Merge ~sergiodj/ubuntu/+source/qemu:merge-8.0.3-dfsg-4-mantic into ubuntu/+source/qemu:debian/sid
- Git
- lp:~sergiodj/ubuntu/+source/qemu
- merge-8.0.3-dfsg-4-mantic
- Merge into debian/sid
Status: | Merged |
---|---|
Approved by: | git-ubuntu bot |
Approved revision: | not available |
Merge reported by: | git-ubuntu bot |
Merged at revision: | bef64a9f6ee1e9d79fb679dd83e2d4b10f320c46 |
Proposed branch: | ~sergiodj/ubuntu/+source/qemu:merge-8.0.3-dfsg-4-mantic |
Merge into: | ubuntu/+source/qemu:debian/sid |
Diff against target: |
6946 lines (+6379/-10) 14 files modified
debian/changelog (+5035/-3) debian/control (+51/-7) debian/control-in (+3/-0) debian/patches/series (+6/-0) debian/patches/ubuntu/define-ubuntu-machine-types.patch (+967/-0) debian/patches/ubuntu/enable-svm-by-default.patch (+34/-0) debian/patches/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch (+62/-0) debian/patches/ubuntu/qboot-Disable-LTO-for-ELF-binary-build-step.patch (+44/-0) debian/qemu-block-extra.postinst (+59/-0) debian/qemu-kvm-init (+89/-0) debian/qemu-system-common.install (+1/-0) debian/qemu-system-common.qemu-kvm.default (+8/-0) debian/qemu-system-common.qemu-kvm.service (+16/-0) debian/rules (+4/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
git-ubuntu bot | Approve | ||
Lucas Kanashiro (community) | Approve | ||
Canonical Server Reporter | Pending | ||
Review via email: mp+448111@code.launchpad.net |
Commit message
Description of the change
This is the merge of qemu 8.0.3+dfsg-4 from Debian unstable.
It contains some changes to the downstream patches (some were dropped because they've since been incorporated by qemu, while others were cherry picked from upstream's next branch).
A few interesting/
- Fix for CVE-2023-2861, which affects 9pfs.
- Restrict glusterfs support to 64-bit (https:/
- Make sure qemu-guest-agent is restarted when upgraded (LP #2028124).
PPA: https:/
I'll post the results for the dep8 & the qemu-migration tests tomorrow.
git-ubuntu bot (git-ubuntu-bot) wrote : | # |
Approvers: sergiodj, lucaskanashiro
Uploaders: sergiodj, lucaskanashiro
MP auto-approved
Sergio Durigan Junior (sergiodj) wrote : | # |
Thanks for the review, Lucas.
As I mentioned during standup, I have to wait for schopin to upload glibc 2.38 before I can proceed with the tests and upload. Once glibc 2.38 is available, I'll post the test results here.
Sergio Durigan Junior (sergiodj) wrote : | # |
Feature Freeze is coming, so I decided to upload the package as is even though there is still an armhf issue that I need to look into, and I still don't have results from qemu-migration-test due to some problems with horsea/eagle. I will work on the remaining issues later.
Uploaded:
$ dput qemu_8.
Trying to upload package to ubuntu
Checking signature on .changes
gpg: /home/sergio/
Checking signature on .dsc
gpg: /home/sergio/
Uploading to ubuntu (via ftp to upload.ubuntu.com):
Uploading qemu_8.
Uploading qemu_8.
Uploading qemu_8.
Uploading qemu_8.
Uploading qemu_8.
Successfully uploaded packages.
Preview Diff
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index 0417c35..1af12d2 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,38 @@ |
6 | +qemu (1:8.0.3+dfsg-4ubuntu1) mantic; urgency=medium |
7 | + |
8 | + * Merge with Debian unstable (LP: #2028873, #2028124). Remaining changes: |
9 | + - qemu-kvm to systemd unit |
10 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
11 | + hugepages and architecture specifics |
12 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
13 | + qemu-kvm-init |
14 | + - d/qemu-system-common.install: install helper script |
15 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
16 | + /etc/default/qemu-kvm |
17 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
18 | + - Distribution specific machine type |
19 | + (LP 1304107 1621042 1776189 1761372 1761372 1776189) |
20 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
21 | + types containing release versioned machine attributes |
22 | + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
23 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
24 | + - Enable nesting by default |
25 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
26 | + in qemu64 on amd |
27 | + [ No more strictly needed, but required for backward compatibility ] |
28 | + - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) |
29 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
30 | + reference 256k path |
31 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
32 | + handle incoming migrations from former releases. |
33 | + - Ease the use of module retention on upgrades (LP 1913421) |
34 | + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade |
35 | + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) |
36 | + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: |
37 | + fix qboot FTBFS with LTO |
38 | + |
39 | + -- Sergio Durigan Junior <sergio.durigan@canonical.com> Mon, 31 Jul 2023 23:09:27 -0400 |
40 | + |
41 | qemu (1:8.0.3+dfsg-4) unstable; urgency=medium |
42 | |
43 | * more linux-user address fixes from Helge Deller |
44 | @@ -70,6 +105,59 @@ qemu (1:8.0.2+dfsg-3) unstable; urgency=medium |
45 | |
46 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 29 Jun 2023 18:36:33 +0300 |
47 | |
48 | +qemu (1:8.0.2+dfsg-2ubuntu1) mantic; urgency=medium |
49 | + |
50 | + * Merge with Debian unstable (LP: #2018103). Remaining changes: |
51 | + - qemu-kvm to systemd unit |
52 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
53 | + hugepages and architecture specifics |
54 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
55 | + qemu-kvm-init |
56 | + - d/qemu-system-common.install: install helper script |
57 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
58 | + /etc/default/qemu-kvm |
59 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
60 | + - Distribution specific machine type |
61 | + (LP 1304107 1621042 1776189 1761372 1761372 1776189) |
62 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
63 | + types containing release versioned machine attributes |
64 | + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
65 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
66 | + - Enable nesting by default |
67 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
68 | + in qemu64 on amd |
69 | + [ No more strictly needed, but required for backward compatibility ] |
70 | + - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) |
71 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
72 | + reference 256k path |
73 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
74 | + handle incoming migrations from former releases. |
75 | + - Ease the use of module retention on upgrades (LP 1913421) |
76 | + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade |
77 | + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) |
78 | + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: |
79 | + fix qboot FTBFS with LTO |
80 | + * Drop changes: |
81 | + - d/control-in: libnfs is in main since focal, enable direct nfs |
82 | + storage support (LP 1988704) |
83 | + [ Adopted by Debian. ] |
84 | + - d/control-in: libsndio is in universe in ubuntu |
85 | + [ Adopted by Debian. ] |
86 | + - Fix FTBFS with glibc >= 2.36. (LP #2015418) |
87 | + + d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary |
88 | + upstream commits that were working around a glibc issue. |
89 | + [ Incorporated upstream. ] |
90 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
91 | + [ Debian linked the qemu-system-x86 documentation with the |
92 | + qemu-system-common package, rendering this README file not |
93 | + applicable. ] |
94 | + - d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating |
95 | + hot-unplug requests by making ACPI PCI able to requeue them. |
96 | + (LP #2018733) |
97 | + [ Applied upstream. ] |
98 | + |
99 | + -- Sergio Durigan Junior <sergio.durigan@canonical.com> Mon, 19 Jun 2023 15:45:09 -0400 |
100 | + |
101 | qemu (1:8.0.2+dfsg-2) unstable; urgency=medium |
102 | |
103 | * d/rules: --enable-libusb for xen build (Closes: #1037341) |
104 | @@ -295,6 +383,66 @@ qemu (1:8.0~rc2+dfsg-1) experimental; urgency=medium |
105 | |
106 | -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Mar 2023 15:44:21 +0300 |
107 | |
108 | +qemu (1:7.2+dfsg-5ubuntu3) mantic; urgency=medium |
109 | + |
110 | + * d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating |
111 | + hot-unplug requests by making ACPI PCI able to requeue them. |
112 | + (LP: #2018733) |
113 | + |
114 | + -- Sergio Durigan Junior <sergio.durigan@canonical.com> Thu, 18 May 2023 15:13:14 -0400 |
115 | + |
116 | +qemu (1:7.2+dfsg-5ubuntu2) lunar; urgency=medium |
117 | + |
118 | + * Fix FTBFS with glibc >= 2.36. (LP: #2015418) |
119 | + - d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary |
120 | + upstream commits that were working around a glibc issue. |
121 | + |
122 | + -- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 05 Apr 2023 20:10:13 -0400 |
123 | + |
124 | +qemu (1:7.2+dfsg-5ubuntu1) lunar; urgency=medium |
125 | + |
126 | + * Re-merge with Debian unstable to pick up stabilization fixes |
127 | + remaining changes: |
128 | + - qemu-kvm to systemd unit |
129 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
130 | + hugepages and architecture specifics |
131 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
132 | + qemu-kvm-init |
133 | + - d/qemu-system-common.install: install helper script |
134 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
135 | + /etc/default/qemu-kvm |
136 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
137 | + - Distribution specific machine type |
138 | + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) |
139 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
140 | + types containing release versioned machine attributes |
141 | + - d/qemu-system-x86.NEWS Info on fixed machine type defintions |
142 | + for host-phys-bits=true |
143 | + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
144 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
145 | + - Enable nesting by default |
146 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
147 | + in qemu64 on amd |
148 | + [ No more strictly needed, but required for backward compatibility ] |
149 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
150 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
151 | + reference 256k path |
152 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
153 | + handle incoming migrations from former releases. |
154 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
155 | + - Ease the use of module retention on upgrades (LP 1913421) |
156 | + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade |
157 | + - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this |
158 | + landed in Debian but under a different name. |
159 | + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) |
160 | + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: |
161 | + fix qboot FTBFS with LTO |
162 | + - d/control-in: libnfs is in main since focal, enable direct nfs |
163 | + storage support (LP 1988704) |
164 | + - d/control-in: libsndio is in universe in ubuntu |
165 | + |
166 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2023 08:50:45 +0100 |
167 | + |
168 | qemu (1:7.2+dfsg-5) unstable; urgency=medium |
169 | |
170 | * d/qemu-guest-agent.udev: fix missing comma |
171 | @@ -334,6 +482,89 @@ qemu (1:7.2+dfsg-5) unstable; urgency=medium |
172 | |
173 | -- Michael Tokarev <mjt@tls.msk.ru> Sun, 05 Mar 2023 20:09:04 +0300 |
174 | |
175 | +qemu (1:7.2+dfsg-4ubuntu1) lunar; urgency=medium |
176 | + |
177 | + * Merge with Debian unstable (LP: #1993438), among many other fixes |
178 | + this resolvs these bugs: |
179 | + (LP: #1957924) - support for querying stats, |
180 | + (LP: #1853307) - Enhanced Interpretation for PCI Functions (s390x) |
181 | + (LP: #1959966) - guest dump encryption with customer keys (s390x) |
182 | + (LP: #1999885) - pv: don't allow userspace to set the clock under PV |
183 | + (LP: #1957924) - add filtering of statistics by target vCPU |
184 | + remaining changes: |
185 | + - qemu-kvm to systemd unit |
186 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
187 | + hugepages and architecture specifics |
188 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
189 | + qemu-kvm-init |
190 | + - d/qemu-system-common.install: install helper script |
191 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
192 | + /etc/default/qemu-kvm |
193 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
194 | + - Distribution specific machine type |
195 | + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) |
196 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
197 | + types containing release versioned machine attributes |
198 | + - d/qemu-system-x86.NEWS Info on fixed machine type defintions |
199 | + for host-phys-bits=true |
200 | + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
201 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
202 | + - Enable nesting by default |
203 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
204 | + in qemu64 on amd |
205 | + [ No more strictly needed, but required for backward compatibility ] |
206 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
207 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
208 | + reference 256k path |
209 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
210 | + handle incoming migrations from former releases. |
211 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
212 | + - Ease the use of module retention on upgrades (LP 1913421) |
213 | + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade |
214 | + - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this |
215 | + landed in Debian but under a different name. |
216 | + - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) |
217 | + + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: |
218 | + fix qboot FTBFS with LTO |
219 | + * Dropped Changes [now part of upstream v7.2.0] |
220 | + - d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt |
221 | + error 'migration was active, but no RAM info was set' (LP 1994002) |
222 | + - d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch: |
223 | + Fix FTBFS with libbpf 1.0.1-2. |
224 | + + Header updates that were added as part of the libbpf fixes |
225 | + but not mentioned in changelog |
226 | + - d/p/u/lp-1981339-*: fix s390x system emulation (LP 1981339) |
227 | + - Fix I/O stalls when using NVMe storage (LP 1970737). |
228 | + + d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter |
229 | + in laio_io_unplug. |
230 | + - SECURITY UPDATE: heap overflow in floppy disk emulator |
231 | + + debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in |
232 | + hw/block/fdc.c. |
233 | + - SECURITY UPDATE: use-after-free vulnerability |
234 | + + debian/patches/CVE-2022-0216-*.patch: fix use-after-free in |
235 | + lsi_do_msgout |
236 | + - SECURITY UPDATE: heap overflow vulnerability |
237 | + + debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to |
238 | + memories |
239 | + - SECURITY UPDATE: integer underflow vulnerability |
240 | + + debian/patches/CVE-2022-3165.patch: fix integer underflow in |
241 | + vnc_client_cut_text_ext |
242 | + * Dropped Changes in regard to GCC-12 FTBFS (LP 1988710) |
243 | + [not all are needed in lunar] |
244 | + - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch. |
245 | + Silence -Warray-bounds false positive [no more needed] |
246 | + - d/rules: set -O1 for alpha firmware build |
247 | + - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch: |
248 | + further FTBFS fixup |
249 | + * Dropped Changes [in Debian 1:7.2+dfsg-3] |
250 | + - d/rules: disable LTO on non-amd64 builds (LP 1921664) |
251 | + * Added Changes |
252 | + - d/control-in: libnfs is in main since focal, enable direct nfs |
253 | + storage support (LP: #1988704) |
254 | + - d/control-in: libsndio is in universe in ubuntu |
255 | + |
256 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Jan 2023 13:18:43 +0100 |
257 | + |
258 | qemu (1:7.2+dfsg-4) unstable; urgency=medium |
259 | |
260 | * block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch: |
261 | @@ -471,6 +702,126 @@ qemu (1:7.1+dfsg-1) unstable; urgency=medium |
262 | |
263 | -- Michael Tokarev <mjt@tls.msk.ru> Mon, 12 Sep 2022 11:50:53 +0300 |
264 | |
265 | +qemu (1:7.0+dfsg-7ubuntu4) lunar; urgency=medium |
266 | + |
267 | + * SECURITY UPDATE: use-after-free vulnerability |
268 | + - debian/patches/CVE-2022-0216-*.patch: fix use-after-free in |
269 | + lsi_do_msgout |
270 | + - CVE-2022-0216 |
271 | + * SECURITY UPDATE: heap overflow vulnerability |
272 | + - debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to |
273 | + memories |
274 | + - CVE-2022-2962 |
275 | + * SECURITY UPDATE: integer underflow vulnerability |
276 | + - debian/patches/CVE-2022-3165.patch: fix integer underflow in |
277 | + vnc_client_cut_text_ext |
278 | + - CVE-2022-3165 |
279 | + |
280 | + -- Nishit Majithia <nishit.majithia@canonical.com> Fri, 09 Dec 2022 10:25:52 +0530 |
281 | + |
282 | +qemu (1:7.0+dfsg-7ubuntu3) lunar; urgency=medium |
283 | + |
284 | + [ Brett Milford ] |
285 | + * d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt |
286 | + error 'migration was active, but no RAM info was set' (LP: #1994002) |
287 | + |
288 | + [ Mauricio Faria de Oliveira ] |
289 | + * d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch: |
290 | + Fix FTBFS with libbpf 1.0.1-2. |
291 | + |
292 | + -- Mauricio Faria de Oliveira <mfo@canonical.com> Wed, 30 Nov 2022 12:17:51 -0300 |
293 | + |
294 | +qemu (1:7.0+dfsg-7ubuntu2) kinetic; urgency=medium |
295 | + |
296 | + [ Paride Legovini ] |
297 | + * d/rules: disable LTO on non-amd64 builds (LP: #1921664) |
298 | + * GCC-12 FTBFS (LP: #1988710) |
299 | + - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch. |
300 | + Silence -Warray-bounds false positive (treated as error) |
301 | + |
302 | + [ Christian Ehrhardt ] |
303 | + * More on GCC-12 FTBFS (LP 1988710) |
304 | + - d/rules: set -O1 for alpha firmware build |
305 | + - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch: |
306 | + further FTBFS fixup |
307 | + |
308 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2022 08:07:24 +0200 |
309 | + |
310 | +qemu (1:7.0+dfsg-7ubuntu1) kinetic; urgency=medium |
311 | + |
312 | + * Merge with Debian unstable (LP: #1971315)(LP: #1980896), remaining changes: |
313 | + - qemu-kvm to systemd unit |
314 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
315 | + hugepages and architecture specifics |
316 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
317 | + qemu-kvm-init |
318 | + - d/qemu-system-common.install: install helper script |
319 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
320 | + /etc/default/qemu-kvm |
321 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
322 | + - Distribution specific machine type |
323 | + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) |
324 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
325 | + types containing release versioned machine attributes |
326 | + - d/qemu-system-x86.NEWS Info on fixed machine type defintions |
327 | + for host-phys-bits=true |
328 | + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
329 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
330 | + - Enable nesting by default |
331 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
332 | + in qemu64 on amd |
333 | + [ No more strictly needed, but required for backward compatibility ] |
334 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
335 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
336 | + reference 256k path |
337 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
338 | + handle incoming migrations from former releases. |
339 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
340 | + - Ease the use of module retention on upgrades (LP 1913421) |
341 | + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade |
342 | + - Fix I/O stalls when using NVMe storage (LP 1970737). |
343 | + - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter |
344 | + in laio_io_unplug. |
345 | + - SECURITY UPDATE: heap overflow in floppy disk emulator |
346 | + - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in |
347 | + hw/block/fdc.c. |
348 | + - CVE-2021-3507 |
349 | + * Dropped Changes [now part of 1:7.0+dfsg-7]: |
350 | + - d/rules: xen libexec dir is no more versioned |
351 | + - d/rules: ensure xen is built on x86 |
352 | + - d/kvm-spice: fix when acceleration is already defined on the commandline |
353 | + - debian/control[-in]: no more disable glusterfs in Ubuntu (LP 1246924) |
354 | + * Dropped Changes [now part of upstream v7.0.0] |
355 | + - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch |
356 | + Allow long kernel command lines for QEMU (LP 1959984) |
357 | + - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list |
358 | + - d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit |
359 | + tcg on s390x. |
360 | + - Fix diff handling on ceph that can cause data corruption (LP 1968258) |
361 | + - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch |
362 | + - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch |
363 | + - d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock |
364 | + in vnc connections (LP 1970563) |
365 | + - All CVE fixes of 1:6.2+dfsg-2ubuntu8 except CVE-2021-3507 |
366 | + * Dropped Changes |
367 | + - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch: |
368 | + add patch to workaround FTBFS when building against OpenSSL 3.0. |
369 | + [ now working with OpenSSL 3.0 ] |
370 | + - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix |
371 | + -fcf-protection being unavailble on -march=i486 (LP 1940029) |
372 | + [ fixed in compiler toolchain ] |
373 | + - Make qemu-system-x86-microvm a transitional package as the binary is now |
374 | + in qemu-system-x86 itself. |
375 | + [ no more needed] |
376 | + * Added Changes |
377 | + - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this |
378 | + landed in Debian but under a different name. |
379 | + - d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS |
380 | + with LTO |
381 | + - d/p/u/lp-1981339-*: fix s390x system emulation (LP: #1981339) |
382 | + |
383 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jul 2022 12:07:19 +0200 |
384 | + |
385 | qemu (1:7.0+dfsg-7) unstable; urgency=medium |
386 | |
387 | * d/tests/test-qemu-user: rework ls/glob test a bit |
388 | @@ -605,6 +956,141 @@ qemu (1:6.2+dfsg-3) unstable; urgency=medium |
389 | |
390 | -- Michael Tokarev <mjt@tls.msk.ru> Fri, 25 Feb 2022 12:01:46 +0300 |
391 | |
392 | +qemu (1:6.2+dfsg-2ubuntu8) kinetic; urgency=medium |
393 | + |
394 | + [ Marc Deslauriers ] |
395 | + * SECURITY UPDATE: heap overflow in floppy disk emulator |
396 | + - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in |
397 | + hw/block/fdc.c. |
398 | + - CVE-2021-3507 |
399 | + * SECURITY UPDATE: use-after-free in nvme |
400 | + - debian/patches/CVE-2021-3929.patch: deny DMA to the iomem of the |
401 | + device itself in hw/nvme/ctrl.c. |
402 | + - CVE-2021-3929 |
403 | + * SECURITY UPDATE: integer overflow in QXL display device emulation |
404 | + - debian/patches/CVE-2021-4206.patch: check width and height in |
405 | + hw/display/qxl-render.c, hw/display/vmware_vga.c, ui/cursor.c. |
406 | + - CVE-2021-4206 |
407 | + * SECURITY UPDATE: heap overflow in QXL display device emulation |
408 | + - debian/patches/CVE-2021-4207.patch: fix race condition in qxl_cursor |
409 | + in hw/display/qxl-render.c. |
410 | + - CVE-2021-4207 |
411 | + * SECURITY UPDATE: potential privilege escalation in virtiofsd |
412 | + - debian/patches/CVE-2022-0358.patch: Drop membership of all |
413 | + supplementary groups in tools/virtiofsd/passthrough_ll.c. |
414 | + - CVE-2022-0358 |
415 | + * SECURITY UPDATE: memory leakage in virtio-net device |
416 | + - debian/patches/CVE-2022-26353.patch: fix map leaking on error during |
417 | + receive in hw/net/virtio-net.c. |
418 | + - CVE-2022-26353 |
419 | + * SECURITY UPDATE: memory leakage in vhost-vsock device |
420 | + - debian/patches/CVE-2022-26354.patch: detach the virqueue element in |
421 | + case of error in hw/virtio/vhost-vsock-common.c. |
422 | + - CVE-2022-26354 |
423 | + |
424 | + [ Sergio Durigan Junior ] |
425 | + * Fix I/O stalls when using NVMe storage (LP: #1970737). |
426 | + - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter |
427 | + in laio_io_unplug. |
428 | + |
429 | + -- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 22 Jun 2022 15:38:37 -0400 |
430 | + |
431 | +qemu (1:6.2+dfsg-2ubuntu7) kinetic; urgency=medium |
432 | + |
433 | + * d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock |
434 | + in vnc connections (LP: #1970563) |
435 | + |
436 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 May 2022 08:25:20 +0200 |
437 | + |
438 | +qemu (1:6.2+dfsg-2ubuntu6) jammy; urgency=medium |
439 | + |
440 | + * debian/control[-in]: no more disable glusterfs in Ubuntu (LP: #1246924) |
441 | + * Fix diff handling on ceph that can cause data corruption (LP: #1968258) |
442 | + - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch |
443 | + - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch |
444 | + |
445 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 08 Apr 2022 09:36:34 +0200 |
446 | + |
447 | +qemu (1:6.2+dfsg-2ubuntu5) jammy; urgency=medium |
448 | + |
449 | + * d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit |
450 | + tcg on s390x. |
451 | + |
452 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 17 Feb 2022 09:54:36 +0100 |
453 | + |
454 | +qemu (1:6.2+dfsg-2ubuntu4) jammy; urgency=medium |
455 | + |
456 | + * No-change rebuild to update maintainer scripts, see LP: 1959054 |
457 | + |
458 | + -- Dave Jones <dave.jones@canonical.com> Wed, 16 Feb 2022 17:28:14 +0000 |
459 | + |
460 | +qemu (1:6.2+dfsg-2ubuntu3) jammy; urgency=medium |
461 | + |
462 | + * Merge with Debian unstable, remaining changes: |
463 | + - qemu-kvm to systemd unit |
464 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
465 | + hugepages and architecture specifics |
466 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
467 | + qemu-kvm-init |
468 | + - d/qemu-system-common.install: install helper script |
469 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
470 | + /etc/default/qemu-kvm |
471 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
472 | + - Distribution specific machine type |
473 | + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) |
474 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
475 | + types containing release versioned machine attributes |
476 | + - d/qemu-system-x86.NEWS Info on fixed machine type defintions |
477 | + for host-phys-bits=true |
478 | + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
479 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
480 | + - Enable nesting by default |
481 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
482 | + in qemu64 on amd |
483 | + [ No more strictly needed, but required for backward compatibility ] |
484 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
485 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
486 | + reference 256k path |
487 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
488 | + handle incoming migrations from former releases. |
489 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
490 | + - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch: |
491 | + add patch to workaround FTBFS when building against OpenSSL 3.0. |
492 | + - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix |
493 | + -fcf-protection being unavailble on -march=i486 (LP 1940029) |
494 | + - Ease the use of module retention on upgrades (LP 1913421) |
495 | + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade |
496 | + - Make qemu-system-x86-microvm a transitional package as the binary is now |
497 | + in qemu-system-x86 itself. |
498 | + * Dropped Changes [now part of 1:6.1+dfsg-8]: |
499 | + - updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code |
500 | + (#993658) (LP 1947860) |
501 | + - improved dependencies |
502 | + - Make qemu-system-common depend on qemu-block-extra |
503 | + - Make qemu-utils depend on qemu-block-extra |
504 | + - d/control*, d/rules: disable xen by default, but provide universe |
505 | + package qemu-system-x86-xen as alternative |
506 | + [includes compat links changes of 5.0-5ubuntu4] |
507 | + - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926) |
508 | + * Dropped Changes [now part of upstream] |
509 | + - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931 |
510 | + and 3932 machines (LP 1932175) |
511 | + - d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix |
512 | + migration with audio devices present (LP 1940288) |
513 | + * Added changes: |
514 | + - update patches for qemu v6.2.0 |
515 | + - d/p/u/enable-svm-by-default.patch |
516 | + - d/p/u/define-ubuntu-machine-types.patch |
517 | + - d/p/u/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch |
518 | + - d/rules: xen libexec dir is no more versioned |
519 | + - d/rules: ensure xen is built on x86 |
520 | + - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch |
521 | + Allow long kernel command lines for QEMU (LP: #1959984) |
522 | + - d/kvm-spice: fix when acceleration is already defined on the commandline |
523 | + - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list |
524 | + |
525 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 05 Jan 2022 12:18:25 +0100 |
526 | + |
527 | qemu (1:6.2+dfsg-2) unstable; urgency=medium |
528 | |
529 | * bump meson build-dep to 0.59.3 |
530 | @@ -826,6 +1312,95 @@ qemu (1:6.0+dfsg-3) unstable; urgency=medium |
531 | |
532 | -- Michael Tokarev <mjt@tls.msk.ru> Tue, 17 Aug 2021 17:49:10 +0300 |
533 | |
534 | +qemu (1:6.0+dfsg-2expubuntu4) jammy; urgency=medium |
535 | + |
536 | + * d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch: |
537 | + add patch to workaround FTBFS when building against OpenSSL 3.0. |
538 | + Thanks to Christian Ehrhardt (LP: #1952448) |
539 | + |
540 | + -- Paride Legovini <paride@ubuntu.com> Fri, 26 Nov 2021 15:47:51 +0100 |
541 | + |
542 | +qemu (1:6.0+dfsg-2expubuntu3) jammy; urgency=medium |
543 | + |
544 | + * No-change rebuild against liburing2 |
545 | + |
546 | + -- Paride Legovini <paride@ubuntu.com> Mon, 22 Nov 2021 18:00:26 +0100 |
547 | + |
548 | +qemu (1:6.0+dfsg-2expubuntu2) jammy; urgency=medium |
549 | + |
550 | + * updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code |
551 | + (#993658) (LP: #1947860) |
552 | + |
553 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 03 Nov 2021 14:10:56 +0100 |
554 | + |
555 | +qemu (1:6.0+dfsg-2expubuntu1) impish; urgency=medium |
556 | + |
557 | + * Merge with Debian experimental, remaining changes: |
558 | + - qemu-kvm to systemd unit |
559 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
560 | + hugepages and architecture specifics |
561 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
562 | + qemu-kvm-init |
563 | + - d/qemu-system-common.install: install helper script |
564 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
565 | + /etc/default/qemu-kvm |
566 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
567 | + - Distribution specific machine type |
568 | + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) |
569 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
570 | + types containing release versioned machine attributes |
571 | + - d/qemu-system-x86.NEWS Info on fixed machine type defintions |
572 | + for host-phys-bits=true |
573 | + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
574 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
575 | + - Enable nesting by default |
576 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
577 | + in qemu64 on amd |
578 | + [ No more strictly needed, but required for backward compatibility ] |
579 | + - improved dependencies |
580 | + - Make qemu-system-common depend on qemu-block-extra |
581 | + - Make qemu-utils depend on qemu-block-extra |
582 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
583 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
584 | + reference 256k path |
585 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
