Ubuntu
qemu package

Merge ~sergiodj/ubuntu/+source/qemu:merge-8.0.2-dfsg2-mantic into ubuntu/+source/qemu:debian/sid

  1. Git
  2. lp:~sergiodj/ubuntu/+source/qemu
  3. merge-8.0.2-dfsg2-mantic
  4. Merge into debian/sid
Proposed by Sergio Durigan Junior
Status: Merged
Approved by: git-ubuntu bot
Approved revision: not available
Merge reported by: git-ubuntu bot
Merged at revision: 29557aacf03897510be278b12900b3991385c103
Proposed branch: ~sergiodj/ubuntu/+source/qemu:merge-8.0.2-dfsg2-mantic
Merge into: ubuntu/+source/qemu:debian/sid
Diff against target: 6904 lines (+6344/-10)
14 files modified
debian/changelog (+5000/-3)
debian/control (+51/-7)
debian/control-in (+3/-0)
debian/patches/series (+6/-0)
debian/patches/ubuntu/define-ubuntu-machine-types.patch (+967/-0)
debian/patches/ubuntu/enable-svm-by-default.patch (+34/-0)
debian/patches/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch (+62/-0)
debian/patches/ubuntu/qboot-Disable-LTO-for-ELF-binary-build-step.patch (+44/-0)
debian/qemu-block-extra.postinst (+59/-0)
debian/qemu-kvm-init (+89/-0)
debian/qemu-system-common.install (+1/-0)
debian/qemu-system-common.qemu-kvm.default (+8/-0)
debian/qemu-system-common.qemu-kvm.service (+16/-0)
debian/rules (+4/-0)
Reviewer Review Type Date Requested Status
git-ubuntu bot Approve
Christian Ehrhardt ξƒΏ (community) Approve
Canonical Server packageset reviewers Pending
Canonical Server Reporter Pending
Review via email: mp+445002@code.launchpad.net

This proposal supersedes a proposal from 2023-06-08.

Description of the change

This is the merge of QEMU 8.0.2+dfsg-2 from Debian sid.

It's a bit involved since we're jumping from 7.2 to 8.0. The following things are noteworthy IMHO:

- First of all, this MP isn't entirely ready to be uploaded because I'd like Christian to take a look as well. Also, the dep8 tests included in the package are somewhat superficial, and Christian maintains an extensive testsuite by himself. I still don't know how to use it, so this is something we will talk more about next week when he's back from PTO. I won't feel comfortable uploading the package until I see the results from his testsuite.

- I did my best to adjust d/p/ubuntu/define-ubuntu-machine-types.patch accordingly. I'd appreciate a double check.

- The Debian maintainer chose to link the documentation for qemu-system-x86 with qemu-system-common. This introduced a build failure because we maintain our own d/qemu-system-x86.README.Debian, and dh did not know where to install it anymore (since the /usr/share/docs/qemu-system-x86/ directory won't exist anymore). For that reason, and judging by the contents of our README.Debian file, I decided to drop it entirely.

- I was able to drop some of our delta that's been adopted by Debian.

I think that's it.

There's a PPA here: https://launchpad.net/~sergiodj/+archive/ubuntu/qemu/+packages

I triggered the dep8 tests and will post the results once I have them.

To post a comment you must log in.
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote : Posted in a previous version of this proposal

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-mantic-sergiodj-qemu/?format=plain)
  qemu @ amd64:
    08.06.23 19:35:06 Log πŸ—’οΈ βœ… Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3
  qemu @ arm64:
    08.06.23 19:36:40 Log πŸ—’οΈ βœ… Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3
  qemu @ armhf:
    08.06.23 19:12:27 Log πŸ—’οΈ βœ… Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3
  qemu @ ppc64el:
    08.06.23 19:27:40 Log πŸ—’οΈ βœ… Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3
  qemu @ s390x:
    08.06.23 19:25:55 Log πŸ—’οΈ βœ… Triggers: qemu/1:8.0+dfsg-4ubuntu1~ppa3

Revision history for this message
Christian Ehrhardt ξƒΏ (paelzer) wrote : Posted in a previous version of this proposal
Download full text (3.9 KiB)

Thank you Sergio,
Thanks for not shouting at me for the delta :-)
In fact looking at it as a reviewer I realize how much smaller I got it since e.g. Focal that I'm happy about that. On a glance the MR and builds look fine, having a deeper look now ...

* Changelog:
  - [x] old content and logical tag match as expected

        Haven't found them in your repo
        Things LGTM, but to be sure, if you could push tag/branch or whatever you had?
        I tried to use sergiodj/allow-repeating-hot-unplug-lunar but that also had import/1%7.2+dfsg-5ubuntu1 un-split.
        I assume you just used paelzer/merge-7.2-5-lunar for import/1%7.2+dfsg-5ubuntu1 and put your changes on top, but to be sure I'd want to have a look at the tag or whatever you used.

  - [+] changelog entry correct version and targeted codename

     While this is correct for now, I think we should consider 1:8.0.2+dfsg-1 here. It has more changes which we now have time to pick up, but later in the cycle can get harder. Especially the dropping of pvrdma I'd like to see early so that people have time to speak up.
Maybe we even want to talk to ubuntu-security if there isn't a way to patch them?

  - [+] changelog entries correct
  - [+] bug references correct
  - [+] update-maintainer has been run

* Merge - Indirect Changes:
  - [+] no upstream changes that need adaptation
  - [+] no further upstream version to consider
  - [+] debian changes look safe

* Merge - Old Delta:
  - [+] dropped changes are ok to be dropped
  - [+] nothing else to drop
  - [+] changes forwarded upstream/debian (if appropriate)

I forgot to tell you about https://bugs.launchpad.net/ubuntu/+source/qemu/+bugs?field.tag=qemu-23.10 which I keep for each cycle to track stuff that might need to be added or at least bug-refrenced.
I updated all of them, good for you - none is ready so no action needed.

* New Delta:
  - [+] no new patches added

* Git/Maintenance
  - [+] No extra testcases needed to be added for this
  - [+] commits are properly split
  - [+] d/control is correctly regenerated for Ubuntu

* Build/Test:
  - [+] build is ok
  - [+] verified PPA package installs/uninstalls
  - [+] autopkgtest against the PPA package passes (see above)
  - [+] sanity checks test fine

I gave debian/patches/ubuntu/define-ubuntu-machine-types.patch an extra look as it likes to cause issues :-)

#ifdef CONFIG_MICROVM_DEFAULT
  this is now present in pc_i440fx_8_0_machine_options and pc_mantic_machine_options
  But it is only needed in pc_mantic_machine_options
  In pc_i440fx_8_0_machine_options all you'd do is to remove upstreams setting of default.
TL;DR: The 8.0 version of https://git.launchpad.net/ubuntu/+source/qemu/tree/hw/i386/pc_piix.c?h=ubuntu/mantic-devel#n443 needs to become =false

Furthermore (while meant to go away https://warthogs.atlassian.net/browse/SD-1050) your -hpb type also picks up the default flag (due to the same mistake).

I'm sure the tests will have shouted that at you anyway as I see:
root@ursula:~# qemu-system-x86_64 -M ? | grep default
pc-i440fx-mantic Ubuntu 23.10 PC (i440FX + PIIX, 1996) (default)
pc-i440fx-mantic-hpb Ubuntu 23.10 PC (i440FX + PIIX +host-phys-bits=true, 1996) (def...

Read more...

review: Needs Fixing
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote : Posted in a previous version of this proposal
Download full text (4.7 KiB)

On Wednesday, June 14 2023, Christian Ehrhardt ξƒΏ wrote:

> Thank you Sergio,
> Thanks for not shouting at me for the delta :-)
> In fact looking at it as a reviewer I realize how much smaller I got it since e.g. Focal that I'm happy about that. On a glance the MR and builds look fine, having a deeper look now ...

Thanks for the review, Christian.

>
> * Changelog:
> - [x] old content and logical tag match as expected
>
> Haven't found them in your repo
> Things LGTM, but to be sure, if you could push tag/branch or whatever you had?
> I tried to use sergiodj/allow-repeating-hot-unplug-lunar but that also had import/1%7.2+dfsg-5ubuntu1 un-split.
> I assume you just used paelzer/merge-7.2-5-lunar for import/1%7.2+dfsg-5ubuntu1 and put your changes on top, but to be sure I'd want to have a look at the tag or whatever you used.

Sorry, I forgot to push the tags. It's done now.

> - [+] changelog entry correct version and targeted codename
>
> While this is correct for now, I think we should consider 1:8.0.2+dfsg-1 here. It has more changes which we now have time to pick up, but later in the cycle can get harder. Especially the dropping of pvrdma I'd like to see early so that people have time to speak up.
> Maybe we even want to talk to ubuntu-security if there isn't a way to patch them?

+1. Let me see about merging 8.0.2, then.

>
> - [+] changelog entries correct
> - [+] bug references correct
> - [+] update-maintainer has been run
>
> * Merge - Indirect Changes:
> - [+] no upstream changes that need adaptation
> - [+] no further upstream version to consider
> - [+] debian changes look safe
>
> * Merge - Old Delta:
> - [+] dropped changes are ok to be dropped
> - [+] nothing else to drop
> - [+] changes forwarded upstream/debian (if appropriate)
>
> I forgot to tell you about https://bugs.launchpad.net/ubuntu/+source/qemu/+bugs?field.tag=qemu-23.10 which I keep for each cycle to track stuff that might need to be added or at least bug-refrenced.
> I updated all of them, good for you - none is ready so no action needed.

Ah, thanks.

> * New Delta:
> - [+] no new patches added
>
> * Git/Maintenance
> - [+] No extra testcases needed to be added for this
> - [+] commits are properly split
> - [+] d/control is correctly regenerated for Ubuntu
>
> * Build/Test:
> - [+] build is ok
> - [+] verified PPA package installs/uninstalls
> - [+] autopkgtest against the PPA package passes (see above)
> - [+] sanity checks test fine
>
> I gave debian/patches/ubuntu/define-ubuntu-machine-types.patch an extra look as it likes to cause issues :-)
>
> #ifdef CONFIG_MICROVM_DEFAULT
> this is now present in pc_i440fx_8_0_machine_options and pc_mantic_machine_options
> But it is only needed in pc_mantic_machine_options
> In pc_i440fx_8_0_machine_options all you'd do is to remove upstreams setting of default.
> TL;DR: The 8.0 version of https://git.launchpad.net/ubuntu/+source/qemu/tree/hw/i386/pc_piix.c?h=ubuntu/mantic-devel#n443 needs to become =false

Hm, that statement has been changed to false already. So all I did was
to remove the "#ifdef CONFIG_MICROVM_DEFAULT" guard on
pc_i44...

Read more...

Revision history for this message
Christian Ehrhardt ξƒΏ (paelzer) wrote :

Thanks for the logical tag, LGTM there.
The following range-diff took a lot of time but I didn't spot anything broken \o/

It is nice that you added a -hpb info, I just hope before mantic release it will be droppable (Openstack needs to ensure they can use the new interface).

The machine type delta LGTM now.
How are the tests behaving with this build?

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

On Tuesday, June 20 2023, Christian Ehrhardt ξƒΏ wrote:

> Thanks for the logical tag, LGTM there.
> The following range-diff took a lot of time but I didn't spot anything broken \o/
>
>
> It is nice that you added a -hpb info, I just hope before mantic release it will be droppable (Openstack needs to ensure they can use the new interface).
>
> The machine type delta LGTM now.

Thanks!

> How are the tests behaving with this build?

Running. I triggered them yesterday before going to bed, but they
didn't complete because of conflicts with stale LXD containers. I'll
update this MP with the results ASAP.

--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

On Tuesday, June 20 2023, Sergio Durigan Junior wrote:

>> How are the tests behaving with this build?
>
> Running. I triggered them yesterday before going to bed, but they
> didn't complete because of conflicts with stale LXD containers. I'll
> update this MP with the results ASAP.

Here's what I got:

prep (x86_64) : Pass 25 F/S/N 0/0/0 - RC 0 (15 min 50772 lin)
migrate (x86_64) : Pass 0 F/S/N 1/0/0 - RC 999 (1 min 890 lin)
cross (x86_64) : Pass 24 F/S/N 8/0/0 - RC 16 (96 min 76394 lin)
misc (x86_64) : Pass 0 F/S/N 1/0/0 - RC 999 (1 min 898 lin)

prep (s390x) : Pass 25 F/S/N 0/0/0 - RC 0 (12 min 33042 lin)
migrate (s390x) : Pass 0 F/S/N 1/0/0 - RC 999 (1 min 891 lin)
cross (s390x) : Pass 24 F/S/N 8/0/0 - RC 16 (101 min 68866 lin)
misc (s390x) : Pass 0 F/S/N 1/0/0 - RC 999 (1 min 899 lin)

I'm looking at the *.status and *.log files to see if I find something
that explains the failures.

--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

After some fixes in the environment, here are the test results:

prep (s390x) : Pass 30 F/S/N 0/0/0 - RC 0 (17 min 42098 lin)
migrate (s390x) : Pass 260 F/S/N 0/5/0 - RC 0 (79 min 163157 lin)
cross (s390x) : Pass 80 F/S/N 0/0/0 - RC 0 (134 min 117002 lin)
misc (s390x) : Pass 67 F/S/N 0/0/0 - RC 0 (27 min 33306 lin)

prep (x86_64) : Pass 30 F/S/N 0/0/0 - RC 0 (22 min 62433 lin)
migrate (x86_64) : Pass 280 F/S/N 0/0/0 - RC 0 (91 min 228131 lin)
cross (x86_64) : Pass 24 F/S/N 4/0/2 - RC 4 (147 min 94778 lin)
misc (x86_64) : Pass 73 F/S/N 0/0/0 - RC 0 (36 min 43532 lin)

The amd64 failures look like this:

2.3.1 (19:52:34): live migration (extra option '') testkvm-jammy-from -> testkvm-kinetic-from => Failed detail=chain live migration failed

They're all from migrations to kinetic-from, which leads me to believe that there's something fishy with this VM. Investigating...

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

I logged into the container and I see this:

# systemctl status libvirtd.service
● libvirtd.service - Virtualization daemon
     Loaded: loaded (/lib/systemd/system/libvirtd.service; enabled; preset: enabled)
     Active: active (running) since Tue 2023-06-27 02:22:33 UTC; 55s ago
TriggeredBy: ● libvirtd-ro.socket
             β— libvirtd-admin.socket
             β— libvirtd.socket
       Docs: man:libvirtd(8)
             https://libvirt.org
   Main PID: 247 (libvirtd)
      Tasks: 21 (limit: 32768)
     Memory: 21.5M
        CPU: 817ms
     CGroup: /system.slice/libvirtd.service
             β”œβ”€247 /usr/sbin/libvirtd
             β”œβ”€345 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libv>
             β””─346 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libv>

Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: libvirt version: 8.6.0, package: 0ubuntu3.2 (Marc Deslauriers <marc.deslauriers@ubunt>
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: hostname: testkvm-kinetic-from
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: internal error: Missing udev property 'ID_VENDOR_ID' on 'usb4'
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: internal error: Missing udev property 'ID_VENDOR_ID' on '4-3'
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: internal error: Missing udev property 'ID_VENDOR_ID' on 'usb5'
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: internal error: Missing udev property 'ID_VENDOR_ID' on 'usb1'
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: internal error: Missing udev property 'ID_VENDOR_ID' on '1-1'
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: internal error: Missing udev property 'ID_VENDOR_ID' on 'usb2'
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: internal error: Missing udev property 'ID_VENDOR_ID' on 'usb3'
Jun 27 02:22:34 testkvm-kinetic-from libvirtd[247]: internal error: Missing udev property 'ID_VENDOR_ID' on '3-1'

I believe these internal errors may have something to do with the problem. I'll rerun the tests just to confirm.

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

OK, I reran the tests following Christian's suggestion to skip kinetic from the migration path, and here are the results:

prep (x86_64) : Pass 30 F/S/N 0/0/0 - RC 0 (18 min 62603 lin)
cross (x86_64) : Pass 20 F/S/N 0/0/0 - RC 999 (41 min 33333 lin)

The RC 999 here is because the script barfed when trying to clean up the containers, but other than that everything looks good.

I'll wait for Christian's green light before uploading, but I consider this merge ready to go.

Revision history for this message
Christian Ehrhardt ξƒΏ (paelzer) wrote :

I've checked the test results on the system to be sure.
Yes those results LGTM.

The Merge already was fine before and hasn't changed.
Please go on to upload and guide its migration.

P.S. The only open thing (not to wait on) is SD-1050 which I've reached out for.

review: Approve
Revision history for this message
git-ubuntu bot (git-ubuntu-bot) wrote :

Approvers: sergiodj, paelzer
Uploaders: sergiodj, paelzer
MP auto-approved

review: Approve
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

On Thursday, June 29 2023, Christian Ehrhardt ξƒΏ wrote:

> I've checked the test results on the system to be sure.
> Yes those results LGTM.
>
> The Merge already was fine before and hasn't changed.
> Please go on to upload and guide its migration.

Thanks. Uploaded:

$ dput qemu_8.0.2+dfsg-2ubuntu1_source.changes
Trying to upload package to ubuntu
Checking signature on .changes
gpg: /home/sergio/work/qemu/qemu_8.0.2+dfsg-2ubuntu1_source.changes: Valid signature from 106DA1C8C3CBBF14
Checking signature on .dsc
gpg: /home/sergio/work/qemu/qemu_8.0.2+dfsg-2ubuntu1.dsc: Valid signature from 106DA1C8C3CBBF14
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading qemu_8.0.2+dfsg-2ubuntu1.dsc: done.
  Uploading qemu_8.0.2+dfsg.orig.tar.xz: done.
  Uploading qemu_8.0.2+dfsg-2ubuntu1.debian.tar.xz: done.
  Uploading qemu_8.0.2+dfsg-2ubuntu1_source.buildinfo: done.
  Uploading qemu_8.0.2+dfsg-2ubuntu1_source.changes: done.
Successfully uploaded packages.

