide new build-dep
1191+ python3-sphinx
1192+ - d/qemu-system-data.install: use new paths for formerly used icons
1193+ - Merge with Upstream release of qemu 4.0
1194+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
1195+ - Dropped changes (Upstream)
1196+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
1197+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
1198+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
1199+ fix i386 build error
1200+ - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
1201+ fix naming of the new vector facitlity (LP 1836066)
1202+ - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
1203+ for missing SIOCGSTAMP definition; final fix is still in discussion
1204+ upstream (LP: 1836159)
1205+ - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
1206+ s390x machines (LP 1836154)
1207+ - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
1208+ (LP 1841066)
1209+ - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
1210+ update the z15 model name (LP 1842774)
1211+ - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
1212+ fix a potential hang when qemu or qemu-img where accessing http backed
1213+ disks via libcurl (LP 1848556)
1214+ - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*:
1215+ fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497)
1216+ - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
1217+ toleration for future machines (LP 1830704)
1218+ - SECURITY UPDATE: Add support for exposing md-clear functionality
1219+ to guests
1220+ - d/p/ubuntu/enable-md-clear.patch
1221+ - d/p/ubuntu/enable-md-no.patch
1222+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
1223+ - SECURITY UPDATE: heap overflow when loading device tree blob
1224+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
1225+ copy the device tree blob into is.
1226+ - CVE-2018-20815
1227+ - SECURITY UPDATE: device driver denial of service via NULL pointer
1228+ dereference
1229+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
1230+ routine
1231+ - CVE-2019-5008
1232+ - SECURITY UPDATE: information leak in SLiRP
1233+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
1234+ emulating ident.
1235+ - CVE-2019-9824
1236+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
1237+ unimplement.patch: properly return architecture defined exception
1238+ on bad subcodes of diag 308 (LP 1812384)
1239+ * Dropped changes (no more needed)
1240+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
1241+ mv_conffile since the new path is a directory in the old package
1242+ version which can not be handled by mv_conffile.
1243+ [ only needed between disco and eoan ]
1244+ - disable pvrdma
1245+ [ CVEs all fixed now ]
1246+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1247+ avoid misdetection of simplified nesting blocking all migrations
1248+ [ qemu now detects and handles nesting - needs kernel >=4.20 ]
1249+ - Enable nesting by default
1250+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1251+ (is default on amd)
1252+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1253+ without nested=1
1254+ [ nesting is default in kernel modules and default selected cpu types ]
1255+ * Added changes
1256+ - d/control: regenerate debian/control out of control-in
1257+ - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
1258+ - added ubuntu focal types for qemu 4.2
1259+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1260+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1261+ (LP: #1857033)
1262+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1263+ - d/control*, d/rules: disable xen by default, but provide universe
1264+ package qemu-system-x86-xen as alternative
1265+ - fix typos in changelog and d/qemu-system-x86.NEWS
1266+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
1267+ - d/control*: enable libpmem support for nvdimms (LP: #1790856)
1268+
1269+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 08 Jan 2020 15:27:42 +0100
1270+
1271 qemu (1:4.2-1) unstable; urgency=medium
1272
1273 * new upstream release (4.2.0)
1274@@ -710,6 +1903,205 @@ qemu (1:4.1-1) unstable; urgency=medium
1275
1276 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 27 Aug 2019 12:43:43 +0300
1277
1278+qemu (1:4.0+dfsg-0ubuntu10) focal; urgency=medium
1279+
1280+ * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
1281+ fix a potential hang when qemu or qemu-img where accessing http backed
1282+ disks via libcurl (LP: #1848556)
1283+ * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch:
1284+ fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497)
1285+
1286+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 21 Oct 2019 14:51:45 +0200
1287+
1288+qemu (1:4.0+dfsg-0ubuntu9) eoan; urgency=medium
1289+
1290+ * d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
1291+ update the z15 model name (LP: #1842774)
1292+
1293+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Sep 2019 11:42:58 +0200
1294+
1295+qemu (1:4.0+dfsg-0ubuntu8) eoan; urgency=medium
1296+
1297+ * d/binfmt-update-in: fix binfmt being called in some containers
1298+ (LP: #1840956)
1299+
1300+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Sep 2019 11:03:13 +0200
1301+
1302+qemu (1:4.0+dfsg-0ubuntu7) eoan; urgency=medium
1303+
1304+ * No-change upload with strops.h and sys/strops.h removed in glibc.
1305+
1306+ -- Matthias Klose <doko@ubuntu.com> Thu, 05 Sep 2019 11:07:25 +0000
1307+
1308+qemu (1:4.0+dfsg-0ubuntu6) eoan; urgency=medium
1309+
1310+ * d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
1311+ (LP: #1841066)
1312+
1313+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 26 Aug 2019 12:08:04 +0200
1314+
1315+qemu (1:4.0+dfsg-0ubuntu5) eoan; urgency=medium
1316+
1317+ * d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
1318+ s390x machines (LP: #1836154)
1319+
1320+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Jul 2019 13:20:42 +0200
1321+
1322+qemu (1:4.0+dfsg-0ubuntu4) eoan; urgency=medium
1323+
1324+ * d/control-in: promote qemu-efi/ovmf in Ubuntu (LP: #1570617)
1325+ - pick Debian change for (#889885)
1326+ move ovmf to recommends on debian and update aarch ovmf refs
1327+ - stop Ubuntu to drop ovmf/qemu-efi to a suggest
1328+
1329+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 12 Jul 2019 12:48:24 +0200
1330+
1331+qemu (1:4.0+dfsg-0ubuntu3) eoan; urgency=medium
1332+
1333+ * d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
1334+ for missing SIOCGSTAMP definition; final fix is still in discussion
1335+ upstream (LP: 1836159)
1336+
1337+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 10:10:00 +0200
1338+
1339+qemu (1:4.0+dfsg-0ubuntu2) eoan; urgency=medium
1340+
1341+ * d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
1342+ fix naming of the new vector facitlity (LP: #1836066)
1343+ * d/control-in: update VCS links in control template as well
1344+
1345+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 08:18:44 +0200
1346+
1347+qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium
1348+
1349+ * Merge with Upstream release of qemu 4.0.
1350+ Among many other things this fixes LP Bugs:
1351+ LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA)
1352+ LP: #1828038 - Update s390x CPU Model for more HW support
1353+ LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el
1354+ Remaining Changes:
1355+ - qemu-kvm to systemd unit
1356+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1357+ hugepages and architecture specifics
1358+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1359+ qemu-kvm-init
1360+ - d/qemu-system-common.install: install helper script
1361+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1362+ - d/qemu-system-common.qemu-kvm.default: defaults for
1363+ /etc/default/qemu-kvm
1364+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1365+ - Enable nesting by default
1366+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1367+ (is default on amd)
1368+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1369+ without nested=1
1370+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1371+ in qemu64 cpu type.
1372+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1373+ in qemu64 on amd
1374+ - d/qemu-system-x86.README.Debian: document intention of nested being
1375+ default is comfort, not full support
1376+ - Distribution specific machine type (LP: 1304107 1621042)
1377+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1378+ types
1379+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1380+ for host-phys-bits=true (LP: 1776189)
1381+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1382+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1383+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1384+ - improved dependencies
1385+ - Make qemu-system-common depend on qemu-block-extra
1386+ - Make qemu-utils depend on qemu-block-extra
1387+ - let qemu-utils recommend sharutils
1388+ - s390x support
1389+ - Create qemu-system-s390x package
1390+ - Enable numa support for s390x
1391+ - arch aware kvm wrappers
1392+ - d/control: update VCS links
1393+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1394+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1395+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1396+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1397+ - enable RDMA config option
1398+ - add libibumad-dev build-dep
1399+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1400+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1401+ reference 256k path
1402+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1403+ handle incoming migrations from former releases.
1404+ - d/control-in: Disable capstone disassembler library support (universe)
1405+ - Move s390x roms to a new qemu-system-data-s390x
1406+ - d/qemu-system-data.install: install s390x roms as architecture:all in
1407+ qemu-system-data
1408+ - d/rules: build s390-ccw.img with upstream Makefile
1409+ - d/rules: build s390-netboot.img with upstream Makefile
1410+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1411+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1412+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1413+ replace it with a build-indep using the upstream makefiles.
1414+ This is less prone to miss future changes/fixes that are done to the
1415+ makefiles
1416+ - d/control-in: add breaks/replaces for moving s390x roms from
1417+ qemu-system-s390x to qemu-system-data
1418+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1419+ [From not yet uploaded Debian branch]
1420+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1421+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1422+ - disable pvrdma - besides several security holes there are many other
1423+ bugs there as well
1424+ * Dropped patches that are upstream in v4.0
1425+ - d/p/do-not-link-everything-with-xen.patch
1426+ - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
1427+ - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
1428+ - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
1429+ - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778
1430+ - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
1431+ - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor
1432+ (LP: 1759509)
1433+ - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri
1434+ - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and
1435+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement
1436+ - d/p/ubuntu/CVE-2018-20815.patch
1437+ - d/p/ubuntu/CVE-2019-5008.patch
1438+ - d/p/ubuntu/CVE-2019-9824.patch
1439+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1440+ avoid misdetection of simplified nesting blocking all migrations
1441+ * Dropped further patches
1442+ d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665
1443+ [upstream deprecated the whole subsystem instead of applying the fix]
1444+ * Added Changes
1445+ - updated ubuntu machine types for v4.0
1446+ - added eoan types
1447+ - fixed s390x issue of upstream types having a "v" prefix
1448+ - add back dropped machine types to avoid more issues like LP: 1802944
1449+ - fix kvm split irqchip default in ubuntu q35 machine type
1450+ - drop no more needed spapr_machine_2_11_sxxm_instance_options and
1451+ adapt updated CamelCase
1452+ - -hpb types now need to use GlobalProperties
1453+ - pc_compat_2_0 got a _fn suffix and slight changes
1454+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to
1455+ SLOF of qemu 4.0
1456+ - Refreshed patches still needed for v4.0 context changes
1457+ - d/p/use-fixed-data-path.patch
1458+ - d/p/ubuntu/enable-svm-by-default.patch
1459+ - d/p/ubuntu/enable-md-clear.patch
1460+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
1461+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration
1462+ (LP: #1830243)
1463+ - d/control: disable bluetooth being deprecated
1464+ - d/control*: remove sdlabi which was removed upstream
1465+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238)
1466+ - d/control*: enable docs (now explicit) and provide new build-dep
1467+ python3-sphinx
1468+ - d/not-installed: ignore new interop docs and extra icons for now
1469+ - d/not-installed: do not install elf2dmp until namespaced
1470+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1471+ - d/qemu-system-data.install: use new paths for formerly used icons
1472+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
1473+ fix i386 build error
1474+
1475+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 24 Jun 2019 16:33:19 +0200
1476+
1477 qemu (1:3.1+dfsg-8) unstable; urgency=high
1478
1479 * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch
1480@@ -812,6 +2204,232 @@ qemu (1:3.1+dfsg-3) unstable; urgency=medium
1481
1482 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 06 Feb 2019 12:23:01 +0300
1483
1484+qemu (1:3.1+dfsg-2ubuntu5) eoan; urgency=medium
1485+
1486+ * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
1487+ broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
1488+ fix migrations from old machines (LP: #1829868).
1489+ * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
1490+ toleration for future machines (LP: #1830704
1491+
1492+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 May 2019 11:30:42 +0200
1493+
1494+qemu (1:3.1+dfsg-2ubuntu4) eoan; urgency=medium
1495+
1496+ * SECURITY UPDATE: Add support for exposing md-clear functionality
1497+ to guests
1498+ - d/p/ubuntu/enable-md-clear.patch
1499+ - d/p/ubuntu/enable-md-no.patch
1500+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
1501+ * SECURITY UPDATE: heap overflow when loading device tree blob
1502+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
1503+ copy the device tree blob into is.
1504+ - CVE-2018-20815
1505+ * SECURITY UPDATE: device driver denial of service via NULL pointer
1506+ dereference
1507+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
1508+ routine
1509+ - CVE-2019-5008
1510+ * SECURITY UPDATE: information leak in SLiRP
1511+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
1512+ emulating ident.
1513+ - CVE-2019-9824
1514+
1515+ -- Steve Beattie <sbeattie@ubuntu.com> Wed, 08 May 2019 09:27:53 -0700
1516+
1517+qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium
1518+
1519+ * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
1520+ - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
1521+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
1522+ mv_conffile since the new path is a directory in the old package
1523+ version which can not be handled by mv_conffile.
1524+ * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
1525+ OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
1526+ Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
1527+ CVE-2019-3812
1528+
1529+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 18 Mar 2019 09:20:07 +0100
1530+
1531+qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium
1532+
1533+ * disable pvrdma - besides several security holes there are many other
1534+ bugs there as well, and the amount of patches applied upstream after
1535+ 3.1 release is large (Closes, or actuallymakes unimportant again)
1536+ - CVE-2018-20123
1537+ - CVE-2018-20124
1538+ - CVE-2018-20125
1539+ - CVE-2018-20126
1540+ - CVE-2018-20191
1541+ - CVE-2018-20216
1542+ * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
1543+ - CVE-2019-6501
1544+ * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
1545+ - CVE-2019-6778
1546+
1547+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 19 Feb 2019 06:43:04 +0100
1548+
1549+qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium
1550+
1551+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
1552+ LP: #1806104 - fix misleading page size error on ppc64el
1553+ LP: #1782205 - SnowRidge enabled new ISAs
1554+ LP: #1786956 - upgrade to qemu >= 3.0
1555+ LP: #1809083 - Backward migration to Xenial on ppc64el
1556+ LP: #1803315 - s390x Huge page enablement
1557+ LP: #1657409 - enable virglrenderer
1558+ Remaining Changes:
1559+ - qemu-kvm to systemd unit
1560+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1561+ hugepages and architecture specifics
1562+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1563+ - d/qemu-system-common.install: install systemd unit and helper script
1564+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1565+ - d/qemu-system-common.qemu-kvm.default: defaults for
1566+ /etc/default/qemu-kvm
1567+ - d/rules: install /etc/default/qemu-kvm
1568+ - Enable nesting by default
1569+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1570+ (is default on amd)
1571+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1572+ without nested=1
1573+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1574+ in qemu64 cpu type.
1575+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1576+ in qemu64 on amd
1577+ - d/qemu-system-x86.README.Debian: document intention of nested being
1578+ default is comfort, not full support
1579+ - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372)
1580+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1581+ types
1582+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1583+ for host-phys-bits=true (LP: 1776189)
1584+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1585+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
1586+ convenience with all meltdown/spectre workarounds enabled by default.
1587+ (LP: 1761372).
1588+ - improved dependencies
1589+ - Make qemu-system-common depend on qemu-block-extra
1590+ - Make qemu-utils depend on qemu-block-extra
1591+ - let qemu-utils recommend sharutils
1592+ - s390x support
1593+ - Create qemu-system-s390x package
1594+ - Enable numa support for s390x
1595+ - arch aware kvm wrappers
1596+ - d/control: update VCS links (updated to match latest Ubuntu)
1597+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1598+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1599+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1600+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1601+ - enable RDMA config option
1602+ - add libibumad-dev build-dep
1603+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1604+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1605+ reference 256k path
1606+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1607+ handle incoming migrations from former releases.
1608+ - d/control-in: Disable capstone disassembler library support (universe)
1609+ * Added Changes:
1610+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes
1611+ for qemu 3.1 in the Ubuntu Disco release
1612+ - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509)
1613+ - Move s390x roms to a new qemu-system-data-s390x
1614+ - d/qemu-system-data.install: install s390x roms as architecture:all in
1615+ qemu-system-data
1616+ - d/rules: build s390-ccw.img with upstream Makefile
1617+ - d/rules: build s390x-netboot.img with upstream Makefile
1618+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1619+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1620+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1621+ replace it with a build-indep using the upstream makefiles.
1622+ This is less prone to miss future changes/fixes that are done to the
1623+ makefiles
1624+ - d/control-in: add breaks/replaces for moving s390x roms from
1625+ qemu-system-s390x to qemu-system-data
1626+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1627+ [From not yet uploaded Debian branch]
1628+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1629+ (Closes: #918378)
1630+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1631+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1632+ avoid misdetection of simplified nesting blocking all migrations
1633+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
1634+ unimplement.patch: properly return archicture defined exception
1635+ on bad subcodes of diag 308 (LP: #1812384)
1636+ * Dropped Changes:
1637+ - Include s390-ccw.img firmware (old style native build)
1638+ - d/rules enable install s390x-netboot.img (old style native build)
1639+ - libvirt/qemu user/group support
1640+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1641+ trigger.
1642+ [ Droppable since logind properly sets ACLs now ]
1643+ - qemu-system-common.preinst: add kvm group if needed
1644+ [ Droppable because systemd/udev take care of it since 239-6]
1645+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent
1646+ freeze-hook fixes (LP: 1484990)
1647+ [upstream]
1648+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
1649+ merged upstream
1650+ [upstream]
1651+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
1652+ computation while concatenating mbuf.
1653+ CVE-2018-11806
1654+ [upstream]
1655+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
1656+ for powerpc64 to speed up translation (LP: 1781526)
1657+ [upstream]
1658+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
1659+ cpu model for z14 ZR1 (LP: 1780773).
1660+ [upstream]
1661+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
1662+ (Closes: 903562)
1663+ [in Debian]
1664+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
1665+ unreleased Debian version)
1666+ [in Debian]
1667+ - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
1668+ by migrations with UI frontends or frequent guest resolution changes
1669+ (LP #1755912)
1670+ [upstream]
1671+ - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
1672+ extend eieio for POWER9 emulation (LP: 1787408).
1673+ [upstream]
1674+ - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
1675+ ensure that the seccomp blacklist is applied to all threads (LP: 1789551)
1676+ [upstream]
1677+ - improve s390x spectre mitigation with etoken facility (LP: 1790457)
1678+ [upstream]
1679+ - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901)
1680+ [upstream]
1681+ - d/control-in: our addition of a qemu-system-s390x package needs to follow
1682+ the split of qemu-system-data by adding a dependency to it (LP: 1798084)
1683+ [in Debian]
1684+ - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
1685+ Adapters on s390x (LP: 1787405)
1686+ [upstream]
1687+ - enable opengl for vfio-MDEV support (LP: 1804766)
1688+ [in Debian]
1689+ - SECURITY UPDATE: integer overflow in NE2000 NIC emulation
1690+ [upstream]
1691+ - SECURITY UPDATE: integer overflow via crafted QMP command
1692+ [upstream]
1693+ - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
1694+ [upstream]
1695+ - SECURITY UPDATE: buffer overflow in rtl8139
1696+ [upstream]
1697+ - SECURITY UPDATE: buffer overflow in pcnet
1698+ [upstream]
1699+ - SECURITY UPDATE: DoS via large packet sizes
1700+ [upstream]
1701+ - SECURITY UPDATE: DoS in lsi53c895a
1702+ [upstream]
1703+ - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
1704+ [upstream]
1705+ - SECURITY UPDATE: race condition in 9p
1706+ [upstream]
1707+
1708+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Jan 2019 09:41:08 +0100
1709+
1710 qemu (1:3.1+dfsg-2) unstable; urgency=medium
1711
1712 * d/rules: split arch and indep builds
1713@@ -891,6 +2509,249 @@ qemu (1:3.1+dfsg-1) unstable; urgency=medium
1714
1715 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Dec 2018 19:10:27 +0300
1716
1717+qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium
1718+
1719+ [ Marc Deslauriers ]
1720+ * SECURITY UPDATE: integer overflow in NE2000 NIC emulation
1721+ - debian/patches/CVE-2018-10839.patch: use proper type in
1722+ hw/net/ne2000.c.
1723+ - CVE-2018-10839
1724+ * SECURITY UPDATE: integer overflow via crafted QMP command
1725+ - debian/patches/CVE-2018-12617.patch: check bytes count read by
1726+ guest-file-read in qga/commands-posix.c.
1727+ - CVE-2018-12617
1728+ * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
1729+ - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
1730+ - CVE-2018-16847
1731+ * SECURITY UPDATE: buffer overflow in rtl8139
1732+ - debian/patches/CVE-2018-17958.patch: use proper type in
1733+ hw/net/rtl8139.c.
1734+ - CVE-2018-17958
1735+ * SECURITY UPDATE: buffer overflow in pcnet
1736+ - debian/patches/CVE-2018-17962.patch: use proper type in
1737+ hw/net/pcnet.c.
1738+ - CVE-2018-17962
1739+ * SECURITY UPDATE: DoS via large packet sizes
1740+ - debian/patches/CVE-2018-17963.patch: check size in net/net.c.