586 | + handle incoming migrations from former releases. |
587 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
588 | + - d/control*, d/rules: disable xen by default, but provide universe |
589 | + package qemu-system-x86-xen as alternative |
590 | + [includes compat links changes of 5.0-5ubuntu4] |
591 | + - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0 |
592 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types |
593 | + for v6.0 |
594 | + - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926) |
595 | + - Ease the use of module retention on upgrades (LP 1913421) |
596 | + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade |
597 | + * Dropped Changes [in 1:6.0+dfsg-2exp]: |
598 | + - d/control-in: Disable capstone disassembler library support (universe) |
599 | + - Disable fuse export (universe dependency) |
600 | + - Ease the use of module retention on upgrades (LP 1913421) |
601 | + - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra |
602 | + - d/rules: only save modules if /run/qemu isn't noexec |
603 | + - d/rules: clear all (current and former) modules on purge |
604 | + - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial |
605 | + upgrade issues (LP 1932264) |
606 | + - Enable SDL as secondary UI backend (LP 1256185) |
607 | + - d/control: add build dependency libsdl2-dev |
608 | + - d/control: enable sdl graphics on build |
609 | + - d/qemu-system-gui.install: add ui-sdl.so |
610 | + - d/control: add runtime dependency to libgl1 |
611 | + * Dropped Changes [no more needed] |
612 | + - let qemu-utils recommend sharutils |
613 | + * Added changes: |
614 | + - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix |
615 | + -fcf-protection being unavailble on -march=i486 (LP: #1940029) |
616 | + - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931 |
617 | + and 3932 machines (LP: #1932175) |
618 | + - d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix |
619 | + migration with audio devices present (LP: #1940288) |
620 | + |
621 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 12 Aug 2021 15:35:12 +0200 |
622 | + |
623 | qemu (1:6.0+dfsg-2exp) experimental; urgency=medium |
624 | |
625 | [ Christian Ehrhardt ] |
626 | @@ -863,6 +1438,104 @@ qemu (1:6.0+dfsg-2exp) experimental; urgency=medium |
627 | |
628 | -- Michael Tokarev <mjt@tls.msk.ru> Wed, 21 Jul 2021 19:43:37 +0300 |
629 | |
630 | +qemu (1:6.0+dfsg-1~ubuntu3) impish; urgency=medium |
631 | + |
632 | + * d/p/u/lp-1935617-target-ppc-Fix-load-endianness-for-lxvwsx-lxvdsx.patch: |
633 | + fix TCG emulation for ppc64 (LP: #1935617) |
634 | + |
635 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 13 Jul 2021 09:34:55 +0200 |
636 | + |
637 | +qemu (1:6.0+dfsg-1~ubuntu2) impish; urgency=medium |
638 | + |
639 | + * d/control: remove fuse2 trial-build (LP 1934510) |
640 | + |
641 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 07 Jul 2021 10:26:08 +0200 |
642 | + |
643 | +qemu (1:6.0+dfsg-1~ubuntu1) impish; urgency=medium |
644 | + |
645 | + * Merge with Debian experimental, Among many other things this fixes LP Bugs: |
646 | + (LP: #1907952) broken arrow keys in -display gtk on aarch64 |
647 | + - qemu-kvm to systemd unit |
648 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
649 | + hugepages and architecture specifics |
650 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
651 | + qemu-kvm-init |
652 | + - d/qemu-system-common.install: install helper script |
653 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
654 | + /etc/default/qemu-kvm |
655 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
656 | + - Distribution specific machine type |
657 | + (LP: 1304107 1621042 1776189 1761372 1761372 1776189) |
658 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
659 | + types containing release versioned machine attributes |
660 | + - d/qemu-system-x86.NEWS Info on fixed machine type defintions |
661 | + for host-phys-bits=true |
662 | + - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
663 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
664 | + - Enable nesting by default |
665 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
666 | + in qemu64 on amd |
667 | + [ No more strictly needed, but required for backward compatibility ] |
668 | + - improved dependencies |
669 | + - Make qemu-system-common depend on qemu-block-extra |
670 | + - Make qemu-utils depend on qemu-block-extra |
671 | + - Let qemu-utils recommend sharutils |
672 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
673 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
674 | + reference 256k path |
675 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
676 | + handle incoming migrations from former releases. |
677 | + - d/control-in: Disable capstone disassembler library support (universe) |
678 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
679 | + - d/control*, d/rules: disable xen by default, but provide universe |
680 | + package qemu-system-x86-xen as alternative |
681 | + [includes compat links changes of 5.0-5ubuntu4] |
682 | + - Fix upgrade module handling (LP 1905377) |
683 | + --enable-module-upgrades for qemu-xen which doesn't exist in Debian |
684 | + * Dropped Changes [in 6.0]: |
685 | + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix |
686 | + ld usage of -no-pie (LP 1907789) |
687 | + - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix |
688 | + virtio-9p-ccw being missing (LP 1916230) |
689 | + - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due |
690 | + to glib2.0 >=2.67.3 (LP 1916705) |
691 | + - d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails |
692 | + on some HW/Guest combinations e.g. Windows 10 on Threadripper chips |
693 | + (LP 1921754) |
694 | + - d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support |
695 | + (LP 1921880) |
696 | + - d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre*: |
697 | + fix go in qemu-s390x-static (LP 1922010) |
698 | + * Dropped Changes [in Debian]: |
699 | + - Allow qemu to load old modules post upgrade (LP 1847361) |
700 | + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in |
701 | + - d/rules: Drop generating package version into maintainer scripts |
702 | + * Dropped Changes [No more needed >21.04]: |
703 | + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on |
704 | + the bad old prerm (LP 1906245 1905377) |
705 | + * Added Changes |
706 | + - Disable fuse export (universe dependency) |
707 | + - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0 |
708 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types |
709 | + for v6.0 |
710 | + - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP: #1929926) |
711 | + - Ease the use of module retention on upgrades (LP: #1913421) |
712 | + - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra |
713 | + - d/rules: only save modules if /run/qemu isn't noexec |
714 | + - d/rules: clear all (current and former) modules on purge |
715 | + - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade |
716 | + - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial |
717 | + upgrade issues (LP: #1932264) |
718 | + - Enable SDL as secondary UI backend (LP: #1256185) |
719 | + - d/control: add build dependency libsdl2-dev |
720 | + - d/control: enable sdl graphics on build |
721 | + - d/qemu-system-gui.install: add ui-sdl.so |
722 | + - d/control: add runtime dependency to libgl1 |
723 | + - d/rules: qemu-system-x86-xen builds modules as well now (follows the |
724 | + other packages) |
725 | + |
726 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 15 Jun 2021 12:41:33 +0200 |
727 | + |
728 | qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium |
729 | |
730 | * new upstream release |
731 | @@ -915,6 +1588,75 @@ qemu (1:5.2+dfsg-10) unstable; urgency=medium |
732 | |
733 | -- Michael Tokarev <mjt@tls.msk.ru> Fri, 16 Apr 2021 12:43:36 +0300 |
734 | |
735 | +qemu (1:5.2+dfsg-9ubuntu3) hirsute; urgency=medium |
736 | + |
737 | + * d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails |
738 | + on some HW/Guest combinations e.g. Windows 10 on Threadripper chips |
739 | + (LP: #1921754) |
740 | + * d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support |
741 | + (LP: #1921880) |
742 | + |
743 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 07 Apr 2021 11:58:29 +0200 |
744 | + |
745 | +qemu (1:5.2+dfsg-9ubuntu2) hirsute; urgency=medium |
746 | + |
747 | + * d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre.patch: |
748 | + fix go in qemu-s390x-static (LP: #1922010) |
749 | + |
750 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 31 Mar 2021 10:01:40 +0200 |
751 | + |
752 | +qemu (1:5.2+dfsg-9ubuntu1) hirsute; urgency=medium |
753 | + |
754 | + * Merge with Debian unstable; Remaining changes: |
755 | + - qemu-kvm to systemd unit |
756 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
757 | + hugepages and architecture specifics |
758 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
759 | + qemu-kvm-init |
760 | + - d/qemu-system-common.install: install helper script |
761 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
762 | + /etc/default/qemu-kvm |
763 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
764 | + - Distribution specific machine type (LP: 1304107 1621042) |
765 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types |
766 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
767 | + for host-phys-bits=true (LP: 1776189) |
768 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
769 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
770 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
771 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
772 | + - Enable nesting by default |
773 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
774 | + in qemu64 on amd |
775 | + [ No more strictly needed, but required for backward compatibility ] |
776 | + - improved dependencies |
777 | + - Make qemu-system-common depend on qemu-block-extra |
778 | + - Make qemu-utils depend on qemu-block-extra |
779 | + - let qemu-utils recommend sharutils |
780 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
781 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
782 | + reference 256k path |
783 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
784 | + handle incoming migrations from former releases. |
785 | + - d/control-in: Disable capstone disassembler library support (universe) |
786 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
787 | + - d/control*, d/rules: disable xen by default, but provide universe |
788 | + package qemu-system-x86-xen as alternative |
789 | + [includes compat links changes of 5.0-5ubuntu4] |
790 | + - allow qemu to load old modules post upgrade (LP 1847361) |
791 | + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in |
792 | + - d/rules: Drop generating package version into maintainer scripts |
793 | + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on |
794 | + the bad old prerm (LP 1906245 1905377) |
795 | + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix |
796 | + ld usage of -no-pie (LP 1907789) |
797 | + - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix |
798 | + virtio-9p-ccw being missing (LP 1916230) |
799 | + - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due |
800 | + to glib2.0 >=2.67.3 (LP 1916705) |
801 | + |
802 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 18 Mar 2021 11:13:49 +0100 |
803 | + |
804 | qemu (1:5.2+dfsg-9) unstable; urgency=medium |
805 | |
806 | * do not make qemu-system-data dependent on qemu-system-foo |
807 | @@ -954,6 +1696,66 @@ qemu (1:5.2+dfsg-7) unstable; urgency=high |
808 | |
809 | -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Mar 2021 11:32:54 +0300 |
810 | |
811 | +qemu (1:5.2+dfsg-6ubuntu2) hirsute; urgency=medium |
812 | + |
813 | + * d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due |
814 | + to glib2.0 >=2.67.3 (LP: #1916705) |
815 | + |
816 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 24 Feb 2021 08:39:09 +0100 |
817 | + |
818 | +qemu (1:5.2+dfsg-6ubuntu1) hirsute; urgency=medium |
819 | + |
820 | + * Merge with Debian unstable, includes fixes for |
821 | + - build operates differently if source is a git repo (LP: #1887535) |
822 | + Remaining changes: |
823 | + - qemu-kvm to systemd unit |
824 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
825 | + hugepages and architecture specifics |
826 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
827 | + qemu-kvm-init |
828 | + - d/qemu-system-common.install: install helper script |
829 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
830 | + /etc/default/qemu-kvm |
831 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
832 | + - Distribution specific machine type (LP: 1304107 1621042) |
833 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types |
834 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
835 | + for host-phys-bits=true (LP: 1776189) |
836 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
837 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
838 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
839 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
840 | + - Enable nesting by default |
841 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
842 | + in qemu64 on amd |
843 | + [ No more strictly needed, but required for backward compatibility ] |
844 | + - improved dependencies |
845 | + - Make qemu-system-common depend on qemu-block-extra |
846 | + - Make qemu-utils depend on qemu-block-extra |
847 | + - let qemu-utils recommend sharutils |
848 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
849 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
850 | + reference 256k path |
851 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
852 | + handle incoming migrations from former releases. |
853 | + - d/control-in: Disable capstone disassembler library support (universe) |
854 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
855 | + - d/control*, d/rules: disable xen by default, but provide universe |
856 | + package qemu-system-x86-xen as alternative |
857 | + [includes compat links changes of 5.0-5ubuntu4] |
858 | + - allow qemu to load old modules post upgrade (LP 1847361) |
859 | + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in |
860 | + - d/rules: Drop generating package version into maintainer scripts |
861 | + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on |
862 | + the bad old prerm (LP 1906245 1905377) |
863 | + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix |
864 | + ld usage of -no-pie (LP 1907789) |
865 | + * Added changes |
866 | + - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix |
867 | + virtio-9p-ccw being missing (LP: #1916230) |
868 | + |
869 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Feb 2021 11:40:36 +0100 |
870 | + |
871 | qemu (1:5.2+dfsg-6) unstable; urgency=medium |
872 | |
873 | * deprecate qemu-debootstrap. It is not needed anymore with |
874 | @@ -1006,6 +1808,64 @@ qemu (1:5.2+dfsg-4) unstable; urgency=medium |
875 | |
876 | -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Feb 2021 16:52:10 +0300 |
877 | |
878 | +qemu (1:5.2+dfsg-3ubuntu2) hirsute; urgency=medium |
879 | + |
880 | + * No change rebuild to pick up liburing. (LP: #1914145) |
881 | + |
882 | + -- Mauricio Faria de Oliveira <mfo@canonical.com> Wed, 03 Feb 2021 19:44:54 -0300 |
883 | + |
884 | +qemu (1:5.2+dfsg-3ubuntu1) hirsute; urgency=medium |
885 | + |
886 | + * Merge with Debian unstable, includes fixes for |
887 | + - qemu-user-static are partially dynamically linked (LP: #1908331) |
888 | + - qemu crashing when using spice without qemu-system-gui being |
889 | + installed (LP: #1908577) |
890 | + Remaining changes: |
891 | + - qemu-kvm to systemd unit |
892 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
893 | + hugepages and architecture specifics |
894 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
895 | + qemu-kvm-init |
896 | + - d/qemu-system-common.install: install helper script |
897 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
898 | + /etc/default/qemu-kvm |
899 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
900 | + - Distribution specific machine type (LP: 1304107 1621042) |
901 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types |
902 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
903 | + for host-phys-bits=true (LP: 1776189) |
904 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
905 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
906 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
907 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
908 | + - Enable nesting by default |
909 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
910 | + in qemu64 on amd |
911 | + [ No more strictly needed, but required for backward compatibility ] |
912 | + - improved dependencies |
913 | + - Make qemu-system-common depend on qemu-block-extra |
914 | + - Make qemu-utils depend on qemu-block-extra |
915 | + - let qemu-utils recommend sharutils |
916 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
917 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
918 | + reference 256k path |
919 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
920 | + handle incoming migrations from former releases. |
921 | + - d/control-in: Disable capstone disassembler library support (universe) |
922 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
923 | + - d/control*, d/rules: disable xen by default, but provide universe |
924 | + package qemu-system-x86-xen as alternative |
925 | + [includes compat links changes of 5.0-5ubuntu4] |
926 | + - allow qemu to load old modules post upgrade (LP 1847361) |
927 | + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in |
928 | + - d/rules: Drop generating package version into maintainer scripts |
929 | + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on |
930 | + the bad old prerm (LP 1906245 1905377) |
931 | + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix |
932 | + ld usage of -no-pie (LP 1907789) |
933 | + |
934 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jan 2021 12:43:42 +0100 |
935 | + |
936 | qemu (1:5.2+dfsg-3) unstable; urgency=medium |
937 | |
938 | [ Christian Ehrhardt ] |
939 | @@ -1022,6 +1882,64 @@ qemu (1:5.2+dfsg-3) unstable; urgency=medium |
940 | |
941 | -- Michael Tokarev <mjt@tls.msk.ru> Tue, 29 Dec 2020 15:07:03 +0300 |
942 | |
943 | +qemu (1:5.2+dfsg-2ubuntu1) hirsute; urgency=medium |
944 | + |
945 | + * Merge with Debian unstable |
946 | + - includes fix for CVE-2020-17380 |
947 | + - includes a fix for s390x PCI device reset (LP: #1907656) |
948 | + Remaining changes: |
949 | + - qemu-kvm to systemd unit |
950 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
951 | + hugepages and architecture specifics |
952 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
953 | + qemu-kvm-init |
954 | + - d/qemu-system-common.install: install helper script |
955 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
956 | + /etc/default/qemu-kvm |
957 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
958 | + - Distribution specific machine type (LP: 1304107 1621042) |
959 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types |
960 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
961 | + for host-phys-bits=true (LP: 1776189) |
962 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
963 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
964 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
965 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
966 | + - Enable nesting by default |
967 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
968 | + in qemu64 on amd |
969 | + [ No more strictly needed, but required for backward compatibility ] |
970 | + - improved dependencies |
971 | + - Make qemu-system-common depend on qemu-block-extra |
972 | + - Make qemu-utils depend on qemu-block-extra |
973 | + - let qemu-utils recommend sharutils |
974 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
975 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
976 | + reference 256k path |
977 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
978 | + handle incoming migrations from former releases. |
979 | + - d/control-in: Disable capstone disassembler library support (universe) |
980 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
981 | + - d/control*, d/rules: disable xen by default, but provide universe |
982 | + package qemu-system-x86-xen as alternative |
983 | + [includes compat links changes of 5.0-5ubuntu4] |
984 | + - allow qemu to load old modules post upgrade (LP 1847361) |
985 | + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in |
986 | + - d/rules: Drop generating package version into maintainer scripts |
987 | + - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on |
988 | + the bad old prerm (LP 1906245 1905377) |
989 | + * Dropped Changes: |
990 | + - d/control, d/rules: build with gcc-9 on armhf as workaround until |
991 | + resolved in gcc-10 (LP: 1890435) [it is flaky still, but no more 100% |
992 | + fails] |
993 | + * Added Changes: |
994 | + - Refreshed ubuntu machine types for hirsute@5.2 |
995 | + - d/control: regenerated from d/control-in |
996 | + - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix |
997 | + ld usage of -no-pie (LP: #1907789) |
998 | + |
999 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Dec 2020 16:44:47 +0100 |
1000 | + |
1001 | qemu (1:5.2+dfsg-2) unstable; urgency=medium |
1002 | |
1003 | * move ui-opengl.so module from qemu-system-gui to qemu-system-common, |
1004 | @@ -1067,6 +1985,153 @@ qemu (1:5.2+dfsg-1) unstable; urgency=medium |
1005 | |
1006 | -- Michael Tokarev <mjt@tls.msk.ru> Wed, 09 Dec 2020 08:57:41 +0300 |
1007 | |
1008 | +qemu (1:5.1+dfsg-4ubuntu3) hirsute; urgency=medium |
1009 | + |
1010 | + * d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on |
1011 | + the bad old prerm (LP: #1906245) |
1012 | + |
1013 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 30 Nov 2020 12:53:03 +0100 |
1014 | + |
1015 | +qemu (1:5.1+dfsg-4ubuntu2) hirsute; urgency=medium |
1016 | + |
1017 | + * Fix upgrade module handling (LP: #1905377) |
1018 | + This was accetped in a slightly different form in qemu_5.0-6 and therefore |
1019 | + allows to drop some former delta that is now conflicting. |
1020 | + Ubuntu still keeps enabling --enable-module-upgrades, but only for |
1021 | + qemu-xen which doesn't exist in Debian |
1022 | + - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in |
1023 | + - d/rules: Drop generating package version into maintainer scripts |
1024 | + |
1025 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Nov 2020 11:16:01 +0100 |
1026 | + |
1027 | +qemu (1:5.1+dfsg-4ubuntu1) hirsute; urgency=medium |
1028 | + |
1029 | + * Merge with Debian testing, remaining changes: |
1030 | + Fixes qemu-arm-static Assertion `guest_base != 0' failed (LP: #1897854) |
1031 | + - qemu-kvm to systemd unit |
1032 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
1033 | + hugepages and architecture specifics |
1034 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
1035 | + qemu-kvm-init |
1036 | + - d/qemu-system-common.install: install helper script |
1037 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
1038 | + /etc/default/qemu-kvm |
1039 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
1040 | + - Distribution specific machine type (LP: 1304107 1621042) |
1041 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
1042 | + types |
1043 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
1044 | + for host-phys-bits=true (LP: 1776189) |
1045 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
1046 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
1047 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
1048 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
1049 | + - Enable nesting by default |
1050 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
1051 | + in qemu64 on amd |
1052 | + [ No more strictly needed, but required for backward compatibility ] |
1053 | + - improved dependencies |
1054 | + - Make qemu-system-common depend on qemu-block-extra |
1055 | + - Make qemu-utils depend on qemu-block-extra |
1056 | + - let qemu-utils recommend sharutils |
1057 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
1058 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
1059 | + reference 256k path |
1060 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
1061 | + handle incoming migrations from former releases. |
1062 | + - d/control-in: Disable capstone disassembler library support (universe) |
1063 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
1064 | + - d/control*, d/rules: disable xen by default, but provide universe |
1065 | + package qemu-system-x86-xen as alternative |
1066 | + [includes compat links changes of 5.0-5ubuntu4] |
1067 | + - allow qemu to load old modules post upgrade (LP 1847361) |
1068 | + - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on |
1069 | + upgrade |
1070 | + - d/rules: generate maintainer scripts matching package version on build |
1071 | + - d/rules: enable --enable-module-upgrades where --enable-modules is set |
1072 | + - d/control: regenerate debian/control out of control-in |
1073 | + * Dropped changes [in Debian or no more needed] |
1074 | + - d/control-in: disable pmem on ppc64 as it is currently considered |
1075 | + experimental on that architecture (pmdk v1.8-1) |
1076 | + - d/rules: makefile definitions can't be recursive - sys_systems for s390x |
1077 | + - d/rules: report config log from the correct subdir |
1078 | + - d/control-in: disable rbd support unavailable on riscv (LP: 1872931) |
1079 | + - Pick further changes for groovy from debian/master since 5.0-5 |
1080 | + - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch |
1081 | + - revert-memory-accept-mismatching-sizes-in-memory_region_access_...patch |
1082 | + - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch |
1083 | + - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch |
1084 | + - megasas-use-unsigned-type-for-positive-numeric-fields.patch |
1085 | + - megasas-fix-possible-out-of-bounds-array-access.patch |
1086 | + - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch |
1087 | + - es1370-check-total-frame-count-against-current-...-CVE-2020-13361.patch |
1088 | + - a few patches from the stable series: |
1089 | + - fix-tulip-breakage.patch |
1090 | + - 9p-lock-directory-streams-with-a-CoMutex.patch |
1091 | + Prevent deadlocks in 9pfs readdir code |
1092 | + - net-do-not-include-a-newline-in-the-id-of-nic-device.patch |
1093 | + Fix newline accidentally sneaked into id string of a nic |
1094 | + - qemu-nbd-close-inherited-stderr.patch |
1095 | + - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch |
1096 | + - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch |
1097 | + - virtio-balloon-unref-the-iothread-when-unrealizing.patch |
1098 | + - acpi-tmr-allow-2-byte-reads.patch |
1099 | + - reapply CVE-2020-13253 fixes from upstream |
1100 | + - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch |
1101 | + - linux-user-add-netlink-RTM_SETLINK-command.patch |
1102 | + - d/control: since qemu-system-data now contains module(s), |
1103 | + it can't be multi-arch. Ditto for qemu-block-extra. |
1104 | + - qemu-system-foo: depend on exact version of qemu-system-data, |
1105 | + due to the latter having modules |
1106 | + - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' |
1107 | + This is another incarnation of the recent bugfix which actually enabled |
1108 | + memory access constraints, like #964247 |
1109 | + - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch |
1110 | + this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch |
1111 | + and acpi-tmr-allow-2-byte-reads.patch, a more complete fix |
1112 | + - xhci-fix-valid.max_access_size-to-access-address-registers.patch |
1113 | + fix one more incarnation of the breakage after the CVE-2020-13754 fix |
1114 | + - do not install outdated (0.12 and before) Changelog |
1115 | + - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch |
1116 | + ARM-only XGMAC NIC, possible buffer overflow during packet transmission |
1117 | + Closes: CVE-2020-15863 |
1118 | + - sm501 OOB read/write due to integer overflow in sm501_2d_operation() |
1119 | + - riscv-allow-64-bit-access-to-SiFive-CLINT.patch |
1120 | + another fix for revert-memory-accept-.. CVE-2020-13754 |
1121 | + - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10 |
1122 | + - d/control-in: build-dep libcap is no more needed |
1123 | + - arch aware kvm wrappers |
1124 | + [upstream now automatically enables KVM if available and called with |
1125 | + kvm* name, provides KVM as before but with auto-fallback to tcg. |
1126 | + Former behavior of KVM-or-die can be achieved via -machine accel=kvm ] |
1127 | + * Dropped changes [upstream now] |
1128 | + - d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb |
1129 | + setup_len |
1130 | + - d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP 1887930) |
1131 | + - d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP 1894942) |
1132 | + - d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot |
1133 | + from vfio-ccw (LP 1887935) |
1134 | + - fix qemu-user-static initialization to allow executing systemd (LP 1890881) |
1135 | + - fix assertion failue in net_tx_pkt_add_raw_fragment (LP 1891187) |
1136 | + - d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on |
1137 | + SQXBR (LP 1883984) |
1138 | + - d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP 1890154) |
1139 | + - d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI |
1140 | + environments (LP 1887763) |
1141 | + - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546) |
1142 | + - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that |
1143 | + crashes it on shutdown (LP 1878973) |
1144 | + - update d/p/ubuntu/lp-1835546-* to the final versions |
1145 | + - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix |
1146 | + FTBFS in groovy |
1147 | + * Added Changes: |
1148 | + - update ubuntu machine types for hirsute@5.1 |
1149 | + - d/control: regenerated from d/control-in |
1150 | + - d/control, d/rules: build with gcc-9 on armhf as workaround until |
1151 | + resolved in gcc-10 (LP: 1890435) |
1152 | + |
1153 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 29 Oct 2020 12:37:31 +0100 |
1154 | + |
1155 | qemu (1:5.1+dfsg-4) unstable; urgency=high |
1156 | |
1157 | * mention closing of CVE-2020-16092 by 5.1 |
1158 | @@ -1308,6 +2373,298 @@ qemu (1:5.0-6) unstable; urgency=medium |
1159 | |
1160 | -- Michael Tokarev <mjt@tls.msk.ru> Fri, 03 Jul 2020 18:24:48 +0300 |
1161 | |
1162 | +qemu (1:5.0-5ubuntu11) hirsute; urgency=medium |
1163 | + |
1164 | + * d/p/ubuntu/define-ubuntu-machine-types.patch: update to fix 15.04 wily |
1165 | + machine type to match how it originally was released (LP: #1902654) |
1166 | + |
1167 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Nov 2020 08:19:07 +0100 |
1168 | + |
1169 | +qemu (1:5.0-5ubuntu10) hirsute; urgency=medium |
1170 | + |
1171 | + * No-change rebuild for brltty soname change. |
1172 | + |
1173 | + -- Matthias Klose <doko@ubuntu.com> Mon, 02 Nov 2020 16:59:33 +0100 |
1174 | + |
1175 | +qemu (1:5.0-5ubuntu9) groovy; urgency=medium |
1176 | + |
1177 | + * d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb |
1178 | + setup_len |
1179 | + CVE-2020-14364 |
1180 | + |
1181 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 22 Sep 2020 16:53:18 +0200 |
1182 | + |
1183 | +qemu (1:5.0-5ubuntu8) groovy; urgency=medium |
1184 | + |
1185 | + * d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP: #1887930) |
1186 | + |
1187 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 14 Sep 2020 08:23:49 +0200 |
1188 | + |
1189 | +qemu (1:5.0-5ubuntu7) groovy; urgency=medium |
1190 | + |
1191 | + * d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP: #1894942) |
1192 | + |
1193 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Sep 2020 08:47:12 +0200 |
1194 | + |
1195 | +qemu (1:5.0-5ubuntu6) groovy; urgency=medium |
1196 | + |
1197 | + * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot |
1198 | + from vfio-ccw (LP: #1887935) |
1199 | + |