--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index a6ed950..d89559c 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,56 @@
6+qemu (1:8.0.2+dfsg-2ubuntu1) mantic; urgency=medium
7+
8+ * Merge with Debian unstable (LP: #2018103). Remaining changes:
9+ - qemu-kvm to systemd unit
10+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
11+ hugepages and architecture specifics
12+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
13+ qemu-kvm-init
14+ - d/qemu-system-common.install: install helper script
15+ - d/qemu-system-common.qemu-kvm.default: defaults for
16+ /etc/default/qemu-kvm
17+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
18+ - Distribution specific machine type
19+ (LP 1304107 1621042 1776189 1761372 1761372 1776189)
20+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
21+ types containing release versioned machine attributes
22+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
23+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
24+ - Enable nesting by default
25+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
26+ in qemu64 on amd
27+ [ No more strictly needed, but required for backward compatibility ]
28+ - tolerate ipxe size change on migrations to >=18.04 (LP 1713490)
29+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
30+ reference 256k path
31+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
32+ handle incoming migrations from former releases.
33+ - Ease the use of module retention on upgrades (LP 1913421)
34+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
35+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
36+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
37+ fix qboot FTBFS with LTO
38+ * Drop changes:
39+ - d/control-in: libnfs is in main since focal, enable direct nfs
40+ storage support (LP 1988704)
41+ [ Adopted by Debian. ]
42+ - d/control-in: libsndio is in universe in ubuntu
43+ [ Adopted by Debian. ]
44+ - Fix FTBFS with glibc >= 2.36. (LP #2015418)
45+ + d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary
46+ upstream commits that were working around a glibc issue.
47+ [ Incorporated upstream. ]
48+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
49+ [ Debian linked the qemu-system-x86 documentation with the
50+ qemu-system-common package, rendering this README file not
51+ applicable. ]
52+ - d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating
53+ hot-unplug requests by making ACPI PCI able to requeue them.
54+ (LP #2018733)
55+ [ Applied upstream. ]
56+
57+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Mon, 19 Jun 2023 15:45:09 -0400
58+
59 qemu (1:8.0.2+dfsg-2) unstable; urgency=medium
60
61 * d/rules: --enable-libusb for xen build (Closes: #1037341)
62@@ -223,6 +276,66 @@ qemu (1:8.0~rc2+dfsg-1) experimental; urgency=medium
63
64 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Mar 2023 15:44:21 +0300
65
66+qemu (1:7.2+dfsg-5ubuntu3) mantic; urgency=medium
67+
68+ * d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating
69+ hot-unplug requests by making ACPI PCI able to requeue them.
70+ (LP: #2018733)
71+
72+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Thu, 18 May 2023 15:13:14 -0400
73+
74+qemu (1:7.2+dfsg-5ubuntu2) lunar; urgency=medium
75+
76+ * Fix FTBFS with glibc >= 2.36. (LP: #2015418)
77+ - d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary
78+ upstream commits that were working around a glibc issue.
79+
80+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 05 Apr 2023 20:10:13 -0400
81+
82+qemu (1:7.2+dfsg-5ubuntu1) lunar; urgency=medium
83+
84+ * Re-merge with Debian unstable to pick up stabilization fixes
85+ remaining changes:
86+ - qemu-kvm to systemd unit
87+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
88+ hugepages and architecture specifics
89+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
90+ qemu-kvm-init
91+ - d/qemu-system-common.install: install helper script
92+ - d/qemu-system-common.qemu-kvm.default: defaults for
93+ /etc/default/qemu-kvm
94+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
95+ - Distribution specific machine type
96+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
97+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
98+ types containing release versioned machine attributes
99+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
100+ for host-phys-bits=true
101+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
102+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
103+ - Enable nesting by default
104+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
105+ in qemu64 on amd
106+ [ No more strictly needed, but required for backward compatibility ]
107+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
108+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
109+ reference 256k path
110+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
111+ handle incoming migrations from former releases.
112+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
113+ - Ease the use of module retention on upgrades (LP 1913421)
114+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
115+ - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
116+ landed in Debian but under a different name.
117+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
118+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
119+ fix qboot FTBFS with LTO
120+ - d/control-in: libnfs is in main since focal, enable direct nfs
121+ storage support (LP 1988704)
122+ - d/control-in: libsndio is in universe in ubuntu
123+
124+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2023 08:50:45 +0100
125+
126 qemu (1:7.2+dfsg-5) unstable; urgency=medium
127
128 * d/qemu-guest-agent.udev: fix missing comma
129@@ -262,6 +375,89 @@ qemu (1:7.2+dfsg-5) unstable; urgency=medium
130
131 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 05 Mar 2023 20:09:04 +0300
132
133+qemu (1:7.2+dfsg-4ubuntu1) lunar; urgency=medium
134+
135+ * Merge with Debian unstable (LP: #1993438), among many other fixes
136+ this resolvs these bugs:
137+ (LP: #1957924) - support for querying stats,
138+ (LP: #1853307) - Enhanced Interpretation for PCI Functions (s390x)
139+ (LP: #1959966) - guest dump encryption with customer keys (s390x)
140+ (LP: #1999885) - pv: don't allow userspace to set the clock under PV
141+ (LP: #1957924) - add filtering of statistics by target vCPU
142+ remaining changes:
143+ - qemu-kvm to systemd unit
144+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
145+ hugepages and architecture specifics
146+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
147+ qemu-kvm-init
148+ - d/qemu-system-common.install: install helper script
149+ - d/qemu-system-common.qemu-kvm.default: defaults for
150+ /etc/default/qemu-kvm
151+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
152+ - Distribution specific machine type
153+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
154+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
155+ types containing release versioned machine attributes
156+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
157+ for host-phys-bits=true
158+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
159+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
160+ - Enable nesting by default
161+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
162+ in qemu64 on amd
163+ [ No more strictly needed, but required for backward compatibility ]
164+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
165+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
166+ reference 256k path
167+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
168+ handle incoming migrations from former releases.
169+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
170+ - Ease the use of module retention on upgrades (LP 1913421)
171+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
172+ - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
173+ landed in Debian but under a different name.
174+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
175+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
176+ fix qboot FTBFS with LTO
177+ * Dropped Changes [now part of upstream v7.2.0]
178+ - d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt
179+ error 'migration was active, but no RAM info was set' (LP 1994002)
180+ - d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch:
181+ Fix FTBFS with libbpf 1.0.1-2.
182+ + Header updates that were added as part of the libbpf fixes
183+ but not mentioned in changelog
184+ - d/p/u/lp-1981339-*: fix s390x system emulation (LP 1981339)
185+ - Fix I/O stalls when using NVMe storage (LP 1970737).
186+ + d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
187+ in laio_io_unplug.
188+ - SECURITY UPDATE: heap overflow in floppy disk emulator
189+ + debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
190+ hw/block/fdc.c.
191+ - SECURITY UPDATE: use-after-free vulnerability
192+ + debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
193+ lsi_do_msgout
194+ - SECURITY UPDATE: heap overflow vulnerability
195+ + debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
196+ memories
197+ - SECURITY UPDATE: integer underflow vulnerability
198+ + debian/patches/CVE-2022-3165.patch: fix integer underflow in
199+ vnc_client_cut_text_ext
200+ * Dropped Changes in regard to GCC-12 FTBFS (LP 1988710)
201+ [not all are needed in lunar]
202+ - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch.
203+ Silence -Warray-bounds false positive [no more needed]
204+ - d/rules: set -O1 for alpha firmware build
205+ - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch:
206+ further FTBFS fixup
207+ * Dropped Changes [in Debian 1:7.2+dfsg-3]
208+ - d/rules: disable LTO on non-amd64 builds (LP 1921664)
209+ * Added Changes
210+ - d/control-in: libnfs is in main since focal, enable direct nfs
211+ storage support (LP: #1988704)
212+ - d/control-in: libsndio is in universe in ubuntu
213+
214+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Jan 2023 13:18:43 +0100
215+
216 qemu (1:7.2+dfsg-4) unstable; urgency=medium
217
218 * block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch:
219@@ -399,6 +595,126 @@ qemu (1:7.1+dfsg-1) unstable; urgency=medium
220
221 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 12 Sep 2022 11:50:53 +0300
222
223+qemu (1:7.0+dfsg-7ubuntu4) lunar; urgency=medium
224+
225+ * SECURITY UPDATE: use-after-free vulnerability
226+ - debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
227+ lsi_do_msgout
228+ - CVE-2022-0216
229+ * SECURITY UPDATE: heap overflow vulnerability
230+ - debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
231+ memories
232+ - CVE-2022-2962
233+ * SECURITY UPDATE: integer underflow vulnerability
234+ - debian/patches/CVE-2022-3165.patch: fix integer underflow in
235+ vnc_client_cut_text_ext
236+ - CVE-2022-3165
237+
238+ -- Nishit Majithia <nishit.majithia@canonical.com> Fri, 09 Dec 2022 10:25:52 +0530
239+
240+qemu (1:7.0+dfsg-7ubuntu3) lunar; urgency=medium
241+
242+ [ Brett Milford ]
243+ * d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt
244+ error 'migration was active, but no RAM info was set' (LP: #1994002)
245+
246+ [ Mauricio Faria de Oliveira ]
247+ * d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch:
248+ Fix FTBFS with libbpf 1.0.1-2.
249+
250+ -- Mauricio Faria de Oliveira <mfo@canonical.com> Wed, 30 Nov 2022 12:17:51 -0300
251+
252+qemu (1:7.0+dfsg-7ubuntu2) kinetic; urgency=medium
253+
254+ [ Paride Legovini ]
255+ * d/rules: disable LTO on non-amd64 builds (LP: #1921664)
256+ * GCC-12 FTBFS (LP: #1988710)
257+ - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch.
258+ Silence -Warray-bounds false positive (treated as error)
259+
260+ [ Christian Ehrhardt ]
261+ * More on GCC-12 FTBFS (LP 1988710)
262+ - d/rules: set -O1 for alpha firmware build
263+ - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch:
264+ further FTBFS fixup
265+
266+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2022 08:07:24 +0200
267+
268+qemu (1:7.0+dfsg-7ubuntu1) kinetic; urgency=medium
269+
270+ * Merge with Debian unstable (LP: #1971315)(LP: #1980896), remaining changes:
271+ - qemu-kvm to systemd unit
272+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
273+ hugepages and architecture specifics
274+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
275+ qemu-kvm-init
276+ - d/qemu-system-common.install: install helper script
277+ - d/qemu-system-common.qemu-kvm.default: defaults for
278+ /etc/default/qemu-kvm
279+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
280+ - Distribution specific machine type
281+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
282+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
283+ types containing release versioned machine attributes
284+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
285+ for host-phys-bits=true
286+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
287+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
288+ - Enable nesting by default
289+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
290+ in qemu64 on amd
291+ [ No more strictly needed, but required for backward compatibility ]
292+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
293+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
294+ reference 256k path
295+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
296+ handle incoming migrations from former releases.
297+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
298+ - Ease the use of module retention on upgrades (LP 1913421)
299+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
300+ - Fix I/O stalls when using NVMe storage (LP 1970737).
301+ - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
302+ in laio_io_unplug.
303+ - SECURITY UPDATE: heap overflow in floppy disk emulator
304+ - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
305+ hw/block/fdc.c.
306+ - CVE-2021-3507
307+ * Dropped Changes [now part of 1:7.0+dfsg-7]:
308+ - d/rules: xen libexec dir is no more versioned
309+ - d/rules: ensure xen is built on x86
310+ - d/kvm-spice: fix when acceleration is already defined on the commandline
311+ - debian/control[-in]: no more disable glusterfs in Ubuntu (LP 1246924)
312+ * Dropped Changes [now part of upstream v7.0.0]
313+ - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch
314+ Allow long kernel command lines for QEMU (LP 1959984)
315+ - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list
316+ - d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit
317+ tcg on s390x.
318+ - Fix diff handling on ceph that can cause data corruption (LP 1968258)
319+ - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch
320+ - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch
321+ - d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock
322+ in vnc connections (LP 1970563)
323+ - All CVE fixes of 1:6.2+dfsg-2ubuntu8 except CVE-2021-3507
324+ * Dropped Changes
325+ - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
326+ add patch to workaround FTBFS when building against OpenSSL 3.0.
327+ [ now working with OpenSSL 3.0 ]
328+ - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
329+ -fcf-protection being unavailble on -march=i486 (LP 1940029)
330+ [ fixed in compiler toolchain ]
331+ - Make qemu-system-x86-microvm a transitional package as the binary is now
332+ in qemu-system-x86 itself.
333+ [ no more needed]
334+ * Added Changes
335+ - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
336+ landed in Debian but under a different name.
337+ - d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS
338+ with LTO
339+ - d/p/u/lp-1981339-*: fix s390x system emulation (LP: #1981339)
340+
341+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jul 2022 12:07:19 +0200
342+
343 qemu (1:7.0+dfsg-7) unstable; urgency=medium
344
345 * d/tests/test-qemu-user: rework ls/glob test a bit
346@@ -533,6 +849,141 @@ qemu (1:6.2+dfsg-3) unstable; urgency=medium
347
348 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 25 Feb 2022 12:01:46 +0300
349
350+qemu (1:6.2+dfsg-2ubuntu8) kinetic; urgency=medium
351+
352+ [ Marc Deslauriers ]
353+ * SECURITY UPDATE: heap overflow in floppy disk emulator
354+ - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
355+ hw/block/fdc.c.
356+ - CVE-2021-3507
357+ * SECURITY UPDATE: use-after-free in nvme
358+ - debian/patches/CVE-2021-3929.patch: deny DMA to the iomem of the
359+ device itself in hw/nvme/ctrl.c.
360+ - CVE-2021-3929
361+ * SECURITY UPDATE: integer overflow in QXL display device emulation
362+ - debian/patches/CVE-2021-4206.patch: check width and height in
363+ hw/display/qxl-render.c, hw/display/vmware_vga.c, ui/cursor.c.
364+ - CVE-2021-4206
365+ * SECURITY UPDATE: heap overflow in QXL display device emulation
366+ - debian/patches/CVE-2021-4207.patch: fix race condition in qxl_cursor
367+ in hw/display/qxl-render.c.
368+ - CVE-2021-4207
369+ * SECURITY UPDATE: potential privilege escalation in virtiofsd
370+ - debian/patches/CVE-2022-0358.patch: Drop membership of all
371+ supplementary groups in tools/virtiofsd/passthrough_ll.c.
372+ - CVE-2022-0358
373+ * SECURITY UPDATE: memory leakage in virtio-net device
374+ - debian/patches/CVE-2022-26353.patch: fix map leaking on error during
375+ receive in hw/net/virtio-net.c.
376+ - CVE-2022-26353
377+ * SECURITY UPDATE: memory leakage in vhost-vsock device
378+ - debian/patches/CVE-2022-26354.patch: detach the virqueue element in
379+ case of error in hw/virtio/vhost-vsock-common.c.
380+ - CVE-2022-26354
381+
382+ [ Sergio Durigan Junior ]
383+ * Fix I/O stalls when using NVMe storage (LP: #1970737).
384+ - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
385+ in laio_io_unplug.
386+
387+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 22 Jun 2022 15:38:37 -0400
388+
389+qemu (1:6.2+dfsg-2ubuntu7) kinetic; urgency=medium
390+
391+ * d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock
392+ in vnc connections (LP: #1970563)
393+
394+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 May 2022 08:25:20 +0200
395+
396+qemu (1:6.2+dfsg-2ubuntu6) jammy; urgency=medium
397+
398+ * debian/control[-in]: no more disable glusterfs in Ubuntu (LP: #1246924)
399+ * Fix diff handling on ceph that can cause data corruption (LP: #1968258)
400+ - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch
401+ - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch
402+
403+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 08 Apr 2022 09:36:34 +0200
404+
405+qemu (1:6.2+dfsg-2ubuntu5) jammy; urgency=medium
406+
407+ * d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit
408+ tcg on s390x.
409+
410+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 17 Feb 2022 09:54:36 +0100
411+
412+qemu (1:6.2+dfsg-2ubuntu4) jammy; urgency=medium
413+
414+ * No-change rebuild to update maintainer scripts, see LP: 1959054
415+
416+ -- Dave Jones <dave.jones@canonical.com> Wed, 16 Feb 2022 17:28:14 +0000
417+
418+qemu (1:6.2+dfsg-2ubuntu3) jammy; urgency=medium
419+
420+ * Merge with Debian unstable, remaining changes:
421+ - qemu-kvm to systemd unit
422+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
423+ hugepages and architecture specifics
424+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
425+ qemu-kvm-init
426+ - d/qemu-system-common.install: install helper script
427+ - d/qemu-system-common.qemu-kvm.default: defaults for
428+ /etc/default/qemu-kvm
429+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
430+ - Distribution specific machine type
431+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
432+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
433+ types containing release versioned machine attributes
434+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
435+ for host-phys-bits=true
436+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
437+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
438+ - Enable nesting by default
439+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
440+ in qemu64 on amd
441+ [ No more strictly needed, but required for backward compatibility ]
442+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
443+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
444+ reference 256k path
445+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
446+ handle incoming migrations from former releases.
447+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
448+ - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
449+ add patch to workaround FTBFS when building against OpenSSL 3.0.
450+ - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
451+ -fcf-protection being unavailble on -march=i486 (LP 1940029)
452+ - Ease the use of module retention on upgrades (LP 1913421)
453+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
454+ - Make qemu-system-x86-microvm a transitional package as the binary is now
455+ in qemu-system-x86 itself.
456+ * Dropped Changes [now part of 1:6.1+dfsg-8]:
457+ - updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code
458+ (#993658) (LP 1947860)
459+ - improved dependencies
460+ - Make qemu-system-common depend on qemu-block-extra
461+ - Make qemu-utils depend on qemu-block-extra
462+ - d/control*, d/rules: disable xen by default, but provide universe
463+ package qemu-system-x86-xen as alternative
464+ [includes compat links changes of 5.0-5ubuntu4]
465+ - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926)
466+ * Dropped Changes [now part of upstream]
467+ - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931
468+ and 3932 machines (LP 1932175)
469+ - d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix
470+ migration with audio devices present (LP 1940288)
471+ * Added changes:
472+ - update patches for qemu v6.2.0
473+ - d/p/u/enable-svm-by-default.patch
474+ - d/p/u/define-ubuntu-machine-types.patch
475+ - d/p/u/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch
476+ - d/rules: xen libexec dir is no more versioned
477+ - d/rules: ensure xen is built on x86
478+ - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch
479+ Allow long kernel command lines for QEMU (LP: #1959984)
480+ - d/kvm-spice: fix when acceleration is already defined on the commandline
481+ - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list
482+
483+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 05 Jan 2022 12:18:25 +0100
484+
485 qemu (1:6.2+dfsg-2) unstable; urgency=medium
486
487 * bump meson build-dep to 0.59.3
488@@ -754,6 +1205,95 @@ qemu (1:6.0+dfsg-3) unstable; urgency=medium
489
490 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 17 Aug 2021 17:49:10 +0300
491
492+qemu (1:6.0+dfsg-2expubuntu4) jammy; urgency=medium
493+
494+ * d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
495+ add patch to workaround FTBFS when building against OpenSSL 3.0.
496+ Thanks to Christian Ehrhardt (LP: #1952448)
497+
498+ -- Paride Legovini <paride@ubuntu.com> Fri, 26 Nov 2021 15:47:51 +0100
499+
500+qemu (1:6.0+dfsg-2expubuntu3) jammy; urgency=medium
501+
502+ * No-change rebuild against liburing2
503+
504+ -- Paride Legovini <paride@ubuntu.com> Mon, 22 Nov 2021 18:00:26 +0100
505+
506+qemu (1:6.0+dfsg-2expubuntu2) jammy; urgency=medium
507+
508+ * updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code
509+ (#993658) (LP: #1947860)
510+
511+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 03 Nov 2021 14:10:56 +0100
512+
513+qemu (1:6.0+dfsg-2expubuntu1) impish; urgency=medium
514+
515+ * Merge with Debian experimental, remaining changes:
516+ - qemu-kvm to systemd unit
517+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
518+ hugepages and architecture specifics
519+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
520+ qemu-kvm-init
521+ - d/qemu-system-common.install: install helper script
522+ - d/qemu-system-common.qemu-kvm.default: defaults for
523+ /etc/default/qemu-kvm
524+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
525+ - Distribution specific machine type
526+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
527+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
528+ types containing release versioned machine attributes
529+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
530+ for host-phys-bits=true
531+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
532+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
533+ - Enable nesting by default
534+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
535+ in qemu64 on amd
536+ [ No more strictly needed, but required for backward compatibility ]
537+ - improved dependencies
538+ - Make qemu-system-common depend on qemu-block-extra
539+ - Make qemu-utils depend on qemu-block-extra
540+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
541+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
542+ reference 256k path
543+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
544+ handle incoming migrations from former releases.
545+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
546+ - d/control*, d/rules: disable xen by default, but provide universe
547+ package qemu-system-x86-xen as alternative
548+ [includes compat links changes of 5.0-5ubuntu4]
549+ - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
550+ - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
551+ for v6.0
552+ - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926)
553+ - Ease the use of module retention on upgrades (LP 1913421)
554+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
555+ * Dropped Changes [in 1:6.0+dfsg-2exp]:
556+ - d/control-in: Disable capstone disassembler library support (universe)
557+ - Disable fuse export (universe dependency)
558+ - Ease the use of module retention on upgrades (LP 1913421)
559+ - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
560+ - d/rules: only save modules if /run/qemu isn't noexec
561+ - d/rules: clear all (current and former) modules on purge
562+ - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
563+ upgrade issues (LP 1932264)
564+ - Enable SDL as secondary UI backend (LP 1256185)
565+ - d/control: add build dependency libsdl2-dev
566+ - d/control: enable sdl graphics on build
567+ - d/qemu-system-gui.install: add ui-sdl.so
568+ - d/control: add runtime dependency to libgl1
569+ * Dropped Changes [no more needed]
570+ - let qemu-utils recommend sharutils
571+ * Added changes:
572+ - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
573+ -fcf-protection being unavailble on -march=i486 (LP: #1940029)
574+ - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931
575+ and 3932 machines (LP: #1932175)
576+ - d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix
577+ migration with audio devices present (LP: #1940288)
578+
579+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 12 Aug 2021 15:35:12 +0200
580+
581 qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
582
583 [ Christian Ehrhardt ]
584@@ -791,6 +1331,104 @@ qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
585
586 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 21 Jul 2021 19:43:37 +0300
587
588+qemu (1:6.0+dfsg-1~ubuntu3) impish; urgency=medium
589+
590+ * d/p/u/lp-1935617-target-ppc-Fix-load-endianness-for-lxvwsx-lxvdsx.patch:
591+ fix TCG emulation for ppc64 (LP: #1935617)
592+
593+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 13 Jul 2021 09:34:55 +0200
594+
595+qemu (1:6.0+dfsg-1~ubuntu2) impish; urgency=medium
596+
597+ * d/control: remove fuse2 trial-build (LP 1934510)
598+
599+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 07 Jul 2021 10:26:08 +0200
600+
601+qemu (1:6.0+dfsg-1~ubuntu1) impish; urgency=medium
602+
603+ * Merge with Debian experimental, Among many other things this fixes LP Bugs:
604+ (LP: #1907952) broken arrow keys in -display gtk on aarch64
605+ - qemu-kvm to systemd unit
606+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
607+ hugepages and architecture specifics
608+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
609+ qemu-kvm-init
610+ - d/qemu-system-common.install: install helper script
611+ - d/qemu-system-common.qemu-kvm.default: defaults for
612+ /etc/default/qemu-kvm
613+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
614+ - Distribution specific machine type
615+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
616+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
617+ types containing release versioned machine attributes
618+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
619+ for host-phys-bits=true
620+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
621+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
622+ - Enable nesting by default
623+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
624+ in qemu64 on amd
625+ [ No more strictly needed, but required for backward compatibility ]
626+ - improved dependencies
627+ - Make qemu-system-common depend on qemu-block-extra
628+ - Make qemu-utils depend on qemu-block-extra
629+ - Let qemu-utils recommend sharutils
630+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
631+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
632+ reference 256k path
633+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
634+ handle incoming migrations from former releases.
635+ - d/control-in: Disable capstone disassembler library support (universe)
636+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
637+ - d/control*, d/rules: disable xen by default, but provide universe
638+ package qemu-system-x86-xen as alternative
639+ [includes compat links changes of 5.0-5ubuntu4]
640+ - Fix upgrade module handling (LP 1905377)
641+ --enable-module-upgrades for qemu-xen which doesn't exist in Debian
642+ * Dropped Changes [in 6.0]:
643+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
644+ ld usage of -no-pie (LP 1907789)
645+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
646+ virtio-9p-ccw being missing (LP 1916230)
647+ - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
648+ to glib2.0 >=2.67.3 (LP 1916705)
649+ - d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
650+ on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
651+ (LP 1921754)
652+ - d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
653+ (LP 1921880)
654+ - d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre*:
655+ fix go in qemu-s390x-static (LP 1922010)
656+ * Dropped Changes [in Debian]:
657+ - Allow qemu to load old modules post upgrade (LP 1847361)
658+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
659+ - d/rules: Drop generating package version into maintainer scripts
660+ * Dropped Changes [No more needed >21.04]:
661+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
662+ the bad old prerm (LP 1906245 1905377)
663+ * Added Changes
664+ - Disable fuse export (universe dependency)
665+ - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
666+ - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
667+ for v6.0
668+ - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP: #1929926)
669+ - Ease the use of module retention on upgrades (LP: #1913421)
670+ - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
671+ - d/rules: only save modules if /run/qemu isn't noexec
672+ - d/rules: clear all (current and former) modules on purge
673+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
674+ - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
675+ upgrade issues (LP: #1932264)
676+ - Enable SDL as secondary UI backend (LP: #1256185)
677+ - d/control: add build dependency libsdl2-dev
678+ - d/control: enable sdl graphics on build
679+ - d/qemu-system-gui.install: add ui-sdl.so
680+ - d/control: add runtime dependency to libgl1
681+ - d/rules: qemu-system-x86-xen builds modules as well now (follows the
682+ other packages)
683+
684+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 15 Jun 2021 12:41:33 +0200
685+
686 qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium
687
688 * new upstream release
689@@ -843,6 +1481,75 @@ qemu (1:5.2+dfsg-10) unstable; urgency=medium
690
691 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 16 Apr 2021 12:43:36 +0300
692
693+qemu (1:5.2+dfsg-9ubuntu3) hirsute; urgency=medium
694+
695+ * d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
696+ on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
697+ (LP: #1921754)
698+ * d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
699+ (LP: #1921880)
700+
701+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 07 Apr 2021 11:58:29 +0200
702+
703+qemu (1:5.2+dfsg-9ubuntu2) hirsute; urgency=medium
704+
705+ * d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre.patch:
706+ fix go in qemu-s390x-static (LP: #1922010)
707+
708+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 31 Mar 2021 10:01:40 +0200
709+
710+qemu (1:5.2+dfsg-9ubuntu1) hirsute; urgency=medium
711+
712+ * Merge with Debian unstable; Remaining changes:
713+ - qemu-kvm to systemd unit
714+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
715+ hugepages and architecture specifics
716+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
717+ qemu-kvm-init
718+ - d/qemu-system-common.install: install helper script
719+ - d/qemu-system-common.qemu-kvm.default: defaults for
720+ /etc/default/qemu-kvm
721+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
722+ - Distribution specific machine type (LP: 1304107 1621042)
723+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
724+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
725+ for host-phys-bits=true (LP: 1776189)
726+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
727+ - provide pseries-bionic-2.11-sxxm type as convenience with all
728+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
729+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
730+ - Enable nesting by default
731+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
732+ in qemu64 on amd
733+ [ No more strictly needed, but required for backward compatibility ]
734+ - improved dependencies
735+ - Make qemu-system-common depend on qemu-block-extra
736+ - Make qemu-utils depend on qemu-block-extra
737+ - let qemu-utils recommend sharutils
738+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
739+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
740+ reference 256k path
741+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
742+ handle incoming migrations from former releases.
743+ - d/control-in: Disable capstone disassembler library support (universe)
744+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
745+ - d/control*, d/rules: disable xen by default, but provide universe
746+ package qemu-system-x86-xen as alternative
747+ [includes compat links changes of 5.0-5ubuntu4]
748+ - allow qemu to load old modules post upgrade (LP 1847361)
749+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
750+ - d/rules: Drop generating package version into maintainer scripts
751+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
752+ the bad old prerm (LP 1906245 1905377)
753+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
754+ ld usage of -no-pie (LP 1907789)
755+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
756+ virtio-9p-ccw being missing (LP 1916230)
757+ - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
758+ to glib2.0 >=2.67.3 (LP 1916705)
759+
760+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 18 Mar 2021 11:13:49 +0100
761+
762 qemu (1:5.2+dfsg-9) unstable; urgency=medium
763
764 * do not make qemu-system-data dependent on qemu-system-foo
765@@ -882,6 +1589,66 @@ qemu (1:5.2+dfsg-7) unstable; urgency=high
766
767 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Mar 2021 11:32:54 +0300
768
769+qemu (1:5.2+dfsg-6ubuntu2) hirsute; urgency=medium
770+
771+ * d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
772+ to glib2.0 >=2.67.3 (LP: #1916705)
773+
774+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 24 Feb 2021 08:39:09 +0100
775+
776+qemu (1:5.2+dfsg-6ubuntu1) hirsute; urgency=medium
777+
778+ * Merge with Debian unstable, includes fixes for
779+ - build operates differently if source is a git repo (LP: #1887535)
780+ Remaining changes:
781+ - qemu-kvm to systemd unit
782+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
783+ hugepages and architecture specifics
784+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
785+ qemu-kvm-init
786+ - d/qemu-system-common.install: install helper script
787+ - d/qemu-system-common.qemu-kvm.default: defaults for
788+ /etc/default/qemu-kvm
789+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
790+ - Distribution specific machine type (LP: 1304107 1621042)
791+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
792+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
793+ for host-phys-bits=true (LP: 1776189)
794+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
795+ - provide pseries-bionic-2.11-sxxm type as convenience with all
796+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
797+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
798+ - Enable nesting by default
799+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
800+ in qemu64 on amd
801+ [ No more strictly needed, but required for backward compatibility ]
802+ - improved dependencies
803+ - Make qemu-system-common depend on qemu-block-extra
804+ - Make qemu-utils depend on qemu-block-extra
805+ - let qemu-utils recommend sharutils
806+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
807+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
808+ reference 256k path
809+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
810+ handle incoming migrations from former releases.
811+ - d/control-in: Disable capstone disassembler library support (universe)
812+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
813+ - d/control*, d/rules: disable xen by default, but provide universe
814+ package qemu-system-x86-xen as alternative
815+ [includes compat links changes of 5.0-5ubuntu4]
816+ - allow qemu to load old modules post upgrade (LP 1847361)
817+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
818+ - d/rules: Drop generating package version into maintainer scripts
819+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
820+ the bad old prerm (LP 1906245 1905377)
821+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
822+ ld usage of -no-pie (LP 1907789)
823+ * Added changes
824+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
825+ virtio-9p-ccw being missing (LP: #1916230)
826+
827+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Feb 2021 11:40:36 +0100
828+
829 qemu (1:5.2+dfsg-6) unstable; urgency=medium
830
831 * deprecate qemu-debootstrap. It is not needed anymore with
832@@ -934,6 +1701,64 @@ qemu (1:5.2+dfsg-4) unstable; urgency=medium
833
834 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Feb 2021 16:52:10 +0300
835
836+qemu (1:5.2+dfsg-3ubuntu2) hirsute; urgency=medium
837+
838+ * No change rebuild to pick up liburing. (LP: #1914145)
839+
840+ -- Mauricio Faria de Oliveira <mfo@canonical.com> Wed, 03 Feb 2021 19:44:54 -0300
841+
842+qemu (1:5.2+dfsg-3ubuntu1) hirsute; urgency=medium
843+
844+ * Merge with Debian unstable, includes fixes for
845+ - qemu-user-static are partially dynamically linked (LP: #1908331)
846+ - qemu crashing when using spice without qemu-system-gui being
847+ installed (LP: #1908577)
848+ Remaining changes:
849+ - qemu-kvm to systemd unit
850+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
851+ hugepages and architecture specifics
852+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
853+ qemu-kvm-init
854+ - d/qemu-system-common.install: install helper script
855+ - d/qemu-system-common.qemu-kvm.default: defaults for
856+ /etc/default/qemu-kvm
857+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
858+ - Distribution specific machine type (LP: 1304107 1621042)
859+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
860+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
861+ for host-phys-bits=true (LP: 1776189)
862+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
863+ - provide pseries-bionic-2.11-sxxm type as convenience with all
864+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
865+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
866+ - Enable nesting by default
867+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
868+ in qemu64 on amd
869+ [ No more strictly needed, but required for backward compatibility ]
870+ - improved dependencies
871+ - Make qemu-system-common depend on qemu-block-extra
872+ - Make qemu-utils depend on qemu-block-extra
873+ - let qemu-utils recommend sharutils
874+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
875+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
876+ reference 256k path
877+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
878+ handle incoming migrations from former releases.
879+ - d/control-in: Disable capstone disassembler library support (universe)
880+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
881+ - d/control*, d/rules: disable xen by default, but provide universe
882+ package qemu-system-x86-xen as alternative
883+ [includes compat links changes of 5.0-5ubuntu4]
884+ - allow qemu to load old modules post upgrade (LP 1847361)
885+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
886+ - d/rules: Drop generating package version into maintainer scripts
887+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
888+ the bad old prerm (LP 1906245 1905377)
889+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
890+ ld usage of -no-pie (LP 1907789)
891+
892+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jan 2021 12:43:42 +0100
893+
894 qemu (1:5.2+dfsg-3) unstable; urgency=medium
895
896 [ Christian Ehrhardt ]
897@@ -950,6 +1775,64 @@ qemu (1:5.2+dfsg-3) unstable; urgency=medium
898
899 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 29 Dec 2020 15:07:03 +0300
900
901+qemu (1:5.2+dfsg-2ubuntu1) hirsute; urgency=medium
902+
903+ * Merge with Debian unstable
904+ - includes fix for CVE-2020-17380
905+ - includes a fix for s390x PCI device reset (LP: #1907656)
906+ Remaining changes:
907+ - qemu-kvm to systemd unit
908+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
909+ hugepages and architecture specifics
910+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
911+ qemu-kvm-init
912+ - d/qemu-system-common.install: install helper script
913+ - d/qemu-system-common.qemu-kvm.default: defaults for
914+ /etc/default/qemu-kvm
915+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
916+ - Distribution specific machine type (LP: 1304107 1621042)
917+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
918+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
919+ for host-phys-bits=true (LP: 1776189)
920+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
921+ - provide pseries-bionic-2.11-sxxm type as convenience with all
922+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
923+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
924+ - Enable nesting by default
925+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
926+ in qemu64 on amd
927+ [ No more strictly needed, but required for backward compatibility ]
928+ - improved dependencies
929+ - Make qemu-system-common depend on qemu-block-extra
930+ - Make qemu-utils depend on qemu-block-extra
931+ - let qemu-utils recommend sharutils
932+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
933+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
934+ reference 256k path
935+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
936+ handle incoming migrations from former releases.
937+ - d/control-in: Disable capstone disassembler library support (universe)
938+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
939+ - d/control*, d/rules: disable xen by default, but provide universe
940+ package qemu-system-x86-xen as alternative
941+ [includes compat links changes of 5.0-5ubuntu4]
942+ - allow qemu to load old modules post upgrade (LP 1847361)
943+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
944+ - d/rules: Drop generating package version into maintainer scripts
945+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
946+ the bad old prerm (LP 1906245 1905377)
947+ * Dropped Changes:
948+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
949+ resolved in gcc-10 (LP: 1890435) [it is flaky still, but no more 100%
950+ fails]
951+ * Added Changes:
952+ - Refreshed ubuntu machine types for hirsute@5.2
953+ - d/control: regenerated from d/control-in
954+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
955+ ld usage of -no-pie (LP: #1907789)
956+
957+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Dec 2020 16:44:47 +0100
958+
959 qemu (1:5.2+dfsg-2) unstable; urgency=medium
960
961 * move ui-opengl.so module from qemu-system-gui to qemu-system-common,
962@@ -995,6 +1878,153 @@ qemu (1:5.2+dfsg-1) unstable; urgency=medium
963
964 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 09 Dec 2020 08:57:41 +0300
965
966+qemu (1:5.1+dfsg-4ubuntu3) hirsute; urgency=medium
967+
968+ * d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
969+ the bad old prerm (LP: #1906245)
970+
971+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 30 Nov 2020 12:53:03 +0100
972+
973+qemu (1:5.1+dfsg-4ubuntu2) hirsute; urgency=medium
974+
975+ * Fix upgrade module handling (LP: #1905377)
976+ This was accetped in a slightly different form in qemu_5.0-6 and therefore
977+ allows to drop some former delta that is now conflicting.
978+ Ubuntu still keeps enabling --enable-module-upgrades, but only for
979+ qemu-xen which doesn't exist in Debian
980+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
981+ - d/rules: Drop generating package version into maintainer scripts
982+
983+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Nov 2020 11:16:01 +0100
984+
985+qemu (1:5.1+dfsg-4ubuntu1) hirsute; urgency=medium
986+
987+ * Merge with Debian testing, remaining changes:
988+ Fixes qemu-arm-static Assertion `guest_base != 0' failed (LP: #1897854)
989+ - qemu-kvm to systemd unit
990+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
991+ hugepages and architecture specifics
992+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
993+ qemu-kvm-init
994+ - d/qemu-system-common.install: install helper script
995+ - d/qemu-system-common.qemu-kvm.default: defaults for
996+ /etc/default/qemu-kvm
997+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
998+ - Distribution specific machine type (LP: 1304107 1621042)
999+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1000+ types
1001+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1002+ for host-phys-bits=true (LP: 1776189)
1003+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1004+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1005+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1006+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1007+ - Enable nesting by default
1008+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1009+ in qemu64 on amd
1010+ [ No more strictly needed, but required for backward compatibility ]
1011+ - improved dependencies
1012+ - Make qemu-system-common depend on qemu-block-extra
1013+ - Make qemu-utils depend on qemu-block-extra
1014+ - let qemu-utils recommend sharutils
1015+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1016+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1017+ reference 256k path
1018+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1019+ handle incoming migrations from former releases.
1020+ - d/control-in: Disable capstone disassembler library support (universe)
1021+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1022+ - d/control*, d/rules: disable xen by default, but provide universe
1023+ package qemu-system-x86-xen as alternative
1024+ [includes compat links changes of 5.0-5ubuntu4]
1025+ - allow qemu to load old modules post upgrade (LP 1847361)
1026+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
1027+ upgrade
1028+ - d/rules: generate maintainer scripts matching package version on build
1029+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
1030+ - d/control: regenerate debian/control out of control-in
1031+ * Dropped changes [in Debian or no more needed]
1032+ - d/control-in: disable pmem on ppc64 as it is currently considered
1033+ experimental on that architecture (pmdk v1.8-1)
1034+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
1035+ - d/rules: report config log from the correct subdir
1036+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
1037+ - Pick further changes for groovy from debian/master since 5.0-5
1038+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
1039+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_...patch
1040+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
1041+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
1042+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
1043+ - megasas-fix-possible-out-of-bounds-array-access.patch
1044+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
1045+ - es1370-check-total-frame-count-against-current-...-CVE-2020-13361.patch
1046+ - a few patches from the stable series:
1047+ - fix-tulip-breakage.patch
1048+ - 9p-lock-directory-streams-with-a-CoMutex.patch
1049+ Prevent deadlocks in 9pfs readdir code
1050+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
1051+ Fix newline accidentally sneaked into id string of a nic
1052+ - qemu-nbd-close-inherited-stderr.patch
1053+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
1054+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
1055+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
1056+ - acpi-tmr-allow-2-byte-reads.patch
1057+ - reapply CVE-2020-13253 fixes from upstream
1058+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
1059+ - linux-user-add-netlink-RTM_SETLINK-command.patch
1060+ - d/control: since qemu-system-data now contains module(s),
1061+ it can't be multi-arch. Ditto for qemu-block-extra.
1062+ - qemu-system-foo: depend on exact version of qemu-system-data,
1063+ due to the latter having modules
1064+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch'
1065+ This is another incarnation of the recent bugfix which actually enabled
1066+ memory access constraints, like #964247
1067+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
1068+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
1069+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
1070+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
1071+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
1072+ - do not install outdated (0.12 and before) Changelog
1073+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
1074+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
1075+ Closes: CVE-2020-15863
1076+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
1077+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
1078+ another fix for revert-memory-accept-.. CVE-2020-13754
1079+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
1080+ - d/control-in: build-dep libcap is no more needed
1081+ - arch aware kvm wrappers
1082+ [upstream now automatically enables KVM if available and called with
1083+ kvm* name, provides KVM as before but with auto-fallback to tcg.
1084+ Former behavior of KVM-or-die can be achieved via -machine accel=kvm ]
1085+ * Dropped changes [upstream now]
1086+ - d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
1087+ setup_len
1088+ - d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP 1887930)
1089+ - d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP 1894942)
1090+ - d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
1091+ from vfio-ccw (LP 1887935)
1092+ - fix qemu-user-static initialization to allow executing systemd (LP 1890881)
1093+ - fix assertion failue in net_tx_pkt_add_raw_fragment (LP 1891187)
1094+ - d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
1095+ SQXBR (LP 1883984)
1096+ - d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP 1890154)
1097+ - d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
1098+ environments (LP 1887763)
1099+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
1100+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
1101+ crashes it on shutdown (LP 1878973)
1102+ - update d/p/ubuntu/lp-1835546-* to the final versions
1103+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
1104+ FTBFS in groovy
1105+ * Added Changes:
1106+ - update ubuntu machine types for hirsute@5.1
1107+ - d/control: regenerated from d/control-in
1108+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
1109+ resolved in gcc-10 (LP: 1890435)
1110+
1111+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 29 Oct 2020 12:37:31 +0100
1112+
1113 qemu (1:5.1+dfsg-4) unstable; urgency=high
1114
1115 * mention closing of CVE-2020-16092 by 5.1
1116@@ -1236,6 +2266,298 @@ qemu (1:5.0-6) unstable; urgency=medium
1117
1118 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 03 Jul 2020 18:24:48 +0300
1119
1120+qemu (1:5.0-5ubuntu11) hirsute; urgency=medium
1121+
1122+ * d/p/ubuntu/define-ubuntu-machine-types.patch: update to fix 15.04 wily
1123+ machine type to match how it originally was released (LP: #1902654)
1124+
1125+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Nov 2020 08:19:07 +0100
1126+
1127+qemu (1:5.0-5ubuntu10) hirsute; urgency=medium
1128+
1129+ * No-change rebuild for brltty soname change.
1130+
1131+ -- Matthias Klose <doko@ubuntu.com> Mon, 02 Nov 2020 16:59:33 +0100
1132+
1133+qemu (1:5.0-5ubuntu9) groovy; urgency=medium
1134+
1135+ * d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
1136+ setup_len
1137+ CVE-2020-14364
1138+
1139+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 22 Sep 2020 16:53:18 +0200
1140+
1141+qemu (1:5.0-5ubuntu8) groovy; urgency=medium
1142+
1143+ * d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP: #1887930)
1144+
1145+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 14 Sep 2020 08:23:49 +0200
1146+
1147+qemu (1:5.0-5ubuntu7) groovy; urgency=medium
1148+
1149+ * d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP: #1894942)
1150+
1151+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Sep 2020 08:47:12 +0200
1152+
1153+qemu (1:5.0-5ubuntu6) groovy; urgency=medium
1154+
1155+ * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
1156+ from vfio-ccw (LP: #1887935)
1157+
1158+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Aug 2020 11:09:12 +0200
1159+
1160+qemu (1:5.0-5ubuntu5) groovy; urgency=medium
1161+
1162+ * fix qemu-user-static initialization to allow executing systemd
1163+ (LP: #1890881)
1164+ - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch
1165+ - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch
1166+ - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch
1167+ - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch
1168+ - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch
1169+ - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch
1170+ * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187)
1171+ CVE-2020-16092
1172+ - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch
1173+
1174+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 19 Aug 2020 07:19:42 +0200
1175+
1176+qemu (1:5.0-5ubuntu4) groovy; urgency=medium
1177+
1178+ * xen: provide compat links to what libxen-dev reports where to find
1179+ the binaries (LP: #1890005)
1180+ * d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
1181+ SQXBR (LP: #1883984)
1182+ * d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP: #1890154)
1183+
1184+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 03 Aug 2020 07:15:28 +0200
1185+
1186+qemu (1:5.0-5ubuntu3) groovy; urgency=medium
1187+
1188+ * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
1189+ environments (LP: #1887763)
1190+ * Pick further changes for groovy from debian/master since 5.0-5
1191+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
1192+ Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger
1193+ infinite recursion via a crafted mm_index value during
1194+ ati_mm_read or ati_mm_write call.
1195+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch
1196+ Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu
1197+ devices which uses min_access_size and max_access_size Memory API fields.
1198+ Also closes: CVE-2020-13791
1199+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
1200+ CVE-2020-13659: address_space_map in exec.c can trigger
1201+ a NULL pointer dereference related to BounceBuffer
1202+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
1203+ Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c
1204+ has an OOB read via a crafted reply_queue_head field from a guest OS user
1205+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
1206+ fix other possible cases like in CVE-2020-13362 (#961887)
1207+ - megasas-fix-possible-out-of-bounds-array-access.patch
1208+ Some tracepoints use a guest-controlled value as an index into the
1209+ mfi_frame_desc[] array. Thus a malicious guest could cause a very low
1210+ impact OOB errors here
1211+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
1212+ Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server.
1213+ This flaw occurs when an nbd-client sends a spec-compliant request that is
1214+ near the boundary of maximum permitted request length. A remote nbd-client
1215+ could use this flaw to crash the qemu-nbd server resulting in a DoS.
1216+ - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch
1217+ Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not
1218+ properly validate the frame count, which allows guest OS users to trigger
1219+ an out-of-bounds access during an es1370_write() operation
1220+ - a few patches from the stable series:
1221+ - fix-tulip-breakage.patch
1222+ The tulip network driver in a qemu-system-hppa emulation is broken in
1223+ the sense that bigger network packages aren't received any longer and
1224+ thus even running e.g. "apt update" inside the VM fails. Fix this.
1225+ - 9p-lock-directory-streams-with-a-CoMutex.patch
1226+ Prevent deadlocks in 9pfs readdir code
1227+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
1228+ Fix newline accidentally sneaked into id string of a nic
1229+ - qemu-nbd-close-inherited-stderr.patch
1230+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
1231+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
1232+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
1233+ - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247)
1234+ - reapply CVE-2020-13253 fixed from upstream:
1235+ sdcard-simplify-realize-a-bit.patch (preparation for the next patch)
1236+ sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253)
1237+ sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational)
1238+ sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch
1239+ Closes: #961297, CVE-2020-13253
1240+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
1241+ (Closes: #965109)
1242+ - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289)
1243+ - d/control: since qemu-system-data now contains module(s),
1244+ it can't be multi-arch. Ditto for qemu-block-extra.
1245+ - qemu-system-foo: depend on exact version of qemu-system-data,
1246+ due to the latter having modules
1247+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793)
1248+ This is another incarnation of the recent bugfix which actually enabled
1249+ memory access constraints, like #964247
1250+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
1251+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
1252+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
1253+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
1254+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
1255+ - do not install outdated (0.12 and before) Changelog (Closes: #965381)
1256+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
1257+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
1258+ Closes: CVE-2020-15863
1259+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
1260+ List of patches:
1261+ sm501-convert-printf-abort-to-qemu_log_mask.patch
1262+ sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
1263+ sm501-use-BIT-macro-to-shorten-constant.patch
1264+ sm501-clean-up-local-variables-in-sm501_2d_operation.patch
1265+ sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
1266+ Closes: #961451, CVE-2020-12829
1267+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
1268+ another fix for revert-memory-accept-.. CVE-2020-13754
1269+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
1270+
1271+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 Jul 2020 13:21:31 +0200
1272+
1273+qemu (1:5.0-5ubuntu2) groovy; urgency=medium
1274+
1275+ * No change rebuild against new libnettle8 and libhogweed6 ABI.
1276+
1277+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 29 Jun 2020 22:32:55 +0100
1278+
1279+qemu (1:5.0-5ubuntu1) groovy; urgency=medium
1280+
1281+ * Merge with Debian testing (LP: #1749393), remaining changes:
1282+ - qemu-kvm to systemd unit
1283+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1284+ hugepages and architecture specifics
1285+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1286+ qemu-kvm-init
1287+ - d/qemu-system-common.install: install helper script
1288+ - d/qemu-system-common.qemu-kvm.default: defaults for
1289+ /etc/default/qemu-kvm
1290+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1291+ - Distribution specific machine type (LP: 1304107 1621042)
1292+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1293+ types
1294+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1295+ for host-phys-bits=true (LP: 1776189)
1296+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1297+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1298+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1299+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1300+ - Enable nesting by default
1301+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1302+ in qemu64 on amd
1303+ [ No more strictly needed, but required for backward compatibility ]
1304+ - improved dependencies
1305+ - Make qemu-system-common depend on qemu-block-extra
1306+ - Make qemu-utils depend on qemu-block-extra
1307+ - let qemu-utils recommend sharutils
1308+ - arch aware kvm wrappers
1309+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1310+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1311+ reference 256k path
1312+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1313+ handle incoming migrations from former releases.
1314+ - d/control-in: Disable capstone disassembler library support (universe)
1315+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1316+ - d/control*, d/rules: disable xen by default, but provide universe
1317+ package qemu-system-x86-xen as alternative
1318+ [includes --disable-xen for user-static builds]
1319+ - d/control-in: disable pmem on ppc64 as it is currently considered
1320+ experimental on that architecture (pmdk v1.8-1)
1321+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
1322+ - d/rules: report config log from the correct subdir
1323+ - allow qemu to load old modules post upgrade (LP 1847361)
1324+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
1325+ upgrade
1326+ - d/rules: generate maintainer scripts matching package version on build
1327+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
1328+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
1329+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
1330+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
1331+ crashes it on shutdown (LP 1878973)
1332+ * Dropped changes (no more needed)
1333+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1334+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1335+ in qemu64 cpu type.
1336+ - d/control: avoid upgrade issues triggered by moving ivshmem tools after
1337+ Debian. Fixed by bumping the related Breaks/Replaces to the
1338+ Version Ubuntu introduced the change (LP 1862287)
1339+ * Dropped changes (in Debian)
1340+ - improved s390x support
1341+ - d/binfmt-update-in: fix binfmt being called in some containers
1342+ (LP 1840956)
1343+ - qemu-system-x86-microvm package
1344+ In addition to the generic multi-purpose qemu also provide a minimal
1345+ feature binary that is loading faster for use cases with microvm machine
1346+ type and qboot bios
1347+ - d/control-in: add a new qemu-system-x86-microvm package
1348+ - d/rules: add an extra config/build step to get the minimal qemu
1349+ - Security and packaging fixes (LP 1872937)
1350+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
1351+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
1352+ CVE-2020-10702
1353+ CVE-2020-11102
1354+ - fix external spice UI
1355+ + install ui-spice-app.so in qemu-system-common
1356+ + install ui-spice-app.so only if built, spice is optional
1357+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
1358+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
1359+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
1360+ - enable riscv build (LP 1872931)
1361+ [ changes picked from Debian ]
1362+ - enable support for riscv64 hosts
1363+ - only enable librbd on architectures where it is built
1364+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
1365+ depends on the former
1366+ - seccomp grew up, no need in versioned build-dep
1367+ - enable seccomp only on architectures where it can be built
1368+ * Dropped changes (upstream)
1369+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1370+ (LP 1857033)
1371+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
1372+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
1373+ vhost-user-gpu
