Ubuntu
qemu package

Merge ~sergiodj/ubuntu/+source/qemu:merge-8.0-dfsg4-mantic into ubuntu/+source/qemu:debian/experimental

Proposed by Sergio Durigan Junior on 2023-06-08

Status:

Superseded

Proposed branch:

~sergiodj/ubuntu/+source/qemu:merge-8.0-dfsg4-mantic

Merge into:

ubuntu/+source/qemu:debian/experimental

Diff against target:

6954 lines (+6388/-10)

15 files modified

debian/changelog (+4999/-3)
debian/control (+51/-7)
debian/control-in (+3/-0)
debian/patches/series (+7/-0)
debian/patches/ubuntu/allow-repeating-hot-unplug-requests.patch (+74/-0)
debian/patches/ubuntu/define-ubuntu-machine-types.patch (+937/-0)
debian/patches/ubuntu/enable-svm-by-default.patch (+34/-0)
debian/patches/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch (+62/-0)
debian/patches/ubuntu/qboot-Disable-LTO-for-ELF-binary-build-step.patch (+44/-0)
debian/qemu-block-extra.postinst (+59/-0)
debian/qemu-kvm-init (+89/-0)
debian/qemu-system-common.install (+1/-0)
debian/qemu-system-common.qemu-kvm.default (+8/-0)
debian/qemu-system-common.qemu-kvm.service (+16/-0)
debian/rules (+4/-0)

Undecided

Fix Released

Link a bug report

Reviewer	Date Requested	Status
Christian Ehrhardt  (community)	2023-06-08	Needs Fixing on 2023-06-14
Canonical Server packageset reviewers	2023-06-08	Pending
Canonical Server Reporter	2023-06-08	Pending
Review via email: mp+444404@code.launchpad.net

This proposal has been superseded by a proposal from 2023-06-19.

Description of the change

This is the merge of QEMU 8.0+dfsg-4 from Debian experimental.

It's a bit involved since we're jumping from 7.2 to 8.0. The following things are noteworthy IMHO:

- First of all, this MP isn't entirely ready to be uploaded because I'd like Christian to take a look as well. Also, the dep8 tests included in the package are somewhat superficial, and Christian maintains an extensive testsuite by himself. I still don't know how to use it, so this is something we will talk more about next week when he's back from PTO. I won't feel comfortable uploading the package until I see the results from his testsuite.

- I did my best to adjust d/p/ubuntu/define-ubuntu-machine-types.patch accordingly. I'd appreciate a double check.

- The Debian maintainer chose to link the documentation for qemu-system-x86 with qemu-system-common. This introduced a build failure because we maintain our own d/qemu-system-x86.README.Debian, and dh did not know where to install it anymore (since the /usr/share/docs/qemu-system-x86/ directory won't exist anymore). For that reason, and judging by the contents of our README.Debian file, I decided to drop it entirely.

- I was able to drop some of our delta that's been adopted by Debian.

I think that's it.

There's a PPA here: https://launchpad.net/~sergiodj/+archive/ubuntu/qemu/+packages

I triggered the dep8 tests and will post the results once I have them.

Revision history for this message

Sergio Durigan Junior (sergiodj) wrote on 2023-06-09:

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-mantic-sergiodj-qemu/?format=plain)
  qemu @ amd64:
    08.06.23 19:35:06 Log 🗒️ ✅ Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3
  qemu @ arm64:
    08.06.23 19:36:40 Log 🗒️ ✅ Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3
  qemu @ armhf:
    08.06.23 19:12:27 Log 🗒️ ✅ Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3
  qemu @ ppc64el:
    08.06.23 19:27:40 Log 🗒️ ✅ Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3
  qemu @ s390x:
    08.06.23 19:25:55 Log 🗒️ ✅ Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2023-06-14:

Download full text (3.9 KiB)

Thank you Sergio,
Thanks for not shouting at me for the delta :-)
In fact looking at it as a reviewer I realize how much smaller I got it since e.g. Focal that I'm happy about that. On a glance the MR and builds look fine, having a deeper look now ...

* Changelog:
- [x] old content and logical tag match as expected

        Haven't found them in your repo
        Things LGTM, but to be sure, if you could push tag/branch or whatever you had?
        I tried to use sergiodj/allow-repeating-hot-unplug-lunar but that also had import/1%7.2+dfsg-5ubuntu1 un-split.
        I assume you just used paelzer/merge-7.2-5-lunar for import/1%7.2+dfsg-5ubuntu1 and put your changes on top, but to be sure I'd want to have a look at the tag or whatever you used.

- [+] changelog entry correct version and targeted codename

While this is correct for now, I think we should consider 1:8.0.2+dfsg-1 here. It has more changes which we now have time to pick up, but later in the cycle can get harder. Especially the dropping of pvrdma I'd like to see early so that people have time to speak up.
Maybe we even want to talk to ubuntu-security if there isn't a way to patch them?

  - [+] changelog entries correct
  - [+] bug references correct
  - [+] update-maintainer has been run

* Merge - Indirect Changes:
  - [+] no upstream changes that need adaptation
  - [+] no further upstream version to consider
  - [+] debian changes look safe

* Merge - Old Delta:
  - [+] dropped changes are ok to be dropped
  - [+] nothing else to drop
  - [+] changes forwarded upstream/debian (if appropriate)

I forgot to tell you about https://bugs.launchpad.net/ubuntu/+source/qemu/+bugs?field.tag=qemu-23.10 which I keep for each cycle to track stuff that might need to be added or at least bug-refrenced.
I updated all of them, good for you - none is ready so no action needed.

* New Delta:
- [+] no new patches added

* Git/Maintenance
  - [+] No extra testcases needed to be added for this
  - [+] commits are properly split
  - [+] d/control is correctly regenerated for Ubuntu

* Build/Test:
  - [+] build is ok
  - [+] verified PPA package installs/uninstalls
  - [+] autopkgtest against the PPA package passes (see above)
  - [+] sanity checks test fine

I gave debian/patches/ubuntu/define-ubuntu-machine-types.patch an extra look as it likes to cause issues :-)

#ifdef CONFIG_MICROVM_DEFAULT
  this is now present in pc_i440fx_8_0_machine_options and pc_mantic_machine_options
  But it is only needed in pc_mantic_machine_options
  In pc_i440fx_8_0_machine_options all you'd do is to remove upstreams setting of default.
TL;DR: The 8.0 version of https://git.launchpad.net/ubuntu/+source/qemu/tree/hw/i386/pc_piix.c?h=ubuntu/mantic-devel#n443 needs to become =false

Furthermore (while meant to go away https://warthogs.atlassian.net/browse/SD-1050) your -hpb type also picks up the default flag (due to the same mistake).

I'm sure the tests will have shouted that at you anyway as I see:
root@ursula:~# qemu-system-x86_64 -M ? | grep default
pc-i440fx-mantic Ubuntu 23.10 PC (i440FX + PIIX, 1996) (default)
pc-i440fx-mantic-hpb Ubuntu 23.10 PC (i440FX + PIIX +host-phys-bits=true, 1996) (def...

* Changelog:
  - [x] old content and logical tag match as expected

Haven't found them in your repo
        Things LGTM, but to be sure, if you could push tag/branch or whatever you had?
        I tried to use sergiodj/allow-repeating-hot-unplug-lunar but that also had import/1%7.2+dfsg-5ubuntu1 un-split. 
        I assume you just used paelzer/merge-7.2-5-lunar for import/1%7.2+dfsg-5ubuntu1 and put your changes on top, but to be sure I'd want to have a look at the tag or whatever you used.

- [+] changelog entry correct version and targeted codename

- [+] changelog entries correct
  - [+] bug references correct
  - [+] update-maintainer has been run

* Merge - Indirect Changes:
  - [+] no upstream changes that need adaptation
  - [+] no further upstream version to consider
  - [+] debian changes look safe

* Merge - Old Delta:
  - [+] dropped changes are ok to be dropped
  - [+] nothing else to drop
  - [+] changes forwarded upstream/debian (if appropriate)

* New Delta:
  - [+] no new patches added

* Git/Maintenance
  - [+] No extra testcases needed to be added for this
  - [+] commits are properly split
  - [+] d/control is correctly regenerated for Ubuntu

* Build/Test:
  - [+] build is ok
  - [+] verified PPA package installs/uninstalls
  - [+] autopkgtest against the PPA package passes (see above)
  - [+] sanity checks test fine

I gave debian/patches/ubuntu/define-ubuntu-machine-types.patch an extra look as it likes to cause issues :-)

Furthermore (while meant to go away https://warthogs.atlassian.net/browse/SD-1050) your -hpb type also picks up the default flag (due to the same mistake).

I'm sure the tests will have shouted that at you anyway as I see:
root@ursula:~# qemu-system-x86_64 -M ? | grep default
pc-i440fx-mantic     Ubuntu 23.10 PC (i440FX + PIIX, 1996) (default)
pc-i440fx-mantic-hpb Ubuntu 23.10 PC (i440FX + PIIX +host-phys-bits=true, 1996) (default)
pc-i440fx-8.0        Standard PC (i440FX + PIIX, 1996) (default)

This is similar on other platforms.
spapr.c has
DEFINE_SPAPR_MACHINE(8_0, "8.0", true);
it formerly had
DEFINE_SPAPR_MACHINE(7_2, "7.2", true);
->
DEFINE_SPAPR_MACHINE(7_2, "7.2", false);
which no more applied, that now has to be done on 8.0 to be
DEFINE_SPAPR_MACHINE(8_0, "8.0", false);

s390x has the very same issue in hw/s390x/s390-virtio-ccw.c

Feel free to fix this yourself of use and compare https://git.launchpad.net/~paelzer/ubuntu/+source/qemu/commit/?id=36e8aa085419914de7c8f57b64a154cc25b207f4 which I created for you along the way.

We should go through the results of the regression tests together and discuss which might be common flaky sets and which others most likely are real issues.

review: Needs Fixing

Revision history for this message

Sergio Durigan Junior (sergiodj) wrote on 2023-06-19:

Download full text (4.7 KiB)

On Wednesday, June 14 2023, Christian Ehrhardt  wrote:

> Thank you Sergio,
> Thanks for not shouting at me for the delta :-)
> In fact looking at it as a reviewer I realize how much smaller I got it since e.g. Focal that I'm happy about that. On a glance the MR and builds look fine, having a deeper look now ...

Thanks for the review, Christian.

>
> * Changelog:
> - [x] old content and logical tag match as expected
>
> Haven't found them in your repo
> Things LGTM, but to be sure, if you could push tag/branch or whatever you had?
> I tried to use sergiodj/allow-repeating-hot-unplug-lunar but that also had import/1%7.2+dfsg-5ubuntu1 un-split.
> I assume you just used paelzer/merge-7.2-5-lunar for import/1%7.2+dfsg-5ubuntu1 and put your changes on top, but to be sure I'd want to have a look at the tag or whatever you used.

Sorry, I forgot to push the tags. It's done now.

> - [+] changelog entry correct version and targeted codename
>
> While this is correct for now, I think we should consider 1:8.0.2+dfsg-1 here. It has more changes which we now have time to pick up, but later in the cycle can get harder. Especially the dropping of pvrdma I'd like to see early so that people have time to speak up.
> Maybe we even want to talk to ubuntu-security if there isn't a way to patch them?

+1. Let me see about merging 8.0.2, then.

>
> - [+] changelog entries correct
> - [+] bug references correct
> - [+] update-maintainer has been run
>
> * Merge - Indirect Changes:
> - [+] no upstream changes that need adaptation
> - [+] no further upstream version to consider
> - [+] debian changes look safe
>
> * Merge - Old Delta:
> - [+] dropped changes are ok to be dropped
> - [+] nothing else to drop
> - [+] changes forwarded upstream/debian (if appropriate)
>
> I forgot to tell you about https://bugs.launchpad.net/ubuntu/+source/qemu/+bugs?field.tag=qemu-23.10 which I keep for each cycle to track stuff that might need to be added or at least bug-refrenced.
> I updated all of them, good for you - none is ready so no action needed.

Ah, thanks.

> * New Delta:
> - [+] no new patches added
>
> * Git/Maintenance
> - [+] No extra testcases needed to be added for this
> - [+] commits are properly split
> - [+] d/control is correctly regenerated for Ubuntu
>
> * Build/Test:
> - [+] build is ok
> - [+] verified PPA package installs/uninstalls
> - [+] autopkgtest against the PPA package passes (see above)
> - [+] sanity checks test fine
>
> I gave debian/patches/ubuntu/define-ubuntu-machine-types.patch an extra look as it likes to cause issues :-)
>
> #ifdef CONFIG_MICROVM_DEFAULT
> this is now present in pc_i440fx_8_0_machine_options and pc_mantic_machine_options
> But it is only needed in pc_mantic_machine_options
> In pc_i440fx_8_0_machine_options all you'd do is to remove upstreams setting of default.
> TL;DR: The 8.0 version of https://git.launchpad.net/ubuntu/+source/qemu/tree/hw/i386/pc_piix.c?h=ubuntu/mantic-devel#n443 needs to become =false

Hm, that statement has been changed to false already. So all I did was
to remove the "#ifdef CONFIG_MICROVM_DEFAULT" guard on
pc_i44...

On Wednesday, June 14 2023, Christian Ehrhardt  wrote:

Thanks for the review, Christian.

>
> * Changelog:
>   - [x] old content and logical tag match as expected
>
>         Haven't found them in your repo
>         Things LGTM, but to be sure, if you could push tag/branch or whatever you had?
>         I tried to use sergiodj/allow-repeating-hot-unplug-lunar but that also had import/1%7.2+dfsg-5ubuntu1 un-split. 
>         I assume you just used paelzer/merge-7.2-5-lunar for import/1%7.2+dfsg-5ubuntu1 and put your changes on top, but to be sure I'd want to have a look at the tag or whatever you used.

Sorry, I forgot to push the tags.  It's done now.

>   - [+] changelog entry correct version and targeted codename
>
>      While this is correct for now, I think we should consider 1:8.0.2+dfsg-1 here. It has more changes which we now have time to pick up, but later in the cycle can get harder. Especially the dropping of pvrdma I'd like to see early so that people have time to speak up.
> Maybe we even want to talk to ubuntu-security if there isn't a way to patch them?

+1.  Let me see about merging 8.0.2, then.

>
>   - [+] changelog entries correct
>   - [+] bug references correct
>   - [+] update-maintainer has been run
>
> * Merge - Indirect Changes:
>   - [+] no upstream changes that need adaptation
>   - [+] no further upstream version to consider
>   - [+] debian changes look safe
>
> * Merge - Old Delta:
>   - [+] dropped changes are ok to be dropped
>   - [+] nothing else to drop
>   - [+] changes forwarded upstream/debian (if appropriate)
>
> I forgot to tell you about https://bugs.launchpad.net/ubuntu/+source/qemu/+bugs?field.tag=qemu-23.10 which I keep for each cycle to track stuff that might need to be added or at least bug-refrenced.
> I updated all of them, good for you - none is ready so no action needed.

Ah, thanks.

> * New Delta:
>   - [+] no new patches added
>
> * Git/Maintenance
>   - [+] No extra testcases needed to be added for this
>   - [+] commits are properly split
>   - [+] d/control is correctly regenerated for Ubuntu
>
> * Build/Test:
>   - [+] build is ok
>   - [+] verified PPA package installs/uninstalls
>   - [+] autopkgtest against the PPA package passes (see above)
>   - [+] sanity checks test fine
>
> I gave debian/patches/ubuntu/define-ubuntu-machine-types.patch an extra look as it likes to cause issues :-) 
>
> #ifdef CONFIG_MICROVM_DEFAULT
>   this is now present in pc_i440fx_8_0_machine_options and pc_mantic_machine_options
>   But it is only needed in pc_mantic_machine_options
>   In pc_i440fx_8_0_machine_options all you'd do is to remove upstreams setting of default.
> TL;DR: The 8.0 version of https://git.launchpad.net/ubuntu/+source/qemu/tree/hw/i386/pc_piix.c?h=ubuntu/mantic-devel#n443 needs to become =false

Hm, that statement has been changed to false already.  So all I did was
to remove the "#ifdef CONFIG_MICROVM_DEFAULT" guard on
pc_i440fx_8_0_machine_options, and leave it only on
pc_mantic_machine_options.

> Furthermore (while meant to go away https://warthogs.atlassian.net/browse/SD-1050) your -hpb type also picks up the default flag (due to the same mistake).
>
> I'm sure the tests will have shouted that at you anyway as I see:
> root@ursula:~# qemu-system-x86_64 -M ? | grep default
> pc-i440fx-mantic     Ubuntu 23.10 PC (i440FX + PIIX, 1996) (default)
> pc-i440fx-mantic-hpb Ubuntu 23.10 PC (i440FX + PIIX +host-phys-bits=true, 1996) (default)
> pc-i440fx-8.0        Standard PC (i440FX + PIIX, 1996) (default)
>
> This is similar on other platforms.
> spapr.c has
> DEFINE_SPAPR_MACHINE(8_0, "8.0", true);
> it formerly had
> DEFINE_SPAPR_MACHINE(7_2, "7.2", true);
> ->
> DEFINE_SPAPR_MACHINE(7_2, "7.2", false);
> which no more applied, that now has to be done on 8.0 to be
> DEFINE_SPAPR_MACHINE(8_0, "8.0", false);
>
> s390x has the very same issue in hw/s390x/s390-virtio-ccw.c
>
>
> Feel free to fix this yourself of use and compare https://git.launchpad.net/~paelzer/ubuntu/+source/qemu/commit/?id=36e8aa085419914de7c8f57b64a154cc25b207f4 which I created for you along the way.

Thanks!  I fixed everything you pointed at, but I will bring in 8.2 now,
so things will change a bit.  I'll let you know when this is ready to be re-reviewed.

> We should go through the results of the regression tests together and discuss which might be common flaky sets and which others most likely are real issues.

+1.

Thanks,

-- 
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0  EB2F 106D A1C8 C3CB BF14

Unmerged commits

58f4f6c... by Sergio Durigan Junior on 2023-06-08: reconstruct-changelog
b4ed9e2... by Sergio Durigan Junior on 2023-06-08: merge-changelogs
008f2ea... by Sergio Durigan Junior on 2023-06-06: Regenerate d/control
e98a525... by Sergio Durigan Junior on 2023-06-06:     - d/qemu-system-x86.README.Debian: add info about updated nesting changes
      [ Debian linked the qemu-system-x86 documentation with the
        qemu-system-common package, rendering this README file not
        applicable. ]
41f55db... by Sergio Durigan Junior on 2023-04-06:     - Fix FTBFS with glibc >= 2.36. (LP #2015418)
      + d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary
        upstream commits that were working around a glibc issue.
      [ Incorporated upstream. ]
b3d4882... by Sergio Durigan Junior on 2023-06-07: - d/control-in: libsndio is in universe in ubuntu
[ Adopted by Debian. ]
ceae4ba... by Sergio Durigan Junior on 2023-06-07:   * Drop changes:
    - d/control-in: libnfs is in main since focal, enable direct nfs
      storage support (LP 1988704)
      [ Adopted by Debian. ]
9bf8211... by Sergio Durigan Junior on 2023-05-18:     - d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating
      hot-unplug requests by making ACPI PCI able to requeue them.
      (LP #2018733)
bf584b4... by Sergio Durigan Junior on 2023-06-06:     - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
      + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
        fix qboot FTBFS with LTO
dcb016c... by Sergio Durigan Junior on 2023-06-06: - Ease the use of module retention on upgrades (LP 1913421)
- debian/qemu-block-extra.postinst: enable mount unit on install/upgrade