1200 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Aug 2020 11:09:12 +0200 |
1201 | + |
1202 | +qemu (1:5.0-5ubuntu5) groovy; urgency=medium |
1203 | + |
1204 | + * fix qemu-user-static initialization to allow executing systemd |
1205 | + (LP: #1890881) |
1206 | + - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch |
1207 | + - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch |
1208 | + - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch |
1209 | + - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch |
1210 | + - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch |
1211 | + - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch |
1212 | + * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187) |
1213 | + CVE-2020-16092 |
1214 | + - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch |
1215 | + |
1216 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 19 Aug 2020 07:19:42 +0200 |
1217 | + |
1218 | +qemu (1:5.0-5ubuntu4) groovy; urgency=medium |
1219 | + |
1220 | + * xen: provide compat links to what libxen-dev reports where to find |
1221 | + the binaries (LP: #1890005) |
1222 | + * d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on |
1223 | + SQXBR (LP: #1883984) |
1224 | + * d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP: #1890154) |
1225 | + |
1226 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 03 Aug 2020 07:15:28 +0200 |
1227 | + |
1228 | +qemu (1:5.0-5ubuntu3) groovy; urgency=medium |
1229 | + |
1230 | + * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI |
1231 | + environments (LP: #1887763) |
1232 | + * Pick further changes for groovy from debian/master since 5.0-5 |
1233 | + - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch |
1234 | + Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger |
1235 | + infinite recursion via a crafted mm_index value during |
1236 | + ati_mm_read or ati_mm_write call. |
1237 | + - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch |
1238 | + Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu |
1239 | + devices which uses min_access_size and max_access_size Memory API fields. |
1240 | + Also closes: CVE-2020-13791 |
1241 | + - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch |
1242 | + CVE-2020-13659: address_space_map in exec.c can trigger |
1243 | + a NULL pointer dereference related to BounceBuffer |
1244 | + - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch |
1245 | + Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c |
1246 | + has an OOB read via a crafted reply_queue_head field from a guest OS user |
1247 | + - megasas-use-unsigned-type-for-positive-numeric-fields.patch |
1248 | + fix other possible cases like in CVE-2020-13362 (#961887) |
1249 | + - megasas-fix-possible-out-of-bounds-array-access.patch |
1250 | + Some tracepoints use a guest-controlled value as an index into the |
1251 | + mfi_frame_desc[] array. Thus a malicious guest could cause a very low |
1252 | + impact OOB errors here |
1253 | + - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch |
1254 | + Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server. |
1255 | + This flaw occurs when an nbd-client sends a spec-compliant request that is |
1256 | + near the boundary of maximum permitted request length. A remote nbd-client |
1257 | + could use this flaw to crash the qemu-nbd server resulting in a DoS. |
1258 | + - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch |
1259 | + Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not |
1260 | + properly validate the frame count, which allows guest OS users to trigger |
1261 | + an out-of-bounds access during an es1370_write() operation |
1262 | + - a few patches from the stable series: |
1263 | + - fix-tulip-breakage.patch |
1264 | + The tulip network driver in a qemu-system-hppa emulation is broken in |
1265 | + the sense that bigger network packages aren't received any longer and |
1266 | + thus even running e.g. "apt update" inside the VM fails. Fix this. |
1267 | + - 9p-lock-directory-streams-with-a-CoMutex.patch |
1268 | + Prevent deadlocks in 9pfs readdir code |
1269 | + - net-do-not-include-a-newline-in-the-id-of-nic-device.patch |
1270 | + Fix newline accidentally sneaked into id string of a nic |
1271 | + - qemu-nbd-close-inherited-stderr.patch |
1272 | + - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch |
1273 | + - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch |
1274 | + - virtio-balloon-unref-the-iothread-when-unrealizing.patch |
1275 | + - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247) |
1276 | + - reapply CVE-2020-13253 fixed from upstream: |
1277 | + sdcard-simplify-realize-a-bit.patch (preparation for the next patch) |
1278 | + sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253) |
1279 | + sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational) |
1280 | + sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch |
1281 | + Closes: #961297, CVE-2020-13253 |
1282 | + - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch |
1283 | + (Closes: #965109) |
1284 | + - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289) |
1285 | + - d/control: since qemu-system-data now contains module(s), |
1286 | + it can't be multi-arch. Ditto for qemu-block-extra. |
1287 | + - qemu-system-foo: depend on exact version of qemu-system-data, |
1288 | + due to the latter having modules |
1289 | + - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793) |
1290 | + This is another incarnation of the recent bugfix which actually enabled |
1291 | + memory access constraints, like #964247 |
1292 | + - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch |
1293 | + this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch |
1294 | + and acpi-tmr-allow-2-byte-reads.patch, a more complete fix |
1295 | + - xhci-fix-valid.max_access_size-to-access-address-registers.patch |
1296 | + fix one more incarnation of the breakage after the CVE-2020-13754 fix |
1297 | + - do not install outdated (0.12 and before) Changelog (Closes: #965381) |
1298 | + - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch |
1299 | + ARM-only XGMAC NIC, possible buffer overflow during packet transmission |
1300 | + Closes: CVE-2020-15863 |
1301 | + - sm501 OOB read/write due to integer overflow in sm501_2d_operation() |
1302 | + List of patches: |
1303 | + sm501-convert-printf-abort-to-qemu_log_mask.patch |
1304 | + sm501-shorten-long-variable-names-in-sm501_2d_operation.patch |
1305 | + sm501-use-BIT-macro-to-shorten-constant.patch |
1306 | + sm501-clean-up-local-variables-in-sm501_2d_operation.patch |
1307 | + sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch |
1308 | + Closes: #961451, CVE-2020-12829 |
1309 | + - riscv-allow-64-bit-access-to-SiFive-CLINT.patch |
1310 | + another fix for revert-memory-accept-.. CVE-2020-13754 |
1311 | + - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10 |
1312 | + |
1313 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 Jul 2020 13:21:31 +0200 |
1314 | + |
1315 | +qemu (1:5.0-5ubuntu2) groovy; urgency=medium |
1316 | + |
1317 | + * No change rebuild against new libnettle8 and libhogweed6 ABI. |
1318 | + |
1319 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 29 Jun 2020 22:32:55 +0100 |
1320 | + |
1321 | +qemu (1:5.0-5ubuntu1) groovy; urgency=medium |
1322 | + |
1323 | + * Merge with Debian testing (LP: #1749393), remaining changes: |
1324 | + - qemu-kvm to systemd unit |
1325 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
1326 | + hugepages and architecture specifics |
1327 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
1328 | + qemu-kvm-init |
1329 | + - d/qemu-system-common.install: install helper script |
1330 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
1331 | + /etc/default/qemu-kvm |
1332 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
1333 | + - Distribution specific machine type (LP: 1304107 1621042) |
1334 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
1335 | + types |
1336 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
1337 | + for host-phys-bits=true (LP: 1776189) |
1338 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
1339 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
1340 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
1341 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
1342 | + - Enable nesting by default |
1343 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
1344 | + in qemu64 on amd |
1345 | + [ No more strictly needed, but required for backward compatibility ] |
1346 | + - improved dependencies |
1347 | + - Make qemu-system-common depend on qemu-block-extra |
1348 | + - Make qemu-utils depend on qemu-block-extra |
1349 | + - let qemu-utils recommend sharutils |
1350 | + - arch aware kvm wrappers |
1351 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
1352 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
1353 | + reference 256k path |
1354 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
1355 | + handle incoming migrations from former releases. |
1356 | + - d/control-in: Disable capstone disassembler library support (universe) |
1357 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
1358 | + - d/control*, d/rules: disable xen by default, but provide universe |
1359 | + package qemu-system-x86-xen as alternative |
1360 | + [includes --disable-xen for user-static builds] |
1361 | + - d/control-in: disable pmem on ppc64 as it is currently considered |
1362 | + experimental on that architecture (pmdk v1.8-1) |
1363 | + - d/rules: makefile definitions can't be recursive - sys_systems for s390x |
1364 | + - d/rules: report config log from the correct subdir |
1365 | + - allow qemu to load old modules post upgrade (LP 1847361) |
1366 | + - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on |
1367 | + upgrade |
1368 | + - d/rules: generate maintainer scripts matching package version on build |
1369 | + - d/rules: enable --enable-module-upgrades where --enable-modules is set |
1370 | + - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546) |
1371 | + - d/control-in: disable rbd support unavailable on riscv (LP: 1872931) |
1372 | + - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that |
1373 | + crashes it on shutdown (LP 1878973) |
1374 | + * Dropped changes (no more needed) |
1375 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
1376 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
1377 | + in qemu64 cpu type. |
1378 | + - d/control: avoid upgrade issues triggered by moving ivshmem tools after |
1379 | + Debian. Fixed by bumping the related Breaks/Replaces to the |
1380 | + Version Ubuntu introduced the change (LP 1862287) |
1381 | + * Dropped changes (in Debian) |
1382 | + - improved s390x support |
1383 | + - d/binfmt-update-in: fix binfmt being called in some containers |
1384 | + (LP 1840956) |
1385 | + - qemu-system-x86-microvm package |
1386 | + In addition to the generic multi-purpose qemu also provide a minimal |
1387 | + feature binary that is loading faster for use cases with microvm machine |
1388 | + type and qboot bios |
1389 | + - d/control-in: add a new qemu-system-x86-microvm package |
1390 | + - d/rules: add an extra config/build step to get the minimal qemu |
1391 | + - Security and packaging fixes (LP 1872937) |
1392 | + - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch |
1393 | + - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch |
1394 | + CVE-2020-10702 |
1395 | + CVE-2020-11102 |
1396 | + - fix external spice UI |
1397 | + + install ui-spice-app.so in qemu-system-common |
1398 | + + install ui-spice-app.so only if built, spice is optional |
1399 | + - switch binfmt registration to use update-binfmts --[un]import (#866756) |
1400 | + - qemu-system-gui: Multi-Arch=same, not foreign (#956763) |
1401 | + - qemu-system-data: s/highcolor/hicolor/ (#955741) |
1402 | + - enable riscv build (LP 1872931) |
1403 | + [ changes picked from Debian ] |
1404 | + - enable support for riscv64 hosts |
1405 | + - only enable librbd on architectures where it is built |
1406 | + - ceph: do not list librados-dev as we only use librbd-dev and the latter |
1407 | + depends on the former |
1408 | + - seccomp grew up, no need in versioned build-dep |
1409 | + - enable seccomp only on architectures where it can be built |
1410 | + * Dropped changes (upstream) |
1411 | + - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model |
1412 | + (LP 1857033) |
1413 | + - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527) |
1414 | + - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of |
1415 | + vhost-user-gpu |
1416 | + - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch: |
1417 | + avoid unnecessary IOTLB transactions (LP 1866207) |
1418 | + - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream |
1419 | + patches @qemu-stable (LP 1867519) |
1420 | + - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64 |
1421 | + to avoid broken nesting (LP 1868692) |
1422 | + - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR |
1423 | + (LP 1871830) |
1424 | + - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107) |
1425 | + - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms |
1426 | + - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh |
1427 | + and clobbered doubles (LP 1872945) |
1428 | + - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt() |
1429 | + - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in |
1430 | + ati_2d_blt() to avoid crash in hw/display/ati_2d.c. |
1431 | + - CVE-2020-11869 |
1432 | + - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts |
1433 | + - async: use explicit memory barriers (LP 1805256) |
1434 | + - aio-wait: delegate polling of main AioContext if BQL not held |
1435 | + - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not |
1436 | + supporting to set them (LP 1882774) |
1437 | + - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module |
1438 | + load to a versioned path |
1439 | + * Added Changes: |
1440 | + - d/control: regenerate debian/control out of control-in |
1441 | + - update d/p/ubuntu/lp-1835546-* to the final versions |
1442 | + - 11 patches dropped as they are in 5.0 |
1443 | + - 20 patches updated to how they will be in 5.1 |
1444 | + - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix |
1445 | + FTBFS in groovy |
1446 | + - Make qemu-system-x86-microvm a transitional package as the binary is now |
1447 | + in qemu-system-x86 itself. |
1448 | + - d/control-in: build-dep libcap is no more needed |
1449 | + - d/rules: update arch aware kvm wrappers |
1450 | + - d/qemu-system-x86.README.Debian: fix typo |
1451 | + |
1452 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 16 Jun 2020 16:50:09 +0200 |
1453 | + |
1454 | qemu (1:5.0-5) unstable; urgency=medium |
1455 | |
1456 | * more binfmt-install updates |
1457 | @@ -1440,6 +2797,188 @@ qemu (1:4.2-4) unstable; urgency=medium |
1458 | |
1459 | -- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 12:44:43 +0300 |
1460 | |
1461 | +qemu (1:4.2-3ubuntu10) groovy; urgency=medium |
1462 | + |
1463 | + * No-change rebuild against libnettle8 |
1464 | + |
1465 | + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 20 Jul 2020 16:12:37 +0000 |
1466 | + |
1467 | +qemu (1:4.2-3ubuntu9) groovy; urgency=medium |
1468 | + |
1469 | + * debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that |
1470 | + crashes it on shutdown (LP: #1878973) |
1471 | + * d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not |
1472 | + supporting to set them (LP: #1882774) |
1473 | + |
1474 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 02 Jun 2020 10:42:49 +0200 |
1475 | + |
1476 | +qemu (1:4.2-3ubuntu8) groovy; urgency=medium |
1477 | + |
1478 | + * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts |
1479 | + - async: use explicit memory barriers (LP: #1805256) |
1480 | + - aio-wait: delegate polling of main AioContext if BQL not held |
1481 | + |
1482 | + -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Wed, 27 May 2020 21:47:21 +0000 |
1483 | + |
1484 | +qemu (1:4.2-3ubuntu7) groovy; urgency=medium |
1485 | + |
1486 | + * SECURITY UPDATE: DoS via integer overflow in ati_2d_blt() |
1487 | + - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in |
1488 | + ati_2d_blt() to avoid crash in hw/display/ati_2d.c. |
1489 | + - CVE-2020-11869 |
1490 | + |
1491 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 21 May 2020 14:43:19 -0400 |
1492 | + |
1493 | +qemu (1:4.2-3ubuntu6) focal; urgency=medium |
1494 | + |
1495 | + [ Christian Ehrhardt ] |
1496 | + * enable riscv build (LP: #1872931) |
1497 | + [ changes picked from Debian ] |
1498 | + - enable support for riscv64 hosts |
1499 | + - only enable librbd on architectures where it is built |
1500 | + - ceph: do not list librados-dev as we only use librbd-dev and the latter |
1501 | + depends on the former |
1502 | + - seccomp grew up, no need in versioned build-dep |
1503 | + - enable seccomp only on architectures where it can be built |
1504 | + * d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms |
1505 | + * d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh |
1506 | + and clobbered doubles (LP: #1872945) |
1507 | + |
1508 | + [ William Grant ] |
1509 | + * d/control-in: disable rbd support unavailable on riscv (LP: 1872931) |
1510 | + |
1511 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 14:27:15 +0200 |
1512 | + |
1513 | +qemu (1:4.2-3ubuntu5) focal; urgency=medium |
1514 | + |
1515 | + [ Christian Ehrhardt ] |
1516 | + * d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR |
1517 | + (LP: #1871830) |
1518 | + * Security and packaging fixes (LP: #1872937) |
1519 | + - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch |
1520 | + - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch |
1521 | + CVE-2020-10702 |
1522 | + CVE-2020-11102 |
1523 | + - fix external spice UI |
1524 | + + install ui-spice-app.so in qemu-system-common |
1525 | + + install ui-spice-app.so only if built, spice is optional |
1526 | + - switch binfmt registration to use update-binfmts --[un]import (#866756) |
1527 | + - qemu-system-gui: Multi-Arch=same, not foreign (#956763) |
1528 | + - qemu-system-data: s/highcolor/hicolor/ (#955741) |
1529 | + * d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872107) |
1530 | + |
1531 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 11:26:44 +0200 |
1532 | + |
1533 | +qemu (1:4.2-3ubuntu4) focal; urgency=medium |
1534 | + |
1535 | + * d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546) |
1536 | + * remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64 |
1537 | + to avoid broken nesting (LP: #1868692) |
1538 | + |
1539 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 20 Mar 2020 08:02:16 +0100 |
1540 | + |
1541 | +qemu (1:4.2-3ubuntu3) focal; urgency=medium |
1542 | + |
1543 | + * d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream |
1544 | + patches @qemu-stable (LP: #1867519) |
1545 | + |
1546 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 18 Mar 2020 13:57:57 +0100 |
1547 | + |
1548 | +qemu (1:4.2-3ubuntu2) focal; urgency=medium |
1549 | + |
1550 | + * allow qemu to load old modules post upgrade (LP: #1847361) |
1551 | + - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module |
1552 | + load to a versioned path |
1553 | + - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on |
1554 | + upgrade |
1555 | + - d/rules: generate maintainer scripts matching package version on build |
1556 | + - d/rules: enable --enable-module-upgrades where --enable-modules is set |
1557 | + * d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch: |
1558 | + avoid unnecessary IOTLB transactions (LP: #1866207) |
1559 | + |
1560 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 02 Mar 2020 15:21:27 +0100 |
1561 | + |
1562 | +qemu (1:4.2-3ubuntu1) focal; urgency=medium |
1563 | + |
1564 | + * Merge with Debian testing, remaining changes: |
1565 | + - qemu-kvm to systemd unit |
1566 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
1567 | + hugepages and architecture specifics |
1568 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
1569 | + qemu-kvm-init |
1570 | + - d/qemu-system-common.install: install helper script |
1571 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
1572 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
1573 | + /etc/default/qemu-kvm |
1574 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
1575 | + - Distribution specific machine type (LP: 1304107 1621042) |
1576 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
1577 | + types |
1578 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
1579 | + for host-phys-bits=true (LP: 1776189) |
1580 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
1581 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
1582 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
1583 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
1584 | + - Enable nesting by default |
1585 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
1586 | + in qemu64 cpu type. |
1587 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
1588 | + in qemu64 on amd |
1589 | + [ No more strictly needed, but required for backward compatibility ] |
1590 | + - improved dependencies |
1591 | + - Make qemu-system-common depend on qemu-block-extra |
1592 | + - Make qemu-utils depend on qemu-block-extra |
1593 | + - let qemu-utils recommend sharutils |
1594 | + - improved s390x support |
1595 | + - d/rules: build s390-ccw.img with upstream Makefile |
1596 | + - d/rules: build s390-netboot.img with upstream Makefile |
1597 | + - arch aware kvm wrappers |
1598 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
1599 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
1600 | + reference 256k path |
1601 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
1602 | + handle incoming migrations from former releases. |
1603 | + - d/control-in: Disable capstone disassembler library support (universe) |
1604 | + - d/binfmt-update-in: fix binfmt being called in some containers |
1605 | + (LP 1840956) |
1606 | + - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model |
1607 | + (LP 1857033) |
1608 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
1609 | + - d/control*, d/rules: disable xen by default, but provide universe |
1610 | + package qemu-system-x86-xen as alternative |
1611 | + - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527) |
1612 | + - Dropped changes [ in Debian ] |
1613 | + - d/control: update VCS links |
1614 | + - d/control-in: bump debhelper build-dep for compat 12 |
1615 | + - d/control: disable bluetooth being deprecated |
1616 | + - d/not-installed: ignore new interop docs and extra icons for now |
1617 | + - d/not-installed: do not install elf2dmp until namespaced |
1618 | + - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap |
1619 | + [ not needed ] |
1620 | + - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617) |
1621 | + - s390x support |
1622 | + - Create qemu-system-s390x package |
1623 | + - Enable numa support for s390x |
1624 | + - d/control*: enable libpmem support for nvdimms (LP 1790856) |
1625 | + * Added changes |
1626 | + - d/control: regenerate debian/control out of control-in |
1627 | + - qemu-system-x86-microvm package |
1628 | + In addition to the generic multi-purpose qemu also provide a minimal |
1629 | + feature binary that is loading faster for use cases with microvm machine |
1630 | + type and qboot bios |
1631 | + - d/control-in: add a new qemu-system-x86-microvm package |
1632 | + - d/rules: add an extra config/build step to get the minimal qemu |
1633 | + - d/control-in: disable pmem on ppc64 as it is currently considered |
1634 | + experimental on that architecture (pmdk v1.8-1) |
1635 | + - d/rules: makefile definitions can't be recursive - sys_systems for s390x |
1636 | + - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of |
1637 | + vhost-user-gpu |
1638 | + - d/rules: report config log from the correct subdir |
1639 | + - d/rules: --disable-xen for user-static builds |
1640 | + |
1641 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Feb 2020 15:21:56 +0100 |
1642 | + |
1643 | qemu (1:4.2-3) unstable; urgency=medium |
1644 | |
1645 | * mention closing of #909743 in previous changelog (Closes: #909743) |
1646 | @@ -1482,6 +3021,169 @@ qemu (1:4.2-2) unstable; urgency=medium |
1647 | |
1648 | -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Jan 2020 23:51:09 +0300 |
1649 | |
1650 | +qemu (1:4.2-1ubuntu2) focal; urgency=medium |
1651 | + |
1652 | + * d/control: avoid upgrade issues triggered by moving ivshmem tools after |
1653 | + Debian. Fixed by by bumping the related Breaks/Replaces to the |
1654 | + Version Ubuntu introduced the change (LP: #1862287) |
1655 | + |
1656 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 07 Feb 2020 07:31:21 +0100 |
1657 | + |
1658 | +qemu (1:4.2-1ubuntu1) focal; urgency=medium |
1659 | + |
1660 | + * Merge with Debian testing, Among many other things this fixes LP Bugs: |
1661 | + LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc |
1662 | + LP: #1812822 - avoid crashes on detaching vhost_net interfaces |
1663 | + LP: #1852744 - Crypto Passthrough Interrupt Support |
1664 | + LP: #1853316 - CCW IPL Support |
1665 | + Remaining changes: |
1666 | + - qemu-kvm to systemd unit |
1667 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
1668 | + hugepages and architecture specifics |
1669 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
1670 | + qemu-kvm-init |
1671 | + - d/qemu-system-common.install: install helper script |
1672 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
1673 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
1674 | + /etc/default/qemu-kvm |
1675 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
1676 | + - Distribution specific machine type (LP: 1304107 1621042) |
1677 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
1678 | + types |
1679 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
1680 | + for host-phys-bits=true (LP: 1776189) |
1681 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
1682 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
1683 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
1684 | + - Enable nesting by default |
1685 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
1686 | + in qemu64 cpu type. |
1687 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
1688 | + in qemu64 on amd |
1689 | + [ No more strictly needed, but required for backward compatibility ] |
1690 | + - improved dependencies |
1691 | + - Make qemu-system-common depend on qemu-block-extra |
1692 | + - Make qemu-utils depend on qemu-block-extra |
1693 | + - let qemu-utils recommend sharutils |
1694 | + - s390x support |
1695 | + - Create qemu-system-s390x package |
1696 | + - Enable numa support for s390x |
1697 | + - d/rules: build s390-ccw.img with upstream Makefile |
1698 | + - d/rules: build s390-netboot.img with upstream Makefile |
1699 | + - arch aware kvm wrappers |
1700 | + - d/control: update VCS links |
1701 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
1702 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
1703 | + reference 256k path |
1704 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
1705 | + handle incoming migrations from former releases. |
1706 | + - d/control-in: Disable capstone disassembler library support (universe) |
1707 | + - d/control: disable bluetooth being deprecated |
1708 | + - d/not-installed: ignore new interop docs and extra icons for now |
1709 | + - d/not-installed: do not install elf2dmp until namespaced |
1710 | + - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap |
1711 | + - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617) |
1712 | + - d/binfmt-update-in: fix binfmt being called in some containers |
1713 | + (LP 1840956) |
1714 | + - Dropped changes (in Debian) |
1715 | + - qemu-guest-agent: freeze-hook fixes (LP: 1484990) |
1716 | + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook |
1717 | + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d |
1718 | + - d/control-in: enable RDMA support in qemu (LP: 1692476) |
1719 | + - enable RDMA config option |
1720 | + - add libibumad-dev build-dep |
1721 | + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back |
1722 | + some SLOF bits stripped in DFSG to be able to build s390x-netboot roms |
1723 | + As that hack to build s390-ccw.img rom can't build s390x-netboot.img |
1724 | + replace it with a build-indep using the upstream makefiles. |
1725 | + This is less prone to miss future changes/fixes that are done to the |
1726 | + makefiles |
1727 | + - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945) |
1728 | + - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga |
1729 | + - d/rules: fix qemu-kvm service for debhelper compat >=12 |
1730 | + - Refreshed patches for v4.0 context changes |
1731 | + - d/control*: remove sdlabi which was removed upstream |
1732 | + - d/control*: enable docs (now explicit) and provide new build-dep |
1733 | + python3-sphinx |
1734 | + - d/qemu-system-data.install: use new paths for formerly used icons |
1735 | + - Merge with Upstream release of qemu 4.0 |
1736 | + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch |
1737 | + - Dropped changes (Upstream) |
1738 | + - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243) |
1739 | + - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238) |
1740 | + - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch: |
1741 | + fix i386 build error |
1742 | + - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac: |
1743 | + fix naming of the new vector facitlity (LP 1836066) |
1744 | + - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues |
1745 | + for missing SIOCGSTAMP definition; final fix is still in discussion |
1746 | + upstream (LP: 1836159) |
1747 | + - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer |
1748 | + s390x machines (LP 1836154) |
1749 | + - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags |
1750 | + (LP 1841066) |
1751 | + - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch: |
1752 | + update the z15 model name (LP 1842774) |
1753 | + - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch: |
1754 | + fix a potential hang when qemu or qemu-img where accessing http backed |
1755 | + disks via libcurl (LP 1848556) |
1756 | + - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*: |
1757 | + fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497) |
1758 | + - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch |
1759 | + toleration for future machines (LP 1830704) |
1760 | + - SECURITY UPDATE: Add support for exposing md-clear functionality |
1761 | + to guests |
1762 | + - d/p/ubuntu/enable-md-clear.patch |
1763 | + - d/p/ubuntu/enable-md-no.patch |
1764 | + - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 |
1765 | + - SECURITY UPDATE: heap overflow when loading device tree blob |
1766 | + - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to |
1767 | + copy the device tree blob into is. |
1768 | + - CVE-2018-20815 |
1769 | + - SECURITY UPDATE: device driver denial of service via NULL pointer |
1770 | + dereference |
1771 | + - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read' |
1772 | + routine |
1773 | + - CVE-2019-5008 |
1774 | + - SECURITY UPDATE: information leak in SLiRP |
1775 | + - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when |
1776 | + emulating ident. |
1777 | + - CVE-2019-9824 |
1778 | + - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for- |
1779 | + unimplement.patch: properly return architecture defined exception |
1780 | + on bad subcodes of diag 308 (LP 1812384) |
1781 | + * Dropped changes (no more needed) |
1782 | + - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for |
1783 | + mv_conffile since the new path is a directory in the old package |
1784 | + version which can not be handled by mv_conffile. |
1785 | + [ only needed between disco and eoan ] |
1786 | + - disable pvrdma |
1787 | + [ CVEs all fixed now ] |
1788 | + - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: |
1789 | + avoid misdetection of simplified nesting blocking all migrations |
1790 | + [ qemu now detects and handles nesting - needs kernel >=4.20 ] |
1791 | + - Enable nesting by default |