1374+ - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
1375+ avoid unnecessary IOTLB transactions (LP 1866207)
1376+ - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
1377+ patches @qemu-stable (LP 1867519)
1378+ - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
1379+ to avoid broken nesting (LP 1868692)
1380+ - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
1381+ (LP 1871830)
1382+ - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107)
1383+ - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
1384+ - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
1385+ and clobbered doubles (LP 1872945)
1386+ - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
1387+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
1388+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
1389+ - CVE-2020-11869
1390+ - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
1391+ - async: use explicit memory barriers (LP 1805256)
1392+ - aio-wait: delegate polling of main AioContext if BQL not held
1393+ - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
1394+ supporting to set them (LP 1882774)
1395+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
1396+ load to a versioned path
1397+ * Added Changes:
1398+ - d/control: regenerate debian/control out of control-in
1399+ - update d/p/ubuntu/lp-1835546-* to the final versions
1400+ - 11 patches dropped as they are in 5.0
1401+ - 20 patches updated to how they will be in 5.1
1402+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
1403+ FTBFS in groovy
1404+ - Make qemu-system-x86-microvm a transitional package as the binary is now
1405+ in qemu-system-x86 itself.
1406+ - d/control-in: build-dep libcap is no more needed
1407+ - d/rules: update arch aware kvm wrappers
1408+ - d/qemu-system-x86.README.Debian: fix typo
1409+
1410+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 16 Jun 2020 16:50:09 +0200
1411+
1412 qemu (1:5.0-5) unstable; urgency=medium
1413
1414 * more binfmt-install updates
1415@@ -1368,6 +2690,188 @@ qemu (1:4.2-4) unstable; urgency=medium
1416
1417 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 12:44:43 +0300
1418
1419+qemu (1:4.2-3ubuntu10) groovy; urgency=medium
1420+
1421+ * No-change rebuild against libnettle8
1422+
1423+ -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 20 Jul 2020 16:12:37 +0000
1424+
1425+qemu (1:4.2-3ubuntu9) groovy; urgency=medium
1426+
1427+ * debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
1428+ crashes it on shutdown (LP: #1878973)
1429+ * d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
1430+ supporting to set them (LP: #1882774)
1431+
1432+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 02 Jun 2020 10:42:49 +0200
1433+
1434+qemu (1:4.2-3ubuntu8) groovy; urgency=medium
1435+
1436+ * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
1437+ - async: use explicit memory barriers (LP: #1805256)
1438+ - aio-wait: delegate polling of main AioContext if BQL not held
1439+
1440+ -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Wed, 27 May 2020 21:47:21 +0000
1441+
1442+qemu (1:4.2-3ubuntu7) groovy; urgency=medium
1443+
1444+ * SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
1445+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
1446+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
1447+ - CVE-2020-11869
1448+
1449+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 21 May 2020 14:43:19 -0400
1450+
1451+qemu (1:4.2-3ubuntu6) focal; urgency=medium
1452+
1453+ [ Christian Ehrhardt ]
1454+ * enable riscv build (LP: #1872931)
1455+ [ changes picked from Debian ]
1456+ - enable support for riscv64 hosts
1457+ - only enable librbd on architectures where it is built
1458+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
1459+ depends on the former
1460+ - seccomp grew up, no need in versioned build-dep
1461+ - enable seccomp only on architectures where it can be built
1462+ * d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
1463+ * d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
1464+ and clobbered doubles (LP: #1872945)
1465+
1466+ [ William Grant ]
1467+ * d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
1468+
1469+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 14:27:15 +0200
1470+
1471+qemu (1:4.2-3ubuntu5) focal; urgency=medium
1472+
1473+ [ Christian Ehrhardt ]
1474+ * d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
1475+ (LP: #1871830)
1476+ * Security and packaging fixes (LP: #1872937)
1477+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
1478+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
1479+ CVE-2020-10702
1480+ CVE-2020-11102
1481+ - fix external spice UI
1482+ + install ui-spice-app.so in qemu-system-common
1483+ + install ui-spice-app.so only if built, spice is optional
1484+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
1485+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
1486+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
1487+ * d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872107)
1488+
1489+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 11:26:44 +0200
1490+
1491+qemu (1:4.2-3ubuntu4) focal; urgency=medium
1492+
1493+ * d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546)
1494+ * remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
1495+ to avoid broken nesting (LP: #1868692)
1496+
1497+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 20 Mar 2020 08:02:16 +0100
1498+
1499+qemu (1:4.2-3ubuntu3) focal; urgency=medium
1500+
1501+ * d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
1502+ patches @qemu-stable (LP: #1867519)
1503+
1504+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 18 Mar 2020 13:57:57 +0100
1505+
1506+qemu (1:4.2-3ubuntu2) focal; urgency=medium
1507+
1508+ * allow qemu to load old modules post upgrade (LP: #1847361)
1509+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
1510+ load to a versioned path
1511+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
1512+ upgrade
1513+ - d/rules: generate maintainer scripts matching package version on build
1514+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
1515+ * d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
1516+ avoid unnecessary IOTLB transactions (LP: #1866207)
1517+
1518+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 02 Mar 2020 15:21:27 +0100
1519+
1520+qemu (1:4.2-3ubuntu1) focal; urgency=medium
1521+
1522+ * Merge with Debian testing, remaining changes:
1523+ - qemu-kvm to systemd unit
1524+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1525+ hugepages and architecture specifics
1526+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1527+ qemu-kvm-init
1528+ - d/qemu-system-common.install: install helper script
1529+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1530+ - d/qemu-system-common.qemu-kvm.default: defaults for
1531+ /etc/default/qemu-kvm
1532+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1533+ - Distribution specific machine type (LP: 1304107 1621042)
1534+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1535+ types
1536+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1537+ for host-phys-bits=true (LP: 1776189)
1538+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1539+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1540+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1541+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1542+ - Enable nesting by default
1543+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1544+ in qemu64 cpu type.
1545+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1546+ in qemu64 on amd
1547+ [ No more strictly needed, but required for backward compatibility ]
1548+ - improved dependencies
1549+ - Make qemu-system-common depend on qemu-block-extra
1550+ - Make qemu-utils depend on qemu-block-extra
1551+ - let qemu-utils recommend sharutils
1552+ - improved s390x support
1553+ - d/rules: build s390-ccw.img with upstream Makefile
1554+ - d/rules: build s390-netboot.img with upstream Makefile
1555+ - arch aware kvm wrappers
1556+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1557+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1558+ reference 256k path
1559+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1560+ handle incoming migrations from former releases.
1561+ - d/control-in: Disable capstone disassembler library support (universe)
1562+ - d/binfmt-update-in: fix binfmt being called in some containers
1563+ (LP 1840956)
1564+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1565+ (LP 1857033)
1566+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1567+ - d/control*, d/rules: disable xen by default, but provide universe
1568+ package qemu-system-x86-xen as alternative
1569+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
1570+ - Dropped changes [ in Debian ]
1571+ - d/control: update VCS links
1572+ - d/control-in: bump debhelper build-dep for compat 12
1573+ - d/control: disable bluetooth being deprecated
1574+ - d/not-installed: ignore new interop docs and extra icons for now
1575+ - d/not-installed: do not install elf2dmp until namespaced
1576+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1577+ [ not needed ]
1578+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
1579+ - s390x support
1580+ - Create qemu-system-s390x package
1581+ - Enable numa support for s390x
1582+ - d/control*: enable libpmem support for nvdimms (LP 1790856)
1583+ * Added changes
1584+ - d/control: regenerate debian/control out of control-in
1585+ - qemu-system-x86-microvm package
1586+ In addition to the generic multi-purpose qemu also provide a minimal
1587+ feature binary that is loading faster for use cases with microvm machine
1588+ type and qboot bios
1589+ - d/control-in: add a new qemu-system-x86-microvm package
1590+ - d/rules: add an extra config/build step to get the minimal qemu
1591+ - d/control-in: disable pmem on ppc64 as it is currently considered
1592+ experimental on that architecture (pmdk v1.8-1)
1593+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
1594+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
1595+ vhost-user-gpu
1596+ - d/rules: report config log from the correct subdir
1597+ - d/rules: --disable-xen for user-static builds
1598+
1599+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Feb 2020 15:21:56 +0100
1600+
1601 qemu (1:4.2-3) unstable; urgency=medium
1602
1603 * mention closing of #909743 in previous changelog (Closes: #909743)
1604@@ -1410,6 +2914,169 @@ qemu (1:4.2-2) unstable; urgency=medium
1605
1606 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Jan 2020 23:51:09 +0300
1607
1608+qemu (1:4.2-1ubuntu2) focal; urgency=medium
1609+
1610+ * d/control: avoid upgrade issues triggered by moving ivshmem tools after
1611+ Debian. Fixed by by bumping the related Breaks/Replaces to the
1612+ Version Ubuntu introduced the change (LP: #1862287)
1613+
1614+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 07 Feb 2020 07:31:21 +0100
1615+
1616+qemu (1:4.2-1ubuntu1) focal; urgency=medium
1617+
1618+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
1619+ LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
1620+ LP: #1812822 - avoid crashes on detaching vhost_net interfaces
1621+ LP: #1852744 - Crypto Passthrough Interrupt Support
1622+ LP: #1853316 - CCW IPL Support
1623+ Remaining changes:
1624+ - qemu-kvm to systemd unit
1625+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1626+ hugepages and architecture specifics
1627+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1628+ qemu-kvm-init
1629+ - d/qemu-system-common.install: install helper script
1630+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1631+ - d/qemu-system-common.qemu-kvm.default: defaults for
1632+ /etc/default/qemu-kvm
1633+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1634+ - Distribution specific machine type (LP: 1304107 1621042)
1635+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1636+ types
1637+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1638+ for host-phys-bits=true (LP: 1776189)
1639+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1640+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1641+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1642+ - Enable nesting by default
1643+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1644+ in qemu64 cpu type.
1645+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1646+ in qemu64 on amd
1647+ [ No more strictly needed, but required for backward compatibility ]
1648+ - improved dependencies
1649+ - Make qemu-system-common depend on qemu-block-extra
1650+ - Make qemu-utils depend on qemu-block-extra
1651+ - let qemu-utils recommend sharutils
1652+ - s390x support
1653+ - Create qemu-system-s390x package
1654+ - Enable numa support for s390x
1655+ - d/rules: build s390-ccw.img with upstream Makefile
1656+ - d/rules: build s390-netboot.img with upstream Makefile
1657+ - arch aware kvm wrappers
1658+ - d/control: update VCS links
1659+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1660+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1661+ reference 256k path
1662+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1663+ handle incoming migrations from former releases.
1664+ - d/control-in: Disable capstone disassembler library support (universe)
1665+ - d/control: disable bluetooth being deprecated
1666+ - d/not-installed: ignore new interop docs and extra icons for now
1667+ - d/not-installed: do not install elf2dmp until namespaced
1668+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1669+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
1670+ - d/binfmt-update-in: fix binfmt being called in some containers
1671+ (LP 1840956)
1672+ - Dropped changes (in Debian)
1673+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1674+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1675+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1676+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1677+ - enable RDMA config option
1678+ - add libibumad-dev build-dep
1679+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1680+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1681+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1682+ replace it with a build-indep using the upstream makefiles.
1683+ This is less prone to miss future changes/fixes that are done to the
1684+ makefiles
1685+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1686+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1687+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1688+ - Refreshed patches for v4.0 context changes
1689+ - d/control*: remove sdlabi which was removed upstream
1690+ - d/control*: enable docs (now explicit) and provide new build-dep
1691+ python3-sphinx
1692+ - d/qemu-system-data.install: use new paths for formerly used icons
1693+ - Merge with Upstream release of qemu 4.0
1694+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
1695+ - Dropped changes (Upstream)
1696+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
1697+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
1698+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
1699+ fix i386 build error
1700+ - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
1701+ fix naming of the new vector facitlity (LP 1836066)
1702+ - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
1703+ for missing SIOCGSTAMP definition; final fix is still in discussion
1704+ upstream (LP: 1836159)
1705+ - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
1706+ s390x machines (LP 1836154)
1707+ - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
1708+ (LP 1841066)
1709+ - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
1710+ update the z15 model name (LP 1842774)
1711+ - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
1712+ fix a potential hang when qemu or qemu-img where accessing http backed
1713+ disks via libcurl (LP 1848556)
1714+ - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*:
1715+ fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497)
1716+ - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
1717+ toleration for future machines (LP 1830704)
1718+ - SECURITY UPDATE: Add support for exposing md-clear functionality
1719+ to guests
1720+ - d/p/ubuntu/enable-md-clear.patch
1721+ - d/p/ubuntu/enable-md-no.patch
1722+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
1723+ - SECURITY UPDATE: heap overflow when loading device tree blob
1724+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
1725+ copy the device tree blob into is.
1726+ - CVE-2018-20815
1727+ - SECURITY UPDATE: device driver denial of service via NULL pointer
1728+ dereference
1729+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
1730+ routine
1731+ - CVE-2019-5008
1732+ - SECURITY UPDATE: information leak in SLiRP
1733+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
1734+ emulating ident.
1735+ - CVE-2019-9824
1736+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
1737+ unimplement.patch: properly return architecture defined exception
1738+ on bad subcodes of diag 308 (LP 1812384)
1739+ * Dropped changes (no more needed)
1740+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
1741+ mv_conffile since the new path is a directory in the old package
1742+ version which can not be handled by mv_conffile.
1743+ [ only needed between disco and eoan ]
1744+ - disable pvrdma
1745+ [ CVEs all fixed now ]
1746+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1747+ avoid misdetection of simplified nesting blocking all migrations
1748+ [ qemu now detects and handles nesting - needs kernel >=4.20 ]
1749+ - Enable nesting by default
1750+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1751+ (is default on amd)
1752+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1753+ without nested=1
1754+ [ nesting is default in kernel modules and default selected cpu types ]
1755+ * Added changes
1756+ - d/control: regenerate debian/control out of control-in
1757+ - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
1758+ - added ubuntu focal types for qemu 4.2
1759+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1760+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1761+ (LP: #1857033)
1762+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1763+ - d/control*, d/rules: disable xen by default, but provide universe
1764+ package qemu-system-x86-xen as alternative
1765+ - fix typos in changelog and d/qemu-system-x86.NEWS
1766+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
1767+ - d/control*: enable libpmem support for nvdimms (LP: #1790856)
1768+
1769+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 08 Jan 2020 15:27:42 +0100
1770+
1771 qemu (1:4.2-1) unstable; urgency=medium
1772
1773 * new upstream release (4.2.0)
1774@@ -1486,6 +3153,205 @@ qemu (1:4.1-1) unstable; urgency=medium
1775
1776 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 27 Aug 2019 12:43:43 +0300
1777
1778+qemu (1:4.0+dfsg-0ubuntu10) focal; urgency=medium
1779+
1780+ * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
1781+ fix a potential hang when qemu or qemu-img where accessing http backed
1782+ disks via libcurl (LP: #1848556)
1783+ * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch:
1784+ fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497)
1785+
1786+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 21 Oct 2019 14:51:45 +0200
1787+
1788+qemu (1:4.0+dfsg-0ubuntu9) eoan; urgency=medium
1789+
1790+ * d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
1791+ update the z15 model name (LP: #1842774)
1792+
1793+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Sep 2019 11:42:58 +0200
1794+
1795+qemu (1:4.0+dfsg-0ubuntu8) eoan; urgency=medium
1796+
1797+ * d/binfmt-update-in: fix binfmt being called in some containers
1798+ (LP: #1840956)
1799+
1800+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Sep 2019 11:03:13 +0200
1801+
1802+qemu (1:4.0+dfsg-0ubuntu7) eoan; urgency=medium
1803+
1804+ * No-change upload with strops.h and sys/strops.h removed in glibc.
1805+
1806+ -- Matthias Klose <doko@ubuntu.com> Thu, 05 Sep 2019 11:07:25 +0000
1807+
1808+qemu (1:4.0+dfsg-0ubuntu6) eoan; urgency=medium
1809+
1810+ * d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
1811+ (LP: #1841066)
1812+
1813+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 26 Aug 2019 12:08:04 +0200
1814+
1815+qemu (1:4.0+dfsg-0ubuntu5) eoan; urgency=medium
1816+
1817+ * d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
1818+ s390x machines (LP: #1836154)
1819+
1820+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Jul 2019 13:20:42 +0200
1821+
1822+qemu (1:4.0+dfsg-0ubuntu4) eoan; urgency=medium
1823+
1824+ * d/control-in: promote qemu-efi/ovmf in Ubuntu (LP: #1570617)
1825+ - pick Debian change for (#889885)
1826+ move ovmf to recommends on debian and update aarch ovmf refs
1827+ - stop Ubuntu to drop ovmf/qemu-efi to a suggest
1828+
1829+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 12 Jul 2019 12:48:24 +0200
1830+
1831+qemu (1:4.0+dfsg-0ubuntu3) eoan; urgency=medium
1832+
1833+ * d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
1834+ for missing SIOCGSTAMP definition; final fix is still in discussion
1835+ upstream (LP: 1836159)
1836+
1837+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 10:10:00 +0200
1838+
1839+qemu (1:4.0+dfsg-0ubuntu2) eoan; urgency=medium
1840+
1841+ * d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
1842+ fix naming of the new vector facitlity (LP: #1836066)
1843+ * d/control-in: update VCS links in control template as well
1844+
1845+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 08:18:44 +0200
1846+
1847+qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium
1848+
1849+ * Merge with Upstream release of qemu 4.0.
1850+ Among many other things this fixes LP Bugs:
1851+ LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA)
1852+ LP: #1828038 - Update s390x CPU Model for more HW support
1853+ LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el
1854+ Remaining Changes:
1855+ - qemu-kvm to systemd unit
1856+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1857+ hugepages and architecture specifics
1858+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1859+ qemu-kvm-init
1860+ - d/qemu-system-common.install: install helper script
1861+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1862+ - d/qemu-system-common.qemu-kvm.default: defaults for
1863+ /etc/default/qemu-kvm
1864+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1865+ - Enable nesting by default
1866+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1867+ (is default on amd)
1868+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1869+ without nested=1
1870+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1871+ in qemu64 cpu type.
1872+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1873+ in qemu64 on amd
1874+ - d/qemu-system-x86.README.Debian: document intention of nested being
1875+ default is comfort, not full support
1876+ - Distribution specific machine type (LP: 1304107 1621042)
1877+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1878+ types
1879+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1880+ for host-phys-bits=true (LP: 1776189)
1881+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1882+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1883+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1884+ - improved dependencies
1885+ - Make qemu-system-common depend on qemu-block-extra
1886+ - Make qemu-utils depend on qemu-block-extra
1887+ - let qemu-utils recommend sharutils
1888+ - s390x support
1889+ - Create qemu-system-s390x package
1890+ - Enable numa support for s390x
1891+ - arch aware kvm wrappers
1892+ - d/control: update VCS links
1893+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1894+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1895+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1896+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1897+ - enable RDMA config option
1898+ - add libibumad-dev build-dep
1899+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1900+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1901+ reference 256k path
1902+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1903+ handle incoming migrations from former releases.
1904+ - d/control-in: Disable capstone disassembler library support (universe)
1905+ - Move s390x roms to a new qemu-system-data-s390x
1906+ - d/qemu-system-data.install: install s390x roms as architecture:all in
1907+ qemu-system-data
1908+ - d/rules: build s390-ccw.img with upstream Makefile
1909+ - d/rules: build s390-netboot.img with upstream Makefile
1910+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1911+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1912+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1913+ replace it with a build-indep using the upstream makefiles.
1914+ This is less prone to miss future changes/fixes that are done to the
1915+ makefiles
1916+ - d/control-in: add breaks/replaces for moving s390x roms from
1917+ qemu-system-s390x to qemu-system-data
1918+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1919+ [From not yet uploaded Debian branch]
1920+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1921+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1922+ - disable pvrdma - besides several security holes there are many other
1923+ bugs there as well
1924+ * Dropped patches that are upstream in v4.0
1925+ - d/p/do-not-link-everything-with-xen.patch
1926+ - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
1927+ - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
1928+ - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
1929+ - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778
1930+ - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
1931+ - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor
1932+ (LP: 1759509)
1933+ - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri
1934+ - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and
1935+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement
1936+ - d/p/ubuntu/CVE-2018-20815.patch
1937+ - d/p/ubuntu/CVE-2019-5008.patch
1938+ - d/p/ubuntu/CVE-2019-9824.patch
1939+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1940+ avoid misdetection of simplified nesting blocking all migrations
1941+ * Dropped further patches
1942+ d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665
1943+ [upstream deprecated the whole subsystem instead of applying the fix]
1944+ * Added Changes
1945+ - updated ubuntu machine types for v4.0
1946+ - added eoan types
1947+ - fixed s390x issue of upstream types having a "v" prefix
1948+ - add back dropped machine types to avoid more issues like LP: 1802944
1949+ - fix kvm split irqchip default in ubuntu q35 machine type
1950+ - drop no more needed spapr_machine_2_11_sxxm_instance_options and
1951+ adapt updated CamelCase
1952+ - -hpb types now need to use GlobalProperties
1953+ - pc_compat_2_0 got a _fn suffix and slight changes
1954+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to
1955+ SLOF of qemu 4.0
1956+ - Refreshed patches still needed for v4.0 context changes
1957+ - d/p/use-fixed-data-path.patch
1958+ - d/p/ubuntu/enable-svm-by-default.patch
1959+ - d/p/ubuntu/enable-md-clear.patch
1960+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
1961+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration
1962+ (LP: #1830243)
1963+ - d/control: disable bluetooth being deprecated
1964+ - d/control*: remove sdlabi which was removed upstream
1965+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238)
1966+ - d/control*: enable docs (now explicit) and provide new build-dep
1967+ python3-sphinx
1968+ - d/not-installed: ignore new interop docs and extra icons for now
1969+ - d/not-installed: do not install elf2dmp until namespaced
1970+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1971+ - d/qemu-system-data.install: use new paths for formerly used icons
1972+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
1973+ fix i386 build error
1974+
1975+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 24 Jun 2019 16:33:19 +0200
1976+
1977 qemu (1:3.1+dfsg-8) unstable; urgency=high
1978
1979 * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch
1980@@ -1588,6 +3454,232 @@ qemu (1:3.1+dfsg-3) unstable; urgency=medium
1981
1982 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 06 Feb 2019 12:23:01 +0300
1983
1984+qemu (1:3.1+dfsg-2ubuntu5) eoan; urgency=medium
1985+
1986+ * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
1987+ broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
1988+ fix migrations from old machines (LP: #1829868).
1989+ * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
1990+ toleration for future machines (LP: #1830704
1991+
1992+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 May 2019 11:30:42 +0200
1993+
1994+qemu (1:3.1+dfsg-2ubuntu4) eoan; urgency=medium
1995+
1996+ * SECURITY UPDATE: Add support for exposing md-clear functionality
1997+ to guests
1998+ - d/p/ubuntu/enable-md-clear.patch
1999+ - d/p/ubuntu/enable-md-no.patch
2000+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
2001+ * SECURITY UPDATE: heap overflow when loading device tree blob
2002+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
2003+ copy the device tree blob into is.
2004+ - CVE-2018-20815
2005+ * SECURITY UPDATE: device driver denial of service via NULL pointer
2006+ dereference
2007+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
2008+ routine
2009+ - CVE-2019-5008
2010+ * SECURITY UPDATE: information leak in SLiRP
2011+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
2012+ emulating ident.
2013+ - CVE-2019-9824
2014+
2015+ -- Steve Beattie <sbeattie@ubuntu.com> Wed, 08 May 2019 09:27:53 -0700
2016+
2017+qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium
2018+
2019+ * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
2020+ - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
2021+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
2022+ mv_conffile since the new path is a directory in the old package
2023+ version which can not be handled by mv_conffile.
2024+ * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
2025+ OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
2026+ Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
2027+ CVE-2019-3812
2028+
2029+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 18 Mar 2019 09:20:07 +0100
2030+
2031+qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium
2032+
2033+ * disable pvrdma - besides several security holes there are many other
2034+ bugs there as well, and the amount of patches applied upstream after
2035+ 3.1 release is large (Closes, or actuallymakes unimportant again)
2036+ - CVE-2018-20123
2037+ - CVE-2018-20124
2038+ - CVE-2018-20125
2039+ - CVE-2018-20126
2040+ - CVE-2018-20191
2041+ - CVE-2018-20216
2042+ * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
2043+ - CVE-2019-6501
2044+ * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
2045+ - CVE-2019-6778
2046+
2047+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 19 Feb 2019 06:43:04 +0100
2048+
2049+qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium
2050+
2051+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
2052+ LP: #1806104 - fix misleading page size error on ppc64el
2053+ LP: #1782205 - SnowRidge enabled new ISAs
2054+ LP: #1786956 - upgrade to qemu >= 3.0
2055+ LP: #1809083 - Backward migration to Xenial on ppc64el
2056+ LP: #1803315 - s390x Huge page enablement
2057+ LP: #1657409 - enable virglrenderer
2058+ Remaining Changes:
2059+ - qemu-kvm to systemd unit
2060+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2061+ hugepages and architecture specifics
2062+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2063+ - d/qemu-system-common.install: install systemd unit and helper script
2064+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2065+ - d/qemu-system-common.qemu-kvm.default: defaults for
2066+ /etc/default/qemu-kvm
2067+ - d/rules: install /etc/default/qemu-kvm
2068+ - Enable nesting by default
2069+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
2070+ (is default on amd)
2071+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
2072+ without nested=1
2073+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2074+ in qemu64 cpu type.
2075+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2076+ in qemu64 on amd
2077+ - d/qemu-system-x86.README.Debian: document intention of nested being
2078+ default is comfort, not full support
2079+ - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372)
2080+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2081+ types
