~paelzer/ubuntu/+source/qemu:lp-1830243-secure-boot-toleration-xenial

Last commit made on 2019-07-04
Get this branch:
git clone -b lp-1830243-secure-boot-toleration-xenial https://git.launchpad.net/~paelzer/ubuntu/+source/qemu
Only Christian Ehrhardt  can upload to this branch. If you are Christian Ehrhardt  please log in for upload directions.

Branch merges

Branch information

Name:
lp-1830243-secure-boot-toleration-xenial
Repository:
lp:~paelzer/ubuntu/+source/qemu

Recent commits

98ec5a6... by Christian Ehrhardt  on 2019-07-04

changelog: tolerate guests with secure boot loaders (LP: #1830243)

Signed-off-by: Christian Ehrhardt <email address hidden>

6aec234... by Christian Ehrhardt  on 2019-07-04

backport d/p/ubuntu/lp-1830243-s390-bios-Skip-bootmap-signature-entries.patch for qemu 2.11

Signed-off-by: Christian Ehrhardt <email address hidden>

0a84c26... by Christian Ehrhardt  on 2019-07-04

d/p/ubuntu/lp-1830243-s390-bios-Skip-bootmap-signature-entries.patch: tolerate guests with secure boot loaders (LP: #1830243)

Signed-off-by: Christian Ehrhardt <email address hidden>

8fdaefe... by Dan Streetman on 2019-05-16

Import patches-unapplied version 1:2.5+dfsg-5ubuntu10.40 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 653b31e8e9592e284975476aa1e7be9ea1ab285e

New changelog entries:
  * Restore patches that caused regression
    - d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch
    - d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch
  * Fix regression introduced by above patches (LP: #1829380)
    - d/p/lp1829380.patch
  [ Rafael David Tinoco ]
  * d/p/lp1828288/target-i386-Set-AMD-alias-bits-after-filtering-CPUID.patch
    - Fix issues with CPUID_EXT2_AMD_ALIASES allowing guests using
      cpu passthrough to boot. (LP: #1828288)

653b31e... by Marc Deslauriers on 2019-05-16

Import patches-unapplied version 1:2.5+dfsg-5ubuntu10.39 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: babf95e8dd40c09320b242d52fee41c223bb3564

New changelog entries:
  * Disable patches from 1:2.5+dfsg-5ubuntu10.37 to prevent regression
    (LP: #1829245)
    - d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch
    - d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch

babf95e... by Steve Beattie on 2019-05-09

Import patches-unapplied version 1:2.5+dfsg-5ubuntu10.38 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9ffcb1aca7d05cb2ec8b53c6524f01390dbaf2de

New changelog entries:
  * SECURITY UPDATE: Add support for exposing md-clear functionality
    to guests
    - d/p/ubuntu/enable-md-clear.patch
    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * SECURITY UPDATE: heap overflow when loading device tree blob
    - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
      copy the device tree blob into is.
    - CVE-2018-20815
  * SECURITY UPDATE: information leak in SLiRP
    - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
      emulating ident.
    - CVE-2019-9824
  * Add support for exposing md-clear functionality to guests
    - d/u/enable-md-clear.patch

9ffcb1a... by Dan Streetman on 2019-04-23

Import patches-unapplied version 1:2.5+dfsg-5ubuntu10.37 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 6c8e0d00da7f9f41a14608a1df609df21a4ea419

New changelog entries:
  * d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch,
    d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch:
    - Prevent crash due to race condition on shutdown;
      this is fixed differently upstream (starting in Bionic), but
      the change is too large to backport into Xenial. These two very
      small patches work around the problem in an unintrusive way.
      (LP: #1823458)

6c8e0d0... by Marc Deslauriers on 2019-03-22

Import patches-unapplied version 1:2.5+dfsg-5ubuntu10.36 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: cf094780a4ad52f178407837280b9f0d4d02204f

New changelog entries:
  * Spectre/Meltdown fixes for ppc64 (LP: #1765364)
    - debian/patches/lp1765364/*.patches: add backported capabilities and
      spectre/meltdown commits.
  * SECURITY UPDATE: race during file renaming in v9fs_wstat
    - debian/patches/CVE-2018-19489.patch: add locks to hw/9pfs/9p.c.
    - CVE-2018-19489
  * SECURITY UPDATE: heap based buffer overflow in slirp
    - debian/patches/CVE-2019-6778.patch: check data length while emulating
      ident function in slirp/tcp_subr.c.
    - CVE-2019-6778

cf09478... by Heitor Alves de Siqueira on 2019-03-01

Import patches-unapplied version 1:2.5+dfsg-5ubuntu10.35 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 0558dd708d794b4f937290680afa54b6dedbc2c4

New changelog entries:
  * Fix deadlock when detaching network interface (LP: #1818880)
    Fixed by upstream patch:
    - d/p/lp-1818880-rcu-disable-atfork.patch: rcu: completely disable
      pthread_atfork callbacks as soon as possible

0558dd7... by Christian Ehrhardt  on 2018-12-12

Import patches-unapplied version 1:2.5+dfsg-5ubuntu10.34 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: c225642ca4faa6ac9b5014c43b810668590afeb6

New changelog entries:
  * d/p/ubuntu/lp1807743-linux-user-timerfd.patch: fix define for
    timerfd_create system call (LP: #1807743)