1741+ - CVE-2018-17963
1742+ * SECURITY UPDATE: DoS in lsi53c895a
1743+ - debian/patches/CVE-2018-18849.patch: check message length value is
1744+ valid in hw/scsi/lsi53c895a.c.
1745+ - CVE-2018-18849
1746+ * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
1747+ - debian/patches/CVE-2018-18954.patch: check size before data buffer
1748+ access in hw/ppc/pnv_lpc.c.
1749+ - CVE-2018-18954
1750+ * SECURITY UPDATE: race condition in 9p
1751+ - debian/patches/CVE-2018-19364-1.patch: use write lock in
1752+ hw/9pfs/cofile.c.
1753+ - debian/patches/CVE-2018-19364-2.patch: use write lock in
1754+ hw/9pfs/9p.c.
1755+ - CVE-2018-19364
1756+
1757+ [ Christian Ehrhardt]
1758+ * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
1759+ Adapters on s390x (LP: #1787405)
1760+ * enable opengl for vfio-MDEV support (LP: #1804766)
1761+ - d/control-in: set --enable-opengl
1762+ - d/control-in: add gl related build-dependencies
1763+
1764+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Nov 2018 13:17:01 -0500
1765+
1766+qemu (1:2.12+dfsg-3ubuntu8) cosmic; urgency=medium
1767+
1768+ * d/control-in: our addition of a qemu-system-s390x package needs to follow
1769+ the split of qemu-system-data by adding a dependency to it (LP: #1798084)
1770+
1771+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Oct 2018 10:50:27 +0200
1772+
1773+qemu (1:2.12+dfsg-3ubuntu7) cosmic; urgency=medium
1774+
1775+ * Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: #1790901)
1776+ The SLOF source pieces in src:qemu are only used for s390x netboot,
1777+ which are independent ROMs (no linking). All other binaries out of this
1778+ are part of src:slof and independent.
1779+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot-2.12-to-3.0.patch
1780+ - d/p/ubuntu/lp-1790901-0*: backport s390x pxelinux netboot capabilities
1781+ and related fixes
1782+
1783+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Sep 2018 13:31:15 +0200
1784+
1785+qemu (1:2.12+dfsg-3ubuntu6) cosmic; urgency=medium
1786+
1787+ * improve s390x spectre mitigation with etoken facility (LP: #1790457)
1788+ - debian/patches/ubuntu/lp-1790457-s390x-kvm-add-etoken-facility.patch
1789+ - debian/patches/ubuntu/lp-1790457-partial-s390x-linux-headers-update.patch
1790+
1791+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Sep 2018 10:06:48 +0200
1792+
1793+qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium
1794+
1795+ * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
1796+ ensure that the seccomp blacklist is applied to all threads (LP: #1789551)
1797+ - CVE-2018-15746
1798+
1799+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 29 Aug 2018 08:50:36 +0200
1800+
1801+qemu (1:2.12+dfsg-3ubuntu4) cosmic; urgency=medium
1802+
1803+ [ Murilo Opsfelder Araujo ]
1804+ * d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
1805+ extend eieio for POWER9 emulation (LP: #1787408).
1806+
1807+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 20 Aug 2018 11:52:39 +0200
1808+
1809+qemu (1:2.12+dfsg-3ubuntu3) cosmic; urgency=medium
1810+
1811+ * d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
1812+ by migrations with UI frontends or frequent guest resolution changes
1813+ (LP: #1755912)
1814+
1815+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 Jul 2018 08:26:52 +0200
1816+
1817+qemu (1:2.12+dfsg-3ubuntu2) cosmic; urgency=medium
1818+
1819+ * Disable capstone disassembler library support (universe dependency)
1820+
1821+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 17 Jul 2018 08:35:32 +0200
1822+
1823+qemu (1:2.12+dfsg-3ubuntu1) cosmic; urgency=medium
1824+
1825+ * Merge with Debian testing, Remaining Changes:
1826+ - Among other things this fixes (LP: #1780768, LP: #1780769, LP: #1780772)
1827+ - qemu-kvm to systemd unit
1828+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1829+ hugepages and architecture specifics
1830+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
1831+ - d/qemu-system-common.install: install systemd unit and helper script
1832+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1833+ - d/qemu-system-common.qemu-kvm.default: defaults for
1834+ /etc/default/qemu-kvm
1835+ - d/rules: install /etc/default/qemu-kvm
1836+ - Enable nesting by default
1837+ - set nested=1 module option on intel. (is default on amd)
1838+ - re-load kvm_intel.ko if it was loaded without nested=1
1839+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1840+ in qemu64 cpu type.
1841+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1842+ in qemu64 on amd
1843+ - d/qemu-system-x86.README.Debian: document intention of nested being
1844+ default is comfort, not full support
1845+ - libvirt/qemu user/group support
1846+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
1847+ trigger.
1848+ - qemu-system-common.preinst: add kvm group if needed
1849+ - Distribution specific machine type
1850+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1851+ types to ease future live vm migration.
1852+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1853+ - d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
1854+ for host-phys-bits=true (LP: 1776189)
1855+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1856+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
1857+ convenience with all meltdown/spectre workarounds enabled by default.
1858+ (LP: 1761372).
1859+ - improved dependencies
1860+ - Make qemu-system-common depend on qemu-block-extra
1861+ - Make qemu-utils depend on qemu-block-extra
1862+ - let qemu-utils recommend sharutils
1863+ - s390x support
1864+ - Create qemu-system-s390x package
1865+ - Include s390-ccw.img firmware
1866+ - Enable numa support for s390x
1867+ - arch aware kvm wrappers
1868+ - update VCS-git (updated to match cosmic)
1869+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1870+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
1871+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1872+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1873+ - Create and install pxe netboot images for KVM s390x (LP: 1732094)
1874+ - d/rules enable install s390x-netboot.img
1875+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1876+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1877+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1878+ reference 256k path
1879+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1880+ handle incoming migrations from former releases.
1881+ - SECURITY UPDATE: Speculative Store Bypass
1882+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
1883+ CPUID feature bit in target/i386/cpu.*.
1884+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
1885+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
1886+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
1887+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
1888+ target/i386/machine.c.
1889+ - CVE-2018-3639
1890+ * Added Changes:
1891+ - update machine type changes for qemu 2.12 and the Ubuntu Cosmic release
1892+ - add cosmic types for base and -hpb
1893+ - drop no more supported types (zesty and yakkety)
1894+ - d/p/series: group machine type changes
1895+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
1896+ merged upstream
1897+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
1898+ computation while concatenating mbuf.
1899+ CVE-2018-11806
1900+ - d/qemu-kvm-init, d/qemu-system-common.qemu-kvm.default: drop the
1901+ deprecated handling of VHOST_NET_ENABLED and KVM_HUGEPAGES.
1902+ - d/qemu-kvm-init: do not exit early on non x86/ppc64el (LP: #1763275)
1903+ - d/qemu-kvm-init, d/kvm.powerpc: clean up typos and shellcheck warnings
1904+ - d/qemu-kvm-init, d/kvm.powerpc: fix SMT detection and make it only apply
1905+ to POWER8
1906+ - d/qemu-kvm-init: drop old VM detection that was broken in some cases and
1907+ is no more needed with systemd-detect-virt being more mature and always
1908+ present.
1909+ - d/kvm.powerpc: drop old powerpc (non-ppc64el) code.
1910+ - d/control-in: add libibumad-dev which is now needed for rdma
1911+ - d/rules: update s390x delta to match new Debian packaging
1912+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
1913+ for powerpc64 to speed up translation (LP: #1781526)
1914+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
1915+ cpu model for z14 ZR1 (LP: #1780773).
1916+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
1917+ (Closes: 903562)
1918+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
1919+ unreleased Debian version)
1920+ * Dropped Changes:
1921+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
1922+ (No more removed when building DFSG orig tarball in Debian)
1923+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
1924+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
1925+ so we revert related changes to stick with the proven for now:
1926+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
1927+ depends on it)
1928+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
1929+ (Debian switched to gtk which seems to work better and has all
1930+ dependencies in main.)
1931+ - d/control-in: enable seccomp on s390x (in Debian for Linux-any)
1932+ - Changes that are now upstream with qemu 2.12
1933+ - d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with
1934+ newer versions of glibc >=2.27 (LP: 1753826)
1935+ - d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
1936+ - d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
1937+ SSE/AVX/AVX512 cpu features (LP: 1739665)
1938+ - d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
1939+ space+commpage continuous which avoids long startup times on
1940+ qemu-user-static (LP: 1740219)
1941+ - provide pseries-2.12-sxxm type (LP: 1761372)
1942+ - d/p/ubuntu/lp-1704312-1-* provide means to manually handle
1943+ filesystem-dax with pmem by backporting align and unarmed options
1944+ (LP: 1704312).
1945+ - d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
1946+ option to slirp's DHCP server (LP: 1762315)
1947+ - d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying
1948+ Protection information (LP: 1762854).
1949+ - d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9
1950+ migration (LP: 1763468).
1951+ - SECURITY UPDATE: out-of-bounds access during migration via ps2
1952+ CVE-2017-16845
1953+ - SECURITY UPDATE: arbitrary code execution via load_multiboot
1954+ CVE-2018-7550
1955+ - SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
1956+ CVE-2018-7858
1957+
1958+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 21 Jun 2018 14:24:06 +0200
1959+
1960 qemu (1:2.12+dfsg-3) unstable; urgency=medium
1961
1962 * make qemu-system-foo depending
1963@@ -979,6 +2840,239 @@ qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium
1964
1965 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 12 Apr 2018 19:04:03 +0300
1966
1967+qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium
1968+
1969+ * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
1970+ for host-phys-bits=true (LP: #1776189)
1971+ - add an info about this change in debian/qemu-system-x86.NEWS
1972+
1973+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 09:01:00 +0200
1974+
1975+qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium
1976+
1977+ * SECURITY UPDATE: Speculative Store Bypass
1978+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
1979+ CPUID feature bit in target/i386/cpu.*.
1980+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
1981+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
1982+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
1983+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
1984+ target/i386/machine.c.
1985+ - CVE-2018-3639
1986+
1987+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 22 May 2018 09:34:52 -0400
1988+
1989+qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium
1990+
1991+ * SECURITY UPDATE: out-of-bounds access during migration via ps2
1992+ - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers
1993+ in post_load routine in hw/input/ps2.c.
1994+ - CVE-2017-16845
1995+ * SECURITY UPDATE: arbitrary code execution via load_multiboot
1996+ - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being
1997+ zero in hw/i386/multiboot.c.
1998+ - CVE-2018-7550
1999+ * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
2000+ - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in
2001+ hw/display/vga.c.
2002+ - CVE-2018-7858
2003+
2004+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 May 2018 14:14:20 -0400
2005+
2006+qemu (1:2.11+dfsg-1ubuntu8) cosmic; urgency=medium
2007+
2008+ * No-change rebuild for ncurses soname changes.
2009+
2010+ -- Matthias Klose <doko@ubuntu.com> Thu, 03 May 2018 14:18:39 +0000
2011+
2012+qemu (1:2.11+dfsg-1ubuntu7) bionic; urgency=medium
2013+
2014+ * d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying Protection
2015+ information (LP: #1762854).
2016+ * d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 migration
2017+ (LP: #1763468).
2018+
2019+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Apr 2018 07:46:18 +0200
2020+
2021+qemu (1:2.11+dfsg-1ubuntu6) bionic; urgency=medium
2022+
2023+ * Remove LP: 1752026 changes to d/p/ubuntu/define-ubuntu-machine-types.patch.
2024+ The Kernel fixes are preferred and already committed to the kernel.
2025+ Therefore remove the default disabling of the HTM feature (LP: #1761175)
2026+ * d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
2027+ SSE/AVX/AVX512 cpu features (LP: #1739665)
2028+ * d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
2029+ space+commpage continuous which avoids long startup times on
2030+ qemu-user-static (LP: #1740219)
2031+ * d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
2032+ convenience with all meltdown/spectre workarounds enabled by default.
2033+ This is not the default type following upstream and x86 on that.
2034+ (LP: #1761372).
2035+ * d/p/ubuntu/lp-1704312-1-* provide means to manually handle filesystem-dax
2036+ with pmem by backporting align and unarmed options (LP: #1704312).
2037+ * d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
2038+ option to slirp's DHCP server (LP: #1762315)
2039+
2040+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Apr 2018 15:16:07 +0200
2041+
2042+qemu (1:2.11+dfsg-1ubuntu5) bionic; urgency=medium
2043+
2044+ * Revert the slirp changes of 1:2.11+dfsg-1ubuntu3 until they are upstream
2045+ accepted to be better long term maintainable (LP: #1753938)
2046+
2047+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 22 Mar 2018 10:31:23 +0100
2048+
2049+qemu (1:2.11+dfsg-1ubuntu4) bionic; urgency=medium
2050+
2051+ * d/p/ubuntu/define-ubuntu-machine-types.patch: Disable HTM feature for
2052+ ppc64el in spapr to let the defaults not fail on Power9 HW (LP: #1752026).
2053+ * d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with newer
2054+ versions of glibc >=2.27 (LP: #1753826)
2055+
2056+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 05 Mar 2018 16:43:01 +0100
2057+
2058+qemu (1:2.11+dfsg-1ubuntu3) bionic; urgency=medium
2059+
2060+ * d/p/ubuntu/0001-slirp-Add-domainname-option-to-slirp-s-DHCP-server.patch,
2061+ d/p/ubuntu/0002-slirp-Add-classless-static-routes-support-to-DHCP-se.patch:
2062+ Add domainname option and classless static routes support to the user
2063+ networking's DHCP server
2064+
2065+ -- Benjamin Drung <benjamin.drung@profitbricks.com> Fri, 02 Mar 2018 21:08:54 +0100
2066+
2067+qemu (1:2.11+dfsg-1ubuntu2) bionic; urgency=medium
2068+
2069+ * d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
2070+ - among other fixes this adds code to:
2071+ - mitigate the Spectre/Meltdown attacks (LP: #1744882) (CVE-2017-5715)
2072+ However, enabling this functionality requires additional configuration
2073+ beyond just updating QEMU. Also migrations need special consideration.
2074+ Details about that can be found at:
2075+ https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
2076+ - Power9 allocation of max 8 threads per core (LP: #1750526)
2077+ * Drop changes that are part of the upstream stable release
2078+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
2079+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
2080+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
2081+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
2082+ * d/p/ubuntu/define-ubuntu-machine-types.patch: refresh to match stable update
2083+ * d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: unify to only change the
2084+ common compat.h header and add some extra info in the patch header.
2085+
2086+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Feb 2018 11:03:11 +0100
2087+
2088+qemu (1:2.11+dfsg-1ubuntu1) bionic; urgency=medium
2089+
2090+ * Merge with Debian testing, among other fixes this includes
2091+ - fix fatal error on negative maxcpus (LP: #1722495)
2092+ - fix segfault on dump-guest-memory on guests without memory (LP: #1723381)
2093+ - linux user threading issues (LP: #1350435)
2094+ - TOD-Clock Epoch Extension Support on s390x (LP: #1732691)
2095+ Remaining changes:
2096+ - qemu-kvm to systemd unit
2097+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2098+ hugepages and architecture specifics
2099+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2100+ - d/qemu-system-common.install: install systemd unit and helper script
2101+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2102+ - d/qemu-system-common.qemu-kvm.default: defaults for
2103+ /etc/default/qemu-kvm
2104+ - d/rules: install /etc/default/qemu-kvm
2105+ - Enable nesting by default
2106+ - set nested=1 module option on intel. (is default on amd)
2107+ - re-load kvm_intel.ko if it was loaded without nested=1
2108+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2109+ in qemu64 cpu type.
2110+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2111+ in qemu64 on amd
2112+ - libvirt/qemu user/group support
2113+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2114+ trigger.
2115+ - qemu-system-common.preinst: add kvm group if needed
2116+ - Distribution specific machine type
2117+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2118+ types to ease future live vm migration.
2119+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2120+ - improved dependencies
2121+ - Make qemu-system-common depend on qemu-block-extra
2122+ - Make qemu-utils depend on qemu-block-extra
2123+ - let qemu-utils recommend sharutils
2124+ - s390x support
2125+ - Create qemu-system-s390x package
2126+ - Include s390-ccw.img firmware
2127+ - Enable numa support for s390x
2128+ - ppc64[le] support
2129+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2130+ - arch aware kvm wrappers
2131+ * Added Changes
2132+ - update VCS-git to match the bionic branch
2133+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
2134+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
2135+ so we revert related changes to stick with the proven for now:
2136+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
2137+ depends on it)
2138+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
2139+ - d/qemu-system-x86.README.Debian: document intention of nested being
2140+ default is comfort, not full support
2141+ - update Ubuntu machine types for qemu 2.11
2142+ - qemu-guest-agent: freeze-hook fixes (LP: #1484990)
2143+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
2144+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
2145+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
2146+ - Create and install pxe netboot images for KVM s390x (LP: #1732094)
2147+ - d/rules enable install s390x-netboot.img
2148+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
2149+ - d/control-in: enable RDMA support in qemu (LP: #1692476)
2150+ - on s390x provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1743560)
2151+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
2152+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
2153+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
2154+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
2155+ - tolerate ipxe size change on migrations to >=18.04 (LP: #1713490)
2156+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
2157+ reference 256k path
2158+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
2159+ handle incoming migrations from former releases.
2160+ - d/control-in: enable seccomp on s390x
2161+ * Dropped changes (no more needed):
2162+ - Dropped VHOST_NET_ENABLED and KVM_HUGEPAGES from /etc/default/qemu-kvm
2163+ The functionality is retained for upgraders, but is deprecated.
2164+ Post 18.04 the implementation for these configurations will be removed.
2165+ * Dropped changes (in Debian now):
2166+ - ppc64[le] support
2167+ - Enable seccomp for ppc64el
2168+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2169+ - disable missing x32 architecture
2170+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2171+ - d/qemu-system-common.docs: new paths since (ac06724a)
2172+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2173+ by qapi-schema.json which is already packaged (since 4d8bb958)
2174+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2175+ to Debian patch to match qemu 2.10)
2176+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2177+ since 8508eee7
2178+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2179+ - make nios2/hppa not installed explicitly until further stablized
2180+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2181+ qemu-ga-ref
2182+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2183+ along the qapi intro
2184+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2185+ dh_missing that are already provided in other formats qemu-doc,
2186+ qemu-qmp-ref,qemu-ga-ref
2187+ * Dropped changes (integrated upstream):
2188+ - d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
2189+ on arm64 when doing suspend/resume and reboots due to older kernels not
2190+ supporting ITS (LP 1731051).
2191+ - Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
2192+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
2193+ calls (LP 1726394)
2194+ - update to upstream 2.10.1 point release (LP 1722808)
2195+
2196+
2197+
2198+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Jan 2018 14:35:18 +0100
2199+
2200 qemu (1:2.11+dfsg-1) unstable; urgency=medium
2201
2202 [ Michael Tokarev ]
2203@@ -1093,6 +3187,238 @@ qemu (1:2.10.0-1) unstable; urgency=medium
2204
2205 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 23 Sep 2017 16:47:02 +0300
2206
2207+qemu (1:2.10+dfsg-0ubuntu5) bionic; urgency=medium
2208+
2209+ * d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
2210+ on arm64 when doing suspend/resume and reboots due to older kernels not
2211+ supporting ITS (LP: #1731051).
2212+
2213+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 14 Nov 2017 08:30:29 +0100
2214+
2215+qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium
2216+
2217+ * Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
2218+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
2219+ calls (LP: #1726394)
2220+
2221+ -- Julian Andres Klode <juliank@ubuntu.com> Sat, 04 Nov 2017 00:21:14 +0100
2222+
2223+qemu (1:2.10+dfsg-0ubuntu3) artful; urgency=medium
2224+
2225+ * fix enablement of qemu-kvm service (LP: #1720397)
2226+ - rename d/qemu-kvm.service to d/qemu-system-common.qemu-kvm.service
2227+ - d/rules: add proper enablement debhelper calls
2228+ - d/qemu-system-common.install: install covered by dh_installinit
2229+
2230+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Oct 2017 11:28:39 +0200
2231+
2232+qemu (1:2.10+dfsg-0ubuntu2) artful; urgency=medium
2233+
2234+ * update to upstream 2.10.1 point release (LP: #1722808)
2235+
2236+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Oct 2017 15:33:40 +0200
2237+
2238+qemu (1:2.10+dfsg-0ubuntu1) artful; urgency=medium
2239+
2240+ * Merge with Upstream 2.10.0 to pick up final fixes of the 2.10 release
2241+ Remaining changes:
2242+ - qemu-kvm to systemd unit
2243+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2244+ hugepages and architecture specifics
2245+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2246+ - d/qemu-system-common.install: install systemd unit and helper script
2247+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2248+ - d/qemu-system-common.qemu-kvm.default: defaults for
2249+ /etc/default/qemu-kvm
2250+ - d/rules: install /etc/default/qemu-kvm
2251+ - Enable nesting by default
2252+ - set nested=1 module option on intel. (is default on amd)
2253+ - re-load kvm_intel.ko if it was loaded without nested=1
2254+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2255+ in qemu64 cpu type.