2082+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2083+ for host-phys-bits=true (LP: 1776189)
2084+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
2085+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
2086+ convenience with all meltdown/spectre workarounds enabled by default.
2087+ (LP: 1761372).
2088+ - improved dependencies
2089+ - Make qemu-system-common depend on qemu-block-extra
2090+ - Make qemu-utils depend on qemu-block-extra
2091+ - let qemu-utils recommend sharutils
2092+ - s390x support
2093+ - Create qemu-system-s390x package
2094+ - Enable numa support for s390x
2095+ - arch aware kvm wrappers
2096+ - d/control: update VCS links (updated to match latest Ubuntu)
2097+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
2098+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
2099+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
2100+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
2101+ - enable RDMA config option
2102+ - add libibumad-dev build-dep
2103+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
2104+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
2105+ reference 256k path
2106+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
2107+ handle incoming migrations from former releases.
2108+ - d/control-in: Disable capstone disassembler library support (universe)
2109+ * Added Changes:
2110+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes
2111+ for qemu 3.1 in the Ubuntu Disco release
2112+ - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509)
2113+ - Move s390x roms to a new qemu-system-data-s390x
2114+ - d/qemu-system-data.install: install s390x roms as architecture:all in
2115+ qemu-system-data
2116+ - d/rules: build s390-ccw.img with upstream Makefile
2117+ - d/rules: build s390x-netboot.img with upstream Makefile
2118+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
2119+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
2120+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
2121+ replace it with a build-indep using the upstream makefiles.
2122+ This is less prone to miss future changes/fixes that are done to the
2123+ makefiles
2124+ - d/control-in: add breaks/replaces for moving s390x roms from
2125+ qemu-system-s390x to qemu-system-data
2126+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
2127+ [From not yet uploaded Debian branch]
2128+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
2129+ (Closes: #918378)
2130+ - d/rules: fix qemu-kvm service for debhelper compat >=12
2131+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
2132+ avoid misdetection of simplified nesting blocking all migrations
2133+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
2134+ unimplement.patch: properly return archicture defined exception
2135+ on bad subcodes of diag 308 (LP: #1812384)
2136+ * Dropped Changes:
2137+ - Include s390-ccw.img firmware (old style native build)
2138+ - d/rules enable install s390x-netboot.img (old style native build)
2139+ - libvirt/qemu user/group support
2140+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2141+ trigger.
2142+ [ Droppable since logind properly sets ACLs now ]
2143+ - qemu-system-common.preinst: add kvm group if needed
2144+ [ Droppable because systemd/udev take care of it since 239-6]
2145+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent
2146+ freeze-hook fixes (LP: 1484990)
2147+ [upstream]
2148+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
2149+ merged upstream
2150+ [upstream]
2151+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
2152+ computation while concatenating mbuf.
2153+ CVE-2018-11806
2154+ [upstream]
2155+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
2156+ for powerpc64 to speed up translation (LP: 1781526)
2157+ [upstream]
2158+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
2159+ cpu model for z14 ZR1 (LP: 1780773).
2160+ [upstream]
2161+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
2162+ (Closes: 903562)
2163+ [in Debian]
2164+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
2165+ unreleased Debian version)
2166+ [in Debian]
2167+ - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
2168+ by migrations with UI frontends or frequent guest resolution changes
2169+ (LP #1755912)
2170+ [upstream]
2171+ - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
2172+ extend eieio for POWER9 emulation (LP: 1787408).
2173+ [upstream]
2174+ - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
2175+ ensure that the seccomp blacklist is applied to all threads (LP: 1789551)
2176+ [upstream]
2177+ - improve s390x spectre mitigation with etoken facility (LP: 1790457)
2178+ [upstream]
2179+ - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901)
2180+ [upstream]
2181+ - d/control-in: our addition of a qemu-system-s390x package needs to follow
2182+ the split of qemu-system-data by adding a dependency to it (LP: 1798084)
2183+ [in Debian]
2184+ - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
2185+ Adapters on s390x (LP: 1787405)
2186+ [upstream]
2187+ - enable opengl for vfio-MDEV support (LP: 1804766)
2188+ [in Debian]
2189+ - SECURITY UPDATE: integer overflow in NE2000 NIC emulation
2190+ [upstream]
2191+ - SECURITY UPDATE: integer overflow via crafted QMP command
2192+ [upstream]
2193+ - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
2194+ [upstream]
2195+ - SECURITY UPDATE: buffer overflow in rtl8139
2196+ [upstream]
2197+ - SECURITY UPDATE: buffer overflow in pcnet
2198+ [upstream]
2199+ - SECURITY UPDATE: DoS via large packet sizes
2200+ [upstream]
2201+ - SECURITY UPDATE: DoS in lsi53c895a
2202+ [upstream]
2203+ - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
2204+ [upstream]
2205+ - SECURITY UPDATE: race condition in 9p
2206+ [upstream]
2207+
2208+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Jan 2019 09:41:08 +0100
2209+
2210 qemu (1:3.1+dfsg-2) unstable; urgency=medium
2211
2212 * d/rules: split arch and indep builds
2213@@ -1667,6 +3759,249 @@ qemu (1:3.1+dfsg-1) unstable; urgency=medium
2214
2215 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Dec 2018 19:10:27 +0300
2216
2217+qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium
2218+
2219+ [ Marc Deslauriers ]
2220+ * SECURITY UPDATE: integer overflow in NE2000 NIC emulation
2221+ - debian/patches/CVE-2018-10839.patch: use proper type in
2222+ hw/net/ne2000.c.
2223+ - CVE-2018-10839
2224+ * SECURITY UPDATE: integer overflow via crafted QMP command
2225+ - debian/patches/CVE-2018-12617.patch: check bytes count read by
2226+ guest-file-read in qga/commands-posix.c.
2227+ - CVE-2018-12617
2228+ * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
2229+ - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
2230+ - CVE-2018-16847
2231+ * SECURITY UPDATE: buffer overflow in rtl8139
2232+ - debian/patches/CVE-2018-17958.patch: use proper type in
2233+ hw/net/rtl8139.c.
2234+ - CVE-2018-17958
2235+ * SECURITY UPDATE: buffer overflow in pcnet
2236+ - debian/patches/CVE-2018-17962.patch: use proper type in
2237+ hw/net/pcnet.c.
2238+ - CVE-2018-17962
2239+ * SECURITY UPDATE: DoS via large packet sizes
2240+ - debian/patches/CVE-2018-17963.patch: check size in net/net.c.
2241+ - CVE-2018-17963
2242+ * SECURITY UPDATE: DoS in lsi53c895a
2243+ - debian/patches/CVE-2018-18849.patch: check message length value is
2244+ valid in hw/scsi/lsi53c895a.c.
2245+ - CVE-2018-18849
2246+ * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
2247+ - debian/patches/CVE-2018-18954.patch: check size before data buffer
2248+ access in hw/ppc/pnv_lpc.c.
2249+ - CVE-2018-18954
2250+ * SECURITY UPDATE: race condition in 9p
2251+ - debian/patches/CVE-2018-19364-1.patch: use write lock in
2252+ hw/9pfs/cofile.c.
2253+ - debian/patches/CVE-2018-19364-2.patch: use write lock in
2254+ hw/9pfs/9p.c.
2255+ - CVE-2018-19364
2256+
2257+ [ Christian Ehrhardt]
2258+ * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
2259+ Adapters on s390x (LP: #1787405)
2260+ * enable opengl for vfio-MDEV support (LP: #1804766)
2261+ - d/control-in: set --enable-opengl
2262+ - d/control-in: add gl related build-dependencies
2263+
2264+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Nov 2018 13:17:01 -0500
2265+
2266+qemu (1:2.12+dfsg-3ubuntu8) cosmic; urgency=medium
2267+
2268+ * d/control-in: our addition of a qemu-system-s390x package needs to follow
2269+ the split of qemu-system-data by adding a dependency to it (LP: #1798084)
2270+
2271+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Oct 2018 10:50:27 +0200
2272+
2273+qemu (1:2.12+dfsg-3ubuntu7) cosmic; urgency=medium
2274+
2275+ * Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: #1790901)
2276+ The SLOF source pieces in src:qemu are only used for s390x netboot,
2277+ which are independent ROMs (no linking). All other binaries out of this
2278+ are part of src:slof and independent.
2279+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot-2.12-to-3.0.patch
2280+ - d/p/ubuntu/lp-1790901-0*: backport s390x pxelinux netboot capabilities
2281+ and related fixes
2282+
2283+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Sep 2018 13:31:15 +0200
2284+
2285+qemu (1:2.12+dfsg-3ubuntu6) cosmic; urgency=medium
2286+
2287+ * improve s390x spectre mitigation with etoken facility (LP: #1790457)
2288+ - debian/patches/ubuntu/lp-1790457-s390x-kvm-add-etoken-facility.patch
2289+ - debian/patches/ubuntu/lp-1790457-partial-s390x-linux-headers-update.patch
2290+
2291+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Sep 2018 10:06:48 +0200
2292+
2293+qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium
2294+
2295+ * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
2296+ ensure that the seccomp blacklist is applied to all threads (LP: #1789551)
2297+ - CVE-2018-15746
2298+
2299+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 29 Aug 2018 08:50:36 +0200
2300+
2301+qemu (1:2.12+dfsg-3ubuntu4) cosmic; urgency=medium
2302+
2303+ [ Murilo Opsfelder Araujo ]
2304+ * d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
2305+ extend eieio for POWER9 emulation (LP: #1787408).
2306+
2307+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 20 Aug 2018 11:52:39 +0200
2308+
2309+qemu (1:2.12+dfsg-3ubuntu3) cosmic; urgency=medium
2310+
2311+ * d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
2312+ by migrations with UI frontends or frequent guest resolution changes
2313+ (LP: #1755912)
2314+
2315+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 Jul 2018 08:26:52 +0200
2316+
2317+qemu (1:2.12+dfsg-3ubuntu2) cosmic; urgency=medium
2318+
2319+ * Disable capstone disassembler library support (universe dependency)
2320+
2321+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 17 Jul 2018 08:35:32 +0200
2322+
2323+qemu (1:2.12+dfsg-3ubuntu1) cosmic; urgency=medium
2324+
2325+ * Merge with Debian testing, Remaining Changes:
2326+ - Among other things this fixes (LP: #1780768, LP: #1780769, LP: #1780772)
2327+ - qemu-kvm to systemd unit
2328+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2329+ hugepages and architecture specifics
2330+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2331+ - d/qemu-system-common.install: install systemd unit and helper script
2332+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2333+ - d/qemu-system-common.qemu-kvm.default: defaults for
2334+ /etc/default/qemu-kvm
2335+ - d/rules: install /etc/default/qemu-kvm
2336+ - Enable nesting by default
2337+ - set nested=1 module option on intel. (is default on amd)
2338+ - re-load kvm_intel.ko if it was loaded without nested=1
2339+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2340+ in qemu64 cpu type.
2341+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2342+ in qemu64 on amd
2343+ - d/qemu-system-x86.README.Debian: document intention of nested being
2344+ default is comfort, not full support
2345+ - libvirt/qemu user/group support
2346+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2347+ trigger.
2348+ - qemu-system-common.preinst: add kvm group if needed
2349+ - Distribution specific machine type
2350+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2351+ types to ease future live vm migration.
2352+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2353+ - d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
2354+ for host-phys-bits=true (LP: 1776189)
2355+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
2356+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
2357+ convenience with all meltdown/spectre workarounds enabled by default.
2358+ (LP: 1761372).
2359+ - improved dependencies
2360+ - Make qemu-system-common depend on qemu-block-extra
2361+ - Make qemu-utils depend on qemu-block-extra
2362+ - let qemu-utils recommend sharutils
2363+ - s390x support
2364+ - Create qemu-system-s390x package
2365+ - Include s390-ccw.img firmware
2366+ - Enable numa support for s390x
2367+ - arch aware kvm wrappers
2368+ - update VCS-git (updated to match cosmic)
2369+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
2370+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
2371+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
2372+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
2373+ - Create and install pxe netboot images for KVM s390x (LP: 1732094)
2374+ - d/rules enable install s390x-netboot.img
2375+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
2376+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
2377+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
2378+ reference 256k path
2379+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
2380+ handle incoming migrations from former releases.
2381+ - SECURITY UPDATE: Speculative Store Bypass
2382+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
2383+ CPUID feature bit in target/i386/cpu.*.
2384+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
2385+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
2386+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
2387+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
2388+ target/i386/machine.c.
2389+ - CVE-2018-3639
2390+ * Added Changes:
2391+ - update machine type changes for qemu 2.12 and the Ubuntu Cosmic release
2392+ - add cosmic types for base and -hpb
2393+ - drop no more supported types (zesty and yakkety)
2394+ - d/p/series: group machine type changes
2395+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
2396+ merged upstream
2397+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
2398+ computation while concatenating mbuf.
2399+ CVE-2018-11806
2400+ - d/qemu-kvm-init, d/qemu-system-common.qemu-kvm.default: drop the
2401+ deprecated handling of VHOST_NET_ENABLED and KVM_HUGEPAGES.
2402+ - d/qemu-kvm-init: do not exit early on non x86/ppc64el (LP: #1763275)
2403+ - d/qemu-kvm-init, d/kvm.powerpc: clean up typos and shellcheck warnings
2404+ - d/qemu-kvm-init, d/kvm.powerpc: fix SMT detection and make it only apply
2405+ to POWER8
2406+ - d/qemu-kvm-init: drop old VM detection that was broken in some cases and
2407+ is no more needed with systemd-detect-virt being more mature and always
2408+ present.
2409+ - d/kvm.powerpc: drop old powerpc (non-ppc64el) code.
2410+ - d/control-in: add libibumad-dev which is now needed for rdma
2411+ - d/rules: update s390x delta to match new Debian packaging
2412+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
2413+ for powerpc64 to speed up translation (LP: #1781526)
2414+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
2415+ cpu model for z14 ZR1 (LP: #1780773).
2416+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
2417+ (Closes: 903562)
2418+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
2419+ unreleased Debian version)
2420+ * Dropped Changes:
2421+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
2422+ (No more removed when building DFSG orig tarball in Debian)
2423+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
2424+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
2425+ so we revert related changes to stick with the proven for now:
2426+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
2427+ depends on it)
2428+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
2429+ (Debian switched to gtk which seems to work better and has all
2430+ dependencies in main.)
2431+ - d/control-in: enable seccomp on s390x (in Debian for Linux-any)
2432+ - Changes that are now upstream with qemu 2.12
2433+ - d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with
2434+ newer versions of glibc >=2.27 (LP: 1753826)
2435+ - d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
2436+ - d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
2437+ SSE/AVX/AVX512 cpu features (LP: 1739665)
2438+ - d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
2439+ space+commpage continuous which avoids long startup times on
2440+ qemu-user-static (LP: 1740219)
2441+ - provide pseries-2.12-sxxm type (LP: 1761372)
2442+ - d/p/ubuntu/lp-1704312-1-* provide means to manually handle
2443+ filesystem-dax with pmem by backporting align and unarmed options
2444+ (LP: 1704312).
2445+ - d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
2446+ option to slirp's DHCP server (LP: 1762315)
2447+ - d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying
2448+ Protection information (LP: 1762854).
2449+ - d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9
2450+ migration (LP: 1763468).
2451+ - SECURITY UPDATE: out-of-bounds access during migration via ps2
2452+ CVE-2017-16845
2453+ - SECURITY UPDATE: arbitrary code execution via load_multiboot
2454+ CVE-2018-7550
2455+ - SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
2456+ CVE-2018-7858
2457+
2458+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 21 Jun 2018 14:24:06 +0200
2459+
2460 qemu (1:2.12+dfsg-3) unstable; urgency=medium
2461
2462 * make qemu-system-foo depending
2463@@ -1755,6 +4090,239 @@ qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium
2464
2465 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 12 Apr 2018 19:04:03 +0300
2466
2467+qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium
2468+
2469+ * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
2470+ for host-phys-bits=true (LP: #1776189)
2471+ - add an info about this change in debian/qemu-system-x86.NEWS
2472+
2473+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 09:01:00 +0200
2474+
2475+qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium
2476+
2477+ * SECURITY UPDATE: Speculative Store Bypass
2478+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
2479+ CPUID feature bit in target/i386/cpu.*.
2480+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
2481+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
2482+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
2483+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
2484+ target/i386/machine.c.
2485+ - CVE-2018-3639
2486+
2487+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 22 May 2018 09:34:52 -0400
2488+
2489+qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium
2490+
2491+ * SECURITY UPDATE: out-of-bounds access during migration via ps2
2492+ - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers
2493+ in post_load routine in hw/input/ps2.c.
2494+ - CVE-2017-16845
2495+ * SECURITY UPDATE: arbitrary code execution via load_multiboot
2496+ - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being
2497+ zero in hw/i386/multiboot.c.
2498+ - CVE-2018-7550
2499+ * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
2500+ - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in
2501+ hw/display/vga.c.
2502+ - CVE-2018-7858
2503+
2504+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 May 2018 14:14:20 -0400
2505+
2506+qemu (1:2.11+dfsg-1ubuntu8) cosmic; urgency=medium
2507+
2508+ * No-change rebuild for ncurses soname changes.
2509+
2510+ -- Matthias Klose <doko@ubuntu.com> Thu, 03 May 2018 14:18:39 +0000
2511+
2512+qemu (1:2.11+dfsg-1ubuntu7) bionic; urgency=medium
2513+
2514+ * d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying Protection
2515+ information (LP: #1762854).
2516+ * d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 migration
2517+ (LP: #1763468).
2518+
2519+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Apr 2018 07:46:18 +0200
2520+
2521+qemu (1:2.11+dfsg-1ubuntu6) bionic; urgency=medium
2522+
2523+ * Remove LP: 1752026 changes to d/p/ubuntu/define-ubuntu-machine-types.patch.
2524+ The Kernel fixes are preferred and already committed to the kernel.
2525+ Therefore remove the default disabling of the HTM feature (LP: #1761175)
2526+ * d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
2527+ SSE/AVX/AVX512 cpu features (LP: #1739665)
2528+ * d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
2529+ space+commpage continuous which avoids long startup times on
2530+ qemu-user-static (LP: #1740219)
2531+ * d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
2532+ convenience with all meltdown/spectre workarounds enabled by default.
2533+ This is not the default type following upstream and x86 on that.
2534+ (LP: #1761372).
2535+ * d/p/ubuntu/lp-1704312-1-* provide means to manually handle filesystem-dax
2536+ with pmem by backporting align and unarmed options (LP: #1704312).
2537+ * d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
2538+ option to slirp's DHCP server (LP: #1762315)
2539+
2540+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Apr 2018 15:16:07 +0200
2541+
2542+qemu (1:2.11+dfsg-1ubuntu5) bionic; urgency=medium
2543+
2544+ * Revert the slirp changes of 1:2.11+dfsg-1ubuntu3 until they are upstream
2545+ accepted to be better long term maintainable (LP: #1753938)
2546+
2547+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 22 Mar 2018 10:31:23 +0100
2548+
2549+qemu (1:2.11+dfsg-1ubuntu4) bionic; urgency=medium
2550+
2551+ * d/p/ubuntu/define-ubuntu-machine-types.patch: Disable HTM feature for
2552+ ppc64el in spapr to let the defaults not fail on Power9 HW (LP: #1752026).
2553+ * d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with newer
2554+ versions of glibc >=2.27 (LP: #1753826)
2555+
2556+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 05 Mar 2018 16:43:01 +0100
2557+
2558+qemu (1:2.11+dfsg-1ubuntu3) bionic; urgency=medium
2559+
2560+ * d/p/ubuntu/0001-slirp-Add-domainname-option-to-slirp-s-DHCP-server.patch,
2561+ d/p/ubuntu/0002-slirp-Add-classless-static-routes-support-to-DHCP-se.patch:
2562+ Add domainname option and classless static routes support to the user
2563+ networking's DHCP server
2564+
2565+ -- Benjamin Drung <benjamin.drung@profitbricks.com> Fri, 02 Mar 2018 21:08:54 +0100
2566+
2567+qemu (1:2.11+dfsg-1ubuntu2) bionic; urgency=medium
2568+
2569+ * d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
2570+ - among other fixes this adds code to:
2571+ - mitigate the Spectre/Meltdown attacks (LP: #1744882) (CVE-2017-5715)
2572+ However, enabling this functionality requires additional configuration
2573+ beyond just updating QEMU. Also migrations need special consideration.
2574+ Details about that can be found at:
2575+ https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
2576+ - Power9 allocation of max 8 threads per core (LP: #1750526)
2577+ * Drop changes that are part of the upstream stable release
2578+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
2579+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
2580+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
2581+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
2582+ * d/p/ubuntu/define-ubuntu-machine-types.patch: refresh to match stable update
2583+ * d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: unify to only change the
2584+ common compat.h header and add some extra info in the patch header.
2585+
2586+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Feb 2018 11:03:11 +0100
2587+
2588+qemu (1:2.11+dfsg-1ubuntu1) bionic; urgency=medium
2589+
2590+ * Merge with Debian testing, among other fixes this includes
2591+ - fix fatal error on negative maxcpus (LP: #1722495)
2592+ - fix segfault on dump-guest-memory on guests without memory (LP: #1723381)
2593+ - linux user threading issues (LP: #1350435)
2594+ - TOD-Clock Epoch Extension Support on s390x (LP: #1732691)
2595+ Remaining changes:
2596+ - qemu-kvm to systemd unit
2597+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2598+ hugepages and architecture specifics
2599+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2600+ - d/qemu-system-common.install: install systemd unit and helper script
2601+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2602+ - d/qemu-system-common.qemu-kvm.default: defaults for
2603+ /etc/default/qemu-kvm
2604+ - d/rules: install /etc/default/qemu-kvm
2605+ - Enable nesting by default
2606+ - set nested=1 module option on intel. (is default on amd)
2607+ - re-load kvm_intel.ko if it was loaded without nested=1
2608+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2609+ in qemu64 cpu type.
2610+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2611+ in qemu64 on amd
2612+ - libvirt/qemu user/group support
2613+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2614+ trigger.
2615+ - qemu-system-common.preinst: add kvm group if needed
2616+ - Distribution specific machine type
2617+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2618+ types to ease future live vm migration.
2619+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2620+ - improved dependencies
2621+ - Make qemu-system-common depend on qemu-block-extra
2622+ - Make qemu-utils depend on qemu-block-extra
2623+ - let qemu-utils recommend sharutils
2624+ - s390x support
2625+ - Create qemu-system-s390x package
2626+ - Include s390-ccw.img firmware
2627+ - Enable numa support for s390x
2628+ - ppc64[le] support
2629+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2630+ - arch aware kvm wrappers
2631+ * Added Changes
2632+ - update VCS-git to match the bionic branch
2633+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
2634+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
2635+ so we revert related changes to stick with the proven for now:
2636+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
2637+ depends on it)
2638+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
2639+ - d/qemu-system-x86.README.Debian: document intention of nested being
2640+ default is comfort, not full support
2641+ - update Ubuntu machine types for qemu 2.11
2642+ - qemu-guest-agent: freeze-hook fixes (LP: #1484990)
2643+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
2644+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
2645+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
2646+ - Create and install pxe netboot images for KVM s390x (LP: #1732094)
2647+ - d/rules enable install s390x-netboot.img
2648+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
2649+ - d/control-in: enable RDMA support in qemu (LP: #1692476)
2650+ - on s390x provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1743560)
2651+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
2652+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
2653+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
2654+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
2655+ - tolerate ipxe size change on migrations to >=18.04 (LP: #1713490)
2656+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
2657+ reference 256k path
2658+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
2659+ handle incoming migrations from former releases.
2660+ - d/control-in: enable seccomp on s390x
2661+ * Dropped changes (no more needed):
2662+ - Dropped VHOST_NET_ENABLED and KVM_HUGEPAGES from /etc/default/qemu-kvm
2663+ The functionality is retained for upgraders, but is deprecated.
2664+ Post 18.04 the implementation for these configurations will be removed.
2665+ * Dropped changes (in Debian now):
2666+ - ppc64[le] support
2667+ - Enable seccomp for ppc64el
2668+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2669+ - disable missing x32 architecture
2670+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2671+ - d/qemu-system-common.docs: new paths since (ac06724a)
2672+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2673+ by qapi-schema.json which is already packaged (since 4d8bb958)
2674+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2675+ to Debian patch to match qemu 2.10)
2676+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2677+ since 8508eee7
2678+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2679+ - make nios2/hppa not installed explicitly until further stablized
2680+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2681+ qemu-ga-ref
2682+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2683+ along the qapi intro
2684+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2685+ dh_missing that are already provided in other formats qemu-doc,
2686+ qemu-qmp-ref,qemu-ga-ref
2687+ * Dropped changes (integrated upstream):
2688+ - d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
2689+ on arm64 when doing suspend/resume and reboots due to older kernels not
2690+ supporting ITS (LP 1731051).
2691+ - Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
2692+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
2693+ calls (LP 1726394)
2694+ - update to upstream 2.10.1 point release (LP 1722808)
2695+
2696+
2697+
2698+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Jan 2018 14:35:18 +0100
2699+
2700 qemu (1:2.11+dfsg-1) unstable; urgency=medium
2701
2702 [ Michael Tokarev ]
2703@@ -1869,6 +4437,238 @@ qemu (1:2.10.0-1) unstable; urgency=medium
2704
2705 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 23 Sep 2017 16:47:02 +0300
2706
2707+qemu (1:2.10+dfsg-0ubuntu5) bionic; urgency=medium
2708+
2709+ * d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
2710+ on arm64 when doing suspend/resume and reboots due to older kernels not
2711+ supporting ITS (LP: #1731051).
2712+
2713+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 14 Nov 2017 08:30:29 +0100
2714+
2715+qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium
2716+
2717+ * Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
2718+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
2719+ calls (LP: #1726394)
2720+
2721+ -- Julian Andres Klode <juliank@ubuntu.com> Sat, 04 Nov 2017 00:21:14 +0100
2722+
2723+qemu (1:2.10+dfsg-0ubuntu3) artful; urgency=medium
2724+
2725+ * fix enablement of qemu-kvm service (LP: #1720397)
2726+ - rename d/qemu-kvm.service to d/qemu-system-common.qemu-kvm.service
2727+ - d/rules: add proper enablement debhelper calls
2728+ - d/qemu-system-common.install: install covered by dh_installinit
2729+
2730+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Oct 2017 11:28:39 +0200
2731+
2732+qemu (1:2.10+dfsg-0ubuntu2) artful; urgency=medium
2733+
2734+ * update to upstream 2.10.1 point release (LP: #1722808)
2735+
2736+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Oct 2017 15:33:40 +0200
2737+
2738+qemu (1:2.10+dfsg-0ubuntu1) artful; urgency=medium
2739+
2740+ * Merge with Upstream 2.10.0 to pick up final fixes of the 2.10 release
2741+ Remaining changes:
2742+ - qemu-kvm to systemd unit
2743+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2744+ hugepages and architecture specifics
2745+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2746+ - d/qemu-system-common.install: install systemd unit and helper script
2747+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2748+ - d/qemu-system-common.qemu-kvm.default: defaults for
2749+ /etc/default/qemu-kvm
2750+ - d/rules: install /etc/default/qemu-kvm
2751+ - Enable nesting by default
2752+ - set nested=1 module option on intel. (is default on amd)
2753+ - re-load kvm_intel.ko if it was loaded without nested=1
2754+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2755+ in qemu64 cpu type.
2756+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2757+ in qemu64 on amd
2758+ - libvirt/qemu user/group support
2759+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2760+ trigger.
2761+ - qemu-system-common.preinst: add kvm group if needed
2762+ - Distribution specific machine type
2763+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2764+ types to ease future live vm migration.
2765+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2766+ - improved dependencies
2767+ - Make qemu-system-common depend on qemu-block-extra
2768+ - Make qemu-utils depend on qemu-block-extra
2769+ - let qemu-utils recommend sharutils
2770+ - s390x support
2771+ - Create qemu-system-s390x package
2772+ - Include s390-ccw.img firmware
2773+ - Enable numa support for s390x
2774+ - ppc64[le] support
2775+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2776+ - Enable seccomp for ppc64el
2777+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2778+ - arch aware kvm wrappers
2779+ - update VCS-git to match the Artful branch