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Sergio Durigan Junior

git-ubuntu developers

 diff --git a/debian/changelog b/debian/changelog
 index fa0ff57..9010daa 100644
 --- a/debian/changelog
 +++ b/debian/changelog
@@ -1,3 +1,55 @@
++qemu (1:8.0+dfsg-4ubuntu1) mantic; urgency=medium
++
++  * Merge with Debian unstable (LP: #2018103). Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type
++      (LP 1304107 1621042 1776189 1761372 1761372 1776189)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types containing release versioned machine attributes
++      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - tolerate ipxe size change on migrations to >=18.04 (LP 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - Ease the use of module retention on upgrades (LP 1913421)
++      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
++    - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
++      + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
++        fix qboot FTBFS with LTO
++    - d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating
++      hot-unplug requests by making ACPI PCI able to requeue them.
++      (LP #2018733)
++  * Drop changes:
++    - d/control-in: libnfs is in main since focal, enable direct nfs
++      storage support (LP 1988704)
++      [ Adopted by Debian. ]
++    - d/control-in: libsndio is in universe in ubuntu
++      [ Adopted by Debian. ]
++    - Fix FTBFS with glibc >= 2.36. (LP #2015418)
++      + d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary
++        upstream commits that were working around a glibc issue.
++      [ Incorporated upstream. ]
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++      [ Debian linked the qemu-system-x86 documentation with the
++        qemu-system-common package, rendering this README file not
++        applicable. ]
++
++ -- Sergio Durigan Junior <sergio.durigan@canonical.com>  Thu, 08 Jun 2023 10:50:41 -0400
++
  qemu (1:8.0+dfsg-4) experimental; urgency=medium
    * d/control: do not use --enable-spice on sh4 and --enable-seccomp
@@ -183,6 +235,66 @@ qemu (1:8.0~rc2+dfsg-1) experimental; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Fri, 31 Mar 2023 15:44:21 +0300
++qemu (1:7.2+dfsg-5ubuntu3) mantic; urgency=medium
++
++  * d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating
++    hot-unplug requests by making ACPI PCI able to requeue them.
++    (LP: #2018733)
++
++ -- Sergio Durigan Junior <sergio.durigan@canonical.com>  Thu, 18 May 2023 15:13:14 -0400
++
++qemu (1:7.2+dfsg-5ubuntu2) lunar; urgency=medium
++
++  * Fix FTBFS with glibc >= 2.36. (LP: #2015418)
++    - d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary
++      upstream commits that were working around a glibc issue.
++
++ -- Sergio Durigan Junior <sergio.durigan@canonical.com>  Wed, 05 Apr 2023 20:10:13 -0400
++
++qemu (1:7.2+dfsg-5ubuntu1) lunar; urgency=medium
++
++  * Re-merge with Debian unstable to pick up stabilization fixes
++    remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type
++      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types containing release versioned machine attributes
++      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
++        for host-phys-bits=true
++      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - Ease the use of module retention on upgrades (LP 1913421)
++      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
++    - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
++      landed in Debian but under a different name.
++    - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
++      + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
++        fix qboot FTBFS with LTO
++    - d/control-in: libnfs is in main since focal, enable direct nfs
++      storage support (LP 1988704)
++    - d/control-in: libsndio is in universe in ubuntu
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 07 Mar 2023 08:50:45 +0100
++
  qemu (1:7.2+dfsg-5) unstable; urgency=medium
    * d/qemu-guest-agent.udev: fix missing comma
@@ -222,6 +334,89 @@ qemu (1:7.2+dfsg-5) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Sun, 05 Mar 2023 20:09:04 +0300
++qemu (1:7.2+dfsg-4ubuntu1) lunar; urgency=medium
++
++  * Merge with Debian unstable (LP: #1993438), among many other fixes
++    this resolvs these bugs:
++    (LP: #1957924) - support for querying stats,
++    (LP: #1853307) - Enhanced Interpretation for PCI Functions (s390x)
++    (LP: #1959966) - guest dump encryption with customer keys (s390x)
++    (LP: #1999885) - pv: don't allow userspace to set the clock under PV
++    (LP: #1957924) - add filtering of statistics by target vCPU
++    remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type
++      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types containing release versioned machine attributes
++      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
++        for host-phys-bits=true
++      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - Ease the use of module retention on upgrades (LP 1913421)
++      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
++    - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
++      landed in Debian but under a different name.
++    - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
++      + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
++        fix qboot FTBFS with LTO
++  * Dropped Changes [now part of upstream v7.2.0]
++    - d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt
++      error 'migration was active, but no RAM info was set' (LP 1994002)
++    - d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch:
++      Fix FTBFS with libbpf 1.0.1-2.
++      + Header updates that were added as part of the libbpf fixes
++        but not mentioned in changelog
++    - d/p/u/lp-1981339-*: fix s390x system emulation (LP 1981339)
++    - Fix I/O stalls when using NVMe storage (LP 1970737).
++      + d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
++        in laio_io_unplug.
++    - SECURITY UPDATE: heap overflow in floppy disk emulator
++      + debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
++        hw/block/fdc.c.
++    - SECURITY UPDATE: use-after-free vulnerability
++      + debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
++        lsi_do_msgout
++    - SECURITY UPDATE: heap overflow vulnerability
++      + debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
++        memories
++    - SECURITY UPDATE: integer underflow vulnerability
++      + debian/patches/CVE-2022-3165.patch: fix integer underflow in
++        vnc_client_cut_text_ext
++  * Dropped Changes in regard to GCC-12 FTBFS (LP 1988710)
++    [not all are needed in lunar]
++    -  d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch.
++       Silence -Warray-bounds false positive [no more needed]
++    - d/rules: set -O1 for alpha firmware build
++    - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch:
++      further FTBFS fixup
++  * Dropped Changes [in Debian 1:7.2+dfsg-3]
++    - d/rules: disable LTO on non-amd64 builds (LP 1921664)
++  * Added Changes
++    - d/control-in: libnfs is in main since focal, enable direct nfs
++      storage support (LP: #1988704)
++    - d/control-in: libsndio is in universe in ubuntu
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 04 Jan 2023 13:18:43 +0100
++
  qemu (1:7.2+dfsg-4) unstable; urgency=medium
    * block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch:
@@ -359,6 +554,126 @@ qemu (1:7.1+dfsg-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Mon, 12 Sep 2022 11:50:53 +0300
++qemu (1:7.0+dfsg-7ubuntu4) lunar; urgency=medium
++
++  * SECURITY UPDATE: use-after-free vulnerability
++    - debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
++      lsi_do_msgout
++    - CVE-2022-0216
++  * SECURITY UPDATE: heap overflow vulnerability
++    - debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
++      memories
++    - CVE-2022-2962
++  * SECURITY UPDATE: integer underflow vulnerability
++    - debian/patches/CVE-2022-3165.patch: fix integer underflow in
++      vnc_client_cut_text_ext
++    - CVE-2022-3165
++
++ -- Nishit Majithia <nishit.majithia@canonical.com>  Fri, 09 Dec 2022 10:25:52 +0530
++
++qemu (1:7.0+dfsg-7ubuntu3) lunar; urgency=medium
++
++  [ Brett Milford ]
++  * d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt
++    error 'migration was active, but no RAM info was set' (LP: #1994002)
++
++  [ Mauricio Faria de Oliveira ]
++  * d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch:
++    Fix FTBFS with libbpf 1.0.1-2.
++
++ -- Mauricio Faria de Oliveira <mfo@canonical.com>  Wed, 30 Nov 2022 12:17:51 -0300
++
++qemu (1:7.0+dfsg-7ubuntu2) kinetic; urgency=medium
++
++  [ Paride Legovini ]
++  * d/rules: disable LTO on non-amd64 builds (LP: #1921664)
++  * GCC-12 FTBFS (LP: #1988710)
++    - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch.
++      Silence -Warray-bounds false positive (treated as error)
++
++  [ Christian Ehrhardt ]
++  * More on GCC-12 FTBFS (LP 1988710)
++    - d/rules: set -O1 for alpha firmware build
++    - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch:
++      further FTBFS fixup
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 19 Sep 2022 08:07:24 +0200
++
++qemu (1:7.0+dfsg-7ubuntu1) kinetic; urgency=medium
++
++  * Merge with Debian unstable (LP: #1971315)(LP: #1980896), remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type
++      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types containing release versioned machine attributes
++      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
++        for host-phys-bits=true
++      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - Ease the use of module retention on upgrades (LP 1913421)
++      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
++    - Fix I/O stalls when using NVMe storage (LP 1970737).
++      - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
++        in laio_io_unplug.
++    - SECURITY UPDATE: heap overflow in floppy disk emulator
++      - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
++        hw/block/fdc.c.
++      - CVE-2021-3507
++  * Dropped Changes [now part of 1:7.0+dfsg-7]:
++    - d/rules: xen libexec dir is no more versioned
++    - d/rules: ensure xen is built on x86
++    - d/kvm-spice: fix when acceleration is already defined on the commandline
++    - debian/control[-in]: no more disable glusterfs in Ubuntu (LP 1246924)
++  * Dropped Changes [now part of upstream v7.0.0]
++    - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch
++      Allow long kernel command lines for QEMU (LP 1959984)
++    - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list
++    - d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit
++      tcg on s390x.
++    - Fix diff handling on ceph that can cause data corruption (LP 1968258)
++      - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch
++      - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch
++    - d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock
++      in vnc connections (LP 1970563)
++    - All CVE fixes of 1:6.2+dfsg-2ubuntu8 except CVE-2021-3507
++  * Dropped Changes
++    - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
++      add patch to workaround FTBFS when building against OpenSSL 3.0.
++      [ now working with OpenSSL 3.0 ]
++    - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
++      -fcf-protection being unavailble on -march=i486 (LP 1940029)
++      [ fixed in compiler toolchain ]
++    - Make qemu-system-x86-microvm a transitional package as the binary is now
++      in qemu-system-x86 itself.
++      [ no more needed]
++  * Added Changes
++    - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
++      landed in Debian but under a different name.
++    - d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS
++      with LTO
++    - d/p/u/lp-1981339-*: fix s390x system emulation (LP: #1981339)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 05 Jul 2022 12:07:19 +0200
++
  qemu (1:7.0+dfsg-7) unstable; urgency=medium
    * d/tests/test-qemu-user: rework ls/glob test a bit
@@ -493,6 +808,141 @@ qemu (1:6.2+dfsg-3) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Fri, 25 Feb 2022 12:01:46 +0300
++qemu (1:6.2+dfsg-2ubuntu8) kinetic; urgency=medium
++
++  [ Marc Deslauriers ]
++  * SECURITY UPDATE: heap overflow in floppy disk emulator
++    - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
++      hw/block/fdc.c.
++    - CVE-2021-3507
++  * SECURITY UPDATE: use-after-free in nvme
++    - debian/patches/CVE-2021-3929.patch: deny DMA to the iomem of the
++      device itself in hw/nvme/ctrl.c.
++    - CVE-2021-3929
++  * SECURITY UPDATE: integer overflow in QXL display device emulation
++    - debian/patches/CVE-2021-4206.patch: check width and height in
++      hw/display/qxl-render.c, hw/display/vmware_vga.c, ui/cursor.c.
++    - CVE-2021-4206
++  * SECURITY UPDATE: heap overflow in QXL display device emulation
++    - debian/patches/CVE-2021-4207.patch: fix race condition in qxl_cursor
++      in hw/display/qxl-render.c.
++    - CVE-2021-4207
++  * SECURITY UPDATE: potential privilege escalation in virtiofsd
++    - debian/patches/CVE-2022-0358.patch: Drop membership of all
++      supplementary groups in tools/virtiofsd/passthrough_ll.c.
++    - CVE-2022-0358
++  * SECURITY UPDATE: memory leakage in virtio-net device
++    - debian/patches/CVE-2022-26353.patch: fix map leaking on error during
++      receive in hw/net/virtio-net.c.
++    - CVE-2022-26353
++  * SECURITY UPDATE: memory leakage in vhost-vsock device
++    - debian/patches/CVE-2022-26354.patch: detach the virqueue element in
++      case of error in hw/virtio/vhost-vsock-common.c.
++    - CVE-2022-26354
++
++  [ Sergio Durigan Junior ]
++  * Fix I/O stalls when using NVMe storage (LP: #1970737).
++    - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
++      in laio_io_unplug.
++
++ -- Sergio Durigan Junior <sergio.durigan@canonical.com>  Wed, 22 Jun 2022 15:38:37 -0400
++
++qemu (1:6.2+dfsg-2ubuntu7) kinetic; urgency=medium
++
++  * d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock
++    in vnc connections (LP: #1970563)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 19 May 2022 08:25:20 +0200
++
++qemu (1:6.2+dfsg-2ubuntu6) jammy; urgency=medium
++
++  * debian/control[-in]: no more disable glusterfs in Ubuntu (LP: #1246924)
++  * Fix diff handling on ceph that can cause data corruption (LP: #1968258)
++      - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch
++      - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Fri, 08 Apr 2022 09:36:34 +0200
++
++qemu (1:6.2+dfsg-2ubuntu5) jammy; urgency=medium
++
++  * d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit
++    tcg on s390x.
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 17 Feb 2022 09:54:36 +0100
++
++qemu (1:6.2+dfsg-2ubuntu4) jammy; urgency=medium
++
++  * No-change rebuild to update maintainer scripts, see LP: 1959054
++
++ -- Dave Jones <dave.jones@canonical.com>  Wed, 16 Feb 2022 17:28:14 +0000
++
++qemu (1:6.2+dfsg-2ubuntu3) jammy; urgency=medium
++
++  * Merge with Debian unstable, remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type
++      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types containing release versioned machine attributes
++      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
++        for host-phys-bits=true
++      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
++      add patch to workaround FTBFS when building against OpenSSL 3.0.
++    - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
++      -fcf-protection being unavailble on -march=i486 (LP 1940029)
++    - Ease the use of module retention on upgrades (LP 1913421)
++      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
++    - Make qemu-system-x86-microvm a transitional package as the binary is now
++      in qemu-system-x86 itself.
++  * Dropped Changes [now part of 1:6.1+dfsg-8]:
++    - updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code
++      (#993658) (LP 1947860)
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes compat links changes of 5.0-5ubuntu4]
++    - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926)
++  * Dropped Changes [now part of upstream]
++    - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931
++      and 3932 machines (LP 1932175)
++   -  d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix
++      migration with audio devices present (LP 1940288)
++  * Added changes:
++    - update patches for qemu v6.2.0
++      - d/p/u/enable-svm-by-default.patch
++      - d/p/u/define-ubuntu-machine-types.patch
++      - d/p/u/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch
++    - d/rules: xen libexec dir is no more versioned
++    - d/rules: ensure xen is built on x86
++    - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch
++      Allow long kernel command lines for QEMU (LP: #1959984)
++    - d/kvm-spice: fix when acceleration is already defined on the commandline
++    - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 05 Jan 2022 12:18:25 +0100
++
  qemu (1:6.2+dfsg-2) unstable; urgency=medium
    * bump meson build-dep to 0.59.3
@@ -714,6 +1164,95 @@ qemu (1:6.0+dfsg-3) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Tue, 17 Aug 2021 17:49:10 +0300
++qemu (1:6.0+dfsg-2expubuntu4) jammy; urgency=medium
++
++  * d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
++    add patch to workaround FTBFS when building against OpenSSL 3.0.
++    Thanks to Christian Ehrhardt (LP: #1952448)
++
++ -- Paride Legovini <paride@ubuntu.com>  Fri, 26 Nov 2021 15:47:51 +0100
++
++qemu (1:6.0+dfsg-2expubuntu3) jammy; urgency=medium
++
++  * No-change rebuild against liburing2
++
++ -- Paride Legovini <paride@ubuntu.com>  Mon, 22 Nov 2021 18:00:26 +0100
++
++qemu (1:6.0+dfsg-2expubuntu2) jammy; urgency=medium
++
++  * updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code
++    (#993658) (LP: #1947860)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 03 Nov 2021 14:10:56 +0100
++
++qemu (1:6.0+dfsg-2expubuntu1) impish; urgency=medium
++
++  * Merge with Debian experimental, remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type
++      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types containing release versioned machine attributes
++      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
++        for host-phys-bits=true
++      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes compat links changes of 5.0-5ubuntu4]
++    - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
++      for v6.0
++    - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926)
++    - Ease the use of module retention on upgrades (LP 1913421)
++      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
++  * Dropped Changes [in 1:6.0+dfsg-2exp]:
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - Disable fuse export (universe dependency)
++    - Ease the use of module retention on upgrades (LP 1913421)
++      - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
++      - d/rules: only save modules if /run/qemu isn't noexec
++      - d/rules: clear all (current and former) modules on purge
++    - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
++      upgrade issues (LP 1932264)
++    - Enable SDL as secondary UI backend (LP 1256185)
++      - d/control: add build dependency libsdl2-dev
++      - d/control: enable sdl graphics on build
++      - d/qemu-system-gui.install: add ui-sdl.so
++      - d/control: add runtime dependency to libgl1
++  * Dropped Changes [no more needed]
++    - let qemu-utils recommend sharutils
++  * Added changes:
++    - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
++      -fcf-protection being unavailble on -march=i486 (LP: #1940029)
++    - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931
++      and 3932 machines (LP: #1932175)
++   -  d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix
++      migration with audio devices present (LP: #1940288)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 12 Aug 2021 15:35:12 +0200
++
  qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
    [ Christian Ehrhardt ]
@@ -751,6 +1290,104 @@ qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Wed, 21 Jul 2021 19:43:37 +0300
++qemu (1:6.0+dfsg-1~ubuntu3) impish; urgency=medium
++
++  * d/p/u/lp-1935617-target-ppc-Fix-load-endianness-for-lxvwsx-lxvdsx.patch:
++    fix TCG emulation for ppc64 (LP: #1935617)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 13 Jul 2021 09:34:55 +0200
++
++qemu (1:6.0+dfsg-1~ubuntu2) impish; urgency=medium
++
++  * d/control: remove fuse2 trial-build (LP 1934510)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 07 Jul 2021 10:26:08 +0200
++
++qemu (1:6.0+dfsg-1~ubuntu1) impish; urgency=medium
++
++  * Merge with Debian experimental, Among many other things this fixes LP Bugs:
++    (LP: #1907952) broken arrow keys in -display gtk on aarch64
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type
++      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types containing release versioned machine attributes
++      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
++        for host-phys-bits=true
++      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - Let qemu-utils recommend sharutils
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes compat links changes of 5.0-5ubuntu4]
++    - Fix upgrade module handling (LP 1905377)
++      --enable-module-upgrades for qemu-xen which doesn't exist in Debian
++  * Dropped Changes [in 6.0]:
++    - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
++      ld usage of -no-pie (LP 1907789)
++    - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
++      virtio-9p-ccw being missing (LP 1916230)
++    - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
++      to glib2.0 >=2.67.3 (LP 1916705)
++    - d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
++      on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
++      (LP 1921754)
++    - d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
++      (LP 1921880)
++    - d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre*:
++      fix go in qemu-s390x-static (LP 1922010)
++  * Dropped Changes [in Debian]:
++    - Allow qemu to load old modules post upgrade (LP 1847361)
++      - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
++      - d/rules: Drop generating package version into maintainer scripts
++  * Dropped Changes [No more needed >21.04]:
++      - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
++        the bad old prerm (LP 1906245 1905377)
++  * Added Changes
++    - Disable fuse export (universe dependency)
++    - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
++      for v6.0
++    - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP: #1929926)
++    - Ease the use of module retention on upgrades (LP: #1913421)
++      - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
++      - d/rules: only save modules if /run/qemu isn't noexec
++      - d/rules: clear all (current and former) modules on purge
++      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
++    - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
++      upgrade issues (LP: #1932264)
++    - Enable SDL as secondary UI backend (LP: #1256185)
++      - d/control: add build dependency libsdl2-dev
++      - d/control: enable sdl graphics on build
++      - d/qemu-system-gui.install: add ui-sdl.so
++      - d/control: add runtime dependency to libgl1
++    - d/rules: qemu-system-x86-xen builds modules as well now (follows the
++      other packages)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 15 Jun 2021 12:41:33 +0200
++
  qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium
    * new upstream release
@@ -803,6 +1440,75 @@ qemu (1:5.2+dfsg-10) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Fri, 16 Apr 2021 12:43:36 +0300
++qemu (1:5.2+dfsg-9ubuntu3) hirsute; urgency=medium
++
++  * d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
++    on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
++    (LP: #1921754)
++  * d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
++    (LP: #1921880)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 07 Apr 2021 11:58:29 +0200
++
++qemu (1:5.2+dfsg-9ubuntu2) hirsute; urgency=medium
++
++  * d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre.patch:
++    fix go in qemu-s390x-static (LP: #1922010)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 31 Mar 2021 10:01:40 +0200
++
++qemu (1:5.2+dfsg-9ubuntu1) hirsute; urgency=medium
++
++  * Merge with Debian unstable; Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes compat links changes of 5.0-5ubuntu4]
++    - allow qemu to load old modules post upgrade (LP 1847361)
++      - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
++      - d/rules: Drop generating package version into maintainer scripts
++      - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
++        the bad old prerm (LP 1906245 1905377)
++    - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
++      ld usage of -no-pie (LP 1907789)
++    - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
++      virtio-9p-ccw being missing (LP 1916230)
++    - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
++      to glib2.0 >=2.67.3 (LP 1916705)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 18 Mar 2021 11:13:49 +0100
++
  qemu (1:5.2+dfsg-9) unstable; urgency=medium
    * do not make qemu-system-data dependent on qemu-system-foo
@@ -842,6 +1548,66 @@ qemu (1:5.2+dfsg-7) unstable; urgency=high
   -- Michael Tokarev <mjt@tls.msk.ru>  Sun, 14 Mar 2021 11:32:54 +0300
++qemu (1:5.2+dfsg-6ubuntu2) hirsute; urgency=medium
++
++  * d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
++    to glib2.0 >=2.67.3 (LP: #1916705)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 24 Feb 2021 08:39:09 +0100
++
++qemu (1:5.2+dfsg-6ubuntu1) hirsute; urgency=medium
++
++  * Merge with Debian unstable, includes fixes for
++    - build operates differently if source is a git repo (LP: #1887535)
++    Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes compat links changes of 5.0-5ubuntu4]
++    - allow qemu to load old modules post upgrade (LP 1847361)
++      - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
++      - d/rules: Drop generating package version into maintainer scripts
++      - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
++        the bad old prerm (LP 1906245 1905377)
++    - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
++      ld usage of -no-pie (LP 1907789)
++  * Added changes
++    - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
++      virtio-9p-ccw being missing (LP: #1916230)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 22 Feb 2021 11:40:36 +0100
++
  qemu (1:5.2+dfsg-6) unstable; urgency=medium
    * deprecate qemu-debootstrap. It is not needed anymore with
@@ -894,6 +1660,64 @@ qemu (1:5.2+dfsg-4) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Sun, 14 Feb 2021 16:52:10 +0300
++qemu (1:5.2+dfsg-3ubuntu2) hirsute; urgency=medium
++
++  * No change rebuild to pick up liburing. (LP: #1914145)