2256+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2257+ in qemu64 on amd
2258+ - libvirt/qemu user/group support
2259+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2260+ trigger.
2261+ - qemu-system-common.preinst: add kvm group if needed
2262+ - Distribution specific machine type
2263+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2264+ types to ease future live vm migration.
2265+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2266+ - improved dependencies
2267+ - Make qemu-system-common depend on qemu-block-extra
2268+ - Make qemu-utils depend on qemu-block-extra
2269+ - let qemu-utils recommend sharutils
2270+ - s390x support
2271+ - Create qemu-system-s390x package
2272+ - Include s390-ccw.img firmware
2273+ - Enable numa support for s390x
2274+ - ppc64[le] support
2275+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2276+ - Enable seccomp for ppc64el
2277+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2278+ - arch aware kvm wrappers
2279+ - update VCS-git to match the Artful branch
2280+ - disable missing x32 architecture
2281+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2282+ - d/qemu-system-common.docs: new paths since (ac06724a)
2283+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2284+ by qapi-schema.json which is already packaged (since 4d8bb958)
2285+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2286+ to Debian patch to match qemu 2.10)
2287+ - s390x package now builds correctly on all architectures (LP 1710695)
2288+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2289+ since 8508eee7
2290+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2291+ - make nios2/hppa not installed explicitly until further stablized
2292+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2293+ qemu-ga-ref
2294+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2295+ along the qapi intro
2296+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2297+ dh_missing that are already provided in other formats qemu-doc,
2298+ qemu-qmp-ref,qemu-ga-ref
2299+
2300+
2301+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Sep 2017 08:31:26 +0200
2302+
2303+qemu (1:2.10~rc4+dfsg-0ubuntu1) artful; urgency=medium
2304+
2305+ * Merge with Upstream 2.10-rc4; This fixes a migration issue (LP: #1711602);
2306+ Remaining changes:
2307+ - qemu-kvm to systemd unit
2308+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2309+ hugepages and architecture specifics
2310+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2311+ - d/qemu-system-common.install: install systemd unit and helper script
2312+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2313+ - d/qemu-system-common.qemu-kvm.default: defaults for
2314+ /etc/default/qemu-kvm
2315+ - d/rules: install /etc/default/qemu-kvm
2316+ - Enable nesting by default
2317+ - set nested=1 module option on intel. (is default on amd)
2318+ - re-load kvm_intel.ko if it was loaded without nested=1
2319+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2320+ in qemu64 cpu type.
2321+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2322+ in qemu64 on amd
2323+ - libvirt/qemu user/group support
2324+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2325+ trigger.
2326+ - qemu-system-common.preinst: add kvm group if needed
2327+ - Distribution specific machine type
2328+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2329+ types to ease future live vm migration.
2330+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2331+ - improved dependencies
2332+ - Make qemu-system-common depend on qemu-block-extra
2333+ - Make qemu-utils depend on qemu-block-extra
2334+ - let qemu-utils recommend sharutils
2335+ - s390x support
2336+ - Create qemu-system-s390x package
2337+ - Include s390-ccw.img firmware
2338+ - Enable numa support for s390x
2339+ - ppc64[le] support
2340+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2341+ - Enable seccomp for ppc64el
2342+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2343+ - arch aware kvm wrappers
2344+ - update VCS-git to match the Artful branch
2345+ - disable missing x32 architecture
2346+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2347+ - d/qemu-system-common.docs: new paths since (ac06724a)
2348+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2349+ by qapi-schema.json which is already packaged (since 4d8bb958)
2350+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2351+ to Debian patch to match qemu 2.10)
2352+ - s390x package now builds correctly on all architectures (LP 1710695)
2353+ * Added changes:
2354+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2355+ since 8508eee7
2356+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2357+ - make nios2/hppa not installed explicitly until further stablized
2358+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2359+ qemu-ga-ref
2360+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2361+ along the qapi intro
2362+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2363+ dh_missing that are already provided in other formats qemu-doc,
2364+ qemu-qmp-ref,qemu-ga-ref
2365+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update to match new
2366+ changes in 2.10-rc4
2367+
2368+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 25 Aug 2017 07:49:30 +0200
2369+
2370+qemu (1:2.10~rc3+dfsg-0ubuntu1) artful; urgency=medium
2371+
2372+ * Merge with Debian unstable (2.8) and Upstream 2.10-rci3; This fixes
2373+ a set of bugs
2374+ - [FFE] Qemu 2.10 in Artful (LP: #1699968)
2375+ - CPU hot unplug fails after migrating a CPU hotplugged guest
2376+ from source (LP: #1677552)
2377+ - [Feature] KNL/KNM: Numa Distance on KVM(LP: #1647902)
2378+ - New KVM 288 Pass Through (LP: #1672447)
2379+ - aarch64: MSI is not supported by interrupt controller (LP: #1706630)
2380+ * Remaining changes:
2381+ - qemu-kvm to systemd unit
2382+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2383+ hugepages and architecture specifics
2384+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2385+ - d/qemu-system-common.install: install systemd unit and helper script
2386+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2387+ - d/qemu-system-common.qemu-kvm.default: defaults for
2388+ /etc/default/qemu-kvm
2389+ - d/rules: install /etc/default/qemu-kvm
2390+ - Enable nesting by default
2391+ - set nested=1 module option on intel. (is default on amd)
2392+ - re-load kvm_intel.ko if it was loaded without nested=1
2393+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2394+ in qemu64 cpu type.
2395+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2396+ in qemu64 on amd
2397+ - libvirt/qemu user/group support
2398+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2399+ trigger.
2400+ - qemu-system-common.preinst: add kvm group if needed
2401+ - Distribution specific machine type
2402+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2403+ types to ease future live vm migration.
2404+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2405+ - improved dependencies
2406+ - Make qemu-system-common depend on qemu-block-extra
2407+ - Make qemu-utils depend on qemu-block-extra
2408+ - let qemu-utils recommend sharutils
2409+ - s390x support
2410+ - Create qemu-system-s390x package
2411+ - Include s390-ccw.img firmware
2412+ - Enable numa support for s390x
2413+ - ppc64[le] support
2414+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2415+ - Enable seccomp for ppc64el
2416+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2417+ - arch aware kvm wrappers
2418+ - disable missing x32 architecture
2419+ - update VCS links
2420+ * Added changes
2421+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2422+ - d/qemu-system-common.docs: new paths since (ac06724a)
2423+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2424+ by qapi-schema.json which is already packaged (since 4d8bb958)
2425+ - Updates in debian/patches to match qemu 2.10
2426+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream
2427+ - d/p/ubuntu/enable-svm-by-default.patch: target-i386 -> target/i386
2428+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: target-i386 -> target/i386
2429+ - d/p/ubuntu/define-ubuntu-machine-types.patch: new 2.10 ubuntu types
2430+ - update VCS-git to match the Artful branch
2431+ - s390x package now builds correctly on all architectures (LP: #1710695)
2432+ * Dropped changes (integrated upstream):
2433+ - d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
2434+ "spapr/pci: populate PCI DT in reverse order" (LP 1670481).
2435+ - All CVE fixes formerly applied are upstream and thereby dropped.
2436+
2437+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Aug 2017 16:59:19 +0200
2438+
2439 qemu (1:2.8+dfsg-7) unstable; urgency=medium
2440
2441 * uploading to unstable all fixes which went to stretch-security
2442@@ -1202,6 +3528,179 @@ qemu (1:2.8+dfsg-4) unstable; urgency=high
2443
2444 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 03 Apr 2017 16:28:49 +0300
2445
2446+qemu (1:2.8+dfsg-3ubuntu4) artful; urgency=medium
2447+
2448+ * debian/rules: fix installation of /etc/default/qemu-kvm (LP: #1692530)
2449+ This was inadvertently dropped on 2.8 merge.
2450+
2451+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 May 2017 15:45:58 +0200
2452+
2453+qemu (1:2.8+dfsg-3ubuntu3) artful; urgency=medium
2454+
2455+ * SECURITY UPDATE: denial of service via leak in virtFS
2456+ - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in
2457+ hw/9pfs/9p.c.
2458+ - CVE-2017-7377
2459+ * SECURITY UPDATE: denial of service in cirrus_vga
2460+ - debian/patches/CVE-2017-7718.patch: check parameters in
2461+ hw/display/cirrus_vga_rop.h.
2462+ - CVE-2017-7718
2463+ * SECURITY UPDATE: code execution via cirrus_vga OOB r/w
2464+ - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in
2465+ hw/display/cirrus_vga.c.
2466+ - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in
2467+ hw/display/cirrus_vga.c.
2468+ - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling
2469+ in hw/display/cirrus_vga.c.
2470+ - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in
2471+ hw/display/cirrus_vga.c.
2472+ - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch
2473+ in hw/display/cirrus_vga.c.
2474+ - debian/patches/CVE-2017-7980-6.patch: stop passing around dst
2475+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
2476+ hw/display/cirrus_vga_rop2.h.
2477+ - debian/patches/CVE-2017-7980-7.patch: stop passing around src
2478+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
2479+ hw/display/cirrus_vga_rop2.h.
2480+ - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in
2481+ hw/display/cirrus_vga_rop.h.
2482+ - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in
2483+ hw/display/cirrus_vga.c.
2484+ - CVE-2017-7980
2485+ * SECURITY UPDATE: denial of service via memory leak in virtFS
2486+ - debian/patches/CVE-2017-8086.patch: fix leak in hw/9pfs/9p-xattr.c.
2487+ - CVE-2017-8086
2488+ * SECURITY UPDATE: denial of service via leak in audio
2489+ - debian/patches/CVE-2017-8309.patch: release capture buffers in
2490+ audio/audio.c.
2491+ - CVE-2017-8309
2492+ * SECURITY UPDATE: denial of service via leak in keyboard
2493+ - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in
2494+ ui/input.c.
2495+ - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in
2496+ ui/input.c.
2497+ - CVE-2017-8379
2498+
2499+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 18 May 2017 09:20:54 -0400
2500+
2501+qemu (1:2.8+dfsg-3ubuntu2.1) zesty-security; urgency=medium
2502+
2503+ * SECURITY UPDATE: DoS in virtio GPU device
2504+ - debian/patches/CVE-2016-10028.patch: check virgl capabilities
2505+ max_size in hw/display/virtio-gpu-3d.c.
2506+ - CVE-2016-10028
2507+ * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation
2508+ - debian/patches/CVE-2016-8667.patch: limit interval timer reload value
2509+ in hw/dma/rc4030.c.
2510+ - CVE-2016-8667
2511+ * SECURITY UPDATE: host filesystem access via virtFS
2512+ - debian/patches/CVE-2016-9602.patch: don't follow symlinks in
2513+ hw/9pfs/*.
2514+ - CVE-2016-9602
2515+ * SECURITY UPDATE: arbitrary code execution via Cirrus VGA
2516+ - debian/patches/CVE-2016-9603.patch: remove bitblit support from
2517+ console code in hw/display/cirrus_vga.c, include/ui/console.h,
2518+ ui/console.c, ui/vnc.c.
2519+ - CVE-2016-9603
2520+ * SECURITY UPDATE: information leak in virtio GPU device
2521+ - debian/patches/CVE-2016-9908.patch: properly clear out memory in
2522+ hw/display/virtio-gpu-3d.c.
2523+ - CVE-2016-9908
2524+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2525+ - debian/patches/CVE-2016-9912.patch: properly free memory in
2526+ hw/display/virtio-gpu.c.
2527+ - CVE-2016-9912
2528+ * SECURITY UPDATE: DoS via virtFS
2529+ - debian/patches/CVE-2016-9914.patch: add cleanup operations to
2530+ fsdev/file-op-9p.h, hw/9pfs/9p.c.
2531+ - CVE-2016-9914
2532+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2533+ - debian/patches/CVE-2017-5552.patch: check return value in
2534+ hw/display/virtio-gpu-3d.c.
2535+ - CVE-2017-5552
2536+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
2537+ - debian/patches/CVE-2017-5578.patch: check res->iov in
2538+ hw/display/virtio-gpu.c.
2539+ - CVE-2017-5578
2540+ * SECURITY UPDATE: DoS via infinite loop in SDHCI device emulation
2541+ - debian/patches/CVE-2017-5987-*.patch: fix transfer mode register
2542+ handling in hw/sd/sdhci.c.
2543+ - CVE-2017-5987
2544+ * SECURITY UPDATE: DoS via infinite loop in USB OHCI emulation
2545+ - debian/patches/CVE-2017-6505.patch: limit the number of link eds in
2546+ hw/usb/hcd-ohci.c.
2547+ - CVE-2017-6505
2548+
2549+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 24 Apr 2017 07:30:11 -0400
2550+
2551+qemu (1:2.8+dfsg-3ubuntu2) zesty; urgency=medium
2552+
2553+ * d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
2554+ "spapr/pci: populate PCI DT in reverse order" (LP: #1670481).
2555+
2556+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2017 09:23:08 +0100
2557+
2558+qemu (1:2.8+dfsg-3ubuntu1) zesty; urgency=medium
2559+
2560+ * Merge with Debian;
2561+ This fixes several CVEs that were reported against qemu 2.8 and also
2562+ includes a few important functional backports (LP: #1667033); remaining
2563+ changes:
2564+ - add qemu-kvm init script and defaults file
2565+ (d/qemu-system-common.qemu-kvm.*)
2566+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
2567+ modules and handling /etc/default/qemu-kvm
2568+ - qemu-system-common.preinst: add kvm group if needed
2569+ - Enable nesting by default on intel.
2570+ - set default module option
2571+ - re-load kvm_intel.ko if it was loaded without nested=1
2572+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
2573+ default in qemu64 cpu type.
2574+ - Enable svm by default for qemu64 on amd
2575+ - d/p/ubuntu/define-ubuntu-machine-types.patch, d/qemu-system-x86.NEWS:
2576+ define distro machine types to ease future live vm migration (includes
2577+ all former follow up fixes).
2578+ - Make qemu-system-common depend on qemu-block-extra
2579+ - Make qemu-utils depend on qemu-block-extra
2580+ - s390x support
2581+ - Create qemu-system-s390x package
2582+ - Include s390-ccw.img firmware
2583+ - qemu-system-common.postinst:
2584+ - change acl placed by udev, and add udevadm trigger.
2585+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
2586+ - Several changes were applied but missing in the changelog so far
2587+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2588+ - arch aware kvm wrapper
2589+ - update VCS links
2590+ - let qemu-utils recommend sharutils
2591+ - disable x32 architecture
2592+ - Enable seccomp for ppc64el
2593+ - Enable numa support for s390x
2594+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
2595+ init.d-script-missing-dependency-on-remote_fs
2596+ - d/qemu-system-common.postinst: fix lintian error type
2597+ command-with-path-in-maintainer-script
2598+ - Transition qemu-kvm to a systemd unit
2599+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
2600+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
2601+ that it shows up where the user expects (sytemctl status, kvm stdout)
2602+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
2603+ - add arch aware kvm wrapper for s390x
2604+ * Dropped Changes (in Debian now):
2605+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
2606+ - d/control-in: change dependencies for fix of wrong acl for newly
2607+ created device node on ubuntu
2608+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
2609+ relationship, but qemu-efi is still in universe right now.
2610+ - Disable glusterfs (Universe dependency)
2611+ - no more skip disable libiscsi on Ubuntu
2612+ - d/rules, d/control-in: avoid people editing d/control
2613+ * Added Changes:
2614+ - d/control: bump libseccomp-dev dependency as enabling libseccomp for
2615+ power makes 2.3 the minimum level.
2616+
2617+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 01 Mar 2017 14:23:16 +0100
2618+
2619 qemu (1:2.8+dfsg-3) unstable; urgency=high
2620
2621 * urgency high due to security fixes
2622@@ -1262,6 +3761,90 @@ qemu (1:2.8+dfsg-3) unstable; urgency=high
2623
2624 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 28 Feb 2017 11:40:18 +0300
2625
2626+qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=medium
2627+
2628+ * Merge with Debian; remaining changes:
2629+ - add qemu-kvm init script and defaults file
2630+ (d/qemu-system-common.qemu-kvm.*)
2631+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
2632+ modules and handling /etc/default/qemu-kvm
2633+ - qemu-system-common.preinst: add kvm group if needed
2634+ - Enable nesting by default on intel.
2635+ - set default module option
2636+ - re-load kvm_intel.ko if it was loaded without nested=1
2637+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
2638+ default in qemu64 cpu type.
2639+ - Enable svm by default for qemu64 on amd
2640+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2641+ types to ease future live vm migration.
2642+ - Make qemu-system-common depend on qemu-block-extra
2643+ - Make qemu-utils depend on qemu-block-extra
2644+ - s390x support
2645+ - Create qemu-system-s390x package
2646+ - Include s390-ccw.img firmware
2647+ - qemu-system-common.postinst:
2648+ - change acl placed by udev, and add udevadm trigger.
2649+ - d/control-in: change dependencies for fix of wrong acl for newly
2650+ created device node on ubuntu
2651+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
2652+ relationship, but qemu-efi is still in universe right now.
2653+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
2654+ - Several changes were applied but missing in the changelog so far
2655+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2656+ - arch aware kvm wrapper
2657+ - update VCS links
2658+ - no more skip disable libiscsi on Ubuntu
2659+ - let qemu-utils recommend sharutils
2660+ - disable x32 architecture
2661+ * Dropped Changes:
2662+ - Several changes were applied but missing in the changelog so far
2663+ but are no more needed
2664+ - no pie for relocatable LD calls, with toolchain defaulting to
2665+ pie (fixed upstream)
2666+ - enable libnuma-dev (now in Debian)
2667+ - transition for moved init scripts (can be dropped after LTS
2668+ containing >=2.5 which is Xenial)
2669+ - --enable-seccomp related whitespace change (had no effect)
2670+ - apport hook for qemu source package (In Debian)
2671+ - add upstart script (d/qemu-system-common.qemu-kvm.upstart)
2672+ - d/qemu-system-x86.maintscript: transition off of
2673+ /etc/init.d/qemu-system-x86 (can be dropped after Xenial)
2674+ - Enable pie by default, on ubuntu/s390x. (Is the default since
2675+ >=Xenial, no cloud archive backport <=Xenial to consider)
2676+ - no pie for relocatable LD calls (fixed upstream in commit
2677+ 7ecf44a5)
2678+ - CVEs: CVE-2016-5403, CVE-2016-6351, CVE-2016-6490 (now Upstream)
2679+ - Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
2680+ (Improved fix included by upstream)
2681+ - Enable GPU Passthru for ppc64le (is upstream in qemu 2.7)
2682+ - Fixed wrong migration blocker when vhost is used (is upstream in
2683+ qemu 2.8)
2684+ * Added Changes:
2685+ - d/rules, d/control-in: avoid people editing d/control by warning
2686+ header and non writable permissions
2687+ - fixed moving trusty machine type definition which made it
2688+ ambiguous (LP: #1641532)
2689+ - d/qemu-system-x86.NEWS describe the issue
2690+ - Enable seccomp for ppc64el (LP: #1644639)
2691+ - Enable numa support for s390x
2692+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
2693+ init.d-script-missing-dependency-on-remote_fs
2694+ - d/qemu-system-common.postinst: fix lintian error type
2695+ command-with-path-in-maintainer-script
2696+ - Transition qemu-kvm to a systemd unit
2697+ - Disable glusterfs (Universe dependency)
2698+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
2699+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
2700+ that it shows up where the user expects (sytemctl status, kvm stdout)
2701+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
2702+ - add arch aware kvm wrapper for s390x
2703+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
2704+ - Enable DDW in Yakkety machine type because "Enable GPU Passthru for
2705+ ppc64le" was released as part of qemu 2.6 (can be dropped at 18.10,
2706+ merged in d/p/ubuntu/define-ubuntu-machine-types.patch)
2707+
2708+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Jan 2017 16:27:11 +0100
2709+
2710 qemu (1:2.8+dfsg-2) unstable; urgency=medium
2711
2712 * Revert "update binfmt registration for mipsn32"
2713@@ -1380,6 +3963,67 @@ qemu (1:2.7+dfsg-1) unstable; urgency=medium
2714
2715 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 14 Oct 2016 13:31:40 +0300
2716
2717+qemu (1:2.6.1+dfsg-0ubuntu5) yakkety; urgency=medium
2718+
2719+ * No-change rebuild to compile against new libxen version.