2780+ - disable missing x32 architecture
2781+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2782+ - d/qemu-system-common.docs: new paths since (ac06724a)
2783+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2784+ by qapi-schema.json which is already packaged (since 4d8bb958)
2785+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2786+ to Debian patch to match qemu 2.10)
2787+ - s390x package now builds correctly on all architectures (LP 1710695)
2788+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2789+ since 8508eee7
2790+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2791+ - make nios2/hppa not installed explicitly until further stablized
2792+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2793+ qemu-ga-ref
2794+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2795+ along the qapi intro
2796+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2797+ dh_missing that are already provided in other formats qemu-doc,
2798+ qemu-qmp-ref,qemu-ga-ref
2799+
2800+
2801+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Sep 2017 08:31:26 +0200
2802+
2803+qemu (1:2.10~rc4+dfsg-0ubuntu1) artful; urgency=medium
2804+
2805+ * Merge with Upstream 2.10-rc4; This fixes a migration issue (LP: #1711602);
2806+ Remaining changes:
2807+ - qemu-kvm to systemd unit
2808+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2809+ hugepages and architecture specifics
2810+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2811+ - d/qemu-system-common.install: install systemd unit and helper script
2812+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2813+ - d/qemu-system-common.qemu-kvm.default: defaults for
2814+ /etc/default/qemu-kvm
2815+ - d/rules: install /etc/default/qemu-kvm
2816+ - Enable nesting by default
2817+ - set nested=1 module option on intel. (is default on amd)
2818+ - re-load kvm_intel.ko if it was loaded without nested=1
2819+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2820+ in qemu64 cpu type.
2821+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2822+ in qemu64 on amd
2823+ - libvirt/qemu user/group support
2824+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2825+ trigger.
2826+ - qemu-system-common.preinst: add kvm group if needed
2827+ - Distribution specific machine type
2828+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2829+ types to ease future live vm migration.
2830+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2831+ - improved dependencies
2832+ - Make qemu-system-common depend on qemu-block-extra
2833+ - Make qemu-utils depend on qemu-block-extra
2834+ - let qemu-utils recommend sharutils
2835+ - s390x support
2836+ - Create qemu-system-s390x package
2837+ - Include s390-ccw.img firmware
2838+ - Enable numa support for s390x
2839+ - ppc64[le] support
2840+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2841+ - Enable seccomp for ppc64el
2842+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2843+ - arch aware kvm wrappers
2844+ - update VCS-git to match the Artful branch
2845+ - disable missing x32 architecture
2846+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2847+ - d/qemu-system-common.docs: new paths since (ac06724a)
2848+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2849+ by qapi-schema.json which is already packaged (since 4d8bb958)
2850+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2851+ to Debian patch to match qemu 2.10)
2852+ - s390x package now builds correctly on all architectures (LP 1710695)
2853+ * Added changes:
2854+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2855+ since 8508eee7
2856+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2857+ - make nios2/hppa not installed explicitly until further stablized
2858+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2859+ qemu-ga-ref
2860+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2861+ along the qapi intro
2862+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2863+ dh_missing that are already provided in other formats qemu-doc,
2864+ qemu-qmp-ref,qemu-ga-ref
2865+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update to match new
2866+ changes in 2.10-rc4
2867+
2868+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 25 Aug 2017 07:49:30 +0200
2869+
2870+qemu (1:2.10~rc3+dfsg-0ubuntu1) artful; urgency=medium
2871+
2872+ * Merge with Debian unstable (2.8) and Upstream 2.10-rci3; This fixes
2873+ a set of bugs
2874+ - [FFE] Qemu 2.10 in Artful (LP: #1699968)
2875+ - CPU hot unplug fails after migrating a CPU hotplugged guest
2876+ from source (LP: #1677552)
2877+ - [Feature] KNL/KNM: Numa Distance on KVM(LP: #1647902)
2878+ - New KVM 288 Pass Through (LP: #1672447)
2879+ - aarch64: MSI is not supported by interrupt controller (LP: #1706630)
2880+ * Remaining changes:
2881+ - qemu-kvm to systemd unit
2882+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2883+ hugepages and architecture specifics
2884+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2885+ - d/qemu-system-common.install: install systemd unit and helper script
2886+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2887+ - d/qemu-system-common.qemu-kvm.default: defaults for
2888+ /etc/default/qemu-kvm
2889+ - d/rules: install /etc/default/qemu-kvm
2890+ - Enable nesting by default
2891+ - set nested=1 module option on intel. (is default on amd)
2892+ - re-load kvm_intel.ko if it was loaded without nested=1
2893+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2894+ in qemu64 cpu type.
2895+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2896+ in qemu64 on amd
2897+ - libvirt/qemu user/group support
2898+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2899+ trigger.
2900+ - qemu-system-common.preinst: add kvm group if needed
2901+ - Distribution specific machine type
2902+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2903+ types to ease future live vm migration.
2904+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2905+ - improved dependencies
2906+ - Make qemu-system-common depend on qemu-block-extra
2907+ - Make qemu-utils depend on qemu-block-extra
2908+ - let qemu-utils recommend sharutils
2909+ - s390x support
2910+ - Create qemu-system-s390x package
2911+ - Include s390-ccw.img firmware
2912+ - Enable numa support for s390x
2913+ - ppc64[le] support
2914+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2915+ - Enable seccomp for ppc64el
2916+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2917+ - arch aware kvm wrappers
2918+ - disable missing x32 architecture
2919+ - update VCS links
2920+ * Added changes
2921+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2922+ - d/qemu-system-common.docs: new paths since (ac06724a)
2923+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2924+ by qapi-schema.json which is already packaged (since 4d8bb958)
2925+ - Updates in debian/patches to match qemu 2.10
2926+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream
2927+ - d/p/ubuntu/enable-svm-by-default.patch: target-i386 -> target/i386
2928+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: target-i386 -> target/i386
2929+ - d/p/ubuntu/define-ubuntu-machine-types.patch: new 2.10 ubuntu types
2930+ - update VCS-git to match the Artful branch
2931+ - s390x package now builds correctly on all architectures (LP: #1710695)
2932+ * Dropped changes (integrated upstream):
2933+ - d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
2934+ "spapr/pci: populate PCI DT in reverse order" (LP 1670481).
2935+ - All CVE fixes formerly applied are upstream and thereby dropped.
2936+
2937+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Aug 2017 16:59:19 +0200
2938+
2939 qemu (1:2.8+dfsg-7) unstable; urgency=medium
2940
2941 * uploading to unstable all fixes which went to stretch-security
2942@@ -1978,6 +4778,179 @@ qemu (1:2.8+dfsg-4) unstable; urgency=high
2943
2944 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 03 Apr 2017 16:28:49 +0300
2945
2946+qemu (1:2.8+dfsg-3ubuntu4) artful; urgency=medium
2947+
2948+ * debian/rules: fix installation of /etc/default/qemu-kvm (LP: #1692530)
2949+ This was inadvertently dropped on 2.8 merge.
2950+
2951+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 May 2017 15:45:58 +0200
2952+
2953+qemu (1:2.8+dfsg-3ubuntu3) artful; urgency=medium
2954+
2955+ * SECURITY UPDATE: denial of service via leak in virtFS
2956+ - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in
2957+ hw/9pfs/9p.c.
2958+ - CVE-2017-7377
2959+ * SECURITY UPDATE: denial of service in cirrus_vga
2960+ - debian/patches/CVE-2017-7718.patch: check parameters in
2961+ hw/display/cirrus_vga_rop.h.
2962+ - CVE-2017-7718
2963+ * SECURITY UPDATE: code execution via cirrus_vga OOB r/w
2964+ - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in
2965+ hw/display/cirrus_vga.c.
2966+ - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in
2967+ hw/display/cirrus_vga.c.
2968+ - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling
2969+ in hw/display/cirrus_vga.c.
2970+ - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in
2971+ hw/display/cirrus_vga.c.
2972+ - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch
2973+ in hw/display/cirrus_vga.c.
2974+ - debian/patches/CVE-2017-7980-6.patch: stop passing around dst
2975+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
2976+ hw/display/cirrus_vga_rop2.h.
2977+ - debian/patches/CVE-2017-7980-7.patch: stop passing around src
2978+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
2979+ hw/display/cirrus_vga_rop2.h.
2980+ - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in
2981+ hw/display/cirrus_vga_rop.h.
2982+ - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in
2983+ hw/display/cirrus_vga.c.
2984+ - CVE-2017-7980
2985+ * SECURITY UPDATE: denial of service via memory leak in virtFS
2986+ - debian/patches/CVE-2017-8086.patch: fix leak in hw/9pfs/9p-xattr.c.
2987+ - CVE-2017-8086
2988+ * SECURITY UPDATE: denial of service via leak in audio
2989+ - debian/patches/CVE-2017-8309.patch: release capture buffers in
2990+ audio/audio.c.
2991+ - CVE-2017-8309
2992+ * SECURITY UPDATE: denial of service via leak in keyboard
2993+ - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in
2994+ ui/input.c.
2995+ - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in
2996+ ui/input.c.
2997+ - CVE-2017-8379
2998+
2999+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 18 May 2017 09:20:54 -0400
3000+
3001+qemu (1:2.8+dfsg-3ubuntu2.1) zesty-security; urgency=medium
3002+
3003+ * SECURITY UPDATE: DoS in virtio GPU device
3004+ - debian/patches/CVE-2016-10028.patch: check virgl capabilities
3005+ max_size in hw/display/virtio-gpu-3d.c.
3006+ - CVE-2016-10028
3007+ * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation
3008+ - debian/patches/CVE-2016-8667.patch: limit interval timer reload value
3009+ in hw/dma/rc4030.c.
3010+ - CVE-2016-8667
3011+ * SECURITY UPDATE: host filesystem access via virtFS
3012+ - debian/patches/CVE-2016-9602.patch: don't follow symlinks in
3013+ hw/9pfs/*.
3014+ - CVE-2016-9602
3015+ * SECURITY UPDATE: arbitrary code execution via Cirrus VGA
3016+ - debian/patches/CVE-2016-9603.patch: remove bitblit support from
3017+ console code in hw/display/cirrus_vga.c, include/ui/console.h,
3018+ ui/console.c, ui/vnc.c.
3019+ - CVE-2016-9603
3020+ * SECURITY UPDATE: information leak in virtio GPU device
3021+ - debian/patches/CVE-2016-9908.patch: properly clear out memory in
3022+ hw/display/virtio-gpu-3d.c.
3023+ - CVE-2016-9908
3024+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
3025+ - debian/patches/CVE-2016-9912.patch: properly free memory in
3026+ hw/display/virtio-gpu.c.
3027+ - CVE-2016-9912
3028+ * SECURITY UPDATE: DoS via virtFS
3029+ - debian/patches/CVE-2016-9914.patch: add cleanup operations to
3030+ fsdev/file-op-9p.h, hw/9pfs/9p.c.
3031+ - CVE-2016-9914
3032+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
3033+ - debian/patches/CVE-2017-5552.patch: check return value in
3034+ hw/display/virtio-gpu-3d.c.
3035+ - CVE-2017-5552
3036+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
3037+ - debian/patches/CVE-2017-5578.patch: check res->iov in
3038+ hw/display/virtio-gpu.c.
3039+ - CVE-2017-5578
3040+ * SECURITY UPDATE: DoS via infinite loop in SDHCI device emulation
3041+ - debian/patches/CVE-2017-5987-*.patch: fix transfer mode register
3042+ handling in hw/sd/sdhci.c.
3043+ - CVE-2017-5987
3044+ * SECURITY UPDATE: DoS via infinite loop in USB OHCI emulation
3045+ - debian/patches/CVE-2017-6505.patch: limit the number of link eds in
3046+ hw/usb/hcd-ohci.c.
3047+ - CVE-2017-6505
3048+
3049+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 24 Apr 2017 07:30:11 -0400
3050+
3051+qemu (1:2.8+dfsg-3ubuntu2) zesty; urgency=medium
3052+
3053+ * d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
3054+ "spapr/pci: populate PCI DT in reverse order" (LP: #1670481).
3055+
3056+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2017 09:23:08 +0100
3057+
3058+qemu (1:2.8+dfsg-3ubuntu1) zesty; urgency=medium
3059+
3060+ * Merge with Debian;
3061+ This fixes several CVEs that were reported against qemu 2.8 and also
3062+ includes a few important functional backports (LP: #1667033); remaining
3063+ changes:
3064+ - add qemu-kvm init script and defaults file
3065+ (d/qemu-system-common.qemu-kvm.*)
3066+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
3067+ modules and handling /etc/default/qemu-kvm
3068+ - qemu-system-common.preinst: add kvm group if needed
3069+ - Enable nesting by default on intel.
3070+ - set default module option
3071+ - re-load kvm_intel.ko if it was loaded without nested=1
3072+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
3073+ default in qemu64 cpu type.
3074+ - Enable svm by default for qemu64 on amd
3075+ - d/p/ubuntu/define-ubuntu-machine-types.patch, d/qemu-system-x86.NEWS:
3076+ define distro machine types to ease future live vm migration (includes
3077+ all former follow up fixes).
3078+ - Make qemu-system-common depend on qemu-block-extra
3079+ - Make qemu-utils depend on qemu-block-extra
3080+ - s390x support
3081+ - Create qemu-system-s390x package
3082+ - Include s390-ccw.img firmware
3083+ - qemu-system-common.postinst:
3084+ - change acl placed by udev, and add udevadm trigger.
3085+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
3086+ - Several changes were applied but missing in the changelog so far
3087+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
3088+ - arch aware kvm wrapper
3089+ - update VCS links
3090+ - let qemu-utils recommend sharutils
3091+ - disable x32 architecture
3092+ - Enable seccomp for ppc64el
3093+ - Enable numa support for s390x
3094+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
3095+ init.d-script-missing-dependency-on-remote_fs
3096+ - d/qemu-system-common.postinst: fix lintian error type
3097+ command-with-path-in-maintainer-script
3098+ - Transition qemu-kvm to a systemd unit
3099+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
3100+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
3101+ that it shows up where the user expects (sytemctl status, kvm stdout)
3102+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
3103+ - add arch aware kvm wrapper for s390x
3104+ * Dropped Changes (in Debian now):
3105+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
3106+ - d/control-in: change dependencies for fix of wrong acl for newly
3107+ created device node on ubuntu
3108+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
3109+ relationship, but qemu-efi is still in universe right now.
3110+ - Disable glusterfs (Universe dependency)
3111+ - no more skip disable libiscsi on Ubuntu
3112+ - d/rules, d/control-in: avoid people editing d/control
3113+ * Added Changes:
3114+ - d/control: bump libseccomp-dev dependency as enabling libseccomp for
3115+ power makes 2.3 the minimum level.
3116+
3117+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 01 Mar 2017 14:23:16 +0100
3118+
3119 qemu (1:2.8+dfsg-3) unstable; urgency=high
3120
3121 * urgency high due to security fixes
3122@@ -2038,6 +5011,90 @@ qemu (1:2.8+dfsg-3) unstable; urgency=high
3123
3124 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 28 Feb 2017 11:40:18 +0300
3125
3126+qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=medium
3127+
3128+ * Merge with Debian; remaining changes:
3129+ - add qemu-kvm init script and defaults file
3130+ (d/qemu-system-common.qemu-kvm.*)
3131+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
3132+ modules and handling /etc/default/qemu-kvm
3133+ - qemu-system-common.preinst: add kvm group if needed
3134+ - Enable nesting by default on intel.
3135+ - set default module option
3136+ - re-load kvm_intel.ko if it was loaded without nested=1
3137+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
3138+ default in qemu64 cpu type.
3139+ - Enable svm by default for qemu64 on amd
3140+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3141+ types to ease future live vm migration.
3142+ - Make qemu-system-common depend on qemu-block-extra
3143+ - Make qemu-utils depend on qemu-block-extra
3144+ - s390x support
3145+ - Create qemu-system-s390x package
3146+ - Include s390-ccw.img firmware
3147+ - qemu-system-common.postinst:
3148+ - change acl placed by udev, and add udevadm trigger.
3149+ - d/control-in: change dependencies for fix of wrong acl for newly
3150+ created device node on ubuntu
3151+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
3152+ relationship, but qemu-efi is still in universe right now.
3153+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
3154+ - Several changes were applied but missing in the changelog so far
3155+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
3156+ - arch aware kvm wrapper
3157+ - update VCS links
3158+ - no more skip disable libiscsi on Ubuntu
3159+ - let qemu-utils recommend sharutils
3160+ - disable x32 architecture
3161+ * Dropped Changes:
3162+ - Several changes were applied but missing in the changelog so far
3163+ but are no more needed
3164+ - no pie for relocatable LD calls, with toolchain defaulting to
3165+ pie (fixed upstream)
3166+ - enable libnuma-dev (now in Debian)
3167+ - transition for moved init scripts (can be dropped after LTS
3168+ containing >=2.5 which is Xenial)
3169+ - --enable-seccomp related whitespace change (had no effect)
3170+ - apport hook for qemu source package (In Debian)
3171+ - add upstart script (d/qemu-system-common.qemu-kvm.upstart)
3172+ - d/qemu-system-x86.maintscript: transition off of
3173+ /etc/init.d/qemu-system-x86 (can be dropped after Xenial)
3174+ - Enable pie by default, on ubuntu/s390x. (Is the default since
3175+ >=Xenial, no cloud archive backport <=Xenial to consider)
3176+ - no pie for relocatable LD calls (fixed upstream in commit
3177+ 7ecf44a5)
3178+ - CVEs: CVE-2016-5403, CVE-2016-6351, CVE-2016-6490 (now Upstream)
3179+ - Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
3180+ (Improved fix included by upstream)
3181+ - Enable GPU Passthru for ppc64le (is upstream in qemu 2.7)
3182+ - Fixed wrong migration blocker when vhost is used (is upstream in
3183+ qemu 2.8)
3184+ * Added Changes:
3185+ - d/rules, d/control-in: avoid people editing d/control by warning
3186+ header and non writable permissions
3187+ - fixed moving trusty machine type definition which made it
3188+ ambiguous (LP: #1641532)
3189+ - d/qemu-system-x86.NEWS describe the issue
3190+ - Enable seccomp for ppc64el (LP: #1644639)
3191+ - Enable numa support for s390x
3192+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
3193+ init.d-script-missing-dependency-on-remote_fs
3194+ - d/qemu-system-common.postinst: fix lintian error type
3195+ command-with-path-in-maintainer-script
3196+ - Transition qemu-kvm to a systemd unit
3197+ - Disable glusterfs (Universe dependency)
3198+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
3199+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
3200+ that it shows up where the user expects (sytemctl status, kvm stdout)
3201+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
3202+ - add arch aware kvm wrapper for s390x
3203+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
3204+ - Enable DDW in Yakkety machine type because "Enable GPU Passthru for
3205+ ppc64le" was released as part of qemu 2.6 (can be dropped at 18.10,
3206+ merged in d/p/ubuntu/define-ubuntu-machine-types.patch)
3207+
3208+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Jan 2017 16:27:11 +0100
3209+
3210 qemu (1:2.8+dfsg-2) unstable; urgency=medium
3211
3212 * Revert "update binfmt registration for mipsn32"
3213@@ -2156,6 +5213,67 @@ qemu (1:2.7+dfsg-1) unstable; urgency=medium
3214
3215 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 14 Oct 2016 13:31:40 +0300
3216
3217+qemu (1:2.6.1+dfsg-0ubuntu5) yakkety; urgency=medium
3218+
3219+ * No-change rebuild to compile against new libxen version.
3220+
3221+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 30 Sep 2016 14:24:37 +0200
3222+
3223+qemu (1:2.6.1+dfsg-0ubuntu4) yakkety; urgency=medium
3224+
3225+ * retain older xenial machine type to avoid issues starting guests
3226+ created on xenial prior to the SRU for bug 1621042. In that regard the old
3227+ broken xenial machine type and the new fixed one have both to be considered
3228+ as valid LTS machine types (LP: #1626070).
3229+
3230+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Sep 2016 14:57:09 +0200
3231+
3232+qemu (1:2.6.1+dfsg-0ubuntu3) yakkety; urgency=medium
3233+
3234+ * fix default ubuntu machine types. (LP: #1621042)
3235+ - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch
3236+ - remove double default and double ubuntu alias
3237+ - drop former devel releases utopic, vivid, wily
3238+ - add xenial and yakkety machine types
3239+ - add q35 based ubuntu machine type starting at xenial
3240+ - add ubuntu machine types on ppc64el and s390x starting at xenial
3241+
3242+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2016 07:50:50 +0200
3243+
3244+qemu (1:2.6.1+dfsg-0ubuntu2) yakkety; urgency=medium
3245+
3246+ * Enable GPU Passthru for ppc64le (LP: #1541902)
3247+ - 0001-spapr-ensure-device-trees-are-always-associated-with.patch
3248+ - 0002-spapr_pci-Use-correct-DMA-LIOBN-when-composing-the-d.patch
3249+ - 0003-spapr_iommu-Finish-renaming-vfio_accel-to-need_vfio.patch
3250+ - 0004-spapr_iommu-Move-table-allocation-to-helpers.patch
3251+ - 0005-vmstate-Define-VARRAY-with-VMS_ALLOC.patch
3252+ - 0006-spapr_iommu-Introduce-enabled-state-for-TCE-table.patch
3253+ - 0007-spapr_iommu-Migrate-full-state.patch
3254+ - 0008-spapr_iommu-Add-root-memory-region.patch
3255+ - 0009-spapr_pci-Reset-DMA-config-on-PHB-reset.patch
3256+ - 0010-spapr_pci-Add-and-export-DMA-resetting-helper.patch
3257+ - 0011-memory-Add-reporting-of-supported-page-sizes.patch
3258+ - 0012-memory-Add-MemoryRegionIOMMUOps.notify_started-stopp.patch
3259+ - 0013-intel_iommu-Throw-hw_error-on-notify_started.patch
3260+ - 0014-spapr_iommu-Realloc-guest-visible-TCE-table-when-sta.patch
3261+ - 0015-vfio-spapr-Add-DMA-memory-preregistering-SPAPR-IOMMU.patch
3262+ - 0016-vfio-Add-host-side-DMA-window-capabilities.patch
3263+ - 0017-vfio-spapr-Create-DMA-window-dynamically-SPAPR-IOMMU.patch
3264+ - 0018-spapr_pci-spapr_pci_vfio-Support-Dynamic-DMA-Windows.patch
3265+ - 0019-vfio-spapr-Remove-stale-ioctl-call.patch
3266+ - 0020-spapr-Fix-undefined-behaviour-in-spapr_tce_reset.patch
3267+ - 0021-memory-Fix-IOMMU-replay-base-address.patch
3268+
3269+ -- Jon Grimm <jon.grimm@canonical.com> Fri, 16 Sep 2016 14:14:47 -0500
3270+
3271+qemu (1:2.6.1+dfsg-0ubuntu1) yakkety; urgency=medium
3272+
3273+ * New upstream release. LP: #1617055.
3274+ * Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
3275+
3276+ -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 09 Sep 2016 23:33:57 +0100
3277+
3278 qemu (1:2.6+dfsg-3.1) unstable; urgency=high
3279
3280 * Non-maintainer upload.
3281@@ -2189,6 +5307,55 @@ qemu (1:2.6+dfsg-3.1) unstable; urgency=high
3282
3283 -- Andrew James <ajames@hpe.com> Wed, 14 Sep 2016 00:56:18 -0600
3284
3285+qemu (1:2.6+dfsg-3ubuntu2) yakkety; urgency=medium
3286+
3287+ * SECURITY UPDATE: DoS via unbounded memory allocation
3288+ - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c.
3289+ - CVE-2016-5403
3290+ * SECURITY UPDATE: oob write access while reading ESP command
3291+ - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for
3292+ maximum CDB size and handle migration in hw/scsi/esp.c,
3293+ include/hw/scsi/esp.h, include/migration/vmstate.h.
3294+ - CVE-2016-6351
3295+ * SECURITY UPDATE: infinite loop in virtqueue_pop
3296+ - debian/patches/CVE-2016-6490.patch: check vring descriptor buffer
3297+ length in hw/virtio/virtio.c.
3298+ - CVE-2016-6490
3299+
3300+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 03 Aug 2016 08:36:16 -0400
3301+
3302+qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium
3303+
3304+ * Merge with Debian; remaining changes:
3305+ - debian/rules: do not drop the init scripts loading kvm modules
3306+ (still needed in precise in cloud archive)
3307+ - qemu-system-common.postinst:
3308+ * remove acl placed by udev, and add udevadm trigger.
3309+ * reload kvm_intel if needed to set nested=1
3310+ - qemu-system-common.preinst: add kvm group if needed
3311+ - add qemu-kvm upstart job and defaults file (rules,
3312+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3313+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3314+ do not auto-load the kvm kernel module. Enable nesting by default
3315+ on intel.
3316+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3317+ in qemu64 cpu type.
3318+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3319+ types to ease future live vm migration.
3320+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3321+ d/qemu-system-common.install
3322+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3323+ to fix errors with missing block backends.
3324+ - s390x:
3325+ * Create qemu-system-s390x package
3326+ * Enable pie by default, on ubuntu/s390x.
3327+ * Enable svm by default for qemu64 on amd
3328+ * Include s390-ccw.img firmware
3329+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
3330+ relationship, but qemu-efi is still in universe right now.
3331+
3332+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Jun 2016 16:49:49 -0500
3333+
3334 qemu (1:2.6+dfsg-3) unstable; urgency=high
3335
3336 * more security fixes picked from upstream:
3337@@ -2242,6 +5409,39 @@ qemu (1:2.6+dfsg-2) unstable; urgency=medium
3338
3339 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 13 Jun 2016 12:10:44 +0300
3340
3341+qemu (1:2.6+dfsg-1ubuntu1) yakkety; urgency=medium
3342+
3343+ * Merge with Debian; remaining changes: (LP: #1583775)
3344+ - debian/rules: do not drop the init scripts loading kvm modules
3345+ (still needed in precise in cloud archive)
3346+ - qemu-system-common.postinst:
3347+ * remove acl placed by udev, and add udevadm trigger.
3348+ * reload kvm_intel if needed to set nested=1
3349+ - qemu-system-common.preinst: add kvm group if needed
3350+ - add qemu-kvm upstart job and defaults file (rules,
3351+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3352+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3353+ do not auto-load the kvm kernel module. Enable nesting by default
3354+ on intel.
3355+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3356+ in qemu64 cpu type.
3357+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3358+ types to ease future live vm migration.
3359+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3360+ d/qemu-system-common.install
3361+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3362+ to fix errors with missing block backends. (LP: #1495895)
3363+ - s390x:
3364+ * Create qemu-system-s390x package
3365+ * Enable pie by default, on ubuntu/s390x.
3366+ * Enable svm by default for qemu64 on amd
3367+ * Include s390-ccw.img firmware
3368+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
3369+ relationship, but qemu-efi is still in universe right now.
3370+ * Drop patches which have been applied upstream:
3371+
3372+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 19 May 2016 12:11:36 -0500
3373+
3374 qemu (1:2.6+dfsg-1) unstable; urgency=medium
3375
3376 * new upstream release
3377@@ -2279,6 +5479,106 @@ qemu (1:2.6+dfsg-1) unstable; urgency=medium
3378
3379 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 18 May 2016 14:44:14 +0300
3380
3381+qemu (1:2.5+dfsg-5ubuntu12) yakkety; urgency=medium
3382+
3383+ * Cherrypick upstream patches to support the query-gic-version QMP command
3384+ (LP: #1566564)
3385+
3386+ -- dann frazier <dannf@ubuntu.com> Tue, 05 Apr 2016 16:56:11 -0600
3387+
3388+qemu (1:2.5+dfsg-5ubuntu11) yakkety; urgency=medium
3389+
3390+ [Stefan Bader]
3391+ * Enable svm by default for qemu64 on amd (LP: #1561019)
3392+
3393+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Apr 2016 16:53:55 -0500
3394+
3395+qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium
3396+
3397+ * qemu-system-s390x only available on s390x, so qemu-system should only
3398+ depend on it on this arch.
3399+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
3400+ relationship, but qemu-efi is still in universe right now.
3401+
3402+ -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 19 Apr 2016 13:41:37 -0700
3403+
3404+qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium
3405+
3406+ * And actually ship the right things in qemu-system-s390x.
3407+
3408+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 19 Apr 2016 16:49:00 +0100
3409+
3410+qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium
3411+
3412+ * Create qemu-system-s390x package on ubuntu only.
3413+
3414+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 18 Apr 2016 10:16:19 +0100
3415+
3416+qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium
3417+
3418+ * Cherrypick patch from mailing list to fix qemu in sandbox. (LP: #1560149)
3419+
3420+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Apr 2016 15:13:06 -0500
3421+
3422+qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium
3423+
3424+ * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch
3425+ (LP: #1556306)
3426+
3427+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 16 Mar 2016 16:35:22 -0700
3428+
3429+qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium
3430+
3431+ * Cherrypick upstream patch to fix snapshot regression (LP: #1533728)
3432+
3433+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 07 Mar 2016 18:53:34 -0800
3434+
3435+qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium
3436+
3437+ * d/control{-in}: Re-generate and build with libiscsi-dev now
3438+ that its in Ubuntu main (LP: #1271653).
3439+
3440+ -- James Page <james.page@ubuntu.com> Wed, 24 Feb 2016 17:59:13 +0000
3441+
3442+qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium
3443+
3444+ * Make -no-pie conditional, on $(CC) supporting -no-pie flag.
3445+
3446+ -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 24 Feb 2016 14:40:19 +0000
3447+
3448+qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium
3449+
3450+ * No-change rebuild for gnutls transition.
3451+
3452+ -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:27:20 +0000
3453+
3454+qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium
3455+
3456+ * Merge with Debian; remaining changes:
3457+ - debian/rules: do not drop the init scripts loading kvm modules
3458+ (still needed in precise in cloud archive)
3459+ - qemu-system-common.postinst:
3460+ * remove acl placed by udev, and add udevadm trigger.
3461+ * reload kvm_intel if needed to set nested=1
3462+ - qemu-system-common.preinst: add kvm group if needed
3463+ - add qemu-kvm upstart job and defaults file (rules,
3464+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3465+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3466+ do not auto-load the kvm kernel module. Enable nesting by default
3467+ on intel.
3468+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3469+ in qemu64 cpu type.
3470+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3471+ types to ease future live vm migration.
3472+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3473+ d/qemu-system-common.install
3474+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3475+ to fix errors with missing block backends. (LP: #1495895)
3476+ - Enable pie by default, on ubuntu/s390x.
3477+ - Include s390-ccw.img firmware.
3478+
3479+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Feb 2016 10:24:49 -0800
3480+
3481 qemu (1:2.5+dfsg-5) unstable; urgency=medium
3482
3483 * fix misspellings in previous debian/changelog entry
3484@@ -2336,6 +5636,113 @@ qemu (1:2.5+dfsg-2) unstable; urgency=high
3485
3486 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 09 Jan 2016 21:40:43 +0300
3487
3488+qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium
3489+
3490+ * SECURITY UPDATE: paravirtualized drivers incautious about shared memory
3491+ contents
3492+ - debian/patches/CVE-2015-8550-1.patch: avoid double access in
3493+ hw/block/xen_blkif.h.
3494+ - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in
3495+ hw/display/xenfb.c.
3496+ - CVE-2015-8550
3497+ * SECURITY UPDATE: infinite loop in ehci_advance_state
3498+ - debian/patches/CVE-2015-8558.patch: make idt processing more robust
3499+ in hw/usb/hcd-ehci.c.
3500+ - CVE-2015-8558
3501+ * SECURITY UPDATE: host memory leakage in vmxnet3
3502+ - debian/patches/CVE-2015-856x.patch: avoid memory leakage in
3503+ hw/net/vmxnet3.c.
3504+ - CVE-2015-8567
3505+ - CVE-2015-8568
3506+ * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info
3507+ - debian/patches/CVE-2015-8613.patch: initialise info object with
3508+ appropriate size in hw/scsi/megasas.c.
3509+ - CVE-2015-8613
3510+ * SECURITY UPDATE: DoS via Human Monitor Interface
3511+ - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write
3512+ in hmp.c, include/ui/console.h, ui/input-legacy.c.
3513+ - CVE-2015-8619
3514+ * SECURITY UPDATE: incorrect array bounds check in rocker
3515+ - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds
3516+ check in hw/net/rocker/rocker.c.
3517+ - CVE-2015-8701
3518+ * SECURITY UPDATE: ne2000 OOB r/w in ioport operations
3519+ - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport
3520+ operations in hw/net/ne2000.c.
3521+ - CVE-2015-8743
3522+ * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands
3523+ - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on
3524+ error in hw/ide/ahci.c.
3525+ - CVE-2016-1568
3526+ * SECURITY UPDATE: DoS via null pointer dereference in vapic_write()
3527+ - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in
3528+ hw/i386/kvmvapic.c.
3529+ - CVE-2016-1922
3530+ * SECURITY UPDATE: e1000 infinite loop
3531+ - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on
3532+ out-of-bounds transfer start in hw/net/e1000.c
3533+ - CVE-2016-1981
3534+ * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB
3535+ engines
3536+ - debian/patches/CVE-2016-2197.patch: add check before calling
3537+ dma_memory_unmap in hw/ide/ahci.c.
3538+ - CVE-2016-2197
3539+ * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write
3540+ - debian/patches/CVE-2016-2198.patch: add capability mmio write
3541+ function in hw/usb/hcd-ehci.c.
3542+ - CVE-2016-2198
3543+
3544+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 01 Feb 2016 09:39:01 -0500
3545+
3546+qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium
3547+
3548+ * debian/qemu-kvm-init: Call systemd-detect-virt instead of the
3549+ Ubuntu specific running-in-container wrapper. (LP: #1539016)
3550+
3551+ -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 28 Jan 2016 13:24:51 +0100
3552+
3553+qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high
3554+
3555+ * Include s390-ccw.img firmware.
3556+
3557+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 12 Jan 2016 15:53:43 +0000
3558+
3559+qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium
3560+
3561+ * Place qemu-kvm.defaults file in qemu-system-common, next to the init
3562+ scripts. Fix the comparison operator when checking KVM_HUGEPAGES.
3563+ Thanks Simon. (LP: #1531191)
3564+
3565+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 06 Jan 2016 09:45:37 -0800
3566+
3567+qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium
3568+
3569+ * Merge with Debian; remaining changes:
3570+ - debian/rules: do not drop the init scripts loading kvm modules
3571+ (still needed in precise in cloud archive)
3572+ - qemu-system-common.postinst:
3573+ * remove acl placed by udev, and add udevadm trigger.
3574+ * reload kvm_intel if needed to set nested=1
3575+ - qemu-system-common.preinst: add kvm group if needed
3576+ - add qemu-kvm upstart job and defaults file (rules,
3577+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3578+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3579+ do not auto-load the kvm kernel module. Enable nesting by default
3580+ on intel.
3581+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3582+ in qemu64 cpu type.
3583+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3584+ types to ease future live vm migration.
3585+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3586+ d/qemu-system-common.install
3587+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3588+ to fix errors with missing block backends. (LP: #1495895)
3589+ - Enable pie by default, on ubuntu/s390x.
3590+ * Drop vGICv3 support patches - all is now upstream
3591+ * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191)
3592+
3593+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Jan 2016 15:42:50 -0800
3594+
3595 qemu (1:2.5+dfsg-1) unstable; urgency=medium
3596
3597 * new upstream release
3598@@ -2362,6 +5769,49 @@ qemu (1:2.5+dfsg-1) unstable; urgency=medium
3599
3600 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 16 Dec 2015 20:00:04 +0300
3601
3602+qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high
3603+
3604+ * Enable pie by default, on ubuntu/s390x.
3605+
3606+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 07 Dec 2015 16:04:16 +0000
3607+
3608+qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium
3609+
3610+ * undo the libseccomp delta from debian. libseccomp is indeed available
3611+ on other arches, but we need qemu's configure script to be fixed before
3612+ we can use it on anything other than amd64|i386. Fixes FTBFS.
3613+ (LP: #1522531)
3614+
3615+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 03 Dec 2015 12:44:46 -0600
3616+
3617+qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium
3618+
3619+ * Merge with Debian; remaining changes:
3620+ - Update the ubuntu machine types patch to reflect upstream churn
3621+ - debian/rules: do not drop the init scripts loading kvm modules
3622+ (still needed in precise in cloud archive)
3623+ - qemu-system-common.postinst:
3624+ * remove acl placed by udev, and add udevadm trigger.
3625+ * reload kvm_intel if needed to set nested=1
3626+ - qemu-system-common.preinst: add kvm group if needed
3627+ - add qemu-kvm upstart job and defaults file (rules,
3628+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3629+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3630+ do not auto-load the kvm kernel module. Enable nesting by default
3631+ on intel.
3632+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3633+ in qemu64 cpu type.
3634+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3635+ machine type to ease future live vm migration.
3636+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3637+ d/qemu-system-common.install
3638+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3639+ to fix errors with missing block backends. (LP: #1495895)
3640+ - control-in: build with libseccomp an all architectures
3641+ - Add vGICv3 support
3642+
3643+ -- Matthias Klose <doko@ubuntu.com> Wed, 02 Dec 2015 21:31:36 +0100
3644+
3645 qemu (1:2.4+dfsg-5) unstable; urgency=medium
3646
3647 * trace-remove-malloc-tracing.patch from upstream.
3648@@ -2374,6 +5824,57 @@ qemu (1:2.4+dfsg-5) unstable; urgency=medium
3649
3650 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 29 Nov 2015 12:22:52 +0300
3651
3652+qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium
3653+
3654+ * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
3655+ - debian/patches/CVE-2015-7504.patch: leave room for CRC code in
3656+ hw/net/pcnet.c.
3657+ - CVE-2015-7504
3658+ * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
3659+ - debian/patches/CVE-2015-7512.patch: check packet length in
3660+ hw/net/pcnet.c.
3661+ - CVE-2015-7512
3662+ * SECURITY UPDATE: infinite loop in eepro100
3663+ - debian/patches/CVE-2015-8345.patch: prevent endless loop in
3664+ hw/net/eepro100.c.
3665+ - CVE-2015-8345
3666+
3667+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 01 Dec 2015 13:36:40 -0500
3668+
3669+qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium
3670+
3671+ * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition.
3672+
3673+ -- dann frazier <dann.frazier@canonical.com> Tue, 03 Nov 2015 08:05:46 -0700
3674+
3675+qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium
3676+
3677+ * Merge 2.4 from unstable. Remaining changes:
3678+ - Update the ubuntu machine types patch to reflect upstream churn
3679+ - debian/rules: do not drop the init scripts loading kvm modules
3680+ (still needed in precise in cloud archive)
3681+ - qemu-system-common.postinst:
3682+ * remove acl placed by udev, and add udevadm trigger.
3683+ * reload kvm_intel if needed to set nested=1
3684+ - qemu-system-common.preinst: add kvm group if needed
3685+ - add qemu-kvm upstart job and defaults file (rules,
3686+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3687+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3688+ do not auto-load the kvm kernel module. Enable nesting by default
3689+ on intel.
3690+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3691+ in qemu64 cpu type.
3692+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3693+ machine type to ease future live vm migration.
3694+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3695+ d/qemu-system-common.install
3696+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3697+ to fix errors with missing block backends. (LP: #1495895)
3698+ - control-in: build with libseccomp an all architectures.
3699+ * Add vGICv3 support
3700+
3701+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 27 Oct 2015 13:28:58 -0500
3702+
3703 qemu (1:2.4+dfsg-4) unstable; urgency=medium
3704
3705 * applied 3 patches from upstream to fix virtio-net
3706@@ -2388,7 +5889,7 @@ qemu (1:2.4+dfsg-3) unstable; urgency=high
3707 fix for Heap overflow vulnerability in ne2000_receive() function
3708 (Closes: #799074 CVE-2015-5279)
3709 * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch
3710- (Closes: #799073 CVE-2015-5278)
3711+ (Closes: #799073 CVE-2015-5278)
3712 * some binfmt reorg:
3713 - extend aarch64 to include one more byte as other arches do
3714 - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize
3715@@ -2440,6 +5941,137 @@ qemu (1:2.3+dfsg-6) unstable; urgency=high
3716
3717 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 11 Jun 2015 20:03:40 +0300
3718
3719+qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium
3720+
3721+ * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466)
3722+
3723+ -- Ryan Harper <ryan.harper@canonical.com> Wed, 21 Oct 2015 08:59:29 -0500
3724+
3725+qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low
3726+
3727+ * debian/patches/upstream-fix-irq-route-entries.patch
3728+ Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed"
3729+ (LP: #1465935)
3730+
3731+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 09 Oct 2015 15:38:53 +0200
3732+
3733+qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium
3734+
3735+ * Build using libseccomp on all architectures.
3736+
3737+ -- Matthias Klose <doko@ubuntu.com> Sat, 03 Oct 2015 21:12:15 +0200
3738+
3739+qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium
3740+
3741+ * SECURITY UPDATE: denial of service via NE2000 driver
3742+ - debian/patches/CVE-2015-5278.patch: fix infinite loop in
3743+ hw/net/ne2000.c.
3744+ - CVE-2015-5278
3745+ * SECURITY UPDATE: denial of service and possible code execution via
3746+ heap overflow in NE2000 driver
3747+ - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in
3748+ hw/net/ne2000.c.
3749+ - CVE-2015-5279
3750+ * SECURITY UPDATE: denial of service via e1000 infinite loop
3751+ - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c.
3752+ - CVE-2015-6815
3753+ * SECURITY UPDATE: denial of service via illegal ATAPI commands
3754+ - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in
3755+ hw/ide/core.c.
3756+ - CVE-2015-6855
3757+
3758+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 23 Sep 2015 15:05:51 -0400
3759+
3760+qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium
3761+
3762+ * Make qemu-system-common and qemu-utils depend on qemu-block-extra
3763+ to fix errors with missing block backends. (LP: #1495895)
3764+ * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655)
3765+ * Apply fix for memory corruption during live-migration in tcg mode
3766+ (LP: #1493049)
3767+ * Apply tracing patch to remove use of custom vtable in newer glibc
3768+ (LP: #1491972)
3769+
3770+ -- Ryan Harper <ryan.harper@canonical.com> Tue, 15 Sep 2015 09:37:23 -0500
3771+
3772+qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium
3773+
3774+ * Import qcow2-handle-eagain-from-update_refcount from upstream
3775+ to fix errors when using qemu-img convert -c. (LP: #1491050)
3776+
3777+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Sep 2015 16:35:56 -0500
3778+
3779+qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium
3780+
3781+ * SECURITY UPDATE: process heap memory disclosure
3782+ - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c.
3783+ - CVE-2015-5165
3784+ * SECURITY UPDATE: privilege escalation via block device unplugging
3785+ - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend
3786+ in hw/ide/piix.c.
3787+ - CVE-2015-5166
3788+ * SECURITY UPDATE: privilege escalation via memory corruption in vnc
3789+ - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply
3790+ limits in ui/vnc.c.
3791+ - CVE-2015-5225
3792+ * SECURITY UPDATE: denial of service via virtio-serial
3793+ - debian/patches/CVE-2015-5745.patch: don't assume a specific layout
3794+ for control messages in hw/char/virtio-serial-bus.c.
3795+ - CVE-2015-5745
3796+
3797+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 25 Aug 2015 09:38:43 -0400
3798+
3799+qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium
3800+
3801+ * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
3802+ - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
3803+ - CVE-2015-3214
3804+ * SECURITY UPDATE: heap overflow when processing ATAPI commands
3805+ - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
3806+ hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
3807+ - CVE-2015-5154
3808+ * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
3809+ - debian/patches/CVE-2015-5158.patch: check length in
3810+ hw/scsi/scsi-bus.c.
3811+ - CVE-2015-5158
3812+
3813+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jul 2015 10:07:05 -0400
3814+
3815+qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium
3816+
3817+ * SECURITY UPDATE: heap overflow in PCNET controller
3818+ - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c.
3819+ - CVE-2015-3209
3820+
3821+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Jun 2015 14:25:05 -0400
3822+
3823+qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium
3824+
3825+ * Merge 1:2.3+dfsg-5 from Debian.
3826+ * Remaining changes:
3827+ - debian/rules: do not drop the init scripts loading kvm modules
3828+ (still needed in precise in cloud archive)
3829+ - qemu-system-common.postinst:
3830+ * remove acl placed by udev, and add udevadm trigger.
3831+ * reload kvm_intel if needed to set nested=1
3832+ - qemu-system-common.preinst: add kvm group if needed
3833+ - add qemu-kvm upstart job and defaults file (rules,
3834+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3835+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3836+ do not auto-load the kvm kernel module. Enable nesting by default
3837+ on intel.
3838+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3839+ in qemu64 cpu type.
3840+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3841+ machine type to ease future live vm migration.
3842+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3843+ d/qemu-system-common.install
3844+ * Refreshed patches:
3845+ - ubuntu/expose-vmx_qemu64cpu.patch
3846+ - ubuntu/define-ubuntu-machine-types.patch
3847+
3848+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 10 Jun 2015 14:28:39 -0500
3849+
3850 qemu (1:2.3+dfsg-5) unstable; urgency=high
3851
3852 * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch
3853@@ -2451,6 +6083,35 @@ qemu (1:2.3+dfsg-5) unstable; urgency=high
3854
3855 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 03 Jun 2015 17:18:58 +0300
3856
3857+qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium
3858+
3859+ * Merge 1:2.3+dfsg-4 from Debian.
3860+ * Remaining changes:
3861+ - debian/rules: do not drop the init scripts loading kvm modules
3862+ (still needed in precise in cloud archive)
3863+ - qemu-system-common.postinst:
3864+ * remove acl placed by udev, and add udevadm trigger.
3865+ * reload kvm_intel if needed to set nested=1
3866+ - qemu-system-common.preinst: add kvm group if needed
3867+ - add qemu-kvm upstart job and defaults file (rules,
3868+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3869+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3870+ do not auto-load the kvm kernel module. Enable nesting by default
3871+ on intel.
3872+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3873+ in qemu64 cpu type.
3874+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3875+ machine type to ease future live vm migration.
3876+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3877+ d/qemu-system-common.install
3878+ * Dropped all patches which are applied upstream
3879+ * Move the upstart jobs to a generic script
3880+ - add new qemu-kvm-init script
3881+ - call that from upstart and sysvrc qemu-kvm scripts
3882+ - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc}
3883+
3884+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 03 Jun 2015 13:36:36 -0500
3885+
3886 qemu (1:2.3+dfsg-4) unstable; urgency=medium
3887
3888 * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch:
3889@@ -2512,6 +6173,98 @@ qemu (1:2.2+dfsg-6exp) experimental; urgency=medium
3890
3891 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 17 Apr 2015 21:54:53 +0300
3892
3893+qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium
3894+
3895+ * SECURITY UPDATE: denial of service in vnc web
3896+ - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket
3897+ frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h.
3898+ - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from
3899+ websockets clients in ui/vnc-ws.c.
3900+ - CVE-2015-1779
3901+ * SECURITY UPDATE: host code execution via floppy device (VEMON)
3902+ - debian/patches/CVE-2015-3456.patch: force the fifo access to be in
3903+ bounds of the allocated buffer in hw/block/fdc.c.
3904+ - CVE-2015-3456
3905+
3906+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 13 May 2015 07:25:59 -0400
3907+
3908+qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low
3909+
3910+ * CVE-2015-2756 / XSA-126
3911+ - xen: limit guest control of PCI command register
3912+
3913+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 08 Apr 2015 10:17:45 +0200
3914+
3915+qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium
3916+
3917+ * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not
3918+ accidentally create /1
3919+
3920+ -- Steve Beattie <sbeattie@ubuntu.com> Thu, 12 Mar 2015 16:46:51 -0700
3921+
3922+qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low
3923+
3924+ * No-change rebuild to pull in libxl-4.5 (take 2: step to the right).
3925+
3926+ -- Stefan Bader <stefan.bader@canonical.com> Thu, 26 Feb 2015 08:55:35 +0100
3927+
3928+qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low
3929+
3930+ * No-change rebuild to pull in libxl-4.5.
3931+
3932+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 25 Feb 2015 13:58:37 +0100
3933+
3934+qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium
3935+
3936+ * debian/control-in: enable numa on architectures where numa is built
3937+ (LP: #1417937)
3938+
3939+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 23:18:58 -0600
3940+
3941+qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium
3942+
3943+ [Scott Moser]
3944+ * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa
3945+ profile when started by libvirt.
3946+
3947+ [Serge Hallyn]
3948+ * add symlink qemu-system-ppc64le -> qemu-system-ppc64
3949+ * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script
3950+ (LP: #1419855)
3951+
3952+ [Chris J Arges]
3953+ * Determine if we are running inside a virtual environment. If running inside
3954+ a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153)
3955+
3956+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 13:04:21 -0600
3957+
3958+qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium
3959+
3960+ * Merge 1:2.2+dfsg-5exp from Debian. (LP: #1409308)
3961+ - debian/rules: do not drop the init scripts loading kvm modules
3962+ (still needed in precise in cloud archive)
3963+ * Remaining changes:
3964+ - qemu-system-common.postinst:
3965+ * remove acl placed by udev, and add udevadm trigger.
3966+ * reload kvm_intel if needed to set nested=1
3967+ - qemu-system-common.preinst: add kvm group if needed
3968+ - add qemu-kvm upstart job and defaults file (rules,
3969+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3970+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3971+ do not auto-load the kvm kernel module. Enable nesting by default
3972+ on intel.
3973+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3974+ in qemu64 cpu type.
3975+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3976+ machine type to ease future live vm migration.
3977+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3978+ d/qemu-system-common.install
3979+ * Dropped all patches which are applied upstream
3980+ * Update ubuntu-vivid machine type to default to std graphics (following
3981+ upstream's lead for pc-i440fx-2.2 machine type)
3982+
3983+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 09 Feb 2015 22:31:09 -0600
3984+
3985 qemu (1:2.2+dfsg-5exp) experimental; urgency=medium
3986
3987 * fix initscript removal once again
3988@@ -2561,6 +6314,47 @@ qemu (2.2+dfsg-1exp) unstable; urgency=medium
3989
3990 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 09 Dec 2014 23:09:26 +0300
3991
3992+qemu (1:2.1+dfsg-11ubuntu2) vivid; urgency=medium
3993+
3994+ * Cherrypick upstream patch needed to allow ESx hosts to run under
3995+ kvm (LP: #1411575)
3996+
3997+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 16 Jan 2015 16:32:48 -0600
3998+
3999+qemu (1:2.1+dfsg-11ubuntu1) vivid; urgency=medium
4000+
4001+ * Merge 2.1+dfsg-11. Remaining changes:
4002+ - qemu-system-common.postinst:
4003+ * remove acl placed by udev, and add udevadm trigger.
4004+ * reload kvm_intel if needed to set nested=1
4005+ - qemu-system-common.preinst: add kvm group if needed
4006+ - add qemu-kvm upstart job and defaults file (rules,
4007+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4008+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4009+ do not auto-load the kvm kernel module. Enable nesting by default
4010+ on intel.
4011+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4012+ removed the alternatives bit later.
4013+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4014+ in qemu64 cpu type.
4015+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4016+ machine type to ease future live vm migration.
4017+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4018+ d/qemu-system-common.install
4019+ - debian/binfmt-update-in: support ppcle
4020+ * debian/binfmt-update-in
4021+ * Support-ppcle.patch
4022+ - Upstream patches to fix AArch64 emulation ignoring SPSel=0:
4023+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
4024+ * d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
4025+ * d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
4026+ * Dropped patches (upstream or now in debian's tree):
4027+ - upstream-xen_disk-fix-unmapping-of-persistent-grants.patch
4028+ - CVE-2014-7840.patch
4029+ - CVE-2014-8106.patch
4030+
4031+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Dec 2014 13:57:34 -0600
4032+
4033 qemu (1:2.1+dfsg-11) unstable; urgency=medium
4034
4035 * bump epoch and reupload to cancel 2.2+dfsg-1exp upload
4036@@ -2630,6 +6424,81 @@ qemu (2.1+dfsg-8) unstable; urgency=low
4037
4038 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 27 Nov 2014 18:32:45 +0300
4039
4040+qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium
4041+
4042+ * SECURITY UPDATE: code execution via savevm data
4043+ - debian/patches/CVE-2014-7840.patch: validate parameters in
4044+ arch_init.c.
4045+ - CVE-2014-7840
4046+ * SECURITY UPDATE: code execution via cirrus vga blit regions
4047+ (LP: #1400775)
4048+ - debian/patches/CVE-2014-8106.patch: properly validate blit regions in
4049+ hw/display/cirrus_vga.c.
4050+ - CVE-2014-8106
4051+
4052+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Dec 2014 14:11:52 -0500
4053+
4054+qemu (2.1+dfsg-7ubuntu4) vivid; urgency=low
4055+
4056+ * d/rules: Fix vendor check to make kvm-spice symlinks (DEB_VENDOR got
4057+ dropped and VENDOR now will be all capital UBUNTU).
4058+
4059+ -- Stefan Bader <stefan.bader@canonical.com> Mon, 08 Dec 2014 14:45:31 +0100
4060+
4061+qemu (2.1+dfsg-7ubuntu3) vivid; urgency=medium
4062+
4063+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
4064+ d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
4065+ d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
4066+ Cherry-pick of upstream patches in order to fix AArch64 emulation ignoring
4067+ SPSel=0 in certain conditions. (LP: #1349277)
4068+
4069+ -- Chris J Arges <chris.j.arges@canonical.com> Thu, 04 Dec 2014 14:17:01 -0600
4070+
4071+qemu (2.1+dfsg-7ubuntu2) vivid; urgency=low
4072+
4073+ * d/p/upstream-xen_disk-fix-unmapping-of-persistent-grants.patch:
4074+ Cherry-pick of qemu-upstream patch to fix issues with persistent
4075+ grants and the PV backend (Qdisk) (LP: #1394327).
4076+
4077+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 28 Nov 2014 13:14:37 +0100
4078+
4079+qemu (2.1+dfsg-7ubuntu1) vivid; urgency=medium
4080+
4081+ * Merge 2.1+dfsg-7. Remaining changes:
4082+ - qemu-system-common.postinst:
4083+ * remove acl placed by udev, and add udevadm trigger.
4084+ * reload kvm_intel if needed to set nested=1
4085+ - qemu-system-common.preinst: add kvm group if needed
4086+ - add qemu-kvm upstart job and defaults file (rules,
4087+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4088+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4089+ do not auto-load the kvm kernel module. Enable nesting by default
4090+ on intel.
4091+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4092+ removed the alternatives bit later.
4093+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4094+ in qemu64 cpu type.
4095+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4096+ machine type to ease future live vm migration.
4097+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4098+ d/qemu-system-common.install
4099+ - debian/binfmt-update-in: support ppcle
4100+ * debian/binfmt-update-in
4101+ * Support-ppcle.patch
4102+ * Dropped patches (upstream or now in debian's tree):
4103+ - pc-reserve-more-memory-for-acpi.patch
4104+ - CVE-2014-5388.patch
4105+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap and
4106+ 502-block-raw-posic-use-seek-hole-ahead-of-fiemap (combined
4107+ in debian)
4108+ - CVE-2014-3615.patch
4109+ - CVE-2014-3640.patch
4110+ - CVE-2014-3689.patch
4111+ - CVE-2014-7815.patch
4112+
4113+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 22 Nov 2014 18:36:53 -0600
4114+
4115 qemu (2.1+dfsg-7) unstable; urgency=high
4116
4117 * urgency is high due to 2 security fixes
4118@@ -2681,6 +6550,119 @@ qemu (2.1+dfsg-5) unstable; urgency=medium
4119
4120 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 26 Sep 2014 17:43:26 +0400
4121
4122+qemu (2.1+dfsg-4ubuntu9) vivid; urgency=medium
4123+
4124+ * SECURITY UPDATE: information disclosure via vga driver
4125+ - debian/patches/CVE-2014-3615.patch: return the correct memory size,
4126+ sanity check register writes, and don't use fixed buffer sizes in
4127+ hw/display/qxl.c, hw/display/vga.c, hw/display/vga_int.h,
4128+ ui/spice-display.c.
4129+ - CVE-2014-3615
4130+ * SECURITY UPDATE: denial of service via slirp NULL pointer deref
4131+ - debian/patches/CVE-2014-3640.patch: make sure socket is not just a
4132+ stub in slirp/udp.c.
4133+ - CVE-2014-3640
4134+ * SECURITY UPDATE: possible privilege escalation via vmware-vga driver
4135+ - debian/patches/CVE-2014-3689.patch: verify rectangles in
4136+ hw/display/vmware_vga.c.
4137+ - CVE-2014-3689
4138+ * SECURITY UPDATE: denial of service via VNC console
4139+ - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in
4140+ ui/vnc.c.
4141+ - CVE-2014-7815
4142+
4143+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 13 Nov 2014 07:31:03 -0500
4144+
4145+qemu (2.1+dfsg-4ubuntu8) vivid; urgency=medium
4146+
4147+ * Support qemu-kvm on x32, arm64, ppc64 and pp64el architectures
4148+ (LP: #1389897) (Patch thanks to mwhudson, BenC, and infinity)
4149+
4150+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Nov 2014 15:51:47 -0600
4151+
4152+qemu (2.1+dfsg-4ubuntu7) vivid; urgency=medium
4153+
4154+ * Apply two patches to fix intermittent qemu-img corruption
4155+ (LP: #1368815)
4156+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap
4157+ - 502-block-raw-posic-use-seek-hole-ahead-of-fiemap
4158+
4159+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 29 Oct 2014 22:31:43 -0500
4160+
4161+qemu (2.1+dfsg-4ubuntu6) utopic; urgency=medium
4162+
4163+ * debian/control: slof is moving into main, so we can depend on qemu-slof as
4164+ debian does.
4165+
4166+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Oct 2014 22:01:27 +0200
4167+
4168+qemu (2.1+dfsg-4ubuntu5) utopic; urgency=medium
4169+
4170+ * debian/binfmt-update-in: don't blacklist ppc64le on ppc64 and vice
4171+ versa.
4172+ * Drop Support-ppc64le.pach, as that architecture appears to not exist yet.
4173+ * update d/p/ubuntu/define-ubuntu-machine-types.patch to keep -M pc pointing
4174+ to latest upstream machine type, rather than distro one. Add 'ubuntu'
4175+ machine type for that.
4176+
4177+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 06 Oct 2014 13:41:31 -0500
4178+
4179+qemu (2.1+dfsg-4ubuntu4) utopic; urgency=medium
4180+
4181+ * debian/qemu-system-x86.qemu-kvm.upstart: create /dev/kvm in a
4182+ container. (LP: #1370199)
4183+ * load kvm module on ppc64le at boot (LP: #1369785)
4184+ - debian/rules: install qemu-kvm on ppc64el
4185+ - add debian/qemu-system-ppc.qemu-kvm.{upstart,default} to autoload the
4186+ kvm-hv module if available
4187+ * qemu-system-x86.maintscript: remove accidentally installed
4188+ /etc/init.d/qemu-system-x86 (from 2.0.0+dfsg-6ubuntu1 and a few earlier)
4189+ * rename qemu-system-x86 init script to qemu-kvm so it gets installed in
4190+ ubuntu.
4191+
4192+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Sep 2014 14:20:12 -0500
4193+
4194+qemu (2.1+dfsg-4ubuntu3) utopic; urgency=medium
4195+
4196+ * Re-stick the trusty machine type to 2.0 (where it must always stay) and
4197+ define a new, default, pc-i440fx-utopic machine type (LP: #1369481)
4198+
4199+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 15 Sep 2014 14:04:57 -0500
4200+
4201+qemu (2.1+dfsg-4ubuntu2) utopic; urgency=medium
4202+
4203+ * move kvm_intel nested setting to qemu-system-x86.postinst.
4204+
4205+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 12 Sep 2014 23:12:52 +0000
4206+
4207+qemu (2.1+dfsg-4ubuntu1) utopic; urgency=medium
4208+
4209+ * Merge new debian release
4210+ * Remaining changes:
4211+ - qemu-system-common.postinst:
4212+ * remove acl placed by udev, and add udevadm trigger.
4213+ * reload kvm_intel if needed to set nested=1
4214+ - qemu-system-common.preinst: add kvm group if needed
4215+ - add qemu-kvm upstart job and defaults file (rules,
4216+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4217+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4218+ do not auto-load the kvm kernel module. Enable nesting by default
4219+ on intel.
4220+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4221+ removed the alternatives bit later.
4222+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4223+ in qemu64 cpu type.
4224+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4225+ machine type to ease future live vm migration.
4226+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4227+ d/qemu-system-common.install
4228+ - debian/binfmt-update-in: support ppcle
4229+ * debian/binfmt-update-in
4230+ * Support-ppcle.patch
4231+ - d/p/CVE-2014-5388.patch
4232+
4233+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Sep 2014 17:56:15 -0500
4234+
4235 qemu (2.1+dfsg-4) unstable; urgency=medium
4236
4237 * mention libnuma-dev but not enable for now
4238@@ -2698,6 +6680,59 @@ qemu (2.1+dfsg-4) unstable; urgency=medium