1792 | + - d/qemu-system-x86.modprobe: set nested=1 module option on intel. |
1793 | + (is default on amd) |
1794 | + - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded |
1795 | + without nested=1 |
1796 | + [ nesting is default in kernel modules and default selected cpu types ] |
1797 | + * Added changes |
1798 | + - d/control: regenerate debian/control out of control-in |
1799 | + - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal |
1800 | + - added ubuntu focal types for qemu 4.2 |
1801 | + - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type |
1802 | + - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model |
1803 | + (LP: #1857033) |
1804 | + - d/qemu-system-x86.README.Debian: add info about updated nesting changes |
1805 | + - d/control*, d/rules: disable xen by default, but provide universe |
1806 | + package qemu-system-x86-xen as alternative |
1807 | + - fix typos in changelog and d/qemu-system-x86.NEWS |
1808 | + - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527) |
1809 | + - d/control*: enable libpmem support for nvdimms (LP: #1790856) |
1810 | + |
1811 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 08 Jan 2020 15:27:42 +0100 |
1812 | + |
1813 | qemu (1:4.2-1) unstable; urgency=medium |
1814 | |
1815 | * new upstream release (4.2.0) |
1816 | @@ -1558,6 +3260,205 @@ qemu (1:4.1-1) unstable; urgency=medium |
1817 | |
1818 | -- Michael Tokarev <mjt@tls.msk.ru> Tue, 27 Aug 2019 12:43:43 +0300 |
1819 | |
1820 | +qemu (1:4.0+dfsg-0ubuntu10) focal; urgency=medium |
1821 | + |
1822 | + * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch: |
1823 | + fix a potential hang when qemu or qemu-img where accessing http backed |
1824 | + disks via libcurl (LP: #1848556) |
1825 | + * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch: |
1826 | + fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497) |
1827 | + |
1828 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 21 Oct 2019 14:51:45 +0200 |
1829 | + |
1830 | +qemu (1:4.0+dfsg-0ubuntu9) eoan; urgency=medium |
1831 | + |
1832 | + * d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch: |
1833 | + update the z15 model name (LP: #1842774) |
1834 | + |
1835 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Sep 2019 11:42:58 +0200 |
1836 | + |
1837 | +qemu (1:4.0+dfsg-0ubuntu8) eoan; urgency=medium |
1838 | + |
1839 | + * d/binfmt-update-in: fix binfmt being called in some containers |
1840 | + (LP: #1840956) |
1841 | + |
1842 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Sep 2019 11:03:13 +0200 |
1843 | + |
1844 | +qemu (1:4.0+dfsg-0ubuntu7) eoan; urgency=medium |
1845 | + |
1846 | + * No-change upload with strops.h and sys/strops.h removed in glibc. |
1847 | + |
1848 | + -- Matthias Klose <doko@ubuntu.com> Thu, 05 Sep 2019 11:07:25 +0000 |
1849 | + |
1850 | +qemu (1:4.0+dfsg-0ubuntu6) eoan; urgency=medium |
1851 | + |
1852 | + * d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags |
1853 | + (LP: #1841066) |
1854 | + |
1855 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 26 Aug 2019 12:08:04 +0200 |
1856 | + |
1857 | +qemu (1:4.0+dfsg-0ubuntu5) eoan; urgency=medium |
1858 | + |
1859 | + * d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer |
1860 | + s390x machines (LP: #1836154) |
1861 | + |
1862 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Jul 2019 13:20:42 +0200 |
1863 | + |
1864 | +qemu (1:4.0+dfsg-0ubuntu4) eoan; urgency=medium |
1865 | + |
1866 | + * d/control-in: promote qemu-efi/ovmf in Ubuntu (LP: #1570617) |
1867 | + - pick Debian change for (#889885) |
1868 | + move ovmf to recommends on debian and update aarch ovmf refs |
1869 | + - stop Ubuntu to drop ovmf/qemu-efi to a suggest |
1870 | + |
1871 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 12 Jul 2019 12:48:24 +0200 |
1872 | + |
1873 | +qemu (1:4.0+dfsg-0ubuntu3) eoan; urgency=medium |
1874 | + |
1875 | + * d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues |
1876 | + for missing SIOCGSTAMP definition; final fix is still in discussion |
1877 | + upstream (LP: 1836159) |
1878 | + |
1879 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 10:10:00 +0200 |
1880 | + |
1881 | +qemu (1:4.0+dfsg-0ubuntu2) eoan; urgency=medium |
1882 | + |
1883 | + * d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac: |
1884 | + fix naming of the new vector facitlity (LP: #1836066) |
1885 | + * d/control-in: update VCS links in control template as well |
1886 | + |
1887 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 08:18:44 +0200 |
1888 | + |
1889 | +qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium |
1890 | + |
1891 | + * Merge with Upstream release of qemu 4.0. |
1892 | + Among many other things this fixes LP Bugs: |
1893 | + LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA) |
1894 | + LP: #1828038 - Update s390x CPU Model for more HW support |
1895 | + LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el |
1896 | + Remaining Changes: |
1897 | + - qemu-kvm to systemd unit |
1898 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
1899 | + hugepages and architecture specifics |
1900 | + - d/qemu-system-common.qemu-kvm.service: systemd unit to call |
1901 | + qemu-kvm-init |
1902 | + - d/qemu-system-common.install: install helper script |
1903 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
1904 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
1905 | + /etc/default/qemu-kvm |
1906 | + - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm |
1907 | + - Enable nesting by default |
1908 | + - d/qemu-system-x86.modprobe: set nested=1 module option on intel. |
1909 | + (is default on amd) |
1910 | + - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded |
1911 | + without nested=1 |
1912 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
1913 | + in qemu64 cpu type. |
1914 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
1915 | + in qemu64 on amd |
1916 | + - d/qemu-system-x86.README.Debian: document intention of nested being |
1917 | + default is comfort, not full support |
1918 | + - Distribution specific machine type (LP: 1304107 1621042) |
1919 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
1920 | + types |
1921 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
1922 | + for host-phys-bits=true (LP: 1776189) |
1923 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
1924 | + - provide pseries-bionic-2.11-sxxm type as convenience with all |
1925 | + meltdown/spectre workarounds enabled by default. (LP: 1761372). |
1926 | + - improved dependencies |
1927 | + - Make qemu-system-common depend on qemu-block-extra |
1928 | + - Make qemu-utils depend on qemu-block-extra |
1929 | + - let qemu-utils recommend sharutils |
1930 | + - s390x support |
1931 | + - Create qemu-system-s390x package |
1932 | + - Enable numa support for s390x |
1933 | + - arch aware kvm wrappers |
1934 | + - d/control: update VCS links |
1935 | + - qemu-guest-agent: freeze-hook fixes (LP: 1484990) |
1936 | + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook |
1937 | + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d |
1938 | + - d/control-in: enable RDMA support in qemu (LP: 1692476) |
1939 | + - enable RDMA config option |
1940 | + - add libibumad-dev build-dep |
1941 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
1942 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
1943 | + reference 256k path |
1944 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
1945 | + handle incoming migrations from former releases. |
1946 | + - d/control-in: Disable capstone disassembler library support (universe) |
1947 | + - Move s390x roms to a new qemu-system-data-s390x |
1948 | + - d/qemu-system-data.install: install s390x roms as architecture:all in |
1949 | + qemu-system-data |
1950 | + - d/rules: build s390-ccw.img with upstream Makefile |
1951 | + - d/rules: build s390-netboot.img with upstream Makefile |
1952 | + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back |
1953 | + some SLOF bits stripped in DFSG to be able to build s390x-netboot roms |
1954 | + As that hack to build s390-ccw.img rom can't build s390x-netboot.img |
1955 | + replace it with a build-indep using the upstream makefiles. |
1956 | + This is less prone to miss future changes/fixes that are done to the |
1957 | + makefiles |
1958 | + - d/control-in: add breaks/replaces for moving s390x roms from |
1959 | + qemu-system-s390x to qemu-system-data |
1960 | + - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945) |
1961 | + [From not yet uploaded Debian branch] |
1962 | + - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga |
1963 | + - d/rules: fix qemu-kvm service for debhelper compat >=12 |
1964 | + - disable pvrdma - besides several security holes there are many other |
1965 | + bugs there as well |
1966 | + * Dropped patches that are upstream in v4.0 |
1967 | + - d/p/do-not-link-everything-with-xen.patch |
1968 | + - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch |
1969 | + - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch |
1970 | + - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch |
1971 | + - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778 |
1972 | + - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch |
1973 | + - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor |
1974 | + (LP: 1759509) |
1975 | + - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri |
1976 | + - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and |
1977 | + - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement |
1978 | + - d/p/ubuntu/CVE-2018-20815.patch |
1979 | + - d/p/ubuntu/CVE-2019-5008.patch |
1980 | + - d/p/ubuntu/CVE-2019-9824.patch |
1981 | + - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: |
1982 | + avoid misdetection of simplified nesting blocking all migrations |
1983 | + * Dropped further patches |
1984 | + d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665 |
1985 | + [upstream deprecated the whole subsystem instead of applying the fix] |
1986 | + * Added Changes |
1987 | + - updated ubuntu machine types for v4.0 |
1988 | + - added eoan types |
1989 | + - fixed s390x issue of upstream types having a "v" prefix |
1990 | + - add back dropped machine types to avoid more issues like LP: 1802944 |
1991 | + - fix kvm split irqchip default in ubuntu q35 machine type |
1992 | + - drop no more needed spapr_machine_2_11_sxxm_instance_options and |
1993 | + adapt updated CamelCase |
1994 | + - -hpb types now need to use GlobalProperties |
1995 | + - pc_compat_2_0 got a _fn suffix and slight changes |
1996 | + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to |
1997 | + SLOF of qemu 4.0 |
1998 | + - Refreshed patches still needed for v4.0 context changes |
1999 | + - d/p/use-fixed-data-path.patch |
2000 | + - d/p/ubuntu/enable-svm-by-default.patch |
2001 | + - d/p/ubuntu/enable-md-clear.patch |
2002 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch |
2003 | + - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration |
2004 | + (LP: #1830243) |
2005 | + - d/control: disable bluetooth being deprecated |
2006 | + - d/control*: remove sdlabi which was removed upstream |
2007 | + - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238) |
2008 | + - d/control*: enable docs (now explicit) and provide new build-dep |
2009 | + python3-sphinx |
2010 | + - d/not-installed: ignore new interop docs and extra icons for now |
2011 | + - d/not-installed: do not install elf2dmp until namespaced |
2012 | + - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap |
2013 | + - d/qemu-system-data.install: use new paths for formerly used icons |
2014 | + - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch: |
2015 | + fix i386 build error |
2016 | + |
2017 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 24 Jun 2019 16:33:19 +0200 |
2018 | + |
2019 | qemu (1:3.1+dfsg-8) unstable; urgency=high |
2020 | |
2021 | * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch |
2022 | @@ -1660,6 +3561,232 @@ qemu (1:3.1+dfsg-3) unstable; urgency=medium |
2023 | |
2024 | -- Michael Tokarev <mjt@tls.msk.ru> Wed, 06 Feb 2019 12:23:01 +0300 |
2025 | |
2026 | +qemu (1:3.1+dfsg-2ubuntu5) eoan; urgency=medium |
2027 | + |
2028 | + * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being |
2029 | + broken since 2.11 due to 2.3/2.4 version mismatch in its definition to |
2030 | + fix migrations from old machines (LP: #1829868). |
2031 | + * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch |
2032 | + toleration for future machines (LP: #1830704 |
2033 | + |
2034 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 May 2019 11:30:42 +0200 |
2035 | + |
2036 | +qemu (1:3.1+dfsg-2ubuntu4) eoan; urgency=medium |
2037 | + |
2038 | + * SECURITY UPDATE: Add support for exposing md-clear functionality |
2039 | + to guests |
2040 | + - d/p/ubuntu/enable-md-clear.patch |
2041 | + - d/p/ubuntu/enable-md-no.patch |
2042 | + - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 |
2043 | + * SECURITY UPDATE: heap overflow when loading device tree blob |
2044 | + - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to |
2045 | + copy the device tree blob into is. |
2046 | + - CVE-2018-20815 |
2047 | + * SECURITY UPDATE: device driver denial of service via NULL pointer |
2048 | + dereference |
2049 | + - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read' |
2050 | + routine |
2051 | + - CVE-2019-5008 |
2052 | + * SECURITY UPDATE: information leak in SLiRP |
2053 | + - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when |
2054 | + emulating ident. |
2055 | + - CVE-2019-9824 |
2056 | + |
2057 | + -- Steve Beattie <sbeattie@ubuntu.com> Wed, 08 May 2019 09:27:53 -0700 |
2058 | + |
2059 | +qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium |
2060 | + |
2061 | + * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291) |
2062 | + - d/qemu-guest-agent.install: use correct path for fsfreeze-hook |
2063 | + - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for |
2064 | + mv_conffile since the new path is a directory in the old package |
2065 | + version which can not be handled by mv_conffile. |
2066 | + * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes |
2067 | + OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure. |
2068 | + Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev) |
2069 | + CVE-2019-3812 |
2070 | + |
2071 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 18 Mar 2019 09:20:07 +0100 |
2072 | + |
2073 | +qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium |
2074 | + |
2075 | + * disable pvrdma - besides several security holes there are many other |
2076 | + bugs there as well, and the amount of patches applied upstream after |
2077 | + 3.1 release is large (Closes, or actuallymakes unimportant again) |
2078 | + - CVE-2018-20123 |
2079 | + - CVE-2018-20124 |
2080 | + - CVE-2018-20125 |
2081 | + - CVE-2018-20126 |
2082 | + - CVE-2018-20191 |
2083 | + - CVE-2018-20216 |
2084 | + * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch |
2085 | + - CVE-2019-6501 |
2086 | + * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch |
2087 | + - CVE-2019-6778 |
2088 | + |
2089 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 19 Feb 2019 06:43:04 +0100 |
2090 | + |
2091 | +qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium |
2092 | + |
2093 | + * Merge with Debian testing, Among many other things this fixes LP Bugs: |
2094 | + LP: #1806104 - fix misleading page size error on ppc64el |
2095 | + LP: #1782205 - SnowRidge enabled new ISAs |
2096 | + LP: #1786956 - upgrade to qemu >= 3.0 |
2097 | + LP: #1809083 - Backward migration to Xenial on ppc64el |
2098 | + LP: #1803315 - s390x Huge page enablement |
2099 | + LP: #1657409 - enable virglrenderer |
2100 | + Remaining Changes: |
2101 | + - qemu-kvm to systemd unit |
2102 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
2103 | + hugepages and architecture specifics |
2104 | + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init |
2105 | + - d/qemu-system-common.install: install systemd unit and helper script |
2106 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
2107 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
2108 | + /etc/default/qemu-kvm |
2109 | + - d/rules: install /etc/default/qemu-kvm |
2110 | + - Enable nesting by default |
2111 | + - d/qemu-system-x86.modprobe: set nested=1 module option on intel. |
2112 | + (is default on amd) |
2113 | + - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded |
2114 | + without nested=1 |
2115 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
2116 | + in qemu64 cpu type. |
2117 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
2118 | + in qemu64 on amd |
2119 | + - d/qemu-system-x86.README.Debian: document intention of nested being |
2120 | + default is comfort, not full support |
2121 | + - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372) |
2122 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
2123 | + types |
2124 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
2125 | + for host-phys-bits=true (LP: 1776189) |
2126 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
2127 | + - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as |
2128 | + convenience with all meltdown/spectre workarounds enabled by default. |
2129 | + (LP: 1761372). |
2130 | + - improved dependencies |
2131 | + - Make qemu-system-common depend on qemu-block-extra |
2132 | + - Make qemu-utils depend on qemu-block-extra |
2133 | + - let qemu-utils recommend sharutils |
2134 | + - s390x support |
2135 | + - Create qemu-system-s390x package |
2136 | + - Enable numa support for s390x |
2137 | + - arch aware kvm wrappers |
2138 | + - d/control: update VCS links (updated to match latest Ubuntu) |
2139 | + - qemu-guest-agent: freeze-hook fixes (LP: 1484990) |
2140 | + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook |
2141 | + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d |
2142 | + - d/control-in: enable RDMA support in qemu (LP: 1692476) |
2143 | + - enable RDMA config option |
2144 | + - add libibumad-dev build-dep |
2145 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
2146 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
2147 | + reference 256k path |
2148 | + - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
2149 | + handle incoming migrations from former releases. |
2150 | + - d/control-in: Disable capstone disassembler library support (universe) |
2151 | + * Added Changes: |
2152 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes |
2153 | + for qemu 3.1 in the Ubuntu Disco release |
2154 | + - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509) |
2155 | + - Move s390x roms to a new qemu-system-data-s390x |
2156 | + - d/qemu-system-data.install: install s390x roms as architecture:all in |
2157 | + qemu-system-data |
2158 | + - d/rules: build s390-ccw.img with upstream Makefile |
2159 | + - d/rules: build s390x-netboot.img with upstream Makefile |
2160 | + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back |
2161 | + some SLOF bits stripped in DFSG to be able to build s390x-netboot roms |
2162 | + As that hack to build s390-ccw.img rom can't build s390x-netboot.img |
2163 | + replace it with a build-indep using the upstream makefiles. |
2164 | + This is less prone to miss future changes/fixes that are done to the |
2165 | + makefiles |
2166 | + - d/control-in: add breaks/replaces for moving s390x roms from |
2167 | + qemu-system-s390x to qemu-system-data |
2168 | + - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945) |
2169 | + [From not yet uploaded Debian branch] |
2170 | + - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga |
2171 | + (Closes: #918378) |
2172 | + - d/rules: fix qemu-kvm service for debhelper compat >=12 |
2173 | + - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: |
2174 | + avoid misdetection of simplified nesting blocking all migrations |
2175 | + - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for- |
2176 | + unimplement.patch: properly return archicture defined exception |
2177 | + on bad subcodes of diag 308 (LP: #1812384) |
2178 | + * Dropped Changes: |
2179 | + - Include s390-ccw.img firmware (old style native build) |
2180 | + - d/rules enable install s390x-netboot.img (old style native build) |
2181 | + - libvirt/qemu user/group support |
2182 | + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm |
2183 | + trigger. |
2184 | + [ Droppable since logind properly sets ACLs now ] |
2185 | + - qemu-system-common.preinst: add kvm group if needed |
2186 | + [ Droppable because systemd/udev take care of it since 239-6] |
2187 | + - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent |
2188 | + freeze-hook fixes (LP: 1484990) |
2189 | + [upstream] |
2190 | + - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches |
2191 | + merged upstream |
2192 | + [upstream] |
2193 | + - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size |
2194 | + computation while concatenating mbuf. |
2195 | + CVE-2018-11806 |
2196 | + [upstream] |
2197 | + - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB |
2198 | + for powerpc64 to speed up translation (LP: 1781526) |
2199 | + [upstream] |
2200 | + - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add |
2201 | + cpu model for z14 ZR1 (LP: 1780773). |
2202 | + [upstream] |
2203 | + - Mark qemu-system-data foreign to be able to install it e.g. on i386 |
2204 | + (Closes: 903562) |
2205 | + [in Debian] |
2206 | + - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet |
2207 | + unreleased Debian version) |
2208 | + [in Debian] |
2209 | + - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered |
2210 | + by migrations with UI frontends or frequent guest resolution changes |
2211 | + (LP #1755912) |
2212 | + [upstream] |
2213 | + - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to |
2214 | + extend eieio for POWER9 emulation (LP: 1787408). |
2215 | + [upstream] |
2216 | + - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch: |
2217 | + ensure that the seccomp blacklist is applied to all threads (LP: 1789551) |
2218 | + [upstream] |
2219 | + - improve s390x spectre mitigation with etoken facility (LP: 1790457) |
2220 | + [upstream] |
2221 | + - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901) |
2222 | + [upstream] |
2223 | + - d/control-in: our addition of a qemu-system-s390x package needs to follow |
2224 | + the split of qemu-system-data by adding a dependency to it (LP: 1798084) |
2225 | + [in Debian] |
2226 | + - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto |
2227 | + Adapters on s390x (LP: 1787405) |
2228 | + [upstream] |
2229 | + - enable opengl for vfio-MDEV support (LP: 1804766) |
2230 | + [in Debian] |
2231 | + - SECURITY UPDATE: integer overflow in NE2000 NIC emulation |
2232 | + [upstream] |
2233 | + - SECURITY UPDATE: integer overflow via crafted QMP command |
2234 | + [upstream] |
2235 | + - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller |
2236 | + [upstream] |
2237 | + - SECURITY UPDATE: buffer overflow in rtl8139 |
2238 | + [upstream] |
2239 | + - SECURITY UPDATE: buffer overflow in pcnet |
2240 | + [upstream] |
2241 | + - SECURITY UPDATE: DoS via large packet sizes |
2242 | + [upstream] |
2243 | + - SECURITY UPDATE: DoS in lsi53c895a |
2244 | + [upstream] |
2245 | + - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64 |
2246 | + [upstream] |
2247 | + - SECURITY UPDATE: race condition in 9p |
2248 | + [upstream] |
2249 | + |
2250 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Jan 2019 09:41:08 +0100 |
2251 | + |
2252 | qemu (1:3.1+dfsg-2) unstable; urgency=medium |
2253 | |
2254 | * d/rules: split arch and indep builds |
2255 | @@ -1739,6 +3866,249 @@ qemu (1:3.1+dfsg-1) unstable; urgency=medium |
2256 | |
2257 | -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Dec 2018 19:10:27 +0300 |
2258 | |
2259 | +qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium |
2260 | + |
2261 | + [ Marc Deslauriers ] |
2262 | + * SECURITY UPDATE: integer overflow in NE2000 NIC emulation |
2263 | + - debian/patches/CVE-2018-10839.patch: use proper type in |
2264 | + hw/net/ne2000.c. |
2265 | + - CVE-2018-10839 |
2266 | + * SECURITY UPDATE: integer overflow via crafted QMP command |
2267 | + - debian/patches/CVE-2018-12617.patch: check bytes count read by |
2268 | + guest-file-read in qga/commands-posix.c. |
2269 | + - CVE-2018-12617 |
2270 | + * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller |
2271 | + - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c. |
2272 | + - CVE-2018-16847 |
2273 | + * SECURITY UPDATE: buffer overflow in rtl8139 |
2274 | + - debian/patches/CVE-2018-17958.patch: use proper type in |
2275 | + hw/net/rtl8139.c. |
2276 | + - CVE-2018-17958 |
2277 | + * SECURITY UPDATE: buffer overflow in pcnet |
2278 | + - debian/patches/CVE-2018-17962.patch: use proper type in |
2279 | + hw/net/pcnet.c. |
2280 | + - CVE-2018-17962 |
2281 | + * SECURITY UPDATE: DoS via large packet sizes |
2282 | + - debian/patches/CVE-2018-17963.patch: check size in net/net.c. |
2283 | + - CVE-2018-17963 |
2284 | + * SECURITY UPDATE: DoS in lsi53c895a |
2285 | + - debian/patches/CVE-2018-18849.patch: check message length value is |
2286 | + valid in hw/scsi/lsi53c895a.c. |
2287 | + - CVE-2018-18849 |
2288 | + * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64 |
2289 | + - debian/patches/CVE-2018-18954.patch: check size before data buffer |
2290 | + access in hw/ppc/pnv_lpc.c. |
2291 | + - CVE-2018-18954 |
2292 | + * SECURITY UPDATE: race condition in 9p |
2293 | + - debian/patches/CVE-2018-19364-1.patch: use write lock in |
2294 | + hw/9pfs/cofile.c. |
2295 | + - debian/patches/CVE-2018-19364-2.patch: use write lock in |
2296 | + hw/9pfs/9p.c. |
2297 | + - CVE-2018-19364 |
2298 | + |
2299 | + [ Christian Ehrhardt] |
2300 | + * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto |
2301 | + Adapters on s390x (LP: #1787405) |
2302 | + * enable opengl for vfio-MDEV support (LP: #1804766) |
2303 | + - d/control-in: set --enable-opengl |
2304 | + - d/control-in: add gl related build-dependencies |
2305 | + |
2306 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Nov 2018 13:17:01 -0500 |
2307 | + |
2308 | +qemu (1:2.12+dfsg-3ubuntu8) cosmic; urgency=medium |
2309 | + |
2310 | + * d/control-in: our addition of a qemu-system-s390x package needs to follow |
2311 | + the split of qemu-system-data by adding a dependency to it (LP: #1798084) |
2312 | + |
2313 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Oct 2018 10:50:27 +0200 |
2314 | + |
2315 | +qemu (1:2.12+dfsg-3ubuntu7) cosmic; urgency=medium |
2316 | + |
2317 | + * Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: #1790901) |
2318 | + The SLOF source pieces in src:qemu are only used for s390x netboot, |
2319 | + which are independent ROMs (no linking). All other binaries out of this |
2320 | + are part of src:slof and independent. |
2321 | + - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot-2.12-to-3.0.patch |
2322 | + - d/p/ubuntu/lp-1790901-0*: backport s390x pxelinux netboot capabilities |
2323 | + and related fixes |
2324 | + |
2325 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Sep 2018 13:31:15 +0200 |
2326 | + |
2327 | +qemu (1:2.12+dfsg-3ubuntu6) cosmic; urgency=medium |
2328 | + |
2329 | + * improve s390x spectre mitigation with etoken facility (LP: #1790457) |
2330 | + - debian/patches/ubuntu/lp-1790457-s390x-kvm-add-etoken-facility.patch |
2331 | + - debian/patches/ubuntu/lp-1790457-partial-s390x-linux-headers-update.patch |
2332 | + |
2333 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Sep 2018 10:06:48 +0200 |
2334 | + |
2335 | +qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium |
2336 | + |
2337 | + * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch: |
2338 | + ensure that the seccomp blacklist is applied to all threads (LP: #1789551) |
2339 | + - CVE-2018-15746 |
2340 | + |
2341 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 29 Aug 2018 08:50:36 +0200 |
2342 | + |
2343 | +qemu (1:2.12+dfsg-3ubuntu4) cosmic; urgency=medium |
2344 | + |
2345 | + [ Murilo Opsfelder Araujo ] |
2346 | + * d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to |
2347 | + extend eieio for POWER9 emulation (LP: #1787408). |
2348 | + |
2349 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 20 Aug 2018 11:52:39 +0200 |
2350 | + |
2351 | +qemu (1:2.12+dfsg-3ubuntu3) cosmic; urgency=medium |
2352 | + |
2353 | + * d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered |
2354 | + by migrations with UI frontends or frequent guest resolution changes |
2355 | + (LP: #1755912) |
2356 | + |
2357 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 Jul 2018 08:26:52 +0200 |
2358 | + |
2359 | +qemu (1:2.12+dfsg-3ubuntu2) cosmic; urgency=medium |
2360 | + |
2361 | + * Disable capstone disassembler library support (universe dependency) |
2362 | + |
2363 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 17 Jul 2018 08:35:32 +0200 |
2364 | + |
2365 | +qemu (1:2.12+dfsg-3ubuntu1) cosmic; urgency=medium |
2366 | + |
2367 | + * Merge with Debian testing, Remaining Changes: |
2368 | + - Among other things this fixes (LP: #1780768, LP: #1780769, LP: #1780772) |
2369 | + - qemu-kvm to systemd unit |
2370 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
2371 | + hugepages and architecture specifics |
2372 | + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init |
2373 | + - d/qemu-system-common.install: install systemd unit and helper script |
2374 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
2375 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
2376 | + /etc/default/qemu-kvm |
2377 | + - d/rules: install /etc/default/qemu-kvm |
2378 | + - Enable nesting by default |
2379 | + - set nested=1 module option on intel. (is default on amd) |
2380 | + - re-load kvm_intel.ko if it was loaded without nested=1 |
2381 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
2382 | + in qemu64 cpu type. |
2383 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
2384 | + in qemu64 on amd |
2385 | + - d/qemu-system-x86.README.Debian: document intention of nested being |
2386 | + default is comfort, not full support |
2387 | + - libvirt/qemu user/group support |
2388 | + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm |
2389 | + trigger. |
2390 | + - qemu-system-common.preinst: add kvm group if needed |
2391 | + - Distribution specific machine type |
2392 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
2393 | + types to ease future live vm migration. |
2394 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
2395 | + - d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type |
2396 | + for host-phys-bits=true (LP: 1776189) |
2397 | + - add an info about -hpb machine type in debian/qemu-system-x86.NEWS |
2398 | + - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as |
2399 | + convenience with all meltdown/spectre workarounds enabled by default. |
2400 | + (LP: 1761372). |
2401 | + - improved dependencies |
2402 | + - Make qemu-system-common depend on qemu-block-extra |
2403 | + - Make qemu-utils depend on qemu-block-extra |
2404 | + - let qemu-utils recommend sharutils |
2405 | + - s390x support |
2406 | + - Create qemu-system-s390x package |
2407 | + - Include s390-ccw.img firmware |
2408 | + - Enable numa support for s390x |
2409 | + - arch aware kvm wrappers |
2410 | + - update VCS-git (updated to match cosmic) |
2411 | + - qemu-guest-agent: freeze-hook fixes (LP: 1484990) |
2412 | + - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch |
2413 | + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook |
2414 | + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d |
2415 | + - Create and install pxe netboot images for KVM s390x (LP: 1732094) |
2416 | + - d/rules enable install s390x-netboot.img |
2417 | + - d/control-in: enable RDMA support in qemu (LP: 1692476) |
2418 | + - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) |
2419 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
2420 | + reference 256k path |
2421 | + - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
2422 | + handle incoming migrations from former releases. |
2423 | + - SECURITY UPDATE: Speculative Store Bypass |
2424 | + - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd' |
2425 | + CPUID feature bit in target/i386/cpu.*. |
2426 | + - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD |
2427 | + 'virt-ssbd' CPUID feature bit in target/i386/cpu.c. |
2428 | + - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD |
2429 | + MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c, |
2430 | + target/i386/machine.c. |
2431 | + - CVE-2018-3639 |
2432 | + * Added Changes: |
2433 | + - update machine type changes for qemu 2.12 and the Ubuntu Cosmic release |
2434 | + - add cosmic types for base and -hpb |
2435 | + - drop no more supported types (zesty and yakkety) |
2436 | + - d/p/series: group machine type changes |
2437 | + - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches |
2438 | + merged upstream |
2439 | + - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size |
2440 | + computation while concatenating mbuf. |
2441 | + CVE-2018-11806 |
2442 | + - d/qemu-kvm-init, d/qemu-system-common.qemu-kvm.default: drop the |
2443 | + deprecated handling of VHOST_NET_ENABLED and KVM_HUGEPAGES. |
2444 | + - d/qemu-kvm-init: do not exit early on non x86/ppc64el (LP: #1763275) |
2445 | + - d/qemu-kvm-init, d/kvm.powerpc: clean up typos and shellcheck warnings |
2446 | + - d/qemu-kvm-init, d/kvm.powerpc: fix SMT detection and make it only apply |
2447 | + to POWER8 |
2448 | + - d/qemu-kvm-init: drop old VM detection that was broken in some cases and |
2449 | + is no more needed with systemd-detect-virt being more mature and always |
2450 | + present. |
2451 | + - d/kvm.powerpc: drop old powerpc (non-ppc64el) code. |
2452 | + - d/control-in: add libibumad-dev which is now needed for rdma |
2453 | + - d/rules: update s390x delta to match new Debian packaging |
2454 | + - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB |
2455 | + for powerpc64 to speed up translation (LP: #1781526) |
2456 | + - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add |
2457 | + cpu model for z14 ZR1 (LP: #1780773). |
2458 | + - Mark qemu-system-data foreign to be able to install it e.g. on i386 |
2459 | + (Closes: 903562) |
2460 | + - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet |
2461 | + unreleased Debian version) |
2462 | + * Dropped Changes: |
2463 | + - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch |
2464 | + (No more removed when building DFSG orig tarball in Debian) |
2465 | + - sdl2 is yet too unstable for the LTS Ubuntu release given the reports |
2466 | + we still see upstream and in Debian - furthermore sdl2 isn't in main yet, |
2467 | + so we revert related changes to stick with the proven for now: |
2468 | + - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already |
2469 | + depends on it) |
2470 | + - 9594f820 - switch from sdl1.2 to sdl2 (#870025) |
2471 | + (Debian switched to gtk which seems to work better and has all |
2472 | + dependencies in main.) |
2473 | + - d/control-in: enable seccomp on s390x (in Debian for Linux-any) |
2474 | + - Changes that are now upstream with qemu 2.12 |
2475 | + - d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with |
2476 | + newer versions of glibc >=2.27 (LP: 1753826) |
2477 | + - d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release |
2478 | + - d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new |
2479 | + SSE/AVX/AVX512 cpu features (LP: 1739665) |
2480 | + - d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm |
2481 | + space+commpage continuous which avoids long startup times on |
2482 | + qemu-user-static (LP: 1740219) |
2483 | + - provide pseries-2.12-sxxm type (LP: 1761372) |
2484 | + - d/p/ubuntu/lp-1704312-1-* provide means to manually handle |
2485 | + filesystem-dax with pmem by backporting align and unarmed options |
2486 | + (LP: 1704312). |
2487 | + - d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname |
2488 | + option to slirp's DHCP server (LP: 1762315) |
2489 | + - d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying |
2490 | + Protection information (LP: 1762854). |
2491 | + - d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 |
2492 | + migration (LP: 1763468). |
2493 | + - SECURITY UPDATE: out-of-bounds access during migration via ps2 |
2494 | + CVE-2017-16845 |
2495 | + - SECURITY UPDATE: arbitrary code execution via load_multiboot |
2496 | + CVE-2018-7550 |
2497 | + - SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA |
2498 | + CVE-2018-7858 |
2499 | + |
2500 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 21 Jun 2018 14:24:06 +0200 |
2501 | + |
2502 | qemu (1:2.12+dfsg-3) unstable; urgency=medium |
2503 | |
2504 | * make qemu-system-foo depending |
2505 | @@ -1827,6 +4197,239 @@ qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium |
2506 | |
2507 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 12 Apr 2018 19:04:03 +0300 |
2508 | |
2509 | +qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium |
2510 | + |
2511 | + * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type |
2512 | + for host-phys-bits=true (LP: #1776189) |
2513 | + - add an info about this change in debian/qemu-system-x86.NEWS |
2514 | + |
2515 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 09:01:00 +0200 |
2516 | + |
2517 | +qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium |
2518 | + |
2519 | + * SECURITY UPDATE: Speculative Store Bypass |
2520 | + - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd' |
2521 | + CPUID feature bit in target/i386/cpu.*. |
2522 | + - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD |
2523 | + 'virt-ssbd' CPUID feature bit in target/i386/cpu.c. |
2524 | + - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD |
2525 | + MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c, |
2526 | + target/i386/machine.c. |
2527 | + - CVE-2018-3639 |
2528 | + |
2529 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 22 May 2018 09:34:52 -0400 |
2530 | + |
2531 | +qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium |
2532 | + |
2533 | + * SECURITY UPDATE: out-of-bounds access during migration via ps2 |
2534 | + - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers |
2535 | + in post_load routine in hw/input/ps2.c. |
2536 | + - CVE-2017-16845 |
2537 | + * SECURITY UPDATE: arbitrary code execution via load_multiboot |
2538 | + - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being |
2539 | + zero in hw/i386/multiboot.c. |
2540 | + - CVE-2018-7550 |
2541 | + * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA |
2542 | + - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in |
2543 | + hw/display/vga.c. |
2544 | + - CVE-2018-7858 |
2545 | + |
2546 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 May 2018 14:14:20 -0400 |
2547 | + |
2548 | +qemu (1:2.11+dfsg-1ubuntu8) cosmic; urgency=medium |
2549 | + |
2550 | + * No-change rebuild for ncurses soname changes. |
2551 | + |
2552 | + -- Matthias Klose <doko@ubuntu.com> Thu, 03 May 2018 14:18:39 +0000 |
2553 | + |
2554 | +qemu (1:2.11+dfsg-1ubuntu7) bionic; urgency=medium |
2555 | + |
2556 | + * d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying Protection |
2557 | + information (LP: #1762854). |
2558 | + * d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 migration |
2559 | + (LP: #1763468). |
2560 | + |
2561 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Apr 2018 07:46:18 +0200 |
2562 | + |
2563 | +qemu (1:2.11+dfsg-1ubuntu6) bionic; urgency=medium |
2564 | + |
2565 | + * Remove LP: 1752026 changes to d/p/ubuntu/define-ubuntu-machine-types.patch. |
2566 | + The Kernel fixes are preferred and already committed to the kernel. |
2567 | + Therefore remove the default disabling of the HTM feature (LP: #1761175) |
2568 | + * d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new |
2569 | + SSE/AVX/AVX512 cpu features (LP: #1739665) |
2570 | + * d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm |
2571 | + space+commpage continuous which avoids long startup times on |
2572 | + qemu-user-static (LP: #1740219) |
2573 | + * d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as |
2574 | + convenience with all meltdown/spectre workarounds enabled by default. |
2575 | + This is not the default type following upstream and x86 on that. |
2576 | + (LP: #1761372). |
2577 | + * d/p/ubuntu/lp-1704312-1-* provide means to manually handle filesystem-dax |
2578 | + with pmem by backporting align and unarmed options (LP: #1704312). |
2579 | + * d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname |
2580 | + option to slirp's DHCP server (LP: #1762315) |
2581 | + |
2582 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Apr 2018 15:16:07 +0200 |
2583 | + |
2584 | +qemu (1:2.11+dfsg-1ubuntu5) bionic; urgency=medium |
2585 | + |
2586 | + * Revert the slirp changes of 1:2.11+dfsg-1ubuntu3 until they are upstream |
2587 | + accepted to be better long term maintainable (LP: #1753938) |
2588 | + |
2589 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 22 Mar 2018 10:31:23 +0100 |
2590 | + |
2591 | +qemu (1:2.11+dfsg-1ubuntu4) bionic; urgency=medium |
2592 | + |
2593 | + * d/p/ubuntu/define-ubuntu-machine-types.patch: Disable HTM feature for |
2594 | + ppc64el in spapr to let the defaults not fail on Power9 HW (LP: #1752026). |
2595 | + * d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with newer |
2596 | + versions of glibc >=2.27 (LP: #1753826) |
2597 | + |
2598 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 05 Mar 2018 16:43:01 +0100 |
2599 | + |
2600 | +qemu (1:2.11+dfsg-1ubuntu3) bionic; urgency=medium |
2601 | + |
2602 | + * d/p/ubuntu/0001-slirp-Add-domainname-option-to-slirp-s-DHCP-server.patch, |
2603 | + d/p/ubuntu/0002-slirp-Add-classless-static-routes-support-to-DHCP-se.patch: |
2604 | + Add domainname option and classless static routes support to the user |
2605 | + networking's DHCP server |
2606 | + |
2607 | + -- Benjamin Drung <benjamin.drung@profitbricks.com> Fri, 02 Mar 2018 21:08:54 +0100 |
2608 | + |
2609 | +qemu (1:2.11+dfsg-1ubuntu2) bionic; urgency=medium |
2610 | + |
2611 | + * d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release |
2612 | + - among other fixes this adds code to: |
2613 | + - mitigate the Spectre/Meltdown attacks (LP: #1744882) (CVE-2017-5715) |
2614 | + However, enabling this functionality requires additional configuration |
2615 | + beyond just updating QEMU. Also migrations need special consideration. |
2616 | + Details about that can be found at: |
2617 | + https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/ |
2618 | + - Power9 allocation of max 8 threads per core (LP: #1750526) |
2619 | + * Drop changes that are part of the upstream stable release |
2620 | + - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch |
2621 | + - d/p/ubuntu/linux-headers-update-4.15-rc9.patch |
2622 | + - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch |
2623 | + - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch |
2624 | + * d/p/ubuntu/define-ubuntu-machine-types.patch: refresh to match stable update |
2625 | + * d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: unify to only change the |
2626 | + common compat.h header and add some extra info in the patch header. |
2627 | + |
2628 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Feb 2018 11:03:11 +0100 |
2629 | + |
2630 | +qemu (1:2.11+dfsg-1ubuntu1) bionic; urgency=medium |
2631 | + |
2632 | + * Merge with Debian testing, among other fixes this includes |
2633 | + - fix fatal error on negative maxcpus (LP: #1722495) |
2634 | + - fix segfault on dump-guest-memory on guests without memory (LP: #1723381) |
2635 | + - linux user threading issues (LP: #1350435) |
2636 | + - TOD-Clock Epoch Extension Support on s390x (LP: #1732691) |
2637 | + Remaining changes: |
2638 | + - qemu-kvm to systemd unit |
2639 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
2640 | + hugepages and architecture specifics |
2641 | + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init |
2642 | + - d/qemu-system-common.install: install systemd unit and helper script |
2643 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
2644 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
2645 | + /etc/default/qemu-kvm |
2646 | + - d/rules: install /etc/default/qemu-kvm |
2647 | + - Enable nesting by default |
2648 | + - set nested=1 module option on intel. (is default on amd) |
2649 | + - re-load kvm_intel.ko if it was loaded without nested=1 |
2650 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
2651 | + in qemu64 cpu type. |
2652 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
2653 | + in qemu64 on amd |
2654 | + - libvirt/qemu user/group support |
2655 | + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm |
2656 | + trigger. |
2657 | + - qemu-system-common.preinst: add kvm group if needed |
2658 | + - Distribution specific machine type |
2659 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
2660 | + types to ease future live vm migration. |
2661 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
2662 | + - improved dependencies |
2663 | + - Make qemu-system-common depend on qemu-block-extra |
2664 | + - Make qemu-utils depend on qemu-block-extra |
2665 | + - let qemu-utils recommend sharutils |
2666 | + - s390x support |
2667 | + - Create qemu-system-s390x package |
2668 | + - Include s390-ccw.img firmware |
2669 | + - Enable numa support for s390x |
2670 | + - ppc64[le] support |
2671 | + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink |
2672 | + - arch aware kvm wrappers |
2673 | + * Added Changes |
2674 | + - update VCS-git to match the bionic branch |
2675 | + - sdl2 is yet too unstable for the LTS Ubuntu release given the reports |
2676 | + we still see upstream and in Debian - furthermore sdl2 isn't in main yet, |
2677 | + so we revert related changes to stick with the proven for now: |
2678 | + - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already |
2679 | + depends on it) |
2680 | + - 9594f820 - switch from sdl1.2 to sdl2 (#870025) |
2681 | + - d/qemu-system-x86.README.Debian: document intention of nested being |
2682 | + default is comfort, not full support |
2683 | + - update Ubuntu machine types for qemu 2.11 |
2684 | + - qemu-guest-agent: freeze-hook fixes (LP: #1484990) |
2685 | + - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch |
2686 | + - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook |
2687 | + - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d |
2688 | + - Create and install pxe netboot images for KVM s390x (LP: #1732094) |
2689 | + - d/rules enable install s390x-netboot.img |
2690 | + - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch |
2691 | + - d/control-in: enable RDMA support in qemu (LP: #1692476) |
2692 | + - on s390x provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1743560) |
2693 | + - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch |
2694 | + - d/p/ubuntu/linux-headers-update-4.15-rc9.patch |
2695 | + - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch |
2696 | + - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch |
2697 | + - tolerate ipxe size change on migrations to >=18.04 (LP: #1713490) |
2698 | + - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types |
2699 | + reference 256k path |
2700 | + - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to |
2701 | + handle incoming migrations from former releases. |
2702 | + - d/control-in: enable seccomp on s390x |
2703 | + * Dropped changes (no more needed): |
2704 | + - Dropped VHOST_NET_ENABLED and KVM_HUGEPAGES from /etc/default/qemu-kvm |
2705 | + The functionality is retained for upgraders, but is deprecated. |
2706 | + Post 18.04 the implementation for these configurations will be removed. |
2707 | + * Dropped changes (in Debian now): |
2708 | + - ppc64[le] support |
2709 | + - Enable seccomp for ppc64el |
2710 | + - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64 |
2711 | + - disable missing x32 architecture |
2712 | + - d/rules: or32 is now named or1k (since 4a09d0bb) |
2713 | + - d/qemu-system-common.docs: new paths since (ac06724a) |
2714 | + - d/qemu-system-common.install: qmp-commands.txt removed, but replaced |
2715 | + by qapi-schema.json which is already packaged (since 4d8bb958) |
2716 | + - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update |
2717 | + to Debian patch to match qemu 2.10) |
2718 | + - d/qemu-system-common.docs: adapt new path of live-block-operations.rst |
2719 | + since 8508eee7 |
2720 | + - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1 |
2721 | + - make nios2/hppa not installed explicitly until further stablized |
2722 | + - d/qemu-guest-agent.install: add the new guest agent reference man page |
2723 | + qemu-ga-ref |
2724 | + - d/qemu-system-common.install: add the now generated qapi/qmp reference |
2725 | + along the qapi intro |
2726 | + - d/not-installed: ignore further generated (since 56e8bdd4) files in |
2727 | + dh_missing that are already provided in other formats qemu-doc, |
2728 | + qemu-qmp-ref,qemu-ga-ref |
2729 | + * Dropped changes (integrated upstream): |
2730 | + - d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes |
2731 | + on arm64 when doing suspend/resume and reboots due to older kernels not |
2732 | + supporting ITS (LP 1731051). |
2733 | + - Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from |
2734 | + James Cowgill to prevent qemu-user from forwarding prctl seccomp |
2735 | + calls (LP 1726394) |
2736 | + - update to upstream 2.10.1 point release (LP 1722808) |
2737 | + |
2738 | + |
2739 | + |
2740 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Jan 2018 14:35:18 +0100 |
2741 | + |
2742 | qemu (1:2.11+dfsg-1) unstable; urgency=medium |
2743 | |
2744 | [ Michael Tokarev ] |
2745 | @@ -1941,6 +4544,238 @@ qemu (1:2.10.0-1) unstable; urgency=medium |
2746 | |
2747 | -- Michael Tokarev <mjt@tls.msk.ru> Sat, 23 Sep 2017 16:47:02 +0300 |
2748 | |
2749 | +qemu (1:2.10+dfsg-0ubuntu5) bionic; urgency=medium |
2750 | + |
2751 | + * d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes |
2752 | + on arm64 when doing suspend/resume and reboots due to older kernels not |
2753 | + supporting ITS (LP: #1731051). |
2754 | + |
2755 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 14 Nov 2017 08:30:29 +0100 |
2756 | + |
2757 | +qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium |
2758 | + |
2759 | + * Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from |
2760 | + James Cowgill to prevent qemu-user from forwarding prctl seccomp |
2761 | + calls (LP: #1726394) |
2762 | + |
2763 | + -- Julian Andres Klode <juliank@ubuntu.com> Sat, 04 Nov 2017 00:21:14 +0100 |
2764 | + |
2765 | +qemu (1:2.10+dfsg-0ubuntu3) artful; urgency=medium |
2766 | + |
2767 | + * fix enablement of qemu-kvm service (LP: #1720397) |
2768 | + - rename d/qemu-kvm.service to d/qemu-system-common.qemu-kvm.service |
2769 | + - d/rules: add proper enablement debhelper calls |
2770 | + - d/qemu-system-common.install: install covered by dh_installinit |
2771 | + |
2772 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Oct 2017 11:28:39 +0200 |
2773 | + |
2774 | +qemu (1:2.10+dfsg-0ubuntu2) artful; urgency=medium |
2775 | + |
2776 | + * update to upstream 2.10.1 point release (LP: #1722808) |
2777 | + |
2778 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Oct 2017 15:33:40 +0200 |
2779 | + |
2780 | +qemu (1:2.10+dfsg-0ubuntu1) artful; urgency=medium |
2781 | + |
2782 | + * Merge with Upstream 2.10.0 to pick up final fixes of the 2.10 release |
2783 | + Remaining changes: |
2784 | + - qemu-kvm to systemd unit |
2785 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
2786 | + hugepages and architecture specifics |
2787 | + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init |
2788 | + - d/qemu-system-common.install: install systemd unit and helper script |
2789 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
2790 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
2791 | + /etc/default/qemu-kvm |
2792 | + - d/rules: install /etc/default/qemu-kvm |
2793 | + - Enable nesting by default |
2794 | + - set nested=1 module option on intel. (is default on amd) |
2795 | + - re-load kvm_intel.ko if it was loaded without nested=1 |
2796 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
2797 | + in qemu64 cpu type. |
2798 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
2799 | + in qemu64 on amd |
2800 | + - libvirt/qemu user/group support |
2801 | + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm |
2802 | + trigger. |
2803 | + - qemu-system-common.preinst: add kvm group if needed |
2804 | + - Distribution specific machine type |
2805 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
2806 | + types to ease future live vm migration. |
2807 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
2808 | + - improved dependencies |
2809 | + - Make qemu-system-common depend on qemu-block-extra |
2810 | + - Make qemu-utils depend on qemu-block-extra |
2811 | + - let qemu-utils recommend sharutils |
2812 | + - s390x support |
2813 | + - Create qemu-system-s390x package |
2814 | + - Include s390-ccw.img firmware |
2815 | + - Enable numa support for s390x |
2816 | + - ppc64[le] support |
2817 | + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink |
2818 | + - Enable seccomp for ppc64el |
2819 | + - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64 |
2820 | + - arch aware kvm wrappers |
2821 | + - update VCS-git to match the Artful branch |
2822 | + - disable missing x32 architecture |
2823 | + - d/rules: or32 is now named or1k (since 4a09d0bb) |
2824 | + - d/qemu-system-common.docs: new paths since (ac06724a) |
2825 | + - d/qemu-system-common.install: qmp-commands.txt removed, but replaced |
2826 | + by qapi-schema.json which is already packaged (since 4d8bb958) |
2827 | + - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update |
2828 | + to Debian patch to match qemu 2.10) |
2829 | + - s390x package now builds correctly on all architectures (LP 1710695) |
2830 | + - d/qemu-system-common.docs: adapt new path of live-block-operations.rst |
2831 | + since 8508eee7 |
2832 | + - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1 |
2833 | + - make nios2/hppa not installed explicitly until further stablized |
2834 | + - d/qemu-guest-agent.install: add the new guest agent reference man page |
2835 | + qemu-ga-ref |
2836 | + - d/qemu-system-common.install: add the now generated qapi/qmp reference |
2837 | + along the qapi intro |
2838 | + - d/not-installed: ignore further generated (since 56e8bdd4) files in |
2839 | + dh_missing that are already provided in other formats qemu-doc, |
2840 | + qemu-qmp-ref,qemu-ga-ref |
2841 | + |
2842 | + |
2843 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Sep 2017 08:31:26 +0200 |
2844 | + |
2845 | +qemu (1:2.10~rc4+dfsg-0ubuntu1) artful; urgency=medium |
2846 | + |
2847 | + * Merge with Upstream 2.10-rc4; This fixes a migration issue (LP: #1711602); |
2848 | + Remaining changes: |
2849 | + - qemu-kvm to systemd unit |
2850 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
2851 | + hugepages and architecture specifics |
2852 | + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init |
2853 | + - d/qemu-system-common.install: install systemd unit and helper script |
2854 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
2855 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
2856 | + /etc/default/qemu-kvm |
2857 | + - d/rules: install /etc/default/qemu-kvm |
2858 | + - Enable nesting by default |
2859 | + - set nested=1 module option on intel. (is default on amd) |
2860 | + - re-load kvm_intel.ko if it was loaded without nested=1 |
2861 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
2862 | + in qemu64 cpu type. |
2863 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
2864 | + in qemu64 on amd |
2865 | + - libvirt/qemu user/group support |
2866 | + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm |
2867 | + trigger. |
2868 | + - qemu-system-common.preinst: add kvm group if needed |
2869 | + - Distribution specific machine type |
2870 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
2871 | + types to ease future live vm migration. |
2872 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
2873 | + - improved dependencies |
2874 | + - Make qemu-system-common depend on qemu-block-extra |
2875 | + - Make qemu-utils depend on qemu-block-extra |
2876 | + - let qemu-utils recommend sharutils |
2877 | + - s390x support |
2878 | + - Create qemu-system-s390x package |
2879 | + - Include s390-ccw.img firmware |
2880 | + - Enable numa support for s390x |
2881 | + - ppc64[le] support |
2882 | + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink |
2883 | + - Enable seccomp for ppc64el |
2884 | + - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64 |
2885 | + - arch aware kvm wrappers |
2886 | + - update VCS-git to match the Artful branch |
2887 | + - disable missing x32 architecture |
2888 | + - d/rules: or32 is now named or1k (since 4a09d0bb) |
2889 | + - d/qemu-system-common.docs: new paths since (ac06724a) |
2890 | + - d/qemu-system-common.install: qmp-commands.txt removed, but replaced |
2891 | + by qapi-schema.json which is already packaged (since 4d8bb958) |
2892 | + - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update |
2893 | + to Debian patch to match qemu 2.10) |
2894 | + - s390x package now builds correctly on all architectures (LP 1710695) |
2895 | + * Added changes: |
2896 | + - d/qemu-system-common.docs: adapt new path of live-block-operations.rst |
2897 | + since 8508eee7 |
2898 | + - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1 |
2899 | + - make nios2/hppa not installed explicitly until further stablized |
2900 | + - d/qemu-guest-agent.install: add the new guest agent reference man page |
2901 | + qemu-ga-ref |
2902 | + - d/qemu-system-common.install: add the now generated qapi/qmp reference |
2903 | + along the qapi intro |
2904 | + - d/not-installed: ignore further generated (since 56e8bdd4) files in |
2905 | + dh_missing that are already provided in other formats qemu-doc, |
2906 | + qemu-qmp-ref,qemu-ga-ref |
2907 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: update to match new |
2908 | + changes in 2.10-rc4 |
2909 | + |
2910 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 25 Aug 2017 07:49:30 +0200 |
2911 | + |
2912 | +qemu (1:2.10~rc3+dfsg-0ubuntu1) artful; urgency=medium |
2913 | + |
2914 | + * Merge with Debian unstable (2.8) and Upstream 2.10-rci3; This fixes |
2915 | + a set of bugs |
2916 | + - [FFE] Qemu 2.10 in Artful (LP: #1699968) |
2917 | + - CPU hot unplug fails after migrating a CPU hotplugged guest |
2918 | + from source (LP: #1677552) |
2919 | + - [Feature] KNL/KNM: Numa Distance on KVM(LP: #1647902) |
2920 | + - New KVM 288 Pass Through (LP: #1672447) |
2921 | + - aarch64: MSI is not supported by interrupt controller (LP: #1706630) |
2922 | + * Remaining changes: |
2923 | + - qemu-kvm to systemd unit |
2924 | + - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, |
2925 | + hugepages and architecture specifics |
2926 | + - d/qemu-kvm.service: systemd unit to call qemu-kvm-init |
2927 | + - d/qemu-system-common.install: install systemd unit and helper script |
2928 | + - d/qemu-system-common.maintscript: clean old sysv and upstart scripts |
2929 | + - d/qemu-system-common.qemu-kvm.default: defaults for |
2930 | + /etc/default/qemu-kvm |
2931 | + - d/rules: install /etc/default/qemu-kvm |
2932 | + - Enable nesting by default |
2933 | + - set nested=1 module option on intel. (is default on amd) |
2934 | + - re-load kvm_intel.ko if it was loaded without nested=1 |
2935 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default |
2936 | + in qemu64 cpu type. |
2937 | + - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default |
2938 | + in qemu64 on amd |
2939 | + - libvirt/qemu user/group support |
2940 | + - qemu-system-common.postinst: remove acl placed by udev, and add udevadm |
2941 | + trigger. |
2942 | + - qemu-system-common.preinst: add kvm group if needed |
2943 | + - Distribution specific machine type |
2944 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
2945 | + types to ease future live vm migration. |
2946 | + - d/qemu-system-x86.NEWS Info on fixed machine type definitions |
2947 | + - improved dependencies |
2948 | + - Make qemu-system-common depend on qemu-block-extra |
2949 | + - Make qemu-utils depend on qemu-block-extra |
2950 | + - let qemu-utils recommend sharutils |
2951 | + - s390x support |
2952 | + - Create qemu-system-s390x package |
2953 | + - Include s390-ccw.img firmware |
2954 | + - Enable numa support for s390x |
2955 | + - ppc64[le] support |
2956 | + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink |
2957 | + - Enable seccomp for ppc64el |
2958 | + - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64 |
2959 | + - arch aware kvm wrappers |
2960 | + - disable missing x32 architecture |
2961 | + - update VCS links |
2962 | + * Added changes |
2963 | + - d/rules: or32 is now named or1k (since 4a09d0bb) |
2964 | + - d/qemu-system-common.docs: new paths since (ac06724a) |
2965 | + - d/qemu-system-common.install: qmp-commands.txt removed, but replaced |
2966 | + by qapi-schema.json which is already packaged (since 4d8bb958) |
2967 | + - Updates in debian/patches to match qemu 2.10 |
2968 | + - d/p/02_kfreebsd.patch: utimensat is no more optional upstream |
2969 | + - d/p/ubuntu/enable-svm-by-default.patch: target-i386 -> target/i386 |
2970 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: target-i386 -> target/i386 |
2971 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: new 2.10 ubuntu types |
2972 | + - update VCS-git to match the Artful branch |
2973 | + - s390x package now builds correctly on all architectures (LP: #1710695) |
2974 | + * Dropped changes (integrated upstream): |
2975 | + - d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport |
2976 | + "spapr/pci: populate PCI DT in reverse order" (LP 1670481). |
2977 | + - All CVE fixes formerly applied are upstream and thereby dropped. |
2978 | + |
2979 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Aug 2017 16:59:19 +0200 |
2980 | + |
2981 | qemu (1:2.8+dfsg-7) unstable; urgency=medium |
2982 | |
2983 | * uploading to unstable all fixes which went to stretch-security |
2984 | @@ -2050,6 +4885,179 @@ qemu (1:2.8+dfsg-4) unstable; urgency=high |
2985 | |
2986 | -- Michael Tokarev <mjt@tls.msk.ru> Mon, 03 Apr 2017 16:28:49 +0300 |
2987 | |
2988 | +qemu (1:2.8+dfsg-3ubuntu4) artful; urgency=medium |
2989 | + |
2990 | + * debian/rules: fix installation of /etc/default/qemu-kvm (LP: #1692530) |
2991 | + This was inadvertently dropped on 2.8 merge. |
2992 | + |
2993 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 May 2017 15:45:58 +0200 |
2994 | + |
2995 | +qemu (1:2.8+dfsg-3ubuntu3) artful; urgency=medium |
2996 | + |
2997 | + * SECURITY UPDATE: denial of service via leak in virtFS |
2998 | + - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in |
2999 | + hw/9pfs/9p.c. |
3000 | + - CVE-2017-7377 |
3001 | + * SECURITY UPDATE: denial of service in cirrus_vga |
3002 | + - debian/patches/CVE-2017-7718.patch: check parameters in |
3003 | + hw/display/cirrus_vga_rop.h. |
3004 | + - CVE-2017-7718 |
3005 | + * SECURITY UPDATE: code execution via cirrus_vga OOB r/w |
3006 | + - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in |
3007 | + hw/display/cirrus_vga.c. |
3008 | + - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in |
3009 | + hw/display/cirrus_vga.c. |
3010 | + - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling |
3011 | + in hw/display/cirrus_vga.c. |
3012 | + - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in |
3013 | + hw/display/cirrus_vga.c. |
3014 | + - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch |
3015 | + in hw/display/cirrus_vga.c. |
3016 | + - debian/patches/CVE-2017-7980-6.patch: stop passing around dst |
3017 | + pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h, |
3018 | + hw/display/cirrus_vga_rop2.h. |
3019 | + - debian/patches/CVE-2017-7980-7.patch: stop passing around src |
3020 | + pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h, |
3021 | + hw/display/cirrus_vga_rop2.h. |
3022 | + - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in |
3023 | + hw/display/cirrus_vga_rop.h. |
3024 | + - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in |
3025 | + hw/display/cirrus_vga.c. |
3026 | + - CVE-2017-7980 |
3027 | + * SECURITY UPDATE: denial of service via memory leak in virtFS |
3028 | + - debian/patches/CVE-2017-8086.patch: fix leak in hw/9pfs/9p-xattr.c. |
3029 | + - CVE-2017-8086 |
3030 | + * SECURITY UPDATE: denial of service via leak in audio |
3031 | + - debian/patches/CVE-2017-8309.patch: release capture buffers in |
3032 | + audio/audio.c. |
3033 | + - CVE-2017-8309 |
3034 | + * SECURITY UPDATE: denial of service via leak in keyboard |
3035 | + - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in |
3036 | + ui/input.c. |
3037 | + - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in |
3038 | + ui/input.c. |
3039 | + - CVE-2017-8379 |
3040 | + |
3041 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 18 May 2017 09:20:54 -0400 |
3042 | + |
3043 | +qemu (1:2.8+dfsg-3ubuntu2.1) zesty-security; urgency=medium |
3044 | + |
3045 | + * SECURITY UPDATE: DoS in virtio GPU device |
3046 | + - debian/patches/CVE-2016-10028.patch: check virgl capabilities |
3047 | + max_size in hw/display/virtio-gpu-3d.c. |
3048 | + - CVE-2016-10028 |
3049 | + * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation |
3050 | + - debian/patches/CVE-2016-8667.patch: limit interval timer reload value |
3051 | + in hw/dma/rc4030.c. |
3052 | + - CVE-2016-8667 |
3053 | + * SECURITY UPDATE: host filesystem access via virtFS |
3054 | + - debian/patches/CVE-2016-9602.patch: don't follow symlinks in |
3055 | + hw/9pfs/*. |
3056 | + - CVE-2016-9602 |
3057 | + * SECURITY UPDATE: arbitrary code execution via Cirrus VGA |
3058 | + - debian/patches/CVE-2016-9603.patch: remove bitblit support from |
3059 | + console code in hw/display/cirrus_vga.c, include/ui/console.h, |
3060 | + ui/console.c, ui/vnc.c. |
3061 | + - CVE-2016-9603 |
3062 | + * SECURITY UPDATE: information leak in virtio GPU device |
3063 | + - debian/patches/CVE-2016-9908.patch: properly clear out memory in |
3064 | + hw/display/virtio-gpu-3d.c. |
3065 | + - CVE-2016-9908 |
3066 | + * SECURITY UPDATE: DoS via memory leak in virtio GPU device |
3067 | + - debian/patches/CVE-2016-9912.patch: properly free memory in |
3068 | + hw/display/virtio-gpu.c. |
3069 | + - CVE-2016-9912 |
3070 | + * SECURITY UPDATE: DoS via virtFS |
3071 | + - debian/patches/CVE-2016-9914.patch: add cleanup operations to |
3072 | + fsdev/file-op-9p.h, hw/9pfs/9p.c. |
3073 | + - CVE-2016-9914 |
3074 | + * SECURITY UPDATE: DoS via memory leak in virtio GPU device |
3075 | + - debian/patches/CVE-2017-5552.patch: check return value in |
3076 | + hw/display/virtio-gpu-3d.c. |
3077 | + - CVE-2017-5552 |
3078 | + * SECURITY UPDATE: DoS via memory leak in virtio GPU device |
3079 | + - debian/patches/CVE-2017-5578.patch: check res->iov in |
3080 | + hw/display/virtio-gpu.c. |
3081 | + - CVE-2017-5578 |
3082 | + * SECURITY UPDATE: DoS via infinite loop in SDHCI device emulation |
3083 | + - debian/patches/CVE-2017-5987-*.patch: fix transfer mode register |
3084 | + handling in hw/sd/sdhci.c. |
3085 | + - CVE-2017-5987 |
3086 | + * SECURITY UPDATE: DoS via infinite loop in USB OHCI emulation |
3087 | + - debian/patches/CVE-2017-6505.patch: limit the number of link eds in |
3088 | + hw/usb/hcd-ohci.c. |
3089 | + - CVE-2017-6505 |
3090 | + |
3091 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 24 Apr 2017 07:30:11 -0400 |
3092 | + |
3093 | +qemu (1:2.8+dfsg-3ubuntu2) zesty; urgency=medium |
3094 | + |
3095 | + * d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport |
3096 | + "spapr/pci: populate PCI DT in reverse order" (LP: #1670481). |
3097 | + |
3098 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2017 09:23:08 +0100 |
3099 | + |
3100 | +qemu (1:2.8+dfsg-3ubuntu1) zesty; urgency=medium |
3101 | + |
3102 | + * Merge with Debian; |
3103 | + This fixes several CVEs that were reported against qemu 2.8 and also |
3104 | + includes a few important functional backports (LP: #1667033); remaining |
3105 | + changes: |
3106 | + - add qemu-kvm init script and defaults file |
3107 | + (d/qemu-system-common.qemu-kvm.*) |
3108 | + - d/rules, d/qemu-kvm-init: add and install script loading kvm |
3109 | + modules and handling /etc/default/qemu-kvm |
3110 | + - qemu-system-common.preinst: add kvm group if needed |
3111 | + - Enable nesting by default on intel. |
3112 | + - set default module option |
3113 | + - re-load kvm_intel.ko if it was loaded without nested=1 |
3114 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by |
3115 | + default in qemu64 cpu type. |
3116 | + - Enable svm by default for qemu64 on amd |
3117 | + - d/p/ubuntu/define-ubuntu-machine-types.patch, d/qemu-system-x86.NEWS: |
3118 | + define distro machine types to ease future live vm migration (includes |
3119 | + all former follow up fixes). |
3120 | + - Make qemu-system-common depend on qemu-block-extra |
3121 | + - Make qemu-utils depend on qemu-block-extra |
3122 | + - s390x support |
3123 | + - Create qemu-system-s390x package |
3124 | + - Include s390-ccw.img firmware |
3125 | + - qemu-system-common.postinst: |
3126 | + - change acl placed by udev, and add udevadm trigger. |
3127 | + - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el |
3128 | + - Several changes were applied but missing in the changelog so far |
3129 | + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink |
3130 | + - arch aware kvm wrapper |
3131 | + - update VCS links |
3132 | + - let qemu-utils recommend sharutils |
3133 | + - disable x32 architecture |
3134 | + - Enable seccomp for ppc64el |
3135 | + - Enable numa support for s390x |
3136 | + - d/qemu-system-common.qemu-kvm.init: fix lintian error type |
3137 | + init.d-script-missing-dependency-on-remote_fs |
3138 | + - d/qemu-system-common.postinst: fix lintian error type |
3139 | + command-with-path-in-maintainer-script |
3140 | + - Transition qemu-kvm to a systemd unit |
3141 | + - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output |
3142 | + - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so |
3143 | + that it shows up where the user expects (sytemctl status, kvm stdout) |
3144 | + - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure |
3145 | + - add arch aware kvm wrapper for s390x |
3146 | + * Dropped Changes (in Debian now): |
3147 | + - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working |
3148 | + - d/control-in: change dependencies for fix of wrong acl for newly |
3149 | + created device node on ubuntu |
3150 | + - have qemu-system-arm suggest: qemu-efi; this should be a stronger |
3151 | + relationship, but qemu-efi is still in universe right now. |
3152 | + - Disable glusterfs (Universe dependency) |
3153 | + - no more skip disable libiscsi on Ubuntu |
3154 | + - d/rules, d/control-in: avoid people editing d/control |
3155 | + * Added Changes: |
3156 | + - d/control: bump libseccomp-dev dependency as enabling libseccomp for |
3157 | + power makes 2.3 the minimum level. |
3158 | + |
3159 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 01 Mar 2017 14:23:16 +0100 |
3160 | + |
3161 | qemu (1:2.8+dfsg-3) unstable; urgency=high |
3162 | |
3163 | * urgency high due to security fixes |
3164 | @@ -2110,6 +5118,90 @@ qemu (1:2.8+dfsg-3) unstable; urgency=high |
3165 | |
3166 | -- Michael Tokarev <mjt@tls.msk.ru> Tue, 28 Feb 2017 11:40:18 +0300 |
3167 | |
3168 | +qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=medium |
3169 | + |
3170 | + * Merge with Debian; remaining changes: |
3171 | + - add qemu-kvm init script and defaults file |
3172 | + (d/qemu-system-common.qemu-kvm.*) |
3173 | + - d/rules, d/qemu-kvm-init: add and install script loading kvm |
3174 | + modules and handling /etc/default/qemu-kvm |
3175 | + - qemu-system-common.preinst: add kvm group if needed |
3176 | + - Enable nesting by default on intel. |
3177 | + - set default module option |
3178 | + - re-load kvm_intel.ko if it was loaded without nested=1 |
3179 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by |
3180 | + default in qemu64 cpu type. |
3181 | + - Enable svm by default for qemu64 on amd |
3182 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
3183 | + types to ease future live vm migration. |
3184 | + - Make qemu-system-common depend on qemu-block-extra |
3185 | + - Make qemu-utils depend on qemu-block-extra |
3186 | + - s390x support |
3187 | + - Create qemu-system-s390x package |
3188 | + - Include s390-ccw.img firmware |
3189 | + - qemu-system-common.postinst: |
3190 | + - change acl placed by udev, and add udevadm trigger. |
3191 | + - d/control-in: change dependencies for fix of wrong acl for newly |
3192 | + created device node on ubuntu |
3193 | + - have qemu-system-arm suggest: qemu-efi; this should be a stronger |
3194 | + relationship, but qemu-efi is still in universe right now. |
3195 | + - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el |
3196 | + - Several changes were applied but missing in the changelog so far |
3197 | + - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink |
3198 | + - arch aware kvm wrapper |
3199 | + - update VCS links |
3200 | + - no more skip disable libiscsi on Ubuntu |
3201 | + - let qemu-utils recommend sharutils |
3202 | + - disable x32 architecture |
3203 | + * Dropped Changes: |
3204 | + - Several changes were applied but missing in the changelog so far |
3205 | + but are no more needed |
3206 | + - no pie for relocatable LD calls, with toolchain defaulting to |
3207 | + pie (fixed upstream) |
3208 | + - enable libnuma-dev (now in Debian) |
3209 | + - transition for moved init scripts (can be dropped after LTS |
3210 | + containing >=2.5 which is Xenial) |
3211 | + - --enable-seccomp related whitespace change (had no effect) |
3212 | + - apport hook for qemu source package (In Debian) |
3213 | + - add upstart script (d/qemu-system-common.qemu-kvm.upstart) |
3214 | + - d/qemu-system-x86.maintscript: transition off of |
3215 | + /etc/init.d/qemu-system-x86 (can be dropped after Xenial) |
3216 | + - Enable pie by default, on ubuntu/s390x. (Is the default since |
3217 | + >=Xenial, no cloud archive backport <=Xenial to consider) |
3218 | + - no pie for relocatable LD calls (fixed upstream in commit |
3219 | + 7ecf44a5) |
3220 | + - CVEs: CVE-2016-5403, CVE-2016-6351, CVE-2016-6490 (now Upstream) |
3221 | + - Revert fix for CVE-2016-5403, causes regression see USN-3047-2. |
3222 | + (Improved fix included by upstream) |
3223 | + - Enable GPU Passthru for ppc64le (is upstream in qemu 2.7) |
3224 | + - Fixed wrong migration blocker when vhost is used (is upstream in |
3225 | + qemu 2.8) |
3226 | + * Added Changes: |
3227 | + - d/rules, d/control-in: avoid people editing d/control by warning |
3228 | + header and non writable permissions |
3229 | + - fixed moving trusty machine type definition which made it |
3230 | + ambiguous (LP: #1641532) |
3231 | + - d/qemu-system-x86.NEWS describe the issue |
3232 | + - Enable seccomp for ppc64el (LP: #1644639) |
3233 | + - Enable numa support for s390x |
3234 | + - d/qemu-system-common.qemu-kvm.init: fix lintian error type |
3235 | + init.d-script-missing-dependency-on-remote_fs |
3236 | + - d/qemu-system-common.postinst: fix lintian error type |
3237 | + command-with-path-in-maintainer-script |
3238 | + - Transition qemu-kvm to a systemd unit |
3239 | + - Disable glusterfs (Universe dependency) |
3240 | + - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output |
3241 | + - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so |
3242 | + that it shows up where the user expects (sytemctl status, kvm stdout) |
3243 | + - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure |
3244 | + - add arch aware kvm wrapper for s390x |
3245 | + - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working |
3246 | + - Enable DDW in Yakkety machine type because "Enable GPU Passthru for |
3247 | + ppc64le" was released as part of qemu 2.6 (can be dropped at 18.10, |
3248 | + merged in d/p/ubuntu/define-ubuntu-machine-types.patch) |
3249 | + |
3250 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Jan 2017 16:27:11 +0100 |
3251 | + |
3252 | qemu (1:2.8+dfsg-2) unstable; urgency=medium |
3253 | |
3254 | * Revert "update binfmt registration for mipsn32" |
3255 | @@ -2228,6 +5320,67 @@ qemu (1:2.7+dfsg-1) unstable; urgency=medium |
3256 | |
3257 | -- Michael Tokarev <mjt@tls.msk.ru> Fri, 14 Oct 2016 13:31:40 +0300 |
3258 | |
3259 | +qemu (1:2.6.1+dfsg-0ubuntu5) yakkety; urgency=medium |
3260 | + |
3261 | + * No-change rebuild to compile against new libxen version. |
3262 | + |
3263 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 30 Sep 2016 14:24:37 +0200 |
3264 | + |
3265 | +qemu (1:2.6.1+dfsg-0ubuntu4) yakkety; urgency=medium |
3266 | + |
3267 | + * retain older xenial machine type to avoid issues starting guests |
3268 | + created on xenial prior to the SRU for bug 1621042. In that regard the old |
3269 | + broken xenial machine type and the new fixed one have both to be considered |
3270 | + as valid LTS machine types (LP: #1626070). |
3271 | + |
3272 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Sep 2016 14:57:09 +0200 |
3273 | + |
3274 | +qemu (1:2.6.1+dfsg-0ubuntu3) yakkety; urgency=medium |
3275 | + |
3276 | + * fix default ubuntu machine types. (LP: #1621042) |
3277 | + - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch |
3278 | + - remove double default and double ubuntu alias |
3279 | + - drop former devel releases utopic, vivid, wily |
3280 | + - add xenial and yakkety machine types |
3281 | + - add q35 based ubuntu machine type starting at xenial |
3282 | + - add ubuntu machine types on ppc64el and s390x starting at xenial |
3283 | + |
3284 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2016 07:50:50 +0200 |
3285 | + |
3286 | +qemu (1:2.6.1+dfsg-0ubuntu2) yakkety; urgency=medium |
3287 | + |
3288 | + * Enable GPU Passthru for ppc64le (LP: #1541902) |
3289 | + - 0001-spapr-ensure-device-trees-are-always-associated-with.patch |
3290 | + - 0002-spapr_pci-Use-correct-DMA-LIOBN-when-composing-the-d.patch |
3291 | + - 0003-spapr_iommu-Finish-renaming-vfio_accel-to-need_vfio.patch |
3292 | + - 0004-spapr_iommu-Move-table-allocation-to-helpers.patch |
3293 | + - 0005-vmstate-Define-VARRAY-with-VMS_ALLOC.patch |
3294 | + - 0006-spapr_iommu-Introduce-enabled-state-for-TCE-table.patch |
3295 | + - 0007-spapr_iommu-Migrate-full-state.patch |
3296 | + - 0008-spapr_iommu-Add-root-memory-region.patch |
3297 | + - 0009-spapr_pci-Reset-DMA-config-on-PHB-reset.patch |
3298 | + - 0010-spapr_pci-Add-and-export-DMA-resetting-helper.patch |
3299 | + - 0011-memory-Add-reporting-of-supported-page-sizes.patch |
3300 | + - 0012-memory-Add-MemoryRegionIOMMUOps.notify_started-stopp.patch |
3301 | + - 0013-intel_iommu-Throw-hw_error-on-notify_started.patch |
3302 | + - 0014-spapr_iommu-Realloc-guest-visible-TCE-table-when-sta.patch |
3303 | + - 0015-vfio-spapr-Add-DMA-memory-preregistering-SPAPR-IOMMU.patch |
3304 | + - 0016-vfio-Add-host-side-DMA-window-capabilities.patch |
3305 | + - 0017-vfio-spapr-Create-DMA-window-dynamically-SPAPR-IOMMU.patch |
3306 | + - 0018-spapr_pci-spapr_pci_vfio-Support-Dynamic-DMA-Windows.patch |
3307 | + - 0019-vfio-spapr-Remove-stale-ioctl-call.patch |
3308 | + - 0020-spapr-Fix-undefined-behaviour-in-spapr_tce_reset.patch |
3309 | + - 0021-memory-Fix-IOMMU-replay-base-address.patch |
3310 | + |
3311 | + -- Jon Grimm <jon.grimm@canonical.com> Fri, 16 Sep 2016 14:14:47 -0500 |
3312 | + |
3313 | +qemu (1:2.6.1+dfsg-0ubuntu1) yakkety; urgency=medium |
3314 | + |
3315 | + * New upstream release. LP: #1617055. |
3316 | + * Revert fix for CVE-2016-5403, causes regression see USN-3047-2. |
3317 | + |
3318 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 09 Sep 2016 23:33:57 +0100 |
3319 | + |
3320 | qemu (1:2.6+dfsg-3.1) unstable; urgency=high |
3321 | |
3322 | * Non-maintainer upload. |
3323 | @@ -2261,6 +5414,55 @@ qemu (1:2.6+dfsg-3.1) unstable; urgency=high |
3324 | |
3325 | -- Andrew James <ajames@hpe.com> Wed, 14 Sep 2016 00:56:18 -0600 |
3326 | |
3327 | +qemu (1:2.6+dfsg-3ubuntu2) yakkety; urgency=medium |
3328 | + |
3329 | + * SECURITY UPDATE: DoS via unbounded memory allocation |
3330 | + - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c. |
3331 | + - CVE-2016-5403 |
3332 | + * SECURITY UPDATE: oob write access while reading ESP command |
3333 | + - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for |
3334 | + maximum CDB size and handle migration in hw/scsi/esp.c, |
3335 | + include/hw/scsi/esp.h, include/migration/vmstate.h. |
3336 | + - CVE-2016-6351 |
3337 | + * SECURITY UPDATE: infinite loop in virtqueue_pop |
3338 | + - debian/patches/CVE-2016-6490.patch: check vring descriptor buffer |
3339 | + length in hw/virtio/virtio.c. |
3340 | + - CVE-2016-6490 |
3341 | + |
3342 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 03 Aug 2016 08:36:16 -0400 |
3343 | + |
3344 | +qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium |
3345 | + |
3346 | + * Merge with Debian; remaining changes: |
3347 | + - debian/rules: do not drop the init scripts loading kvm modules |
3348 | + (still needed in precise in cloud archive) |
3349 | + - qemu-system-common.postinst: |
3350 | + * remove acl placed by udev, and add udevadm trigger. |
3351 | + * reload kvm_intel if needed to set nested=1 |
3352 | + - qemu-system-common.preinst: add kvm group if needed |
3353 | + - add qemu-kvm upstart job and defaults file (rules, |
3354 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
3355 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
3356 | + do not auto-load the kvm kernel module. Enable nesting by default |
3357 | + on intel. |
3358 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
3359 | + in qemu64 cpu type. |
3360 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
3361 | + types to ease future live vm migration. |
3362 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
3363 | + d/qemu-system-common.install |
3364 | + - Make qemu-system-common and qemu-utils depend on qemu-block-extra |
3365 | + to fix errors with missing block backends. |
3366 | + - s390x: |
3367 | + * Create qemu-system-s390x package |
3368 | + * Enable pie by default, on ubuntu/s390x. |
3369 | + * Enable svm by default for qemu64 on amd |
3370 | + * Include s390-ccw.img firmware |
3371 | + * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger |
3372 | + relationship, but qemu-efi is still in universe right now. |
3373 | + |
3374 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Jun 2016 16:49:49 -0500 |
3375 | + |
3376 | qemu (1:2.6+dfsg-3) unstable; urgency=high |
3377 | |
3378 | * more security fixes picked from upstream: |
3379 | @@ -2314,6 +5516,39 @@ qemu (1:2.6+dfsg-2) unstable; urgency=medium |
3380 | |
3381 | -- Michael Tokarev <mjt@tls.msk.ru> Mon, 13 Jun 2016 12:10:44 +0300 |
3382 | |
3383 | +qemu (1:2.6+dfsg-1ubuntu1) yakkety; urgency=medium |
3384 | + |
3385 | + * Merge with Debian; remaining changes: (LP: #1583775) |
3386 | + - debian/rules: do not drop the init scripts loading kvm modules |
3387 | + (still needed in precise in cloud archive) |
3388 | + - qemu-system-common.postinst: |
3389 | + * remove acl placed by udev, and add udevadm trigger. |
3390 | + * reload kvm_intel if needed to set nested=1 |
3391 | + - qemu-system-common.preinst: add kvm group if needed |
3392 | + - add qemu-kvm upstart job and defaults file (rules, |
3393 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
3394 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
3395 | + do not auto-load the kvm kernel module. Enable nesting by default |
3396 | + on intel. |
3397 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
3398 | + in qemu64 cpu type. |
3399 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
3400 | + types to ease future live vm migration. |
3401 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
3402 | + d/qemu-system-common.install |
3403 | + - Make qemu-system-common and qemu-utils depend on qemu-block-extra |
3404 | + to fix errors with missing block backends. (LP: #1495895) |
3405 | + - s390x: |
3406 | + * Create qemu-system-s390x package |
3407 | + * Enable pie by default, on ubuntu/s390x. |
3408 | + * Enable svm by default for qemu64 on amd |
3409 | + * Include s390-ccw.img firmware |
3410 | + * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger |
3411 | + relationship, but qemu-efi is still in universe right now. |
3412 | + * Drop patches which have been applied upstream: |
3413 | + |
3414 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 19 May 2016 12:11:36 -0500 |
3415 | + |
3416 | qemu (1:2.6+dfsg-1) unstable; urgency=medium |
3417 | |
3418 | * new upstream release |
3419 | @@ -2351,6 +5586,106 @@ qemu (1:2.6+dfsg-1) unstable; urgency=medium |
3420 | |
3421 | -- Michael Tokarev <mjt@tls.msk.ru> Wed, 18 May 2016 14:44:14 +0300 |
3422 | |
3423 | +qemu (1:2.5+dfsg-5ubuntu12) yakkety; urgency=medium |
3424 | + |
3425 | + * Cherrypick upstream patches to support the query-gic-version QMP command |
3426 | + (LP: #1566564) |
3427 | + |
3428 | + -- dann frazier <dannf@ubuntu.com> Tue, 05 Apr 2016 16:56:11 -0600 |
3429 | + |
3430 | +qemu (1:2.5+dfsg-5ubuntu11) yakkety; urgency=medium |
3431 | + |
3432 | + [Stefan Bader] |
3433 | + * Enable svm by default for qemu64 on amd (LP: #1561019) |
3434 | + |
3435 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Apr 2016 16:53:55 -0500 |
3436 | + |
3437 | +qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium |
3438 | + |
3439 | + * qemu-system-s390x only available on s390x, so qemu-system should only |
3440 | + depend on it on this arch. |
3441 | + * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger |
3442 | + relationship, but qemu-efi is still in universe right now. |
3443 | + |
3444 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 19 Apr 2016 13:41:37 -0700 |
3445 | + |
3446 | +qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium |
3447 | + |
3448 | + * And actually ship the right things in qemu-system-s390x. |
3449 | + |
3450 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 19 Apr 2016 16:49:00 +0100 |
3451 | + |
3452 | +qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium |
3453 | + |
3454 | + * Create qemu-system-s390x package on ubuntu only. |
3455 | + |
3456 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 18 Apr 2016 10:16:19 +0100 |
3457 | + |
3458 | +qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium |
3459 | + |
3460 | + * Cherrypick patch from mailing list to fix qemu in sandbox. (LP: #1560149) |
3461 | + |
3462 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Apr 2016 15:13:06 -0500 |
3463 | + |
3464 | +qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium |
3465 | + |
3466 | + * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch |
3467 | + (LP: #1556306) |
3468 | + |
3469 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 16 Mar 2016 16:35:22 -0700 |
3470 | + |
3471 | +qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium |
3472 | + |
3473 | + * Cherrypick upstream patch to fix snapshot regression (LP: #1533728) |
3474 | + |
3475 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 07 Mar 2016 18:53:34 -0800 |
3476 | + |
3477 | +qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium |
3478 | + |
3479 | + * d/control{-in}: Re-generate and build with libiscsi-dev now |
3480 | + that its in Ubuntu main (LP: #1271653). |
3481 | + |
3482 | + -- James Page <james.page@ubuntu.com> Wed, 24 Feb 2016 17:59:13 +0000 |
3483 | + |
3484 | +qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium |
3485 | + |
3486 | + * Make -no-pie conditional, on $(CC) supporting -no-pie flag. |
3487 | + |
3488 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 24 Feb 2016 14:40:19 +0000 |
3489 | + |
3490 | +qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium |
3491 | + |
3492 | + * No-change rebuild for gnutls transition. |
3493 | + |
3494 | + -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:27:20 +0000 |
3495 | + |
3496 | +qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium |
3497 | + |
3498 | + * Merge with Debian; remaining changes: |
3499 | + - debian/rules: do not drop the init scripts loading kvm modules |
3500 | + (still needed in precise in cloud archive) |
3501 | + - qemu-system-common.postinst: |
3502 | + * remove acl placed by udev, and add udevadm trigger. |
3503 | + * reload kvm_intel if needed to set nested=1 |
3504 | + - qemu-system-common.preinst: add kvm group if needed |
3505 | + - add qemu-kvm upstart job and defaults file (rules, |
3506 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
3507 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
3508 | + do not auto-load the kvm kernel module. Enable nesting by default |
3509 | + on intel. |
3510 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
3511 | + in qemu64 cpu type. |
3512 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
3513 | + types to ease future live vm migration. |
3514 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
3515 | + d/qemu-system-common.install |
3516 | + - Make qemu-system-common and qemu-utils depend on qemu-block-extra |
3517 | + to fix errors with missing block backends. (LP: #1495895) |
3518 | + - Enable pie by default, on ubuntu/s390x. |
3519 | + - Include s390-ccw.img firmware. |
3520 | + |
3521 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Feb 2016 10:24:49 -0800 |
3522 | + |
3523 | qemu (1:2.5+dfsg-5) unstable; urgency=medium |
3524 | |
3525 | * fix misspellings in previous debian/changelog entry |
3526 | @@ -2408,6 +5743,113 @@ qemu (1:2.5+dfsg-2) unstable; urgency=high |
3527 | |
3528 | -- Michael Tokarev <mjt@tls.msk.ru> Sat, 09 Jan 2016 21:40:43 +0300 |
3529 | |
3530 | +qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium |
3531 | + |
3532 | + * SECURITY UPDATE: paravirtualized drivers incautious about shared memory |
3533 | + contents |
3534 | + - debian/patches/CVE-2015-8550-1.patch: avoid double access in |
3535 | + hw/block/xen_blkif.h. |
3536 | + - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in |
3537 | + hw/display/xenfb.c. |
3538 | + - CVE-2015-8550 |
3539 | + * SECURITY UPDATE: infinite loop in ehci_advance_state |
3540 | + - debian/patches/CVE-2015-8558.patch: make idt processing more robust |
3541 | + in hw/usb/hcd-ehci.c. |
3542 | + - CVE-2015-8558 |
3543 | + * SECURITY UPDATE: host memory leakage in vmxnet3 |
3544 | + - debian/patches/CVE-2015-856x.patch: avoid memory leakage in |
3545 | + hw/net/vmxnet3.c. |
3546 | + - CVE-2015-8567 |
3547 | + - CVE-2015-8568 |
3548 | + * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info |
3549 | + - debian/patches/CVE-2015-8613.patch: initialise info object with |
3550 | + appropriate size in hw/scsi/megasas.c. |
3551 | + - CVE-2015-8613 |
3552 | + * SECURITY UPDATE: DoS via Human Monitor Interface |
3553 | + - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write |
3554 | + in hmp.c, include/ui/console.h, ui/input-legacy.c. |
3555 | + - CVE-2015-8619 |
3556 | + * SECURITY UPDATE: incorrect array bounds check in rocker |
3557 | + - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds |
3558 | + check in hw/net/rocker/rocker.c. |
3559 | + - CVE-2015-8701 |
3560 | + * SECURITY UPDATE: ne2000 OOB r/w in ioport operations |
3561 | + - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport |
3562 | + operations in hw/net/ne2000.c. |
3563 | + - CVE-2015-8743 |
3564 | + * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands |
3565 | + - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on |
3566 | + error in hw/ide/ahci.c. |
3567 | + - CVE-2016-1568 |
3568 | + * SECURITY UPDATE: DoS via null pointer dereference in vapic_write() |
3569 | + - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in |
3570 | + hw/i386/kvmvapic.c. |
3571 | + - CVE-2016-1922 |
3572 | + * SECURITY UPDATE: e1000 infinite loop |
3573 | + - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on |
3574 | + out-of-bounds transfer start in hw/net/e1000.c |
3575 | + - CVE-2016-1981 |
3576 | + * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB |
3577 | + engines |
3578 | + - debian/patches/CVE-2016-2197.patch: add check before calling |
3579 | + dma_memory_unmap in hw/ide/ahci.c. |
3580 | + - CVE-2016-2197 |
3581 | + * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write |
3582 | + - debian/patches/CVE-2016-2198.patch: add capability mmio write |
3583 | + function in hw/usb/hcd-ehci.c. |
3584 | + - CVE-2016-2198 |
3585 | + |
3586 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 01 Feb 2016 09:39:01 -0500 |
3587 | + |
3588 | +qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium |
3589 | + |
3590 | + * debian/qemu-kvm-init: Call systemd-detect-virt instead of the |
3591 | + Ubuntu specific running-in-container wrapper. (LP: #1539016) |
3592 | + |
3593 | + -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 28 Jan 2016 13:24:51 +0100 |
3594 | + |
3595 | +qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high |
3596 | + |
3597 | + * Include s390-ccw.img firmware. |
3598 | + |
3599 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 12 Jan 2016 15:53:43 +0000 |
3600 | + |
3601 | +qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium |
3602 | + |
3603 | + * Place qemu-kvm.defaults file in qemu-system-common, next to the init |
3604 | + scripts. Fix the comparison operator when checking KVM_HUGEPAGES. |
3605 | + Thanks Simon. (LP: #1531191) |
3606 | + |
3607 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 06 Jan 2016 09:45:37 -0800 |
3608 | + |
3609 | +qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium |
3610 | + |
3611 | + * Merge with Debian; remaining changes: |
3612 | + - debian/rules: do not drop the init scripts loading kvm modules |
3613 | + (still needed in precise in cloud archive) |
3614 | + - qemu-system-common.postinst: |
3615 | + * remove acl placed by udev, and add udevadm trigger. |
3616 | + * reload kvm_intel if needed to set nested=1 |
3617 | + - qemu-system-common.preinst: add kvm group if needed |
3618 | + - add qemu-kvm upstart job and defaults file (rules, |
3619 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
3620 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
3621 | + do not auto-load the kvm kernel module. Enable nesting by default |
3622 | + on intel. |
3623 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
3624 | + in qemu64 cpu type. |
3625 | + - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine |
3626 | + types to ease future live vm migration. |
3627 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
3628 | + d/qemu-system-common.install |
3629 | + - Make qemu-system-common and qemu-utils depend on qemu-block-extra |
3630 | + to fix errors with missing block backends. (LP: #1495895) |
3631 | + - Enable pie by default, on ubuntu/s390x. |
3632 | + * Drop vGICv3 support patches - all is now upstream |
3633 | + * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191) |
3634 | + |
3635 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Jan 2016 15:42:50 -0800 |
3636 | + |
3637 | qemu (1:2.5+dfsg-1) unstable; urgency=medium |
3638 | |
3639 | * new upstream release |
3640 | @@ -2434,6 +5876,49 @@ qemu (1:2.5+dfsg-1) unstable; urgency=medium |
3641 | |
3642 | -- Michael Tokarev <mjt@tls.msk.ru> Wed, 16 Dec 2015 20:00:04 +0300 |
3643 | |
3644 | +qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high |
3645 | + |
3646 | + * Enable pie by default, on ubuntu/s390x. |
3647 | + |
3648 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 07 Dec 2015 16:04:16 +0000 |
3649 | + |
3650 | +qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium |
3651 | + |
3652 | + * undo the libseccomp delta from debian. libseccomp is indeed available |
3653 | + on other arches, but we need qemu's configure script to be fixed before |
3654 | + we can use it on anything other than amd64|i386. Fixes FTBFS. |
3655 | + (LP: #1522531) |
3656 | + |
3657 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 03 Dec 2015 12:44:46 -0600 |
3658 | + |
3659 | +qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium |
3660 | + |
3661 | + * Merge with Debian; remaining changes: |
3662 | + - Update the ubuntu machine types patch to reflect upstream churn |
3663 | + - debian/rules: do not drop the init scripts loading kvm modules |
3664 | + (still needed in precise in cloud archive) |
3665 | + - qemu-system-common.postinst: |
3666 | + * remove acl placed by udev, and add udevadm trigger. |
3667 | + * reload kvm_intel if needed to set nested=1 |
3668 | + - qemu-system-common.preinst: add kvm group if needed |
3669 | + - add qemu-kvm upstart job and defaults file (rules, |
3670 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
3671 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
3672 | + do not auto-load the kvm kernel module. Enable nesting by default |
3673 | + on intel. |
3674 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
3675 | + in qemu64 cpu type. |
3676 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
3677 | + machine type to ease future live vm migration. |
3678 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
3679 | + d/qemu-system-common.install |
3680 | + - Make qemu-system-common and qemu-utils depend on qemu-block-extra |
3681 | + to fix errors with missing block backends. (LP: #1495895) |
3682 | + - control-in: build with libseccomp an all architectures |
3683 | + - Add vGICv3 support |
3684 | + |
3685 | + -- Matthias Klose <doko@ubuntu.com> Wed, 02 Dec 2015 21:31:36 +0100 |
3686 | + |
3687 | qemu (1:2.4+dfsg-5) unstable; urgency=medium |
3688 | |
3689 | * trace-remove-malloc-tracing.patch from upstream. |
3690 | @@ -2446,6 +5931,57 @@ qemu (1:2.4+dfsg-5) unstable; urgency=medium |
3691 | |
3692 | -- Michael Tokarev <mjt@tls.msk.ru> Sun, 29 Nov 2015 12:22:52 +0300 |
3693 | |
3694 | +qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium |
3695 | + |
3696 | + * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet |
3697 | + - debian/patches/CVE-2015-7504.patch: leave room for CRC code in |
3698 | + hw/net/pcnet.c. |
3699 | + - CVE-2015-7504 |
3700 | + * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet |
3701 | + - debian/patches/CVE-2015-7512.patch: check packet length in |
3702 | + hw/net/pcnet.c. |
3703 | + - CVE-2015-7512 |
3704 | + * SECURITY UPDATE: infinite loop in eepro100 |
3705 | + - debian/patches/CVE-2015-8345.patch: prevent endless loop in |
3706 | + hw/net/eepro100.c. |
3707 | + - CVE-2015-8345 |
3708 | + |
3709 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 01 Dec 2015 13:36:40 -0500 |
3710 | + |
3711 | +qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium |
3712 | + |
3713 | + * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition. |
3714 | + |
3715 | + -- dann frazier <dann.frazier@canonical.com> Tue, 03 Nov 2015 08:05:46 -0700 |
3716 | + |
3717 | +qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium |
3718 | + |
3719 | + * Merge 2.4 from unstable. Remaining changes: |
3720 | + - Update the ubuntu machine types patch to reflect upstream churn |
3721 | + - debian/rules: do not drop the init scripts loading kvm modules |
3722 | + (still needed in precise in cloud archive) |
3723 | + - qemu-system-common.postinst: |
3724 | + * remove acl placed by udev, and add udevadm trigger. |
3725 | + * reload kvm_intel if needed to set nested=1 |
3726 | + - qemu-system-common.preinst: add kvm group if needed |
3727 | + - add qemu-kvm upstart job and defaults file (rules, |
3728 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
3729 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
3730 | + do not auto-load the kvm kernel module. Enable nesting by default |
3731 | + on intel. |
3732 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
3733 | + in qemu64 cpu type. |
3734 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
3735 | + machine type to ease future live vm migration. |
3736 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
3737 | + d/qemu-system-common.install |
3738 | + - Make qemu-system-common and qemu-utils depend on qemu-block-extra |
3739 | + to fix errors with missing block backends. (LP: #1495895) |
3740 | + - control-in: build with libseccomp an all architectures. |
3741 | + * Add vGICv3 support |
3742 | + |
3743 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 27 Oct 2015 13:28:58 -0500 |
3744 | + |
3745 | qemu (1:2.4+dfsg-4) unstable; urgency=medium |
3746 | |
3747 | * applied 3 patches from upstream to fix virtio-net |
3748 | @@ -2460,7 +5996,7 @@ qemu (1:2.4+dfsg-3) unstable; urgency=high |
3749 | fix for Heap overflow vulnerability in ne2000_receive() function |
3750 | (Closes: #799074 CVE-2015-5279) |
3751 | * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch |
3752 | - (Closes: #799073 CVE-2015-5278) |
3753 | + (Closes: #799073 CVE-2015-5278) |
3754 | * some binfmt reorg: |
3755 | - extend aarch64 to include one more byte as other arches do |
3756 | - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize |
3757 | @@ -2512,6 +6048,137 @@ qemu (1:2.3+dfsg-6) unstable; urgency=high |
3758 | |
3759 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 11 Jun 2015 20:03:40 +0300 |
3760 | |
3761 | +qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium |
3762 | + |
3763 | + * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466) |
3764 | + |
3765 | + -- Ryan Harper <ryan.harper@canonical.com> Wed, 21 Oct 2015 08:59:29 -0500 |
3766 | + |
3767 | +qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low |
3768 | + |
3769 | + * debian/patches/upstream-fix-irq-route-entries.patch |
3770 | + Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed" |
3771 | + (LP: #1465935) |
3772 | + |
3773 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 09 Oct 2015 15:38:53 +0200 |
3774 | + |
3775 | +qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium |
3776 | + |
3777 | + * Build using libseccomp on all architectures. |
3778 | + |
3779 | + -- Matthias Klose <doko@ubuntu.com> Sat, 03 Oct 2015 21:12:15 +0200 |
3780 | + |
3781 | +qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium |
3782 | + |
3783 | + * SECURITY UPDATE: denial of service via NE2000 driver |
3784 | + - debian/patches/CVE-2015-5278.patch: fix infinite loop in |
3785 | + hw/net/ne2000.c. |
3786 | + - CVE-2015-5278 |
3787 | + * SECURITY UPDATE: denial of service and possible code execution via |
3788 | + heap overflow in NE2000 driver |
3789 | + - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in |
3790 | + hw/net/ne2000.c. |
3791 | + - CVE-2015-5279 |
3792 | + * SECURITY UPDATE: denial of service via e1000 infinite loop |
3793 | + - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c. |
3794 | + - CVE-2015-6815 |
3795 | + * SECURITY UPDATE: denial of service via illegal ATAPI commands |
3796 | + - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in |
3797 | + hw/ide/core.c. |
3798 | + - CVE-2015-6855 |
3799 | + |
3800 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 23 Sep 2015 15:05:51 -0400 |
3801 | + |
3802 | +qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium |
3803 | + |
3804 | + * Make qemu-system-common and qemu-utils depend on qemu-block-extra |
3805 | + to fix errors with missing block backends. (LP: #1495895) |
3806 | + * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655) |
3807 | + * Apply fix for memory corruption during live-migration in tcg mode |
3808 | + (LP: #1493049) |
3809 | + * Apply tracing patch to remove use of custom vtable in newer glibc |
3810 | + (LP: #1491972) |
3811 | + |
3812 | + -- Ryan Harper <ryan.harper@canonical.com> Tue, 15 Sep 2015 09:37:23 -0500 |
3813 | + |
3814 | +qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium |
3815 | + |
3816 | + * Import qcow2-handle-eagain-from-update_refcount from upstream |
3817 | + to fix errors when using qemu-img convert -c. (LP: #1491050) |
3818 | + |
3819 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Sep 2015 16:35:56 -0500 |
3820 | + |
3821 | +qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium |
3822 | + |
3823 | + * SECURITY UPDATE: process heap memory disclosure |
3824 | + - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c. |
3825 | + - CVE-2015-5165 |
3826 | + * SECURITY UPDATE: privilege escalation via block device unplugging |
3827 | + - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend |
3828 | + in hw/ide/piix.c. |
3829 | + - CVE-2015-5166 |
3830 | + * SECURITY UPDATE: privilege escalation via memory corruption in vnc |
3831 | + - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply |
3832 | + limits in ui/vnc.c. |
3833 | + - CVE-2015-5225 |
3834 | + * SECURITY UPDATE: denial of service via virtio-serial |
3835 | + - debian/patches/CVE-2015-5745.patch: don't assume a specific layout |
3836 | + for control messages in hw/char/virtio-serial-bus.c. |
3837 | + - CVE-2015-5745 |
3838 | + |
3839 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 25 Aug 2015 09:38:43 -0400 |
3840 | + |
3841 | +qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium |
3842 | + |
3843 | + * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read() |
3844 | + - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c. |
3845 | + - CVE-2015-3214 |
3846 | + * SECURITY UPDATE: heap overflow when processing ATAPI commands |
3847 | + - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in |
3848 | + hw/ide/core.c, make sure command is completed in hw/ide/atapi.c. |
3849 | + - CVE-2015-5154 |
3850 | + * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb |
3851 | + - debian/patches/CVE-2015-5158.patch: check length in |
3852 | + hw/scsi/scsi-bus.c. |
3853 | + - CVE-2015-5158 |
3854 | + |
3855 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jul 2015 10:07:05 -0400 |
3856 | + |
3857 | +qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium |
3858 | + |
3859 | + * SECURITY UPDATE: heap overflow in PCNET controller |
3860 | + - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c. |
3861 | + - CVE-2015-3209 |
3862 | + |
3863 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Jun 2015 14:25:05 -0400 |
3864 | + |
3865 | +qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium |
3866 | + |
3867 | + * Merge 1:2.3+dfsg-5 from Debian. |
3868 | + * Remaining changes: |
3869 | + - debian/rules: do not drop the init scripts loading kvm modules |
3870 | + (still needed in precise in cloud archive) |
3871 | + - qemu-system-common.postinst: |
3872 | + * remove acl placed by udev, and add udevadm trigger. |
3873 | + * reload kvm_intel if needed to set nested=1 |
3874 | + - qemu-system-common.preinst: add kvm group if needed |
3875 | + - add qemu-kvm upstart job and defaults file (rules, |
3876 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
3877 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
3878 | + do not auto-load the kvm kernel module. Enable nesting by default |
3879 | + on intel. |
3880 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
3881 | + in qemu64 cpu type. |
3882 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
3883 | + machine type to ease future live vm migration. |
3884 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
3885 | + d/qemu-system-common.install |
3886 | + * Refreshed patches: |
3887 | + - ubuntu/expose-vmx_qemu64cpu.patch |
3888 | + - ubuntu/define-ubuntu-machine-types.patch |
3889 | + |
3890 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 10 Jun 2015 14:28:39 -0500 |
3891 | + |
3892 | qemu (1:2.3+dfsg-5) unstable; urgency=high |
3893 | |
3894 | * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch |
3895 | @@ -2523,6 +6190,35 @@ qemu (1:2.3+dfsg-5) unstable; urgency=high |
3896 | |
3897 | -- Michael Tokarev <mjt@tls.msk.ru> Wed, 03 Jun 2015 17:18:58 +0300 |
3898 | |
3899 | +qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium |
3900 | + |
3901 | + * Merge 1:2.3+dfsg-4 from Debian. |
3902 | + * Remaining changes: |
3903 | + - debian/rules: do not drop the init scripts loading kvm modules |
3904 | + (still needed in precise in cloud archive) |
3905 | + - qemu-system-common.postinst: |
3906 | + * remove acl placed by udev, and add udevadm trigger. |
3907 | + * reload kvm_intel if needed to set nested=1 |
3908 | + - qemu-system-common.preinst: add kvm group if needed |
3909 | + - add qemu-kvm upstart job and defaults file (rules, |
3910 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
3911 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
3912 | + do not auto-load the kvm kernel module. Enable nesting by default |
3913 | + on intel. |
3914 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
3915 | + in qemu64 cpu type. |
3916 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
3917 | + machine type to ease future live vm migration. |
3918 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
3919 | + d/qemu-system-common.install |
3920 | + * Dropped all patches which are applied upstream |
3921 | + * Move the upstart jobs to a generic script |
3922 | + - add new qemu-kvm-init script |
3923 | + - call that from upstart and sysvrc qemu-kvm scripts |
3924 | + - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc} |
3925 | + |
3926 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 03 Jun 2015 13:36:36 -0500 |
3927 | + |
3928 | qemu (1:2.3+dfsg-4) unstable; urgency=medium |
3929 | |
3930 | * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch: |
3931 | @@ -2584,6 +6280,98 @@ qemu (1:2.2+dfsg-6exp) experimental; urgency=medium |
3932 | |
3933 | -- Michael Tokarev <mjt@tls.msk.ru> Fri, 17 Apr 2015 21:54:53 +0300 |
3934 | |
3935 | +qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium |
3936 | + |
3937 | + * SECURITY UPDATE: denial of service in vnc web |
3938 | + - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket |
3939 | + frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h. |
3940 | + - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from |
3941 | + websockets clients in ui/vnc-ws.c. |
3942 | + - CVE-2015-1779 |
3943 | + * SECURITY UPDATE: host code execution via floppy device (VEMON) |
3944 | + - debian/patches/CVE-2015-3456.patch: force the fifo access to be in |
3945 | + bounds of the allocated buffer in hw/block/fdc.c. |
3946 | + - CVE-2015-3456 |
3947 | + |
3948 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 13 May 2015 07:25:59 -0400 |
3949 | + |
3950 | +qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low |
3951 | + |
3952 | + * CVE-2015-2756 / XSA-126 |
3953 | + - xen: limit guest control of PCI command register |
3954 | + |
3955 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 08 Apr 2015 10:17:45 +0200 |
3956 | + |
3957 | +qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium |
3958 | + |
3959 | + * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not |
3960 | + accidentally create /1 |
3961 | + |
3962 | + -- Steve Beattie <sbeattie@ubuntu.com> Thu, 12 Mar 2015 16:46:51 -0700 |
3963 | + |
3964 | +qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low |
3965 | + |
3966 | + * No-change rebuild to pull in libxl-4.5 (take 2: step to the right). |
3967 | + |
3968 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 26 Feb 2015 08:55:35 +0100 |
3969 | + |
3970 | +qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low |
3971 | + |
3972 | + * No-change rebuild to pull in libxl-4.5. |
3973 | + |
3974 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 25 Feb 2015 13:58:37 +0100 |
3975 | + |
3976 | +qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium |
3977 | + |
3978 | + * debian/control-in: enable numa on architectures where numa is built |
3979 | + (LP: #1417937) |
3980 | + |
3981 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 23:18:58 -0600 |
3982 | + |
3983 | +qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium |
3984 | + |
3985 | + [Scott Moser] |
3986 | + * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa |
3987 | + profile when started by libvirt. |
3988 | + |
3989 | + [Serge Hallyn] |
3990 | + * add symlink qemu-system-ppc64le -> qemu-system-ppc64 |
3991 | + * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script |
3992 | + (LP: #1419855) |
3993 | + |
3994 | + [Chris J Arges] |
3995 | + * Determine if we are running inside a virtual environment. If running inside |
3996 | + a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153) |
3997 | + |
3998 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 13:04:21 -0600 |
3999 | + |
4000 | +qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium |
4001 | + |
4002 | + * Merge 1:2.2+dfsg-5exp from Debian. (LP: #1409308) |
4003 | + - debian/rules: do not drop the init scripts loading kvm modules |
4004 | + (still needed in precise in cloud archive) |
4005 | + * Remaining changes: |
4006 | + - qemu-system-common.postinst: |
4007 | + * remove acl placed by udev, and add udevadm trigger. |
4008 | + * reload kvm_intel if needed to set nested=1 |
4009 | + - qemu-system-common.preinst: add kvm group if needed |
4010 | + - add qemu-kvm upstart job and defaults file (rules, |
4011 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
4012 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
4013 | + do not auto-load the kvm kernel module. Enable nesting by default |
4014 | + on intel. |
4015 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
4016 | + in qemu64 cpu type. |
4017 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
4018 | + machine type to ease future live vm migration. |
4019 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
4020 | + d/qemu-system-common.install |
4021 | + * Dropped all patches which are applied upstream |
4022 | + * Update ubuntu-vivid machine type to default to std graphics (following |
4023 | + upstream's lead for pc-i440fx-2.2 machine type) |
4024 | + |
4025 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 09 Feb 2015 22:31:09 -0600 |
4026 | + |
4027 | qemu (1:2.2+dfsg-5exp) experimental; urgency=medium |
4028 | |
4029 | * fix initscript removal once again |
4030 | @@ -2633,6 +6421,47 @@ qemu (2.2+dfsg-1exp) unstable; urgency=medium |
4031 | |
4032 | -- Michael Tokarev <mjt@tls.msk.ru> Tue, 09 Dec 2014 23:09:26 +0300 |
4033 | |
4034 | +qemu (1:2.1+dfsg-11ubuntu2) vivid; urgency=medium |
4035 | + |
4036 | + * Cherrypick upstream patch needed to allow ESx hosts to run under |
4037 | + kvm (LP: #1411575) |
4038 | + |
4039 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 16 Jan 2015 16:32:48 -0600 |
4040 | + |
4041 | +qemu (1:2.1+dfsg-11ubuntu1) vivid; urgency=medium |
4042 | + |
4043 | + * Merge 2.1+dfsg-11. Remaining changes: |
4044 | + - qemu-system-common.postinst: |
4045 | + * remove acl placed by udev, and add udevadm trigger. |
4046 | + * reload kvm_intel if needed to set nested=1 |
4047 | + - qemu-system-common.preinst: add kvm group if needed |
4048 | + - add qemu-kvm upstart job and defaults file (rules, |
4049 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
4050 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
4051 | + do not auto-load the kvm kernel module. Enable nesting by default |
4052 | + on intel. |
4053 | + - debian/qemu-system-alternatives.in: use a later version as ubuntu |
4054 | + removed the alternatives bit later. |
4055 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
4056 | + in qemu64 cpu type. |
4057 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
4058 | + machine type to ease future live vm migration. |
4059 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
4060 | + d/qemu-system-common.install |
4061 | + - debian/binfmt-update-in: support ppcle |
4062 | + * debian/binfmt-update-in |
4063 | + * Support-ppcle.patch |
4064 | + - Upstream patches to fix AArch64 emulation ignoring SPSel=0: |
4065 | + * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch |
4066 | + * d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch |
4067 | + * d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch: |
4068 | + * Dropped patches (upstream or now in debian's tree): |
4069 | + - upstream-xen_disk-fix-unmapping-of-persistent-grants.patch |
4070 | + - CVE-2014-7840.patch |
4071 | + - CVE-2014-8106.patch |
4072 | + |
4073 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Dec 2014 13:57:34 -0600 |
4074 | + |
4075 | qemu (1:2.1+dfsg-11) unstable; urgency=medium |
4076 | |
4077 | * bump epoch and reupload to cancel 2.2+dfsg-1exp upload |
4078 | @@ -2702,6 +6531,81 @@ qemu (2.1+dfsg-8) unstable; urgency=low |
4079 | |
4080 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 27 Nov 2014 18:32:45 +0300 |
4081 | |
4082 | +qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium |
4083 | + |
4084 | + * SECURITY UPDATE: code execution via savevm data |
4085 | + - debian/patches/CVE-2014-7840.patch: validate parameters in |
4086 | + arch_init.c. |
4087 | + - CVE-2014-7840 |
4088 | + * SECURITY UPDATE: code execution via cirrus vga blit regions |
4089 | + (LP: #1400775) |
4090 | + - debian/patches/CVE-2014-8106.patch: properly validate blit regions in |
4091 | + hw/display/cirrus_vga.c. |
4092 | + - CVE-2014-8106 |
4093 | + |
4094 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Dec 2014 14:11:52 -0500 |
4095 | + |
4096 | +qemu (2.1+dfsg-7ubuntu4) vivid; urgency=low |
4097 | + |
4098 | + * d/rules: Fix vendor check to make kvm-spice symlinks (DEB_VENDOR got |
4099 | + dropped and VENDOR now will be all capital UBUNTU). |
4100 | + |
4101 | + -- Stefan Bader <stefan.bader@canonical.com> Mon, 08 Dec 2014 14:45:31 +0100 |
4102 | + |
4103 | +qemu (2.1+dfsg-7ubuntu3) vivid; urgency=medium |
4104 | + |
4105 | + * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch |
4106 | + d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch |
4107 | + d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch: |
4108 | + Cherry-pick of upstream patches in order to fix AArch64 emulation ignoring |
4109 | + SPSel=0 in certain conditions. (LP: #1349277) |
4110 | + |
4111 | + -- Chris J Arges <chris.j.arges@canonical.com> Thu, 04 Dec 2014 14:17:01 -0600 |
4112 | + |
4113 | +qemu (2.1+dfsg-7ubuntu2) vivid; urgency=low |
4114 | + |
4115 | + * d/p/upstream-xen_disk-fix-unmapping-of-persistent-grants.patch: |
4116 | + Cherry-pick of qemu-upstream patch to fix issues with persistent |
4117 | + grants and the PV backend (Qdisk) (LP: #1394327). |
4118 | + |
4119 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 28 Nov 2014 13:14:37 +0100 |
4120 | + |
4121 | +qemu (2.1+dfsg-7ubuntu1) vivid; urgency=medium |
4122 | + |
4123 | + * Merge 2.1+dfsg-7. Remaining changes: |
4124 | + - qemu-system-common.postinst: |
4125 | + * remove acl placed by udev, and add udevadm trigger. |
4126 | + * reload kvm_intel if needed to set nested=1 |
4127 | + - qemu-system-common.preinst: add kvm group if needed |
4128 | + - add qemu-kvm upstart job and defaults file (rules, |
4129 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
4130 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
4131 | + do not auto-load the kvm kernel module. Enable nesting by default |
4132 | + on intel. |
4133 | + - debian/qemu-system-alternatives.in: use a later version as ubuntu |
4134 | + removed the alternatives bit later. |
4135 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
4136 | + in qemu64 cpu type. |
4137 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
4138 | + machine type to ease future live vm migration. |
4139 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
4140 | + d/qemu-system-common.install |
4141 | + - debian/binfmt-update-in: support ppcle |
4142 | + * debian/binfmt-update-in |
4143 | + * Support-ppcle.patch |
4144 | + * Dropped patches (upstream or now in debian's tree): |
4145 | + - pc-reserve-more-memory-for-acpi.patch |
4146 | + - CVE-2014-5388.patch |
4147 | + - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap and |
4148 | + 502-block-raw-posic-use-seek-hole-ahead-of-fiemap (combined |
4149 | + in debian) |
4150 | + - CVE-2014-3615.patch |
4151 | + - CVE-2014-3640.patch |
4152 | + - CVE-2014-3689.patch |
4153 | + - CVE-2014-7815.patch |
4154 | + |
4155 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 22 Nov 2014 18:36:53 -0600 |
4156 | + |
4157 | qemu (2.1+dfsg-7) unstable; urgency=high |
4158 | |
4159 | * urgency is high due to 2 security fixes |
4160 | @@ -2753,6 +6657,119 @@ qemu (2.1+dfsg-5) unstable; urgency=medium |
4161 | |
4162 | -- Michael Tokarev <mjt@tls.msk.ru> Fri, 26 Sep 2014 17:43:26 +0400 |
4163 | |
4164 | +qemu (2.1+dfsg-4ubuntu9) vivid; urgency=medium |
4165 | + |
4166 | + * SECURITY UPDATE: information disclosure via vga driver |
4167 | + - debian/patches/CVE-2014-3615.patch: return the correct memory size, |
4168 | + sanity check register writes, and don't use fixed buffer sizes in |
4169 | + hw/display/qxl.c, hw/display/vga.c, hw/display/vga_int.h, |
4170 | + ui/spice-display.c. |
4171 | + - CVE-2014-3615 |
4172 | + * SECURITY UPDATE: denial of service via slirp NULL pointer deref |
4173 | + - debian/patches/CVE-2014-3640.patch: make sure socket is not just a |
4174 | + stub in slirp/udp.c. |
4175 | + - CVE-2014-3640 |
4176 | + * SECURITY UPDATE: possible privilege escalation via vmware-vga driver |
4177 | + - debian/patches/CVE-2014-3689.patch: verify rectangles in |
4178 | + hw/display/vmware_vga.c. |
4179 | + - CVE-2014-3689 |
4180 | + * SECURITY UPDATE: denial of service via VNC console |
4181 | + - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in |
4182 | + ui/vnc.c. |
4183 | + - CVE-2014-7815 |
4184 | + |
4185 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 13 Nov 2014 07:31:03 -0500 |
4186 | + |
4187 | +qemu (2.1+dfsg-4ubuntu8) vivid; urgency=medium |
4188 | + |
4189 | + * Support qemu-kvm on x32, arm64, ppc64 and pp64el architectures |
4190 | + (LP: #1389897) (Patch thanks to mwhudson, BenC, and infinity) |
4191 | + |
4192 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Nov 2014 15:51:47 -0600 |
4193 | + |
4194 | +qemu (2.1+dfsg-4ubuntu7) vivid; urgency=medium |
4195 | + |
4196 | + * Apply two patches to fix intermittent qemu-img corruption |
4197 | + (LP: #1368815) |
4198 | + - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap |
4199 | + - 502-block-raw-posic-use-seek-hole-ahead-of-fiemap |
4200 | + |
4201 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 29 Oct 2014 22:31:43 -0500 |
4202 | + |
4203 | +qemu (2.1+dfsg-4ubuntu6) utopic; urgency=medium |
4204 | + |
4205 | + * debian/control: slof is moving into main, so we can depend on qemu-slof as |
4206 | + debian does. |
4207 | + |
4208 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Oct 2014 22:01:27 +0200 |
4209 | + |
4210 | +qemu (2.1+dfsg-4ubuntu5) utopic; urgency=medium |
4211 | + |
4212 | + * debian/binfmt-update-in: don't blacklist ppc64le on ppc64 and vice |
4213 | + versa. |
4214 | + * Drop Support-ppc64le.pach, as that architecture appears to not exist yet. |
4215 | + * update d/p/ubuntu/define-ubuntu-machine-types.patch to keep -M pc pointing |
4216 | + to latest upstream machine type, rather than distro one. Add 'ubuntu' |
4217 | + machine type for that. |
4218 | + |
4219 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 06 Oct 2014 13:41:31 -0500 |
4220 | + |
4221 | +qemu (2.1+dfsg-4ubuntu4) utopic; urgency=medium |
4222 | + |
4223 | + * debian/qemu-system-x86.qemu-kvm.upstart: create /dev/kvm in a |
4224 | + container. (LP: #1370199) |
4225 | + * load kvm module on ppc64le at boot (LP: #1369785) |
4226 | + - debian/rules: install qemu-kvm on ppc64el |
4227 | + - add debian/qemu-system-ppc.qemu-kvm.{upstart,default} to autoload the |
4228 | + kvm-hv module if available |
4229 | + * qemu-system-x86.maintscript: remove accidentally installed |
4230 | + /etc/init.d/qemu-system-x86 (from 2.0.0+dfsg-6ubuntu1 and a few earlier) |
4231 | + * rename qemu-system-x86 init script to qemu-kvm so it gets installed in |
4232 | + ubuntu. |
4233 | + |
4234 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Sep 2014 14:20:12 -0500 |
4235 | + |
4236 | +qemu (2.1+dfsg-4ubuntu3) utopic; urgency=medium |
4237 | + |
4238 | + * Re-stick the trusty machine type to 2.0 (where it must always stay) and |
4239 | + define a new, default, pc-i440fx-utopic machine type (LP: #1369481) |
4240 | + |
4241 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 15 Sep 2014 14:04:57 -0500 |
4242 | + |
4243 | +qemu (2.1+dfsg-4ubuntu2) utopic; urgency=medium |
4244 | + |
4245 | + * move kvm_intel nested setting to qemu-system-x86.postinst. |
4246 | + |
4247 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 12 Sep 2014 23:12:52 +0000 |
4248 | + |
4249 | +qemu (2.1+dfsg-4ubuntu1) utopic; urgency=medium |
4250 | + |
4251 | + * Merge new debian release |
4252 | + * Remaining changes: |
4253 | + - qemu-system-common.postinst: |
4254 | + * remove acl placed by udev, and add udevadm trigger. |
4255 | + * reload kvm_intel if needed to set nested=1 |
4256 | + - qemu-system-common.preinst: add kvm group if needed |
4257 | + - add qemu-kvm upstart job and defaults file (rules, |
4258 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
4259 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
4260 | + do not auto-load the kvm kernel module. Enable nesting by default |
4261 | + on intel. |
4262 | + - debian/qemu-system-alternatives.in: use a later version as ubuntu |
4263 | + removed the alternatives bit later. |
4264 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
4265 | + in qemu64 cpu type. |
4266 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
4267 | + machine type to ease future live vm migration. |
4268 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
4269 | + d/qemu-system-common.install |
4270 | + - debian/binfmt-update-in: support ppcle |
4271 | + * debian/binfmt-update-in |
4272 | + * Support-ppcle.patch |
4273 | + - d/p/CVE-2014-5388.patch |
4274 | + |
4275 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Sep 2014 17:56:15 -0500 |
4276 | + |
4277 | qemu (2.1+dfsg-4) unstable; urgency=medium |
4278 | |
4279 | * mention libnuma-dev but not enable for now |
4280 | @@ -2770,6 +6787,59 @@ qemu (2.1+dfsg-4) unstable; urgency=medium |
4281 | |
4282 | -- Michael Tokarev <mjt@tls.msk.ru> Sun, 31 Aug 2014 09:32:59 +0400 |
4283 | |
4284 | +qemu (2.1+dfsg-3ubuntu4) utopic; urgency=medium |
4285 | + |
4286 | + * SECURITY UPDATE: memory disclosure via out-of-bounds array access |
4287 | + - debian/patches/CVE-2014-5388.patch: fix check in hw/acpi/pcihp.c. |
4288 | + - CVE-2014-5388 |
4289 | + |
4290 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 09 Sep 2014 08:26:24 -0400 |
4291 | + |
4292 | +qemu (2.1+dfsg-3ubuntu3) utopic; urgency=medium |
4293 | + |
4294 | + * replace d/p/revert-acpi-table-size-bump with |
4295 | + pc-reserve-more-memory-for-acpi.patch from upstream |
4296 | + * debian/binfmt-update-in |
4297 | + - don't run in a container |
4298 | + - add ppc64le as target (LP: #1358268) |
4299 | + * Add experimental ppcle support (LP: #1358268) |
4300 | + |
4301 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 27 Aug 2014 18:24:32 -0500 |
4302 | + |
4303 | +qemu (2.1+dfsg-3ubuntu2) utopic; urgency=medium |
4304 | + |
4305 | + * revert-acpi-table-size-bump - get qemu -kernel working again. |
4306 | + |
4307 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 15:33:24 -0500 |
4308 | + |
4309 | +qemu (2.1+dfsg-3ubuntu1) utopic; urgency=medium |
4310 | + |
4311 | + * Merge new debian release |
4312 | + * Remaining changes: |
4313 | + - control-in: stick to libsdl1.2-dev. |
4314 | + - qemu-system-common.install: add debian/tmp/usr/lib to install the |
4315 | + qemu-bridge-helper |
4316 | + - qemu-system-common.postinst: remove acl placed by udev, |
4317 | + and add udevadm trigger. |
4318 | + - qemu-system-common.preinst: add kvm group if needed |
4319 | + - add qemu-kvm upstart job and defaults file (rules, |
4320 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
4321 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
4322 | + do not auto-load the kvm kernel module. Enable nesting by default |
4323 | + on intel. |
4324 | + - debian/qemu-system-alternatives.in: use a later version as ubuntu |
4325 | + removed the alternatives bit later. |
4326 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
4327 | + in qemu64 cpu type. |
4328 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
4329 | + machine type to ease future live vm migration. |
4330 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
4331 | + d/qemu-system-common.install |
4332 | + * Upstart job: use getent group to check for kvm group |
4333 | + * apport: 'qemu' doesn't exist any more, so check for any qemu* tasks |
4334 | + |
4335 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 08:44:54 -0500 |
4336 | + |
4337 | qemu (2.1+dfsg-3) unstable; urgency=medium |
4338 | |
4339 | * set SHELL = /bin/sh -e, so that more complex shell constructs |
4340 | @@ -2796,6 +6866,42 @@ qemu (2.1+dfsg-3) unstable; urgency=medium |
4341 | |
4342 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 14 Aug 2014 14:30:24 +0400 |
4343 | |
4344 | +qemu (2.1+dfsg-2ubuntu2) utopic; urgency=medium |
4345 | + |
4346 | + * reload kvm_intel if needed to set the nested=Y flag (LP: #1324174) |
4347 | + |
4348 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Aug 2014 12:58:50 -0500 |
4349 | + |
4350 | +qemu (2.1+dfsg-2ubuntu1) utopic; urgency=medium |
4351 | + |
4352 | + * Merge new debian release |
4353 | + * Remaining changes: |
4354 | + - qemu-system-x86.links: add eepro100.rom link, drop links which we |
4355 | + have in ipxe-qemu package. |
4356 | + - control-in: stick to libsdl1.2-dev. |
4357 | + - qemu-system-common.install: add debian/tmp/usr/lib to install the |
4358 | + qemu-bridge-helper |
4359 | + - qemu-system-common.postinst: remove acl placed by udev, |
4360 | + and add udevadm trigger. |
4361 | + - qemu-system-common.preinst: add kvm group if needed |
4362 | + - add qemu-kvm upstart job and defaults file (rules, |
4363 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
4364 | + - debian/rules: add qemu-kvm-spice |
4365 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
4366 | + do not auto-load the kvm kernel module. Enable nesting by default |
4367 | + on intel. |
4368 | + - binfmt-update-in: make sure to filter out compat arches. |
4369 | + - debian/qemu-system-alternatives.in: use a later version as ubuntu |
4370 | + removed the alternatives bit later. |
4371 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
4372 | + in qemu64 cpu type. |
4373 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
4374 | + machine type to ease future live vm migration. |
4375 | + - apport hook for qemu source package: d/source_qemu-kvm.py, |
4376 | + d/qemu-system-common.install |
4377 | + |
4378 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Aug 2014 13:53:06 -0500 |
4379 | + |
4380 | qemu (2.1+dfsg-2) unstable; urgency=medium |
4381 | |
4382 | * l2tp-linux-only.patch: fix FTBFS on kfreebsd |
4383 | @@ -2830,7 +6936,7 @@ qemu (2.1+dfsg-1) unstable; urgency=medium |
4384 | |
4385 | qemu (2.0.0+dfsg-7) unstable; urgency=medium |
4386 | |
4387 | - * clarify description of qemu-user-binfmt a bit |
4388 | + * clarify description of qemu-user-binfmt a bit |
4389 | * build-depend on acpica-tools (iasl) in order to rebuild .dsl files |
4390 | * remove qemu-keymaps package, since it is not used by other tools |
4391 | anymore, and ship keymaps in qemu-system-common. |
4392 | @@ -2847,6 +6953,43 @@ qemu (2.0.0+dfsg-7) unstable; urgency=medium |
4393 | |
4394 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 24 Jul 2014 16:51:16 +0400 |
4395 | |
4396 | +qemu (2.0.0+dfsg-6ubuntu2) utopic; urgency=medium |
4397 | + |
4398 | + * d/qemu-system-x86.qemu-kvm.upstart: change the early-exit check from |
4399 | + /usr/bin/kvm to qemu-system-x86_64. (LP: #1348551) |
4400 | + |
4401 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 25 Jul 2014 08:35:02 -0500 |
4402 | + |
4403 | +qemu (2.0.0+dfsg-6ubuntu1) utopic; urgency=medium |
4404 | + |
4405 | + * Merge 2.0.0+dfsg-6. Remaining changes: |
4406 | + - qemu-system-x86.links: add eepro100.rom link, drop links which we |
4407 | + have in ipxe-qemu package. |
4408 | + - control-in: stick to libgnutls-dev and libsdl1.2-dev. |
4409 | + - qemu-system-common.install: add debian/tmp/usr/lib to install the |
4410 | + qemu-bridge-helper |
4411 | + - qemu-system-common.postinst: remove acl placed by udev, |
4412 | + and add udevadm trigger. |
4413 | + - qemu-system-common.preinst: add kvm group if needed |
4414 | + - add qemu-kvm upstart job and defaults file (rules, |
4415 | + qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) |
4416 | + - debian/rules: add qemu-kvm-spice |
4417 | + - rules,qemu-system-x86.modprobe: support use under older udevs which |
4418 | + do not auto-load the kvm kernel module. Enable nesting by default |
4419 | + on intel. |
4420 | + - binfmt-update-in: make sure to filter out compat arches. |
4421 | + - debian/qemu-system-alternatives.in: use a later version as ubuntu |
4422 | + removed the alternatives bit later. |
4423 | + - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default |
4424 | + in qemu64 cpu type. |
4425 | + - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty |
4426 | + machine type to ease future live vm migration. |
4427 | + - re-introduce apport hook for qemu source package: |
4428 | + d/source_qemu-kvm.py, d/qemu-system-common.install |
4429 | + * enable-build-dep on libjpeg8-dev - which is now in main |
4430 | + |
4431 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 23 Jun 2014 14:52:54 -0500 |
4432 | + |
4433 | qemu (2.0.0+dfsg-6) unstable; urgency=medium |
4434 | |
4435 | * build-depend on libgnutls28-dev not libgnutls-dev |
4436 | @@ -2890,6 +7033,59 @@ qemu (2.0.0+dfsg-3) unstable; urgency=low |
4437 | |
4438 | -- Michael Tokarev <mjt@tls.msk.ru> Mon, 21 Apr 2014 12:34:03 +0400 |
4439 | |
4440 | +qemu (2.0.0+dfsg-2ubuntu3) utopic; urgency=medium |
4441 | + |
4442 | + * remove alternatives for qemu: different architectures |
4443 | + aren't really alternatives and never had been (LP: #1316829) |
4444 | + |
4445 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 07 May 2014 15:12:33 +0000 |
4446 | + |
4447 | +qemu (2.0.0+dfsg-2ubuntu2) utopic; urgency=medium |
4448 | + |
4449 | + * debian/rules: install the proper /etc/init/qemu-kvm.conf (LP: #1315402) |
4450 | + * debian/control: drop the versioning requirement from libfdt-dev |
4451 | + build-dependency, as it is longer needed (LP: #1295072) |
4452 | + |
4453 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 02 May 2014 11:43:44 -0500 |
4454 | + |
4455 | +qemu (2.0.0+dfsg-2ubuntu1) trusty-proposed; urgency=medium |
4456 | + |
4457 | + * Merge 2.0.0+dfsg-2 |
4458 | + * Incorporates a fix for spice users (LP: #1309452) |
4459 | + * drop patch kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch, as |
4460 | + the regression requiring it was reverted for 2.0 upstream. |
4461 | + * remove qemu-system-common depends on the qemu-system-aarch64 metapackage |
4462 | + * debian/qemu-debootstrap: add arm64 |
4463 | + * Remaining changes from debian: |
4464 | + - keep qemu 'alternative' (not something to change in SRU) |
4465 | + - debian/control and debian/control-in: |
4466 | + * versioned libfdt-dev check, until libfdt is fixed in precise |
4467 | + * enable rbd |
4468 | + * remove ovmf Recommends, as it is in multiverse |
4469 | + * use libsdl1.2, not libsdl2, since libsdl2-dev is in universe |
4470 | + * add a qemu-system-aarch64 metapackage for transitions from trusty |
4471 | + development version. This can be removed after trusty. |
4472 | + - qemu-system-common.install: add debian/tmp/usr/lib to install the |
4473 | + qemu-bridge-helper |
4474 | + - qemu-system-common.postinst: fix /dev/kvm acls |
4475 | + - qemu-system-common.preinst: add kvm group if needed |
4476 | + - qemu-system-x86.links: add eepro100.rom link, drop links which we |
4477 | + have in ipxe-qemu package. |
4478 | + - qemu-system-x86.modprobe: set module options for older releases |
4479 | + - qemu-system-x86.qemu-kvm.default: defaults for the upstart job |
4480 | + - qemu-system-x86.qemu-kvm.upstart: qemu-kvm upstart job |
4481 | + - qemu-user-static.postinst-in: remove qemu-arm64-static on arm64 |
4482 | + - debian/rules |
4483 | + * add legacy kvm-spice link |
4484 | + * fix ppc and arm slections |
4485 | + * add aarch64 to user_targets |
4486 | + - debian/patches/ubuntu/define-trusty-machine-type.patch: define a |
4487 | + pc-i440fx-trusty machine type as the default. |
4488 | + - debian/patches/ubuntu/expose-vmx_qemu64cpu.patch: support nesting by |
4489 | + default in qemu64 cpu time. |
4490 | + |
4491 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Apr 2014 09:23:27 -0500 |
4492 | + |
4493 | qemu (2.0.0+dfsg-2) unstable; urgency=medium |
4494 | |
4495 | * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current |
4496 | @@ -2915,7 +7111,7 @@ qemu (2.0.0+dfsg-1) unstable; urgency=low |
4497 | * kmod dependency is linux-any |
4498 | * doc-grammify-allows-to.patch: fix some lintian warnings |
4499 | * remove alternatives for qemu: different architectures |
4500 | - aren't really alternatives and never had been |
4501 | + aren't really alternatives and never had been |
4502 | * update Standards-Version to 3.9.5 (no changes needed) |
4503 | * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff - |
4504 | fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1 |
4505 | @@ -2949,6 +7145,50 @@ qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low |
4506 | |
4507 | -- Michael Tokarev <mjt@tls.msk.ru> Sat, 05 Apr 2014 16:23:48 +0400 |
4508 | |
4509 | +qemu (2.0.0~rc1+dfsg-0ubuntu3) trusty; urgency=medium |
4510 | + |
4511 | + * d/p/ubuntu/kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch |
4512 | + don't abort() just because the kernel has no dirty bitmap. |
4513 | + (LP: #1303926) |
4514 | + |
4515 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 22:32:00 -0500 |
4516 | + |
4517 | +qemu (2.0.0~rc1+dfsg-0ubuntu2) trusty; urgency=medium |
4518 | + |
4519 | + * define-trusty-machine-type.patch: update the trusty machine type name to |
4520 | + pc-i440fx-trusty (LP: #1304107) |
4521 | + |
4522 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 11:49:04 -0500 |
4523 | + |
4524 | +qemu (2.0.0~rc1+dfsg-0ubuntu1) trusty; urgency=medium |
4525 | + |
4526 | + * Merge 2.0.0-rc1 |
4527 | + * debian/rules: consolidate ppc filter entries. |
4528 | + * Move qemu-system-arch64 into qemu-system-arm |
4529 | + * debian/patches/define-trusty-machine-type.patch: define a trusty machine |
4530 | + type, currently the same as pc-i440fx-2.0, to put is in a better position |
4531 | + to enable live migrations from trusty onward. (LP: #1294823) |
4532 | + * debian/control: build-dep on libfdt >= 1.4.0 (LP: #1295072) |
4533 | + * Merge latest upstream git to commit dc9528f |
4534 | + * Debian/rules: |
4535 | + - remove -enable-uname-release=2.6.32 |
4536 | + - don't make the aarch64 target Ubuntu-specific. |
4537 | + * Remove patches which are now upstream: |
4538 | + - fix-smb-security-share.patch |
4539 | + - slirp-smb-redirect-port-445-too.patch |
4540 | + - linux-user-Implement-sendmmsg-syscall.patch (better version is upstream) |
4541 | + - signal-added-a-wrapper-for-sigprocmask-function.patch |
4542 | + - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch |
4543 | + - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch |
4544 | + - ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch |
4545 | + * add link for /usr/share/qemu/bios-256k.bin |
4546 | + * Remove all linaro patches. |
4547 | + * Remove all arm64/ patches. Many but not all are upstream. |
4548 | + * Remove CVE-2013-4377.patch which is upstream. |
4549 | + * debian/control-in: don't make qemu-system-aarch64 ubuntu-specific |
4550 | + |
4551 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 25 Feb 2014 22:31:43 -0600 |
4552 | + |
4553 | qemu (1.7.0+dfsg-9) unstable; urgency=medium |
4554 | |
4555 | * remove rbd/rados/ceph support *again*, till they'll actually provide |
4556 | @@ -3013,6 +7253,104 @@ qemu (1.7.0+dfsg-4) unstable; urgency=medium |
4557 | |
4558 | -- Michael Tokarev <mjt@tls.msk.ru> Wed, 12 Mar 2014 18:34:03 +0400 |
4559 | |
4560 | +qemu (1.7.0+dfsg-3ubuntu7) trusty; urgency=low |
4561 | + |
4562 | + * No-change rebuild to build with libxen-4.4. |
4563 | + |
4564 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 21 Mar 2014 10:04:36 +0100 |
4565 | + |
4566 | +qemu (1.7.0+dfsg-3ubuntu6) trusty; urgency=medium |
4567 | + |
4568 | + * d/p/ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch: cherrypick |
4569 | + upstream patch to force cpu count on ppc to be a power of 2. (LP: #1279682) |
4570 | + |
4571 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Mar 2014 00:03:00 -0500 |
4572 | + |
4573 | +qemu (1.7.0+dfsg-3ubuntu5) trusty; urgency=medium |
4574 | + |
4575 | + [ dann frazier ] |
4576 | + * Add patches from the susematz tree to avoid intermittent segfaults: |
4577 | + - ubuntu/signal-added-a-wrapper-for-sigprocmask-function.patch |
4578 | + - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch |
4579 | + - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch |
4580 | + |
4581 | + [ Serge Hallyn ] |
4582 | + * Modify do_sigprocmask to only change behavior for aarch64. |
4583 | + (LP: #1285363) |
4584 | + |
4585 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 06 Mar 2014 16:15:50 -0600 |
4586 | + |
4587 | +qemu (1.7.0+dfsg-3ubuntu4) trusty; urgency=medium |
4588 | + |
4589 | + [ Steve Langasek ] |
4590 | + * Merge debian/control with unreleased Debian branch: our architecture |
4591 | + lists should now be in sync. |
4592 | + |
4593 | + [ Dann Frazier ] |
4594 | + * ubuntu/linux-user-Implement-sendmmsg-syscall.patch: Fix user mode DNS |
4595 | + on arm64 and maybe others. (LP: #1284344) |
4596 | + |
4597 | + [ Serge Hallyn ] |
4598 | + * Move the OVMF.fd link to the ovmf package. |
4599 | + |
4600 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 21 Feb 2014 12:14:53 -0800 |
4601 | + |
4602 | +qemu (1.7.0+dfsg-3ubuntu3) trusty; urgency=medium |
4603 | + |
4604 | + * Add ppc64el to the architecture list (supposedly added in the previous |
4605 | + upload, but really wasn't). |
4606 | + |
4607 | + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 20 Feb 2014 23:40:07 -0800 |
4608 | + |
4609 | +qemu (1.7.0+dfsg-3ubuntu2) trusty; urgency=medium |
4610 | + |
4611 | + * Backport changes to enable qemu-user-static support for aarch64 |
4612 | + * debian/control: add ppc64el to Architectures |
4613 | + * debian/rules: only install qemu-system-aarch64 on arm64. |
4614 | + Fixes a FTBFS when built twice in a row on non-arm64 due to a stale |
4615 | + debian/qemu-system-aarch64 directory |
4616 | + |
4617 | + -- dann frazier <dann.frazier@canonical.com> Tue, 11 Feb 2014 15:41:53 -0700 |
4618 | + |
4619 | +qemu (1.7.0+dfsg-3ubuntu1) trusty; urgency=medium |
4620 | + |
4621 | + * Fix broken filter_binfmts |
4622 | + * Remove use of dpkg-version in postinsts, as we're not Depending on |
4623 | + dpkg-dev. |
4624 | + |
4625 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 05 Feb 2014 21:57:38 -0600 |
4626 | + |
4627 | +qemu (1.7.0+dfsg-3ubuntu1~ppa1) trusty; urgency=medium |
4628 | + |
4629 | + * Merge 1.7.0+dfsg-3 from debian. Remaining changes: |
4630 | + - debian/patches/ubuntu: |
4631 | + * expose-vmx_qemu64cpu.patch |
4632 | + * linaro (omap3) and arm64 patches |
4633 | + * ubuntu/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS |
4634 | + on ppc |
4635 | + * ubuntu/CVE-2013-4377.patch: fix denial of service via virtio |
4636 | + - debian/qemu-system-x86.modprobe: set kvm_intel nested=1 options |
4637 | + - debian/control: |
4638 | + * add arm64 to Architectures |
4639 | + * add qemu-common and qemu-system-aarch64 packages |
4640 | + - debian/qemu-system-common.install: add debian/tmp/usr/lib |
4641 | + - debian/qemu-system-common.preinst: add kvm group |
4642 | + - debian/qemu-system-common.postinst: remove acl placed by udev, |
4643 | + and add udevadm trigger. |
4644 | + - qemu-system-x86.links: add eepro100.rom, remove pxe-virtio, |
4645 | + pxe-e1000 and pxe-rtl8139. |
4646 | + - add qemu-system-x86.qemu-kvm.upstart and .default |
4647 | + - qemu-user-static.postinst-in: remove arm64 binfmt |
4648 | + - debian/rules: |
4649 | + * allow parallel build |
4650 | + * add aarch64 to system_targets and sys_systems |
4651 | + * add qemu-kvm-spice links |
4652 | + * install qemu-system-x86.modprobe |
4653 | + - add debian/qemu-system-common.links for OVMF.fd link |
4654 | + * Remove kvm-img, kvm-nbd, kvm-ifup and kvm-ifdown symlinks. |
4655 | + |
4656 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Feb 2014 12:13:08 -0600 |
4657 | + |
4658 | qemu (1.7.0+dfsg-3) unstable; urgency=low |
4659 | |
4660 | * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86 |
4661 | @@ -3038,6 +7376,121 @@ qemu (1.7.0+dfsg-3) unstable; urgency=low |
4662 | |
4663 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 16 Jan 2014 15:17:46 +0400 |
4664 | |
4665 | +qemu (1.7.0+dfsg-2ubuntu9) trusty; urgency=medium |
4666 | + |
4667 | + * debian/qemu-user-static.postinst-in: remove arm64 qemu-user binfmt, which |
4668 | + may have been installed up to 1.6.0+dfsg-2ubuntu4 (LP: #1273654) |
4669 | + |
4670 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 Jan 2014 14:41:20 +0000 |
4671 | + |
4672 | +qemu (1.7.0+dfsg-2ubuntu8) trusty; urgency=medium |
4673 | + |
4674 | + * SECURITY UPDATE: denial of service via virtio device hot-plugging |
4675 | + - debian/patches/CVE-2013-4377.patch: upstream commits to refactor |
4676 | + virtio device unplugging. |
4677 | + - CVE-2013-4377 |
4678 | + |
4679 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jan 2014 09:10:37 -0500 |
4680 | + |
4681 | +qemu (1.7.0+dfsg-2ubuntu7) trusty; urgency=medium |
4682 | + |
4683 | + * d/p/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS on |
4684 | + powerpc. |
4685 | + |
4686 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 22 Jan 2014 11:59:26 -0600 |
4687 | + |
4688 | +qemu (1.7.0+dfsg-2ubuntu6) trusty; urgency=medium |
4689 | + |
4690 | + [ Serge Hallyn ] |
4691 | + * add arm64 patchset from upstream. The three arm virt patches previously |
4692 | + pushed are in that set, so drop them. |
4693 | + |
4694 | + [ dann frazier ] |
4695 | + * Add packaging for qemu-system-aarch64. This package is currently only |
4696 | + available for arm64, as full software emulation is not yet supported. |
4697 | + |
4698 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 10 Jan 2014 12:19:08 -0600 |
4699 | + |
4700 | +qemu (1.7.0+dfsg-2ubuntu5) trusty; urgency=medium |
4701 | + |
4702 | + * Drop d/p/fix-pci-add: upstream does not intend for pci_add to be |
4703 | + supported any longer. |
4704 | + * Add patchset from git://git.linaro.org/qemu/qemu-linaro.git#rebasing |
4705 | + * Refresh debian/patches/hw_arm_add_virt_platform.patch against context |
4706 | + churn caused by linaro patchset. |
4707 | + * debian/rules: enable parallel builds. |
4708 | + |
4709 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 03 Jan 2014 10:53:17 -0600 |
4710 | + |
4711 | +qemu (1.7.0+dfsg-2ubuntu4) trusty; urgency=medium |
4712 | + |
4713 | + * d/control: enable usbredir (LP: 1126390) |
4714 | + |
4715 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 02 Jan 2014 08:55:43 -0600 |
4716 | + |
4717 | +qemu (1.7.0+dfsg-2ubuntu3) trusty; urgency=medium |
4718 | + |
4719 | + * add missing arm virt patches from the mach-virt-v7 branch of |
4720 | + git://git.linaro.org/people/cdall/qemu-arm.git |
4721 | + |
4722 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 18 Dec 2013 12:25:59 -0600 |
4723 | + |
4724 | +qemu (1.7.0+dfsg-2ubuntu2) trusty; urgency=medium |
4725 | + |
4726 | + * debian/control: add arm64 to list of architectures. |
4727 | + |
4728 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Dec 2013 10:22:47 -0600 |
4729 | + |
4730 | +qemu (1.7.0+dfsg-2ubuntu1) trusty; urgency=low |
4731 | + |
4732 | + * Merge 1.7.0+dfsg-2 from debian experimental. Remaining changes: |
4733 | + - debian/control |
4734 | + * update maintainer |
4735 | + * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev |
4736 | + from build-deps |
4737 | + * enable rbd |
4738 | + * add qemu-system and qemu-common B/R to qemu-keymaps |
4739 | + * add D:udev, R:qemu, R:qemu-common and B:qemu-common to |
4740 | + qemu-system-common |
4741 | + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: |
4742 | + - add qemu-common, qemu-kvm, kvm to B/R |
4743 | + - remove openbios-sparc from qemu-system-sparc D |
4744 | + - drop openbios-ppc and openhackware Depends to Suggests (for now) |
4745 | + * qemu-system-x86: |
4746 | + - add qemu-common to Breaks/Replaces. |
4747 | + - add cpu-checker to Recommends. |
4748 | + * qemu-user: add B/R:qemu-kvm |
4749 | + * qemu-kvm: |
4750 | + - add armhf armel powerpc sparc to Architecture |
4751 | + - C/R/P: qemu-kvm-spice |
4752 | + * add qemu-common package |
4753 | + * drop qemu-slof which is not packaged in ubuntu |
4754 | + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. |
4755 | + - qemu-system-x86.links: |
4756 | + * remove pxe rom links which are in kvm-ipxe |
4757 | + - debian/rules |
4758 | + * add kvm-spice symlink to qemu-kvm |
4759 | + * call dh_installmodules for qemu-system-x86 |
4760 | + * update dh_installinit to install upstart script |
4761 | + * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2) |
4762 | + - Add qemu-utils.links for kvm-* symlinks. |
4763 | + - Add qemu-system-x86.qemu-kvm.upstart and .default |
4764 | + - Add qemu-system-x86.modprobe to set nesting=1 |
4765 | + - Add qemu-system-common.preinst to add kvm group |
4766 | + - qemu-system-common.postinst: remove bad group acl if there, then have |
4767 | + udev relabel /dev/kvm. |
4768 | + - New linaro patches from qemu-linaro rebasing branch |
4769 | + - Dropped patches: |
4770 | + * linaro patchset |
4771 | + * mach-virt patchset |
4772 | + - Kept patches: |
4773 | + * expose_vms_qemu64cpu.patch |
4774 | + * fix-pci-add |
4775 | + * qemu-system-common.install: add debian/tmp/usr/lib to install the |
4776 | + qemu-bridge-helper |
4777 | + |
4778 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 07 Dec 2013 06:08:11 +0000 |
4779 | + |
4780 | qemu (1.7.0+dfsg-2) unstable; urgency=low |
4781 | |
4782 | * switch from vgabios to seavgabios |
4783 | @@ -3067,6 +7520,73 @@ qemu (1.7.0+dfsg-1) unstable; urgency=low |
4784 | |
4785 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 28 Nov 2013 03:14:21 +0400 |
4786 | |
4787 | +qemu (1.6.0+dfsg-2ubuntu2) trusty; urgency=low |
4788 | + |
4789 | + * debian/control: qemu-utils must Replace: qemu-kvm as it did in raring, |
4790 | + to prevent lts-to-lts updates from breaking. (LP: #1243403) |
4791 | + |
4792 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 23 Oct 2013 14:31:05 -0500 |
4793 | + |
4794 | +qemu (1.6.0+dfsg-2ubuntu1) trusty; urgency=low |
4795 | + |
4796 | + * Merge 1.6.0~rc0+dfsg-2exp from debian experimental. Remaining changes: |
4797 | + - debian/control |
4798 | + * update maintainer |
4799 | + * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev |
4800 | + from build-deps |
4801 | + * enable rbd |
4802 | + * add qemu-system and qemu-common B/R to qemu-keymaps |
4803 | + * add D:udev, R:qemu, R:qemu-common and B:qemu-common to |
4804 | + qemu-system-common |
4805 | + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: |
4806 | + - add qemu-kvm to Provides |
4807 | + - add qemu-common, qemu-kvm, kvm to B/R |
4808 | + - remove openbios-sparc from qemu-system-sparc D |
4809 | + - drop openbios-ppc and openhackware Depends to Suggests (for now) |
4810 | + * qemu-system-x86: |
4811 | + - add qemu-common to Breaks/Replaces. |
4812 | + - add cpu-checker to Recommends. |
4813 | + * qemu-user: add B/R:qemu-kvm |
4814 | + * qemu-kvm: |
4815 | + - add armhf armel powerpc sparc to Architecture |
4816 | + - C/R/P: qemu-kvm-spice |
4817 | + * add qemu-common package |
4818 | + * drop qemu-slof which is not packaged in ubuntu |
4819 | + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. |
4820 | + - qemu-system-x86.links: |
4821 | + * remove pxe rom links which are in kvm-ipxe |
4822 | + * add symlink for kvm.1 manpage |
4823 | + - debian/rules |
4824 | + * add kvm-spice symlink to qemu-kvm |
4825 | + * call dh_installmodules for qemu-system-x86 |
4826 | + * update dh_installinit to install upstart script |
4827 | + * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2) |
4828 | + - Add qemu-utils.links for kvm-* symlinks. |
4829 | + - Add qemu-system-x86.qemu-kvm.upstart and .default |
4830 | + - Add qemu-system-x86.modprobe to set nesting=1 |
4831 | + - Add qemu-system-common.preinst to add kvm group |
4832 | + - qemu-system-common.postinst: remove bad group acl if there, then have |
4833 | + udev relabel /dev/kvm. |
4834 | + - New linaro patches from qemu-linaro rebasing branch |
4835 | + - Dropped patches: |
4836 | + * xen-simplify-xen_enabled.patch |
4837 | + * sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch |
4838 | + * main_loop-do-not-set-nonblocking-if-xen_enabled.patch |
4839 | + * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch |
4840 | + * virtio-rng-fix-crash |
4841 | + - Kept patches: |
4842 | + * expose_vms_qemu64cpu.patch - updated |
4843 | + * linaro arm patches from qemu-linaro rebasing branch |
4844 | + - New patches: |
4845 | + * fix-pci-add: change CONFIG variable in ifdef to make sure that |
4846 | + pci_add is defined. |
4847 | + * Add linaro patches |
4848 | + * Add experimental mach-virt patches for arm virtualization. |
4849 | + * qemu-system-common.install: add debian/tmp/usr/lib to install the |
4850 | + qemu-bridge-helper |
4851 | + |
4852 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 22 Oct 2013 22:47:07 -0500 |
4853 | + |
4854 | qemu (1.6.0+dfsg-2) unstable; urgency=low |
4855 | |
4856 | * Build-depend in seccomp again once it is in -testing |
4857 | @@ -3137,6 +7657,89 @@ qemu (1.5.0+dfsg-4) unstable; urgency=medium |
4858 | |
4859 | -- Michael Tokarev <mjt@tls.msk.ru> Thu, 06 Jun 2013 01:50:32 +0400 |
4860 | |
4861 | +qemu (1.5.0+dfsg-3ubuntu6) trusty; urgency=low |
4862 | + |
4863 | + * No change rebuild for new seccomp. |
4864 | + |
4865 | + -- Stéphane Graber <stgraber@ubuntu.com> Mon, 21 Oct 2013 18:34:50 -0400 |
4866 | + |
4867 | +qemu (1.5.0+dfsg-3ubuntu5) saucy; urgency=low |
4868 | + |
4869 | + * Cherrypick upstream patch to fix crash with rng device (LP: #1235017) |
4870 | + - virtio-rng-fix-crash |
4871 | + |
4872 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 09 Oct 2013 17:46:49 -0500 |
4873 | + |
4874 | +qemu (1.5.0+dfsg-3ubuntu4) saucy; urgency=low |
4875 | + |
4876 | + * Re-introduce snippet in upstart job to load kvm modules if needed. |
4877 | + (LP: #1218459) |
4878 | + |
4879 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 16 Sep 2013 22:43:52 +0000 |
4880 | + |
4881 | +qemu (1.5.0+dfsg-3ubuntu3) saucy; urgency=low |
4882 | + |
4883 | + * Cherry-picking three Xen related patches targetted for qemu-stable: |
4884 | + * xen-simplify-xen_enabled.patch |
4885 | + * main_loop-do-not-set-nonblocking-if-xen_enabled.patch |
4886 | + * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch |
4887 | + |
4888 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 26 Jul 2013 15:01:44 +0200 |
4889 | + |
4890 | +qemu (1.5.0+dfsg-3ubuntu2) saucy; urgency=low |
4891 | + |
4892 | + * Drop openbios-ppc and openhackware Depends to Suggests for now. |
4893 | + |
4894 | + -- Adam Conrad <adconrad@ubuntu.com> Wed, 05 Jun 2013 03:23:56 -0600 |
4895 | + |
4896 | +qemu (1.5.0+dfsg-3ubuntu1) saucy; urgency=low |
4897 | + |
4898 | + * Merge 1.5.0+dfs-3 from debian unstable. Remaining changes: |
4899 | + - debian/control |
4900 | + * update maintainer |
4901 | + * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev |
4902 | + from build-deps |
4903 | + * enable rbd |
4904 | + * add qemu-system and qemu-common B/R to qemu-keymaps |
4905 | + * add D:udev, R:qemu, R:qemu-common and B:qemu-common to |
4906 | + qemu-system-common |
4907 | + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: |
4908 | + - add qemu-kvm to Provides |
4909 | + - add qemu-common, qemu-kvm, kvm to B/R |
4910 | + - remove openbios-sparc from qemu-system-sparc D |
4911 | + * qemu-system-x86: |
4912 | + - add qemu-common to Breaks/Replaces. |
4913 | + - add cpu-checker to Recommends. |
4914 | + * qemu-user: add B/R:qemu-kvm |
4915 | + * qemu-kvm: |
4916 | + - add armhf armel powerpc sparc to Architecture |
4917 | + - C/R/P: qemu-kvm-spice |
4918 | + * add qemu-common package |
4919 | + * drop qemu-slof which is not packaged in ubuntu |
4920 | + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. |
4921 | + - qemu-system-x86.links: |
4922 | + * remove pxe rom links which are in kvm-ipxe |
4923 | + * add symlink for kvm.1 manpage |
4924 | + - debian/rules |
4925 | + * add kvm-spice symlink to qemu-kvm |
4926 | + * call dh_installmodules for qemu-system-x86 |
4927 | + * update dh_installinit to install upstart script |
4928 | + * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2) |
4929 | + - Add qemu-utils.links for kvm-* symlinks. |
4930 | + - Add qemu-system-x86.qemu-kvm.upstart and .default |
4931 | + - Add qemu-system-x86.modprobe to set nesting=1 |
4932 | + - Add qemu-system-common.preinst to add kvm group |
4933 | + - qemu-system-common.postinst: remove bad group acl if there, then have |
4934 | + udev relabel /dev/kvm. |
4935 | + - Dropped patches: |
4936 | + * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch |
4937 | + - Kept patches: |
4938 | + * expose_vms_qemu64cpu.patch - updated |
4939 | + * gridcentric patch - updated |
4940 | + * linaro arm patches from qemu-linaro rebasing branch |
4941 | + |
4942 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Jun 2013 22:56:43 +0200 |
4943 | + |
4944 | qemu (1.5.0+dfsg-3) unstable; urgency=low |
4945 | |
4946 | * fix sections: misc => otherosfs |
4947 | @@ -3156,6 +7759,54 @@ qemu (1.5.0+dfsg-3) unstable; urgency=low |
4948 | |
4949 | -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Jun 2013 01:49:47 +0400 |
4950 | |
4951 | +qemu (1.5.0+dfsg-2ubuntu1) saucy; urgency=low |
4952 | + |
4953 | + * Merge 1.5.0+dfs-2 from debian unstable. Remaining changes: |
4954 | + - debian/control |
4955 | + * update maintainer |
4956 | + * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev |
4957 | + from build-deps |
4958 | + * enable rbd |
4959 | + * add qemu-system and qemu-common B/R to qemu-keymaps |
4960 | + * add D:udev, R:qemu, R:qemu-common and B:qemu-common to |
4961 | + qemu-system-common |
4962 | + * qemu-system-arm, qemu-system-ppc, qemu-system-sparc: |
4963 | + - add qemu-kvm to Provides |
4964 | + - add qemu-common, qemu-kvm, kvm to B/R |
4965 | + - remove openbios-sparc from qemu-system-sparc D |
4966 | + * qemu-system-x86: |
4967 | + - add qemu-common to Breaks/Replaces. |
4968 | + - add cpu-checker to Recommends. |
4969 | + * qemu-user: add B/R:qemu-kvm |
4970 | + * qemu-kvm: |
4971 | + - add armhf armel powerpc sparc to Architecture |
4972 | + - C/R/P: qemu-kvm-spice |
4973 | + * add qemu-common package |
4974 | + * drop qemu-slof which is not packaged in ubuntu |
4975 | + - add qemu-system-common.links for tap ifup/down scripts and OVMF link. |
4976 | + - qemu-system-x86.links: |
4977 | + * remove pxe rom links which are in kvm-ipxe |
4978 | + * add symlink for kvm.1 manpage |
4979 | + - debian/rules |
4980 | + * add kvm-spice symlink to qemu-kvm |
4981 | + * call dh_installmodules for qemu-system-x86 |
4982 | + * update dh_installinit to install upstart script |
4983 | + * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2) |
4984 | + - Add qemu-utils.links for kvm-* symlinks. |
4985 | + - Add qemu-system-x86.qemu-kvm.upstart and .default |
4986 | + - Add qemu-system-x86.modprobe to set nesting=1 |
4987 | + - Add qemu-system-common.preinst to add kvm group |
4988 | + - qemu-system-common.postinst: remove bad group acl if there, then have |
4989 | + udev relabel /dev/kvm. |
4990 | + - Dropped patches: |
4991 | + * 0001-fix-wrong-output-with-info-chardev-for-tcp-socket.patch |
4992 | + - Kept patches: |
4993 | + * expose_vms_qemu64cpu.patch - updated |
4994 | + * gridcentric patch - updated |
4995 | + * linaro arm patches from qemu-linaro rebasing branch |
4996 | + |
4997 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 May 2013 08:18:30 -0500 |
4998 | + |
4999 | qemu (1.5.0+dfsg-2) unstable; urgency=low |
5000 |
Thanks for this MP Sergio! I know you mentioned the qemu migration would be blocked by the glibc issue but I am already taking a look at the package changes.
I have on (dumb?) question about this part of the delta:
- tolerate ipxe size change on migrations to >=18.04 (LP 1713490) pre-bionic- 256k-ipxe- efi-roms. patch: old machine types 256k-compat- efi-roms to be able to
- d/p/ubuntu/
reference 256k path
- d/control-in: depend on ipxe-qemu-
handle incoming migrations from former releases.
Is this supposed to be carried over indefinitely? I took a quick look on the LP and Debian bugs but did not find info about removing this in the future.
Other than that, LGTM, +1.