2720+
2721+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 30 Sep 2016 14:24:37 +0200
2722+
2723+qemu (1:2.6.1+dfsg-0ubuntu4) yakkety; urgency=medium
2724+
2725+ * retain older xenial machine type to avoid issues starting guests
2726+ created on xenial prior to the SRU for bug 1621042. In that regard the old
2727+ broken xenial machine type and the new fixed one have both to be considered
2728+ as valid LTS machine types (LP: #1626070).
2729+
2730+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Sep 2016 14:57:09 +0200
2731+
2732+qemu (1:2.6.1+dfsg-0ubuntu3) yakkety; urgency=medium
2733+
2734+ * fix default ubuntu machine types. (LP: #1621042)
2735+ - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch
2736+ - remove double default and double ubuntu alias
2737+ - drop former devel releases utopic, vivid, wily
2738+ - add xenial and yakkety machine types
2739+ - add q35 based ubuntu machine type starting at xenial
2740+ - add ubuntu machine types on ppc64el and s390x starting at xenial
2741+
2742+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2016 07:50:50 +0200
2743+
2744+qemu (1:2.6.1+dfsg-0ubuntu2) yakkety; urgency=medium
2745+
2746+ * Enable GPU Passthru for ppc64le (LP: #1541902)
2747+ - 0001-spapr-ensure-device-trees-are-always-associated-with.patch
2748+ - 0002-spapr_pci-Use-correct-DMA-LIOBN-when-composing-the-d.patch
2749+ - 0003-spapr_iommu-Finish-renaming-vfio_accel-to-need_vfio.patch
2750+ - 0004-spapr_iommu-Move-table-allocation-to-helpers.patch
2751+ - 0005-vmstate-Define-VARRAY-with-VMS_ALLOC.patch
2752+ - 0006-spapr_iommu-Introduce-enabled-state-for-TCE-table.patch
2753+ - 0007-spapr_iommu-Migrate-full-state.patch
2754+ - 0008-spapr_iommu-Add-root-memory-region.patch
2755+ - 0009-spapr_pci-Reset-DMA-config-on-PHB-reset.patch
2756+ - 0010-spapr_pci-Add-and-export-DMA-resetting-helper.patch
2757+ - 0011-memory-Add-reporting-of-supported-page-sizes.patch
2758+ - 0012-memory-Add-MemoryRegionIOMMUOps.notify_started-stopp.patch
2759+ - 0013-intel_iommu-Throw-hw_error-on-notify_started.patch
2760+ - 0014-spapr_iommu-Realloc-guest-visible-TCE-table-when-sta.patch
2761+ - 0015-vfio-spapr-Add-DMA-memory-preregistering-SPAPR-IOMMU.patch
2762+ - 0016-vfio-Add-host-side-DMA-window-capabilities.patch
2763+ - 0017-vfio-spapr-Create-DMA-window-dynamically-SPAPR-IOMMU.patch
2764+ - 0018-spapr_pci-spapr_pci_vfio-Support-Dynamic-DMA-Windows.patch
2765+ - 0019-vfio-spapr-Remove-stale-ioctl-call.patch
2766+ - 0020-spapr-Fix-undefined-behaviour-in-spapr_tce_reset.patch
2767+ - 0021-memory-Fix-IOMMU-replay-base-address.patch
2768+
2769+ -- Jon Grimm <jon.grimm@canonical.com> Fri, 16 Sep 2016 14:14:47 -0500
2770+
2771+qemu (1:2.6.1+dfsg-0ubuntu1) yakkety; urgency=medium
2772+
2773+ * New upstream release. LP: #1617055.
2774+ * Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
2775+
2776+ -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 09 Sep 2016 23:33:57 +0100
2777+
2778 qemu (1:2.6+dfsg-3.1) unstable; urgency=high
2779
2780 * Non-maintainer upload.
2781@@ -1413,6 +4057,55 @@ qemu (1:2.6+dfsg-3.1) unstable; urgency=high
2782
2783 -- Andrew James <ajames@hpe.com> Wed, 14 Sep 2016 00:56:18 -0600
2784
2785+qemu (1:2.6+dfsg-3ubuntu2) yakkety; urgency=medium
2786+
2787+ * SECURITY UPDATE: DoS via unbounded memory allocation
2788+ - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c.
2789+ - CVE-2016-5403
2790+ * SECURITY UPDATE: oob write access while reading ESP command
2791+ - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for
2792+ maximum CDB size and handle migration in hw/scsi/esp.c,
2793+ include/hw/scsi/esp.h, include/migration/vmstate.h.
2794+ - CVE-2016-6351
2795+ * SECURITY UPDATE: infinite loop in virtqueue_pop
2796+ - debian/patches/CVE-2016-6490.patch: check vring descriptor buffer
2797+ length in hw/virtio/virtio.c.
2798+ - CVE-2016-6490
2799+
2800+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 03 Aug 2016 08:36:16 -0400
2801+
2802+qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium
2803+
2804+ * Merge with Debian; remaining changes:
2805+ - debian/rules: do not drop the init scripts loading kvm modules
2806+ (still needed in precise in cloud archive)
2807+ - qemu-system-common.postinst:
2808+ * remove acl placed by udev, and add udevadm trigger.
2809+ * reload kvm_intel if needed to set nested=1
2810+ - qemu-system-common.preinst: add kvm group if needed
2811+ - add qemu-kvm upstart job and defaults file (rules,
2812+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2813+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2814+ do not auto-load the kvm kernel module. Enable nesting by default
2815+ on intel.
2816+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2817+ in qemu64 cpu type.
2818+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2819+ types to ease future live vm migration.
2820+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2821+ d/qemu-system-common.install
2822+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2823+ to fix errors with missing block backends.
2824+ - s390x:
2825+ * Create qemu-system-s390x package
2826+ * Enable pie by default, on ubuntu/s390x.
2827+ * Enable svm by default for qemu64 on amd
2828+ * Include s390-ccw.img firmware
2829+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2830+ relationship, but qemu-efi is still in universe right now.
2831+
2832+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Jun 2016 16:49:49 -0500
2833+
2834 qemu (1:2.6+dfsg-3) unstable; urgency=high
2835
2836 * more security fixes picked from upstream:
2837@@ -1466,6 +4159,39 @@ qemu (1:2.6+dfsg-2) unstable; urgency=medium
2838
2839 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 13 Jun 2016 12:10:44 +0300
2840
2841+qemu (1:2.6+dfsg-1ubuntu1) yakkety; urgency=medium
2842+
2843+ * Merge with Debian; remaining changes: (LP: #1583775)
2844+ - debian/rules: do not drop the init scripts loading kvm modules
2845+ (still needed in precise in cloud archive)
2846+ - qemu-system-common.postinst:
2847+ * remove acl placed by udev, and add udevadm trigger.
2848+ * reload kvm_intel if needed to set nested=1
2849+ - qemu-system-common.preinst: add kvm group if needed
2850+ - add qemu-kvm upstart job and defaults file (rules,
2851+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2852+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2853+ do not auto-load the kvm kernel module. Enable nesting by default
2854+ on intel.
2855+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2856+ in qemu64 cpu type.
2857+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2858+ types to ease future live vm migration.
2859+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2860+ d/qemu-system-common.install
2861+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2862+ to fix errors with missing block backends. (LP: #1495895)
2863+ - s390x:
2864+ * Create qemu-system-s390x package
2865+ * Enable pie by default, on ubuntu/s390x.
2866+ * Enable svm by default for qemu64 on amd
2867+ * Include s390-ccw.img firmware
2868+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2869+ relationship, but qemu-efi is still in universe right now.
2870+ * Drop patches which have been applied upstream:
2871+
2872+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 19 May 2016 12:11:36 -0500
2873+
2874 qemu (1:2.6+dfsg-1) unstable; urgency=medium
2875
2876 * new upstream release
2877@@ -1503,6 +4229,106 @@ qemu (1:2.6+dfsg-1) unstable; urgency=medium
2878
2879 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 18 May 2016 14:44:14 +0300
2880
2881+qemu (1:2.5+dfsg-5ubuntu12) yakkety; urgency=medium
2882+
2883+ * Cherrypick upstream patches to support the query-gic-version QMP command
2884+ (LP: #1566564)
2885+
2886+ -- dann frazier <dannf@ubuntu.com> Tue, 05 Apr 2016 16:56:11 -0600
2887+
2888+qemu (1:2.5+dfsg-5ubuntu11) yakkety; urgency=medium
2889+
2890+ [Stefan Bader]
2891+ * Enable svm by default for qemu64 on amd (LP: #1561019)
2892+
2893+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Apr 2016 16:53:55 -0500
2894+
2895+qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium
2896+
2897+ * qemu-system-s390x only available on s390x, so qemu-system should only
2898+ depend on it on this arch.
2899+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
2900+ relationship, but qemu-efi is still in universe right now.
2901+
2902+ -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 19 Apr 2016 13:41:37 -0700
2903+
2904+qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium
2905+
2906+ * And actually ship the right things in qemu-system-s390x.
2907+
2908+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 19 Apr 2016 16:49:00 +0100
2909+
2910+qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium
2911+
2912+ * Create qemu-system-s390x package on ubuntu only.
2913+
2914+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 18 Apr 2016 10:16:19 +0100
2915+
2916+qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium
2917+
2918+ * Cherrypick patch from mailing list to fix qemu in sandbox. (LP: #1560149)
2919+
2920+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Apr 2016 15:13:06 -0500
2921+
2922+qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium
2923+
2924+ * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch
2925+ (LP: #1556306)
2926+
2927+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 16 Mar 2016 16:35:22 -0700
2928+
2929+qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium
2930+
2931+ * Cherrypick upstream patch to fix snapshot regression (LP: #1533728)
2932+
2933+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 07 Mar 2016 18:53:34 -0800
2934+
2935+qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium
2936+
2937+ * d/control{-in}: Re-generate and build with libiscsi-dev now
2938+ that its in Ubuntu main (LP: #1271653).
2939+
2940+ -- James Page <james.page@ubuntu.com> Wed, 24 Feb 2016 17:59:13 +0000
2941+
2942+qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium
2943+
2944+ * Make -no-pie conditional, on $(CC) supporting -no-pie flag.
2945+
2946+ -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 24 Feb 2016 14:40:19 +0000
2947+
2948+qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium
2949+
2950+ * No-change rebuild for gnutls transition.
2951+
2952+ -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:27:20 +0000
2953+
2954+qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium
2955+
2956+ * Merge with Debian; remaining changes:
2957+ - debian/rules: do not drop the init scripts loading kvm modules
2958+ (still needed in precise in cloud archive)
2959+ - qemu-system-common.postinst:
2960+ * remove acl placed by udev, and add udevadm trigger.
2961+ * reload kvm_intel if needed to set nested=1
2962+ - qemu-system-common.preinst: add kvm group if needed
2963+ - add qemu-kvm upstart job and defaults file (rules,
2964+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
2965+ - rules,qemu-system-x86.modprobe: support use under older udevs which
2966+ do not auto-load the kvm kernel module. Enable nesting by default
2967+ on intel.
2968+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
2969+ in qemu64 cpu type.
2970+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2971+ types to ease future live vm migration.
2972+ - apport hook for qemu source package: d/source_qemu-kvm.py,
2973+ d/qemu-system-common.install
2974+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
2975+ to fix errors with missing block backends. (LP: #1495895)
2976+ - Enable pie by default, on ubuntu/s390x.
2977+ - Include s390-ccw.img firmware.
2978+
2979+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Feb 2016 10:24:49 -0800
2980+
2981 qemu (1:2.5+dfsg-5) unstable; urgency=medium
2982
2983 * fix misspellings in previous debian/changelog entry
2984@@ -1560,6 +4386,113 @@ qemu (1:2.5+dfsg-2) unstable; urgency=high
2985
2986 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 09 Jan 2016 21:40:43 +0300
2987
2988+qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium
2989+
2990+ * SECURITY UPDATE: paravirtualized drivers incautious about shared memory
2991+ contents
2992+ - debian/patches/CVE-2015-8550-1.patch: avoid double access in
2993+ hw/block/xen_blkif.h.
2994+ - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in
2995+ hw/display/xenfb.c.
2996+ - CVE-2015-8550
2997+ * SECURITY UPDATE: infinite loop in ehci_advance_state
2998+ - debian/patches/CVE-2015-8558.patch: make idt processing more robust
2999+ in hw/usb/hcd-ehci.c.
3000+ - CVE-2015-8558
3001+ * SECURITY UPDATE: host memory leakage in vmxnet3
3002+ - debian/patches/CVE-2015-856x.patch: avoid memory leakage in
3003+ hw/net/vmxnet3.c.
3004+ - CVE-2015-8567
3005+ - CVE-2015-8568
3006+ * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info
3007+ - debian/patches/CVE-2015-8613.patch: initialise info object with
3008+ appropriate size in hw/scsi/megasas.c.
3009+ - CVE-2015-8613
3010+ * SECURITY UPDATE: DoS via Human Monitor Interface
3011+ - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write
3012+ in hmp.c, include/ui/console.h, ui/input-legacy.c.
3013+ - CVE-2015-8619
3014+ * SECURITY UPDATE: incorrect array bounds check in rocker
3015+ - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds
3016+ check in hw/net/rocker/rocker.c.
3017+ - CVE-2015-8701
3018+ * SECURITY UPDATE: ne2000 OOB r/w in ioport operations
3019+ - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport
3020+ operations in hw/net/ne2000.c.
3021+ - CVE-2015-8743
3022+ * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands
3023+ - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on
3024+ error in hw/ide/ahci.c.
3025+ - CVE-2016-1568
3026+ * SECURITY UPDATE: DoS via null pointer dereference in vapic_write()
3027+ - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in
3028+ hw/i386/kvmvapic.c.
3029+ - CVE-2016-1922
3030+ * SECURITY UPDATE: e1000 infinite loop
3031+ - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on
3032+ out-of-bounds transfer start in hw/net/e1000.c
3033+ - CVE-2016-1981
3034+ * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB
3035+ engines
3036+ - debian/patches/CVE-2016-2197.patch: add check before calling
3037+ dma_memory_unmap in hw/ide/ahci.c.
3038+ - CVE-2016-2197
3039+ * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write
3040+ - debian/patches/CVE-2016-2198.patch: add capability mmio write
3041+ function in hw/usb/hcd-ehci.c.
3042+ - CVE-2016-2198
3043+
3044+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 01 Feb 2016 09:39:01 -0500
3045+
3046+qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium
3047+
3048+ * debian/qemu-kvm-init: Call systemd-detect-virt instead of the
3049+ Ubuntu specific running-in-container wrapper. (LP: #1539016)
3050+
3051+ -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 28 Jan 2016 13:24:51 +0100
3052+
3053+qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high
3054+
3055+ * Include s390-ccw.img firmware.
3056+
3057+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 12 Jan 2016 15:53:43 +0000
3058+
3059+qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium
3060+
3061+ * Place qemu-kvm.defaults file in qemu-system-common, next to the init
3062+ scripts. Fix the comparison operator when checking KVM_HUGEPAGES.
3063+ Thanks Simon. (LP: #1531191)
3064+
3065+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 06 Jan 2016 09:45:37 -0800
3066+
3067+qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium
3068+
3069+ * Merge with Debian; remaining changes:
3070+ - debian/rules: do not drop the init scripts loading kvm modules
3071+ (still needed in precise in cloud archive)
3072+ - qemu-system-common.postinst:
3073+ * remove acl placed by udev, and add udevadm trigger.
3074+ * reload kvm_intel if needed to set nested=1
3075+ - qemu-system-common.preinst: add kvm group if needed
3076+ - add qemu-kvm upstart job and defaults file (rules,
3077+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3078+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3079+ do not auto-load the kvm kernel module. Enable nesting by default
3080+ on intel.
3081+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3082+ in qemu64 cpu type.
3083+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3084+ types to ease future live vm migration.
3085+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3086+ d/qemu-system-common.install
3087+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3088+ to fix errors with missing block backends. (LP: #1495895)
3089+ - Enable pie by default, on ubuntu/s390x.
3090+ * Drop vGICv3 support patches - all is now upstream
3091+ * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191)
3092+
3093+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Jan 2016 15:42:50 -0800
3094+
3095 qemu (1:2.5+dfsg-1) unstable; urgency=medium
3096
3097 * new upstream release
3098@@ -1586,6 +4519,49 @@ qemu (1:2.5+dfsg-1) unstable; urgency=medium
3099
3100 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 16 Dec 2015 20:00:04 +0300
3101
3102+qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high
3103+
3104+ * Enable pie by default, on ubuntu/s390x.
3105+
3106+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 07 Dec 2015 16:04:16 +0000
3107+
3108+qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium
3109+
3110+ * undo the libseccomp delta from debian. libseccomp is indeed available
3111+ on other arches, but we need qemu's configure script to be fixed before
3112+ we can use it on anything other than amd64|i386. Fixes FTBFS.
3113+ (LP: #1522531)
3114+
3115+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 03 Dec 2015 12:44:46 -0600
3116+
3117+qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium
3118+
3119+ * Merge with Debian; remaining changes:
3120+ - Update the ubuntu machine types patch to reflect upstream churn
3121+ - debian/rules: do not drop the init scripts loading kvm modules
3122+ (still needed in precise in cloud archive)
3123+ - qemu-system-common.postinst:
3124+ * remove acl placed by udev, and add udevadm trigger.
3125+ * reload kvm_intel if needed to set nested=1
3126+ - qemu-system-common.preinst: add kvm group if needed
3127+ - add qemu-kvm upstart job and defaults file (rules,
3128+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3129+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3130+ do not auto-load the kvm kernel module. Enable nesting by default
3131+ on intel.
3132+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3133+ in qemu64 cpu type.
3134+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3135+ machine type to ease future live vm migration.
3136+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3137+ d/qemu-system-common.install
3138+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3139+ to fix errors with missing block backends. (LP: #1495895)
3140+ - control-in: build with libseccomp an all architectures
3141+ - Add vGICv3 support
3142+
3143+ -- Matthias Klose <doko@ubuntu.com> Wed, 02 Dec 2015 21:31:36 +0100
3144+
3145 qemu (1:2.4+dfsg-5) unstable; urgency=medium
3146
3147 * trace-remove-malloc-tracing.patch from upstream.
3148@@ -1598,6 +4574,57 @@ qemu (1:2.4+dfsg-5) unstable; urgency=medium
3149
3150 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 29 Nov 2015 12:22:52 +0300
3151
3152+qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium
3153+
3154+ * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
3155+ - debian/patches/CVE-2015-7504.patch: leave room for CRC code in
3156+ hw/net/pcnet.c.
3157+ - CVE-2015-7504
3158+ * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
3159+ - debian/patches/CVE-2015-7512.patch: check packet length in
3160+ hw/net/pcnet.c.
3161+ - CVE-2015-7512
3162+ * SECURITY UPDATE: infinite loop in eepro100
3163+ - debian/patches/CVE-2015-8345.patch: prevent endless loop in
3164+ hw/net/eepro100.c.
3165+ - CVE-2015-8345
3166+
3167+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 01 Dec 2015 13:36:40 -0500
3168+
3169+qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium
3170+
3171+ * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition.
3172+
3173+ -- dann frazier <dann.frazier@canonical.com> Tue, 03 Nov 2015 08:05:46 -0700
3174+
3175+qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium
3176+
3177+ * Merge 2.4 from unstable. Remaining changes:
3178+ - Update the ubuntu machine types patch to reflect upstream churn
3179+ - debian/rules: do not drop the init scripts loading kvm modules
3180+ (still needed in precise in cloud archive)
3181+ - qemu-system-common.postinst:
3182+ * remove acl placed by udev, and add udevadm trigger.
3183+ * reload kvm_intel if needed to set nested=1
3184+ - qemu-system-common.preinst: add kvm group if needed
3185+ - add qemu-kvm upstart job and defaults file (rules,
3186+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3187+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3188+ do not auto-load the kvm kernel module. Enable nesting by default
3189+ on intel.
3190+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3191+ in qemu64 cpu type.
3192+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3193+ machine type to ease future live vm migration.
3194+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3195+ d/qemu-system-common.install
3196+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3197+ to fix errors with missing block backends. (LP: #1495895)
3198+ - control-in: build with libseccomp an all architectures.