4239
4240 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 31 Aug 2014 09:32:59 +0400
4241
4242+qemu (2.1+dfsg-3ubuntu4) utopic; urgency=medium
4243+
4244+ * SECURITY UPDATE: memory disclosure via out-of-bounds array access
4245+ - debian/patches/CVE-2014-5388.patch: fix check in hw/acpi/pcihp.c.
4246+ - CVE-2014-5388
4247+
4248+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 09 Sep 2014 08:26:24 -0400
4249+
4250+qemu (2.1+dfsg-3ubuntu3) utopic; urgency=medium
4251+
4252+ * replace d/p/revert-acpi-table-size-bump with
4253+ pc-reserve-more-memory-for-acpi.patch from upstream
4254+ * debian/binfmt-update-in
4255+ - don't run in a container
4256+ - add ppc64le as target (LP: #1358268)
4257+ * Add experimental ppcle support (LP: #1358268)
4258+
4259+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 27 Aug 2014 18:24:32 -0500
4260+
4261+qemu (2.1+dfsg-3ubuntu2) utopic; urgency=medium
4262+
4263+ * revert-acpi-table-size-bump - get qemu -kernel working again.
4264+
4265+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 15:33:24 -0500
4266+
4267+qemu (2.1+dfsg-3ubuntu1) utopic; urgency=medium
4268+
4269+ * Merge new debian release
4270+ * Remaining changes:
4271+ - control-in: stick to libsdl1.2-dev.
4272+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
4273+ qemu-bridge-helper
4274+ - qemu-system-common.postinst: remove acl placed by udev,
4275+ and add udevadm trigger.
4276+ - qemu-system-common.preinst: add kvm group if needed
4277+ - add qemu-kvm upstart job and defaults file (rules,
4278+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4279+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4280+ do not auto-load the kvm kernel module. Enable nesting by default
4281+ on intel.
4282+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4283+ removed the alternatives bit later.
4284+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4285+ in qemu64 cpu type.
4286+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4287+ machine type to ease future live vm migration.
4288+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4289+ d/qemu-system-common.install
4290+ * Upstart job: use getent group to check for kvm group
4291+ * apport: 'qemu' doesn't exist any more, so check for any qemu* tasks
4292+
4293+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 08:44:54 -0500
4294+
4295 qemu (2.1+dfsg-3) unstable; urgency=medium
4296
4297 * set SHELL = /bin/sh -e, so that more complex shell constructs
4298@@ -2724,6 +6759,42 @@ qemu (2.1+dfsg-3) unstable; urgency=medium
4299
4300 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 14 Aug 2014 14:30:24 +0400
4301
4302+qemu (2.1+dfsg-2ubuntu2) utopic; urgency=medium
4303+
4304+ * reload kvm_intel if needed to set the nested=Y flag (LP: #1324174)
4305+
4306+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Aug 2014 12:58:50 -0500
4307+
4308+qemu (2.1+dfsg-2ubuntu1) utopic; urgency=medium
4309+
4310+ * Merge new debian release
4311+ * Remaining changes:
4312+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
4313+ have in ipxe-qemu package.
4314+ - control-in: stick to libsdl1.2-dev.
4315+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
4316+ qemu-bridge-helper
4317+ - qemu-system-common.postinst: remove acl placed by udev,
4318+ and add udevadm trigger.
4319+ - qemu-system-common.preinst: add kvm group if needed
4320+ - add qemu-kvm upstart job and defaults file (rules,
4321+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4322+ - debian/rules: add qemu-kvm-spice
4323+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4324+ do not auto-load the kvm kernel module. Enable nesting by default
4325+ on intel.
4326+ - binfmt-update-in: make sure to filter out compat arches.
4327+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4328+ removed the alternatives bit later.
4329+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4330+ in qemu64 cpu type.
4331+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4332+ machine type to ease future live vm migration.
4333+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4334+ d/qemu-system-common.install
4335+
4336+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Aug 2014 13:53:06 -0500
4337+
4338 qemu (2.1+dfsg-2) unstable; urgency=medium
4339
4340 * l2tp-linux-only.patch: fix FTBFS on kfreebsd
4341@@ -2758,7 +6829,7 @@ qemu (2.1+dfsg-1) unstable; urgency=medium
4342
4343 qemu (2.0.0+dfsg-7) unstable; urgency=medium
4344
4345- * clarify description of qemu-user-binfmt a bit
4346+ * clarify description of qemu-user-binfmt a bit
4347 * build-depend on acpica-tools (iasl) in order to rebuild .dsl files
4348 * remove qemu-keymaps package, since it is not used by other tools
4349 anymore, and ship keymaps in qemu-system-common.
4350@@ -2775,6 +6846,43 @@ qemu (2.0.0+dfsg-7) unstable; urgency=medium
4351
4352 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 24 Jul 2014 16:51:16 +0400
4353
4354+qemu (2.0.0+dfsg-6ubuntu2) utopic; urgency=medium
4355+
4356+ * d/qemu-system-x86.qemu-kvm.upstart: change the early-exit check from
4357+ /usr/bin/kvm to qemu-system-x86_64. (LP: #1348551)
4358+
4359+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 25 Jul 2014 08:35:02 -0500
4360+
4361+qemu (2.0.0+dfsg-6ubuntu1) utopic; urgency=medium
4362+
4363+ * Merge 2.0.0+dfsg-6. Remaining changes:
4364+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
4365+ have in ipxe-qemu package.
4366+ - control-in: stick to libgnutls-dev and libsdl1.2-dev.
4367+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
4368+ qemu-bridge-helper
4369+ - qemu-system-common.postinst: remove acl placed by udev,
4370+ and add udevadm trigger.
4371+ - qemu-system-common.preinst: add kvm group if needed
4372+ - add qemu-kvm upstart job and defaults file (rules,
4373+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4374+ - debian/rules: add qemu-kvm-spice
4375+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4376+ do not auto-load the kvm kernel module. Enable nesting by default
4377+ on intel.
4378+ - binfmt-update-in: make sure to filter out compat arches.
4379+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4380+ removed the alternatives bit later.
4381+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4382+ in qemu64 cpu type.
4383+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4384+ machine type to ease future live vm migration.
4385+ - re-introduce apport hook for qemu source package:
4386+ d/source_qemu-kvm.py, d/qemu-system-common.install
4387+ * enable-build-dep on libjpeg8-dev - which is now in main
4388+
4389+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 23 Jun 2014 14:52:54 -0500
4390+
4391 qemu (2.0.0+dfsg-6) unstable; urgency=medium
4392
4393 * build-depend on libgnutls28-dev not libgnutls-dev
4394@@ -2818,6 +6926,59 @@ qemu (2.0.0+dfsg-3) unstable; urgency=low
4395
4396 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 21 Apr 2014 12:34:03 +0400
4397
4398+qemu (2.0.0+dfsg-2ubuntu3) utopic; urgency=medium
4399+
4400+ * remove alternatives for qemu: different architectures
4401+ aren't really alternatives and never had been (LP: #1316829)
4402+
4403+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 07 May 2014 15:12:33 +0000
4404+
4405+qemu (2.0.0+dfsg-2ubuntu2) utopic; urgency=medium
4406+
4407+ * debian/rules: install the proper /etc/init/qemu-kvm.conf (LP: #1315402)
4408+ * debian/control: drop the versioning requirement from libfdt-dev
4409+ build-dependency, as it is longer needed (LP: #1295072)
4410+
4411+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 02 May 2014 11:43:44 -0500
4412+
4413+qemu (2.0.0+dfsg-2ubuntu1) trusty-proposed; urgency=medium
4414+
4415+ * Merge 2.0.0+dfsg-2
4416+ * Incorporates a fix for spice users (LP: #1309452)
4417+ * drop patch kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch, as
4418+ the regression requiring it was reverted for 2.0 upstream.
4419+ * remove qemu-system-common depends on the qemu-system-aarch64 metapackage
4420+ * debian/qemu-debootstrap: add arm64
4421+ * Remaining changes from debian:
4422+ - keep qemu 'alternative' (not something to change in SRU)
4423+ - debian/control and debian/control-in:
4424+ * versioned libfdt-dev check, until libfdt is fixed in precise
4425+ * enable rbd
4426+ * remove ovmf Recommends, as it is in multiverse
4427+ * use libsdl1.2, not libsdl2, since libsdl2-dev is in universe
4428+ * add a qemu-system-aarch64 metapackage for transitions from trusty
4429+ development version. This can be removed after trusty.
4430+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
4431+ qemu-bridge-helper
4432+ - qemu-system-common.postinst: fix /dev/kvm acls
4433+ - qemu-system-common.preinst: add kvm group if needed
4434+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
4435+ have in ipxe-qemu package.
4436+ - qemu-system-x86.modprobe: set module options for older releases
4437+ - qemu-system-x86.qemu-kvm.default: defaults for the upstart job
4438+ - qemu-system-x86.qemu-kvm.upstart: qemu-kvm upstart job
4439+ - qemu-user-static.postinst-in: remove qemu-arm64-static on arm64
4440+ - debian/rules
4441+ * add legacy kvm-spice link
4442+ * fix ppc and arm slections
4443+ * add aarch64 to user_targets
4444+ - debian/patches/ubuntu/define-trusty-machine-type.patch: define a
4445+ pc-i440fx-trusty machine type as the default.
4446+ - debian/patches/ubuntu/expose-vmx_qemu64cpu.patch: support nesting by
4447+ default in qemu64 cpu time.
4448+
4449+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Apr 2014 09:23:27 -0500
4450+
4451 qemu (2.0.0+dfsg-2) unstable; urgency=medium
4452
4453 * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current
4454@@ -2843,7 +7004,7 @@ qemu (2.0.0+dfsg-1) unstable; urgency=low
4455 * kmod dependency is linux-any
4456 * doc-grammify-allows-to.patch: fix some lintian warnings
4457 * remove alternatives for qemu: different architectures
4458- aren't really alternatives and never had been
4459+ aren't really alternatives and never had been
4460 * update Standards-Version to 3.9.5 (no changes needed)
4461 * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff -
4462 fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1
4463@@ -2877,6 +7038,50 @@ qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low
4464
4465 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 05 Apr 2014 16:23:48 +0400
4466
4467+qemu (2.0.0~rc1+dfsg-0ubuntu3) trusty; urgency=medium
4468+
4469+ * d/p/ubuntu/kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch
4470+ don't abort() just because the kernel has no dirty bitmap.
4471+ (LP: #1303926)
4472+
4473+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 22:32:00 -0500
4474+
4475+qemu (2.0.0~rc1+dfsg-0ubuntu2) trusty; urgency=medium
4476+
4477+ * define-trusty-machine-type.patch: update the trusty machine type name to
4478+ pc-i440fx-trusty (LP: #1304107)
4479+
4480+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 11:49:04 -0500
4481+
4482+qemu (2.0.0~rc1+dfsg-0ubuntu1) trusty; urgency=medium
4483+
4484+ * Merge 2.0.0-rc1
4485+ * debian/rules: consolidate ppc filter entries.
4486+ * Move qemu-system-arch64 into qemu-system-arm
4487+ * debian/patches/define-trusty-machine-type.patch: define a trusty machine
4488+ type, currently the same as pc-i440fx-2.0, to put is in a better position
4489+ to enable live migrations from trusty onward. (LP: #1294823)
4490+ * debian/control: build-dep on libfdt >= 1.4.0 (LP: #1295072)
4491+ * Merge latest upstream git to commit dc9528f
4492+ * Debian/rules:
4493+ - remove -enable-uname-release=2.6.32
4494+ - don't make the aarch64 target Ubuntu-specific.
4495+ * Remove patches which are now upstream:
4496+ - fix-smb-security-share.patch
4497+ - slirp-smb-redirect-port-445-too.patch
4498+ - linux-user-Implement-sendmmsg-syscall.patch (better version is upstream)
4499+ - signal-added-a-wrapper-for-sigprocmask-function.patch
4500+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
4501+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
4502+ - ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch
4503+ * add link for /usr/share/qemu/bios-256k.bin
4504+ * Remove all linaro patches.
4505+ * Remove all arm64/ patches. Many but not all are upstream.
4506+ * Remove CVE-2013-4377.patch which is upstream.
4507+ * debian/control-in: don't make qemu-system-aarch64 ubuntu-specific
4508+
4509+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 25 Feb 2014 22:31:43 -0600
4510+
4511 qemu (1.7.0+dfsg-9) unstable; urgency=medium
4512
4513 * remove rbd/rados/ceph support *again*, till they'll actually provide
4514@@ -2941,6 +7146,104 @@ qemu (1.7.0+dfsg-4) unstable; urgency=medium
4515
4516 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 12 Mar 2014 18:34:03 +0400
4517
4518+qemu (1.7.0+dfsg-3ubuntu7) trusty; urgency=low
4519+
4520+ * No-change rebuild to build with libxen-4.4.
4521+
4522+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 21 Mar 2014 10:04:36 +0100
4523+
4524+qemu (1.7.0+dfsg-3ubuntu6) trusty; urgency=medium
4525+
4526+ * d/p/ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch: cherrypick
4527+ upstream patch to force cpu count on ppc to be a power of 2. (LP: #1279682)
4528+
4529+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Mar 2014 00:03:00 -0500
4530+
4531+qemu (1.7.0+dfsg-3ubuntu5) trusty; urgency=medium
4532+
4533+ [ dann frazier ]
4534+ * Add patches from the susematz tree to avoid intermittent segfaults:
4535+ - ubuntu/signal-added-a-wrapper-for-sigprocmask-function.patch
4536+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
4537+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
4538+
4539+ [ Serge Hallyn ]
4540+ * Modify do_sigprocmask to only change behavior for aarch64.
4541+ (LP: #1285363)
4542+
4543+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 06 Mar 2014 16:15:50 -0600
4544+
4545+qemu (1.7.0+dfsg-3ubuntu4) trusty; urgency=medium
4546+
4547+ [ Steve Langasek ]
4548+ * Merge debian/control with unreleased Debian branch: our architecture
4549+ lists should now be in sync.
4550+
4551+ [ Dann Frazier ]
4552+ * ubuntu/linux-user-Implement-sendmmsg-syscall.patch: Fix user mode DNS
4553+ on arm64 and maybe others. (LP: #1284344)
4554+
4555+ [ Serge Hallyn ]
4556+ * Move the OVMF.fd link to the ovmf package.
4557+
4558+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 21 Feb 2014 12:14:53 -0800
4559+
4560+qemu (1.7.0+dfsg-3ubuntu3) trusty; urgency=medium
4561+
4562+ * Add ppc64el to the architecture list (supposedly added in the previous
4563+ upload, but really wasn't).
4564+
4565+ -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 20 Feb 2014 23:40:07 -0800
4566+
4567+qemu (1.7.0+dfsg-3ubuntu2) trusty; urgency=medium
4568+
4569+ * Backport changes to enable qemu-user-static support for aarch64
4570+ * debian/control: add ppc64el to Architectures
4571+ * debian/rules: only install qemu-system-aarch64 on arm64.
4572+ Fixes a FTBFS when built twice in a row on non-arm64 due to a stale
4573+ debian/qemu-system-aarch64 directory
4574+
4575+ -- dann frazier <dann.frazier@canonical.com> Tue, 11 Feb 2014 15:41:53 -0700
4576+
4577+qemu (1.7.0+dfsg-3ubuntu1) trusty; urgency=medium
4578+
4579+ * Fix broken filter_binfmts
4580+ * Remove use of dpkg-version in postinsts, as we're not Depending on
4581+ dpkg-dev.
4582+
4583+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 05 Feb 2014 21:57:38 -0600
4584+
4585+qemu (1.7.0+dfsg-3ubuntu1~ppa1) trusty; urgency=medium
4586+
4587+ * Merge 1.7.0+dfsg-3 from debian. Remaining changes:
4588+ - debian/patches/ubuntu:
4589+ * expose-vmx_qemu64cpu.patch
4590+ * linaro (omap3) and arm64 patches
4591+ * ubuntu/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS
4592+ on ppc
4593+ * ubuntu/CVE-2013-4377.patch: fix denial of service via virtio
4594+ - debian/qemu-system-x86.modprobe: set kvm_intel nested=1 options
4595+ - debian/control:
4596+ * add arm64 to Architectures
4597+ * add qemu-common and qemu-system-aarch64 packages
4598+ - debian/qemu-system-common.install: add debian/tmp/usr/lib
4599+ - debian/qemu-system-common.preinst: add kvm group
4600+ - debian/qemu-system-common.postinst: remove acl placed by udev,
4601+ and add udevadm trigger.
4602+ - qemu-system-x86.links: add eepro100.rom, remove pxe-virtio,
4603+ pxe-e1000 and pxe-rtl8139.
4604+ - add qemu-system-x86.qemu-kvm.upstart and .default
4605+ - qemu-user-static.postinst-in: remove arm64 binfmt
4606+ - debian/rules:
4607+ * allow parallel build
4608+ * add aarch64 to system_targets and sys_systems
4609+ * add qemu-kvm-spice links
4610+ * install qemu-system-x86.modprobe
4611+ - add debian/qemu-system-common.links for OVMF.fd link
4612+ * Remove kvm-img, kvm-nbd, kvm-ifup and kvm-ifdown symlinks.
4613+
4614+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Feb 2014 12:13:08 -0600
4615+
4616 qemu (1.7.0+dfsg-3) unstable; urgency=low
4617
4618 * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86
4619@@ -2966,6 +7269,121 @@ qemu (1.7.0+dfsg-3) unstable; urgency=low
4620
4621 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 16 Jan 2014 15:17:46 +0400
4622
4623+qemu (1.7.0+dfsg-2ubuntu9) trusty; urgency=medium
4624+
4625+ * debian/qemu-user-static.postinst-in: remove arm64 qemu-user binfmt, which
4626+ may have been installed up to 1.6.0+dfsg-2ubuntu4 (LP: #1273654)
4627+
4628+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 Jan 2014 14:41:20 +0000
4629+
4630+qemu (1.7.0+dfsg-2ubuntu8) trusty; urgency=medium
4631+
4632+ * SECURITY UPDATE: denial of service via virtio device hot-plugging
4633+ - debian/patches/CVE-2013-4377.patch: upstream commits to refactor
4634+ virtio device unplugging.
4635+ - CVE-2013-4377
4636+
4637+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jan 2014 09:10:37 -0500
4638+
4639+qemu (1.7.0+dfsg-2ubuntu7) trusty; urgency=medium
4640+
4641+ * d/p/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS on
4642+ powerpc.
4643+
4644+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 22 Jan 2014 11:59:26 -0600
4645+
4646+qemu (1.7.0+dfsg-2ubuntu6) trusty; urgency=medium
4647+
4648+ [ Serge Hallyn ]
4649+ * add arm64 patchset from upstream. The three arm virt patches previously
4650+ pushed are in that set, so drop them.
4651+
4652+ [ dann frazier ]
4653+ * Add packaging for qemu-system-aarch64. This package is currently only
4654+ available for arm64, as full software emulation is not yet supported.
4655+
4656+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 10 Jan 2014 12:19:08 -0600
4657+
4658+qemu (1.7.0+dfsg-2ubuntu5) trusty; urgency=medium
4659+
4660+ * Drop d/p/fix-pci-add: upstream does not intend for pci_add to be
4661+ supported any longer.
4662+ * Add patchset from git://git.linaro.org/qemu/qemu-linaro.git#rebasing
4663+ * Refresh debian/patches/hw_arm_add_virt_platform.patch against context
4664+ churn caused by linaro patchset.
4665+ * debian/rules: enable parallel builds.
4666+
4667+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 03 Jan 2014 10:53:17 -0600
4668+
4669+qemu (1.7.0+dfsg-2ubuntu4) trusty; urgency=medium
4670+
4671+ * d/control: enable usbredir (LP: 1126390)
4672+
4673+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 02 Jan 2014 08:55:43 -0600
4674+
4675+qemu (1.7.0+dfsg-2ubuntu3) trusty; urgency=medium
4676+
4677+ * add missing arm virt patches from the mach-virt-v7 branch of
4678+ git://git.linaro.org/people/cdall/qemu-arm.git
4679+
4680+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 18 Dec 2013 12:25:59 -0600
4681+
4682+qemu (1.7.0+dfsg-2ubuntu2) trusty; urgency=medium
4683+
4684+ * debian/control: add arm64 to list of architectures.
4685+
4686+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Dec 2013 10:22:47 -0600
4687+
4688+qemu (1.7.0+dfsg-2ubuntu1) trusty; urgency=low
4689+
4690+ * Merge 1.7.0+dfsg-2 from debian experimental. Remaining changes:
4691+ - debian/control
4692+ * update maintainer
4693+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4694+ from build-deps
4695+ * enable rbd
4696+ * add qemu-system and qemu-common B/R to qemu-keymaps
4697+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4698+ qemu-system-common
4699+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4700+ - add qemu-common, qemu-kvm, kvm to B/R
4701+ - remove openbios-sparc from qemu-system-sparc D
4702+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
4703+ * qemu-system-x86:
4704+ - add qemu-common to Breaks/Replaces.
4705+ - add cpu-checker to Recommends.
4706+ * qemu-user: add B/R:qemu-kvm
4707+ * qemu-kvm:
4708+ - add armhf armel powerpc sparc to Architecture
4709+ - C/R/P: qemu-kvm-spice
4710+ * add qemu-common package
4711+ * drop qemu-slof which is not packaged in ubuntu
4712+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4713+ - qemu-system-x86.links:
4714+ * remove pxe rom links which are in kvm-ipxe
4715+ - debian/rules
4716+ * add kvm-spice symlink to qemu-kvm
4717+ * call dh_installmodules for qemu-system-x86
4718+ * update dh_installinit to install upstart script
4719+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4720+ - Add qemu-utils.links for kvm-* symlinks.
4721+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4722+ - Add qemu-system-x86.modprobe to set nesting=1
4723+ - Add qemu-system-common.preinst to add kvm group
4724+ - qemu-system-common.postinst: remove bad group acl if there, then have
4725+ udev relabel /dev/kvm.
4726+ - New linaro patches from qemu-linaro rebasing branch
4727+ - Dropped patches:
4728+ * linaro patchset
4729+ * mach-virt patchset
4730+ - Kept patches:
4731+ * expose_vms_qemu64cpu.patch
4732+ * fix-pci-add
4733+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
4734+ qemu-bridge-helper
4735+
4736+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 07 Dec 2013 06:08:11 +0000
4737+
4738 qemu (1.7.0+dfsg-2) unstable; urgency=low
4739
4740 * switch from vgabios to seavgabios
4741@@ -2995,6 +7413,73 @@ qemu (1.7.0+dfsg-1) unstable; urgency=low
4742
4743 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 28 Nov 2013 03:14:21 +0400
4744
4745+qemu (1.6.0+dfsg-2ubuntu2) trusty; urgency=low
4746+
4747+ * debian/control: qemu-utils must Replace: qemu-kvm as it did in raring,
4748+ to prevent lts-to-lts updates from breaking. (LP: #1243403)
4749+
4750+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 23 Oct 2013 14:31:05 -0500
4751+
4752+qemu (1.6.0+dfsg-2ubuntu1) trusty; urgency=low
4753+
4754+ * Merge 1.6.0~rc0+dfsg-2exp from debian experimental. Remaining changes:
4755+ - debian/control
4756+ * update maintainer
4757+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4758+ from build-deps
4759+ * enable rbd
4760+ * add qemu-system and qemu-common B/R to qemu-keymaps
4761+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4762+ qemu-system-common
4763+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4764+ - add qemu-kvm to Provides
4765+ - add qemu-common, qemu-kvm, kvm to B/R
4766+ - remove openbios-sparc from qemu-system-sparc D
4767+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
4768+ * qemu-system-x86:
4769+ - add qemu-common to Breaks/Replaces.
4770+ - add cpu-checker to Recommends.
4771+ * qemu-user: add B/R:qemu-kvm
4772+ * qemu-kvm:
4773+ - add armhf armel powerpc sparc to Architecture
4774+ - C/R/P: qemu-kvm-spice
4775+ * add qemu-common package
4776+ * drop qemu-slof which is not packaged in ubuntu
4777+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4778+ - qemu-system-x86.links:
4779+ * remove pxe rom links which are in kvm-ipxe
4780+ * add symlink for kvm.1 manpage
4781+ - debian/rules
4782+ * add kvm-spice symlink to qemu-kvm
4783+ * call dh_installmodules for qemu-system-x86
4784+ * update dh_installinit to install upstart script
4785+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4786+ - Add qemu-utils.links for kvm-* symlinks.
4787+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4788+ - Add qemu-system-x86.modprobe to set nesting=1
4789+ - Add qemu-system-common.preinst to add kvm group
4790+ - qemu-system-common.postinst: remove bad group acl if there, then have
4791+ udev relabel /dev/kvm.
4792+ - New linaro patches from qemu-linaro rebasing branch
4793+ - Dropped patches:
4794+ * xen-simplify-xen_enabled.patch
4795+ * sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch
4796+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
4797+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
4798+ * virtio-rng-fix-crash
4799+ - Kept patches:
4800+ * expose_vms_qemu64cpu.patch - updated
4801+ * linaro arm patches from qemu-linaro rebasing branch
4802+ - New patches:
4803+ * fix-pci-add: change CONFIG variable in ifdef to make sure that
4804+ pci_add is defined.
4805+ * Add linaro patches
4806+ * Add experimental mach-virt patches for arm virtualization.
4807+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
4808+ qemu-bridge-helper
4809+
4810+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 22 Oct 2013 22:47:07 -0500
4811+
4812 qemu (1.6.0+dfsg-2) unstable; urgency=low
4813
4814 * Build-depend in seccomp again once it is in -testing
4815@@ -3065,6 +7550,89 @@ qemu (1.5.0+dfsg-4) unstable; urgency=medium
4816
4817 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 06 Jun 2013 01:50:32 +0400
4818
4819+qemu (1.5.0+dfsg-3ubuntu6) trusty; urgency=low
4820+
4821+ * No change rebuild for new seccomp.
4822+
4823+ -- StΓ©phane Graber <stgraber@ubuntu.com> Mon, 21 Oct 2013 18:34:50 -0400
4824+
4825+qemu (1.5.0+dfsg-3ubuntu5) saucy; urgency=low
4826+
4827+ * Cherrypick upstream patch to fix crash with rng device (LP: #1235017)
4828+ - virtio-rng-fix-crash
4829+
4830+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 09 Oct 2013 17:46:49 -0500
4831+
4832+qemu (1.5.0+dfsg-3ubuntu4) saucy; urgency=low
4833+
4834+ * Re-introduce snippet in upstart job to load kvm modules if needed.
4835+ (LP: #1218459)
4836+
4837+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 16 Sep 2013 22:43:52 +0000
4838+
4839+qemu (1.5.0+dfsg-3ubuntu3) saucy; urgency=low
4840+
4841+ * Cherry-picking three Xen related patches targetted for qemu-stable:
4842+ * xen-simplify-xen_enabled.patch
4843+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
4844+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
4845+
4846+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 26 Jul 2013 15:01:44 +0200
4847+
4848+qemu (1.5.0+dfsg-3ubuntu2) saucy; urgency=low
4849+
4850+ * Drop openbios-ppc and openhackware Depends to Suggests for now.
4851+
4852+ -- Adam Conrad <adconrad@ubuntu.com> Wed, 05 Jun 2013 03:23:56 -0600
4853+
4854+qemu (1.5.0+dfsg-3ubuntu1) saucy; urgency=low
4855+
4856+ * Merge 1.5.0+dfs-3 from debian unstable. Remaining changes:
4857+ - debian/control
4858+ * update maintainer
4859+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4860+ from build-deps
4861+ * enable rbd
4862+ * add qemu-system and qemu-common B/R to qemu-keymaps
4863+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4864+ qemu-system-common
4865+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4866+ - add qemu-kvm to Provides
4867+ - add qemu-common, qemu-kvm, kvm to B/R
4868+ - remove openbios-sparc from qemu-system-sparc D
4869+ * qemu-system-x86:
4870+ - add qemu-common to Breaks/Replaces.
4871+ - add cpu-checker to Recommends.
4872+ * qemu-user: add B/R:qemu-kvm
4873+ * qemu-kvm:
4874+ - add armhf armel powerpc sparc to Architecture
4875+ - C/R/P: qemu-kvm-spice
4876+ * add qemu-common package
4877+ * drop qemu-slof which is not packaged in ubuntu
4878+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4879+ - qemu-system-x86.links:
4880+ * remove pxe rom links which are in kvm-ipxe
4881+ * add symlink for kvm.1 manpage
4882+ - debian/rules
4883+ * add kvm-spice symlink to qemu-kvm
4884+ * call dh_installmodules for qemu-system-x86
4885+ * update dh_installinit to install upstart script
4886+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4887+ - Add qemu-utils.links for kvm-* symlinks.
4888+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4889+ - Add qemu-system-x86.modprobe to set nesting=1
4890+ - Add qemu-system-common.preinst to add kvm group
4891+ - qemu-system-common.postinst: remove bad group acl if there, then have
4892+ udev relabel /dev/kvm.
4893+ - Dropped patches:
4894+ * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4895+ - Kept patches:
4896+ * expose_vms_qemu64cpu.patch - updated
4897+ * gridcentric patch - updated
4898+ * linaro arm patches from qemu-linaro rebasing branch
4899+
4900+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Jun 2013 22:56:43 +0200
4901+
4902 qemu (1.5.0+dfsg-3) unstable; urgency=low
4903
4904 * fix sections: misc => otherosfs
4905@@ -3084,6 +7652,54 @@ qemu (1.5.0+dfsg-3) unstable; urgency=low
4906
4907 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Jun 2013 01:49:47 +0400
4908
4909+qemu (1.5.0+dfsg-2ubuntu1) saucy; urgency=low
4910+
4911+ * Merge 1.5.0+dfs-2 from debian unstable. Remaining changes:
4912+ - debian/control
4913+ * update maintainer
4914+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4915+ from build-deps
4916+ * enable rbd
4917+ * add qemu-system and qemu-common B/R to qemu-keymaps
4918+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4919+ qemu-system-common
4920+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4921+ - add qemu-kvm to Provides
4922+ - add qemu-common, qemu-kvm, kvm to B/R
4923+ - remove openbios-sparc from qemu-system-sparc D
4924+ * qemu-system-x86:
4925+ - add qemu-common to Breaks/Replaces.
4926+ - add cpu-checker to Recommends.
4927+ * qemu-user: add B/R:qemu-kvm
4928+ * qemu-kvm:
4929+ - add armhf armel powerpc sparc to Architecture
4930+ - C/R/P: qemu-kvm-spice
4931+ * add qemu-common package
4932+ * drop qemu-slof which is not packaged in ubuntu
4933+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4934+ - qemu-system-x86.links:
4935+ * remove pxe rom links which are in kvm-ipxe
4936+ * add symlink for kvm.1 manpage
4937+ - debian/rules
4938+ * add kvm-spice symlink to qemu-kvm
4939+ * call dh_installmodules for qemu-system-x86
4940+ * update dh_installinit to install upstart script
4941+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4942+ - Add qemu-utils.links for kvm-* symlinks.
4943+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4944+ - Add qemu-system-x86.modprobe to set nesting=1
4945+ - Add qemu-system-common.preinst to add kvm group
4946+ - qemu-system-common.postinst: remove bad group acl if there, then have
4947+ udev relabel /dev/kvm.
4948+ - Dropped patches:
4949+ * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch
4950+ - Kept patches:
4951+ * expose_vms_qemu64cpu.patch - updated
4952+ * gridcentric patch - updated
4953+ * linaro arm patches from qemu-linaro rebasing branch
4954+
4955+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 May 2013 08:18:30 -0500
4956+
4957 qemu (1.5.0+dfsg-2) unstable; urgency=low
4958
4959 * merged development history of wheezy and experimental branches.
4960@@ -3151,6 +7767,76 @@ qemu (1.4.0+dfsg-2exp) experimental; urgency=low
4961
4962 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 18 Apr 2013 14:45:30 +0400
4963
4964+qemu (1.4.0+dfsg-1expubuntu4) raring; urgency=low
4965+
4966+ * re-add qemu-system-x86.modprobe to set nesting=1 (LP: #1155177)
4967+ * qemu-system-x86.qemu-kvm.upstart:
4968+ - remove NESTED workarounds from upstart file.
4969+ - remove loading of modules which is now always done
4970+ - remove TAPR define which is no longer used
4971+ * move customizable defines back to qemu-kvm.default
4972+ * copy creation of group kvm to preinst - the group must exist when the
4973+ kvm udev rule is installed (LP: #1103022) (LP: #1092715)
4974+ * add adduser to qemu-system-common Pre-Depends for use by preinst.
4975+
4976+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 14 Mar 2013 14:21:53 -0500
4977+
4978+qemu (1.4.0+dfsg-1expubuntu3) raring; urgency=low
4979+
4980+ * debian/rules: add a symlink from kvm-spice to kvm in qemu-kvm, on
4981+ i386/amd64 targets. (LP: #1126258)
4982+
4983+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 28 Feb 2013 15:17:16 -0600
4984+
4985+qemu (1.4.0+dfsg-1expubuntu2) raring; urgency=low
4986+
4987+ * substitute (apparently identical) patches from 1.4.0 qemu-linaro rebasing
4988+ tree.
4989+ * add qemu-common to qemu-system-common B/R (was accidentally dropped from
4990+ 1.3.0 in 1.4.0 merge).
4991+ * debian/control: fix kvm P/C/B/R:
4992+ - make all C/B/R against kvm versioned
4993+ - don't have any qemu-system-* other than x86 Provides: kvm
4994+
4995+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Feb 2013 13:34:07 -0600
4996+
4997+qemu (1.4.0+dfsg-1expubuntu1) raring; urgency=low
4998+
4999+ * Merge 1.4.0+dfsg-1exp from debian. Remaining changes:
5000+ - debian/control:
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches