- 0014-remove-cpuid-pconfig.patch
i386: remove the new CPUID 'PCONFIG' from Icelake-Server CPU model
(upstream: 76e5a4d58357, desc: v3.1.0-1495-g76e5a4d58
New changelog entries:
* d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
fix migrations from old machines (LP: #1829868).
* d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
toleration for future machines (LP: #1830704
* d/control-in, d/control: add versioned dependencies to libseccomp 2.4 as
any rebuild against 2.4 as it is in proposed right now will otherwise
crash (LP: #1830859).
New changelog entries:
* SECURITY UPDATE: Add support for exposing md-clear functionality
to guests
- d/p/ubuntu/enable-md-clear.patch
- d/p/ubuntu/enable-md-no.patch
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
* SECURITY UPDATE: heap overflow when loading device tree blob
- d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
copy the device tree blob into is.
- CVE-2018-20815
* SECURITY UPDATE: device driver denial of service via NULL pointer
dereference
- d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
routine
- CVE-2019-5008
* SECURITY UPDATE: information leak in SLiRP
- d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
emulating ident.
- CVE-2019-9824
New changelog entries:
* qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
- d/qemu-guest-agent.install: use correct path for fsfreeze-hook
- d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
mv_conffile since the new path is a directory in the old package
version which can not be handled by mv_conffile.
* i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
CVE-2019-3812
New changelog entries:
* disable pvrdma - besides several security holes there are many other
bugs there as well, and the amount of patches applied upstream after
3.1 release is large (Closes, or actuallymakes unimportant again)
- CVE-2018-20123
- CVE-2018-20124
- CVE-2018-20125
- CVE-2018-20126
- CVE-2018-20191
- CVE-2018-20216
* scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
- CVE-2019-6501
* slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
- CVE-2019-6778