++
++ -- Mauricio Faria de Oliveira <mfo@canonical.com>  Wed, 03 Feb 2021 19:44:54 -0300
++
++qemu (1:5.2+dfsg-3ubuntu1) hirsute; urgency=medium
++
++  * Merge with Debian unstable, includes fixes for
++    - qemu-user-static are partially dynamically linked (LP: #1908331)
++    - qemu crashing when using spice without qemu-system-gui being
++      installed (LP: #1908577)
++    Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes compat links changes of 5.0-5ubuntu4]
++    - allow qemu to load old modules post upgrade (LP 1847361)
++      - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
++      - d/rules: Drop generating package version into maintainer scripts
++      - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
++        the bad old prerm (LP 1906245 1905377)
++    - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
++      ld usage of -no-pie (LP 1907789)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 05 Jan 2021 12:43:42 +0100
++
  qemu (1:5.2+dfsg-3) unstable; urgency=medium
    [ Christian Ehrhardt ]
@@ -910,6 +1734,64 @@ qemu (1:5.2+dfsg-3) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Tue, 29 Dec 2020 15:07:03 +0300
++qemu (1:5.2+dfsg-2ubuntu1) hirsute; urgency=medium
++
++  * Merge with Debian unstable
++    - includes fix for CVE-2020-17380
++    - includes a fix for s390x PCI device reset (LP: #1907656)
++    Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes compat links changes of 5.0-5ubuntu4]
++    - allow qemu to load old modules post upgrade (LP 1847361)
++      - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
++      - d/rules: Drop generating package version into maintainer scripts
++      - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
++        the bad old prerm (LP 1906245 1905377)
++  * Dropped Changes:
++    - d/control, d/rules: build with gcc-9 on armhf as workaround until
++      resolved in gcc-10 (LP: 1890435) [it is flaky still, but no more 100%
++      fails]
++  * Added Changes:
++    - Refreshed ubuntu machine types for hirsute@5.2
++    - d/control: regenerated from d/control-in
++    - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
++      ld usage of -no-pie (LP: #1907789)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 09 Dec 2020 16:44:47 +0100
++
  qemu (1:5.2+dfsg-2) unstable; urgency=medium
    * move ui-opengl.so module from qemu-system-gui to qemu-system-common,
@@ -955,6 +1837,153 @@ qemu (1:5.2+dfsg-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Wed, 09 Dec 2020 08:57:41 +0300
++qemu (1:5.1+dfsg-4ubuntu3) hirsute; urgency=medium
++
++  * d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
++    the bad old prerm (LP: #1906245)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 30 Nov 2020 12:53:03 +0100
++
++qemu (1:5.1+dfsg-4ubuntu2) hirsute; urgency=medium
++
++  * Fix upgrade module handling (LP: #1905377)
++    This was accetped in a slightly different form in qemu_5.0-6 and therefore
++    allows to drop some former delta that is now conflicting.
++    Ubuntu still keeps enabling --enable-module-upgrades, but only for
++    qemu-xen which doesn't exist in Debian
++    - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
++    - d/rules: Drop generating package version into maintainer scripts
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 24 Nov 2020 11:16:01 +0100
++
++qemu (1:5.1+dfsg-4ubuntu1) hirsute; urgency=medium
++
++  * Merge with Debian testing, remaining changes:
++    Fixes qemu-arm-static Assertion `guest_base != 0' failed (LP: #1897854)
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes compat links changes of 5.0-5ubuntu4]
++    - allow qemu to load old modules post upgrade (LP 1847361)
++      - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
++        upgrade
++      - d/rules: generate maintainer scripts matching package version on build
++      - d/rules: enable --enable-module-upgrades where --enable-modules is set
++    - d/control: regenerate debian/control out of control-in
++  * Dropped changes [in Debian or no more needed]
++    - d/control-in: disable pmem on ppc64 as it is currently considered
++      experimental on that architecture (pmdk v1.8-1)
++    - d/rules: makefile definitions can't be recursive - sys_systems for s390x
++    - d/rules: report config log from the correct subdir
++    - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
++    - Pick further changes for groovy from debian/master since 5.0-5
++      - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
++      - revert-memory-accept-mismatching-sizes-in-memory_region_access_...patch
++      - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
++      - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
++      - megasas-use-unsigned-type-for-positive-numeric-fields.patch
++      - megasas-fix-possible-out-of-bounds-array-access.patch
++      - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
++      - es1370-check-total-frame-count-against-current-...-CVE-2020-13361.patch
++      - a few patches from the stable series:
++        - fix-tulip-breakage.patch
++        - 9p-lock-directory-streams-with-a-CoMutex.patch
++          Prevent deadlocks in 9pfs readdir code
++        - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
++          Fix newline accidentally sneaked into id string of a nic
++        - qemu-nbd-close-inherited-stderr.patch
++        - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
++        - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
++        - virtio-balloon-unref-the-iothread-when-unrealizing.patch
++      - acpi-tmr-allow-2-byte-reads.patch
++      - reapply CVE-2020-13253 fixes from upstream
++      - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
++      - linux-user-add-netlink-RTM_SETLINK-command.patch
++      - d/control: since qemu-system-data now contains module(s),
++        it can't be multi-arch. Ditto for qemu-block-extra.
++      - qemu-system-foo: depend on exact version of qemu-system-data,
++        due to the latter having modules
++      - acpi-allow-accessing-acpi-cnt-register-by-byte.patch'
++        This is another incarnation of the recent bugfix which actually enabled
++        memory access constraints, like #964247
++      - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
++        this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
++        and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
++      - xhci-fix-valid.max_access_size-to-access-address-registers.patch
++        fix one more incarnation of the breakage after the CVE-2020-13754 fix
++      - do not install outdated (0.12 and before) Changelog
++      - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
++        ARM-only XGMAC NIC, possible buffer overflow during packet transmission
++        Closes: CVE-2020-15863
++      - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
++      - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
++        another fix for revert-memory-accept-.. CVE-2020-13754
++      - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
++    - d/control-in: build-dep libcap is no more needed
++    - arch aware kvm wrappers
++      [upstream now automatically enables KVM if available and called with
++       kvm* name, provides KVM as before but with auto-fallback to tcg.
++       Former behavior of KVM-or-die can be achieved via -machine accel=kvm ]
++  * Dropped changes [upstream now]
++    - d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
++      setup_len
++    - d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP 1887930)
++    - d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP 1894942)
++    - d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
++      from vfio-ccw (LP 1887935)
++    - fix qemu-user-static initialization to allow executing systemd (LP 1890881)
++    - fix assertion failue in net_tx_pkt_add_raw_fragment (LP 1891187)
++    - d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
++      SQXBR (LP 1883984)
++    - d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP 1890154)
++    - d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
++      environments (LP 1887763)
++    - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
++    - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
++      crashes it on shutdown (LP 1878973)
++    - update d/p/ubuntu/lp-1835546-* to the final versions
++    - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
++      FTBFS in groovy
++  * Added Changes:
++    - update ubuntu machine types for hirsute@5.1
++    - d/control: regenerated from d/control-in
++    - d/control, d/rules: build with gcc-9 on armhf as workaround until
++      resolved in gcc-10 (LP: 1890435)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 29 Oct 2020 12:37:31 +0100
++
  qemu (1:5.1+dfsg-4) unstable; urgency=high
    * mention closing of CVE-2020-16092 by 5.1
@@ -1196,6 +2225,298 @@ qemu (1:5.0-6) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Fri, 03 Jul 2020 18:24:48 +0300
++qemu (1:5.0-5ubuntu11) hirsute; urgency=medium
++
++  * d/p/ubuntu/define-ubuntu-machine-types.patch: update to fix 15.04 wily
++    machine type to match how it originally was released (LP: #1902654)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 09 Nov 2020 08:19:07 +0100
++
++qemu (1:5.0-5ubuntu10) hirsute; urgency=medium
++
++  * No-change rebuild for brltty soname change.
++
++ -- Matthias Klose <doko@ubuntu.com>  Mon, 02 Nov 2020 16:59:33 +0100
++
++qemu (1:5.0-5ubuntu9) groovy; urgency=medium
++
++  * d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
++    setup_len
++    CVE-2020-14364
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 22 Sep 2020 16:53:18 +0200
++
++qemu (1:5.0-5ubuntu8) groovy; urgency=medium
++
++  * d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP: #1887930)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 14 Sep 2020 08:23:49 +0200
++
++qemu (1:5.0-5ubuntu7) groovy; urgency=medium
++
++  * d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP: #1894942)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 09 Sep 2020 08:47:12 +0200
++
++qemu (1:5.0-5ubuntu6) groovy; urgency=medium
++
++  * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
++    from vfio-ccw (LP: #1887935)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 25 Aug 2020 11:09:12 +0200
++
++qemu (1:5.0-5ubuntu5) groovy; urgency=medium
++
++  * fix qemu-user-static initialization to allow executing systemd
++    (LP: #1890881)
++    - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch
++    - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch
++    - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch
++    - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch
++    - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch
++    - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch
++  * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187)
++    CVE-2020-16092
++    - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 19 Aug 2020 07:19:42 +0200
++
++qemu (1:5.0-5ubuntu4) groovy; urgency=medium
++
++  * xen: provide compat links to what libxen-dev reports where to find
++    the binaries (LP: #1890005)
++  * d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
++    SQXBR (LP: #1883984)
++  * d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP: #1890154)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 03 Aug 2020 07:15:28 +0200
++
++qemu (1:5.0-5ubuntu3) groovy; urgency=medium
++
++  * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
++    environments (LP: #1887763)
++  * Pick further changes for groovy from debian/master since 5.0-5
++    - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
++      Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger
++      infinite recursion via a crafted mm_index value during
++      ati_mm_read or ati_mm_write call.
++    - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch
++      Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu
++      devices which uses min_access_size and max_access_size Memory API fields.
++      Also closes: CVE-2020-13791
++    - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
++      CVE-2020-13659: address_space_map in exec.c can trigger
++      a NULL pointer dereference related to BounceBuffer
++    - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
++      Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c
++      has an OOB read via a crafted reply_queue_head field from a guest OS user
++    - megasas-use-unsigned-type-for-positive-numeric-fields.patch
++      fix other possible cases like in CVE-2020-13362 (#961887)
++    - megasas-fix-possible-out-of-bounds-array-access.patch
++      Some tracepoints use a guest-controlled value as an index into the
++      mfi_frame_desc[] array. Thus a malicious guest could cause a very low
++      impact OOB errors here
++    - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
++      Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server.
++      This flaw occurs when an nbd-client sends a spec-compliant request that is
++      near the boundary of maximum permitted request length. A remote nbd-client
++      could use this flaw to crash the qemu-nbd server resulting in a DoS.
++    - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch
++      Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not
++      properly validate the frame count, which allows guest OS users to trigger
++      an out-of-bounds access during an es1370_write() operation
++    - a few patches from the stable series:
++      - fix-tulip-breakage.patch
++        The tulip network driver in a qemu-system-hppa emulation is broken in
++        the sense that bigger network packages aren't received any longer and
++        thus even running e.g. "apt update" inside the VM fails. Fix this.
++      - 9p-lock-directory-streams-with-a-CoMutex.patch
++        Prevent deadlocks in 9pfs readdir code
++      - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
++        Fix newline accidentally sneaked into id string of a nic
++      - qemu-nbd-close-inherited-stderr.patch
++      - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
++      - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
++      - virtio-balloon-unref-the-iothread-when-unrealizing.patch
++    - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247)
++    - reapply CVE-2020-13253 fixed from upstream:
++      sdcard-simplify-realize-a-bit.patch (preparation for the next patch)
++      sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253)
++      sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational)
++      sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch
++      Closes: #961297, CVE-2020-13253
++    - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
++      (Closes: #965109)
++    - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289)
++    - d/control: since qemu-system-data now contains module(s),
++      it can't be multi-arch. Ditto for qemu-block-extra.
++    - qemu-system-foo: depend on exact version of qemu-system-data,
++      due to the latter having modules
++    - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793)
++      This is another incarnation of the recent bugfix which actually enabled
++      memory access constraints, like #964247
++    - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
++      this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
++      and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
++    - xhci-fix-valid.max_access_size-to-access-address-registers.patch
++      fix one more incarnation of the breakage after the CVE-2020-13754 fix
++    - do not install outdated (0.12 and before) Changelog (Closes: #965381)
++    - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
++      ARM-only XGMAC NIC, possible buffer overflow during packet transmission
++      Closes: CVE-2020-15863
++    - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
++      List of patches:
++       sm501-convert-printf-abort-to-qemu_log_mask.patch
++       sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
++       sm501-use-BIT-macro-to-shorten-constant.patch
++       sm501-clean-up-local-variables-in-sm501_2d_operation.patch
++       sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
++      Closes: #961451, CVE-2020-12829
++    - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
++      another fix for revert-memory-accept-.. CVE-2020-13754
++    - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 28 Jul 2020 13:21:31 +0200
++
++qemu (1:5.0-5ubuntu2) groovy; urgency=medium
++
++  * No change rebuild against new libnettle8 and libhogweed6 ABI.
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Mon, 29 Jun 2020 22:32:55 +0100
++
++qemu (1:5.0-5ubuntu1) groovy; urgency=medium
++
++  * Merge with Debian testing (LP: #1749393), remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - arch aware kvm wrappers
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++      [includes --disable-xen for user-static builds]
++    - d/control-in: disable pmem on ppc64 as it is currently considered
++      experimental on that architecture (pmdk v1.8-1)
++    - d/rules: makefile definitions can't be recursive - sys_systems for s390x
++    - d/rules: report config log from the correct subdir
++    - allow qemu to load old modules post upgrade (LP 1847361)
++      - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
++        upgrade
++      - d/rules: generate maintainer scripts matching package version on build
++      - d/rules: enable --enable-module-upgrades where --enable-modules is set
++    - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
++    - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
++    - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
++      crashes it on shutdown (LP 1878973)
++  * Dropped changes (no more needed)
++    - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++      in qemu64 cpu type.
++    - d/control: avoid upgrade issues triggered by moving ivshmem tools after
++      Debian. Fixed by bumping the related Breaks/Replaces to the
++      Version Ubuntu introduced the change (LP 1862287)
++  * Dropped changes (in Debian)
++    - improved s390x support
++    - d/binfmt-update-in: fix binfmt being called in some containers
++      (LP 1840956)
++    - qemu-system-x86-microvm package
++      In addition to the generic multi-purpose qemu also provide a minimal
++      feature binary that is loading faster for use cases with microvm machine
++      type and qboot bios
++      - d/control-in: add a new qemu-system-x86-microvm package
++      - d/rules: add an extra config/build step to get the minimal qemu
++    - Security and packaging fixes (LP 1872937)
++      - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
++      - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
++        CVE-2020-10702
++        CVE-2020-11102
++      - fix external spice UI
++        + install ui-spice-app.so in qemu-system-common
++        + install ui-spice-app.so only if built, spice is optional
++      - switch binfmt registration to use update-binfmts --[un]import (#866756)
++      - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
++      - qemu-system-data: s/highcolor/hicolor/ (#955741)
++    - enable riscv build (LP 1872931)
++      [ changes picked from Debian ]
++      - enable support for riscv64 hosts
++      - only enable librbd on architectures where it is built
++      - ceph: do not list librados-dev as we only use librbd-dev and the latter
++        depends on the former
++      - seccomp grew up, no need in versioned build-dep
++      - enable seccomp only on architectures where it can be built
++  * Dropped changes (upstream)
++    - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
++      (LP 1857033)
++    - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
++    - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
++      vhost-user-gpu
++    - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
++      avoid unnecessary IOTLB transactions (LP 1866207)
++    - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
++      patches @qemu-stable (LP 1867519)
++    - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
++      to avoid broken nesting (LP 1868692)
++    - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
++      (LP 1871830)
++    - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107)
++    - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
++    - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
++      and clobbered doubles (LP 1872945)
++    - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
++      - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
++        ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
++      - CVE-2020-11869
++    - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
++      - async: use explicit memory barriers (LP 1805256)
++      - aio-wait: delegate polling of main AioContext if BQL not held
++    - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
++      supporting to set them (LP 1882774)
++    - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
++      load to a versioned path
++  * Added Changes:
++    - d/control: regenerate debian/control out of control-in
++    - update d/p/ubuntu/lp-1835546-* to the final versions
++      - 11 patches dropped as they are in 5.0
++      - 20 patches updated to how they will be in 5.1
++    - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
++      FTBFS in groovy
++    - Make qemu-system-x86-microvm a transitional package as the binary is now
++      in qemu-system-x86 itself.
++    - d/control-in: build-dep libcap is no more needed
++    - d/rules: update arch aware kvm wrappers
++    - d/qemu-system-x86.README.Debian: fix typo
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 16 Jun 2020 16:50:09 +0200
++
  qemu (1:5.0-5) unstable; urgency=medium
    * more binfmt-install updates
@@ -1328,6 +2649,188 @@ qemu (1:4.2-4) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Tue, 14 Apr 2020 12:44:43 +0300
++qemu (1:4.2-3ubuntu10) groovy; urgency=medium
++
++  * No-change rebuild against libnettle8
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Mon, 20 Jul 2020 16:12:37 +0000
++
++qemu (1:4.2-3ubuntu9) groovy; urgency=medium
++
++  * debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
++    crashes it on shutdown (LP: #1878973)
++  * d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
++    supporting to set them (LP: #1882774)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 02 Jun 2020 10:42:49 +0200
++
++qemu (1:4.2-3ubuntu8) groovy; urgency=medium
++
++  * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
++    - async: use explicit memory barriers (LP: #1805256)
++    - aio-wait: delegate polling of main AioContext if BQL not held
++
++ -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com>  Wed, 27 May 2020 21:47:21 +0000
++
++qemu (1:4.2-3ubuntu7) groovy; urgency=medium
++
++  * SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
++    - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
++      ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
++    - CVE-2020-11869
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 21 May 2020 14:43:19 -0400
++
++qemu (1:4.2-3ubuntu6) focal; urgency=medium
++
++  [ Christian Ehrhardt ]
++  * enable riscv build (LP: #1872931)
++    [ changes picked from Debian ]
++    - enable support for riscv64 hosts
++    - only enable librbd on architectures where it is built
++    - ceph: do not list librados-dev as we only use librbd-dev and the latter
++      depends on the former
++    - seccomp grew up, no need in versioned build-dep
++    - enable seccomp only on architectures where it can be built
++  * d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
++  * d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
++    and clobbered doubles (LP: #1872945)
++
++  [ William Grant ]
++  * d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 15 Apr 2020 14:27:15 +0200
++
++qemu (1:4.2-3ubuntu5) focal; urgency=medium
++
++  [ Christian Ehrhardt ]
++  * d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
++    (LP: #1871830)
++  * Security and packaging fixes (LP: #1872937)
++    - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
++    - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
++      CVE-2020-10702
++      CVE-2020-11102
++    - fix external spice UI
++      + install ui-spice-app.so in qemu-system-common
++      + install ui-spice-app.so only if built, spice is optional
++    - switch binfmt registration to use update-binfmts --[un]import (#866756)
++    - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
++    - qemu-system-data: s/highcolor/hicolor/ (#955741)
++  * d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872107)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 15 Apr 2020 11:26:44 +0200
++
++qemu (1:4.2-3ubuntu4) focal; urgency=medium
++
++  * d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546)
++  * remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
++    to avoid broken nesting (LP: #1868692)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Fri, 20 Mar 2020 08:02:16 +0100
++
++qemu (1:4.2-3ubuntu3) focal; urgency=medium
++
++  * d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
++    patches @qemu-stable (LP: #1867519)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 18 Mar 2020 13:57:57 +0100
++
++qemu (1:4.2-3ubuntu2) focal; urgency=medium
++
++  * allow qemu to load old modules post upgrade (LP: #1847361)
++    - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
++      load to a versioned path
++    - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
++      upgrade
++    - d/rules: generate maintainer scripts matching package version on build
++    - d/rules: enable --enable-module-upgrades where --enable-modules is set
++  * d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
++    avoid unnecessary IOTLB transactions (LP: #1866207)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 02 Mar 2020 15:21:27 +0100
++
++qemu (1:4.2-3ubuntu1) focal; urgency=medium
++
++  * Merge with Debian testing, remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - Enable nesting by default
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - improved s390x support
++      - d/rules: build s390-ccw.img with upstream Makefile
++      - d/rules: build s390-netboot.img with upstream Makefile
++    - arch aware kvm wrappers
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/binfmt-update-in: fix binfmt being called in some containers
++      (LP 1840956)
++    - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
++      (LP 1857033)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++    - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
++  - Dropped changes [ in Debian ]
++    - d/control: update VCS links
++    - d/control-in: bump debhelper build-dep for compat 12
++    - d/control: disable bluetooth being deprecated
++    - d/not-installed: ignore new interop docs and extra icons for now
++    - d/not-installed: do not install elf2dmp until namespaced
++    - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
++      [ not needed ]
++    - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
++    - s390x support
++      - Create qemu-system-s390x package
++      - Enable numa support for s390x
++    - d/control*: enable libpmem support for nvdimms (LP 1790856)
++  * Added changes
++    - d/control: regenerate debian/control out of control-in
++    - qemu-system-x86-microvm package
++      In addition to the generic multi-purpose qemu also provide a minimal
++      feature binary that is loading faster for use cases with microvm machine
++      type and qboot bios
++      - d/control-in: add a new qemu-system-x86-microvm package
++      - d/rules: add an extra config/build step to get the minimal qemu
++    - d/control-in: disable pmem on ppc64 as it is currently considered
++      experimental on that architecture (pmdk v1.8-1)
++    - d/rules: makefile definitions can't be recursive - sys_systems for s390x
++    - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
++      vhost-user-gpu
++    - d/rules: report config log from the correct subdir
++    - d/rules: --disable-xen for user-static builds
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 12 Feb 2020 15:21:56 +0100
++
  qemu (1:4.2-3) unstable; urgency=medium
    * mention closing of #909743 in previous changelog (Closes: #909743)
@@ -1370,6 +2873,169 @@ qemu (1:4.2-2) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Fri, 31 Jan 2020 23:51:09 +0300
++qemu (1:4.2-1ubuntu2) focal; urgency=medium
++
++  * d/control: avoid upgrade issues triggered by moving ivshmem tools after
++    Debian. Fixed by by bumping the related Breaks/Replaces to the
++    Version Ubuntu introduced the change (LP: #1862287)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Fri, 07 Feb 2020 07:31:21 +0100
++
++qemu (1:4.2-1ubuntu1) focal; urgency=medium
++
++  * Merge with Debian testing, Among many other things this fixes LP Bugs:
++    LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
++    LP: #1812822 - avoid crashes on detaching vhost_net interfaces
++    LP: #1852744 - Crypto Passthrough Interrupt Support
++    LP: #1853316 - CCW IPL Support
++    Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++    - Enable nesting by default
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++        [ No more strictly needed, but required for backward compatibility ]
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - s390x support
++      - Create qemu-system-s390x package
++      - Enable numa support for s390x
++      - d/rules: build s390-ccw.img with upstream Makefile
++      - d/rules: build s390-netboot.img with upstream Makefile
++    - arch aware kvm wrappers
++    - d/control: update VCS links
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - d/control: disable bluetooth being deprecated
++    - d/not-installed: ignore new interop docs and extra icons for now
++    - d/not-installed: do not install elf2dmp until namespaced
++    - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
++    - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
++    - d/binfmt-update-in: fix binfmt being called in some containers
++      (LP 1840956)
++  - Dropped changes (in Debian)
++    - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
++      - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
++      - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
++    - d/control-in: enable RDMA support in qemu (LP: 1692476)
++        - enable RDMA config option
++        - add libibumad-dev build-dep
++    - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
++      some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
++      As that hack to build s390-ccw.img rom can't build s390x-netboot.img
++      replace it with a build-indep using the upstream makefiles.
++      This is less prone to miss future changes/fixes that are done to the
++      makefiles
++    - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
++    - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
++    - d/rules: fix qemu-kvm service for debhelper compat >=12
++    - Refreshed patches for v4.0 context changes
++    - d/control*: remove sdlabi which was removed upstream
++    - d/control*: enable docs (now explicit) and provide new build-dep
++      python3-sphinx
++    - d/qemu-system-data.install: use new paths for formerly used icons
++    - Merge with Upstream release of qemu 4.0
++    - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
++  - Dropped changes (Upstream)
++    - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
++    - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
++    - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
++      fix i386 build error
++    - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
++      fix naming of the new vector facitlity (LP 1836066)
++    - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
++      for missing SIOCGSTAMP definition; final fix is still in discussion
++      upstream (LP: 1836159)
++    - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
++      s390x machines (LP 1836154)
++    - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
++      (LP 1841066)
++    - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
++      update the z15 model name (LP 1842774)
++    - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
++      fix a potential hang when qemu or qemu-img where accessing http backed
++      disks via libcurl (LP 1848556)
++    - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*:
++      fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497)
++    - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
++      toleration for future machines (LP 1830704)
++    - SECURITY UPDATE: Add support for exposing md-clear functionality
++      to guests
++      - d/p/ubuntu/enable-md-clear.patch
++      - d/p/ubuntu/enable-md-no.patch
++      - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
++    - SECURITY UPDATE: heap overflow when loading device tree blob
++      - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
++        copy the device tree blob into is.
++      - CVE-2018-20815
++    - SECURITY UPDATE: device driver denial of service via NULL pointer
++      dereference
++      - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
++        routine
++      - CVE-2019-5008
++    - SECURITY UPDATE: information leak in SLiRP
++      - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
++        emulating ident.
++      - CVE-2019-9824
++    - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
++      unimplement.patch: properly return architecture defined exception
++      on bad subcodes of diag 308 (LP 1812384)
++  * Dropped changes (no more needed)
++    - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
++      mv_conffile since the new path is a directory in the old package
++      version which can not be handled by mv_conffile.
++      [ only needed between disco and eoan ]
++    - disable pvrdma
++      [ CVEs all fixed now ]
++    - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
++      avoid misdetection of simplified nesting blocking all migrations
++      [ qemu now detects and handles nesting - needs kernel >=4.20 ]
++    - Enable nesting by default
++      - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
++        (is default on amd)
++      - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
++        without nested=1
++        [ nesting is default in kernel modules and default selected cpu types ]
++  * Added changes
++    - d/control: regenerate debian/control out of control-in
++    - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
++      - added ubuntu focal types for qemu 4.2
++      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
++    - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
++      (LP: #1857033)
++    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
++    - d/control*, d/rules: disable xen by default, but provide universe
++      package qemu-system-x86-xen as alternative
++    - fix typos in changelog and d/qemu-system-x86.NEWS
++    - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
++    - d/control*: enable libpmem support for nvdimms (LP: #1790856)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 08 Jan 2020 15:27:42 +0100
++
  qemu (1:4.2-1) unstable; urgency=medium
    * new upstream release (4.2.0)
@@ -1446,6 +3112,205 @@ qemu (1:4.1-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Tue, 27 Aug 2019 12:43:43 +0300
++qemu (1:4.0+dfsg-0ubuntu10) focal; urgency=medium
++
++  * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
++    fix a potential hang when qemu or qemu-img where accessing http backed
++    disks via libcurl (LP: #1848556)
++  * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch:
++    fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 21 Oct 2019 14:51:45 +0200
++
++qemu (1:4.0+dfsg-0ubuntu9) eoan; urgency=medium
++
++  * d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
++    update the z15 model name (LP: #1842774)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 24 Sep 2019 11:42:58 +0200
++
++qemu (1:4.0+dfsg-0ubuntu8) eoan; urgency=medium
++
++  * d/binfmt-update-in: fix binfmt being called in some containers
++    (LP: #1840956)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 09 Sep 2019 11:03:13 +0200
++
++qemu (1:4.0+dfsg-0ubuntu7) eoan; urgency=medium
++
++  * No-change upload with strops.h and sys/strops.h removed in glibc.
++
++ -- Matthias Klose <doko@ubuntu.com>  Thu, 05 Sep 2019 11:07:25 +0000
++
++qemu (1:4.0+dfsg-0ubuntu6) eoan; urgency=medium
++
++  * d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
++    (LP: #1841066)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 26 Aug 2019 12:08:04 +0200
++
++qemu (1:4.0+dfsg-0ubuntu5) eoan; urgency=medium
++
++  * d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
++    s390x machines (LP: #1836154)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 17 Jul 2019 13:20:42 +0200
++
++qemu (1:4.0+dfsg-0ubuntu4) eoan; urgency=medium
++
++  * d/control-in: promote qemu-efi/ovmf in Ubuntu (LP: #1570617)
++    - pick Debian change for (#889885)
++      move ovmf to recommends on debian and update aarch ovmf refs
++    - stop Ubuntu to drop ovmf/qemu-efi to a suggest
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Fri, 12 Jul 2019 12:48:24 +0200
++
++qemu (1:4.0+dfsg-0ubuntu3) eoan; urgency=medium
++
++  * d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
++    for missing SIOCGSTAMP definition; final fix is still in discussion
++    upstream (LP: 1836159)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 11 Jul 2019 10:10:00 +0200
++
++qemu (1:4.0+dfsg-0ubuntu2) eoan; urgency=medium
++
++  * d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
++    fix naming of the new vector facitlity (LP: #1836066)
++  * d/control-in: update VCS links in control template as well
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 11 Jul 2019 08:18:44 +0200
++
++qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium
++
++  * Merge with Upstream release of qemu 4.0.
++    Among many other things this fixes LP Bugs:
++    LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA)
++    LP: #1828038 - Update s390x CPU Model for more HW support
++    LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el
++    Remaining Changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
++        qemu-kvm-init
++      - d/qemu-system-common.install: install helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
++    - Enable nesting by default
++      - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
++        (is default on amd)
++      - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
++        without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++      - d/qemu-system-x86.README.Debian: document intention of nested being
++        default is comfort, not full support
++    - Distribution specific machine type (LP: 1304107 1621042)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - provide pseries-bionic-2.11-sxxm type as convenience with all
++        meltdown/spectre workarounds enabled by default. (LP: 1761372).
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - s390x support
++      - Create qemu-system-s390x package
++      - Enable numa support for s390x
++    - arch aware kvm wrappers
++    - d/control: update VCS links
++    - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
++      - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
++      - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
++    - d/control-in: enable RDMA support in qemu (LP: 1692476)
++        - enable RDMA config option
++        - add libibumad-dev build-dep
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++    - Move s390x roms to a new qemu-system-data-s390x
++      - d/qemu-system-data.install: install s390x roms as architecture:all in
++        qemu-system-data
++      - d/rules: build s390-ccw.img with upstream Makefile
++      - d/rules: build s390-netboot.img with upstream Makefile
++      - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
++        some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
++        As that hack to build s390-ccw.img rom can't build s390x-netboot.img
++        replace it with a build-indep using the upstream makefiles.
++        This is less prone to miss future changes/fixes that are done to the
++        makefiles
++      - d/control-in: add breaks/replaces for moving s390x roms from
++        qemu-system-s390x to qemu-system-data
++    - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
++      [From not yet uploaded Debian branch]
++    - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
++    - d/rules: fix qemu-kvm service for debhelper compat >=12
++    - disable pvrdma - besides several security holes there are many other
++      bugs there as well
++  * Dropped patches that are upstream in v4.0
++    - d/p/do-not-link-everything-with-xen.patch
++    - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
++    - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
++    - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
++    - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778
++    - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
++    - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor
++      (LP: 1759509)
++    - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri
++    - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and
++    - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement
++    - d/p/ubuntu/CVE-2018-20815.patch
++    - d/p/ubuntu/CVE-2019-5008.patch
++    - d/p/ubuntu/CVE-2019-9824.patch
++    - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
++      avoid misdetection of simplified nesting blocking all migrations
++  * Dropped further patches
++    d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665
++    [upstream deprecated the whole subsystem instead of applying the fix]
++  * Added Changes
++    - updated ubuntu machine types for v4.0
++      - added eoan types
++      - fixed s390x issue of upstream types having a "v" prefix
++      - add back dropped machine types to avoid more issues like LP: 1802944
++      - fix kvm split irqchip default in ubuntu q35 machine type
++      - drop no more needed spapr_machine_2_11_sxxm_instance_options and
++        adapt updated CamelCase
++      - -hpb types now need to use GlobalProperties
++      - pc_compat_2_0 got a _fn suffix and slight changes
++    - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to
++      SLOF of qemu 4.0
++    - Refreshed patches still needed for v4.0 context changes
++      - d/p/use-fixed-data-path.patch
++      - d/p/ubuntu/enable-svm-by-default.patch
++      - d/p/ubuntu/enable-md-clear.patch
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
++    - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration
++      (LP: #1830243)
++    - d/control: disable bluetooth being deprecated
++    - d/control*: remove sdlabi which was removed upstream
++    - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238)
++    - d/control*: enable docs (now explicit) and provide new build-dep
++      python3-sphinx
++    - d/not-installed: ignore new interop docs and extra icons for now
++    - d/not-installed: do not install elf2dmp until namespaced
++    - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
++    - d/qemu-system-data.install: use new paths for formerly used icons
++    - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
++      fix i386 build error
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 24 Jun 2019 16:33:19 +0200
++
  qemu (1:3.1+dfsg-8) unstable; urgency=high
    * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch
@@ -1548,6 +3413,232 @@ qemu (1:3.1+dfsg-3) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Wed, 06 Feb 2019 12:23:01 +0300
++qemu (1:3.1+dfsg-2ubuntu5) eoan; urgency=medium
++
++  * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
++    broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
++    fix migrations from old machines (LP: #1829868).
++  * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
++    toleration for future machines (LP: #1830704
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 28 May 2019 11:30:42 +0200
++
++qemu (1:3.1+dfsg-2ubuntu4) eoan; urgency=medium
++
++  * SECURITY UPDATE: Add support for exposing md-clear functionality
++    to guests
++    - d/p/ubuntu/enable-md-clear.patch
++    - d/p/ubuntu/enable-md-no.patch
++    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
++  * SECURITY UPDATE: heap overflow when loading device tree blob
++    - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
++      copy the device tree blob into is.
++    - CVE-2018-20815
++  * SECURITY UPDATE: device driver denial of service via NULL pointer
++    dereference
++    - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
++      routine
++    - CVE-2019-5008
++  * SECURITY UPDATE: information leak in SLiRP
++    - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
++      emulating ident.
++    - CVE-2019-9824
++
++ -- Steve Beattie <sbeattie@ubuntu.com>  Wed, 08 May 2019 09:27:53 -0700
++
++qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium
++
++  * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
++    - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
++    - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
++      mv_conffile since the new path is a directory in the old package
++      version which can not be handled by mv_conffile.
++  * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
++    OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
++    Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
++    CVE-2019-3812
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 18 Mar 2019 09:20:07 +0100
++
++qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium
++
++  * disable pvrdma - besides several security holes there are many other
++    bugs there as well, and the amount of patches applied upstream after
++    3.1 release is large (Closes, or actuallymakes unimportant again)
++    - CVE-2018-20123
++    - CVE-2018-20124
++    - CVE-2018-20125
++    - CVE-2018-20126
++    - CVE-2018-20191
++    - CVE-2018-20216
++  * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
++    - CVE-2019-6501
++  * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
++    - CVE-2019-6778
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 19 Feb 2019 06:43:04 +0100
++
++qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium
++
++  * Merge with Debian testing, Among many other things this fixes LP Bugs:
++    LP: #1806104 - fix misleading page size error on ppc64el
++    LP: #1782205 - SnowRidge enabled new ISAs
++    LP: #1786956 - upgrade to qemu >= 3.0
++    LP: #1809083 - Backward migration to Xenial on ppc64el
++    LP: #1803315 - s390x Huge page enablement
++    LP: #1657409 - enable virglrenderer
++    Remaining Changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
++      - d/qemu-system-common.install: install systemd unit and helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: install /etc/default/qemu-kvm
++    - Enable nesting by default
++      - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
++        (is default on amd)
++      - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
++        without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++      - d/qemu-system-x86.README.Debian: document intention of nested being
++        default is comfort, not full support
++    - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372)
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
++        convenience with all meltdown/spectre workarounds enabled by default.
++        (LP: 1761372).
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - s390x support
++      - Create qemu-system-s390x package
++      - Enable numa support for s390x
++    - arch aware kvm wrappers
++    - d/control: update VCS links (updated to match latest Ubuntu)
++    - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
++      - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
++      - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
++    - d/control-in: enable RDMA support in qemu (LP: 1692476)
++        - enable RDMA config option
++        - add libibumad-dev build-dep
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: Disable capstone disassembler library support (universe)
++  * Added Changes:
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes
++      for qemu 3.1 in the Ubuntu Disco release
++    - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509)
++    - Move s390x roms to a new qemu-system-data-s390x
++      - d/qemu-system-data.install: install s390x roms as architecture:all in
++        qemu-system-data
++      - d/rules: build s390-ccw.img with upstream Makefile
++      - d/rules: build s390x-netboot.img with upstream Makefile
++      - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
++        some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
++        As that hack to build s390-ccw.img rom can't build s390x-netboot.img
++        replace it with a build-indep using the upstream makefiles.
++        This is less prone to miss future changes/fixes that are done to the
++        makefiles
++      - d/control-in: add breaks/replaces for moving s390x roms from
++        qemu-system-s390x to qemu-system-data
++    - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
++      [From not yet uploaded Debian branch]
++    - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
++      (Closes: #918378)
++    - d/rules: fix qemu-kvm service for debhelper compat >=12
++    - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
++      avoid misdetection of simplified nesting blocking all migrations
++    - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
++      unimplement.patch: properly return archicture defined exception
++      on bad subcodes of diag 308 (LP: #1812384)
++  * Dropped Changes:
++    - Include s390-ccw.img firmware (old style native build)
++    - d/rules enable install s390x-netboot.img (old style native build)
++    - libvirt/qemu user/group support
++      - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
++        trigger.
++        [ Droppable since logind properly sets ACLs now ]
++      - qemu-system-common.preinst: add kvm group if needed
++        [ Droppable because systemd/udev take care of it since 239-6]
++    - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent
++      freeze-hook fixes (LP: 1484990)
++      [upstream]
++    - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
++      merged upstream
++      [upstream]
++    - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
++      computation while concatenating mbuf.
++      CVE-2018-11806
++      [upstream]
++    - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
++      for powerpc64 to speed up translation (LP: 1781526)
++      [upstream]
++    - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
++      cpu model for z14 ZR1 (LP: 1780773).
++      [upstream]
++    - Mark qemu-system-data foreign to be able to install it e.g. on i386
++      (Closes: 903562)
++      [in Debian]
++    - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
++      unreleased Debian version)
++      [in Debian]
++    - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
++      by migrations with UI frontends or frequent guest resolution changes
++      (LP #1755912)
++      [upstream]
++    - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
++      extend eieio for POWER9 emulation (LP: 1787408).
++      [upstream]
++    - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
++      ensure that the seccomp blacklist is applied to all threads (LP: 1789551)
++      [upstream]
++    - improve s390x spectre mitigation with etoken facility (LP: 1790457)
++      [upstream]
++    - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901)
++      [upstream]
++    - d/control-in: our addition of a qemu-system-s390x package needs to follow
++      the split of qemu-system-data by adding a dependency to it (LP: 1798084)
++      [in Debian]
++    - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
++      Adapters on s390x (LP: 1787405)
++      [upstream]
++    - enable opengl for vfio-MDEV support (LP: 1804766)
++      [in Debian]
++    - SECURITY UPDATE: integer overflow in NE2000 NIC emulation
++      [upstream]
++    - SECURITY UPDATE: integer overflow via crafted QMP command
++      [upstream]
++    - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
++      [upstream]
++    - SECURITY UPDATE: buffer overflow in rtl8139
++      [upstream]
++    - SECURITY UPDATE: buffer overflow in pcnet
++      [upstream]
++    - SECURITY UPDATE: DoS via large packet sizes
++      [upstream]
++    - SECURITY UPDATE: DoS in lsi53c895a
++      [upstream]
++    - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
++      [upstream]
++    - SECURITY UPDATE: race condition in 9p
++      [upstream]
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 08 Jan 2019 09:41:08 +0100
++
  qemu (1:3.1+dfsg-2) unstable; urgency=medium
    * d/rules: split arch and indep builds
@@ -1627,6 +3718,249 @@ qemu (1:3.1+dfsg-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Sun, 02 Dec 2018 19:10:27 +0300
++qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium
++
++  [ Marc Deslauriers ]
++  * SECURITY UPDATE: integer overflow in NE2000 NIC emulation
++    - debian/patches/CVE-2018-10839.patch: use proper type in
++      hw/net/ne2000.c.
++    - CVE-2018-10839
++  * SECURITY UPDATE: integer overflow via crafted QMP command
++    - debian/patches/CVE-2018-12617.patch: check bytes count read by
++      guest-file-read in qga/commands-posix.c.
++    - CVE-2018-12617
++  * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
++    - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
++    - CVE-2018-16847
++  * SECURITY UPDATE: buffer overflow in rtl8139
++    - debian/patches/CVE-2018-17958.patch: use proper type in
++      hw/net/rtl8139.c.
++    - CVE-2018-17958
++  * SECURITY UPDATE: buffer overflow in pcnet
++    - debian/patches/CVE-2018-17962.patch: use proper type in
++      hw/net/pcnet.c.
++    - CVE-2018-17962
++  * SECURITY UPDATE: DoS via large packet sizes
++    - debian/patches/CVE-2018-17963.patch: check size in net/net.c.
++    - CVE-2018-17963
++  * SECURITY UPDATE: DoS in lsi53c895a
++    - debian/patches/CVE-2018-18849.patch: check message length value is
++      valid in hw/scsi/lsi53c895a.c.
++    - CVE-2018-18849
++  * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
++    - debian/patches/CVE-2018-18954.patch: check size before data buffer
++      access in hw/ppc/pnv_lpc.c.
++    - CVE-2018-18954
++  * SECURITY UPDATE: race condition in 9p
++    - debian/patches/CVE-2018-19364-1.patch: use write lock in
++      hw/9pfs/cofile.c.
++    - debian/patches/CVE-2018-19364-2.patch: use write lock in
++      hw/9pfs/9p.c.
++    - CVE-2018-19364
++
++  [ Christian Ehrhardt]
++  * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
++    Adapters on s390x (LP: #1787405)
++  * enable opengl for vfio-MDEV support (LP: #1804766)
++    - d/control-in: set --enable-opengl
++    - d/control-in: add gl related build-dependencies
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 21 Nov 2018 13:17:01 -0500
++
++qemu (1:2.12+dfsg-3ubuntu8) cosmic; urgency=medium
++
++  * d/control-in: our addition of a qemu-system-s390x package needs to follow
++    the split of qemu-system-data by adding a dependency to it (LP: #1798084)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 17 Oct 2018 10:50:27 +0200
++
++qemu (1:2.12+dfsg-3ubuntu7) cosmic; urgency=medium
++
++  * Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: #1790901)
++    The SLOF source pieces in src:qemu are only used for s390x netboot,
++    which are independent ROMs (no linking). All other binaries out of this
++    are part of src:slof and independent.
++    - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot-2.12-to-3.0.patch
++    - d/p/ubuntu/lp-1790901-0*: backport s390x pxelinux netboot capabilities
++      and related fixes
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 25 Sep 2018 13:31:15 +0200
++
++qemu (1:2.12+dfsg-3ubuntu6) cosmic; urgency=medium
++
++  * improve s390x spectre mitigation with etoken facility (LP: #1790457)
++    - debian/patches/ubuntu/lp-1790457-s390x-kvm-add-etoken-facility.patch
++    - debian/patches/ubuntu/lp-1790457-partial-s390x-linux-headers-update.patch
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 12 Sep 2018 10:06:48 +0200
++
++qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium
++
++  * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
++    ensure that the seccomp blacklist is applied to all threads (LP: #1789551)
++    - CVE-2018-15746
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 29 Aug 2018 08:50:36 +0200
++
++qemu (1:2.12+dfsg-3ubuntu4) cosmic; urgency=medium
++
++  [ Murilo Opsfelder Araujo ]
++  * d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
++    extend eieio for POWER9 emulation (LP: #1787408).
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 20 Aug 2018 11:52:39 +0200
++
++qemu (1:2.12+dfsg-3ubuntu3) cosmic; urgency=medium
++
++  * d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
++    by migrations with UI frontends or frequent guest resolution changes
++    (LP: #1755912)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 19 Jul 2018 08:26:52 +0200
++
++qemu (1:2.12+dfsg-3ubuntu2) cosmic; urgency=medium
++
++  * Disable capstone disassembler library support (universe dependency)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 17 Jul 2018 08:35:32 +0200
++
++qemu (1:2.12+dfsg-3ubuntu1) cosmic; urgency=medium
++
++  * Merge with Debian testing, Remaining Changes:
++    - Among other things this fixes (LP: #1780768, LP: #1780769, LP: #1780772)
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
++      - d/qemu-system-common.install: install systemd unit and helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: install /etc/default/qemu-kvm
++    - Enable nesting by default
++      - set nested=1 module option on intel. (is default on amd)
++      - re-load kvm_intel.ko if it was loaded without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++      - d/qemu-system-x86.README.Debian: document intention of nested being
++        default is comfort, not full support
++    - libvirt/qemu user/group support
++      - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
++        trigger.
++      - qemu-system-common.preinst: add kvm group if needed
++    - Distribution specific machine type
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types to ease future live vm migration.
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++      - d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
++        for host-phys-bits=true (LP: 1776189)
++      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
++      - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
++        convenience with all meltdown/spectre workarounds enabled by default.
++        (LP: 1761372).
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - s390x support
++      - Create qemu-system-s390x package
++      - Include s390-ccw.img firmware
++      - Enable numa support for s390x
++    - arch aware kvm wrappers
++    - update VCS-git (updated to match cosmic)
++    - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
++      - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
++      - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
++      - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
++    - Create and install pxe netboot images for KVM s390x (LP: 1732094)
++      - d/rules enable install s390x-netboot.img
++    - d/control-in: enable RDMA support in qemu (LP: 1692476)
++    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - SECURITY UPDATE: Speculative Store Bypass
++      - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
++        CPUID feature bit in target/i386/cpu.*.
++      - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
++        'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
++      - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
++        MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
++        target/i386/machine.c.
++      - CVE-2018-3639
++  * Added Changes:
++    - update machine type changes for qemu 2.12 and the Ubuntu Cosmic release
++      - add cosmic types for base and -hpb
++      - drop no more supported types (zesty and yakkety)
++      - d/p/series: group machine type changes
++    - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
++      merged upstream
++    - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
++      computation while concatenating mbuf.
++      CVE-2018-11806
++    - d/qemu-kvm-init, d/qemu-system-common.qemu-kvm.default: drop the
++      deprecated handling of VHOST_NET_ENABLED and KVM_HUGEPAGES.
++    - d/qemu-kvm-init: do not exit early on non x86/ppc64el (LP: #1763275)
++    - d/qemu-kvm-init, d/kvm.powerpc: clean up typos and shellcheck warnings
++    - d/qemu-kvm-init, d/kvm.powerpc: fix SMT detection and make it only apply
++      to POWER8
++    - d/qemu-kvm-init: drop old VM detection that was broken in some cases and
++      is no more needed with systemd-detect-virt being more mature and always
++      present.
++    - d/kvm.powerpc: drop old powerpc (non-ppc64el) code.
++    - d/control-in: add libibumad-dev which is now needed for rdma
++    - d/rules: update s390x delta to match new Debian packaging
++    - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
++      for powerpc64 to speed up translation (LP: #1781526)
++    - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
++      cpu model for z14 ZR1 (LP: #1780773).
++    - Mark qemu-system-data foreign to be able to install it e.g. on i386
++      (Closes: 903562)
++    - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
++      unreleased Debian version)
++  * Dropped Changes:
++    - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
++      (No more removed when building DFSG orig tarball in Debian)
++    - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
++      we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
++      so we revert related changes to stick with the proven for now:
++      - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
++                   depends on it)
++      - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
++      (Debian switched to gtk which seems to work better and has all
++      dependencies in main.)
++    - d/control-in: enable seccomp on s390x (in Debian for Linux-any)
++    - Changes that are now upstream with qemu 2.12
++      - d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with
++        newer versions of glibc >=2.27 (LP: 1753826)
++      - d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
++      - d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
++        SSE/AVX/AVX512 cpu features (LP: 1739665)
++      - d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
++        space+commpage continuous which avoids long startup times on
++        qemu-user-static (LP: 1740219)
++      - provide pseries-2.12-sxxm type (LP: 1761372)
++      - d/p/ubuntu/lp-1704312-1-* provide means to manually handle
++        filesystem-dax with pmem by backporting align and unarmed options
++        (LP: 1704312).
++      - d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
++        option to slirp's DHCP server (LP: 1762315)
++      - d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying
++        Protection information (LP: 1762854).
++      - d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9
++        migration (LP: 1763468).
++      - SECURITY UPDATE: out-of-bounds access during migration via ps2
++        CVE-2017-16845
++      - SECURITY UPDATE: arbitrary code execution via load_multiboot
++        CVE-2018-7550
++      - SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
++        CVE-2018-7858
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 21 Jun 2018 14:24:06 +0200
++
  qemu (1:2.12+dfsg-3) unstable; urgency=medium
    * make qemu-system-foo depending
@@ -1715,6 +4049,239 @@ qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 12 Apr 2018 19:04:03 +0300
++qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium
++
++  * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
++    for host-phys-bits=true (LP: #1776189)
++    - add an info about this change in debian/qemu-system-x86.NEWS
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 12 Jun 2018 09:01:00 +0200
++
++qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium
++
++  * SECURITY UPDATE: Speculative Store Bypass
++    - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
++      CPUID feature bit in target/i386/cpu.*.
++    - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
++      'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
++    - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
++      MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
++      target/i386/machine.c.
++    - CVE-2018-3639
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 22 May 2018 09:34:52 -0400
++
++qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium
++
++  * SECURITY UPDATE: out-of-bounds access during migration via ps2
++    - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers
++      in post_load routine in hw/input/ps2.c.
++    - CVE-2017-16845
++  * SECURITY UPDATE: arbitrary code execution via load_multiboot
++    - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being
++      zero in hw/i386/multiboot.c.
++    - CVE-2018-7550
++  * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
++    - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in
++      hw/display/vga.c.
++    - CVE-2018-7858
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 16 May 2018 14:14:20 -0400
++
++qemu (1:2.11+dfsg-1ubuntu8) cosmic; urgency=medium
++
++  * No-change rebuild for ncurses soname changes.
++
++ -- Matthias Klose <doko@ubuntu.com>  Thu, 03 May 2018 14:18:39 +0000
++
++qemu (1:2.11+dfsg-1ubuntu7) bionic; urgency=medium
++
++  * d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying Protection
++    information (LP: #1762854).
++  * d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 migration
++    (LP: #1763468).
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 11 Apr 2018 07:46:18 +0200
++
++qemu (1:2.11+dfsg-1ubuntu6) bionic; urgency=medium
++
++  * Remove LP: 1752026 changes to d/p/ubuntu/define-ubuntu-machine-types.patch.
++    The Kernel fixes are preferred and already committed to the kernel.
++    Therefore remove the default disabling of the HTM feature (LP: #1761175)
++  * d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
++    SSE/AVX/AVX512 cpu features (LP: #1739665)
++  * d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
++    space+commpage continuous which avoids long startup times on
++    qemu-user-static (LP: #1740219)
++  * d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
++    convenience with all meltdown/spectre workarounds enabled by default.
++    This is not the default type following upstream and x86 on that.
++    (LP: #1761372).
++  * d/p/ubuntu/lp-1704312-1-* provide means to manually handle filesystem-dax
++    with pmem by backporting align and unarmed options (LP: #1704312).
++  * d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
++    option to slirp's DHCP server (LP: #1762315)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 04 Apr 2018 15:16:07 +0200
++
++qemu (1:2.11+dfsg-1ubuntu5) bionic; urgency=medium
++
++  * Revert the slirp changes of 1:2.11+dfsg-1ubuntu3 until they are upstream
++    accepted to be better long term maintainable (LP: #1753938)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 22 Mar 2018 10:31:23 +0100
++
++qemu (1:2.11+dfsg-1ubuntu4) bionic; urgency=medium
++
++  * d/p/ubuntu/define-ubuntu-machine-types.patch: Disable HTM feature for
++    ppc64el in spapr to let the defaults not fail on Power9 HW (LP: #1752026).
++  * d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with newer
++    versions of glibc >=2.27 (LP: #1753826)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 05 Mar 2018 16:43:01 +0100
++
++qemu (1:2.11+dfsg-1ubuntu3) bionic; urgency=medium
++
++  * d/p/ubuntu/0001-slirp-Add-domainname-option-to-slirp-s-DHCP-server.patch,
++    d/p/ubuntu/0002-slirp-Add-classless-static-routes-support-to-DHCP-se.patch:
++    Add domainname option and classless static routes support to the user
++    networking's DHCP server
++
++ -- Benjamin Drung <benjamin.drung@profitbricks.com>  Fri, 02 Mar 2018 21:08:54 +0100
++
++qemu (1:2.11+dfsg-1ubuntu2) bionic; urgency=medium
++
++  * d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
++    - among other fixes this adds code to:
++      - mitigate the Spectre/Meltdown attacks (LP: #1744882) (CVE-2017-5715)
++        However, enabling this functionality requires additional configuration
++        beyond just updating QEMU. Also migrations need special consideration.
++        Details about that can be found at:
++        https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
++      - Power9 allocation of max 8 threads per core (LP: #1750526)
++  * Drop changes that are part of the upstream stable release
++    - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
++    - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
++    - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
++    - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
++  * d/p/ubuntu/define-ubuntu-machine-types.patch: refresh to match stable update
++  * d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: unify to only change the
++    common compat.h header and add some extra info in the patch header.
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 19 Feb 2018 11:03:11 +0100
++
++qemu (1:2.11+dfsg-1ubuntu1) bionic; urgency=medium
++
++  * Merge with Debian testing, among other fixes this includes
++    - fix fatal error on negative maxcpus (LP: #1722495)
++    - fix segfault on dump-guest-memory on guests without memory (LP: #1723381)
++    - linux user threading issues (LP: #1350435)
++    - TOD-Clock Epoch Extension Support on s390x (LP: #1732691)
++    Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
++      - d/qemu-system-common.install: install systemd unit and helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: install /etc/default/qemu-kvm
++    - Enable nesting by default
++      - set nested=1 module option on intel. (is default on amd)
++      - re-load kvm_intel.ko if it was loaded without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++    - libvirt/qemu user/group support
++      - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
++        trigger.
++      - qemu-system-common.preinst: add kvm group if needed
++    - Distribution specific machine type
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types to ease future live vm migration.
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - s390x support
++      - Create qemu-system-s390x package
++      - Include s390-ccw.img firmware
++      - Enable numa support for s390x
++    - ppc64[le] support
++      - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
++    - arch aware kvm wrappers
++  * Added Changes
++    - update VCS-git to match the bionic branch
++    - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
++      we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
++      so we revert related changes to stick with the proven for now:
++      - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
++                   depends on it)
++      - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
++    - d/qemu-system-x86.README.Debian: document intention of nested being
++      default is comfort, not full support
++    - update Ubuntu machine types for qemu 2.11
++    - qemu-guest-agent: freeze-hook fixes (LP: #1484990)
++      - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
++      - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
++      - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
++    - Create and install pxe netboot images for KVM s390x (LP: #1732094)
++      - d/rules enable install s390x-netboot.img
++      - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
++    - d/control-in: enable RDMA support in qemu (LP: #1692476)
++    - on s390x provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1743560)
++      - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
++      - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
++      - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
++      - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
++    - tolerate ipxe size change on migrations to >=18.04 (LP: #1713490)
++      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
++        reference 256k path
++      - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
++        handle incoming migrations from former releases.
++    - d/control-in: enable seccomp on s390x
++  * Dropped changes (no more needed):
++    - Dropped VHOST_NET_ENABLED and KVM_HUGEPAGES from /etc/default/qemu-kvm
++      The functionality is retained for upgraders, but is deprecated.
++      Post 18.04 the implementation for these configurations will be removed.
++  * Dropped changes (in Debian now):
++    - ppc64[le] support
++      - Enable seccomp for ppc64el
++      - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
++    - disable missing x32 architecture
++    - d/rules: or32 is now named or1k (since 4a09d0bb)
++    - d/qemu-system-common.docs: new paths since (ac06724a)
++    - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
++      by qapi-schema.json which is already packaged (since 4d8bb958)
++    - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
++      to Debian patch to match qemu 2.10)
++    - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
++      since 8508eee7
++    - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
++    - make nios2/hppa not installed explicitly until further stablized
++    - d/qemu-guest-agent.install: add the new guest agent reference man page
++      qemu-ga-ref
++    - d/qemu-system-common.install: add the now generated qapi/qmp reference
++      along the qapi intro
++    - d/not-installed: ignore further generated (since 56e8bdd4) files in
++      dh_missing that are already provided in other formats qemu-doc,
++      qemu-qmp-ref,qemu-ga-ref
++  * Dropped changes (integrated upstream):
++    - d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
++      on arm64 when doing suspend/resume and reboots due to older kernels not
++      supporting ITS (LP 1731051).
++    - Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
++      James Cowgill to prevent qemu-user from forwarding prctl seccomp
++      calls (LP 1726394)
++    - update to upstream 2.10.1 point release (LP 1722808)
++
++
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 22 Jan 2018 14:35:18 +0100
++
  qemu (1:2.11+dfsg-1) unstable; urgency=medium
    [ Michael Tokarev ]
@@ -1829,6 +4396,238 @@ qemu (1:2.10.0-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Sat, 23 Sep 2017 16:47:02 +0300
++qemu (1:2.10+dfsg-0ubuntu5) bionic; urgency=medium
++
++  * d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
++    on arm64 when doing suspend/resume and reboots due to older kernels not
++    supporting ITS (LP: #1731051).
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 14 Nov 2017 08:30:29 +0100
++
++qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium
++
++  * Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
++    James Cowgill to prevent qemu-user from forwarding prctl seccomp
++    calls (LP: #1726394)
++
++ -- Julian Andres Klode <juliank@ubuntu.com>  Sat, 04 Nov 2017 00:21:14 +0100
++
++qemu (1:2.10+dfsg-0ubuntu3) artful; urgency=medium
++
++  * fix enablement of qemu-kvm service (LP: #1720397)
++    - rename d/qemu-kvm.service to d/qemu-system-common.qemu-kvm.service
++    - d/rules: add proper enablement debhelper calls
++    - d/qemu-system-common.install: install covered by dh_installinit
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 16 Oct 2017 11:28:39 +0200
++
++qemu (1:2.10+dfsg-0ubuntu2) artful; urgency=medium
++
++  * update to upstream 2.10.1 point release (LP: #1722808)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 11 Oct 2017 15:33:40 +0200
++
++qemu (1:2.10+dfsg-0ubuntu1) artful; urgency=medium
++
++  * Merge with Upstream 2.10.0 to pick up final fixes of the 2.10 release
++    Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
++      - d/qemu-system-common.install: install systemd unit and helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: install /etc/default/qemu-kvm
++    - Enable nesting by default
++      - set nested=1 module option on intel. (is default on amd)
++      - re-load kvm_intel.ko if it was loaded without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++    - libvirt/qemu user/group support
++      - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
++        trigger.
++      - qemu-system-common.preinst: add kvm group if needed
++    - Distribution specific machine type
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types to ease future live vm migration.
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - s390x support
++      - Create qemu-system-s390x package
++      - Include s390-ccw.img firmware
++      - Enable numa support for s390x
++    - ppc64[le] support
++      - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
++      - Enable seccomp for ppc64el
++      - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
++    - arch aware kvm wrappers
++    - update VCS-git to match the Artful branch
++    - disable missing x32 architecture
++    - d/rules: or32 is now named or1k (since 4a09d0bb)
++    - d/qemu-system-common.docs: new paths since (ac06724a)
++    - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
++      by qapi-schema.json which is already packaged (since 4d8bb958)
++    - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
++      to Debian patch to match qemu 2.10)
++    - s390x package now builds correctly on all architectures (LP 1710695)
++    - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
++      since 8508eee7
++    - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
++    - make nios2/hppa not installed explicitly until further stablized
++    - d/qemu-guest-agent.install: add the new guest agent reference man page
++      qemu-ga-ref
++    - d/qemu-system-common.install: add the now generated qapi/qmp reference
++      along the qapi intro
++    - d/not-installed: ignore further generated (since 56e8bdd4) files in
++      dh_missing that are already provided in other formats qemu-doc,
++      qemu-qmp-ref,qemu-ga-ref
++
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 05 Sep 2017 08:31:26 +0200
++
++qemu (1:2.10~rc4+dfsg-0ubuntu1) artful; urgency=medium
++
++  * Merge with Upstream 2.10-rc4; This fixes a migration issue (LP: #1711602);
++    Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
++      - d/qemu-system-common.install: install systemd unit and helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: install /etc/default/qemu-kvm
++    - Enable nesting by default
++      - set nested=1 module option on intel. (is default on amd)
++      - re-load kvm_intel.ko if it was loaded without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++    - libvirt/qemu user/group support
++      - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
++        trigger.
++      - qemu-system-common.preinst: add kvm group if needed
++    - Distribution specific machine type
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types to ease future live vm migration.
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - s390x support
++      - Create qemu-system-s390x package
++      - Include s390-ccw.img firmware
++      - Enable numa support for s390x
++    - ppc64[le] support
++      - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
++      - Enable seccomp for ppc64el
++      - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
++    - arch aware kvm wrappers
++    - update VCS-git to match the Artful branch
++    - disable missing x32 architecture
++    - d/rules: or32 is now named or1k (since 4a09d0bb)
++    - d/qemu-system-common.docs: new paths since (ac06724a)
++    - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
++      by qapi-schema.json which is already packaged (since 4d8bb958)
++    - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
++      to Debian patch to match qemu 2.10)
++    - s390x package now builds correctly on all architectures (LP 1710695)
++  * Added changes:
++    - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
++      since 8508eee7
++    - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
++    - make nios2/hppa not installed explicitly until further stablized
++    - d/qemu-guest-agent.install: add the new guest agent reference man page
++      qemu-ga-ref
++    - d/qemu-system-common.install: add the now generated qapi/qmp reference
++      along the qapi intro
++    - d/not-installed: ignore further generated (since 56e8bdd4) files in
++      dh_missing that are already provided in other formats qemu-doc,
++      qemu-qmp-ref,qemu-ga-ref
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: update to match new
++      changes in 2.10-rc4
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Fri, 25 Aug 2017 07:49:30 +0200
++
++qemu (1:2.10~rc3+dfsg-0ubuntu1) artful; urgency=medium
++
++  * Merge with Debian unstable (2.8) and Upstream 2.10-rci3; This fixes
++    a set of bugs
++    - [FFE] Qemu 2.10 in Artful (LP: #1699968)
++    - CPU hot unplug fails after migrating a CPU hotplugged guest
++      from source (LP: #1677552)
++    - [Feature] KNL/KNM: Numa Distance on KVM(LP: #1647902)
++    - New KVM 288 Pass Through (LP: #1672447)
++    - aarch64: MSI is not supported by interrupt controller (LP: #1706630)
++  * Remaining changes:
++    - qemu-kvm to systemd unit
++      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
++        hugepages and architecture specifics
++      - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
++      - d/qemu-system-common.install: install systemd unit and helper script
++      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
++      - d/qemu-system-common.qemu-kvm.default: defaults for
++        /etc/default/qemu-kvm
++      - d/rules: install /etc/default/qemu-kvm
++    - Enable nesting by default
++      - set nested=1 module option on intel. (is default on amd)
++      - re-load kvm_intel.ko if it was loaded without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
++        in qemu64 cpu type.
++      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
++        in qemu64 on amd
++    - libvirt/qemu user/group support
++      - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
++        trigger.
++      - qemu-system-common.preinst: add kvm group if needed
++    - Distribution specific machine type
++      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++        types to ease future live vm migration.
++      - d/qemu-system-x86.NEWS Info on fixed machine type definitions
++    - improved dependencies
++      - Make qemu-system-common depend on qemu-block-extra
++      - Make qemu-utils depend on qemu-block-extra
++      - let qemu-utils recommend sharutils
++    - s390x support
++      - Create qemu-system-s390x package
++      - Include s390-ccw.img firmware
++      - Enable numa support for s390x
++    - ppc64[le] support
++      - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
++      - Enable seccomp for ppc64el
++      - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
++    - arch aware kvm wrappers
++    - disable missing x32 architecture
++    - update VCS links
++  * Added changes
++      - d/rules: or32 is now named or1k (since 4a09d0bb)
++      - d/qemu-system-common.docs: new paths since (ac06724a)
++      - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
++        by qapi-schema.json which is already packaged (since 4d8bb958)
++      - Updates in debian/patches to match qemu 2.10
++        - d/p/02_kfreebsd.patch: utimensat is no more optional upstream
++        - d/p/ubuntu/enable-svm-by-default.patch: target-i386 -> target/i386
++        - d/p/ubuntu/expose-vmx_qemu64cpu.patch: target-i386 -> target/i386
++        - d/p/ubuntu/define-ubuntu-machine-types.patch: new 2.10 ubuntu types
++        - update VCS-git to match the Artful branch
++      - s390x package now builds correctly on all architectures (LP: #1710695)
++  * Dropped changes (integrated upstream):
++    - d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
++      "spapr/pci: populate PCI DT in reverse order" (LP 1670481).
++    - All CVE fixes formerly applied are upstream and thereby dropped.
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 08 Aug 2017 16:59:19 +0200
++
  qemu (1:2.8+dfsg-7) unstable; urgency=medium
    * uploading to unstable all fixes which went to stretch-security
@@ -1938,6 +4737,179 @@ qemu (1:2.8+dfsg-4) unstable; urgency=high
   -- Michael Tokarev <mjt@tls.msk.ru>  Mon, 03 Apr 2017 16:28:49 +0300
++qemu (1:2.8+dfsg-3ubuntu4) artful; urgency=medium
++
++  * debian/rules: fix installation of /etc/default/qemu-kvm (LP: #1692530)
++    This was inadvertently dropped on 2.8 merge.
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 22 May 2017 15:45:58 +0200
++
++qemu (1:2.8+dfsg-3ubuntu3) artful; urgency=medium
++
++  * SECURITY UPDATE: denial of service via leak in virtFS
++    - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in
++      hw/9pfs/9p.c.
++    - CVE-2017-7377
++  * SECURITY UPDATE: denial of service in cirrus_vga
++    - debian/patches/CVE-2017-7718.patch: check parameters in
++      hw/display/cirrus_vga_rop.h.
++    - CVE-2017-7718
++  * SECURITY UPDATE: code execution via cirrus_vga OOB r/w
++    - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in
++      hw/display/cirrus_vga.c.
++    - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in
++      hw/display/cirrus_vga.c.
++    - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling
++      in hw/display/cirrus_vga.c.
++    - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in
++      hw/display/cirrus_vga.c.
++    - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch
++      in hw/display/cirrus_vga.c.
++    - debian/patches/CVE-2017-7980-6.patch: stop passing around dst
++      pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
++      hw/display/cirrus_vga_rop2.h.
++    - debian/patches/CVE-2017-7980-7.patch: stop passing around src
++      pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
++      hw/display/cirrus_vga_rop2.h.
++    - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in
++      hw/display/cirrus_vga_rop.h.
++    - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in
++      hw/display/cirrus_vga.c.
++    - CVE-2017-7980
++  * SECURITY UPDATE: denial of service via memory leak in virtFS
++    - debian/patches/CVE-2017-8086.patch: fix leak in hw/9pfs/9p-xattr.c.
++    - CVE-2017-8086
++  * SECURITY UPDATE: denial of service via leak in audio
++    - debian/patches/CVE-2017-8309.patch: release capture buffers in
++      audio/audio.c.
++    - CVE-2017-8309
++  * SECURITY UPDATE: denial of service via leak in keyboard
++    - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in
++      ui/input.c.
++    - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in
++      ui/input.c.
++    - CVE-2017-8379
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 18 May 2017 09:20:54 -0400
++
++qemu (1:2.8+dfsg-3ubuntu2.1) zesty-security; urgency=medium
++
++  * SECURITY UPDATE: DoS in virtio GPU device
++    - debian/patches/CVE-2016-10028.patch: check virgl capabilities
++      max_size in hw/display/virtio-gpu-3d.c.
++    - CVE-2016-10028
++  * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation
++    - debian/patches/CVE-2016-8667.patch: limit interval timer reload value
++      in hw/dma/rc4030.c.
++    - CVE-2016-8667
++  * SECURITY UPDATE: host filesystem access via virtFS
++    - debian/patches/CVE-2016-9602.patch: don't follow symlinks in
++      hw/9pfs/*.
++    - CVE-2016-9602
++  * SECURITY UPDATE: arbitrary code execution via Cirrus VGA
++    - debian/patches/CVE-2016-9603.patch: remove bitblit support from
++      console code in hw/display/cirrus_vga.c, include/ui/console.h,
++      ui/console.c, ui/vnc.c.
++    - CVE-2016-9603
++  * SECURITY UPDATE: information leak in virtio GPU device
++    - debian/patches/CVE-2016-9908.patch: properly clear out memory in
++      hw/display/virtio-gpu-3d.c.
++    - CVE-2016-9908
++  * SECURITY UPDATE: DoS via memory leak in virtio GPU device
++    - debian/patches/CVE-2016-9912.patch: properly free memory in
++      hw/display/virtio-gpu.c.
++    - CVE-2016-9912
++  * SECURITY UPDATE: DoS via virtFS
++    - debian/patches/CVE-2016-9914.patch: add cleanup operations to
++      fsdev/file-op-9p.h, hw/9pfs/9p.c.
++    - CVE-2016-9914
++  * SECURITY UPDATE: DoS via memory leak in virtio GPU device
++    - debian/patches/CVE-2017-5552.patch: check return value in
++      hw/display/virtio-gpu-3d.c.
++    - CVE-2017-5552
++  * SECURITY UPDATE: DoS via memory leak in virtio GPU device
++    - debian/patches/CVE-2017-5578.patch: check res->iov in
++      hw/display/virtio-gpu.c.
++    - CVE-2017-5578
++  * SECURITY UPDATE: DoS via infinite loop in SDHCI device emulation
++    - debian/patches/CVE-2017-5987-*.patch: fix transfer mode register
++      handling in hw/sd/sdhci.c.
++    - CVE-2017-5987
++  * SECURITY UPDATE: DoS via infinite loop in USB OHCI emulation
++    - debian/patches/CVE-2017-6505.patch: limit the number of link eds in
++      hw/usb/hcd-ohci.c.
++    - CVE-2017-6505
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 24 Apr 2017 07:30:11 -0400
++
++qemu (1:2.8+dfsg-3ubuntu2) zesty; urgency=medium
++
++  * d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
++    "spapr/pci: populate PCI DT in reverse order" (LP: #1670481).
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 07 Mar 2017 09:23:08 +0100
++
++qemu (1:2.8+dfsg-3ubuntu1) zesty; urgency=medium
++
++  * Merge with Debian;
++    This fixes several CVEs that were reported against qemu 2.8 and also
++    includes a few important functional backports (LP: #1667033); remaining
++    changes:
++    - add qemu-kvm init script and defaults file
++      (d/qemu-system-common.qemu-kvm.*)
++    - d/rules, d/qemu-kvm-init: add and install script loading kvm
++      modules and handling /etc/default/qemu-kvm
++    - qemu-system-common.preinst: add kvm group if needed
++    - Enable nesting by default on intel.
++      - set default module option
++      - re-load kvm_intel.ko if it was loaded without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
++        default in qemu64 cpu type.
++    - Enable svm by default for qemu64 on amd
++    - d/p/ubuntu/define-ubuntu-machine-types.patch, d/qemu-system-x86.NEWS:
++      define distro machine types to ease future live vm migration (includes
++      all former follow up fixes).
++    - Make qemu-system-common depend on qemu-block-extra
++    - Make qemu-utils depend on qemu-block-extra
++    - s390x support
++      - Create qemu-system-s390x package
++      - Include s390-ccw.img firmware
++    - qemu-system-common.postinst:
++      - change acl placed by udev, and add udevadm trigger.
++    - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
++    - Several changes were applied but missing in the changelog so far
++      - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
++      - arch aware kvm wrapper
++      - update VCS links
++      - let qemu-utils recommend sharutils
++      - disable x32 architecture
++    - Enable seccomp for ppc64el
++    - Enable numa support for s390x
++    - d/qemu-system-common.qemu-kvm.init: fix lintian error type
++      init.d-script-missing-dependency-on-remote_fs
++    - d/qemu-system-common.postinst: fix lintian error type
++      command-with-path-in-maintainer-script
++    - Transition qemu-kvm to a systemd unit
++    - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
++    - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
++      that it shows up where the user expects (sytemctl status, kvm stdout)
++    - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
++    - add arch aware kvm wrapper for s390x
++  * Dropped Changes (in Debian now):
++    - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
++    - d/control-in: change dependencies for fix of wrong acl for newly
++      created device node on ubuntu
++    - have qemu-system-arm suggest: qemu-efi; this should be a stronger
++      relationship, but qemu-efi is still in universe right now.
++    - Disable glusterfs (Universe dependency)
++    - no more skip disable libiscsi on Ubuntu
++    - d/rules, d/control-in: avoid people editing d/control
++  * Added Changes:
++    - d/control: bump libseccomp-dev dependency as enabling libseccomp for
++      power makes 2.3 the minimum level.
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 01 Mar 2017 14:23:16 +0100
++
  qemu (1:2.8+dfsg-3) unstable; urgency=high
    * urgency high due to security fixes
@@ -1998,6 +4970,90 @@ qemu (1:2.8+dfsg-3) unstable; urgency=high
   -- Michael Tokarev <mjt@tls.msk.ru>  Tue, 28 Feb 2017 11:40:18 +0300
++qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=medium
++
++  * Merge with Debian; remaining changes:
++    - add qemu-kvm init script and defaults file
++      (d/qemu-system-common.qemu-kvm.*)
++    - d/rules, d/qemu-kvm-init: add and install script loading kvm
++      modules and handling /etc/default/qemu-kvm
++    - qemu-system-common.preinst: add kvm group if needed
++    - Enable nesting by default on intel.
++      - set default module option
++      - re-load kvm_intel.ko if it was loaded without nested=1
++      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
++        default in qemu64 cpu type.
++    - Enable svm by default for qemu64 on amd
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++      types to ease future live vm migration.
++    - Make qemu-system-common depend on qemu-block-extra
++    - Make qemu-utils depend on qemu-block-extra
++    - s390x support
++      - Create qemu-system-s390x package
++      - Include s390-ccw.img firmware
++    - qemu-system-common.postinst:
++      - change acl placed by udev, and add udevadm trigger.
++      - d/control-in: change dependencies for fix of wrong acl for newly
++        created device node on ubuntu
++    - have qemu-system-arm suggest: qemu-efi; this should be a stronger
++      relationship, but qemu-efi is still in universe right now.
++    - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
++    - Several changes were applied but missing in the changelog so far
++      - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
++      - arch aware kvm wrapper
++      - update VCS links
++      - no more skip disable libiscsi on Ubuntu
++      - let qemu-utils recommend sharutils
++      - disable x32 architecture
++  * Dropped Changes:
++    - Several changes were applied but missing in the changelog so far
++      but are no more needed
++      - no pie for relocatable LD calls, with toolchain defaulting to
++        pie (fixed upstream)
++      - enable libnuma-dev (now in Debian)
++      - transition for moved init scripts (can be dropped after LTS
++        containing >=2.5 which is Xenial)
++      - --enable-seccomp related whitespace change (had no effect)
++    - apport hook for qemu source package (In Debian)
++    - add upstart script (d/qemu-system-common.qemu-kvm.upstart)
++    - d/qemu-system-x86.maintscript: transition off of
++      /etc/init.d/qemu-system-x86 (can be dropped after Xenial)
++    - Enable pie by default, on ubuntu/s390x. (Is the default since
++      >=Xenial, no cloud archive backport <=Xenial to consider)
++    - no pie for relocatable LD calls (fixed upstream in commit
++      7ecf44a5)
++    - CVEs: CVE-2016-5403, CVE-2016-6351, CVE-2016-6490 (now Upstream)
++    - Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
++      (Improved fix included by upstream)
++    - Enable GPU Passthru for ppc64le (is upstream in qemu 2.7)
++    - Fixed wrong migration blocker when vhost is used (is upstream in
++      qemu 2.8)
++  * Added Changes:
++    - d/rules, d/control-in: avoid people editing d/control by warning
++      header and non writable permissions
++    - fixed moving trusty machine type definition which made it
++      ambiguous (LP: #1641532)
++      - d/qemu-system-x86.NEWS describe the issue
++    - Enable seccomp for ppc64el (LP: #1644639)
++    - Enable numa support for s390x
++    - d/qemu-system-common.qemu-kvm.init: fix lintian error type
++      init.d-script-missing-dependency-on-remote_fs
++    - d/qemu-system-common.postinst: fix lintian error type
++      command-with-path-in-maintainer-script
++    - Transition qemu-kvm to a systemd unit
++    - Disable glusterfs (Universe dependency)
++    - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
++    - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
++      that it shows up where the user expects (sytemctl status, kvm stdout)
++    - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
++    - add arch aware kvm wrapper for s390x
++    - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
++    - Enable DDW in Yakkety machine type because "Enable GPU Passthru for
++      ppc64le" was released as part of qemu 2.6 (can be dropped at 18.10,
++      merged in d/p/ubuntu/define-ubuntu-machine-types.patch)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 16 Jan 2017 16:27:11 +0100
++
  qemu (1:2.8+dfsg-2) unstable; urgency=medium
    * Revert "update binfmt registration for mipsn32"
@@ -2116,6 +5172,67 @@ qemu (1:2.7+dfsg-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Fri, 14 Oct 2016 13:31:40 +0300
++qemu (1:2.6.1+dfsg-0ubuntu5) yakkety; urgency=medium
++
++  * No-change rebuild to compile against new libxen version.
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Fri, 30 Sep 2016 14:24:37 +0200
++
++qemu (1:2.6.1+dfsg-0ubuntu4) yakkety; urgency=medium
++
++  * retain older xenial machine type to avoid issues starting guests
++    created on xenial prior to the SRU for bug 1621042. In that regard the old
++    broken xenial machine type and the new fixed one have both to be considered
++    as valid LTS machine types (LP: #1626070).
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 21 Sep 2016 14:57:09 +0200
++
++qemu (1:2.6.1+dfsg-0ubuntu3) yakkety; urgency=medium
++
++  * fix default ubuntu machine types. (LP: #1621042)
++    - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch
++    - remove double default and double ubuntu alias
++    - drop former devel releases utopic, vivid, wily
++    - add xenial and yakkety machine types
++    - add q35 based ubuntu machine type starting at xenial
++    - add ubuntu machine types on ppc64el and s390x starting at xenial
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Mon, 19 Sep 2016 07:50:50 +0200
++
++qemu (1:2.6.1+dfsg-0ubuntu2) yakkety; urgency=medium
++
++  * Enable GPU Passthru for ppc64le (LP: #1541902)
++    - 0001-spapr-ensure-device-trees-are-always-associated-with.patch
++    - 0002-spapr_pci-Use-correct-DMA-LIOBN-when-composing-the-d.patch
++    - 0003-spapr_iommu-Finish-renaming-vfio_accel-to-need_vfio.patch
++    - 0004-spapr_iommu-Move-table-allocation-to-helpers.patch
++    - 0005-vmstate-Define-VARRAY-with-VMS_ALLOC.patch
++    - 0006-spapr_iommu-Introduce-enabled-state-for-TCE-table.patch
++    - 0007-spapr_iommu-Migrate-full-state.patch
++    - 0008-spapr_iommu-Add-root-memory-region.patch
++    - 0009-spapr_pci-Reset-DMA-config-on-PHB-reset.patch
++    - 0010-spapr_pci-Add-and-export-DMA-resetting-helper.patch
++    - 0011-memory-Add-reporting-of-supported-page-sizes.patch
++    - 0012-memory-Add-MemoryRegionIOMMUOps.notify_started-stopp.patch
++    - 0013-intel_iommu-Throw-hw_error-on-notify_started.patch
++    - 0014-spapr_iommu-Realloc-guest-visible-TCE-table-when-sta.patch
++    - 0015-vfio-spapr-Add-DMA-memory-preregistering-SPAPR-IOMMU.patch
++    - 0016-vfio-Add-host-side-DMA-window-capabilities.patch
++    - 0017-vfio-spapr-Create-DMA-window-dynamically-SPAPR-IOMMU.patch
++    - 0018-spapr_pci-spapr_pci_vfio-Support-Dynamic-DMA-Windows.patch
++    - 0019-vfio-spapr-Remove-stale-ioctl-call.patch
++    - 0020-spapr-Fix-undefined-behaviour-in-spapr_tce_reset.patch
++    - 0021-memory-Fix-IOMMU-replay-base-address.patch
++
++ -- Jon Grimm <jon.grimm@canonical.com>  Fri, 16 Sep 2016 14:14:47 -0500
++
++qemu (1:2.6.1+dfsg-0ubuntu1) yakkety; urgency=medium
++
++  * New upstream release. LP: #1617055.
++  * Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Fri, 09 Sep 2016 23:33:57 +0100
++
  qemu (1:2.6+dfsg-3.1) unstable; urgency=high
    * Non-maintainer upload.
@@ -2149,6 +5266,55 @@ qemu (1:2.6+dfsg-3.1) unstable; urgency=high
   -- Andrew James <ajames@hpe.com>  Wed, 14 Sep 2016 00:56:18 -0600
++qemu (1:2.6+dfsg-3ubuntu2) yakkety; urgency=medium
++
++  * SECURITY UPDATE: DoS via unbounded memory allocation
++    - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c.
++    - CVE-2016-5403
++  * SECURITY UPDATE: oob write access while reading ESP command
++    - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for
++      maximum CDB size and handle migration in hw/scsi/esp.c,
++      include/hw/scsi/esp.h, include/migration/vmstate.h.
++    - CVE-2016-6351
++  * SECURITY UPDATE: infinite loop in virtqueue_pop
++    - debian/patches/CVE-2016-6490.patch: check vring descriptor buffer
++      length in hw/virtio/virtio.c.
++    - CVE-2016-6490
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 03 Aug 2016 08:36:16 -0400
++
++qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium
++
++  * Merge with Debian; remaining changes:
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++      types to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
++      to fix errors with missing block backends.
++    - s390x:
++      * Create qemu-system-s390x package
++      * Enable pie by default, on ubuntu/s390x.
++      * Enable svm by default for qemu64 on amd
++      * Include s390-ccw.img firmware
++      * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
++        relationship, but qemu-efi is still in universe right now.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 15 Jun 2016 16:49:49 -0500
++
  qemu (1:2.6+dfsg-3) unstable; urgency=high
    * more security fixes picked from upstream:
@@ -2202,6 +5368,39 @@ qemu (1:2.6+dfsg-2) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Mon, 13 Jun 2016 12:10:44 +0300
++qemu (1:2.6+dfsg-1ubuntu1) yakkety; urgency=medium
++
++  * Merge with Debian; remaining changes:  (LP: #1583775)
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++      types to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
++      to fix errors with missing block backends. (LP: #1495895)
++    - s390x:
++      * Create qemu-system-s390x package
++      * Enable pie by default, on ubuntu/s390x.
++      * Enable svm by default for qemu64 on amd
++      * Include s390-ccw.img firmware
++      * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
++        relationship, but qemu-efi is still in universe right now.
++  * Drop patches which have been applied upstream:
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 19 May 2016 12:11:36 -0500
++
  qemu (1:2.6+dfsg-1) unstable; urgency=medium
    * new upstream release
@@ -2239,6 +5438,106 @@ qemu (1:2.6+dfsg-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Wed, 18 May 2016 14:44:14 +0300
++qemu (1:2.5+dfsg-5ubuntu12) yakkety; urgency=medium
++
++  * Cherrypick upstream patches to support the query-gic-version QMP command
++    (LP: #1566564)
++
++ -- dann frazier <dannf@ubuntu.com>  Tue, 05 Apr 2016 16:56:11 -0600
++
++qemu (1:2.5+dfsg-5ubuntu11) yakkety; urgency=medium
++
++  [Stefan Bader]
++  * Enable svm by default for qemu64 on amd (LP: #1561019)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 22 Apr 2016 16:53:55 -0500
++
++qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium
++
++  * qemu-system-s390x only available on s390x, so qemu-system should only
++    depend on it on this arch.
++  * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
++    relationship, but qemu-efi is still in universe right now.
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Tue, 19 Apr 2016 13:41:37 -0700
++
++qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium
++
++  * And actually ship the right things in qemu-system-s390x.
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Tue, 19 Apr 2016 16:49:00 +0100
++
++qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium
++
++  * Create qemu-system-s390x package on ubuntu only.
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Mon, 18 Apr 2016 10:16:19 +0100
++
++qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium
++
++  * Cherrypick patch from mailing list to fix qemu in sandbox.  (LP: #1560149)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Mon, 11 Apr 2016 15:13:06 -0500
++
++qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium
++
++  * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch
++    (LP: #1556306)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 16 Mar 2016 16:35:22 -0700
++
++qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium
++
++  * Cherrypick upstream patch to fix snapshot regression (LP: #1533728)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Mon, 07 Mar 2016 18:53:34 -0800
++
++qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium
++
++  * d/control{-in}: Re-generate and build with libiscsi-dev now
++    that its in Ubuntu main (LP: #1271653).
++
++ -- James Page <james.page@ubuntu.com>  Wed, 24 Feb 2016 17:59:13 +0000
++
++qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium
++
++  * Make -no-pie conditional, on $(CC) supporting -no-pie flag.
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Wed, 24 Feb 2016 14:40:19 +0000
++
++qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium
++
++  * No-change rebuild for gnutls transition.
++
++ -- Matthias Klose <doko@ubuntu.com>  Wed, 17 Feb 2016 22:27:20 +0000
++
++qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium
++
++  * Merge with Debian; remaining changes:
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++      types to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
++      to fix errors with missing block backends. (LP: #1495895)
++    - Enable pie by default, on ubuntu/s390x.
++    - Include s390-ccw.img firmware.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 09 Feb 2016 10:24:49 -0800
++
  qemu (1:2.5+dfsg-5) unstable; urgency=medium
    * fix misspellings in previous debian/changelog entry
@@ -2296,6 +5595,113 @@ qemu (1:2.5+dfsg-2) unstable; urgency=high
   -- Michael Tokarev <mjt@tls.msk.ru>  Sat, 09 Jan 2016 21:40:43 +0300
++qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium
++
++  * SECURITY UPDATE: paravirtualized drivers incautious about shared memory
++    contents
++    - debian/patches/CVE-2015-8550-1.patch: avoid double access in
++      hw/block/xen_blkif.h.
++    - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in
++      hw/display/xenfb.c.
++    - CVE-2015-8550
++  * SECURITY UPDATE: infinite loop in ehci_advance_state
++    - debian/patches/CVE-2015-8558.patch: make idt processing more robust
++      in hw/usb/hcd-ehci.c.
++    - CVE-2015-8558
++  * SECURITY UPDATE: host memory leakage in vmxnet3
++    - debian/patches/CVE-2015-856x.patch: avoid memory leakage in
++      hw/net/vmxnet3.c.
++    - CVE-2015-8567
++    - CVE-2015-8568
++  * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info
++    - debian/patches/CVE-2015-8613.patch: initialise info object with
++      appropriate size in hw/scsi/megasas.c.
++    - CVE-2015-8613
++  * SECURITY UPDATE: DoS via Human Monitor Interface
++    - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write
++      in hmp.c, include/ui/console.h, ui/input-legacy.c.
++    - CVE-2015-8619
++  * SECURITY UPDATE: incorrect array bounds check in rocker
++    - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds
++      check in hw/net/rocker/rocker.c.
++    - CVE-2015-8701
++  * SECURITY UPDATE: ne2000 OOB r/w in ioport operations
++    - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport
++      operations in hw/net/ne2000.c.
++    - CVE-2015-8743
++  * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands
++    - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on
++      error in hw/ide/ahci.c.
++    - CVE-2016-1568
++  * SECURITY UPDATE: DoS via null pointer dereference in vapic_write()
++    - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in
++      hw/i386/kvmvapic.c.
++    - CVE-2016-1922
++  * SECURITY UPDATE: e1000 infinite loop
++    - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on
++      out-of-bounds transfer start in hw/net/e1000.c
++    - CVE-2016-1981
++  * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB
++    engines
++    - debian/patches/CVE-2016-2197.patch: add check before calling
++      dma_memory_unmap in hw/ide/ahci.c.
++    - CVE-2016-2197
++  * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write
++    - debian/patches/CVE-2016-2198.patch: add capability mmio write
++      function in hw/usb/hcd-ehci.c.
++    - CVE-2016-2198
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 01 Feb 2016 09:39:01 -0500
++
++qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium
++
++  * debian/qemu-kvm-init: Call systemd-detect-virt instead of the
++    Ubuntu specific running-in-container wrapper. (LP: #1539016)
++
++ -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 28 Jan 2016 13:24:51 +0100
++
++qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high
++
++  * Include s390-ccw.img firmware.
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Tue, 12 Jan 2016 15:53:43 +0000
++
++qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium
++
++  * Place qemu-kvm.defaults file in qemu-system-common, next to the init
++    scripts.  Fix the comparison operator when checking KVM_HUGEPAGES.
++    Thanks Simon.  (LP: #1531191)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 06 Jan 2016 09:45:37 -0800
++
++qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium
++
++  * Merge with Debian; remaining changes:
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
++      types to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
++      to fix errors with missing block backends. (LP: #1495895)
++    - Enable pie by default, on ubuntu/s390x.
++  * Drop vGICv3 support patches - all is now upstream
++  * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 05 Jan 2016 15:42:50 -0800
++
  qemu (1:2.5+dfsg-1) unstable; urgency=medium
    * new upstream release
@@ -2322,6 +5728,49 @@ qemu (1:2.5+dfsg-1) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Wed, 16 Dec 2015 20:00:04 +0300
++qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high
++
++  * Enable pie by default, on ubuntu/s390x.
++
++ -- Dimitri John Ledkov <xnox@ubuntu.com>  Mon, 07 Dec 2015 16:04:16 +0000
++
++qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium
++
++  * undo the libseccomp delta from debian.  libseccomp is indeed available
++    on other arches, but we need qemu's configure script to be fixed before
++    we can use it on anything other than amd64|i386.  Fixes FTBFS.
++    (LP: #1522531)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 03 Dec 2015 12:44:46 -0600
++
++qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium
++
++  * Merge with Debian; remaining changes:
++    - Update the ubuntu machine types patch to reflect upstream churn
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
++      to fix errors with missing block backends. (LP: #1495895)
++    - control-in: build with libseccomp an all architectures
++    - Add vGICv3 support
++
++ -- Matthias Klose <doko@ubuntu.com>  Wed, 02 Dec 2015 21:31:36 +0100
++
  qemu (1:2.4+dfsg-5) unstable; urgency=medium
    * trace-remove-malloc-tracing.patch from upstream.
@@ -2334,6 +5783,57 @@ qemu (1:2.4+dfsg-5) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Sun, 29 Nov 2015 12:22:52 +0300
++qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium
++
++  * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
++    - debian/patches/CVE-2015-7504.patch: leave room for CRC code in
++      hw/net/pcnet.c.
++    - CVE-2015-7504
++  * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
++    - debian/patches/CVE-2015-7512.patch: check packet length in
++      hw/net/pcnet.c.
++    - CVE-2015-7512
++  * SECURITY UPDATE: infinite loop in eepro100
++    - debian/patches/CVE-2015-8345.patch: prevent endless loop in
++      hw/net/eepro100.c.
++    - CVE-2015-8345
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 01 Dec 2015 13:36:40 -0500
++
++qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium
++
++  * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition.
++
++ -- dann frazier <dann.frazier@canonical.com>  Tue, 03 Nov 2015 08:05:46 -0700
++
++qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium
++
++  * Merge 2.4 from unstable.  Remaining changes:
++    - Update the ubuntu machine types patch to reflect upstream churn
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
++      to fix errors with missing block backends. (LP: #1495895)
++    - control-in: build with libseccomp an all architectures.
++  * Add vGICv3 support
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 27 Oct 2015 13:28:58 -0500
++
  qemu (1:2.4+dfsg-4) unstable; urgency=medium
    * applied 3 patches from upstream to fix virtio-net
@@ -2348,7 +5848,7 @@ qemu (1:2.4+dfsg-3) unstable; urgency=high
      fix for Heap overflow vulnerability in ne2000_receive() function
      (Closes: #799074 CVE-2015-5279)
    * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch
--    (Closes: #799073 CVE-2015-5278)
++    (Closes: #799073 CVE-2015-5278)
    * some binfmt reorg:
     - extend aarch64 to include one more byte as other arches do
     - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize
@@ -2400,6 +5900,137 @@ qemu (1:2.3+dfsg-6) unstable; urgency=high
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 11 Jun 2015 20:03:40 +0300
++qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium
++
++  * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466)
++
++ -- Ryan Harper <ryan.harper@canonical.com>  Wed, 21 Oct 2015 08:59:29 -0500
++
++qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low
++
++  * debian/patches/upstream-fix-irq-route-entries.patch
++    Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed"
++    (LP: #1465935)
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Fri, 09 Oct 2015 15:38:53 +0200
++
++qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium
++
++  * Build using libseccomp on all architectures.
++
++ -- Matthias Klose <doko@ubuntu.com>  Sat, 03 Oct 2015 21:12:15 +0200
++
++qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium
++
++  * SECURITY UPDATE: denial of service via NE2000 driver
++    - debian/patches/CVE-2015-5278.patch: fix infinite loop in
++      hw/net/ne2000.c.
++    - CVE-2015-5278
++  * SECURITY UPDATE: denial of service and possible code execution via
++    heap overflow in NE2000 driver
++    - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in
++      hw/net/ne2000.c.
++    - CVE-2015-5279
++  * SECURITY UPDATE: denial of service via e1000 infinite loop
++    - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c.
++    - CVE-2015-6815
++  * SECURITY UPDATE: denial of service via illegal ATAPI commands
++    - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in
++      hw/ide/core.c.
++    - CVE-2015-6855
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 23 Sep 2015 15:05:51 -0400
++
++qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium
++
++  * Make qemu-system-common and qemu-utils depend on qemu-block-extra
++    to fix errors with missing block backends. (LP: #1495895)
++  * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655)
++  * Apply fix for memory corruption during live-migration in tcg mode
++    (LP: #1493049)
++  * Apply tracing patch to remove use of custom vtable in newer glibc
++    (LP: #1491972)
++
++ -- Ryan Harper <ryan.harper@canonical.com>  Tue, 15 Sep 2015 09:37:23 -0500
++
++qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium
++
++  * Import qcow2-handle-eagain-from-update_refcount from upstream
++    to fix errors when using qemu-img convert -c.  (LP: #1491050)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 04 Sep 2015 16:35:56 -0500
++
++qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium
++
++  * SECURITY UPDATE: process heap memory disclosure
++    - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c.
++    - CVE-2015-5165
++  * SECURITY UPDATE: privilege escalation via block device unplugging
++    - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend
++      in hw/ide/piix.c.
++    - CVE-2015-5166
++  * SECURITY UPDATE: privilege escalation via memory corruption in vnc
++    - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply
++      limits in ui/vnc.c.
++    - CVE-2015-5225
++  * SECURITY UPDATE: denial of service via virtio-serial
++    - debian/patches/CVE-2015-5745.patch: don't assume a specific layout
++      for control messages in hw/char/virtio-serial-bus.c.
++    - CVE-2015-5745
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 25 Aug 2015 09:38:43 -0400
++
++qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium
++
++  * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
++    - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
++    - CVE-2015-3214
++  * SECURITY UPDATE: heap overflow when processing ATAPI commands
++    - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
++      hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
++    - CVE-2015-5154
++  * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
++    - debian/patches/CVE-2015-5158.patch: check length in
++      hw/scsi/scsi-bus.c.
++    - CVE-2015-5158
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 27 Jul 2015 10:07:05 -0400
++
++qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium
++
++  * SECURITY UPDATE: heap overflow in PCNET controller
++    - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c.
++    - CVE-2015-3209
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 11 Jun 2015 14:25:05 -0400
++
++qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium
++
++  * Merge 1:2.3+dfsg-5 from Debian.
++  * Remaining changes:
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++  * Refreshed patches:
++    - ubuntu/expose-vmx_qemu64cpu.patch
++    - ubuntu/define-ubuntu-machine-types.patch
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 10 Jun 2015 14:28:39 -0500
++
  qemu (1:2.3+dfsg-5) unstable; urgency=high
    * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch
@@ -2411,6 +6042,35 @@ qemu (1:2.3+dfsg-5) unstable; urgency=high
   -- Michael Tokarev <mjt@tls.msk.ru>  Wed, 03 Jun 2015 17:18:58 +0300
++qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium
++
++  * Merge 1:2.3+dfsg-4 from Debian.
++  * Remaining changes:
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++  * Dropped all patches which are applied upstream
++  * Move the upstart jobs to a generic script
++    - add new qemu-kvm-init script
++    - call that from upstart and sysvrc qemu-kvm scripts
++    - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc}
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 03 Jun 2015 13:36:36 -0500
++
  qemu (1:2.3+dfsg-4) unstable; urgency=medium
    * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch:
@@ -2472,6 +6132,98 @@ qemu (1:2.2+dfsg-6exp) experimental; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Fri, 17 Apr 2015 21:54:53 +0300
++qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium
++
++  * SECURITY UPDATE: denial of service in vnc web
++    - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket
++      frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h.
++    - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from
++      websockets clients in ui/vnc-ws.c.
++    - CVE-2015-1779
++  * SECURITY UPDATE: host code execution via floppy device (VEMON)
++    - debian/patches/CVE-2015-3456.patch: force the fifo access to be in
++      bounds of the allocated buffer in hw/block/fdc.c.
++    - CVE-2015-3456
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 13 May 2015 07:25:59 -0400
++
++qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low
++
++  * CVE-2015-2756 / XSA-126
++    - xen: limit guest control of PCI command register
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Wed, 08 Apr 2015 10:17:45 +0200
++
++qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium
++
++  * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not
++    accidentally create /1
++
++ -- Steve Beattie <sbeattie@ubuntu.com>  Thu, 12 Mar 2015 16:46:51 -0700
++
++qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low
++
++  * No-change rebuild to pull in libxl-4.5 (take 2: step to the right).
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Thu, 26 Feb 2015 08:55:35 +0100
++
++qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low
++
++  * No-change rebuild to pull in libxl-4.5.
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Wed, 25 Feb 2015 13:58:37 +0100
++
++qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium
++
++  * debian/control-in: enable numa on architectures where numa is built
++    (LP: #1417937)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 12 Feb 2015 23:18:58 -0600
++
++qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium
++
++  [Scott Moser]
++  * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa
++    profile when started by libvirt.
++
++  [Serge Hallyn]
++  * add symlink qemu-system-ppc64le -> qemu-system-ppc64
++  * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script
++    (LP: #1419855)
++
++  [Chris J Arges]
++  * Determine if we are running inside a virtual environment. If running inside
++    a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 12 Feb 2015 13:04:21 -0600
++
++qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium
++
++  * Merge 1:2.2+dfsg-5exp from Debian.  (LP: #1409308)
++    - debian/rules: do not drop the init scripts loading kvm modules
++      (still needed in precise in cloud archive)
++  * Remaining changes:
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++  * Dropped all patches which are applied upstream
++  * Update ubuntu-vivid machine type to default to std graphics (following
++    upstream's lead for pc-i440fx-2.2 machine type)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Mon, 09 Feb 2015 22:31:09 -0600
++
  qemu (1:2.2+dfsg-5exp) experimental; urgency=medium
    * fix initscript removal once again
@@ -2521,6 +6273,47 @@ qemu (2.2+dfsg-1exp) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Tue, 09 Dec 2014 23:09:26 +0300
++qemu (1:2.1+dfsg-11ubuntu2) vivid; urgency=medium
++
++  * Cherrypick upstream patch needed to allow ESx hosts to run under
++    kvm (LP: #1411575)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 16 Jan 2015 16:32:48 -0600
++
++qemu (1:2.1+dfsg-11ubuntu1) vivid; urgency=medium
++
++  * Merge 2.1+dfsg-11.  Remaining changes:
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - debian/qemu-system-alternatives.in: use a later version as ubuntu
++      removed the alternatives bit later.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - debian/binfmt-update-in: support ppcle
++      * debian/binfmt-update-in
++      * Support-ppcle.patch
++    - Upstream patches to fix AArch64 emulation ignoring SPSel=0:
++      * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
++      * d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
++      * d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
++  * Dropped patches (upstream or now in debian's tree):
++    - upstream-xen_disk-fix-unmapping-of-persistent-grants.patch
++    - CVE-2014-7840.patch
++    - CVE-2014-8106.patch
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 17 Dec 2014 13:57:34 -0600
++
  qemu (1:2.1+dfsg-11) unstable; urgency=medium
    * bump epoch and reupload to cancel 2.2+dfsg-1exp upload
@@ -2590,6 +6383,81 @@ qemu (2.1+dfsg-8) unstable; urgency=low
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 27 Nov 2014 18:32:45 +0300
++qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium
++
++  * SECURITY UPDATE: code execution via savevm data
++    - debian/patches/CVE-2014-7840.patch: validate parameters in
++      arch_init.c.
++    - CVE-2014-7840
++  * SECURITY UPDATE: code execution via cirrus vga blit regions
++    (LP: #1400775)
++    - debian/patches/CVE-2014-8106.patch: properly validate blit regions in
++      hw/display/cirrus_vga.c.
++    - CVE-2014-8106
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 11 Dec 2014 14:11:52 -0500
++
++qemu (2.1+dfsg-7ubuntu4) vivid; urgency=low
++
++  * d/rules: Fix vendor check to make kvm-spice symlinks (DEB_VENDOR got
++    dropped and VENDOR now will be all capital UBUNTU).
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Mon, 08 Dec 2014 14:45:31 +0100
++
++qemu (2.1+dfsg-7ubuntu3) vivid; urgency=medium
++
++  * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
++    d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
++    d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
++    Cherry-pick of upstream patches in order to fix AArch64 emulation ignoring
++    SPSel=0 in certain conditions. (LP: #1349277)
++
++ -- Chris J Arges <chris.j.arges@canonical.com>  Thu, 04 Dec 2014 14:17:01 -0600
++
++qemu (2.1+dfsg-7ubuntu2) vivid; urgency=low
++
++  * d/p/upstream-xen_disk-fix-unmapping-of-persistent-grants.patch:
++    Cherry-pick of qemu-upstream patch to fix issues with persistent
++    grants and the PV backend (Qdisk) (LP: #1394327).
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Fri, 28 Nov 2014 13:14:37 +0100
++
++qemu (2.1+dfsg-7ubuntu1) vivid; urgency=medium
++
++  * Merge 2.1+dfsg-7.  Remaining changes:
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - debian/qemu-system-alternatives.in: use a later version as ubuntu
++      removed the alternatives bit later.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - debian/binfmt-update-in: support ppcle
++      * debian/binfmt-update-in
++      * Support-ppcle.patch
++  * Dropped patches (upstream or now in debian's tree):
++    - pc-reserve-more-memory-for-acpi.patch
++    - CVE-2014-5388.patch
++    - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap and
++      502-block-raw-posic-use-seek-hole-ahead-of-fiemap (combined
++      in debian)
++    - CVE-2014-3615.patch
++    - CVE-2014-3640.patch
++    - CVE-2014-3689.patch
++    - CVE-2014-7815.patch
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Sat, 22 Nov 2014 18:36:53 -0600
++
  qemu (2.1+dfsg-7) unstable; urgency=high
    * urgency is high due to 2 security fixes
@@ -2641,6 +6509,119 @@ qemu (2.1+dfsg-5) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Fri, 26 Sep 2014 17:43:26 +0400
++qemu (2.1+dfsg-4ubuntu9) vivid; urgency=medium
++
++  * SECURITY UPDATE: information disclosure via vga driver
++    - debian/patches/CVE-2014-3615.patch: return the correct memory size,
++      sanity check register writes, and don't use fixed buffer sizes in
++      hw/display/qxl.c, hw/display/vga.c, hw/display/vga_int.h,
++      ui/spice-display.c.
++    - CVE-2014-3615
++  * SECURITY UPDATE: denial of service via slirp NULL pointer deref
++    - debian/patches/CVE-2014-3640.patch: make sure socket is not just a
++      stub in slirp/udp.c.
++    - CVE-2014-3640
++  * SECURITY UPDATE: possible privilege escalation via vmware-vga driver
++    - debian/patches/CVE-2014-3689.patch: verify rectangles in
++      hw/display/vmware_vga.c.
++    - CVE-2014-3689
++  * SECURITY UPDATE: denial of service via VNC console
++    - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in
++      ui/vnc.c.
++    - CVE-2014-7815
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 13 Nov 2014 07:31:03 -0500
++
++qemu (2.1+dfsg-4ubuntu8) vivid; urgency=medium
++
++  * Support qemu-kvm on x32, arm64, ppc64 and pp64el architectures
++    (LP: #1389897)  (Patch thanks to mwhudson, BenC, and infinity)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 11 Nov 2014 15:51:47 -0600
++
++qemu (2.1+dfsg-4ubuntu7) vivid; urgency=medium
++
++  * Apply two patches to fix intermittent qemu-img corruption
++    (LP: #1368815)
++    - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap
++    - 502-block-raw-posic-use-seek-hole-ahead-of-fiemap
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 29 Oct 2014 22:31:43 -0500
++
++qemu (2.1+dfsg-4ubuntu6) utopic; urgency=medium
++
++  * debian/control: slof is moving into main, so we can depend on qemu-slof as
++    debian does.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 15 Oct 2014 22:01:27 +0200
++
++qemu (2.1+dfsg-4ubuntu5) utopic; urgency=medium
++
++  * debian/binfmt-update-in: don't blacklist ppc64le on ppc64 and vice
++    versa.
++  * Drop Support-ppc64le.pach, as that architecture appears to not exist yet.
++  * update d/p/ubuntu/define-ubuntu-machine-types.patch to keep -M pc pointing
++    to latest upstream machine type, rather than distro one.  Add 'ubuntu'
++    machine type for that.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Mon, 06 Oct 2014 13:41:31 -0500
++
++qemu (2.1+dfsg-4ubuntu4) utopic; urgency=medium
++
++  * debian/qemu-system-x86.qemu-kvm.upstart: create /dev/kvm in a
++    container. (LP: #1370199)
++  * load kvm module on ppc64le at boot (LP: #1369785)
++    - debian/rules: install qemu-kvm on ppc64el
++    - add debian/qemu-system-ppc.qemu-kvm.{upstart,default} to autoload the
++      kvm-hv module if available
++  * qemu-system-x86.maintscript: remove accidentally installed
++    /etc/init.d/qemu-system-x86 (from 2.0.0+dfsg-6ubuntu1 and a few earlier)
++  * rename qemu-system-x86 init script to qemu-kvm so it gets installed in
++    ubuntu.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 17 Sep 2014 14:20:12 -0500
++
++qemu (2.1+dfsg-4ubuntu3) utopic; urgency=medium
++
++  * Re-stick the trusty machine type to 2.0 (where it must always stay) and
++    define a new, default, pc-i440fx-utopic machine type (LP: #1369481)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Mon, 15 Sep 2014 14:04:57 -0500
++
++qemu (2.1+dfsg-4ubuntu2) utopic; urgency=medium
++
++  * move kvm_intel nested setting to qemu-system-x86.postinst.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 12 Sep 2014 23:12:52 +0000
++
++qemu (2.1+dfsg-4ubuntu1) utopic; urgency=medium
++
++  * Merge new debian release
++  * Remaining changes:
++    - qemu-system-common.postinst:
++      * remove acl placed by udev, and add udevadm trigger.
++      * reload kvm_intel if needed to set nested=1
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - debian/qemu-system-alternatives.in: use a later version as ubuntu
++      removed the alternatives bit later.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++    - debian/binfmt-update-in: support ppcle
++      * debian/binfmt-update-in
++      * Support-ppcle.patch
++    - d/p/CVE-2014-5388.patch
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 09 Sep 2014 17:56:15 -0500
++
  qemu (2.1+dfsg-4) unstable; urgency=medium
    * mention libnuma-dev but not enable for now
@@ -2658,6 +6639,59 @@ qemu (2.1+dfsg-4) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Sun, 31 Aug 2014 09:32:59 +0400
++qemu (2.1+dfsg-3ubuntu4) utopic; urgency=medium
++
++  * SECURITY UPDATE: memory disclosure via out-of-bounds array access
++    - debian/patches/CVE-2014-5388.patch: fix check in hw/acpi/pcihp.c.
++    - CVE-2014-5388
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 09 Sep 2014 08:26:24 -0400
++
++qemu (2.1+dfsg-3ubuntu3) utopic; urgency=medium
++
++  * replace d/p/revert-acpi-table-size-bump with
++    pc-reserve-more-memory-for-acpi.patch from upstream
++  * debian/binfmt-update-in
++    - don't run in a container
++    - add ppc64le as target (LP: #1358268)
++  * Add experimental ppcle support (LP: #1358268)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 27 Aug 2014 18:24:32 -0500
++
++qemu (2.1+dfsg-3ubuntu2) utopic; urgency=medium
++
++  * revert-acpi-table-size-bump - get qemu -kernel working again.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 15 Aug 2014 15:33:24 -0500
++
++qemu (2.1+dfsg-3ubuntu1) utopic; urgency=medium
++
++  * Merge new debian release
++  * Remaining changes:
++    - control-in: stick to libsdl1.2-dev.
++    - qemu-system-common.install: add debian/tmp/usr/lib to install the
++      qemu-bridge-helper
++    - qemu-system-common.postinst: remove acl placed by udev,
++      and add udevadm trigger.
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - debian/qemu-system-alternatives.in: use a later version as ubuntu
++      removed the alternatives bit later.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++  * Upstart job: use getent group to check for kvm group
++  * apport: 'qemu' doesn't exist any more, so check for any qemu* tasks
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 15 Aug 2014 08:44:54 -0500
++
  qemu (2.1+dfsg-3) unstable; urgency=medium
    * set SHELL = /bin/sh -e, so that more complex shell constructs
@@ -2684,6 +6718,42 @@ qemu (2.1+dfsg-3) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 14 Aug 2014 14:30:24 +0400
++qemu (2.1+dfsg-2ubuntu2) utopic; urgency=medium
++
++  * reload kvm_intel if needed to set the nested=Y flag (LP: #1324174)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Mon, 11 Aug 2014 12:58:50 -0500
++
++qemu (2.1+dfsg-2ubuntu1) utopic; urgency=medium
++
++  * Merge new debian release
++  * Remaining changes:
++    - qemu-system-x86.links: add eepro100.rom link, drop links which we
++      have in ipxe-qemu package.
++    - control-in: stick to libsdl1.2-dev.
++    - qemu-system-common.install: add debian/tmp/usr/lib to install the
++      qemu-bridge-helper
++    - qemu-system-common.postinst: remove acl placed by udev,
++      and add udevadm trigger.
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - debian/rules: add qemu-kvm-spice
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - binfmt-update-in: make sure to filter out compat arches.
++    - debian/qemu-system-alternatives.in: use a later version as ubuntu
++      removed the alternatives bit later.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - apport hook for qemu source package: d/source_qemu-kvm.py,
++      d/qemu-system-common.install
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 05 Aug 2014 13:53:06 -0500
++
  qemu (2.1+dfsg-2) unstable; urgency=medium
    * l2tp-linux-only.patch: fix FTBFS on kfreebsd
@@ -2718,7 +6788,7 @@ qemu (2.1+dfsg-1) unstable; urgency=medium
  qemu (2.0.0+dfsg-7) unstable; urgency=medium
--  * clarify description of qemu-user-binfmt a bit
++  * clarify description of qemu-user-binfmt a bit
    * build-depend on acpica-tools (iasl) in order to rebuild .dsl files
    * remove qemu-keymaps package, since it is not used by other tools
      anymore, and ship keymaps in qemu-system-common.
@@ -2735,6 +6805,43 @@ qemu (2.0.0+dfsg-7) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 24 Jul 2014 16:51:16 +0400
++qemu (2.0.0+dfsg-6ubuntu2) utopic; urgency=medium
++
++  * d/qemu-system-x86.qemu-kvm.upstart: change the early-exit check from
++    /usr/bin/kvm to qemu-system-x86_64. (LP: #1348551)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 25 Jul 2014 08:35:02 -0500
++
++qemu (2.0.0+dfsg-6ubuntu1) utopic; urgency=medium
++
++  * Merge 2.0.0+dfsg-6.  Remaining changes:
++    - qemu-system-x86.links: add eepro100.rom link, drop links which we
++      have in ipxe-qemu package.
++    - control-in: stick to libgnutls-dev and libsdl1.2-dev.
++    - qemu-system-common.install: add debian/tmp/usr/lib to install the
++      qemu-bridge-helper
++    - qemu-system-common.postinst: remove acl placed by udev,
++      and add udevadm trigger.
++    - qemu-system-common.preinst: add kvm group if needed
++    - add qemu-kvm upstart job and defaults file (rules,
++      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
++    - debian/rules: add qemu-kvm-spice
++    - rules,qemu-system-x86.modprobe: support use under older udevs which
++      do not auto-load the kvm kernel module.  Enable nesting by default
++      on intel.
++    - binfmt-update-in: make sure to filter out compat arches.
++    - debian/qemu-system-alternatives.in: use a later version as ubuntu
++      removed the alternatives bit later.
++    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
++      in qemu64 cpu type.
++    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
++      machine type to ease future live vm migration.
++    - re-introduce apport hook for qemu source package:
++      d/source_qemu-kvm.py, d/qemu-system-common.install
++  * enable-build-dep on libjpeg8-dev - which is now in main
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Mon, 23 Jun 2014 14:52:54 -0500
++
  qemu (2.0.0+dfsg-6) unstable; urgency=medium
    * build-depend on libgnutls28-dev not libgnutls-dev
@@ -2778,6 +6885,59 @@ qemu (2.0.0+dfsg-3) unstable; urgency=low
   -- Michael Tokarev <mjt@tls.msk.ru>  Mon, 21 Apr 2014 12:34:03 +0400
++qemu (2.0.0+dfsg-2ubuntu3) utopic; urgency=medium
++
++  * remove alternatives for qemu: different architectures
++    aren't really alternatives and never had been  (LP: #1316829)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 07 May 2014 15:12:33 +0000
++
++qemu (2.0.0+dfsg-2ubuntu2) utopic; urgency=medium
++
++  * debian/rules: install the proper /etc/init/qemu-kvm.conf (LP: #1315402)
++  * debian/control: drop the versioning requirement from libfdt-dev
++    build-dependency, as it is longer needed (LP: #1295072)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 02 May 2014 11:43:44 -0500
++
++qemu (2.0.0+dfsg-2ubuntu1) trusty-proposed; urgency=medium
++
++  * Merge 2.0.0+dfsg-2
++  * Incorporates a fix for spice users (LP: #1309452)
++  * drop patch kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch, as
++    the regression requiring it was reverted for 2.0 upstream.
++  * remove qemu-system-common depends on the qemu-system-aarch64 metapackage
++  * debian/qemu-debootstrap: add arm64
++  * Remaining changes from debian:
++    - keep qemu 'alternative' (not something to change in SRU)
++    - debian/control and debian/control-in:
++      * versioned libfdt-dev check, until libfdt is fixed in precise
++      * enable rbd
++      * remove ovmf Recommends, as it is in multiverse
++      * use libsdl1.2, not libsdl2, since libsdl2-dev is in universe
++      * add a qemu-system-aarch64 metapackage for transitions from trusty
++        development version.  This can be removed after trusty.
++    - qemu-system-common.install: add debian/tmp/usr/lib to install the
++      qemu-bridge-helper
++    - qemu-system-common.postinst: fix /dev/kvm acls
++    - qemu-system-common.preinst: add kvm group if needed
++    - qemu-system-x86.links: add eepro100.rom link, drop links which we
++      have in ipxe-qemu package.
++    - qemu-system-x86.modprobe: set module options for older releases
++    - qemu-system-x86.qemu-kvm.default: defaults for the upstart job
++    - qemu-system-x86.qemu-kvm.upstart: qemu-kvm upstart job
++    - qemu-user-static.postinst-in: remove qemu-arm64-static on arm64
++    - debian/rules
++      * add legacy kvm-spice link
++      * fix ppc and arm slections
++      * add aarch64 to user_targets
++    - debian/patches/ubuntu/define-trusty-machine-type.patch: define a
++      pc-i440fx-trusty machine type as the default.
++    - debian/patches/ubuntu/expose-vmx_qemu64cpu.patch: support nesting by
++      default in qemu64 cpu time.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 18 Apr 2014 09:23:27 -0500
++
  qemu (2.0.0+dfsg-2) unstable; urgency=medium
    * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current
@@ -2803,7 +6963,7 @@ qemu (2.0.0+dfsg-1) unstable; urgency=low
    * kmod dependency is linux-any
    * doc-grammify-allows-to.patch: fix some lintian warnings
    * remove alternatives for qemu: different architectures
--    aren't really alternatives and never had been
++    aren't really alternatives and never had been
    * update Standards-Version to 3.9.5 (no changes needed)
    * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff -
      fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1
@@ -2837,6 +6997,50 @@ qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low
   -- Michael Tokarev <mjt@tls.msk.ru>  Sat, 05 Apr 2014 16:23:48 +0400
++qemu (2.0.0~rc1+dfsg-0ubuntu3) trusty; urgency=medium
++
++  * d/p/ubuntu/kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch
++    don't abort() just because the kernel has no dirty bitmap.
++    (LP: #1303926)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 08 Apr 2014 22:32:00 -0500
++
++qemu (2.0.0~rc1+dfsg-0ubuntu2) trusty; urgency=medium
++
++  * define-trusty-machine-type.patch: update the trusty machine type name to
++    pc-i440fx-trusty (LP: #1304107)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 08 Apr 2014 11:49:04 -0500
++
++qemu (2.0.0~rc1+dfsg-0ubuntu1) trusty; urgency=medium
++
++  * Merge 2.0.0-rc1
++  * debian/rules: consolidate ppc filter entries.
++  * Move qemu-system-arch64 into qemu-system-arm
++  * debian/patches/define-trusty-machine-type.patch: define a trusty machine
++    type, currently the same as pc-i440fx-2.0, to put is in a better position
++    to enable live migrations from trusty onward.  (LP: #1294823)
++  * debian/control: build-dep on libfdt >= 1.4.0  (LP: #1295072)
++  * Merge latest upstream git to commit dc9528f
++  * Debian/rules:
++    - remove -enable-uname-release=2.6.32
++    - don't make the aarch64 target Ubuntu-specific.
++  * Remove patches which are now upstream:
++    - fix-smb-security-share.patch
++    - slirp-smb-redirect-port-445-too.patch
++    - linux-user-Implement-sendmmsg-syscall.patch (better version is upstream)
++    - signal-added-a-wrapper-for-sigprocmask-function.patch
++    - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
++    - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
++    - ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch
++  * add link for /usr/share/qemu/bios-256k.bin
++  * Remove all linaro patches.
++  * Remove all arm64/ patches.  Many but not all are upstream.
++  * Remove CVE-2013-4377.patch which is upstream.
++  * debian/control-in: don't make qemu-system-aarch64 ubuntu-specific
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 25 Feb 2014 22:31:43 -0600
++
  qemu (1.7.0+dfsg-9) unstable; urgency=medium
    * remove rbd/rados/ceph support *again*, till they'll actually provide
@@ -2901,6 +7105,104 @@ qemu (1.7.0+dfsg-4) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Wed, 12 Mar 2014 18:34:03 +0400
++qemu (1.7.0+dfsg-3ubuntu7) trusty; urgency=low
++
++  * No-change rebuild to build with libxen-4.4.
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Fri, 21 Mar 2014 10:04:36 +0100
++
++qemu (1.7.0+dfsg-3ubuntu6) trusty; urgency=medium
++
++  * d/p/ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch: cherrypick
++    upstream patch to force cpu count on ppc to be a power of 2. (LP: #1279682)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 11 Mar 2014 00:03:00 -0500
++
++qemu (1.7.0+dfsg-3ubuntu5) trusty; urgency=medium
++
++  [ dann frazier ]
++  * Add patches from the susematz tree to avoid intermittent segfaults:
++     - ubuntu/signal-added-a-wrapper-for-sigprocmask-function.patch
++     - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
++     - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
++
++  [ Serge Hallyn ]
++  * Modify do_sigprocmask to only change behavior for aarch64.
++    (LP: #1285363)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 06 Mar 2014 16:15:50 -0600
++
++qemu (1.7.0+dfsg-3ubuntu4) trusty; urgency=medium
++
++  [ Steve Langasek ]
++  * Merge debian/control with unreleased Debian branch: our architecture
++    lists should now be in sync.
++
++  [ Dann Frazier ]
++  * ubuntu/linux-user-Implement-sendmmsg-syscall.patch: Fix user mode DNS
++    on arm64 and maybe others. (LP: #1284344)
++
++  [ Serge Hallyn ]
++  * Move the OVMF.fd link to the ovmf package.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 21 Feb 2014 12:14:53 -0800
++
++qemu (1.7.0+dfsg-3ubuntu3) trusty; urgency=medium
++
++  * Add ppc64el to the architecture list (supposedly added in the previous
++    upload, but really wasn't).
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Thu, 20 Feb 2014 23:40:07 -0800
++
++qemu (1.7.0+dfsg-3ubuntu2) trusty; urgency=medium
++
++  * Backport changes to enable qemu-user-static support for aarch64
++  * debian/control: add ppc64el to Architectures
++  * debian/rules: only install qemu-system-aarch64 on arm64.
++    Fixes a FTBFS  when built twice in a row on non-arm64 due to a stale
++    debian/qemu-system-aarch64 directory
++
++ -- dann frazier <dann.frazier@canonical.com>  Tue, 11 Feb 2014 15:41:53 -0700
++
++qemu (1.7.0+dfsg-3ubuntu1) trusty; urgency=medium
++
++  * Fix broken filter_binfmts
++  * Remove use of dpkg-version in postinsts, as we're not Depending on
++    dpkg-dev.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 05 Feb 2014 21:57:38 -0600
++
++qemu (1.7.0+dfsg-3ubuntu1~ppa1) trusty; urgency=medium
++
++  * Merge 1.7.0+dfsg-3 from debian.  Remaining changes:
++    - debian/patches/ubuntu:
++      * expose-vmx_qemu64cpu.patch
++      * linaro (omap3) and arm64 patches
++      * ubuntu/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS
++        on ppc
++      * ubuntu/CVE-2013-4377.patch: fix denial of service via virtio
++    - debian/qemu-system-x86.modprobe: set kvm_intel nested=1 options
++    - debian/control:
++      * add arm64 to Architectures
++      * add qemu-common and qemu-system-aarch64 packages
++    - debian/qemu-system-common.install: add debian/tmp/usr/lib
++    - debian/qemu-system-common.preinst: add kvm group
++    - debian/qemu-system-common.postinst: remove acl placed by udev,
++      and add udevadm trigger.
++    - qemu-system-x86.links: add eepro100.rom, remove pxe-virtio,
++      pxe-e1000 and pxe-rtl8139.
++    - add qemu-system-x86.qemu-kvm.upstart and .default
++    - qemu-user-static.postinst-in: remove arm64 binfmt
++    - debian/rules:
++      * allow parallel build
++      * add aarch64 to system_targets and sys_systems
++      * add qemu-kvm-spice links
++      * install qemu-system-x86.modprobe
++    - add debian/qemu-system-common.links for OVMF.fd link
++  * Remove kvm-img, kvm-nbd, kvm-ifup and kvm-ifdown symlinks.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 04 Feb 2014 12:13:08 -0600
++
  qemu (1.7.0+dfsg-3) unstable; urgency=low
    * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86
@@ -2926,6 +7228,121 @@ qemu (1.7.0+dfsg-3) unstable; urgency=low
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 16 Jan 2014 15:17:46 +0400
++qemu (1.7.0+dfsg-2ubuntu9) trusty; urgency=medium
++
++  * debian/qemu-user-static.postinst-in: remove arm64 qemu-user binfmt, which
++    may have been installed up to 1.6.0+dfsg-2ubuntu4 (LP: #1273654)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 28 Jan 2014 14:41:20 +0000
++
++qemu (1.7.0+dfsg-2ubuntu8) trusty; urgency=medium
++
++  * SECURITY UPDATE: denial of service via virtio device hot-plugging
++    - debian/patches/CVE-2013-4377.patch: upstream commits to refactor
++      virtio device unplugging.
++    - CVE-2013-4377
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 27 Jan 2014 09:10:37 -0500
++
++qemu (1.7.0+dfsg-2ubuntu7) trusty; urgency=medium
++
++  * d/p/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS on
++    powerpc.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 22 Jan 2014 11:59:26 -0600
++
++qemu (1.7.0+dfsg-2ubuntu6) trusty; urgency=medium
++
++  [ Serge Hallyn ]
++  * add arm64 patchset from upstream.  The three arm virt patches previously
++    pushed are in that set, so drop them.
++
++  [ dann frazier ]
++  * Add packaging for qemu-system-aarch64. This package is currently only
++    available for arm64, as full software emulation is not yet supported.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 10 Jan 2014 12:19:08 -0600
++
++qemu (1.7.0+dfsg-2ubuntu5) trusty; urgency=medium
++
++  * Drop d/p/fix-pci-add: upstream does not intend for pci_add to be
++    supported any longer.
++  * Add patchset from git://git.linaro.org/qemu/qemu-linaro.git#rebasing
++  * Refresh debian/patches/hw_arm_add_virt_platform.patch against context
++    churn caused by linaro patchset.
++  * debian/rules: enable parallel builds.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 03 Jan 2014 10:53:17 -0600
++
++qemu (1.7.0+dfsg-2ubuntu4) trusty; urgency=medium
++
++  * d/control: enable usbredir (LP: 1126390)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 02 Jan 2014 08:55:43 -0600
++
++qemu (1.7.0+dfsg-2ubuntu3) trusty; urgency=medium
++
++  * add missing arm virt patches from the mach-virt-v7 branch of
++    git://git.linaro.org/people/cdall/qemu-arm.git
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 18 Dec 2013 12:25:59 -0600
++
++qemu (1.7.0+dfsg-2ubuntu2) trusty; urgency=medium
++
++  * debian/control: add arm64 to list of architectures.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 12 Dec 2013 10:22:47 -0600
++
++qemu (1.7.0+dfsg-2ubuntu1) trusty; urgency=low
++
++  * Merge 1.7.0+dfsg-2 from debian experimental.  Remaining changes:
++    - debian/control
++      * update maintainer
++      * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
++        from build-deps
++      * enable rbd
++      * add qemu-system and qemu-common B/R to qemu-keymaps
++      * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
++        qemu-system-common
++      * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
++        - add qemu-common, qemu-kvm, kvm to B/R
++        - remove openbios-sparc from qemu-system-sparc D
++        - drop openbios-ppc and openhackware Depends to Suggests (for now)
++      * qemu-system-x86:
++        - add qemu-common to Breaks/Replaces.
++        - add cpu-checker to Recommends.
++      * qemu-user: add B/R:qemu-kvm
++      * qemu-kvm:
++        - add armhf armel powerpc sparc to Architecture
++        - C/R/P: qemu-kvm-spice
++      * add qemu-common package
++      * drop qemu-slof which is not packaged in ubuntu
++    - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
++    - qemu-system-x86.links:
++      * remove pxe rom links which are in kvm-ipxe
++    - debian/rules
++      * add kvm-spice symlink to qemu-kvm
++      * call dh_installmodules for qemu-system-x86
++      * update dh_installinit to install upstart script
++      * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
++    - Add qemu-utils.links for kvm-* symlinks.
++    - Add qemu-system-x86.qemu-kvm.upstart and .default
++    - Add qemu-system-x86.modprobe to set nesting=1
++    - Add qemu-system-common.preinst to add kvm group
++    - qemu-system-common.postinst: remove bad group acl if there, then have
++      udev relabel /dev/kvm.
++    - New linaro patches from qemu-linaro rebasing branch
++    - Dropped patches:
++      * linaro patchset
++      * mach-virt patchset
++    - Kept patches:
++      * expose_vms_qemu64cpu.patch
++      * fix-pci-add
++  * qemu-system-common.install: add debian/tmp/usr/lib to install the
++    qemu-bridge-helper
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Sat, 07 Dec 2013 06:08:11 +0000
++
  qemu (1.7.0+dfsg-2) unstable; urgency=low
    * switch from vgabios to seavgabios
@@ -2955,6 +7372,73 @@ qemu (1.7.0+dfsg-1) unstable; urgency=low
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 28 Nov 2013 03:14:21 +0400
++qemu (1.6.0+dfsg-2ubuntu2) trusty; urgency=low
++
++  * debian/control: qemu-utils must Replace: qemu-kvm as it did in raring,
++    to prevent lts-to-lts updates from breaking.  (LP: #1243403)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 23 Oct 2013 14:31:05 -0500
++
++qemu (1.6.0+dfsg-2ubuntu1) trusty; urgency=low
++
++  * Merge 1.6.0~rc0+dfsg-2exp from debian experimental.  Remaining changes:
++    - debian/control
++      * update maintainer
++      * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
++        from build-deps
++      * enable rbd
++      * add qemu-system and qemu-common B/R to qemu-keymaps
++      * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
++        qemu-system-common
++      * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
++        - add qemu-kvm to Provides
++        - add qemu-common, qemu-kvm, kvm to B/R
++        - remove openbios-sparc from qemu-system-sparc D
++        - drop openbios-ppc and openhackware Depends to Suggests (for now)
++      * qemu-system-x86:
++        - add qemu-common to Breaks/Replaces.
++        - add cpu-checker to Recommends.
++      * qemu-user: add B/R:qemu-kvm
++      * qemu-kvm:
++        - add armhf armel powerpc sparc to Architecture
++        - C/R/P: qemu-kvm-spice
++      * add qemu-common package
++      * drop qemu-slof which is not packaged in ubuntu
++    - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
++    - qemu-system-x86.links:
++      * remove pxe rom links which are in kvm-ipxe
++      * add symlink for kvm.1 manpage
++    - debian/rules
++      * add kvm-spice symlink to qemu-kvm
++      * call dh_installmodules for qemu-system-x86
++      * update dh_installinit to install upstart script
++      * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
++    - Add qemu-utils.links for kvm-* symlinks.
++    - Add qemu-system-x86.qemu-kvm.upstart and .default
++    - Add qemu-system-x86.modprobe to set nesting=1
++    - Add qemu-system-common.preinst to add kvm group
++    - qemu-system-common.postinst: remove bad group acl if there, then have
++      udev relabel /dev/kvm.
++    - New linaro patches from qemu-linaro rebasing branch
++    - Dropped patches:
++      * xen-simplify-xen_enabled.patch
++      * sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch
++      * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
++      * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
++      * virtio-rng-fix-crash
++    - Kept patches:
++      * expose_vms_qemu64cpu.patch - updated
++      * linaro arm patches from qemu-linaro rebasing branch
++    - New patches:
++      * fix-pci-add: change CONFIG variable in ifdef to make sure that
++        pci_add is defined.
++  * Add linaro patches
++  * Add experimental mach-virt patches for arm virtualization.
++  * qemu-system-common.install: add debian/tmp/usr/lib to install the
++    qemu-bridge-helper
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 22 Oct 2013 22:47:07 -0500
++
  qemu (1.6.0+dfsg-2) unstable; urgency=low
    * Build-depend in seccomp again once it is in -testing
@@ -3025,6 +7509,89 @@ qemu (1.5.0+dfsg-4) unstable; urgency=medium
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 06 Jun 2013 01:50:32 +0400
++qemu (1.5.0+dfsg-3ubuntu6) trusty; urgency=low
++
++  * No change rebuild for new seccomp.
++
++ -- Stéphane Graber <stgraber@ubuntu.com>  Mon, 21 Oct 2013 18:34:50 -0400
++
++qemu (1.5.0+dfsg-3ubuntu5) saucy; urgency=low
++
++  * Cherrypick upstream patch to fix crash with rng device (LP: #1235017)
++    - virtio-rng-fix-crash
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Wed, 09 Oct 2013 17:46:49 -0500
++
++qemu (1.5.0+dfsg-3ubuntu4) saucy; urgency=low
++
++  * Re-introduce snippet in upstart job to load kvm modules if needed.
++    (LP: #1218459)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Mon, 16 Sep 2013 22:43:52 +0000
++
++qemu (1.5.0+dfsg-3ubuntu3) saucy; urgency=low
++
++  * Cherry-picking three Xen related patches targetted for qemu-stable:
++    * xen-simplify-xen_enabled.patch
++    * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
++    * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
++
++ -- Stefan Bader <stefan.bader@canonical.com>  Fri, 26 Jul 2013 15:01:44 +0200
++
++qemu (1.5.0+dfsg-3ubuntu2) saucy; urgency=low
++
++  * Drop openbios-ppc and openhackware Depends to Suggests for now.
++
++ -- Adam Conrad <adconrad@ubuntu.com>  Wed, 05 Jun 2013 03:23:56 -0600
++
++qemu (1.5.0+dfsg-3ubuntu1) saucy; urgency=low
++
++  * Merge 1.5.0+dfs-3 from debian unstable.  Remaining changes:
++    - debian/control
++      * update maintainer
++      * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
++        from build-deps
++      * enable rbd
++      * add qemu-system and qemu-common B/R to qemu-keymaps
++      * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
++        qemu-system-common
++      * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
++        - add qemu-kvm to Provides
++        - add qemu-common, qemu-kvm, kvm to B/R
++        - remove openbios-sparc from qemu-system-sparc D
++      * qemu-system-x86:
++        - add qemu-common to Breaks/Replaces.
++        - add cpu-checker to Recommends.
++      * qemu-user: add B/R:qemu-kvm
++      * qemu-kvm:
++        - add armhf armel powerpc sparc to Architecture
++        - C/R/P: qemu-kvm-spice
++      * add qemu-common package
++      * drop qemu-slof which is not packaged in ubuntu
++    - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
++    - qemu-system-x86.links:
++      * remove pxe rom links which are in kvm-ipxe
++      * add symlink for kvm.1 manpage
++    - debian/rules
++      * add kvm-spice symlink to qemu-kvm
++      * call dh_installmodules for qemu-system-x86
++      * update dh_installinit to install upstart script
++      * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
++    - Add qemu-utils.links for kvm-* symlinks.
++    - Add qemu-system-x86.qemu-kvm.upstart and .default
++    - Add qemu-system-x86.modprobe to set nesting=1
++    - Add qemu-system-common.preinst to add kvm group
++    - qemu-system-common.postinst: remove bad group acl if there, then have
++      udev relabel /dev/kvm.
++    - Dropped patches:
++      * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
++    - Kept patches:
++      * expose_vms_qemu64cpu.patch - updated
++      * gridcentric patch - updated
++      * linaro arm patches from qemu-linaro rebasing branch
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 04 Jun 2013 22:56:43 +0200
++
  qemu (1.5.0+dfsg-3) unstable; urgency=low
    * fix sections: misc => otherosfs
@@ -3044,6 +7611,54 @@ qemu (1.5.0+dfsg-3) unstable; urgency=low
   -- Michael Tokarev <mjt@tls.msk.ru>  Sun, 02 Jun 2013 01:49:47 +0400
++qemu (1.5.0+dfsg-2ubuntu1) saucy; urgency=low
++
++  * Merge 1.5.0+dfs-2 from debian unstable.  Remaining changes:
++    - debian/control
++      * update maintainer
++      * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
++        from build-deps
++      * enable rbd
++      * add qemu-system and qemu-common B/R to qemu-keymaps
++      * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
++        qemu-system-common
++      * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
++        - add qemu-kvm to Provides
++        - add qemu-common, qemu-kvm, kvm to B/R
++        - remove openbios-sparc from qemu-system-sparc D
++      * qemu-system-x86:
++        - add qemu-common to Breaks/Replaces.
++        - add cpu-checker to Recommends.
++      * qemu-user: add B/R:qemu-kvm
++      * qemu-kvm:
++        - add armhf armel powerpc sparc to Architecture
++        - C/R/P: qemu-kvm-spice
++      * add qemu-common package
++      * drop qemu-slof which is not packaged in ubuntu
++    - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
++    - qemu-system-x86.links:
++      * remove pxe rom links which are in kvm-ipxe
++      * add symlink for kvm.1 manpage
++    - debian/rules
++      * add kvm-spice symlink to qemu-kvm
++      * call dh_installmodules for qemu-system-x86
++      * update dh_installinit to install upstart script
++      * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
++    - Add qemu-utils.links for kvm-* symlinks.
++    - Add qemu-system-x86.qemu-kvm.upstart and .default
++    - Add qemu-system-x86.modprobe to set nesting=1
++    - Add qemu-system-common.preinst to add kvm group
++    - qemu-system-common.postinst: remove bad group acl if there, then have
++      udev relabel /dev/kvm.
++    - Dropped patches:
++      * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
++    - Kept patches:
++      * expose_vms_qemu64cpu.patch - updated
++      * gridcentric patch - updated
++      * linaro arm patches from qemu-linaro rebasing branch
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Tue, 28 May 2013 08:18:30 -0500
++
  qemu (1.5.0+dfsg-2) unstable; urgency=low
    * merged development history of wheezy and experimental branches.
@@ -3111,6 +7726,76 @@ qemu (1.4.0+dfsg-2exp) experimental; urgency=low
   -- Michael Tokarev <mjt@tls.msk.ru>  Thu, 18 Apr 2013 14:45:30 +0400
++qemu (1.4.0+dfsg-1expubuntu4) raring; urgency=low
++
++  * re-add qemu-system-x86.modprobe to set nesting=1 (LP: #1155177)
++  * qemu-system-x86.qemu-kvm.upstart:
++    - remove NESTED workarounds from upstart file.
++    - remove loading of modules which is now always done
++    - remove TAPR define which is no longer used
++  * move customizable defines back to qemu-kvm.default
++  * copy creation of group kvm to preinst - the group must exist when the
++    kvm udev rule is installed (LP: #1103022) (LP: #1092715)
++  * add adduser to qemu-system-common Pre-Depends for use by preinst.
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 14 Mar 2013 14:21:53 -0500
++
++qemu (1.4.0+dfsg-1expubuntu3) raring; urgency=low
++
++  * debian/rules: add a symlink from kvm-spice to kvm in qemu-kvm, on
++    i386/amd64 targets.  (LP: #1126258)
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 28 Feb 2013 15:17:16 -0600
++
++qemu (1.4.0+dfsg-1expubuntu2) raring; urgency=low
++
++  * substitute (apparently identical) patches from 1.4.0 qemu-linaro rebasing
++    tree.
++  * add qemu-common to qemu-system-common B/R (was accidentally dropped from
++    1.3.0 in 1.4.0 merge).
++  * debian/control: fix kvm P/C/B/R:
++    - make all C/B/R against kvm versioned
++    - don't have any qemu-system-* other than x86 Provides: kvm
++
++ -- Serge Hallyn <serge.hallyn@ubuntu.com>  Fri, 22 Feb 2013 13:34:07 -0600
++
++qemu (1.4.0+dfsg-1expubuntu1) raring; urgency=low
++
++  * Merge 1.4.0+dfsg-1exp from debian.  Remaining changes:
++    - debian/control:
++      * update maintainer

Ubuntuqemu package

Merge ~sergiodj/ubuntu/+source/qemu:merge-8.0-dfsg4-mantic into ubuntu/+source/qemu:debian/experimental

Commit message

Description of the change

Unmerged commits

Preview Diff

Subscribers

Ubuntu
qemu package