~rafaeldtinoco/ubuntu/+source/qemu:lp1828495-disco-devel-qemu

Branch merges

Propose for merging

Merged into ubuntu/+source/qemu:ubuntu/disco-devel at revision d4bf86763f4ca913f80016a735e5686c90a52570

Bryce Harrington (community): Approve on 2019-07-23

Christian Ehrhardt  (community): Approve on 2019-07-01

Ubuntu Virtualization Developers: Pending requested 2019-06-28

Ubuntu Core Development Team: Pending requested 2019-06-28

Canonical Server: Pending requested 2019-06-28

Diff: 49 lines (+20/-0) (has conflicts)

2 files modified

debian/changelog (+17/-0)
debian/patches/series (+3/-0)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

d4bf867... by Rafael David Tinoco on 2019-06-29

changelog

11af69e... by Rafael David Tinoco on 2019-07-15

  - 0016-no-ospke-on-some.patch (LP: #1828495):
    i386: Disable OSPKE on CPU model definitions
    (upstream: bb4928c7cafe, desc: v4.0.0-rc0-3-gbb4928c7ca)

64e6546... by Rafael David Tinoco on 2019-07-15

  - 0015-remove-cpuid-intel_pt.patch
    i386: remove the 'INTEL_PT' CPUID bit from named CPU models
    (upstream: 4c257911dcc7, desc: v3.1.0-1496-g4c257911dc)

a48e22c... by Rafael David Tinoco on 2019-06-29

  - 0014-remove-cpuid-pconfig.patch
    i386: remove the new CPUID 'PCONFIG' from Icelake-Server CPU model
    (upstream: 76e5a4d58357, desc: v3.1.0-1495-g76e5a4d58

9d9bce6... by Rafael David Tinoco on 2019-06-29

  - 0012-arch-capabilities-migratable.patch (LP: #1828495):
    i386: Make arch_capabilities migratable
    (upstream: 014018e19b3c, desc: v4.0.0-rc0-2-g014018e19b)

2bfa74f... by Rafael David Tinoco on 2019-06-29

  - 0011-disable-arch-cap-when-no-msr.patch (LP: #1828495):
    i386: kvm: Disable arch_capabilities if MSR can't be set
    (upstream: 485b1d256bcb, desc: v4.0.0-rc0-1-g485b1d256b)

aa0fbdd... by Christian Ehrhardt  on 2019-05-28

Import patches-unapplied version 1:3.1+dfsg-2ubuntu3.2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: b818da7a1a0dfa55c0f4edf0be10394fe4d7f3f8

New changelog entries:
  * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
    broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
    fix migrations from old machines (LP: #1829868).
  * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
    toleration for future machines (LP: #1830704
  * d/control-in, d/control: add versioned dependencies to libseccomp 2.4 as
    any rebuild against 2.4 as it is in proposed right now will otherwise
    crash (LP: #1830859).

b818da7... by Steve Beattie on 2019-05-08

Import patches-unapplied version 1:3.1+dfsg-2ubuntu3.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 032438c45a3f371ce4a34082ccff34928914bf81

New changelog entries:
  * SECURITY UPDATE: Add support for exposing md-clear functionality
    to guests
    - d/p/ubuntu/enable-md-clear.patch
    - d/p/ubuntu/enable-md-no.patch
    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * SECURITY UPDATE: heap overflow when loading device tree blob
    - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
      copy the device tree blob into is.
    - CVE-2018-20815
  * SECURITY UPDATE: device driver denial of service via NULL pointer
    dereference
    - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
      routine
    - CVE-2019-5008
  * SECURITY UPDATE: information leak in SLiRP
    - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
      emulating ident.
    - CVE-2019-9824

032438c... by Christian Ehrhardt  on 2019-03-18

Import patches-unapplied version 1:3.1+dfsg-2ubuntu3 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 994adb63a9522a7c30da2f0568193bd51ce9fa9d

New changelog entries:
  * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
    - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
    - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
      mv_conffile since the new path is a directory in the old package
      version which can not be handled by mv_conffile.
  * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
    OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
    Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
    CVE-2019-3812

994adb6... by Christian Ehrhardt  on 2019-02-19

Import patches-unapplied version 1:3.1+dfsg-2ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: cab537364b05118ea9d17ad3c98aacfeb701e390

New changelog entries:
  * disable pvrdma - besides several security holes there are many other
    bugs there as well, and the amount of patches applied upstream after
    3.1 release is large (Closes, or actuallymakes unimportant again)
    - CVE-2018-20123
    - CVE-2018-20124
    - CVE-2018-20125
    - CVE-2018-20126
    - CVE-2018-20191
    - CVE-2018-20216
  * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
    - CVE-2019-6501
  * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
    - CVE-2019-6778