3199+ * Add vGICv3 support
3200+
3201+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 27 Oct 2015 13:28:58 -0500
3202+
3203 qemu (1:2.4+dfsg-4) unstable; urgency=medium
3204
3205 * applied 3 patches from upstream to fix virtio-net
3206@@ -1612,7 +4639,7 @@ qemu (1:2.4+dfsg-3) unstable; urgency=high
3207 fix for Heap overflow vulnerability in ne2000_receive() function
3208 (Closes: #799074 CVE-2015-5279)
3209 * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch
3210- (Closes: #799073 CVE-2015-5278)
3211+ (Closes: #799073 CVE-2015-5278)
3212 * some binfmt reorg:
3213 - extend aarch64 to include one more byte as other arches do
3214 - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize
3215@@ -1664,6 +4691,137 @@ qemu (1:2.3+dfsg-6) unstable; urgency=high
3216
3217 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 11 Jun 2015 20:03:40 +0300
3218
3219+qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium
3220+
3221+ * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466)
3222+
3223+ -- Ryan Harper <ryan.harper@canonical.com> Wed, 21 Oct 2015 08:59:29 -0500
3224+
3225+qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low
3226+
3227+ * debian/patches/upstream-fix-irq-route-entries.patch
3228+ Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed"
3229+ (LP: #1465935)
3230+
3231+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 09 Oct 2015 15:38:53 +0200
3232+
3233+qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium
3234+
3235+ * Build using libseccomp on all architectures.
3236+
3237+ -- Matthias Klose <doko@ubuntu.com> Sat, 03 Oct 2015 21:12:15 +0200
3238+
3239+qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium
3240+
3241+ * SECURITY UPDATE: denial of service via NE2000 driver
3242+ - debian/patches/CVE-2015-5278.patch: fix infinite loop in
3243+ hw/net/ne2000.c.
3244+ - CVE-2015-5278
3245+ * SECURITY UPDATE: denial of service and possible code execution via
3246+ heap overflow in NE2000 driver
3247+ - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in
3248+ hw/net/ne2000.c.
3249+ - CVE-2015-5279
3250+ * SECURITY UPDATE: denial of service via e1000 infinite loop
3251+ - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c.
3252+ - CVE-2015-6815
3253+ * SECURITY UPDATE: denial of service via illegal ATAPI commands
3254+ - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in
3255+ hw/ide/core.c.
3256+ - CVE-2015-6855
3257+
3258+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 23 Sep 2015 15:05:51 -0400
3259+
3260+qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium
3261+
3262+ * Make qemu-system-common and qemu-utils depend on qemu-block-extra
3263+ to fix errors with missing block backends. (LP: #1495895)
3264+ * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655)
3265+ * Apply fix for memory corruption during live-migration in tcg mode
3266+ (LP: #1493049)
3267+ * Apply tracing patch to remove use of custom vtable in newer glibc
3268+ (LP: #1491972)
3269+
3270+ -- Ryan Harper <ryan.harper@canonical.com> Tue, 15 Sep 2015 09:37:23 -0500
3271+
3272+qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium
3273+
3274+ * Import qcow2-handle-eagain-from-update_refcount from upstream
3275+ to fix errors when using qemu-img convert -c. (LP: #1491050)
3276+
3277+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Sep 2015 16:35:56 -0500
3278+
3279+qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium
3280+
3281+ * SECURITY UPDATE: process heap memory disclosure
3282+ - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c.
3283+ - CVE-2015-5165
3284+ * SECURITY UPDATE: privilege escalation via block device unplugging
3285+ - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend
3286+ in hw/ide/piix.c.
3287+ - CVE-2015-5166
3288+ * SECURITY UPDATE: privilege escalation via memory corruption in vnc
3289+ - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply
3290+ limits in ui/vnc.c.
3291+ - CVE-2015-5225
3292+ * SECURITY UPDATE: denial of service via virtio-serial
3293+ - debian/patches/CVE-2015-5745.patch: don't assume a specific layout
3294+ for control messages in hw/char/virtio-serial-bus.c.
3295+ - CVE-2015-5745
3296+
3297+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 25 Aug 2015 09:38:43 -0400
3298+
3299+qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium
3300+
3301+ * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
3302+ - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
3303+ - CVE-2015-3214
3304+ * SECURITY UPDATE: heap overflow when processing ATAPI commands
3305+ - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
3306+ hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
3307+ - CVE-2015-5154
3308+ * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
3309+ - debian/patches/CVE-2015-5158.patch: check length in
3310+ hw/scsi/scsi-bus.c.
3311+ - CVE-2015-5158
3312+
3313+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jul 2015 10:07:05 -0400
3314+
3315+qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium
3316+
3317+ * SECURITY UPDATE: heap overflow in PCNET controller
3318+ - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c.
3319+ - CVE-2015-3209
3320+
3321+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Jun 2015 14:25:05 -0400
3322+
3323+qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium
3324+
3325+ * Merge 1:2.3+dfsg-5 from Debian.
3326+ * Remaining changes:
3327+ - debian/rules: do not drop the init scripts loading kvm modules
3328+ (still needed in precise in cloud archive)
3329+ - qemu-system-common.postinst:
3330+ * remove acl placed by udev, and add udevadm trigger.
3331+ * reload kvm_intel if needed to set nested=1
3332+ - qemu-system-common.preinst: add kvm group if needed
3333+ - add qemu-kvm upstart job and defaults file (rules,
3334+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3335+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3336+ do not auto-load the kvm kernel module. Enable nesting by default
3337+ on intel.
3338+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3339+ in qemu64 cpu type.
3340+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3341+ machine type to ease future live vm migration.
3342+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3343+ d/qemu-system-common.install
3344+ * Refreshed patches:
3345+ - ubuntu/expose-vmx_qemu64cpu.patch
3346+ - ubuntu/define-ubuntu-machine-types.patch
3347+
3348+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 10 Jun 2015 14:28:39 -0500
3349+
3350 qemu (1:2.3+dfsg-5) unstable; urgency=high
3351
3352 * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch
3353@@ -1675,6 +4833,35 @@ qemu (1:2.3+dfsg-5) unstable; urgency=high
3354
3355 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 03 Jun 2015 17:18:58 +0300
3356
3357+qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium
3358+
3359+ * Merge 1:2.3+dfsg-4 from Debian.
3360+ * Remaining changes:
3361+ - debian/rules: do not drop the init scripts loading kvm modules
3362+ (still needed in precise in cloud archive)
3363+ - qemu-system-common.postinst:
3364+ * remove acl placed by udev, and add udevadm trigger.
3365+ * reload kvm_intel if needed to set nested=1
3366+ - qemu-system-common.preinst: add kvm group if needed
3367+ - add qemu-kvm upstart job and defaults file (rules,
3368+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3369+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3370+ do not auto-load the kvm kernel module. Enable nesting by default
3371+ on intel.
3372+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3373+ in qemu64 cpu type.
3374+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3375+ machine type to ease future live vm migration.
3376+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3377+ d/qemu-system-common.install
3378+ * Dropped all patches which are applied upstream
3379+ * Move the upstart jobs to a generic script
3380+ - add new qemu-kvm-init script
3381+ - call that from upstart and sysvrc qemu-kvm scripts
3382+ - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc}
3383+
3384+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 03 Jun 2015 13:36:36 -0500
3385+
3386 qemu (1:2.3+dfsg-4) unstable; urgency=medium
3387
3388 * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch:
3389@@ -1736,6 +4923,98 @@ qemu (1:2.2+dfsg-6exp) experimental; urgency=medium
3390
3391 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 17 Apr 2015 21:54:53 +0300
3392
3393+qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium
3394+
3395+ * SECURITY UPDATE: denial of service in vnc web
3396+ - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket
3397+ frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h.
3398+ - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from
3399+ websockets clients in ui/vnc-ws.c.
3400+ - CVE-2015-1779
3401+ * SECURITY UPDATE: host code execution via floppy device (VEMON)
3402+ - debian/patches/CVE-2015-3456.patch: force the fifo access to be in
3403+ bounds of the allocated buffer in hw/block/fdc.c.
3404+ - CVE-2015-3456
3405+
3406+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 13 May 2015 07:25:59 -0400
3407+
3408+qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low
3409+
3410+ * CVE-2015-2756 / XSA-126
3411+ - xen: limit guest control of PCI command register
3412+
3413+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 08 Apr 2015 10:17:45 +0200
3414+
3415+qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium
3416+
3417+ * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not
3418+ accidentally create /1
3419+
3420+ -- Steve Beattie <sbeattie@ubuntu.com> Thu, 12 Mar 2015 16:46:51 -0700
3421+
3422+qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low
3423+
3424+ * No-change rebuild to pull in libxl-4.5 (take 2: step to the right).
3425+
3426+ -- Stefan Bader <stefan.bader@canonical.com> Thu, 26 Feb 2015 08:55:35 +0100
3427+
3428+qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low
3429+
3430+ * No-change rebuild to pull in libxl-4.5.
3431+
3432+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 25 Feb 2015 13:58:37 +0100
3433+
3434+qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium
3435+
3436+ * debian/control-in: enable numa on architectures where numa is built
3437+ (LP: #1417937)
3438+
3439+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 23:18:58 -0600
3440+
3441+qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium
3442+
3443+ [Scott Moser]
3444+ * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa
3445+ profile when started by libvirt.
3446+
3447+ [Serge Hallyn]
3448+ * add symlink qemu-system-ppc64le -> qemu-system-ppc64
3449+ * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script
3450+ (LP: #1419855)
3451+
3452+ [Chris J Arges]
3453+ * Determine if we are running inside a virtual environment. If running inside
3454+ a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153)
3455+
3456+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 13:04:21 -0600
3457+
3458+qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium
3459+
3460+ * Merge 1:2.2+dfsg-5exp from Debian. (LP: #1409308)
3461+ - debian/rules: do not drop the init scripts loading kvm modules
3462+ (still needed in precise in cloud archive)
3463+ * Remaining changes:
3464+ - qemu-system-common.postinst:
3465+ * remove acl placed by udev, and add udevadm trigger.
3466+ * reload kvm_intel if needed to set nested=1
3467+ - qemu-system-common.preinst: add kvm group if needed
3468+ - add qemu-kvm upstart job and defaults file (rules,
3469+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3470+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3471+ do not auto-load the kvm kernel module. Enable nesting by default
3472+ on intel.
3473+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3474+ in qemu64 cpu type.
3475+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3476+ machine type to ease future live vm migration.
3477+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3478+ d/qemu-system-common.install
3479+ * Dropped all patches which are applied upstream
3480+ * Update ubuntu-vivid machine type to default to std graphics (following
3481+ upstream's lead for pc-i440fx-2.2 machine type)
3482+
3483+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 09 Feb 2015 22:31:09 -0600
3484+
3485 qemu (1:2.2+dfsg-5exp) experimental; urgency=medium
3486
3487 * fix initscript removal once again
3488@@ -1785,6 +5064,47 @@ qemu (2.2+dfsg-1exp) unstable; urgency=medium
3489
3490 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 09 Dec 2014 23:09:26 +0300
3491
3492+qemu (1:2.1+dfsg-11ubuntu2) vivid; urgency=medium
3493+
3494+ * Cherrypick upstream patch needed to allow ESx hosts to run under
3495+ kvm (LP: #1411575)
3496+
3497+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 16 Jan 2015 16:32:48 -0600
3498+
3499+qemu (1:2.1+dfsg-11ubuntu1) vivid; urgency=medium
3500+
3501+ * Merge 2.1+dfsg-11. Remaining changes:
3502+ - qemu-system-common.postinst:
3503+ * remove acl placed by udev, and add udevadm trigger.
3504+ * reload kvm_intel if needed to set nested=1
3505+ - qemu-system-common.preinst: add kvm group if needed
3506+ - add qemu-kvm upstart job and defaults file (rules,
3507+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3508+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3509+ do not auto-load the kvm kernel module. Enable nesting by default
3510+ on intel.
3511+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3512+ removed the alternatives bit later.
3513+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3514+ in qemu64 cpu type.
3515+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3516+ machine type to ease future live vm migration.
3517+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3518+ d/qemu-system-common.install
3519+ - debian/binfmt-update-in: support ppcle
3520+ * debian/binfmt-update-in
3521+ * Support-ppcle.patch
3522+ - Upstream patches to fix AArch64 emulation ignoring SPSel=0:
3523+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
3524+ * d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
3525+ * d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
3526+ * Dropped patches (upstream or now in debian's tree):
3527+ - upstream-xen_disk-fix-unmapping-of-persistent-grants.patch
3528+ - CVE-2014-7840.patch
3529+ - CVE-2014-8106.patch
3530+
3531+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Dec 2014 13:57:34 -0600
3532+
3533 qemu (1:2.1+dfsg-11) unstable; urgency=medium
3534
3535 * bump epoch and reupload to cancel 2.2+dfsg-1exp upload
3536@@ -1854,6 +5174,81 @@ qemu (2.1+dfsg-8) unstable; urgency=low
3537
3538 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 27 Nov 2014 18:32:45 +0300
3539
3540+qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium
3541+
3542+ * SECURITY UPDATE: code execution via savevm data
3543+ - debian/patches/CVE-2014-7840.patch: validate parameters in
3544+ arch_init.c.
3545+ - CVE-2014-7840
3546+ * SECURITY UPDATE: code execution via cirrus vga blit regions
3547+ (LP: #1400775)
3548+ - debian/patches/CVE-2014-8106.patch: properly validate blit regions in
3549+ hw/display/cirrus_vga.c.
3550+ - CVE-2014-8106
3551+
3552+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Dec 2014 14:11:52 -0500
3553+
3554+qemu (2.1+dfsg-7ubuntu4) vivid; urgency=low
3555+
3556+ * d/rules: Fix vendor check to make kvm-spice symlinks (DEB_VENDOR got
3557+ dropped and VENDOR now will be all capital UBUNTU).
3558+
3559+ -- Stefan Bader <stefan.bader@canonical.com> Mon, 08 Dec 2014 14:45:31 +0100
3560+
3561+qemu (2.1+dfsg-7ubuntu3) vivid; urgency=medium
3562+
3563+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
3564+ d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
3565+ d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
3566+ Cherry-pick of upstream patches in order to fix AArch64 emulation ignoring
3567+ SPSel=0 in certain conditions. (LP: #1349277)
3568+
3569+ -- Chris J Arges <chris.j.arges@canonical.com> Thu, 04 Dec 2014 14:17:01 -0600
3570+
3571+qemu (2.1+dfsg-7ubuntu2) vivid; urgency=low
3572+
3573+ * d/p/upstream-xen_disk-fix-unmapping-of-persistent-grants.patch:
3574+ Cherry-pick of qemu-upstream patch to fix issues with persistent
3575+ grants and the PV backend (Qdisk) (LP: #1394327).
3576+
3577+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 28 Nov 2014 13:14:37 +0100
3578+
3579+qemu (2.1+dfsg-7ubuntu1) vivid; urgency=medium
3580+
3581+ * Merge 2.1+dfsg-7. Remaining changes:
3582+ - qemu-system-common.postinst:
3583+ * remove acl placed by udev, and add udevadm trigger.
3584+ * reload kvm_intel if needed to set nested=1
3585+ - qemu-system-common.preinst: add kvm group if needed
3586+ - add qemu-kvm upstart job and defaults file (rules,
3587+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3588+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3589+ do not auto-load the kvm kernel module. Enable nesting by default
3590+ on intel.
3591+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3592+ removed the alternatives bit later.
3593+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3594+ in qemu64 cpu type.
3595+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3596+ machine type to ease future live vm migration.
3597+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3598+ d/qemu-system-common.install
3599+ - debian/binfmt-update-in: support ppcle
3600+ * debian/binfmt-update-in
3601+ * Support-ppcle.patch
3602+ * Dropped patches (upstream or now in debian's tree):
3603+ - pc-reserve-more-memory-for-acpi.patch
3604+ - CVE-2014-5388.patch
3605+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap and
3606+ 502-block-raw-posic-use-seek-hole-ahead-of-fiemap (combined
3607+ in debian)
3608+ - CVE-2014-3615.patch
3609+ - CVE-2014-3640.patch
3610+ - CVE-2014-3689.patch
3611+ - CVE-2014-7815.patch
3612+
3613+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 22 Nov 2014 18:36:53 -0600
3614+
3615 qemu (2.1+dfsg-7) unstable; urgency=high
3616
3617 * urgency is high due to 2 security fixes
3618@@ -1905,6 +5300,119 @@ qemu (2.1+dfsg-5) unstable; urgency=medium
3619
3620 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 26 Sep 2014 17:43:26 +0400
3621
3622+qemu (2.1+dfsg-4ubuntu9) vivid; urgency=medium
3623+
3624+ * SECURITY UPDATE: information disclosure via vga driver
3625+ - debian/patches/CVE-2014-3615.patch: return the correct memory size,
3626+ sanity check register writes, and don't use fixed buffer sizes in
3627+ hw/display/qxl.c, hw/display/vga.c, hw/display/vga_int.h,
3628+ ui/spice-display.c.
3629+ - CVE-2014-3615
3630+ * SECURITY UPDATE: denial of service via slirp NULL pointer deref
3631+ - debian/patches/CVE-2014-3640.patch: make sure socket is not just a
3632+ stub in slirp/udp.c.
3633+ - CVE-2014-3640
3634+ * SECURITY UPDATE: possible privilege escalation via vmware-vga driver
3635+ - debian/patches/CVE-2014-3689.patch: verify rectangles in
3636+ hw/display/vmware_vga.c.
3637+ - CVE-2014-3689
3638+ * SECURITY UPDATE: denial of service via VNC console
3639+ - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in
3640+ ui/vnc.c.
3641+ - CVE-2014-7815
3642+
3643+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 13 Nov 2014 07:31:03 -0500
3644+
3645+qemu (2.1+dfsg-4ubuntu8) vivid; urgency=medium
3646+
3647+ * Support qemu-kvm on x32, arm64, ppc64 and pp64el architectures
3648+ (LP: #1389897) (Patch thanks to mwhudson, BenC, and infinity)
3649+
3650+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Nov 2014 15:51:47 -0600
3651+
3652+qemu (2.1+dfsg-4ubuntu7) vivid; urgency=medium
3653+
3654+ * Apply two patches to fix intermittent qemu-img corruption
3655+ (LP: #1368815)
3656+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap
3657+ - 502-block-raw-posic-use-seek-hole-ahead-of-fiemap
3658+
3659+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 29 Oct 2014 22:31:43 -0500
3660+
3661+qemu (2.1+dfsg-4ubuntu6) utopic; urgency=medium
3662+
3663+ * debian/control: slof is moving into main, so we can depend on qemu-slof as
3664+ debian does.
3665+
3666+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Oct 2014 22:01:27 +0200
3667+
3668+qemu (2.1+dfsg-4ubuntu5) utopic; urgency=medium
3669+
3670+ * debian/binfmt-update-in: don't blacklist ppc64le on ppc64 and vice
3671+ versa.
3672+ * Drop Support-ppc64le.pach, as that architecture appears to not exist yet.
3673+ * update d/p/ubuntu/define-ubuntu-machine-types.patch to keep -M pc pointing
3674+ to latest upstream machine type, rather than distro one. Add 'ubuntu'
3675+ machine type for that.
3676+
3677+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 06 Oct 2014 13:41:31 -0500
3678+
3679+qemu (2.1+dfsg-4ubuntu4) utopic; urgency=medium
3680+
3681+ * debian/qemu-system-x86.qemu-kvm.upstart: create /dev/kvm in a
3682+ container. (LP: #1370199)
3683+ * load kvm module on ppc64le at boot (LP: #1369785)
3684+ - debian/rules: install qemu-kvm on ppc64el
3685+ - add debian/qemu-system-ppc.qemu-kvm.{upstart,default} to autoload the
3686+ kvm-hv module if available
3687+ * qemu-system-x86.maintscript: remove accidentally installed
3688+ /etc/init.d/qemu-system-x86 (from 2.0.0+dfsg-6ubuntu1 and a few earlier)
3689+ * rename qemu-system-x86 init script to qemu-kvm so it gets installed in
3690+ ubuntu.
3691+
3692+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Sep 2014 14:20:12 -0500
3693+
3694+qemu (2.1+dfsg-4ubuntu3) utopic; urgency=medium
3695+
3696+ * Re-stick the trusty machine type to 2.0 (where it must always stay) and
3697+ define a new, default, pc-i440fx-utopic machine type (LP: #1369481)
3698+
3699+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 15 Sep 2014 14:04:57 -0500
3700+
3701+qemu (2.1+dfsg-4ubuntu2) utopic; urgency=medium
3702+
3703+ * move kvm_intel nested setting to qemu-system-x86.postinst.
3704+
3705+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 12 Sep 2014 23:12:52 +0000
3706+
3707+qemu (2.1+dfsg-4ubuntu1) utopic; urgency=medium
3708+
3709+ * Merge new debian release
3710+ * Remaining changes:
3711+ - qemu-system-common.postinst:
3712+ * remove acl placed by udev, and add udevadm trigger.
3713+ * reload kvm_intel if needed to set nested=1
3714+ - qemu-system-common.preinst: add kvm group if needed
3715+ - add qemu-kvm upstart job and defaults file (rules,
3716+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3717+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3718+ do not auto-load the kvm kernel module. Enable nesting by default
3719+ on intel.
3720+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3721+ removed the alternatives bit later.
3722+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3723+ in qemu64 cpu type.
3724+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3725+ machine type to ease future live vm migration.
3726+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3727+ d/qemu-system-common.install
3728+ - debian/binfmt-update-in: support ppcle
3729+ * debian/binfmt-update-in
3730+ * Support-ppcle.patch
3731+ - d/p/CVE-2014-5388.patch
3732+
3733+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Sep 2014 17:56:15 -0500
3734+
3735 qemu (2.1+dfsg-4) unstable; urgency=medium
3736
3737 * mention libnuma-dev but not enable for now
3738@@ -1922,6 +5430,59 @@ qemu (2.1+dfsg-4) unstable; urgency=medium
3739
3740 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 31 Aug 2014 09:32:59 +0400
3741
3742+qemu (2.1+dfsg-3ubuntu4) utopic; urgency=medium
3743+
3744+ * SECURITY UPDATE: memory disclosure via out-of-bounds array access
3745+ - debian/patches/CVE-2014-5388.patch: fix check in hw/acpi/pcihp.c.
3746+ - CVE-2014-5388
3747+
3748+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 09 Sep 2014 08:26:24 -0400
3749+
3750+qemu (2.1+dfsg-3ubuntu3) utopic; urgency=medium
3751+
3752+ * replace d/p/revert-acpi-table-size-bump with
3753+ pc-reserve-more-memory-for-acpi.patch from upstream
3754+ * debian/binfmt-update-in
3755+ - don't run in a container
3756+ - add ppc64le as target (LP: #1358268)
3757+ * Add experimental ppcle support (LP: #1358268)
3758+
3759+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 27 Aug 2014 18:24:32 -0500
3760+
3761+qemu (2.1+dfsg-3ubuntu2) utopic; urgency=medium
3762+
3763+ * revert-acpi-table-size-bump - get qemu -kernel working again.
3764+
3765+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 15:33:24 -0500
3766+
3767+qemu (2.1+dfsg-3ubuntu1) utopic; urgency=medium
3768+
3769+ * Merge new debian release
3770+ * Remaining changes:
3771+ - control-in: stick to libsdl1.2-dev.
3772+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3773+ qemu-bridge-helper
3774+ - qemu-system-common.postinst: remove acl placed by udev,
3775+ and add udevadm trigger.
3776+ - qemu-system-common.preinst: add kvm group if needed
3777+ - add qemu-kvm upstart job and defaults file (rules,
3778+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3779+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3780+ do not auto-load the kvm kernel module. Enable nesting by default
3781+ on intel.
3782+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3783+ removed the alternatives bit later.
3784+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3785+ in qemu64 cpu type.
3786+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3787+ machine type to ease future live vm migration.
3788+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3789+ d/qemu-system-common.install
3790+ * Upstart job: use getent group to check for kvm group
3791+ * apport: 'qemu' doesn't exist any more, so check for any qemu* tasks
3792+
3793+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 08:44:54 -0500
3794+
3795 qemu (2.1+dfsg-3) unstable; urgency=medium
3796
3797 * set SHELL = /bin/sh -e, so that more complex shell constructs
3798@@ -1948,6 +5509,42 @@ qemu (2.1+dfsg-3) unstable; urgency=medium
3799
3800 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 14 Aug 2014 14:30:24 +0400
3801
3802+qemu (2.1+dfsg-2ubuntu2) utopic; urgency=medium
3803+
3804+ * reload kvm_intel if needed to set the nested=Y flag (LP: #1324174)
3805+
3806+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Aug 2014 12:58:50 -0500
3807+
3808+qemu (2.1+dfsg-2ubuntu1) utopic; urgency=medium
3809+
3810+ * Merge new debian release
3811+ * Remaining changes:
3812+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3813+ have in ipxe-qemu package.
3814+ - control-in: stick to libsdl1.2-dev.
3815+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3816+ qemu-bridge-helper
3817+ - qemu-system-common.postinst: remove acl placed by udev,
3818+ and add udevadm trigger.
3819+ - qemu-system-common.preinst: add kvm group if needed
3820+ - add qemu-kvm upstart job and defaults file (rules,
3821+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3822+ - debian/rules: add qemu-kvm-spice
3823+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3824+ do not auto-load the kvm kernel module. Enable nesting by default
3825+ on intel.
3826+ - binfmt-update-in: make sure to filter out compat arches.
3827+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3828+ removed the alternatives bit later.
3829+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3830+ in qemu64 cpu type.
3831+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3832+ machine type to ease future live vm migration.
3833+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3834+ d/qemu-system-common.install
3835+
3836+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Aug 2014 13:53:06 -0500
3837+
3838 qemu (2.1+dfsg-2) unstable; urgency=medium
3839
3840 * l2tp-linux-only.patch: fix FTBFS on kfreebsd
3841@@ -1982,7 +5579,7 @@ qemu (2.1+dfsg-1) unstable; urgency=medium
3842
3843 qemu (2.0.0+dfsg-7) unstable; urgency=medium
3844
3845- * clarify description of qemu-user-binfmt a bit
3846+ * clarify description of qemu-user-binfmt a bit
3847 * build-depend on acpica-tools (iasl) in order to rebuild .dsl files
3848 * remove qemu-keymaps package, since it is not used by other tools
3849 anymore, and ship keymaps in qemu-system-common.
3850@@ -1999,6 +5596,43 @@ qemu (2.0.0+dfsg-7) unstable; urgency=medium
3851
3852 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 24 Jul 2014 16:51:16 +0400
3853
3854+qemu (2.0.0+dfsg-6ubuntu2) utopic; urgency=medium
3855+
3856+ * d/qemu-system-x86.qemu-kvm.upstart: change the early-exit check from
3857+ /usr/bin/kvm to qemu-system-x86_64. (LP: #1348551)
3858+
3859+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 25 Jul 2014 08:35:02 -0500
3860+
3861+qemu (2.0.0+dfsg-6ubuntu1) utopic; urgency=medium
3862+
3863+ * Merge 2.0.0+dfsg-6. Remaining changes:
3864+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3865+ have in ipxe-qemu package.
3866+ - control-in: stick to libgnutls-dev and libsdl1.2-dev.
3867+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3868+ qemu-bridge-helper
3869+ - qemu-system-common.postinst: remove acl placed by udev,
3870+ and add udevadm trigger.
3871+ - qemu-system-common.preinst: add kvm group if needed
3872+ - add qemu-kvm upstart job and defaults file (rules,
3873+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3874+ - debian/rules: add qemu-kvm-spice
3875+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3876+ do not auto-load the kvm kernel module. Enable nesting by default
3877+ on intel.
3878+ - binfmt-update-in: make sure to filter out compat arches.
3879+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
3880+ removed the alternatives bit later.
3881+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3882+ in qemu64 cpu type.
3883+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3884+ machine type to ease future live vm migration.
3885+ - re-introduce apport hook for qemu source package:
3886+ d/source_qemu-kvm.py, d/qemu-system-common.install
3887+ * enable-build-dep on libjpeg8-dev - which is now in main
3888+
3889+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 23 Jun 2014 14:52:54 -0500
3890+
3891 qemu (2.0.0+dfsg-6) unstable; urgency=medium
3892
3893 * build-depend on libgnutls28-dev not libgnutls-dev
3894@@ -2042,6 +5676,59 @@ qemu (2.0.0+dfsg-3) unstable; urgency=low
3895
3896 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 21 Apr 2014 12:34:03 +0400
3897
3898+qemu (2.0.0+dfsg-2ubuntu3) utopic; urgency=medium
3899+
3900+ * remove alternatives for qemu: different architectures
3901+ aren't really alternatives and never had been (LP: #1316829)
3902+
3903+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 07 May 2014 15:12:33 +0000
3904+
3905+qemu (2.0.0+dfsg-2ubuntu2) utopic; urgency=medium
3906+
3907+ * debian/rules: install the proper /etc/init/qemu-kvm.conf (LP: #1315402)
3908+ * debian/control: drop the versioning requirement from libfdt-dev
3909+ build-dependency, as it is longer needed (LP: #1295072)
3910+
3911+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 02 May 2014 11:43:44 -0500
3912+
3913+qemu (2.0.0+dfsg-2ubuntu1) trusty-proposed; urgency=medium
3914+
3915+ * Merge 2.0.0+dfsg-2
3916+ * Incorporates a fix for spice users (LP: #1309452)
3917+ * drop patch kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch, as
3918+ the regression requiring it was reverted for 2.0 upstream.
3919+ * remove qemu-system-common depends on the qemu-system-aarch64 metapackage
3920+ * debian/qemu-debootstrap: add arm64
3921+ * Remaining changes from debian:
3922+ - keep qemu 'alternative' (not something to change in SRU)
3923+ - debian/control and debian/control-in:
3924+ * versioned libfdt-dev check, until libfdt is fixed in precise
3925+ * enable rbd
3926+ * remove ovmf Recommends, as it is in multiverse
3927+ * use libsdl1.2, not libsdl2, since libsdl2-dev is in universe
3928+ * add a qemu-system-aarch64 metapackage for transitions from trusty
3929+ development version. This can be removed after trusty.
3930+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
3931+ qemu-bridge-helper
3932+ - qemu-system-common.postinst: fix /dev/kvm acls
3933+ - qemu-system-common.preinst: add kvm group if needed
3934+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
3935+ have in ipxe-qemu package.
3936+ - qemu-system-x86.modprobe: set module options for older releases
3937+ - qemu-system-x86.qemu-kvm.default: defaults for the upstart job
3938+ - qemu-system-x86.qemu-kvm.upstart: qemu-kvm upstart job
3939+ - qemu-user-static.postinst-in: remove qemu-arm64-static on arm64
3940+ - debian/rules
3941+ * add legacy kvm-spice link
3942+ * fix ppc and arm slections
3943+ * add aarch64 to user_targets
3944+ - debian/patches/ubuntu/define-trusty-machine-type.patch: define a
3945+ pc-i440fx-trusty machine type as the default.
3946+ - debian/patches/ubuntu/expose-vmx_qemu64cpu.patch: support nesting by
3947+ default in qemu64 cpu time.
3948+
3949+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Apr 2014 09:23:27 -0500
3950+
3951 qemu (2.0.0+dfsg-2) unstable; urgency=medium
3952
3953 * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current
3954@@ -2067,7 +5754,7 @@ qemu (2.0.0+dfsg-1) unstable; urgency=low
3955 * kmod dependency is linux-any
3956 * doc-grammify-allows-to.patch: fix some lintian warnings
3957 * remove alternatives for qemu: different architectures
3958- aren't really alternatives and never had been
3959+ aren't really alternatives and never had been
3960 * update Standards-Version to 3.9.5 (no changes needed)
3961 * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff -
3962 fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1
3963@@ -2101,6 +5788,50 @@ qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low
3964
3965 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 05 Apr 2014 16:23:48 +0400
3966
3967+qemu (2.0.0~rc1+dfsg-0ubuntu3) trusty; urgency=medium
3968+
3969+ * d/p/ubuntu/kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch
3970+ don't abort() just because the kernel has no dirty bitmap.
3971+ (LP: #1303926)
3972+
3973+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 22:32:00 -0500
3974+
3975+qemu (2.0.0~rc1+dfsg-0ubuntu2) trusty; urgency=medium
3976+
3977+ * define-trusty-machine-type.patch: update the trusty machine type name to
3978+ pc-i440fx-trusty (LP: #1304107)
3979+
3980+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 11:49:04 -0500
3981+
3982+qemu (2.0.0~rc1+dfsg-0ubuntu1) trusty; urgency=medium
3983+
3984+ * Merge 2.0.0-rc1
3985+ * debian/rules: consolidate ppc filter entries.
3986+ * Move qemu-system-arch64 into qemu-system-arm
3987+ * debian/patches/define-trusty-machine-type.patch: define a trusty machine
3988+ type, currently the same as pc-i440fx-2.0, to put is in a better position
3989+ to enable live migrations from trusty onward. (LP: #1294823)
3990+ * debian/control: build-dep on libfdt >= 1.4.0 (LP: #1295072)
3991+ * Merge latest upstream git to commit dc9528f
3992+ * Debian/rules:
3993+ - remove -enable-uname-release=2.6.32
3994+ - don't make the aarch64 target Ubuntu-specific.
3995+ * Remove patches which are now upstream:
3996+ - fix-smb-security-share.patch
3997+ - slirp-smb-redirect-port-445-too.patch
3998+ - linux-user-Implement-sendmmsg-syscall.patch (better version is upstream)
3999+ - signal-added-a-wrapper-for-sigprocmask-function.patch
4000+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
4001+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
4002+ - ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch
4003+ * add link for /usr/share/qemu/bios-256k.bin
4004+ * Remove all linaro patches.
4005+ * Remove all arm64/ patches. Many but not all are upstream.
4006+ * Remove CVE-2013-4377.patch which is upstream.
4007+ * debian/control-in: don't make qemu-system-aarch64 ubuntu-specific
4008+
4009+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 25 Feb 2014 22:31:43 -0600
4010+
4011 qemu (1.7.0+dfsg-9) unstable; urgency=medium
4012
4013 * remove rbd/rados/ceph support *again*, till they'll actually provide
4014@@ -2165,6 +5896,104 @@ qemu (1.7.0+dfsg-4) unstable; urgency=medium
4015
4016 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 12 Mar 2014 18:34:03 +0400
4017
4018+qemu (1.7.0+dfsg-3ubuntu7) trusty; urgency=low
4019+
4020+ * No-change rebuild to build with libxen-4.4.
4021+
4022+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 21 Mar 2014 10:04:36 +0100
4023+
4024+qemu (1.7.0+dfsg-3ubuntu6) trusty; urgency=medium
4025+
4026+ * d/p/ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch: cherrypick
4027+ upstream patch to force cpu count on ppc to be a power of 2. (LP: #1279682)
4028+
4029+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Mar 2014 00:03:00 -0500
4030+
4031+qemu (1.7.0+dfsg-3ubuntu5) trusty; urgency=medium
4032+
4033+ [ dann frazier ]
4034+ * Add patches from the susematz tree to avoid intermittent segfaults:
4035+ - ubuntu/signal-added-a-wrapper-for-sigprocmask-function.patch
4036+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
4037+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
4038+
4039+ [ Serge Hallyn ]
4040+ * Modify do_sigprocmask to only change behavior for aarch64.
4041+ (LP: #1285363)
4042+
4043+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 06 Mar 2014 16:15:50 -0600
4044+
4045+qemu (1.7.0+dfsg-3ubuntu4) trusty; urgency=medium
4046+
4047+ [ Steve Langasek ]
4048+ * Merge debian/control with unreleased Debian branch: our architecture
4049+ lists should now be in sync.
4050+
4051+ [ Dann Frazier ]
4052+ * ubuntu/linux-user-Implement-sendmmsg-syscall.patch: Fix user mode DNS
4053+ on arm64 and maybe others. (LP: #1284344)
4054+
4055+ [ Serge Hallyn ]
4056+ * Move the OVMF.fd link to the ovmf package.
4057+
4058+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 21 Feb 2014 12:14:53 -0800
4059+
4060+qemu (1.7.0+dfsg-3ubuntu3) trusty; urgency=medium
4061+
4062+ * Add ppc64el to the architecture list (supposedly added in the previous
4063+ upload, but really wasn't).
4064+
4065+ -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 20 Feb 2014 23:40:07 -0800
4066+
4067+qemu (1.7.0+dfsg-3ubuntu2) trusty; urgency=medium
4068+
4069+ * Backport changes to enable qemu-user-static support for aarch64
4070+ * debian/control: add ppc64el to Architectures
4071+ * debian/rules: only install qemu-system-aarch64 on arm64.
4072+ Fixes a FTBFS when built twice in a row on non-arm64 due to a stale
4073+ debian/qemu-system-aarch64 directory
4074+
4075+ -- dann frazier <dann.frazier@canonical.com> Tue, 11 Feb 2014 15:41:53 -0700
4076+
4077+qemu (1.7.0+dfsg-3ubuntu1) trusty; urgency=medium
4078+
4079+ * Fix broken filter_binfmts
4080+ * Remove use of dpkg-version in postinsts, as we're not Depending on
4081+ dpkg-dev.
4082+
4083+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 05 Feb 2014 21:57:38 -0600
4084+
4085+qemu (1.7.0+dfsg-3ubuntu1~ppa1) trusty; urgency=medium
4086+
4087+ * Merge 1.7.0+dfsg-3 from debian. Remaining changes:
4088+ - debian/patches/ubuntu:
4089+ * expose-vmx_qemu64cpu.patch
4090+ * linaro (omap3) and arm64 patches
4091+ * ubuntu/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS
4092+ on ppc
4093+ * ubuntu/CVE-2013-4377.patch: fix denial of service via virtio
4094+ - debian/qemu-system-x86.modprobe: set kvm_intel nested=1 options
4095+ - debian/control:
4096+ * add arm64 to Architectures
4097+ * add qemu-common and qemu-system-aarch64 packages
4098+ - debian/qemu-system-common.install: add debian/tmp/usr/lib
4099+ - debian/qemu-system-common.preinst: add kvm group
4100+ - debian/qemu-system-common.postinst: remove acl placed by udev,
4101+ and add udevadm trigger.
4102+ - qemu-system-x86.links: add eepro100.rom, remove pxe-virtio,
4103+ pxe-e1000 and pxe-rtl8139.
4104+ - add qemu-system-x86.qemu-kvm.upstart and .default
4105+ - qemu-user-static.postinst-in: remove arm64 binfmt
4106+ - debian/rules:
4107+ * allow parallel build
4108+ * add aarch64 to system_targets and sys_systems
4109+ * add qemu-kvm-spice links
4110+ * install qemu-system-x86.modprobe
4111+ - add debian/qemu-system-common.links for OVMF.fd link
4112+ * Remove kvm-img, kvm-nbd, kvm-ifup and kvm-ifdown symlinks.
4113+
4114+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Feb 2014 12:13:08 -0600
4115+
4116 qemu (1.7.0+dfsg-3) unstable; urgency=low
4117
4118 * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86
4119@@ -2190,6 +6019,121 @@ qemu (1.7.0+dfsg-3) unstable; urgency=low
4120
4121 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 16 Jan 2014 15:17:46 +0400
4122
4123+qemu (1.7.0+dfsg-2ubuntu9) trusty; urgency=medium
4124+
4125+ * debian/qemu-user-static.postinst-in: remove arm64 qemu-user binfmt, which
4126+ may have been installed up to 1.6.0+dfsg-2ubuntu4 (LP: #1273654)
4127+
4128+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 Jan 2014 14:41:20 +0000
4129+
4130+qemu (1.7.0+dfsg-2ubuntu8) trusty; urgency=medium
4131+
4132+ * SECURITY UPDATE: denial of service via virtio device hot-plugging
4133+ - debian/patches/CVE-2013-4377.patch: upstream commits to refactor
4134+ virtio device unplugging.
4135+ - CVE-2013-4377
4136+
4137+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jan 2014 09:10:37 -0500
4138+
4139+qemu (1.7.0+dfsg-2ubuntu7) trusty; urgency=medium
4140+
4141+ * d/p/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS on
4142+ powerpc.
4143+
4144+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 22 Jan 2014 11:59:26 -0600
4145+
4146+qemu (1.7.0+dfsg-2ubuntu6) trusty; urgency=medium
4147+
4148+ [ Serge Hallyn ]
4149+ * add arm64 patchset from upstream. The three arm virt patches previously
4150+ pushed are in that set, so drop them.
4151+
4152+ [ dann frazier ]
4153+ * Add packaging for qemu-system-aarch64. This package is currently only
4154+ available for arm64, as full software emulation is not yet supported.
4155+
4156+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 10 Jan 2014 12:19:08 -0600
4157+
4158+qemu (1.7.0+dfsg-2ubuntu5) trusty; urgency=medium
4159+
4160+ * Drop d/p/fix-pci-add: upstream does not intend for pci_add to be
4161+ supported any longer.
4162+ * Add patchset from git://git.linaro.org/qemu/qemu-linaro.git#rebasing
4163+ * Refresh debian/patches/hw_arm_add_virt_platform.patch against context
4164+ churn caused by linaro patchset.
4165+ * debian/rules: enable parallel builds.
4166+
4167+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 03 Jan 2014 10:53:17 -0600
4168+
4169+qemu (1.7.0+dfsg-2ubuntu4) trusty; urgency=medium
4170+
4171+ * d/control: enable usbredir (LP: 1126390)
4172+
4173+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 02 Jan 2014 08:55:43 -0600
4174+
4175+qemu (1.7.0+dfsg-2ubuntu3) trusty; urgency=medium
4176+
4177+ * add missing arm virt patches from the mach-virt-v7 branch of
4178+ git://git.linaro.org/people/cdall/qemu-arm.git
4179+
4180+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 18 Dec 2013 12:25:59 -0600
4181+
4182+qemu (1.7.0+dfsg-2ubuntu2) trusty; urgency=medium
4183+
4184+ * debian/control: add arm64 to list of architectures.
4185+
4186+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Dec 2013 10:22:47 -0600
4187+
4188+qemu (1.7.0+dfsg-2ubuntu1) trusty; urgency=low
4189+
4190+ * Merge 1.7.0+dfsg-2 from debian experimental. Remaining changes:
4191+ - debian/control
4192+ * update maintainer
4193+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4194+ from build-deps
4195+ * enable rbd
4196+ * add qemu-system and qemu-common B/R to qemu-keymaps
4197+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4198+ qemu-system-common
4199+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4200+ - add qemu-common, qemu-kvm, kvm to B/R
4201+ - remove openbios-sparc from qemu-system-sparc D
4202+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
4203+ * qemu-system-x86:
4204+ - add qemu-common to Breaks/Replaces.
4205+ - add cpu-checker to Recommends.
4206+ * qemu-user: add B/R:qemu-kvm
4207+ * qemu-kvm:
4208+ - add armhf armel powerpc sparc to Architecture
4209+ - C/R/P: qemu-kvm-spice
4210+ * add qemu-common package
4211+ * drop qemu-slof which is not packaged in ubuntu
4212+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4213+ - qemu-system-x86.links:
4214+ * remove pxe rom links which are in kvm-ipxe
4215+ - debian/rules
4216+ * add kvm-spice symlink to qemu-kvm
4217+ * call dh_installmodules for qemu-system-x86
4218+ * update dh_installinit to install upstart script
4219+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4220+ - Add qemu-utils.links for kvm-* symlinks.
4221+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4222+ - Add qemu-system-x86.modprobe to set nesting=1
4223+ - Add qemu-system-common.preinst to add kvm group
4224+ - qemu-system-common.postinst: remove bad group acl if there, then have
4225+ udev relabel /dev/kvm.
4226+ - New linaro patches from qemu-linaro rebasing branch
4227+ - Dropped patches:
4228+ * linaro patchset
4229+ * mach-virt patchset
4230+ - Kept patches:
4231+ * expose_vms_qemu64cpu.patch
4232+ * fix-pci-add
4233+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
4234+ qemu-bridge-helper
4235+
4236+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 07 Dec 2013 06:08:11 +0000
4237+
4238 qemu (1.7.0+dfsg-2) unstable; urgency=low
4239
4240 * switch from vgabios to seavgabios
4241@@ -2219,6 +6163,73 @@ qemu (1.7.0+dfsg-1) unstable; urgency=low
4242
4243 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 28 Nov 2013 03:14:21 +0400
4244
4245+qemu (1.6.0+dfsg-2ubuntu2) trusty; urgency=low
4246+
4247+ * debian/control: qemu-utils must Replace: qemu-kvm as it did in raring,
4248+ to prevent lts-to-lts updates from breaking. (LP: #1243403)
4249+
4250+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 23 Oct 2013 14:31:05 -0500
4251+
4252+qemu (1.6.0+dfsg-2ubuntu1) trusty; urgency=low
4253+
4254+ * Merge 1.6.0~rc0+dfsg-2exp from debian experimental. Remaining changes:
4255+ - debian/control
4256+ * update maintainer
4257+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4258+ from build-deps
4259+ * enable rbd
4260+ * add qemu-system and qemu-common B/R to qemu-keymaps
4261+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4262+ qemu-system-common
4263+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4264+ - add qemu-kvm to Provides
4265+ - add qemu-common, qemu-kvm, kvm to B/R
4266+ - remove openbios-sparc from qemu-system-sparc D
4267+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
4268+ * qemu-system-x86:
4269+ - add qemu-common to Breaks/Replaces.
4270+ - add cpu-checker to Recommends.
4271+ * qemu-user: add B/R:qemu-kvm
4272+ * qemu-kvm:
4273+ - add armhf armel powerpc sparc to Architecture
4274+ - C/R/P: qemu-kvm-spice
4275+ * add qemu-common package
4276+ * drop qemu-slof which is not packaged in ubuntu
4277+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4278+ - qemu-system-x86.links:
4279+ * remove pxe rom links which are in kvm-ipxe
4280+ * add symlink for kvm.1 manpage
4281+ - debian/rules
4282+ * add kvm-spice symlink to qemu-kvm
4283+ * call dh_installmodules for qemu-system-x86
4284+ * update dh_installinit to install upstart script
4285+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4286+ - Add qemu-utils.links for kvm-* symlinks.
4287+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4288+ - Add qemu-system-x86.modprobe to set nesting=1
4289+ - Add qemu-system-common.preinst to add kvm group
4290+ - qemu-system-common.postinst: remove bad group acl if there, then have
4291+ udev relabel /dev/kvm.
4292+ - New linaro patches from qemu-linaro rebasing branch
4293+ - Dropped patches:
4294+ * xen-simplify-xen_enabled.patch
4295+ * sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch
4296+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
4297+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
4298+ * virtio-rng-fix-crash
4299+ - Kept patches:
4300+ * expose_vms_qemu64cpu.patch - updated
4301+ * linaro arm patches from qemu-linaro rebasing branch
4302+ - New patches:
4303+ * fix-pci-add: change CONFIG variable in ifdef to make sure that
4304+ pci_add is defined.
4305+ * Add linaro patches
4306+ * Add experimental mach-virt patches for arm virtualization.
4307+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
4308+ qemu-bridge-helper
4309+
4310+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 22 Oct 2013 22:47:07 -0500
4311+
4312 qemu (1.6.0+dfsg-2) unstable; urgency=low
4313
4314 * Build-depend in seccomp again once it is in -testing
4315@@ -2289,6 +6300,89 @@ qemu (1.5.0+dfsg-4) unstable; urgency=medium
4316
4317 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 06 Jun 2013 01:50:32 +0400
4318
4319+qemu (1.5.0+dfsg-3ubuntu6) trusty; urgency=low
4320+
4321+ * No change rebuild for new seccomp.
4322+
4323+ -- Stéphane Graber <stgraber@ubuntu.com> Mon, 21 Oct 2013 18:34:50 -0400
4324+
4325+qemu (1.5.0+dfsg-3ubuntu5) saucy; urgency=low
4326+
4327+ * Cherrypick upstream patch to fix crash with rng device (LP: #1235017)
4328+ - virtio-rng-fix-crash
4329+
4330+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 09 Oct 2013 17:46:49 -0500
4331+
4332+qemu (1.5.0+dfsg-3ubuntu4) saucy; urgency=low
4333+
4334+ * Re-introduce snippet in upstart job to load kvm modules if needed.
4335+ (LP: #1218459)
4336+
4337+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 16 Sep 2013 22:43:52 +0000
4338+
4339+qemu (1.5.0+dfsg-3ubuntu3) saucy; urgency=low
4340+
4341+ * Cherry-picking three Xen related patches targetted for qemu-stable:
4342+ * xen-simplify-xen_enabled.patch
4343+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
4344+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
4345+
4346+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 26 Jul 2013 15:01:44 +0200
4347+
4348+qemu (1.5.0+dfsg-3ubuntu2) saucy; urgency=low
4349+
4350+ * Drop openbios-ppc and openhackware Depends to Suggests for now.
4351+
4352+ -- Adam Conrad <adconrad@ubuntu.com> Wed, 05 Jun 2013 03:23:56 -0600
4353+
4354+qemu (1.5.0+dfsg-3ubuntu1) saucy; urgency=low
4355+
4356+ * Merge 1.5.0+dfs-3 from debian unstable. Remaining changes:
4357+ - debian/control
4358+ * update maintainer
4359+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4360+ from build-deps
4361+ * enable rbd
4362+ * add qemu-system and qemu-common B/R to qemu-keymaps
4363+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4364+ qemu-system-common
4365+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4366+ - add qemu-kvm to Provides
4367+ - add qemu-common, qemu-kvm, kvm to B/R
4368+ - remove openbios-sparc from qemu-system-sparc D
4369+ * qemu-system-x86:
4370+ - add qemu-common to Breaks/Replaces.
4371+ - add cpu-checker to Recommends.
4372+ * qemu-user: add B/R:qemu-kvm
4373+ * qemu-kvm:
4374+ - add armhf armel powerpc sparc to Architecture
4375+ - C/R/P: qemu-kvm-spice
4376+ * add qemu-common package
4377+ * drop qemu-slof which is not packaged in ubuntu
4378+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4379+ - qemu-system-x86.links:
4380+ * remove pxe rom links which are in kvm-ipxe
4381+ * add symlink for kvm.1 manpage
4382+ - debian/rules
4383+ * add kvm-spice symlink to qemu-kvm
4384+ * call dh_installmodules for qemu-system-x86
4385+ * update dh_installinit to install upstart script
4386+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4387+ - Add qemu-utils.links for kvm-* symlinks.
4388+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4389+ - Add qemu-system-x86.modprobe to set nesting=1
4390+ - Add qemu-system-common.preinst to add kvm group
4391+ - qemu-system-common.postinst: remove bad group acl if there, then have
4392+ udev relabel /dev/kvm.
4393+ - Dropped patches:
4394+ * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4395+ - Kept patches:
4396+ * expose_vms_qemu64cpu.patch - updated
4397+ * gridcentric patch - updated
4398+ * linaro arm patches from qemu-linaro rebasing branch
4399+
4400+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Jun 2013 22:56:43 +0200
4401+
4402 qemu (1.5.0+dfsg-3) unstable; urgency=low
4403
4404 * fix sections: misc => otherosfs
4405@@ -2308,6 +6402,54 @@ qemu (1.5.0+dfsg-3) unstable; urgency=low
4406
4407 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Jun 2013 01:49:47 +0400
4408
4409+qemu (1.5.0+dfsg-2ubuntu1) saucy; urgency=low
4410+
4411+ * Merge 1.5.0+dfs-2 from debian unstable. Remaining changes:
4412+ - debian/control
4413+ * update maintainer
4414+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4415+ from build-deps
4416+ * enable rbd
4417+ * add qemu-system and qemu-common B/R to qemu-keymaps
4418+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4419+ qemu-system-common
4420+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4421+ - add qemu-kvm to Provides
4422+ - add qemu-common, qemu-kvm, kvm to B/R
4423+ - remove openbios-sparc from qemu-system-sparc D
4424+ * qemu-system-x86:
4425+ - add qemu-common to Breaks/Replaces.
4426+ - add cpu-checker to Recommends.
4427+ * qemu-user: add B/R:qemu-kvm
4428+ * qemu-kvm:
4429+ - add armhf armel powerpc sparc to Architecture
4430+ - C/R/P: qemu-kvm-spice
4431+ * add qemu-common package
4432+ * drop qemu-slof which is not packaged in ubuntu
4433+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4434+ - qemu-system-x86.links:
4435+ * remove pxe rom links which are in kvm-ipxe
4436+ * add symlink for kvm.1 manpage
4437+ - debian/rules
4438+ * add kvm-spice symlink to qemu-kvm
4439+ * call dh_installmodules for qemu-system-x86
4440+ * update dh_installinit to install upstart script
4441+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4442+ - Add qemu-utils.links for kvm-* symlinks.
4443+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4444+ - Add qemu-system-x86.modprobe to set nesting=1
4445+ - Add qemu-system-common.preinst to add kvm group
4446+ - qemu-system-common.postinst: remove bad group acl if there, then have
4447+ udev relabel /dev/kvm.
4448+ - Dropped patches:
4449+ * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4450+ - Kept patches:
4451+ * expose_vms_qemu64cpu.patch - updated
4452+ * gridcentric patch - updated
4453+ * linaro arm patches from qemu-linaro rebasing branch
4454+
4455+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 May 2013 08:18:30 -0500
4456+
4457 qemu (1.5.0+dfsg-2) unstable; urgency=low
4458
4459 * merged development history of wheezy and experimental branches.
4460@@ -2375,6 +6517,76 @@ qemu (1.4.0+dfsg-2exp) experimental; urgency=low
4461
4462 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 18 Apr 2013 14:45:30 +0400
4463
4464+qemu (1.4.0+dfsg-1expubuntu4) raring; urgency=low
4465+
4466+ * re-add qemu-system-x86.modprobe to set nesting=1 (LP: #1155177)
4467+ * qemu-system-x86.qemu-kvm.upstart:
4468+ - remove NESTED workarounds from upstart file.
4469+ - remove loading of modules which is now always done
4470+ - remove TAPR define which is no longer used
4471+ * move customizable defines back to qemu-kvm.default
4472+ * copy creation of group kvm to preinst - the group must exist when the
4473+ kvm udev rule is installed (LP: #1103022) (LP: #1092715)
4474+ * add adduser to qemu-system-common Pre-Depends for use by preinst.
4475+
4476+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 14 Mar 2013 14:21:53 -0500
4477+
4478+qemu (1.4.0+dfsg-1expubuntu3) raring; urgency=low
4479+
4480+ * debian/rules: add a symlink from kvm-spice to kvm in qemu-kvm, on
4481+ i386/amd64 targets. (LP: #1126258)
4482+
4483+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 28 Feb 2013 15:17:16 -0600
4484+
4485+qemu (1.4.0+dfsg-1expubuntu2) raring; urgency=low
4486+
4487+ * substitute (apparently identical) patches from 1.4.0 qemu-linaro rebasing
4488+ tree.
4489+ * add qemu-common to qemu-system-common B/R (was accidentally dropped from
4490+ 1.3.0 in 1.4.0 merge).
4491+ * debian/control: fix kvm P/C/B/R:
4492+ - make all C/B/R against kvm versioned
4493+ - don't have any qemu-system-* other than x86 Provides: kvm
4494+
4495+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Feb 2013 13:34:07 -0600
4496+
4497+qemu (1.4.0+dfsg-1expubuntu1) raring; urgency=low
4498+
4499+ * Merge 1.4.0+dfsg-1exp from debian. Remaining changes:
4500+ - debian/control:
4501+ * update maintainer
4502+ * remove libiscsi, usb-redir, vde, and vnc-jpeg from build-deps
4503+ * enable rbd
4504+ * add qemu-system and qemu-common B/R to qemu-keymaps
4505+ * add D:udev and R:qemu to qemu-system-common
4506+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4507+ - add qemu-kvm and kvm to Provides
4508+ - add qemu-common and qemu-kvm to Breaks/Replaces qemu-system-ppc,
4509+ qemu-system-sparc:
4510+ - remove openbios-$arch from Depends
4511+ * qemu-system-x86:
4512+ - add qemu-common to Breaks/Replaces.
4513+ - add cpu-checker to Recommends.
4514+ * qemu-user:
4515+ - add B/R qemu-kvm
4516+ * qemu-utils:
4517+ - add B/R qemu-user and qemu-kvm
4518+ * qemu-kvm: add armhf armel powerpc sparc to Architecture
4519+ * add qemu-common package
4520+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4521+ - qemu-system-x86.links:
4522+ * remove pxe rom links which are in kvm-ipxe
4523+ * add symlink for kvm.1 manpage
4524+ - Add qemu-utils.links for kvm-* symlinks.
4525+ - Add qemu-kvm.conf upstart job to qemu-system
4526+ - Clear /dev/kvm acls on install
4527+ - Add linaro arm patches.
4528+ - Add gridcentric patches.
4529+ - Re-add expose_vms_qemu64cpu.patch (from Daviey)
4530+ * Add 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4531+
4532+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 20 Feb 2013 11:58:27 -0600
4533+
4534 qemu (1.4.0+dfsg-1exp) experimental; urgency=low
4535
4536 [ Michael Tokarev ]
4537@@ -2430,6 +6642,116 @@ qemu (1.4.0~rc0+dfsg-1exp) experimental; urgency=low
4538
4539 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 02 Feb 2013 21:05:28 +0400
4540
4541+qemu (1.3.0+dfsg-5expubuntu5) raring; urgency=low
4542+
4543+ * qemu-system-common.postinst: only run setfacl when /dev/kvm exists.
4544+ (LP: #1130591)
4545+
4546+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 20 Feb 2013 08:58:53 -0600
4547+
4548+qemu (1.3.0+dfsg-5expubuntu4) raring; urgency=low
4549+
4550+ * Update workarounds for udev/inotify: (LP: #1092715)
4551+ - qemu-system-common.udev: go back to original, simple rule
4552+ - qemu-system-common.postinst: manually run setfacl
4553+ - (keep Depends: on acl as well)
4554+ - this can be removed once bug 1092715 is fixed.
4555+
4556+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 19 Feb 2013 12:41:22 -0600
4557+
4558+qemu (1.3.0+dfsg-5expubuntu3) raring; urgency=low
4559+
4560+ * Now that qemu provides spice support, and qemu-kvm-spice is removed from
4561+ the archive, have qemu-kvm (which qemu-kvm-spice always depended on)
4562+ P/C/R qemu-kvm-spice.
4563+
4564+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 14 Feb 2013 13:43:27 -0600
4565+
4566+qemu (1.3.0+dfsg-5expubuntu2) raring; urgency=low
4567+
4568+ * Enable spice.
4569+ * Address lintian warning by adding ${misc:Depends} to qemu-common and
4570+ qemu-kvm.
4571+
4572+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 12 Feb 2013 16:07:04 -0600
4573+
4574+qemu (1.3.0+dfsg-5expubuntu1) raring; urgency=low
4575+
4576+ [ Serge Hallyn ]
4577+ * Merge 1.3.0+dfsg-5exp from Debian.
4578+ * remaining changes from 1.3.0+dfsg-1~exp3ubuntu1:
4579+ - debian/control:
4580+ * update maintainer
4581+ * remove vde2 recommends
4582+ * build-deps: remove libusbredir, libvdeplug2-dev,
4583+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev
4584+ * qemu-system:
4585+ - break/replace qemu-common
4586+ - depend on udev
4587+ - remove openbios-ppc, openbios-sparc, and openhackware from
4588+ Depends. (Intend to add them back once we can build them.)
4589+ * qemu-utils: break/replace qemu-kvm
4590+ - qemu-kvm.upstart:
4591+ - add qemu-system.qemu-kvm.upstart
4592+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4593+ - take the defaults from the old qemu-kvm.defaults, and move them into
4594+ the upstart job
4595+ - debian/patches:
4596+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4597+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4598+ - add links for qemu-ifup/down in qemu-system-common.links
4599+ - debian/qemu-system-common.postinst
4600+ - udevadm trigger to fix up /dev/kvm perms
4601+ - debian/qemu-system.links:
4602+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4603+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4604+ back to qemu-system at some point.
4605+ * remaining changes from after 1.3.0+dfsg-1~exp3ubuntu1:
4606+ - qemu-system-common.links: add link for OVMF
4607+ - Add qemu-utils.links for kvm-img and kvm-nbd utils and manpages.
4608+ - qemu-system.links:
4609+ * Add link to usr/share/ovmf/OVMF.fd
4610+ * Fix target of /etc/kvm/kvm-if{up,down} links
4611+ - debian/control: qemu-system should Recommend cpu-checker
4612+ - Add qemu-kvm breaks/replaces to qemu-user, to handle conflict over
4613+ (i.e.) qemu-x86_64.
4614+ - add qemu-kvm, and qemu-common transitional packages.
4615+ - Add breaks/replaces to qemu-keymaps for qemu-system.
4616+ - Add provides: qemu-kvm and kvm to qemu-system-ppc.
4617+ - Add breaks/replaces to qemu-system-ppc for qemu-kvm and qemu-common.
4618+ - Add breaks/replaces to qemu-kvm for qemu-common.
4619+ - Add breaks/replaces to qemu-utils for qemu-user and qemu-kvm.
4620+ - Add armhf, armel, powerpc and sparc arches to qemu-kvm transitional
4621+ package.
4622+ - Add qemu-common package.
4623+ - Make sure /dev/kvm gets its acls cleared:
4624+ * Add acl to qemu-system.depends
4625+ * update qemu-system.udev to run setfacl to set g::rw acl
4626+ - Remove vnc-jpeg, libiscsi-dev, and vde from debian/configure-opts
4627+ * dropped debian/patches/CVE-2012-6075.patch (duplicate of
4628+ e1000-discard-oversize-packets-based-on-SBP_LPE.patch)
4629+ * debian/{control,configure-opts}: enable rbd (LP: #1118406)
4630+ * add symlink for kvm.1 -> qemu.1 manpage (LP: #1117636)
4631+ * add replaces to qemu-system-common for qemu - we briefly moved conflicting
4632+ docs to qemu, which debian moved to qemu-system-common. This can be
4633+ dropped after raring.
4634+ * move qemu-kvm.upstart from qemu-system to qemu-system-x86.
4635+ * Support upgrade from qemu-kvm on non-x86 arches:
4636+ - Add Provides: qemu-kvm, kvm to qemu-system-{arm,ppc,sparc,x86}
4637+ - Add Breaks/Replaces for qemu-{common,system,kvm} and kvm.
4638+ * Re-add expose_vms_qemu64cpu.patch (from Daviey) from quantal.
4639+
4640+ [ Steve Langasek ]
4641+ * Pass --enable-uname-release=2.6.32 for the user emulation builds, so that
4642+ we have a sensible baseline kernel value regardless of what the
4643+ underlying host kernel is. This makes eglibc happier when running under
4644+ emulation on a very old kernel for instance (whose host syscall ABI has
4645+ nothing to do with what emulated syscalls are supported), and probably
4646+ also lets us steer clear for the moment of code that has problem with
4647+ the new kernel upstream versioning convention. LP: #921078.
4648+
4649+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 07 Feb 2013 14:15:26 -0600
4650+
4651 qemu (1.3.0+dfsg-5exp) experimental; urgency=low
4652
4653 * qemu-system-split: split qemu-system into several target-specific packages:
4654@@ -2509,6 +6831,106 @@ qemu (1.3.0+dfsg-2exp) experimental; urgency=low
4655
4656 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 20 Jan 2013 22:12:11 +0400
4657
4658+qemu (1.3.0+dfsg-1~exp3ubuntu8) raring; urgency=low
4659+
4660+ * qemu-system.links:
4661+ - Add link to usr/share/ovmf/OVMF.fd (LP: #1074207)
4662+ - Fix target of /etc/kvm/kvm-if{up,down} links
4663+
4664+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 29 Jan 2013 10:52:22 -0600
4665+
4666+qemu (1.3.0+dfsg-1~exp3ubuntu7) raring; urgency=low
4667+
4668+ * debian/control: qemu-system should Recommend cpu-checker (LP: #1103982)
4669+
4670+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 28 Jan 2013 11:52:10 -0600
4671+
4672+qemu (1.3.0+dfsg-1~exp3ubuntu6) raring; urgency=low
4673+
4674+ * configure-opts: add audio-cards list (LP: #1102487)
4675+ * configure-opts: change order of audio-drv-list for ubuntu, putting pa
4676+ first.
4677+
4678+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 21 Jan 2013 12:02:09 -0600
4679+
4680+qemu (1.3.0+dfsg-1~exp3ubuntu5) raring; urgency=low
4681+
4682+ * Add qemu-kvm breaks/replaces to qemu-user, to handle conflict over
4683+ (i.e.) qemu-x86_64. (LP: #1102332)
4684+
4685+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 21 Jan 2013 08:58:07 -0600
4686+
4687+qemu (1.3.0+dfsg-1~exp3ubuntu4) raring; urgency=low
4688+
4689+ * Move three docs from qemu-system.install to qemu.docs (LP: #1101798)
4690+
4691+ -- Adam Conrad <adconrad@ubuntu.com> Sat, 19 Jan 2013 20:12:48 -0700
4692+
4693+qemu (1.3.0+dfsg-1~exp3ubuntu3) raring; urgency=low
4694+
4695+ * debian/patches/CVE-2012-6075.patch: Fix guest denial of service and
4696+ possible code execution in hw/e1000.c by dropping oversize packets.
4697+
4698+ -- Adam Conrad <adconrad@ubuntu.com> Sat, 19 Jan 2013 07:31:50 -0700
4699+
4700+qemu (1.3.0+dfsg-1~exp3ubuntu2) raring; urgency=low
4701+
4702+ * debian/rules: empty MAKEFLAGS when building spapr-rtas.bin on powerpc, to
4703+ fix FTBFS due to parallel compile.
4704+
4705+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Jan 2013 15:51:09 -0600
4706+
4707+qemu (1.3.0+dfsg-1~exp3ubuntu1) raring; urgency=low
4708+
4709+ * Merge 1.3.0+dfsg-1~exp3. Remaining ubuntu delta:
4710+ - debian/control:
4711+ * update maintainer
4712+ * remove vde2 recommends
4713+ * build-deps: remove libusbredir, libvdeplug2-dev,
4714+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev,
4715+ and libxen-dev.
4716+ * qemu-keymaps: break/replace qemu-common
4717+ * qemu-system:
4718+ - break/replace qemu-common
4719+ - depend on udev
4720+ - remove openbios-ppc, openbios-sparc, and openhackware from
4721+ Depends. (Intend to add them back once we can build them.)
4722+ - provides: qemu-kvm
4723+ * qemu-utils: break/replace qemu-kvm
4724+ * set up transitional packages for qemu-kvm, qemu-common, and kvm.
4725+ - qemu-kvm.upstart:
4726+ - add qemu-system.qemu-kvm.upstart
4727+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4728+ - take the defaults from the old qemu-kvm.defaults, and move them into
4729+ the upstart job
4730+ - debian/patches:
4731+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4732+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4733+ - ifup/down:
4734+ - copy Debian qemu-kvm's kvm-ifup/down into debian/
4735+ - fix dh_install for kvm-ifup/down in debian/rules
4736+ - add links for qemu-ifup/down in qemu-system.links
4737+ - remove (debian's original) qemu-ifup from qemu-system.install
4738+ - debian/qemu-system.postinst
4739+ - udevadm trigger to fix up /dev/kvm perms
4740+ - make the 'qemu' symlink point to qemu-system-x86_64, not -i386.
4741+ - debian/qemu-system.links:
4742+ - point 'kvm' to qemu-system-x86_64
4743+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4744+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4745+ back to qemu-system at some point.
4746+ * Add note about kvm to qemu-system.README.debian.
4747+ * Copy kvm-ifup and kvm-ifdown from debian's qemu-kvm
4748+ * Remove TAPBR from qemu-kvm.conf.
4749+ * Make sure /dev/kvm gets its acls cleared:
4750+ - Add acl to qemu-system.depends
4751+ - update qemu-system.udev to run setfacl to set g::rw acl
4752+ * qemu-system.qemu-kvm.conf: don't rmmod at stop
4753+ * Remove vnc-jpeg, libiscsi-dev, and vde from debian/configure-opts
4754+ * Remove hugepages sysctl file - qemu now supports transparent hugepages.
4755+
4756+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 14 Jan 2013 23:22:51 -0600
4757+
4758 qemu (1.3.0+dfsg-1~exp3) experimental; urgency=low
4759
4760 * enable vde on kFreebsd too (no idea why it was disabled)
4761@@ -2593,6 +7015,107 @@ qemu (1.3.0+dfsg-1~exp1) experimental; urgency=low
4762
4763 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 30 Dec 2012 01:52:21 +0400
4764
4765+qemu (1.2.0.dfsg-1~exp1-0ubuntu2) raring; urgency=low
4766+
4767+ * Remove kvm package
4768+ - make qemu-system P/C/B: kvm.
4769+
4770+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 14 Jan 2013 12:03:19 -0600
4771+
4772+qemu (1.2.0.dfsg-1~exp1-0ubuntu1) raring; urgency=low
4773+
4774+ [ Serge Hallyn ]
4775+ * debian/control:
4776+ - update maintainer
4777+ - remove vde2 recommends
4778+ - build-deps: remove libusbredir, libvdeplug2-dev,
4779+ libspice-server-dev, libspice-protocol-dev, libiscsi-dev,
4780+ and libxen-dev.
4781+ - qemu-keymaps: break/replace qemu-common
4782+ - qemu-system:
4783+ - break/replace qemu-common
4784+ - depend on udev
4785+ - remove openbios-ppc, openbios-sparc, and openhackware from
4786+ Depends. (Intend to add them back once we can build them.)
4787+ - provides: qemu-kvm
4788+ - qemu-utils: break/replace qemu-kvm
4789+ - set up transitional packages for qemu-kvm, qemu-common, and kvm.
4790+ * debian/rules:
4791+ - install kvm-ifup and kvm-ifdown
4792+ - dh_installinit the qemu-kvm upstart job
4793+ * install a 30-qemu-kvm.conf into /etc/sysctl.c for nr_hugepages.
4794+ * qemu-kvm.upstart:
4795+ - add qemu-system.qemu-kvm.upstart
4796+ - add mv_confile to qemu-system.preinst, postinst, and .postrm to rename
4797+ /etc/init/qemu-kvm.conf to qemu-system.conf
4798+ - debian/rules: add dh_installinit to get qemu-system.upstart installed.
4799+ - take the defaults from the old qemu-kvm.defaults, and move them into
4800+ the upstart job
4801+ * debian/patches:
4802+ - apply gridcentric patches from lp:~amscanne/+junk/gridcentric-qemu-patches
4803+ - apply arm patches from git://git.linaro.org/qemu/qemu-linaro.git
4804+ - apply nbd-fixes-to-read-only-handling.patch from upstream to
4805+ make read-write mount after read-only mount work. (LP: #1077838)
4806+ * ifup/down:
4807+ - copy Ubuntu qemu-kvm's kvm-ifup/down into debian/
4808+ - fix dh_install for kvm-ifup/down in debian/rules
4809+ - add links for qemu-ifup/down in qemu-system.links
4810+ - remove (debian's original) qemu-ifup from qemu-system.install
4811+ * debian/qemu-system.postinst
4812+ - udevadm trigger to fix up /dev/kvm perms
4813+ - make the 'qemu' symlink point to qemu-system-x86_64, not -i386.
4814+ * debian/qemu-system.links:
4815+ - point 'kvm' to qemu-system-x86_64
4816+ - remove pxe-virtio, pxe-e1000 and pxe-rtl8139 links (which conflict
4817+ with ones from kvm-ipxe). We may want to move the links from kvm-ipxe
4818+ back to qemu-system at some point.
4819+ - add qemu-ifdown and qemu-ifup links
4820+ * debian/qemu-system.install:
4821+ - remove /etc/qemu-ifup link
4822+ - add /etc/sysctl.d/30-qemu-kvm.conf
4823+
4824+ [ Adam Conrad ]
4825+ * Appease apt-get's dist-upgrade resolver by creating a qemu-common
4826+ transitional package to upgrade more gracefully to qemu-keymaps.
4827+ * Move all the empty transitional packages to the oldlibs section.
4828+ * Restore the versioned dep from qemu-kvm (and kvm) to qemu-system.
4829+
4830+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Jan 2013 08:50:24 -0600
4831+
4832+qemu (1.2.0+dfsg-1~exp1) UNRELEASED; urgency=low
4833+
4834+ [ Michael Tokarev ]
4835+ * new upstream version (1.3.0)
4836+ (Closes: #676374, #622319, #597527, #593547, #660154)
4837+ - Removed patches included upstream:
4838+ do-not-include-libutil.h.patch
4839+ configure-nss-usbredir.patch
4840+ tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch
4841+ net-add--netdev-options-to-man-page.patch
4842+ - update 02_kfreebsd.patch
4843+ - do not build mpc8544ds.dtb
4844+ - include new targets
4845+ * Cleaned up the build system ALOT. Larger changes:
4846+ - used explicit lists of emulated targets in debian/rules
4847+ and generate everything else from there, instead of repeating
4848+ these lists in lots of places.
4849+ - stop using debian/$pkg.manpages and other auxilary files like this,
4850+ moving eveything to debian/$pkg.install, because with the number
4851+ of packages growing, amount of these small files becomes very
4852+ large and the result is difficult to maintain.
4853+ * ship forgotten target-x86_64.conf in qemu-system.
4854+ * ship virtfs-proxy-helper in qemu-utils.
4855+ * stop shipping tundev.c, since it does not reflect the reality for
4856+ a long time now (Closes: #325761, #325754).
4857+ * re-introduce support parallel build using DEB_BUILD_OPTIONS=parallel=N,
4858+ this time by adding to $MAKEFLAGS instead of passing down to submakes
4859+ * build-depend on libcap-ng-dev (for virtfs-proxy-helper)
4860+
4861+ [ Vagrant Cascadian ]
4862+ * Add libcap-dev to Build-Depends to support virtfs-proxy-helper.
4863+
4864+ -- Michael Tokarev <mjt@tls.msk.ru> Sun, 30 Dec 2012 01:52:21 +0400
4865+
4866 qemu (1.1.2+dfsg-6a) unstable; urgency=low
4867
4868 * reupload to remove two unrelated files slipped in debian/
4869@@ -4526,3 +9049,4 @@ qemu (0.5.2-1) unstable; urgency=low
4870 * Initial Release. (Closes: #187407)
4871
4872 -- Paul Russell <prussell@debian.org> Wed, 3 Mar 2004 02:18:54 +0100
4873+
4874diff --git a/debian/control b/debian/control
4875index e71f498..0d4d262 100644
4876--- a/debian/control
4877+++ b/debian/control
4878@@ -2,7 +2,8 @@
4879 Source: qemu
4880 Section: otherosfs
4881 Priority: optional
4882-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
4883+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
4884+XSBC-Original-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
4885 Uploaders: Riku Voipio <riku.voipio@iki.fi>,
4886 Michael Tokarev <mjt@tls.msk.ru>
4887 Build-Depends: debhelper-compat (= 12),
4888@@ -18,8 +19,6 @@ Build-Depends: debhelper-compat (= 12),
4889 # iasl (from acpica-tools) is used only in a single test these days, not for building
4890 # acpica-tools,
4891 # libcapstone is in universe in ubuntu
4892-# --enable-capstone=system
4893- libcapstone-dev (>> 4.0.2~),
4894 # --enable-linux-aio linux-*
4895 libaio-dev [linux-any],
4896 # --audio-drv-list=pa,alsa,oss,sdl linux-*
4897@@ -40,8 +39,6 @@ Build-Depends: debhelper-compat (= 12),
4898 # libfdt #931046
4899 libfdt-dev (>> 1.5.0-2~),
4900 # in ubuntu libfuse3 is in universe
4901-# --enable-fuse
4902- libfuse3-dev,
4903 # --enable-gnutls
4904 gnutls-dev,
4905 # --enable-gtk --enable-vte
4906@@ -54,8 +51,6 @@ Build-Depends: debhelper-compat (= 12),
4907 libvirglrenderer-dev [linux-any],
4908 # --enable-opengl linux-*
4909 libepoxy-dev [linux-any], libdrm-dev [linux-any], libgbm-dev [linux-any],
4910-# --enable-libnfs
4911- libnfs-dev (>> 1.9.3),
4912 # --enable-numa i386|amd64|ia64|mips|mipsel|powerpc|powerpcspe|x32|ppc64|ppc64el|arm64|sparc|s390x|riscv64
4913 libnuma-dev [i386 amd64 ia64 mips mipsel mips64 mips64el powerpc powerpcspe x32 ppc64 ppc64el arm64 sparc s390x riscv64],
4914 # --enable-smartcard
4915@@ -65,8 +60,6 @@ Build-Depends: debhelper-compat (= 12),
4916 librbd-dev [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x ppc64 sparc64],
4917 # glusterfs is debian-only since ubuntu/glusterfs is in universe (MIR LP: #1274247)
4918 # before buster it was glusterfs-common so keep it for now for bpo
4919-# --enable-glusterfs linux-any
4920- libglusterfs-dev [linux-any] | glusterfs-common [linux-any],
4921 # --enable-vnc-sasl
4922 libsasl2-dev,
4923 # --enable-sdl
4924@@ -88,9 +81,6 @@ Build-Depends: debhelper-compat (= 12),
4925 # --enable-libssh
4926 libssh-dev,
4927 # vde is debian-only since ubuntu/vde2 is in universe
4928-# --enable-vde
4929- libvdeplug-dev,
4930-# --enable-xen linux-amd64|linux-i386
4931 libxen-dev [linux-amd64 linux-i386],
4932 # --enable-nettle
4933 nettle-dev,
4934@@ -134,8 +124,10 @@ Build-Depends-Indep:
4935 Build-Conflicts: oss4-dev
4936 Standards-Version: 4.5.1
4937 Homepage: http://www.qemu.org/
4938-Vcs-Browser: https://salsa.debian.org/qemu-team/qemu
4939-Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git
4940+XS-Debian-Vcs-Browser: https://salsa.debian.org/qemu-team/qemu
4941+XS-Debian-Vcs-Git: https://salsa.debian.org/qemu-team/qemu.git
4942+Vcs-Browser: https://git.launchpad.net/ubuntu/+source/qemu
4943+Vcs-Git: https://git.launchpad.net/ubuntu/+source/qemu
4944
4945 Package: qemu
4946 Architecture: amd64 arm arm64 armel armhf i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4947@@ -166,6 +158,7 @@ Depends: ${misc:Depends},
4948 qemu-system-ppc,
4949 qemu-system-sparc,
4950 qemu-system-x86,
4951+ qemu-system-s390x,
4952 qemu-system-misc
4953 Description: QEMU full system emulation binaries
4954 QEMU is a fast processor emulator: currently the package supports
4955@@ -200,6 +193,8 @@ Multi-Arch: foreign
4956 Conflicts: sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof,
4957 Replaces: qemu-system-common (<< 1:2.12+dfsg-2~), sgabios,
4958 openbios-sparc, openbios-ppc, qemu-slof, qemu-system-sparc (<< 1:4.2-4~), qemu-system-ppc (<< 1:4.2-4~),
4959+ qemu-system-s390x (<< 1:3.1+dfsg-2ubuntu1~)
4960+Breaks: qemu-system-s390x (<< 1:3.1+dfsg-2ubuntu1~)
4961 Provides: qemu-keymaps, sgabios, qemu-skiboot, openbios-sparc, openbios-ppc, qemu-slof,
4962 Depends: ${misc:Depends}
4963 Description: QEMU full system emulation (data files)
4964@@ -213,7 +208,9 @@ Multi-Arch: no
4965 Replaces: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~)
4966 Breaks: qemu-system-data (<< 1:3.1+dfsg-1~), qemu-utils (<< 1:3.1+dfsg-3~), libvirt-daemon (<< 7.2.0-1)
4967 Depends: ${misc:Depends}, ${shlibs:Depends},
4968+ qemu-block-extra (= ${binary:Version}),
4969 # to fix wrong acl for newly created device node on ubuntu:
4970+ acl
4971 Description: QEMU full system emulation binaries (common files)
4972 QEMU is a fast processor emulator: currently the package supports
4973 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
4974@@ -269,6 +266,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Ver
4975 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4976 # aarch64 arm uses bootroms
4977 ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~),
4978+ ipxe-qemu-256k-compat-efi-roms,
4979 qemu-efi-aarch64, qemu-efi-arm
4980 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4981 Provides: qemu-kvm [linux-arm64 linux-armhf linux-armel], ${sysprovides:arm}
4982@@ -315,6 +313,7 @@ Multi-Arch: foreign
4983 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4984 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
4985 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4986+ ipxe-qemu-256k-compat-efi-roms,
4987 # ppc targets use vgabios-stdvga and bootroms
4988 seabios, ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4989 Provides: qemu-kvm [linux-ppc64 linux-ppc64el linux-powerpc], ${sysprovides:ppc}
4990@@ -359,14 +358,16 @@ Package: qemu-system-x86
4991 Architecture: amd64 arm arm64 armel armhf i386 ia64 kfreebsd-amd64 kfreebsd-i386 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x sparc sparc64 x32
4992 Multi-Arch: foreign
4993 Depends: ${shlibs:Depends}, ${misc:Depends}, qemu-system-common (>> ${source:Version}~), qemu-system-data (>> ${source:Version}~),
4994+ ipxe-qemu-256k-compat-efi-roms,
4995 seabios (>= 1.10.2-1~), ipxe-qemu (>= 1.0.0+git-20131111.c3d1e78-1~)
4996 Recommends: qemu-system-gui (= ${binary:Version}), qemu-utils,
4997 ovmf,
4998+ cpu-checker
4999 Suggests: samba, vde2, qemu-block-extra (= ${binary:Version}),
5000 sgabios,
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches