Ubuntu
qemu package

Merge ~sergiodj/ubuntu/+source/qemu:merge-8.1.2-noble into ubuntu/+source/qemu:debian/sid

  1. Git
  2. lp:~sergiodj/ubuntu/+source/qemu
  3. merge-8.1.2-noble
  4. Merge into debian/sid
Proposed by Sergio Durigan Junior
Status: Superseded
Proposed branch: ~sergiodj/ubuntu/+source/qemu:merge-8.1.2-noble
Merge into: ubuntu/+source/qemu:debian/sid
Diff against target: 8262 lines (+7654/-10)
18 files modified
debian/changelog (+5149/-3)
debian/control (+54/-7)
debian/control-in (+3/-0)
debian/patches/series (+10/-0)
debian/patches/ubuntu/define-ubuntu-machine-types.patch (+1008/-0)
debian/patches/ubuntu/enable-svm-by-default.patch (+34/-0)
debian/patches/ubuntu/lp2003673-s390x-ap-passthrough-for-pv-guests.patch (+178/-0)
debian/patches/ubuntu/lp2003673-s390x-refactor-ap-functionalities.patch (+100/-0)
debian/patches/ubuntu/lp2003673-s390x-system-reset-before-unprotect-on-reboot.patch (+51/-0)
debian/patches/ubuntu/lp2003673-update-linux-headers-6.6rc1.patch (+782/-0)
debian/patches/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch (+64/-0)
debian/patches/ubuntu/qboot-Disable-LTO-for-ELF-binary-build-step.patch (+44/-0)
debian/qemu-block-extra.postinst (+59/-0)
debian/qemu-kvm-init (+89/-0)
debian/qemu-system-common.install (+1/-0)
debian/qemu-system-common.qemu-kvm.default (+8/-0)
debian/qemu-system-common.qemu-kvm.service (+16/-0)
debian/rules (+4/-0)
Reviewer Review Type Date Requested Status
Canonical Server Core Reviewers Pending
Canonical Server Reporter Pending
Review via email: mp+456216@code.launchpad.net

Description of the change

This is the merge of qemu 8.1.3 from Debian unstable.

We'll be able to drop changes made last cycle to fix an FTBFS caused by -fcf-protection. We can also drop changes made to fix a problem with d/rules. Both have been incorporated by Debian.

A few patches that we're carrying to address bug #2003673 have also been dropped. I didn't mention them in the changelog because the original entry uses a glob to refer to all patches related to the bug, but let me know if you think I should explicitly mention the patches being dropped (perhaps in an empty commit?).

PPA: https://launchpad.net/~sergiodj/+archive/ubuntu/qemu/+packages

dep8 results:

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-noble-sergiodj-qemu/?format=plain)
  qemu @ amd64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-noble-sergiodj-qemu/noble/amd64/q/qemu/20231123_195448_113bf@/log.gz
    23.11.23 19:54:48 ✅ Triggers: qemu/1:8.1.3+ds-1ubuntu1~ppa1
  qemu @ arm64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-noble-sergiodj-qemu/noble/arm64/q/qemu/20231123_220810_4987e@/log.gz
    23.11.23 22:08:10 ✅ Triggers: qemu/1:8.1.3+ds-1ubuntu1~ppa1
  qemu @ armhf:
    http://autopkgtest.ubuntu.com/results/autopkgtest-noble-sergiodj-qemu/noble/armhf/q/qemu/20231123_193856_3c2ae@/log.gz
    23.11.23 19:38:56 ✅ Triggers: qemu/1:8.1.3+ds-1ubuntu1~ppa1
  qemu @ ppc64el:
    http://autopkgtest.ubuntu.com/results/autopkgtest-noble-sergiodj-qemu/noble/ppc64el/q/qemu/20231123_192154_113bf@/log.gz
    23.11.23 19:21:54 ✅ Triggers: qemu/1:8.1.3+ds-1ubuntu1~ppa1
  qemu @ s390x:
    http://autopkgtest.ubuntu.com/results/autopkgtest-noble-sergiodj-qemu/noble/s390x/q/qemu/20231123_220011_113bf@/log.gz
    23.11.23 22:00:11 ✅ Triggers: qemu/1:8.1.3+ds-1ubuntu1~ppa1

qemu-migration-test results:

Still running.

To post a comment you must log in.

Unmerged commits

93d6e6d... by Sergio Durigan Junior

Regenerate d/control

9d5a7c4... by Sergio Durigan Junior

update-maintainer

28dc581... by Sergio Durigan Junior

reconstruct-changelog

206caf2... by Sergio Durigan Junior

merge-changelogs

072574d... by Sergio Durigan Junior

    - d/rules: Get rid of binary-helper target; explicitly invoke its
      commands under binary-{arch,indep}. This makes the build succeed
      again in Ubuntu, where binary-helper wasn't being properly invoked.
      [ Fixed in Debian. ]

2084297... by Sergio Durigan Junior

  * Drop changes:
    - d/rules: Incorporate the following changes from Debian unstable, in
      order to fix the FTBFS caused by -fcf-protection:
      + d/rules: move icons install rules to install-misc section
      + d/rules: stop running whole thing with dh, take back *-indep sequence
      + d/rules: implement arch-dependent install/build targets without dh too
      [ Fixed in Debian. ]

051572d... by Sergio Durigan Junior

    - d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto
      hardware to Secure Execution guests. (LP: #2003673)

be59b52... by Sergio Durigan Junior

    - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
      + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
        fix qboot FTBFS with LTO

6dd5b25... by Sergio Durigan Junior

    - Ease the use of module retention on upgrades (LP 1913421)
      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade

669292e... by Sergio Durigan Junior

    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
        reference 256k path
      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
        handle incoming migrations from former releases.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 23617f0..c7e6aa7 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,51 @@
6+qemu (1:8.1.3+ds-1ubuntu1) noble; urgency=medium
7+
8+ * Merge with Debian unstable. Remaining changes:
9+ - qemu-kvm to systemd unit
10+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
11+ hugepages and architecture specifics
12+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
13+ qemu-kvm-init
14+ - d/qemu-system-common.install: install helper script
15+ - d/qemu-system-common.qemu-kvm.default: defaults for
16+ /etc/default/qemu-kvm
17+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
18+ - Distribution specific machine type
19+ (LP 1304107 1621042 1776189 1761372 1761372 1776189)
20+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
21+ types containing release versioned machine attributes
22+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
23+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
24+ - Enable nesting by default
25+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
26+ in qemu64 on amd
27+ [ No more strictly needed, but required for backward compatibility ]
28+ - tolerate ipxe size change on migrations to >=18.04 (LP 1713490)
29+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
30+ reference 256k path
31+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
32+ handle incoming migrations from former releases.
33+ - Ease the use of module retention on upgrades (LP 1913421)
34+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
35+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
36+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
37+ fix qboot FTBFS with LTO
38+ - d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto
39+ hardware to Secure Execution guests. (LP #2003673)
40+ * Drop changes:
41+ - d/rules: Incorporate the following changes from Debian unstable, in
42+ order to fix the FTBFS caused by -fcf-protection:
43+ + d/rules: move icons install rules to install-misc section
44+ + d/rules: stop running whole thing with dh, take back *-indep sequence
45+ + d/rules: implement arch-dependent install/build targets without dh too
46+ [ Fixed in Debian. ]
47+ - d/rules: Get rid of binary-helper target; explicitly invoke its
48+ commands under binary-{arch,indep}. This makes the build succeed
49+ again in Ubuntu, where binary-helper wasn't being properly invoked.
50+ [ Fixed in Debian. ]
51+
52+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 22 Nov 2023 21:34:19 -0500
53+
54 qemu (1:8.1.3+ds-1) unstable; urgency=medium
55
56 * new upstream stable/bugfix release
57@@ -209,6 +257,72 @@ qemu (1:8.0.4+dfsg-2) unstable; urgency=medium
58
59 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 21 Aug 2023 09:57:59 +0300
60
61+qemu (1:8.0.4+dfsg-1ubuntu5) noble; urgency=medium
62+
63+ * d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto
64+ hardware to Secure Execution guests. (LP: #2003673)
65+
66+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Thu, 16 Nov 2023 10:35:58 -0500
67+
68+qemu (1:8.0.4+dfsg-1ubuntu4) noble; urgency=medium
69+
70+ * Rebuild against new libnfs14.
71+
72+ -- Gianfranco Costamagna <locutusofborg@debian.org> Fri, 27 Oct 2023 10:46:01 +0200
73+
74+qemu (1:8.0.4+dfsg-1ubuntu3) mantic; urgency=medium
75+
76+ * d/rules: Get rid of binary-helper target; explicitly invoke its
77+ commands under binary-{arch,indep}. This makes the build succeed
78+ again in Ubuntu, where binary-helper wasn't being properly invoked.
79+
80+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Tue, 03 Oct 2023 18:13:20 -0400
81+
82+qemu (1:8.0.4+dfsg-1ubuntu2) mantic; urgency=medium
83+
84+ * d/rules: Incorporate the following changes from Debian unstable, in
85+ order to fix the FTBFS caused by -fcf-protection:
86+ - d/rules: implement arch-dependent install/build targets without dh too
87+ - d/rules: stop running whole thing with dh, take back *-indep sequence
88+ - d/rules: move icons install rules to install-misc section
89+
90+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 27 Sep 2023 14:53:27 -0400
91+
92+qemu (1:8.0.4+dfsg-1ubuntu1) mantic; urgency=medium
93+
94+ * Merge with Debian unstable. Remaining changes:
95+ - qemu-kvm to systemd unit
96+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
97+ hugepages and architecture specifics
98+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
99+ qemu-kvm-init
100+ - d/qemu-system-common.install: install helper script
101+ - d/qemu-system-common.qemu-kvm.default: defaults for
102+ /etc/default/qemu-kvm
103+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
104+ - Distribution specific machine type
105+ (LP 1304107 1621042 1776189 1761372 1761372 1776189)
106+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
107+ types containing release versioned machine attributes
108+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
109+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
110+ - Enable nesting by default
111+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
112+ in qemu64 on amd
113+ [ No more strictly needed, but required for backward compatibility ]
114+ - tolerate ipxe size change on migrations to >=18.04 (LP 1713490)
115+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
116+ reference 256k path
117+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
118+ handle incoming migrations from former releases.
119+ - Ease the use of module retention on upgrades (LP 1913421)
120+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
121+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
122+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
123+ fix qboot FTBFS with LTO
124+
125+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Mon, 14 Aug 2023 16:28:34 -0400
126+
127 qemu (1:8.0.4+dfsg-1) unstable; urgency=medium
128
129 * new upstream stable/bugfix release
130@@ -235,6 +349,41 @@ qemu (1:8.0.3+dfsg-5) unstable; urgency=medium
131
132 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 02 Aug 2023 10:55:50 +0300
133
134+qemu (1:8.0.3+dfsg-4ubuntu1) mantic; urgency=medium
135+
136+ * Merge with Debian unstable (LP: #2028873, #2028124). Remaining changes:
137+ - qemu-kvm to systemd unit
138+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
139+ hugepages and architecture specifics
140+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
141+ qemu-kvm-init
142+ - d/qemu-system-common.install: install helper script
143+ - d/qemu-system-common.qemu-kvm.default: defaults for
144+ /etc/default/qemu-kvm
145+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
146+ - Distribution specific machine type
147+ (LP 1304107 1621042 1776189 1761372 1761372 1776189)
148+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
149+ types containing release versioned machine attributes
150+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
151+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
152+ - Enable nesting by default
153+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
154+ in qemu64 on amd
155+ [ No more strictly needed, but required for backward compatibility ]
156+ - tolerate ipxe size change on migrations to >=18.04 (LP 1713490)
157+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
158+ reference 256k path
159+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
160+ handle incoming migrations from former releases.
161+ - Ease the use of module retention on upgrades (LP 1913421)
162+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
163+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
164+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
165+ fix qboot FTBFS with LTO
166+
167+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Mon, 31 Jul 2023 23:09:27 -0400
168+
169 qemu (1:8.0.3+dfsg-4) unstable; urgency=medium
170
171 * more linux-user address fixes from Helge Deller
172@@ -307,6 +456,59 @@ qemu (1:8.0.2+dfsg-3) unstable; urgency=medium
173
174 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 29 Jun 2023 18:36:33 +0300
175
176+qemu (1:8.0.2+dfsg-2ubuntu1) mantic; urgency=medium
177+
178+ * Merge with Debian unstable (LP: #2018103). Remaining changes:
179+ - qemu-kvm to systemd unit
180+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
181+ hugepages and architecture specifics
182+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
183+ qemu-kvm-init
184+ - d/qemu-system-common.install: install helper script
185+ - d/qemu-system-common.qemu-kvm.default: defaults for
186+ /etc/default/qemu-kvm
187+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
188+ - Distribution specific machine type
189+ (LP 1304107 1621042 1776189 1761372 1761372 1776189)
190+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
191+ types containing release versioned machine attributes
192+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
193+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
194+ - Enable nesting by default
195+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
196+ in qemu64 on amd
197+ [ No more strictly needed, but required for backward compatibility ]
198+ - tolerate ipxe size change on migrations to >=18.04 (LP 1713490)
199+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
200+ reference 256k path
201+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
202+ handle incoming migrations from former releases.
203+ - Ease the use of module retention on upgrades (LP 1913421)
204+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
205+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
206+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
207+ fix qboot FTBFS with LTO
208+ * Drop changes:
209+ - d/control-in: libnfs is in main since focal, enable direct nfs
210+ storage support (LP 1988704)
211+ [ Adopted by Debian. ]
212+ - d/control-in: libsndio is in universe in ubuntu
213+ [ Adopted by Debian. ]
214+ - Fix FTBFS with glibc >= 2.36. (LP #2015418)
215+ + d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary
216+ upstream commits that were working around a glibc issue.
217+ [ Incorporated upstream. ]
218+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
219+ [ Debian linked the qemu-system-x86 documentation with the
220+ qemu-system-common package, rendering this README file not
221+ applicable. ]
222+ - d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating
223+ hot-unplug requests by making ACPI PCI able to requeue them.
224+ (LP #2018733)
225+ [ Applied upstream. ]
226+
227+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Mon, 19 Jun 2023 15:45:09 -0400
228+
229 qemu (1:8.0.2+dfsg-2) unstable; urgency=medium
230
231 * d/rules: --enable-libusb for xen build (Closes: #1037341)
232@@ -532,6 +734,66 @@ qemu (1:8.0~rc2+dfsg-1) experimental; urgency=medium
233
234 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Mar 2023 15:44:21 +0300
235
236+qemu (1:7.2+dfsg-5ubuntu3) mantic; urgency=medium
237+
238+ * d/p/u/allow-repeating-hot-unplug-requests.patch: Allow repeating
239+ hot-unplug requests by making ACPI PCI able to requeue them.
240+ (LP: #2018733)
241+
242+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Thu, 18 May 2023 15:13:14 -0400
243+
244+qemu (1:7.2+dfsg-5ubuntu2) lunar; urgency=medium
245+
246+ * Fix FTBFS with glibc >= 2.36. (LP: #2015418)
247+ - d/p/fix-ftbfs-glibc-*.patch: Revert now-unnecessary
248+ upstream commits that were working around a glibc issue.
249+
250+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 05 Apr 2023 20:10:13 -0400
251+
252+qemu (1:7.2+dfsg-5ubuntu1) lunar; urgency=medium
253+
254+ * Re-merge with Debian unstable to pick up stabilization fixes
255+ remaining changes:
256+ - qemu-kvm to systemd unit
257+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
258+ hugepages and architecture specifics
259+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
260+ qemu-kvm-init
261+ - d/qemu-system-common.install: install helper script
262+ - d/qemu-system-common.qemu-kvm.default: defaults for
263+ /etc/default/qemu-kvm
264+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
265+ - Distribution specific machine type
266+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
267+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
268+ types containing release versioned machine attributes
269+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
270+ for host-phys-bits=true
271+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
272+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
273+ - Enable nesting by default
274+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
275+ in qemu64 on amd
276+ [ No more strictly needed, but required for backward compatibility ]
277+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
278+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
279+ reference 256k path
280+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
281+ handle incoming migrations from former releases.
282+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
283+ - Ease the use of module retention on upgrades (LP 1913421)
284+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
285+ - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
286+ landed in Debian but under a different name.
287+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
288+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
289+ fix qboot FTBFS with LTO
290+ - d/control-in: libnfs is in main since focal, enable direct nfs
291+ storage support (LP 1988704)
292+ - d/control-in: libsndio is in universe in ubuntu
293+
294+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2023 08:50:45 +0100
295+
296 qemu (1:7.2+dfsg-5) unstable; urgency=medium
297
298 * d/qemu-guest-agent.udev: fix missing comma
299@@ -571,6 +833,89 @@ qemu (1:7.2+dfsg-5) unstable; urgency=medium
300
301 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 05 Mar 2023 20:09:04 +0300
302
303+qemu (1:7.2+dfsg-4ubuntu1) lunar; urgency=medium
304+
305+ * Merge with Debian unstable (LP: #1993438), among many other fixes
306+ this resolvs these bugs:
307+ (LP: #1957924) - support for querying stats,
308+ (LP: #1853307) - Enhanced Interpretation for PCI Functions (s390x)
309+ (LP: #1959966) - guest dump encryption with customer keys (s390x)
310+ (LP: #1999885) - pv: don't allow userspace to set the clock under PV
311+ (LP: #1957924) - add filtering of statistics by target vCPU
312+ remaining changes:
313+ - qemu-kvm to systemd unit
314+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
315+ hugepages and architecture specifics
316+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
317+ qemu-kvm-init
318+ - d/qemu-system-common.install: install helper script
319+ - d/qemu-system-common.qemu-kvm.default: defaults for
320+ /etc/default/qemu-kvm
321+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
322+ - Distribution specific machine type
323+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
324+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
325+ types containing release versioned machine attributes
326+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
327+ for host-phys-bits=true
328+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
329+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
330+ - Enable nesting by default
331+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
332+ in qemu64 on amd
333+ [ No more strictly needed, but required for backward compatibility ]
334+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
335+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
336+ reference 256k path
337+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
338+ handle incoming migrations from former releases.
339+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
340+ - Ease the use of module retention on upgrades (LP 1913421)
341+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
342+ - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
343+ landed in Debian but under a different name.
344+ - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
345+ + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
346+ fix qboot FTBFS with LTO
347+ * Dropped Changes [now part of upstream v7.2.0]
348+ - d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt
349+ error 'migration was active, but no RAM info was set' (LP 1994002)
350+ - d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch:
351+ Fix FTBFS with libbpf 1.0.1-2.
352+ + Header updates that were added as part of the libbpf fixes
353+ but not mentioned in changelog
354+ - d/p/u/lp-1981339-*: fix s390x system emulation (LP 1981339)
355+ - Fix I/O stalls when using NVMe storage (LP 1970737).
356+ + d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
357+ in laio_io_unplug.
358+ - SECURITY UPDATE: heap overflow in floppy disk emulator
359+ + debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
360+ hw/block/fdc.c.
361+ - SECURITY UPDATE: use-after-free vulnerability
362+ + debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
363+ lsi_do_msgout
364+ - SECURITY UPDATE: heap overflow vulnerability
365+ + debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
366+ memories
367+ - SECURITY UPDATE: integer underflow vulnerability
368+ + debian/patches/CVE-2022-3165.patch: fix integer underflow in
369+ vnc_client_cut_text_ext
370+ * Dropped Changes in regard to GCC-12 FTBFS (LP 1988710)
371+ [not all are needed in lunar]
372+ - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch.
373+ Silence -Warray-bounds false positive [no more needed]
374+ - d/rules: set -O1 for alpha firmware build
375+ - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch:
376+ further FTBFS fixup
377+ * Dropped Changes [in Debian 1:7.2+dfsg-3]
378+ - d/rules: disable LTO on non-amd64 builds (LP 1921664)
379+ * Added Changes
380+ - d/control-in: libnfs is in main since focal, enable direct nfs
381+ storage support (LP: #1988704)
382+ - d/control-in: libsndio is in universe in ubuntu
383+
384+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Jan 2023 13:18:43 +0100
385+
386 qemu (1:7.2+dfsg-4) unstable; urgency=medium
387
388 * block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch:
389@@ -708,6 +1053,126 @@ qemu (1:7.1+dfsg-1) unstable; urgency=medium
390
391 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 12 Sep 2022 11:50:53 +0300
392
393+qemu (1:7.0+dfsg-7ubuntu4) lunar; urgency=medium
394+
395+ * SECURITY UPDATE: use-after-free vulnerability
396+ - debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
397+ lsi_do_msgout
398+ - CVE-2022-0216
399+ * SECURITY UPDATE: heap overflow vulnerability
400+ - debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
401+ memories
402+ - CVE-2022-2962
403+ * SECURITY UPDATE: integer underflow vulnerability
404+ - debian/patches/CVE-2022-3165.patch: fix integer underflow in
405+ vnc_client_cut_text_ext
406+ - CVE-2022-3165
407+
408+ -- Nishit Majithia <nishit.majithia@canonical.com> Fri, 09 Dec 2022 10:25:52 +0530
409+
410+qemu (1:7.0+dfsg-7ubuntu3) lunar; urgency=medium
411+
412+ [ Brett Milford ]
413+ * d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt
414+ error 'migration was active, but no RAM info was set' (LP: #1994002)
415+
416+ [ Mauricio Faria de Oliveira ]
417+ * d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch:
418+ Fix FTBFS with libbpf 1.0.1-2.
419+
420+ -- Mauricio Faria de Oliveira <mfo@canonical.com> Wed, 30 Nov 2022 12:17:51 -0300
421+
422+qemu (1:7.0+dfsg-7ubuntu2) kinetic; urgency=medium
423+
424+ [ Paride Legovini ]
425+ * d/rules: disable LTO on non-amd64 builds (LP: #1921664)
426+ * GCC-12 FTBFS (LP: #1988710)
427+ - d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch.
428+ Silence -Warray-bounds false positive (treated as error)
429+
430+ [ Christian Ehrhardt ]
431+ * More on GCC-12 FTBFS (LP 1988710)
432+ - d/rules: set -O1 for alpha firmware build
433+ - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch:
434+ further FTBFS fixup
435+
436+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2022 08:07:24 +0200
437+
438+qemu (1:7.0+dfsg-7ubuntu1) kinetic; urgency=medium
439+
440+ * Merge with Debian unstable (LP: #1971315)(LP: #1980896), remaining changes:
441+ - qemu-kvm to systemd unit
442+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
443+ hugepages and architecture specifics
444+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
445+ qemu-kvm-init
446+ - d/qemu-system-common.install: install helper script
447+ - d/qemu-system-common.qemu-kvm.default: defaults for
448+ /etc/default/qemu-kvm
449+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
450+ - Distribution specific machine type
451+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
452+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
453+ types containing release versioned machine attributes
454+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
455+ for host-phys-bits=true
456+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
457+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
458+ - Enable nesting by default
459+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
460+ in qemu64 on amd
461+ [ No more strictly needed, but required for backward compatibility ]
462+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
463+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
464+ reference 256k path
465+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
466+ handle incoming migrations from former releases.
467+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
468+ - Ease the use of module retention on upgrades (LP 1913421)
469+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
470+ - Fix I/O stalls when using NVMe storage (LP 1970737).
471+ - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
472+ in laio_io_unplug.
473+ - SECURITY UPDATE: heap overflow in floppy disk emulator
474+ - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
475+ hw/block/fdc.c.
476+ - CVE-2021-3507
477+ * Dropped Changes [now part of 1:7.0+dfsg-7]:
478+ - d/rules: xen libexec dir is no more versioned
479+ - d/rules: ensure xen is built on x86
480+ - d/kvm-spice: fix when acceleration is already defined on the commandline
481+ - debian/control[-in]: no more disable glusterfs in Ubuntu (LP 1246924)
482+ * Dropped Changes [now part of upstream v7.0.0]
483+ - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch
484+ Allow long kernel command lines for QEMU (LP 1959984)
485+ - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list
486+ - d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit
487+ tcg on s390x.
488+ - Fix diff handling on ceph that can cause data corruption (LP 1968258)
489+ - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch
490+ - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch
491+ - d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock
492+ in vnc connections (LP 1970563)
493+ - All CVE fixes of 1:6.2+dfsg-2ubuntu8 except CVE-2021-3507
494+ * Dropped Changes
495+ - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
496+ add patch to workaround FTBFS when building against OpenSSL 3.0.
497+ [ now working with OpenSSL 3.0 ]
498+ - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
499+ -fcf-protection being unavailble on -march=i486 (LP 1940029)
500+ [ fixed in compiler toolchain ]
501+ - Make qemu-system-x86-microvm a transitional package as the binary is now
502+ in qemu-system-x86 itself.
503+ [ no more needed]
504+ * Added Changes
505+ - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
506+ landed in Debian but under a different name.
507+ - d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS
508+ with LTO
509+ - d/p/u/lp-1981339-*: fix s390x system emulation (LP: #1981339)
510+
511+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jul 2022 12:07:19 +0200
512+
513 qemu (1:7.0+dfsg-7) unstable; urgency=medium
514
515 * d/tests/test-qemu-user: rework ls/glob test a bit
516@@ -842,6 +1307,141 @@ qemu (1:6.2+dfsg-3) unstable; urgency=medium
517
518 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 25 Feb 2022 12:01:46 +0300
519
520+qemu (1:6.2+dfsg-2ubuntu8) kinetic; urgency=medium
521+
522+ [ Marc Deslauriers ]
523+ * SECURITY UPDATE: heap overflow in floppy disk emulator
524+ - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
525+ hw/block/fdc.c.
526+ - CVE-2021-3507
527+ * SECURITY UPDATE: use-after-free in nvme
528+ - debian/patches/CVE-2021-3929.patch: deny DMA to the iomem of the
529+ device itself in hw/nvme/ctrl.c.
530+ - CVE-2021-3929
531+ * SECURITY UPDATE: integer overflow in QXL display device emulation
532+ - debian/patches/CVE-2021-4206.patch: check width and height in
533+ hw/display/qxl-render.c, hw/display/vmware_vga.c, ui/cursor.c.
534+ - CVE-2021-4206
535+ * SECURITY UPDATE: heap overflow in QXL display device emulation
536+ - debian/patches/CVE-2021-4207.patch: fix race condition in qxl_cursor
537+ in hw/display/qxl-render.c.
538+ - CVE-2021-4207
539+ * SECURITY UPDATE: potential privilege escalation in virtiofsd
540+ - debian/patches/CVE-2022-0358.patch: Drop membership of all
541+ supplementary groups in tools/virtiofsd/passthrough_ll.c.
542+ - CVE-2022-0358
543+ * SECURITY UPDATE: memory leakage in virtio-net device
544+ - debian/patches/CVE-2022-26353.patch: fix map leaking on error during
545+ receive in hw/net/virtio-net.c.
546+ - CVE-2022-26353
547+ * SECURITY UPDATE: memory leakage in vhost-vsock device
548+ - debian/patches/CVE-2022-26354.patch: detach the virqueue element in
549+ case of error in hw/virtio/vhost-vsock-common.c.
550+ - CVE-2022-26354
551+
552+ [ Sergio Durigan Junior ]
553+ * Fix I/O stalls when using NVMe storage (LP: #1970737).
554+ - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
555+ in laio_io_unplug.
556+
557+ -- Sergio Durigan Junior <sergio.durigan@canonical.com> Wed, 22 Jun 2022 15:38:37 -0400
558+
559+qemu (1:6.2+dfsg-2ubuntu7) kinetic; urgency=medium
560+
561+ * d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock
562+ in vnc connections (LP: #1970563)
563+
564+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 May 2022 08:25:20 +0200
565+
566+qemu (1:6.2+dfsg-2ubuntu6) jammy; urgency=medium
567+
568+ * debian/control[-in]: no more disable glusterfs in Ubuntu (LP: #1246924)
569+ * Fix diff handling on ceph that can cause data corruption (LP: #1968258)
570+ - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch
571+ - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch
572+
573+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 08 Apr 2022 09:36:34 +0200
574+
575+qemu (1:6.2+dfsg-2ubuntu5) jammy; urgency=medium
576+
577+ * d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit
578+ tcg on s390x.
579+
580+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 17 Feb 2022 09:54:36 +0100
581+
582+qemu (1:6.2+dfsg-2ubuntu4) jammy; urgency=medium
583+
584+ * No-change rebuild to update maintainer scripts, see LP: 1959054
585+
586+ -- Dave Jones <dave.jones@canonical.com> Wed, 16 Feb 2022 17:28:14 +0000
587+
588+qemu (1:6.2+dfsg-2ubuntu3) jammy; urgency=medium
589+
590+ * Merge with Debian unstable, remaining changes:
591+ - qemu-kvm to systemd unit
592+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
593+ hugepages and architecture specifics
594+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
595+ qemu-kvm-init
596+ - d/qemu-system-common.install: install helper script
597+ - d/qemu-system-common.qemu-kvm.default: defaults for
598+ /etc/default/qemu-kvm
599+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
600+ - Distribution specific machine type
601+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
602+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
603+ types containing release versioned machine attributes
604+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
605+ for host-phys-bits=true
606+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
607+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
608+ - Enable nesting by default
609+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
610+ in qemu64 on amd
611+ [ No more strictly needed, but required for backward compatibility ]
612+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
613+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
614+ reference 256k path
615+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
616+ handle incoming migrations from former releases.
617+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
618+ - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
619+ add patch to workaround FTBFS when building against OpenSSL 3.0.
620+ - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
621+ -fcf-protection being unavailble on -march=i486 (LP 1940029)
622+ - Ease the use of module retention on upgrades (LP 1913421)
623+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
624+ - Make qemu-system-x86-microvm a transitional package as the binary is now
625+ in qemu-system-x86 itself.
626+ * Dropped Changes [now part of 1:6.1+dfsg-8]:
627+ - updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code
628+ (#993658) (LP 1947860)
629+ - improved dependencies
630+ - Make qemu-system-common depend on qemu-block-extra
631+ - Make qemu-utils depend on qemu-block-extra
632+ - d/control*, d/rules: disable xen by default, but provide universe
633+ package qemu-system-x86-xen as alternative
634+ [includes compat links changes of 5.0-5ubuntu4]
635+ - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926)
636+ * Dropped Changes [now part of upstream]
637+ - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931
638+ and 3932 machines (LP 1932175)
639+ - d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix
640+ migration with audio devices present (LP 1940288)
641+ * Added changes:
642+ - update patches for qemu v6.2.0
643+ - d/p/u/enable-svm-by-default.patch
644+ - d/p/u/define-ubuntu-machine-types.patch
645+ - d/p/u/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch
646+ - d/rules: xen libexec dir is no more versioned
647+ - d/rules: ensure xen is built on x86
648+ - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch
649+ Allow long kernel command lines for QEMU (LP: #1959984)
650+ - d/kvm-spice: fix when acceleration is already defined on the commandline
651+ - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list
652+
653+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 05 Jan 2022 12:18:25 +0100
654+
655 qemu (1:6.2+dfsg-2) unstable; urgency=medium
656
657 * bump meson build-dep to 0.59.3
658@@ -1063,6 +1663,95 @@ qemu (1:6.0+dfsg-3) unstable; urgency=medium
659
660 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 17 Aug 2021 17:49:10 +0300
661
662+qemu (1:6.0+dfsg-2expubuntu4) jammy; urgency=medium
663+
664+ * d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
665+ add patch to workaround FTBFS when building against OpenSSL 3.0.
666+ Thanks to Christian Ehrhardt (LP: #1952448)
667+
668+ -- Paride Legovini <paride@ubuntu.com> Fri, 26 Nov 2021 15:47:51 +0100
669+
670+qemu (1:6.0+dfsg-2expubuntu3) jammy; urgency=medium
671+
672+ * No-change rebuild against liburing2
673+
674+ -- Paride Legovini <paride@ubuntu.com> Mon, 22 Nov 2021 18:00:26 +0100
675+
676+qemu (1:6.0+dfsg-2expubuntu2) jammy; urgency=medium
677+
678+ * updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code
679+ (#993658) (LP: #1947860)
680+
681+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 03 Nov 2021 14:10:56 +0100
682+
683+qemu (1:6.0+dfsg-2expubuntu1) impish; urgency=medium
684+
685+ * Merge with Debian experimental, remaining changes:
686+ - qemu-kvm to systemd unit
687+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
688+ hugepages and architecture specifics
689+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
690+ qemu-kvm-init
691+ - d/qemu-system-common.install: install helper script
692+ - d/qemu-system-common.qemu-kvm.default: defaults for
693+ /etc/default/qemu-kvm
694+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
695+ - Distribution specific machine type
696+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
697+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
698+ types containing release versioned machine attributes
699+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
700+ for host-phys-bits=true
701+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
702+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
703+ - Enable nesting by default
704+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
705+ in qemu64 on amd
706+ [ No more strictly needed, but required for backward compatibility ]
707+ - improved dependencies
708+ - Make qemu-system-common depend on qemu-block-extra
709+ - Make qemu-utils depend on qemu-block-extra
710+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
711+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
712+ reference 256k path
713+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
714+ handle incoming migrations from former releases.
715+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
716+ - d/control*, d/rules: disable xen by default, but provide universe
717+ package qemu-system-x86-xen as alternative
718+ [includes compat links changes of 5.0-5ubuntu4]
719+ - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
720+ - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
721+ for v6.0
722+ - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926)
723+ - Ease the use of module retention on upgrades (LP 1913421)
724+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
725+ * Dropped Changes [in 1:6.0+dfsg-2exp]:
726+ - d/control-in: Disable capstone disassembler library support (universe)
727+ - Disable fuse export (universe dependency)
728+ - Ease the use of module retention on upgrades (LP 1913421)
729+ - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
730+ - d/rules: only save modules if /run/qemu isn't noexec
731+ - d/rules: clear all (current and former) modules on purge
732+ - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
733+ upgrade issues (LP 1932264)
734+ - Enable SDL as secondary UI backend (LP 1256185)
735+ - d/control: add build dependency libsdl2-dev
736+ - d/control: enable sdl graphics on build
737+ - d/qemu-system-gui.install: add ui-sdl.so
738+ - d/control: add runtime dependency to libgl1
739+ * Dropped Changes [no more needed]
740+ - let qemu-utils recommend sharutils
741+ * Added changes:
742+ - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
743+ -fcf-protection being unavailble on -march=i486 (LP: #1940029)
744+ - d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931
745+ and 3932 machines (LP: #1932175)
746+ - d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix
747+ migration with audio devices present (LP: #1940288)
748+
749+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 12 Aug 2021 15:35:12 +0200
750+
751 qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
752
753 [ Christian Ehrhardt ]
754@@ -1100,6 +1789,104 @@ qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
755
756 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 21 Jul 2021 19:43:37 +0300
757
758+qemu (1:6.0+dfsg-1~ubuntu3) impish; urgency=medium
759+
760+ * d/p/u/lp-1935617-target-ppc-Fix-load-endianness-for-lxvwsx-lxvdsx.patch:
761+ fix TCG emulation for ppc64 (LP: #1935617)
762+
763+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 13 Jul 2021 09:34:55 +0200
764+
765+qemu (1:6.0+dfsg-1~ubuntu2) impish; urgency=medium
766+
767+ * d/control: remove fuse2 trial-build (LP 1934510)
768+
769+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 07 Jul 2021 10:26:08 +0200
770+
771+qemu (1:6.0+dfsg-1~ubuntu1) impish; urgency=medium
772+
773+ * Merge with Debian experimental, Among many other things this fixes LP Bugs:
774+ (LP: #1907952) broken arrow keys in -display gtk on aarch64
775+ - qemu-kvm to systemd unit
776+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
777+ hugepages and architecture specifics
778+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
779+ qemu-kvm-init
780+ - d/qemu-system-common.install: install helper script
781+ - d/qemu-system-common.qemu-kvm.default: defaults for
782+ /etc/default/qemu-kvm
783+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
784+ - Distribution specific machine type
785+ (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
786+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
787+ types containing release versioned machine attributes
788+ - d/qemu-system-x86.NEWS Info on fixed machine type defintions
789+ for host-phys-bits=true
790+ - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
791+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
792+ - Enable nesting by default
793+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
794+ in qemu64 on amd
795+ [ No more strictly needed, but required for backward compatibility ]
796+ - improved dependencies
797+ - Make qemu-system-common depend on qemu-block-extra
798+ - Make qemu-utils depend on qemu-block-extra
799+ - Let qemu-utils recommend sharutils
800+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
801+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
802+ reference 256k path
803+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
804+ handle incoming migrations from former releases.
805+ - d/control-in: Disable capstone disassembler library support (universe)
806+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
807+ - d/control*, d/rules: disable xen by default, but provide universe
808+ package qemu-system-x86-xen as alternative
809+ [includes compat links changes of 5.0-5ubuntu4]
810+ - Fix upgrade module handling (LP 1905377)
811+ --enable-module-upgrades for qemu-xen which doesn't exist in Debian
812+ * Dropped Changes [in 6.0]:
813+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
814+ ld usage of -no-pie (LP 1907789)
815+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
816+ virtio-9p-ccw being missing (LP 1916230)
817+ - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
818+ to glib2.0 >=2.67.3 (LP 1916705)
819+ - d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
820+ on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
821+ (LP 1921754)
822+ - d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
823+ (LP 1921880)
824+ - d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre*:
825+ fix go in qemu-s390x-static (LP 1922010)
826+ * Dropped Changes [in Debian]:
827+ - Allow qemu to load old modules post upgrade (LP 1847361)
828+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
829+ - d/rules: Drop generating package version into maintainer scripts
830+ * Dropped Changes [No more needed >21.04]:
831+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
832+ the bad old prerm (LP 1906245 1905377)
833+ * Added Changes
834+ - Disable fuse export (universe dependency)
835+ - d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
836+ - d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
837+ for v6.0
838+ - d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP: #1929926)
839+ - Ease the use of module retention on upgrades (LP: #1913421)
840+ - d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
841+ - d/rules: only save modules if /run/qemu isn't noexec
842+ - d/rules: clear all (current and former) modules on purge
843+ - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
844+ - d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
845+ upgrade issues (LP: #1932264)
846+ - Enable SDL as secondary UI backend (LP: #1256185)
847+ - d/control: add build dependency libsdl2-dev
848+ - d/control: enable sdl graphics on build
849+ - d/qemu-system-gui.install: add ui-sdl.so
850+ - d/control: add runtime dependency to libgl1
851+ - d/rules: qemu-system-x86-xen builds modules as well now (follows the
852+ other packages)
853+
854+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 15 Jun 2021 12:41:33 +0200
855+
856 qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium
857
858 * new upstream release
859@@ -1152,6 +1939,75 @@ qemu (1:5.2+dfsg-10) unstable; urgency=medium
860
861 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 16 Apr 2021 12:43:36 +0300
862
863+qemu (1:5.2+dfsg-9ubuntu3) hirsute; urgency=medium
864+
865+ * d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
866+ on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
867+ (LP: #1921754)
868+ * d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
869+ (LP: #1921880)
870+
871+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 07 Apr 2021 11:58:29 +0200
872+
873+qemu (1:5.2+dfsg-9ubuntu2) hirsute; urgency=medium
874+
875+ * d/p/u/lp-1922010-linux-user-s390x-Use-the-guest-pointer-for-the-sigre.patch:
876+ fix go in qemu-s390x-static (LP: #1922010)
877+
878+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 31 Mar 2021 10:01:40 +0200
879+
880+qemu (1:5.2+dfsg-9ubuntu1) hirsute; urgency=medium
881+
882+ * Merge with Debian unstable; Remaining changes:
883+ - qemu-kvm to systemd unit
884+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
885+ hugepages and architecture specifics
886+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
887+ qemu-kvm-init
888+ - d/qemu-system-common.install: install helper script
889+ - d/qemu-system-common.qemu-kvm.default: defaults for
890+ /etc/default/qemu-kvm
891+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
892+ - Distribution specific machine type (LP: 1304107 1621042)
893+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
894+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
895+ for host-phys-bits=true (LP: 1776189)
896+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
897+ - provide pseries-bionic-2.11-sxxm type as convenience with all
898+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
899+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
900+ - Enable nesting by default
901+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
902+ in qemu64 on amd
903+ [ No more strictly needed, but required for backward compatibility ]
904+ - improved dependencies
905+ - Make qemu-system-common depend on qemu-block-extra
906+ - Make qemu-utils depend on qemu-block-extra
907+ - let qemu-utils recommend sharutils
908+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
909+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
910+ reference 256k path
911+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
912+ handle incoming migrations from former releases.
913+ - d/control-in: Disable capstone disassembler library support (universe)
914+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
915+ - d/control*, d/rules: disable xen by default, but provide universe
916+ package qemu-system-x86-xen as alternative
917+ [includes compat links changes of 5.0-5ubuntu4]
918+ - allow qemu to load old modules post upgrade (LP 1847361)
919+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
920+ - d/rules: Drop generating package version into maintainer scripts
921+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
922+ the bad old prerm (LP 1906245 1905377)
923+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
924+ ld usage of -no-pie (LP 1907789)
925+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
926+ virtio-9p-ccw being missing (LP 1916230)
927+ - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
928+ to glib2.0 >=2.67.3 (LP 1916705)
929+
930+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 18 Mar 2021 11:13:49 +0100
931+
932 qemu (1:5.2+dfsg-9) unstable; urgency=medium
933
934 * do not make qemu-system-data dependent on qemu-system-foo
935@@ -1191,6 +2047,66 @@ qemu (1:5.2+dfsg-7) unstable; urgency=high
936
937 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Mar 2021 11:32:54 +0300
938
939+qemu (1:5.2+dfsg-6ubuntu2) hirsute; urgency=medium
940+
941+ * d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
942+ to glib2.0 >=2.67.3 (LP: #1916705)
943+
944+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 24 Feb 2021 08:39:09 +0100
945+
946+qemu (1:5.2+dfsg-6ubuntu1) hirsute; urgency=medium
947+
948+ * Merge with Debian unstable, includes fixes for
949+ - build operates differently if source is a git repo (LP: #1887535)
950+ Remaining changes:
951+ - qemu-kvm to systemd unit
952+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
953+ hugepages and architecture specifics
954+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
955+ qemu-kvm-init
956+ - d/qemu-system-common.install: install helper script
957+ - d/qemu-system-common.qemu-kvm.default: defaults for
958+ /etc/default/qemu-kvm
959+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
960+ - Distribution specific machine type (LP: 1304107 1621042)
961+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
962+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
963+ for host-phys-bits=true (LP: 1776189)
964+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
965+ - provide pseries-bionic-2.11-sxxm type as convenience with all
966+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
967+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
968+ - Enable nesting by default
969+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
970+ in qemu64 on amd
971+ [ No more strictly needed, but required for backward compatibility ]
972+ - improved dependencies
973+ - Make qemu-system-common depend on qemu-block-extra
974+ - Make qemu-utils depend on qemu-block-extra
975+ - let qemu-utils recommend sharutils
976+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
977+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
978+ reference 256k path
979+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
980+ handle incoming migrations from former releases.
981+ - d/control-in: Disable capstone disassembler library support (universe)
982+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
983+ - d/control*, d/rules: disable xen by default, but provide universe
984+ package qemu-system-x86-xen as alternative
985+ [includes compat links changes of 5.0-5ubuntu4]
986+ - allow qemu to load old modules post upgrade (LP 1847361)
987+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
988+ - d/rules: Drop generating package version into maintainer scripts
989+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
990+ the bad old prerm (LP 1906245 1905377)
991+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
992+ ld usage of -no-pie (LP 1907789)
993+ * Added changes
994+ - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
995+ virtio-9p-ccw being missing (LP: #1916230)
996+
997+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Feb 2021 11:40:36 +0100
998+
999 qemu (1:5.2+dfsg-6) unstable; urgency=medium
1000
1001 * deprecate qemu-debootstrap. It is not needed anymore with
1002@@ -1243,6 +2159,64 @@ qemu (1:5.2+dfsg-4) unstable; urgency=medium
1003
1004 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Feb 2021 16:52:10 +0300
1005
1006+qemu (1:5.2+dfsg-3ubuntu2) hirsute; urgency=medium
1007+
1008+ * No change rebuild to pick up liburing. (LP: #1914145)
1009+
1010+ -- Mauricio Faria de Oliveira <mfo@canonical.com> Wed, 03 Feb 2021 19:44:54 -0300
1011+
1012+qemu (1:5.2+dfsg-3ubuntu1) hirsute; urgency=medium
1013+
1014+ * Merge with Debian unstable, includes fixes for
1015+ - qemu-user-static are partially dynamically linked (LP: #1908331)
1016+ - qemu crashing when using spice without qemu-system-gui being
1017+ installed (LP: #1908577)
1018+ Remaining changes:
1019+ - qemu-kvm to systemd unit
1020+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1021+ hugepages and architecture specifics
1022+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1023+ qemu-kvm-init
1024+ - d/qemu-system-common.install: install helper script
1025+ - d/qemu-system-common.qemu-kvm.default: defaults for
1026+ /etc/default/qemu-kvm
1027+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1028+ - Distribution specific machine type (LP: 1304107 1621042)
1029+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
1030+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1031+ for host-phys-bits=true (LP: 1776189)
1032+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1033+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1034+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1035+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1036+ - Enable nesting by default
1037+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1038+ in qemu64 on amd
1039+ [ No more strictly needed, but required for backward compatibility ]
1040+ - improved dependencies
1041+ - Make qemu-system-common depend on qemu-block-extra
1042+ - Make qemu-utils depend on qemu-block-extra
1043+ - let qemu-utils recommend sharutils
1044+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1045+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1046+ reference 256k path
1047+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1048+ handle incoming migrations from former releases.
1049+ - d/control-in: Disable capstone disassembler library support (universe)
1050+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1051+ - d/control*, d/rules: disable xen by default, but provide universe
1052+ package qemu-system-x86-xen as alternative
1053+ [includes compat links changes of 5.0-5ubuntu4]
1054+ - allow qemu to load old modules post upgrade (LP 1847361)
1055+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
1056+ - d/rules: Drop generating package version into maintainer scripts
1057+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
1058+ the bad old prerm (LP 1906245 1905377)
1059+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
1060+ ld usage of -no-pie (LP 1907789)
1061+
1062+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Jan 2021 12:43:42 +0100
1063+
1064 qemu (1:5.2+dfsg-3) unstable; urgency=medium
1065
1066 [ Christian Ehrhardt ]
1067@@ -1259,6 +2233,64 @@ qemu (1:5.2+dfsg-3) unstable; urgency=medium
1068
1069 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 29 Dec 2020 15:07:03 +0300
1070
1071+qemu (1:5.2+dfsg-2ubuntu1) hirsute; urgency=medium
1072+
1073+ * Merge with Debian unstable
1074+ - includes fix for CVE-2020-17380
1075+ - includes a fix for s390x PCI device reset (LP: #1907656)
1076+ Remaining changes:
1077+ - qemu-kvm to systemd unit
1078+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1079+ hugepages and architecture specifics
1080+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1081+ qemu-kvm-init
1082+ - d/qemu-system-common.install: install helper script
1083+ - d/qemu-system-common.qemu-kvm.default: defaults for
1084+ /etc/default/qemu-kvm
1085+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1086+ - Distribution specific machine type (LP: 1304107 1621042)
1087+ - d/p/ubuntu/define-ubuntu-machine-types.patch: distro machine types
1088+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1089+ for host-phys-bits=true (LP: 1776189)
1090+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1091+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1092+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1093+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1094+ - Enable nesting by default
1095+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1096+ in qemu64 on amd
1097+ [ No more strictly needed, but required for backward compatibility ]
1098+ - improved dependencies
1099+ - Make qemu-system-common depend on qemu-block-extra
1100+ - Make qemu-utils depend on qemu-block-extra
1101+ - let qemu-utils recommend sharutils
1102+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1103+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1104+ reference 256k path
1105+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1106+ handle incoming migrations from former releases.
1107+ - d/control-in: Disable capstone disassembler library support (universe)
1108+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1109+ - d/control*, d/rules: disable xen by default, but provide universe
1110+ package qemu-system-x86-xen as alternative
1111+ [includes compat links changes of 5.0-5ubuntu4]
1112+ - allow qemu to load old modules post upgrade (LP 1847361)
1113+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
1114+ - d/rules: Drop generating package version into maintainer scripts
1115+ - d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
1116+ the bad old prerm (LP 1906245 1905377)
1117+ * Dropped Changes:
1118+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
1119+ resolved in gcc-10 (LP: 1890435) [it is flaky still, but no more 100%
1120+ fails]
1121+ * Added Changes:
1122+ - Refreshed ubuntu machine types for hirsute@5.2
1123+ - d/control: regenerated from d/control-in
1124+ - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
1125+ ld usage of -no-pie (LP: #1907789)
1126+
1127+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Dec 2020 16:44:47 +0100
1128+
1129 qemu (1:5.2+dfsg-2) unstable; urgency=medium
1130
1131 * move ui-opengl.so module from qemu-system-gui to qemu-system-common,
1132@@ -1304,6 +2336,153 @@ qemu (1:5.2+dfsg-1) unstable; urgency=medium
1133
1134 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 09 Dec 2020 08:57:41 +0300
1135
1136+qemu (1:5.1+dfsg-4ubuntu3) hirsute; urgency=medium
1137+
1138+ * d/qemu-system-gui.prerm: add no-op prerm to overcome upgrade issues on
1139+ the bad old prerm (LP: #1906245)
1140+
1141+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 30 Nov 2020 12:53:03 +0100
1142+
1143+qemu (1:5.1+dfsg-4ubuntu2) hirsute; urgency=medium
1144+
1145+ * Fix upgrade module handling (LP: #1905377)
1146+ This was accetped in a slightly different form in qemu_5.0-6 and therefore
1147+ allows to drop some former delta that is now conflicting.
1148+ Ubuntu still keeps enabling --enable-module-upgrades, but only for
1149+ qemu-xen which doesn't exist in Debian
1150+ - Drop d/qemu-block-extra.*.in, d/qemu-system-gui.*.in
1151+ - d/rules: Drop generating package version into maintainer scripts
1152+
1153+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Nov 2020 11:16:01 +0100
1154+
1155+qemu (1:5.1+dfsg-4ubuntu1) hirsute; urgency=medium
1156+
1157+ * Merge with Debian testing, remaining changes:
1158+ Fixes qemu-arm-static Assertion `guest_base != 0' failed (LP: #1897854)
1159+ - qemu-kvm to systemd unit
1160+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1161+ hugepages and architecture specifics
1162+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1163+ qemu-kvm-init
1164+ - d/qemu-system-common.install: install helper script
1165+ - d/qemu-system-common.qemu-kvm.default: defaults for
1166+ /etc/default/qemu-kvm
1167+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1168+ - Distribution specific machine type (LP: 1304107 1621042)
1169+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1170+ types
1171+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1172+ for host-phys-bits=true (LP: 1776189)
1173+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1174+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1175+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1176+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1177+ - Enable nesting by default
1178+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1179+ in qemu64 on amd
1180+ [ No more strictly needed, but required for backward compatibility ]
1181+ - improved dependencies
1182+ - Make qemu-system-common depend on qemu-block-extra
1183+ - Make qemu-utils depend on qemu-block-extra
1184+ - let qemu-utils recommend sharutils
1185+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1186+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1187+ reference 256k path
1188+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1189+ handle incoming migrations from former releases.
1190+ - d/control-in: Disable capstone disassembler library support (universe)
1191+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1192+ - d/control*, d/rules: disable xen by default, but provide universe
1193+ package qemu-system-x86-xen as alternative
1194+ [includes compat links changes of 5.0-5ubuntu4]
1195+ - allow qemu to load old modules post upgrade (LP 1847361)
1196+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
1197+ upgrade
1198+ - d/rules: generate maintainer scripts matching package version on build
1199+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
1200+ - d/control: regenerate debian/control out of control-in
1201+ * Dropped changes [in Debian or no more needed]
1202+ - d/control-in: disable pmem on ppc64 as it is currently considered
1203+ experimental on that architecture (pmdk v1.8-1)
1204+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
1205+ - d/rules: report config log from the correct subdir
1206+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
1207+ - Pick further changes for groovy from debian/master since 5.0-5
1208+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
1209+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_...patch
1210+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
1211+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
1212+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
1213+ - megasas-fix-possible-out-of-bounds-array-access.patch
1214+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
1215+ - es1370-check-total-frame-count-against-current-...-CVE-2020-13361.patch
1216+ - a few patches from the stable series:
1217+ - fix-tulip-breakage.patch
1218+ - 9p-lock-directory-streams-with-a-CoMutex.patch
1219+ Prevent deadlocks in 9pfs readdir code
1220+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
1221+ Fix newline accidentally sneaked into id string of a nic
1222+ - qemu-nbd-close-inherited-stderr.patch
1223+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
1224+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
1225+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
1226+ - acpi-tmr-allow-2-byte-reads.patch
1227+ - reapply CVE-2020-13253 fixes from upstream
1228+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
1229+ - linux-user-add-netlink-RTM_SETLINK-command.patch
1230+ - d/control: since qemu-system-data now contains module(s),
1231+ it can't be multi-arch. Ditto for qemu-block-extra.
1232+ - qemu-system-foo: depend on exact version of qemu-system-data,
1233+ due to the latter having modules
1234+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch'
1235+ This is another incarnation of the recent bugfix which actually enabled
1236+ memory access constraints, like #964247
1237+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
1238+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
1239+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
1240+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
1241+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
1242+ - do not install outdated (0.12 and before) Changelog
1243+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
1244+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
1245+ Closes: CVE-2020-15863
1246+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
1247+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
1248+ another fix for revert-memory-accept-.. CVE-2020-13754
1249+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
1250+ - d/control-in: build-dep libcap is no more needed
1251+ - arch aware kvm wrappers
1252+ [upstream now automatically enables KVM if available and called with
1253+ kvm* name, provides KVM as before but with auto-fallback to tcg.
1254+ Former behavior of KVM-or-die can be achieved via -machine accel=kvm ]
1255+ * Dropped changes [upstream now]
1256+ - d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
1257+ setup_len
1258+ - d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP 1887930)
1259+ - d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP 1894942)
1260+ - d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
1261+ from vfio-ccw (LP 1887935)
1262+ - fix qemu-user-static initialization to allow executing systemd (LP 1890881)
1263+ - fix assertion failue in net_tx_pkt_add_raw_fragment (LP 1891187)
1264+ - d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
1265+ SQXBR (LP 1883984)
1266+ - d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP 1890154)
1267+ - d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
1268+ environments (LP 1887763)
1269+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
1270+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
1271+ crashes it on shutdown (LP 1878973)
1272+ - update d/p/ubuntu/lp-1835546-* to the final versions
1273+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
1274+ FTBFS in groovy
1275+ * Added Changes:
1276+ - update ubuntu machine types for hirsute@5.1
1277+ - d/control: regenerated from d/control-in
1278+ - d/control, d/rules: build with gcc-9 on armhf as workaround until
1279+ resolved in gcc-10 (LP: 1890435)
1280+
1281+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 29 Oct 2020 12:37:31 +0100
1282+
1283 qemu (1:5.1+dfsg-4) unstable; urgency=high
1284
1285 * mention closing of CVE-2020-16092 by 5.1
1286@@ -1545,6 +2724,298 @@ qemu (1:5.0-6) unstable; urgency=medium
1287
1288 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 03 Jul 2020 18:24:48 +0300
1289
1290+qemu (1:5.0-5ubuntu11) hirsute; urgency=medium
1291+
1292+ * d/p/ubuntu/define-ubuntu-machine-types.patch: update to fix 15.04 wily
1293+ machine type to match how it originally was released (LP: #1902654)
1294+
1295+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Nov 2020 08:19:07 +0100
1296+
1297+qemu (1:5.0-5ubuntu10) hirsute; urgency=medium
1298+
1299+ * No-change rebuild for brltty soname change.
1300+
1301+ -- Matthias Klose <doko@ubuntu.com> Mon, 02 Nov 2020 16:59:33 +0100
1302+
1303+qemu (1:5.0-5ubuntu9) groovy; urgency=medium
1304+
1305+ * d/p/u/usb-fix-setup_len-init-CVE-2020-14364.patch: sanity check usb
1306+ setup_len
1307+ CVE-2020-14364
1308+
1309+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 22 Sep 2020 16:53:18 +0200
1310+
1311+qemu (1:5.0-5ubuntu8) groovy; urgency=medium
1312+
1313+ * d/p/u/lp-1887930-*: Enable Channel Path Handling for vfio-ccw (LP: #1887930)
1314+
1315+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 14 Sep 2020 08:23:49 +0200
1316+
1317+qemu (1:5.0-5ubuntu7) groovy; urgency=medium
1318+
1319+ * d/p/u/lp-1894942-*: fix virtio-ccw host/guest notification (LP: #1894942)
1320+
1321+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 Sep 2020 08:47:12 +0200
1322+
1323+qemu (1:5.0-5ubuntu6) groovy; urgency=medium
1324+
1325+ * d/p/ubuntu/lp-1887935-vfio-ccw-allow-non-prefetch-ORBs.patch: fix boot
1326+ from vfio-ccw (LP: #1887935)
1327+
1328+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Aug 2020 11:09:12 +0200
1329+
1330+qemu (1:5.0-5ubuntu5) groovy; urgency=medium
1331+
1332+ * fix qemu-user-static initialization to allow executing systemd
1333+ (LP: #1890881)
1334+ - d/p/u/lp1890881-linux-user-completely-re-write-init_guest_space.patch
1335+ - d/p/u/lp1890881-linux-user-deal-with-address-wrap-for-ARM_COMMPAGE-o.patch
1336+ - d/p/u/lp1890881-linux-user-don-t-use-MAP_FIXED-in-pgd_find_hole_fall.patch
1337+ - d/p/u/lp1890881-linux-user-elfload-use-MAP_FIXED_NOREPLACE-in-pgb_re.patch
1338+ - d/p/u/lp1890881-linux-user-limit-check-to-HOST_LONG_BITS-TARGET_ABI_.patch
1339+ - d/p/u/lp1890881-linux-user-provide-fallback-pgd_find_hole-for-bare-c.patch
1340+ * fix assertion failue in net_tx_pkt_add_raw_fragment (LP: #1891187)
1341+ CVE-2020-16092
1342+ - d/p/u/lp-1891187-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx.patch
1343+
1344+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 19 Aug 2020 07:19:42 +0200
1345+
1346+qemu (1:5.0-5ubuntu4) groovy; urgency=medium
1347+
1348+ * xen: provide compat links to what libxen-dev reports where to find
1349+ the binaries (LP: #1890005)
1350+ * d/p/ubuntu/lp-1883984-target-s390x-Fix-SQXBR.patch: avoid crash on
1351+ SQXBR (LP: #1883984)
1352+ * d/p/lp-1890154-*: fix -no-reboot on s390x secure boot (LP: #1890154)
1353+
1354+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 03 Aug 2020 07:15:28 +0200
1355+
1356+qemu (1:5.0-5ubuntu3) groovy; urgency=medium
1357+
1358+ * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI
1359+ environments (LP: #1887763)
1360+ * Pick further changes for groovy from debian/master since 5.0-5
1361+ - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
1362+ Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger
1363+ infinite recursion via a crafted mm_index value during
1364+ ati_mm_read or ati_mm_write call.
1365+ - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch
1366+ Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu
1367+ devices which uses min_access_size and max_access_size Memory API fields.
1368+ Also closes: CVE-2020-13791
1369+ - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
1370+ CVE-2020-13659: address_space_map in exec.c can trigger
1371+ a NULL pointer dereference related to BounceBuffer
1372+ - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
1373+ Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c
1374+ has an OOB read via a crafted reply_queue_head field from a guest OS user
1375+ - megasas-use-unsigned-type-for-positive-numeric-fields.patch
1376+ fix other possible cases like in CVE-2020-13362 (#961887)
1377+ - megasas-fix-possible-out-of-bounds-array-access.patch
1378+ Some tracepoints use a guest-controlled value as an index into the
1379+ mfi_frame_desc[] array. Thus a malicious guest could cause a very low
1380+ impact OOB errors here
1381+ - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
1382+ Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server.
1383+ This flaw occurs when an nbd-client sends a spec-compliant request that is
1384+ near the boundary of maximum permitted request length. A remote nbd-client
1385+ could use this flaw to crash the qemu-nbd server resulting in a DoS.
1386+ - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch
1387+ Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not
1388+ properly validate the frame count, which allows guest OS users to trigger
1389+ an out-of-bounds access during an es1370_write() operation
1390+ - a few patches from the stable series:
1391+ - fix-tulip-breakage.patch
1392+ The tulip network driver in a qemu-system-hppa emulation is broken in
1393+ the sense that bigger network packages aren't received any longer and
1394+ thus even running e.g. "apt update" inside the VM fails. Fix this.
1395+ - 9p-lock-directory-streams-with-a-CoMutex.patch
1396+ Prevent deadlocks in 9pfs readdir code
1397+ - net-do-not-include-a-newline-in-the-id-of-nic-device.patch
1398+ Fix newline accidentally sneaked into id string of a nic
1399+ - qemu-nbd-close-inherited-stderr.patch
1400+ - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
1401+ - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
1402+ - virtio-balloon-unref-the-iothread-when-unrealizing.patch
1403+ - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247)
1404+ - reapply CVE-2020-13253 fixed from upstream:
1405+ sdcard-simplify-realize-a-bit.patch (preparation for the next patch)
1406+ sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253)
1407+ sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational)
1408+ sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch
1409+ Closes: #961297, CVE-2020-13253
1410+ - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
1411+ (Closes: #965109)
1412+ - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289)
1413+ - d/control: since qemu-system-data now contains module(s),
1414+ it can't be multi-arch. Ditto for qemu-block-extra.
1415+ - qemu-system-foo: depend on exact version of qemu-system-data,
1416+ due to the latter having modules
1417+ - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793)
1418+ This is another incarnation of the recent bugfix which actually enabled
1419+ memory access constraints, like #964247
1420+ - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
1421+ this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch
1422+ and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
1423+ - xhci-fix-valid.max_access_size-to-access-address-registers.patch
1424+ fix one more incarnation of the breakage after the CVE-2020-13754 fix
1425+ - do not install outdated (0.12 and before) Changelog (Closes: #965381)
1426+ - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
1427+ ARM-only XGMAC NIC, possible buffer overflow during packet transmission
1428+ Closes: CVE-2020-15863
1429+ - sm501 OOB read/write due to integer overflow in sm501_2d_operation()
1430+ List of patches:
1431+ sm501-convert-printf-abort-to-qemu_log_mask.patch
1432+ sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
1433+ sm501-use-BIT-macro-to-shorten-constant.patch
1434+ sm501-clean-up-local-variables-in-sm501_2d_operation.patch
1435+ sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
1436+ Closes: #961451, CVE-2020-12829
1437+ - riscv-allow-64-bit-access-to-SiFive-CLINT.patch
1438+ another fix for revert-memory-accept-.. CVE-2020-13754
1439+ - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10
1440+
1441+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 Jul 2020 13:21:31 +0200
1442+
1443+qemu (1:5.0-5ubuntu2) groovy; urgency=medium
1444+
1445+ * No change rebuild against new libnettle8 and libhogweed6 ABI.
1446+
1447+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 29 Jun 2020 22:32:55 +0100
1448+
1449+qemu (1:5.0-5ubuntu1) groovy; urgency=medium
1450+
1451+ * Merge with Debian testing (LP: #1749393), remaining changes:
1452+ - qemu-kvm to systemd unit
1453+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1454+ hugepages and architecture specifics
1455+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1456+ qemu-kvm-init
1457+ - d/qemu-system-common.install: install helper script
1458+ - d/qemu-system-common.qemu-kvm.default: defaults for
1459+ /etc/default/qemu-kvm
1460+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1461+ - Distribution specific machine type (LP: 1304107 1621042)
1462+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1463+ types
1464+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1465+ for host-phys-bits=true (LP: 1776189)
1466+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1467+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1468+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1469+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1470+ - Enable nesting by default
1471+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1472+ in qemu64 on amd
1473+ [ No more strictly needed, but required for backward compatibility ]
1474+ - improved dependencies
1475+ - Make qemu-system-common depend on qemu-block-extra
1476+ - Make qemu-utils depend on qemu-block-extra
1477+ - let qemu-utils recommend sharutils
1478+ - arch aware kvm wrappers
1479+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1480+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1481+ reference 256k path
1482+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1483+ handle incoming migrations from former releases.
1484+ - d/control-in: Disable capstone disassembler library support (universe)
1485+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1486+ - d/control*, d/rules: disable xen by default, but provide universe
1487+ package qemu-system-x86-xen as alternative
1488+ [includes --disable-xen for user-static builds]
1489+ - d/control-in: disable pmem on ppc64 as it is currently considered
1490+ experimental on that architecture (pmdk v1.8-1)
1491+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
1492+ - d/rules: report config log from the correct subdir
1493+ - allow qemu to load old modules post upgrade (LP 1847361)
1494+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
1495+ upgrade
1496+ - d/rules: generate maintainer scripts matching package version on build
1497+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
1498+ - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546)
1499+ - d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
1500+ - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
1501+ crashes it on shutdown (LP 1878973)
1502+ * Dropped changes (no more needed)
1503+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1504+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1505+ in qemu64 cpu type.
1506+ - d/control: avoid upgrade issues triggered by moving ivshmem tools after
1507+ Debian. Fixed by bumping the related Breaks/Replaces to the
1508+ Version Ubuntu introduced the change (LP 1862287)
1509+ * Dropped changes (in Debian)
1510+ - improved s390x support
1511+ - d/binfmt-update-in: fix binfmt being called in some containers
1512+ (LP 1840956)
1513+ - qemu-system-x86-microvm package
1514+ In addition to the generic multi-purpose qemu also provide a minimal
1515+ feature binary that is loading faster for use cases with microvm machine
1516+ type and qboot bios
1517+ - d/control-in: add a new qemu-system-x86-microvm package
1518+ - d/rules: add an extra config/build step to get the minimal qemu
1519+ - Security and packaging fixes (LP 1872937)
1520+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
1521+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
1522+ CVE-2020-10702
1523+ CVE-2020-11102
1524+ - fix external spice UI
1525+ + install ui-spice-app.so in qemu-system-common
1526+ + install ui-spice-app.so only if built, spice is optional
1527+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
1528+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
1529+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
1530+ - enable riscv build (LP 1872931)
1531+ [ changes picked from Debian ]
1532+ - enable support for riscv64 hosts
1533+ - only enable librbd on architectures where it is built
1534+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
1535+ depends on the former
1536+ - seccomp grew up, no need in versioned build-dep
1537+ - enable seccomp only on architectures where it can be built
1538+ * Dropped changes (upstream)
1539+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1540+ (LP 1857033)
1541+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
1542+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
1543+ vhost-user-gpu
1544+ - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
1545+ avoid unnecessary IOTLB transactions (LP 1866207)
1546+ - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
1547+ patches @qemu-stable (LP 1867519)
1548+ - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
1549+ to avoid broken nesting (LP 1868692)
1550+ - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
1551+ (LP 1871830)
1552+ - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107)
1553+ - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
1554+ - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
1555+ and clobbered doubles (LP 1872945)
1556+ - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
1557+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
1558+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
1559+ - CVE-2020-11869
1560+ - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
1561+ - async: use explicit memory barriers (LP 1805256)
1562+ - aio-wait: delegate polling of main AioContext if BQL not held
1563+ - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
1564+ supporting to set them (LP 1882774)
1565+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
1566+ load to a versioned path
1567+ * Added Changes:
1568+ - d/control: regenerate debian/control out of control-in
1569+ - update d/p/ubuntu/lp-1835546-* to the final versions
1570+ - 11 patches dropped as they are in 5.0
1571+ - 20 patches updated to how they will be in 5.1
1572+ - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix
1573+ FTBFS in groovy
1574+ - Make qemu-system-x86-microvm a transitional package as the binary is now
1575+ in qemu-system-x86 itself.
1576+ - d/control-in: build-dep libcap is no more needed
1577+ - d/rules: update arch aware kvm wrappers
1578+ - d/qemu-system-x86.README.Debian: fix typo
1579+
1580+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 16 Jun 2020 16:50:09 +0200
1581+
1582 qemu (1:5.0-5) unstable; urgency=medium
1583
1584 * more binfmt-install updates
1585@@ -1677,6 +3148,188 @@ qemu (1:4.2-4) unstable; urgency=medium
1586
1587 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 12:44:43 +0300
1588
1589+qemu (1:4.2-3ubuntu10) groovy; urgency=medium
1590+
1591+ * No-change rebuild against libnettle8
1592+
1593+ -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 20 Jul 2020 16:12:37 +0000
1594+
1595+qemu (1:4.2-3ubuntu9) groovy; urgency=medium
1596+
1597+ * debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that
1598+ crashes it on shutdown (LP: #1878973)
1599+ * d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not
1600+ supporting to set them (LP: #1882774)
1601+
1602+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 02 Jun 2020 10:42:49 +0200
1603+
1604+qemu (1:4.2-3ubuntu8) groovy; urgency=medium
1605+
1606+ * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts
1607+ - async: use explicit memory barriers (LP: #1805256)
1608+ - aio-wait: delegate polling of main AioContext if BQL not held
1609+
1610+ -- Rafael David Tinoco <rafaeldtinoco@ubuntu.com> Wed, 27 May 2020 21:47:21 +0000
1611+
1612+qemu (1:4.2-3ubuntu7) groovy; urgency=medium
1613+
1614+ * SECURITY UPDATE: DoS via integer overflow in ati_2d_blt()
1615+ - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in
1616+ ati_2d_blt() to avoid crash in hw/display/ati_2d.c.
1617+ - CVE-2020-11869
1618+
1619+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 21 May 2020 14:43:19 -0400
1620+
1621+qemu (1:4.2-3ubuntu6) focal; urgency=medium
1622+
1623+ [ Christian Ehrhardt ]
1624+ * enable riscv build (LP: #1872931)
1625+ [ changes picked from Debian ]
1626+ - enable support for riscv64 hosts
1627+ - only enable librbd on architectures where it is built
1628+ - ceph: do not list librados-dev as we only use librbd-dev and the latter
1629+ depends on the former
1630+ - seccomp grew up, no need in versioned build-dep
1631+ - enable seccomp only on architectures where it can be built
1632+ * d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms
1633+ * d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh
1634+ and clobbered doubles (LP: #1872945)
1635+
1636+ [ William Grant ]
1637+ * d/control-in: disable rbd support unavailable on riscv (LP: 1872931)
1638+
1639+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 14:27:15 +0200
1640+
1641+qemu (1:4.2-3ubuntu5) focal; urgency=medium
1642+
1643+ [ Christian Ehrhardt ]
1644+ * d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR
1645+ (LP: #1871830)
1646+ * Security and packaging fixes (LP: #1872937)
1647+ - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch
1648+ - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
1649+ CVE-2020-10702
1650+ CVE-2020-11102
1651+ - fix external spice UI
1652+ + install ui-spice-app.so in qemu-system-common
1653+ + install ui-spice-app.so only if built, spice is optional
1654+ - switch binfmt registration to use update-binfmts --[un]import (#866756)
1655+ - qemu-system-gui: Multi-Arch=same, not foreign (#956763)
1656+ - qemu-system-data: s/highcolor/hicolor/ (#955741)
1657+ * d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872107)
1658+
1659+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 11:26:44 +0200
1660+
1661+qemu (1:4.2-3ubuntu4) focal; urgency=medium
1662+
1663+ * d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546)
1664+ * remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64
1665+ to avoid broken nesting (LP: #1868692)
1666+
1667+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 20 Mar 2020 08:02:16 +0100
1668+
1669+qemu (1:4.2-3ubuntu3) focal; urgency=medium
1670+
1671+ * d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream
1672+ patches @qemu-stable (LP: #1867519)
1673+
1674+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 18 Mar 2020 13:57:57 +0100
1675+
1676+qemu (1:4.2-3ubuntu2) focal; urgency=medium
1677+
1678+ * allow qemu to load old modules post upgrade (LP: #1847361)
1679+ - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module
1680+ load to a versioned path
1681+ - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on
1682+ upgrade
1683+ - d/rules: generate maintainer scripts matching package version on build
1684+ - d/rules: enable --enable-module-upgrades where --enable-modules is set
1685+ * d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch:
1686+ avoid unnecessary IOTLB transactions (LP: #1866207)
1687+
1688+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 02 Mar 2020 15:21:27 +0100
1689+
1690+qemu (1:4.2-3ubuntu1) focal; urgency=medium
1691+
1692+ * Merge with Debian testing, remaining changes:
1693+ - qemu-kvm to systemd unit
1694+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1695+ hugepages and architecture specifics
1696+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1697+ qemu-kvm-init
1698+ - d/qemu-system-common.install: install helper script
1699+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1700+ - d/qemu-system-common.qemu-kvm.default: defaults for
1701+ /etc/default/qemu-kvm
1702+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1703+ - Distribution specific machine type (LP: 1304107 1621042)
1704+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1705+ types
1706+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1707+ for host-phys-bits=true (LP: 1776189)
1708+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1709+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1710+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1711+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1712+ - Enable nesting by default
1713+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1714+ in qemu64 cpu type.
1715+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1716+ in qemu64 on amd
1717+ [ No more strictly needed, but required for backward compatibility ]
1718+ - improved dependencies
1719+ - Make qemu-system-common depend on qemu-block-extra
1720+ - Make qemu-utils depend on qemu-block-extra
1721+ - let qemu-utils recommend sharutils
1722+ - improved s390x support
1723+ - d/rules: build s390-ccw.img with upstream Makefile
1724+ - d/rules: build s390-netboot.img with upstream Makefile
1725+ - arch aware kvm wrappers
1726+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1727+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1728+ reference 256k path
1729+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1730+ handle incoming migrations from former releases.
1731+ - d/control-in: Disable capstone disassembler library support (universe)
1732+ - d/binfmt-update-in: fix binfmt being called in some containers
1733+ (LP 1840956)
1734+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1735+ (LP 1857033)
1736+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1737+ - d/control*, d/rules: disable xen by default, but provide universe
1738+ package qemu-system-x86-xen as alternative
1739+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527)
1740+ - Dropped changes [ in Debian ]
1741+ - d/control: update VCS links
1742+ - d/control-in: bump debhelper build-dep for compat 12
1743+ - d/control: disable bluetooth being deprecated
1744+ - d/not-installed: ignore new interop docs and extra icons for now
1745+ - d/not-installed: do not install elf2dmp until namespaced
1746+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1747+ [ not needed ]
1748+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
1749+ - s390x support
1750+ - Create qemu-system-s390x package
1751+ - Enable numa support for s390x
1752+ - d/control*: enable libpmem support for nvdimms (LP 1790856)
1753+ * Added changes
1754+ - d/control: regenerate debian/control out of control-in
1755+ - qemu-system-x86-microvm package
1756+ In addition to the generic multi-purpose qemu also provide a minimal
1757+ feature binary that is loading faster for use cases with microvm machine
1758+ type and qboot bios
1759+ - d/control-in: add a new qemu-system-x86-microvm package
1760+ - d/rules: add an extra config/build step to get the minimal qemu
1761+ - d/control-in: disable pmem on ppc64 as it is currently considered
1762+ experimental on that architecture (pmdk v1.8-1)
1763+ - d/rules: makefile definitions can't be recursive - sys_systems for s390x
1764+ - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of
1765+ vhost-user-gpu
1766+ - d/rules: report config log from the correct subdir
1767+ - d/rules: --disable-xen for user-static builds
1768+
1769+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Feb 2020 15:21:56 +0100
1770+
1771 qemu (1:4.2-3) unstable; urgency=medium
1772
1773 * mention closing of #909743 in previous changelog (Closes: #909743)
1774@@ -1719,6 +3372,169 @@ qemu (1:4.2-2) unstable; urgency=medium
1775
1776 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Jan 2020 23:51:09 +0300
1777
1778+qemu (1:4.2-1ubuntu2) focal; urgency=medium
1779+
1780+ * d/control: avoid upgrade issues triggered by moving ivshmem tools after
1781+ Debian. Fixed by by bumping the related Breaks/Replaces to the
1782+ Version Ubuntu introduced the change (LP: #1862287)
1783+
1784+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 07 Feb 2020 07:31:21 +0100
1785+
1786+qemu (1:4.2-1ubuntu1) focal; urgency=medium
1787+
1788+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
1789+ LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
1790+ LP: #1812822 - avoid crashes on detaching vhost_net interfaces
1791+ LP: #1852744 - Crypto Passthrough Interrupt Support
1792+ LP: #1853316 - CCW IPL Support
1793+ Remaining changes:
1794+ - qemu-kvm to systemd unit
1795+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
1796+ hugepages and architecture specifics
1797+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
1798+ qemu-kvm-init
1799+ - d/qemu-system-common.install: install helper script
1800+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
1801+ - d/qemu-system-common.qemu-kvm.default: defaults for
1802+ /etc/default/qemu-kvm
1803+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
1804+ - Distribution specific machine type (LP: 1304107 1621042)
1805+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
1806+ types
1807+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
1808+ for host-phys-bits=true (LP: 1776189)
1809+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
1810+ - provide pseries-bionic-2.11-sxxm type as convenience with all
1811+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
1812+ - Enable nesting by default
1813+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
1814+ in qemu64 cpu type.
1815+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
1816+ in qemu64 on amd
1817+ [ No more strictly needed, but required for backward compatibility ]
1818+ - improved dependencies
1819+ - Make qemu-system-common depend on qemu-block-extra
1820+ - Make qemu-utils depend on qemu-block-extra
1821+ - let qemu-utils recommend sharutils
1822+ - s390x support
1823+ - Create qemu-system-s390x package
1824+ - Enable numa support for s390x
1825+ - d/rules: build s390-ccw.img with upstream Makefile
1826+ - d/rules: build s390-netboot.img with upstream Makefile
1827+ - arch aware kvm wrappers
1828+ - d/control: update VCS links
1829+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
1830+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
1831+ reference 256k path
1832+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
1833+ handle incoming migrations from former releases.
1834+ - d/control-in: Disable capstone disassembler library support (universe)
1835+ - d/control: disable bluetooth being deprecated
1836+ - d/not-installed: ignore new interop docs and extra icons for now
1837+ - d/not-installed: do not install elf2dmp until namespaced
1838+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
1839+ - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
1840+ - d/binfmt-update-in: fix binfmt being called in some containers
1841+ (LP 1840956)
1842+ - Dropped changes (in Debian)
1843+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
1844+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
1845+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
1846+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
1847+ - enable RDMA config option
1848+ - add libibumad-dev build-dep
1849+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
1850+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
1851+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
1852+ replace it with a build-indep using the upstream makefiles.
1853+ This is less prone to miss future changes/fixes that are done to the
1854+ makefiles
1855+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
1856+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
1857+ - d/rules: fix qemu-kvm service for debhelper compat >=12
1858+ - Refreshed patches for v4.0 context changes
1859+ - d/control*: remove sdlabi which was removed upstream
1860+ - d/control*: enable docs (now explicit) and provide new build-dep
1861+ python3-sphinx
1862+ - d/qemu-system-data.install: use new paths for formerly used icons
1863+ - Merge with Upstream release of qemu 4.0
1864+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
1865+ - Dropped changes (Upstream)
1866+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
1867+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
1868+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
1869+ fix i386 build error
1870+ - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
1871+ fix naming of the new vector facitlity (LP 1836066)
1872+ - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
1873+ for missing SIOCGSTAMP definition; final fix is still in discussion
1874+ upstream (LP: 1836159)
1875+ - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
1876+ s390x machines (LP 1836154)
1877+ - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
1878+ (LP 1841066)
1879+ - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
1880+ update the z15 model name (LP 1842774)
1881+ - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
1882+ fix a potential hang when qemu or qemu-img where accessing http backed
1883+ disks via libcurl (LP 1848556)
1884+ - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*:
1885+ fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497)
1886+ - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
1887+ toleration for future machines (LP 1830704)
1888+ - SECURITY UPDATE: Add support for exposing md-clear functionality
1889+ to guests
1890+ - d/p/ubuntu/enable-md-clear.patch
1891+ - d/p/ubuntu/enable-md-no.patch
1892+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
1893+ - SECURITY UPDATE: heap overflow when loading device tree blob
1894+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
1895+ copy the device tree blob into is.
1896+ - CVE-2018-20815
1897+ - SECURITY UPDATE: device driver denial of service via NULL pointer
1898+ dereference
1899+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
1900+ routine
1901+ - CVE-2019-5008
1902+ - SECURITY UPDATE: information leak in SLiRP
1903+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
1904+ emulating ident.
1905+ - CVE-2019-9824
1906+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
1907+ unimplement.patch: properly return architecture defined exception
1908+ on bad subcodes of diag 308 (LP 1812384)
1909+ * Dropped changes (no more needed)
1910+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
1911+ mv_conffile since the new path is a directory in the old package
1912+ version which can not be handled by mv_conffile.
1913+ [ only needed between disco and eoan ]
1914+ - disable pvrdma
1915+ [ CVEs all fixed now ]
1916+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
1917+ avoid misdetection of simplified nesting blocking all migrations
1918+ [ qemu now detects and handles nesting - needs kernel >=4.20 ]
1919+ - Enable nesting by default
1920+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
1921+ (is default on amd)
1922+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
1923+ without nested=1
1924+ [ nesting is default in kernel modules and default selected cpu types ]
1925+ * Added changes
1926+ - d/control: regenerate debian/control out of control-in
1927+ - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
1928+ - added ubuntu focal types for qemu 4.2
1929+ - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
1930+ - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
1931+ (LP: #1857033)
1932+ - d/qemu-system-x86.README.Debian: add info about updated nesting changes
1933+ - d/control*, d/rules: disable xen by default, but provide universe
1934+ package qemu-system-x86-xen as alternative
1935+ - fix typos in changelog and d/qemu-system-x86.NEWS
1936+ - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
1937+ - d/control*: enable libpmem support for nvdimms (LP: #1790856)
1938+
1939+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 08 Jan 2020 15:27:42 +0100
1940+
1941 qemu (1:4.2-1) unstable; urgency=medium
1942
1943 * new upstream release (4.2.0)
1944@@ -1795,6 +3611,205 @@ qemu (1:4.1-1) unstable; urgency=medium
1945
1946 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 27 Aug 2019 12:43:43 +0300
1947
1948+qemu (1:4.0+dfsg-0ubuntu10) focal; urgency=medium
1949+
1950+ * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
1951+ fix a potential hang when qemu or qemu-img where accessing http backed
1952+ disks via libcurl (LP: #1848556)
1953+ * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch:
1954+ fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497)
1955+
1956+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 21 Oct 2019 14:51:45 +0200
1957+
1958+qemu (1:4.0+dfsg-0ubuntu9) eoan; urgency=medium
1959+
1960+ * d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
1961+ update the z15 model name (LP: #1842774)
1962+
1963+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Sep 2019 11:42:58 +0200
1964+
1965+qemu (1:4.0+dfsg-0ubuntu8) eoan; urgency=medium
1966+
1967+ * d/binfmt-update-in: fix binfmt being called in some containers
1968+ (LP: #1840956)
1969+
1970+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 09 Sep 2019 11:03:13 +0200
1971+
1972+qemu (1:4.0+dfsg-0ubuntu7) eoan; urgency=medium
1973+
1974+ * No-change upload with strops.h and sys/strops.h removed in glibc.
1975+
1976+ -- Matthias Klose <doko@ubuntu.com> Thu, 05 Sep 2019 11:07:25 +0000
1977+
1978+qemu (1:4.0+dfsg-0ubuntu6) eoan; urgency=medium
1979+
1980+ * d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
1981+ (LP: #1841066)
1982+
1983+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 26 Aug 2019 12:08:04 +0200
1984+
1985+qemu (1:4.0+dfsg-0ubuntu5) eoan; urgency=medium
1986+
1987+ * d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
1988+ s390x machines (LP: #1836154)
1989+
1990+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Jul 2019 13:20:42 +0200
1991+
1992+qemu (1:4.0+dfsg-0ubuntu4) eoan; urgency=medium
1993+
1994+ * d/control-in: promote qemu-efi/ovmf in Ubuntu (LP: #1570617)
1995+ - pick Debian change for (#889885)
1996+ move ovmf to recommends on debian and update aarch ovmf refs
1997+ - stop Ubuntu to drop ovmf/qemu-efi to a suggest
1998+
1999+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 12 Jul 2019 12:48:24 +0200
2000+
2001+qemu (1:4.0+dfsg-0ubuntu3) eoan; urgency=medium
2002+
2003+ * d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
2004+ for missing SIOCGSTAMP definition; final fix is still in discussion
2005+ upstream (LP: 1836159)
2006+
2007+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 10:10:00 +0200
2008+
2009+qemu (1:4.0+dfsg-0ubuntu2) eoan; urgency=medium
2010+
2011+ * d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
2012+ fix naming of the new vector facitlity (LP: #1836066)
2013+ * d/control-in: update VCS links in control template as well
2014+
2015+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 11 Jul 2019 08:18:44 +0200
2016+
2017+qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium
2018+
2019+ * Merge with Upstream release of qemu 4.0.
2020+ Among many other things this fixes LP Bugs:
2021+ LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA)
2022+ LP: #1828038 - Update s390x CPU Model for more HW support
2023+ LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el
2024+ Remaining Changes:
2025+ - qemu-kvm to systemd unit
2026+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2027+ hugepages and architecture specifics
2028+ - d/qemu-system-common.qemu-kvm.service: systemd unit to call
2029+ qemu-kvm-init
2030+ - d/qemu-system-common.install: install helper script
2031+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2032+ - d/qemu-system-common.qemu-kvm.default: defaults for
2033+ /etc/default/qemu-kvm
2034+ - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
2035+ - Enable nesting by default
2036+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
2037+ (is default on amd)
2038+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
2039+ without nested=1
2040+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2041+ in qemu64 cpu type.
2042+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2043+ in qemu64 on amd
2044+ - d/qemu-system-x86.README.Debian: document intention of nested being
2045+ default is comfort, not full support
2046+ - Distribution specific machine type (LP: 1304107 1621042)
2047+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2048+ types
2049+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2050+ for host-phys-bits=true (LP: 1776189)
2051+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
2052+ - provide pseries-bionic-2.11-sxxm type as convenience with all
2053+ meltdown/spectre workarounds enabled by default. (LP: 1761372).
2054+ - improved dependencies
2055+ - Make qemu-system-common depend on qemu-block-extra
2056+ - Make qemu-utils depend on qemu-block-extra
2057+ - let qemu-utils recommend sharutils
2058+ - s390x support
2059+ - Create qemu-system-s390x package
2060+ - Enable numa support for s390x
2061+ - arch aware kvm wrappers
2062+ - d/control: update VCS links
2063+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
2064+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
2065+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
2066+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
2067+ - enable RDMA config option
2068+ - add libibumad-dev build-dep
2069+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
2070+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
2071+ reference 256k path
2072+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
2073+ handle incoming migrations from former releases.
2074+ - d/control-in: Disable capstone disassembler library support (universe)
2075+ - Move s390x roms to a new qemu-system-data-s390x
2076+ - d/qemu-system-data.install: install s390x roms as architecture:all in
2077+ qemu-system-data
2078+ - d/rules: build s390-ccw.img with upstream Makefile
2079+ - d/rules: build s390-netboot.img with upstream Makefile
2080+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
2081+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
2082+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
2083+ replace it with a build-indep using the upstream makefiles.
2084+ This is less prone to miss future changes/fixes that are done to the
2085+ makefiles
2086+ - d/control-in: add breaks/replaces for moving s390x roms from
2087+ qemu-system-s390x to qemu-system-data
2088+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
2089+ [From not yet uploaded Debian branch]
2090+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
2091+ - d/rules: fix qemu-kvm service for debhelper compat >=12
2092+ - disable pvrdma - besides several security holes there are many other
2093+ bugs there as well
2094+ * Dropped patches that are upstream in v4.0
2095+ - d/p/do-not-link-everything-with-xen.patch
2096+ - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
2097+ - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
2098+ - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
2099+ - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778
2100+ - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
2101+ - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor
2102+ (LP: 1759509)
2103+ - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri
2104+ - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and
2105+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement
2106+ - d/p/ubuntu/CVE-2018-20815.patch
2107+ - d/p/ubuntu/CVE-2019-5008.patch
2108+ - d/p/ubuntu/CVE-2019-9824.patch
2109+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
2110+ avoid misdetection of simplified nesting blocking all migrations
2111+ * Dropped further patches
2112+ d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665
2113+ [upstream deprecated the whole subsystem instead of applying the fix]
2114+ * Added Changes
2115+ - updated ubuntu machine types for v4.0
2116+ - added eoan types
2117+ - fixed s390x issue of upstream types having a "v" prefix
2118+ - add back dropped machine types to avoid more issues like LP: 1802944
2119+ - fix kvm split irqchip default in ubuntu q35 machine type
2120+ - drop no more needed spapr_machine_2_11_sxxm_instance_options and
2121+ adapt updated CamelCase
2122+ - -hpb types now need to use GlobalProperties
2123+ - pc_compat_2_0 got a _fn suffix and slight changes
2124+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to
2125+ SLOF of qemu 4.0
2126+ - Refreshed patches still needed for v4.0 context changes
2127+ - d/p/use-fixed-data-path.patch
2128+ - d/p/ubuntu/enable-svm-by-default.patch
2129+ - d/p/ubuntu/enable-md-clear.patch
2130+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
2131+ - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration
2132+ (LP: #1830243)
2133+ - d/control: disable bluetooth being deprecated
2134+ - d/control*: remove sdlabi which was removed upstream
2135+ - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238)
2136+ - d/control*: enable docs (now explicit) and provide new build-dep
2137+ python3-sphinx
2138+ - d/not-installed: ignore new interop docs and extra icons for now
2139+ - d/not-installed: do not install elf2dmp until namespaced
2140+ - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
2141+ - d/qemu-system-data.install: use new paths for formerly used icons
2142+ - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
2143+ fix i386 build error
2144+
2145+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 24 Jun 2019 16:33:19 +0200
2146+
2147 qemu (1:3.1+dfsg-8) unstable; urgency=high
2148
2149 * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch
2150@@ -1897,6 +3912,232 @@ qemu (1:3.1+dfsg-3) unstable; urgency=medium
2151
2152 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 06 Feb 2019 12:23:01 +0300
2153
2154+qemu (1:3.1+dfsg-2ubuntu5) eoan; urgency=medium
2155+
2156+ * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
2157+ broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
2158+ fix migrations from old machines (LP: #1829868).
2159+ * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
2160+ toleration for future machines (LP: #1830704
2161+
2162+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 28 May 2019 11:30:42 +0200
2163+
2164+qemu (1:3.1+dfsg-2ubuntu4) eoan; urgency=medium
2165+
2166+ * SECURITY UPDATE: Add support for exposing md-clear functionality
2167+ to guests
2168+ - d/p/ubuntu/enable-md-clear.patch
2169+ - d/p/ubuntu/enable-md-no.patch
2170+ - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
2171+ * SECURITY UPDATE: heap overflow when loading device tree blob
2172+ - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
2173+ copy the device tree blob into is.
2174+ - CVE-2018-20815
2175+ * SECURITY UPDATE: device driver denial of service via NULL pointer
2176+ dereference
2177+ - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
2178+ routine
2179+ - CVE-2019-5008
2180+ * SECURITY UPDATE: information leak in SLiRP
2181+ - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
2182+ emulating ident.
2183+ - CVE-2019-9824
2184+
2185+ -- Steve Beattie <sbeattie@ubuntu.com> Wed, 08 May 2019 09:27:53 -0700
2186+
2187+qemu (1:3.1+dfsg-2ubuntu3) disco; urgency=medium
2188+
2189+ * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
2190+ - d/qemu-guest-agent.install: use correct path for fsfreeze-hook
2191+ - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
2192+ mv_conffile since the new path is a directory in the old package
2193+ version which can not be handled by mv_conffile.
2194+ * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
2195+ OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
2196+ Closes: #922635 (Thanks to Gerd Hoffmann and Michael Tokarev)
2197+ CVE-2019-3812
2198+
2199+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 18 Mar 2019 09:20:07 +0100
2200+
2201+qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium
2202+
2203+ * disable pvrdma - besides several security holes there are many other
2204+ bugs there as well, and the amount of patches applied upstream after
2205+ 3.1 release is large (Closes, or actuallymakes unimportant again)
2206+ - CVE-2018-20123
2207+ - CVE-2018-20124
2208+ - CVE-2018-20125
2209+ - CVE-2018-20126
2210+ - CVE-2018-20191
2211+ - CVE-2018-20216
2212+ * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
2213+ - CVE-2019-6501
2214+ * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
2215+ - CVE-2019-6778
2216+
2217+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 19 Feb 2019 06:43:04 +0100
2218+
2219+qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium
2220+
2221+ * Merge with Debian testing, Among many other things this fixes LP Bugs:
2222+ LP: #1806104 - fix misleading page size error on ppc64el
2223+ LP: #1782205 - SnowRidge enabled new ISAs
2224+ LP: #1786956 - upgrade to qemu >= 3.0
2225+ LP: #1809083 - Backward migration to Xenial on ppc64el
2226+ LP: #1803315 - s390x Huge page enablement
2227+ LP: #1657409 - enable virglrenderer
2228+ Remaining Changes:
2229+ - qemu-kvm to systemd unit
2230+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2231+ hugepages and architecture specifics
2232+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2233+ - d/qemu-system-common.install: install systemd unit and helper script
2234+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2235+ - d/qemu-system-common.qemu-kvm.default: defaults for
2236+ /etc/default/qemu-kvm
2237+ - d/rules: install /etc/default/qemu-kvm
2238+ - Enable nesting by default
2239+ - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
2240+ (is default on amd)
2241+ - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
2242+ without nested=1
2243+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2244+ in qemu64 cpu type.
2245+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2246+ in qemu64 on amd
2247+ - d/qemu-system-x86.README.Debian: document intention of nested being
2248+ default is comfort, not full support
2249+ - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372)
2250+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2251+ types
2252+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2253+ for host-phys-bits=true (LP: 1776189)
2254+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
2255+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
2256+ convenience with all meltdown/spectre workarounds enabled by default.
2257+ (LP: 1761372).
2258+ - improved dependencies
2259+ - Make qemu-system-common depend on qemu-block-extra
2260+ - Make qemu-utils depend on qemu-block-extra
2261+ - let qemu-utils recommend sharutils
2262+ - s390x support
2263+ - Create qemu-system-s390x package
2264+ - Enable numa support for s390x
2265+ - arch aware kvm wrappers
2266+ - d/control: update VCS links (updated to match latest Ubuntu)
2267+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
2268+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
2269+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
2270+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
2271+ - enable RDMA config option
2272+ - add libibumad-dev build-dep
2273+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
2274+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
2275+ reference 256k path
2276+ - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
2277+ handle incoming migrations from former releases.
2278+ - d/control-in: Disable capstone disassembler library support (universe)
2279+ * Added Changes:
2280+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes
2281+ for qemu 3.1 in the Ubuntu Disco release
2282+ - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509)
2283+ - Move s390x roms to a new qemu-system-data-s390x
2284+ - d/qemu-system-data.install: install s390x roms as architecture:all in
2285+ qemu-system-data
2286+ - d/rules: build s390-ccw.img with upstream Makefile
2287+ - d/rules: build s390x-netboot.img with upstream Makefile
2288+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
2289+ some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
2290+ As that hack to build s390-ccw.img rom can't build s390x-netboot.img
2291+ replace it with a build-indep using the upstream makefiles.
2292+ This is less prone to miss future changes/fixes that are done to the
2293+ makefiles
2294+ - d/control-in: add breaks/replaces for moving s390x roms from
2295+ qemu-system-s390x to qemu-system-data
2296+ - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
2297+ [From not yet uploaded Debian branch]
2298+ - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
2299+ (Closes: #918378)
2300+ - d/rules: fix qemu-kvm service for debhelper compat >=12
2301+ - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
2302+ avoid misdetection of simplified nesting blocking all migrations
2303+ - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
2304+ unimplement.patch: properly return archicture defined exception
2305+ on bad subcodes of diag 308 (LP: #1812384)
2306+ * Dropped Changes:
2307+ - Include s390-ccw.img firmware (old style native build)
2308+ - d/rules enable install s390x-netboot.img (old style native build)
2309+ - libvirt/qemu user/group support
2310+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2311+ trigger.
2312+ [ Droppable since logind properly sets ACLs now ]
2313+ - qemu-system-common.preinst: add kvm group if needed
2314+ [ Droppable because systemd/udev take care of it since 239-6]
2315+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent
2316+ freeze-hook fixes (LP: 1484990)
2317+ [upstream]
2318+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
2319+ merged upstream
2320+ [upstream]
2321+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
2322+ computation while concatenating mbuf.
2323+ CVE-2018-11806
2324+ [upstream]
2325+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
2326+ for powerpc64 to speed up translation (LP: 1781526)
2327+ [upstream]
2328+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
2329+ cpu model for z14 ZR1 (LP: 1780773).
2330+ [upstream]
2331+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
2332+ (Closes: 903562)
2333+ [in Debian]
2334+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
2335+ unreleased Debian version)
2336+ [in Debian]
2337+ - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
2338+ by migrations with UI frontends or frequent guest resolution changes
2339+ (LP #1755912)
2340+ [upstream]
2341+ - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
2342+ extend eieio for POWER9 emulation (LP: 1787408).
2343+ [upstream]
2344+ - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
2345+ ensure that the seccomp blacklist is applied to all threads (LP: 1789551)
2346+ [upstream]
2347+ - improve s390x spectre mitigation with etoken facility (LP: 1790457)
2348+ [upstream]
2349+ - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901)
2350+ [upstream]
2351+ - d/control-in: our addition of a qemu-system-s390x package needs to follow
2352+ the split of qemu-system-data by adding a dependency to it (LP: 1798084)
2353+ [in Debian]
2354+ - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
2355+ Adapters on s390x (LP: 1787405)
2356+ [upstream]
2357+ - enable opengl for vfio-MDEV support (LP: 1804766)
2358+ [in Debian]
2359+ - SECURITY UPDATE: integer overflow in NE2000 NIC emulation
2360+ [upstream]
2361+ - SECURITY UPDATE: integer overflow via crafted QMP command
2362+ [upstream]
2363+ - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
2364+ [upstream]
2365+ - SECURITY UPDATE: buffer overflow in rtl8139
2366+ [upstream]
2367+ - SECURITY UPDATE: buffer overflow in pcnet
2368+ [upstream]
2369+ - SECURITY UPDATE: DoS via large packet sizes
2370+ [upstream]
2371+ - SECURITY UPDATE: DoS in lsi53c895a
2372+ [upstream]
2373+ - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
2374+ [upstream]
2375+ - SECURITY UPDATE: race condition in 9p
2376+ [upstream]
2377+
2378+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Jan 2019 09:41:08 +0100
2379+
2380 qemu (1:3.1+dfsg-2) unstable; urgency=medium
2381
2382 * d/rules: split arch and indep builds
2383@@ -1976,6 +4217,249 @@ qemu (1:3.1+dfsg-1) unstable; urgency=medium
2384
2385 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 02 Dec 2018 19:10:27 +0300
2386
2387+qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium
2388+
2389+ [ Marc Deslauriers ]
2390+ * SECURITY UPDATE: integer overflow in NE2000 NIC emulation
2391+ - debian/patches/CVE-2018-10839.patch: use proper type in
2392+ hw/net/ne2000.c.
2393+ - CVE-2018-10839
2394+ * SECURITY UPDATE: integer overflow via crafted QMP command
2395+ - debian/patches/CVE-2018-12617.patch: check bytes count read by
2396+ guest-file-read in qga/commands-posix.c.
2397+ - CVE-2018-12617
2398+ * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
2399+ - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
2400+ - CVE-2018-16847
2401+ * SECURITY UPDATE: buffer overflow in rtl8139
2402+ - debian/patches/CVE-2018-17958.patch: use proper type in
2403+ hw/net/rtl8139.c.
2404+ - CVE-2018-17958
2405+ * SECURITY UPDATE: buffer overflow in pcnet
2406+ - debian/patches/CVE-2018-17962.patch: use proper type in
2407+ hw/net/pcnet.c.
2408+ - CVE-2018-17962
2409+ * SECURITY UPDATE: DoS via large packet sizes
2410+ - debian/patches/CVE-2018-17963.patch: check size in net/net.c.
2411+ - CVE-2018-17963
2412+ * SECURITY UPDATE: DoS in lsi53c895a
2413+ - debian/patches/CVE-2018-18849.patch: check message length value is
2414+ valid in hw/scsi/lsi53c895a.c.
2415+ - CVE-2018-18849
2416+ * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
2417+ - debian/patches/CVE-2018-18954.patch: check size before data buffer
2418+ access in hw/ppc/pnv_lpc.c.
2419+ - CVE-2018-18954
2420+ * SECURITY UPDATE: race condition in 9p
2421+ - debian/patches/CVE-2018-19364-1.patch: use write lock in
2422+ hw/9pfs/cofile.c.
2423+ - debian/patches/CVE-2018-19364-2.patch: use write lock in
2424+ hw/9pfs/9p.c.
2425+ - CVE-2018-19364
2426+
2427+ [ Christian Ehrhardt]
2428+ * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
2429+ Adapters on s390x (LP: #1787405)
2430+ * enable opengl for vfio-MDEV support (LP: #1804766)
2431+ - d/control-in: set --enable-opengl
2432+ - d/control-in: add gl related build-dependencies
2433+
2434+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Nov 2018 13:17:01 -0500
2435+
2436+qemu (1:2.12+dfsg-3ubuntu8) cosmic; urgency=medium
2437+
2438+ * d/control-in: our addition of a qemu-system-s390x package needs to follow
2439+ the split of qemu-system-data by adding a dependency to it (LP: #1798084)
2440+
2441+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 17 Oct 2018 10:50:27 +0200
2442+
2443+qemu (1:2.12+dfsg-3ubuntu7) cosmic; urgency=medium
2444+
2445+ * Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: #1790901)
2446+ The SLOF source pieces in src:qemu are only used for s390x netboot,
2447+ which are independent ROMs (no linking). All other binaries out of this
2448+ are part of src:slof and independent.
2449+ - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot-2.12-to-3.0.patch
2450+ - d/p/ubuntu/lp-1790901-0*: backport s390x pxelinux netboot capabilities
2451+ and related fixes
2452+
2453+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Sep 2018 13:31:15 +0200
2454+
2455+qemu (1:2.12+dfsg-3ubuntu6) cosmic; urgency=medium
2456+
2457+ * improve s390x spectre mitigation with etoken facility (LP: #1790457)
2458+ - debian/patches/ubuntu/lp-1790457-s390x-kvm-add-etoken-facility.patch
2459+ - debian/patches/ubuntu/lp-1790457-partial-s390x-linux-headers-update.patch
2460+
2461+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Sep 2018 10:06:48 +0200
2462+
2463+qemu (1:2.12+dfsg-3ubuntu5) cosmic; urgency=medium
2464+
2465+ * d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
2466+ ensure that the seccomp blacklist is applied to all threads (LP: #1789551)
2467+ - CVE-2018-15746
2468+
2469+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 29 Aug 2018 08:50:36 +0200
2470+
2471+qemu (1:2.12+dfsg-3ubuntu4) cosmic; urgency=medium
2472+
2473+ [ Murilo Opsfelder Araujo ]
2474+ * d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
2475+ extend eieio for POWER9 emulation (LP: #1787408).
2476+
2477+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 20 Aug 2018 11:52:39 +0200
2478+
2479+qemu (1:2.12+dfsg-3ubuntu3) cosmic; urgency=medium
2480+
2481+ * d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
2482+ by migrations with UI frontends or frequent guest resolution changes
2483+ (LP: #1755912)
2484+
2485+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 Jul 2018 08:26:52 +0200
2486+
2487+qemu (1:2.12+dfsg-3ubuntu2) cosmic; urgency=medium
2488+
2489+ * Disable capstone disassembler library support (universe dependency)
2490+
2491+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 17 Jul 2018 08:35:32 +0200
2492+
2493+qemu (1:2.12+dfsg-3ubuntu1) cosmic; urgency=medium
2494+
2495+ * Merge with Debian testing, Remaining Changes:
2496+ - Among other things this fixes (LP: #1780768, LP: #1780769, LP: #1780772)
2497+ - qemu-kvm to systemd unit
2498+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2499+ hugepages and architecture specifics
2500+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2501+ - d/qemu-system-common.install: install systemd unit and helper script
2502+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2503+ - d/qemu-system-common.qemu-kvm.default: defaults for
2504+ /etc/default/qemu-kvm
2505+ - d/rules: install /etc/default/qemu-kvm
2506+ - Enable nesting by default
2507+ - set nested=1 module option on intel. (is default on amd)
2508+ - re-load kvm_intel.ko if it was loaded without nested=1
2509+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2510+ in qemu64 cpu type.
2511+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2512+ in qemu64 on amd
2513+ - d/qemu-system-x86.README.Debian: document intention of nested being
2514+ default is comfort, not full support
2515+ - libvirt/qemu user/group support
2516+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2517+ trigger.
2518+ - qemu-system-common.preinst: add kvm group if needed
2519+ - Distribution specific machine type
2520+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2521+ types to ease future live vm migration.
2522+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2523+ - d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
2524+ for host-phys-bits=true (LP: 1776189)
2525+ - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
2526+ - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
2527+ convenience with all meltdown/spectre workarounds enabled by default.
2528+ (LP: 1761372).
2529+ - improved dependencies
2530+ - Make qemu-system-common depend on qemu-block-extra
2531+ - Make qemu-utils depend on qemu-block-extra
2532+ - let qemu-utils recommend sharutils
2533+ - s390x support
2534+ - Create qemu-system-s390x package
2535+ - Include s390-ccw.img firmware
2536+ - Enable numa support for s390x
2537+ - arch aware kvm wrappers
2538+ - update VCS-git (updated to match cosmic)
2539+ - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
2540+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
2541+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
2542+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
2543+ - Create and install pxe netboot images for KVM s390x (LP: 1732094)
2544+ - d/rules enable install s390x-netboot.img
2545+ - d/control-in: enable RDMA support in qemu (LP: 1692476)
2546+ - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
2547+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
2548+ reference 256k path
2549+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
2550+ handle incoming migrations from former releases.
2551+ - SECURITY UPDATE: Speculative Store Bypass
2552+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
2553+ CPUID feature bit in target/i386/cpu.*.
2554+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
2555+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
2556+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
2557+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
2558+ target/i386/machine.c.
2559+ - CVE-2018-3639
2560+ * Added Changes:
2561+ - update machine type changes for qemu 2.12 and the Ubuntu Cosmic release
2562+ - add cosmic types for base and -hpb
2563+ - drop no more supported types (zesty and yakkety)
2564+ - d/p/series: group machine type changes
2565+ - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
2566+ merged upstream
2567+ - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
2568+ computation while concatenating mbuf.
2569+ CVE-2018-11806
2570+ - d/qemu-kvm-init, d/qemu-system-common.qemu-kvm.default: drop the
2571+ deprecated handling of VHOST_NET_ENABLED and KVM_HUGEPAGES.
2572+ - d/qemu-kvm-init: do not exit early on non x86/ppc64el (LP: #1763275)
2573+ - d/qemu-kvm-init, d/kvm.powerpc: clean up typos and shellcheck warnings
2574+ - d/qemu-kvm-init, d/kvm.powerpc: fix SMT detection and make it only apply
2575+ to POWER8
2576+ - d/qemu-kvm-init: drop old VM detection that was broken in some cases and
2577+ is no more needed with systemd-detect-virt being more mature and always
2578+ present.
2579+ - d/kvm.powerpc: drop old powerpc (non-ppc64el) code.
2580+ - d/control-in: add libibumad-dev which is now needed for rdma
2581+ - d/rules: update s390x delta to match new Debian packaging
2582+ - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
2583+ for powerpc64 to speed up translation (LP: #1781526)
2584+ - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
2585+ cpu model for z14 ZR1 (LP: #1780773).
2586+ - Mark qemu-system-data foreign to be able to install it e.g. on i386
2587+ (Closes: 903562)
2588+ - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
2589+ unreleased Debian version)
2590+ * Dropped Changes:
2591+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
2592+ (No more removed when building DFSG orig tarball in Debian)
2593+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
2594+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
2595+ so we revert related changes to stick with the proven for now:
2596+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
2597+ depends on it)
2598+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
2599+ (Debian switched to gtk which seems to work better and has all
2600+ dependencies in main.)
2601+ - d/control-in: enable seccomp on s390x (in Debian for Linux-any)
2602+ - Changes that are now upstream with qemu 2.12
2603+ - d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with
2604+ newer versions of glibc >=2.27 (LP: 1753826)
2605+ - d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
2606+ - d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
2607+ SSE/AVX/AVX512 cpu features (LP: 1739665)
2608+ - d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
2609+ space+commpage continuous which avoids long startup times on
2610+ qemu-user-static (LP: 1740219)
2611+ - provide pseries-2.12-sxxm type (LP: 1761372)
2612+ - d/p/ubuntu/lp-1704312-1-* provide means to manually handle
2613+ filesystem-dax with pmem by backporting align and unarmed options
2614+ (LP: 1704312).
2615+ - d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
2616+ option to slirp's DHCP server (LP: 1762315)
2617+ - d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying
2618+ Protection information (LP: 1762854).
2619+ - d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9
2620+ migration (LP: 1763468).
2621+ - SECURITY UPDATE: out-of-bounds access during migration via ps2
2622+ CVE-2017-16845
2623+ - SECURITY UPDATE: arbitrary code execution via load_multiboot
2624+ CVE-2018-7550
2625+ - SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
2626+ CVE-2018-7858
2627+
2628+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 21 Jun 2018 14:24:06 +0200
2629+
2630 qemu (1:2.12+dfsg-3) unstable; urgency=medium
2631
2632 * make qemu-system-foo depending
2633@@ -2064,6 +4548,239 @@ qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium
2634
2635 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 12 Apr 2018 19:04:03 +0300
2636
2637+qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium
2638+
2639+ * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
2640+ for host-phys-bits=true (LP: #1776189)
2641+ - add an info about this change in debian/qemu-system-x86.NEWS
2642+
2643+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 09:01:00 +0200
2644+
2645+qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium
2646+
2647+ * SECURITY UPDATE: Speculative Store Bypass
2648+ - debian/patches/ubuntu/CVE-2018-3639/0001*.patch: define the 'ssbd'
2649+ CPUID feature bit in target/i386/cpu.*.
2650+ - debian/patches/ubuntu/CVE-2018-3639/0002*.patch: define the AMD
2651+ 'virt-ssbd' CPUID feature bit in target/i386/cpu.c.
2652+ - debian/patches/ubuntu/CVE-2018-3639/0003*.patch: define the Virt SSBD
2653+ MSR and handling of it in target/i386/cpu.h, target/i386/kvm.c,
2654+ target/i386/machine.c.
2655+ - CVE-2018-3639
2656+
2657+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 22 May 2018 09:34:52 -0400
2658+
2659+qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium
2660+
2661+ * SECURITY UPDATE: out-of-bounds access during migration via ps2
2662+ - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers
2663+ in post_load routine in hw/input/ps2.c.
2664+ - CVE-2017-16845
2665+ * SECURITY UPDATE: arbitrary code execution via load_multiboot
2666+ - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being
2667+ zero in hw/i386/multiboot.c.
2668+ - CVE-2018-7550
2669+ * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
2670+ - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in
2671+ hw/display/vga.c.
2672+ - CVE-2018-7858
2673+
2674+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 May 2018 14:14:20 -0400
2675+
2676+qemu (1:2.11+dfsg-1ubuntu8) cosmic; urgency=medium
2677+
2678+ * No-change rebuild for ncurses soname changes.
2679+
2680+ -- Matthias Klose <doko@ubuntu.com> Thu, 03 May 2018 14:18:39 +0000
2681+
2682+qemu (1:2.11+dfsg-1ubuntu7) bionic; urgency=medium
2683+
2684+ * d/p/ubuntu/lp-1762854-*: fix issue with SCSI-2 devices denying Protection
2685+ information (LP: #1762854).
2686+ * d/p/ubuntu/lp-1763468-*: fix VSMT handling to fix ppc64el P8/P9 migration
2687+ (LP: #1763468).
2688+
2689+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Apr 2018 07:46:18 +0200
2690+
2691+qemu (1:2.11+dfsg-1ubuntu6) bionic; urgency=medium
2692+
2693+ * Remove LP: 1752026 changes to d/p/ubuntu/define-ubuntu-machine-types.patch.
2694+ The Kernel fixes are preferred and already committed to the kernel.
2695+ Therefore remove the default disabling of the HTM feature (LP: #1761175)
2696+ * d/p/ubuntu/lp1739665-SSE-AVX-AVX512-cpu-features.patch: Enable new
2697+ SSE/AVX/AVX512 cpu features (LP: #1739665)
2698+ * d/p/ubuntu/lp1740219-continuous-space-commpage.patch: make Arm
2699+ space+commpage continuous which avoids long startup times on
2700+ qemu-user-static (LP: #1740219)
2701+ * d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
2702+ convenience with all meltdown/spectre workarounds enabled by default.
2703+ This is not the default type following upstream and x86 on that.
2704+ (LP: #1761372).
2705+ * d/p/ubuntu/lp-1704312-1-* provide means to manually handle filesystem-dax
2706+ with pmem by backporting align and unarmed options (LP: #1704312).
2707+ * d/p/ubuntu/lp-1762315-slirp-Add-domainname.patch: slirp: Add domainname
2708+ option to slirp's DHCP server (LP: #1762315)
2709+
2710+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 04 Apr 2018 15:16:07 +0200
2711+
2712+qemu (1:2.11+dfsg-1ubuntu5) bionic; urgency=medium
2713+
2714+ * Revert the slirp changes of 1:2.11+dfsg-1ubuntu3 until they are upstream
2715+ accepted to be better long term maintainable (LP: #1753938)
2716+
2717+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 22 Mar 2018 10:31:23 +0100
2718+
2719+qemu (1:2.11+dfsg-1ubuntu4) bionic; urgency=medium
2720+
2721+ * d/p/ubuntu/define-ubuntu-machine-types.patch: Disable HTM feature for
2722+ ppc64el in spapr to let the defaults not fail on Power9 HW (LP: #1752026).
2723+ * d/p/ubuntu/lp1753826-memfd-fix-configure-test.patch: fix FTBFS with newer
2724+ versions of glibc >=2.27 (LP: #1753826)
2725+
2726+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 05 Mar 2018 16:43:01 +0100
2727+
2728+qemu (1:2.11+dfsg-1ubuntu3) bionic; urgency=medium
2729+
2730+ * d/p/ubuntu/0001-slirp-Add-domainname-option-to-slirp-s-DHCP-server.patch,
2731+ d/p/ubuntu/0002-slirp-Add-classless-static-routes-support-to-DHCP-se.patch:
2732+ Add domainname option and classless static routes support to the user
2733+ networking's DHCP server
2734+
2735+ -- Benjamin Drung <benjamin.drung@profitbricks.com> Fri, 02 Mar 2018 21:08:54 +0100
2736+
2737+qemu (1:2.11+dfsg-1ubuntu2) bionic; urgency=medium
2738+
2739+ * d/p/ubuntu/qemu-stable-2.11.1.patch: add stable release
2740+ - among other fixes this adds code to:
2741+ - mitigate the Spectre/Meltdown attacks (LP: #1744882) (CVE-2017-5715)
2742+ However, enabling this functionality requires additional configuration
2743+ beyond just updating QEMU. Also migrations need special consideration.
2744+ Details about that can be found at:
2745+ https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
2746+ - Power9 allocation of max 8 threads per core (LP: #1750526)
2747+ * Drop changes that are part of the upstream stable release
2748+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
2749+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
2750+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
2751+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
2752+ * d/p/ubuntu/define-ubuntu-machine-types.patch: refresh to match stable update
2753+ * d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: unify to only change the
2754+ common compat.h header and add some extra info in the patch header.
2755+
2756+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Feb 2018 11:03:11 +0100
2757+
2758+qemu (1:2.11+dfsg-1ubuntu1) bionic; urgency=medium
2759+
2760+ * Merge with Debian testing, among other fixes this includes
2761+ - fix fatal error on negative maxcpus (LP: #1722495)
2762+ - fix segfault on dump-guest-memory on guests without memory (LP: #1723381)
2763+ - linux user threading issues (LP: #1350435)
2764+ - TOD-Clock Epoch Extension Support on s390x (LP: #1732691)
2765+ Remaining changes:
2766+ - qemu-kvm to systemd unit
2767+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2768+ hugepages and architecture specifics
2769+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2770+ - d/qemu-system-common.install: install systemd unit and helper script
2771+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2772+ - d/qemu-system-common.qemu-kvm.default: defaults for
2773+ /etc/default/qemu-kvm
2774+ - d/rules: install /etc/default/qemu-kvm
2775+ - Enable nesting by default
2776+ - set nested=1 module option on intel. (is default on amd)
2777+ - re-load kvm_intel.ko if it was loaded without nested=1
2778+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2779+ in qemu64 cpu type.
2780+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2781+ in qemu64 on amd
2782+ - libvirt/qemu user/group support
2783+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2784+ trigger.
2785+ - qemu-system-common.preinst: add kvm group if needed
2786+ - Distribution specific machine type
2787+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2788+ types to ease future live vm migration.
2789+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2790+ - improved dependencies
2791+ - Make qemu-system-common depend on qemu-block-extra
2792+ - Make qemu-utils depend on qemu-block-extra
2793+ - let qemu-utils recommend sharutils
2794+ - s390x support
2795+ - Create qemu-system-s390x package
2796+ - Include s390-ccw.img firmware
2797+ - Enable numa support for s390x
2798+ - ppc64[le] support
2799+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2800+ - arch aware kvm wrappers
2801+ * Added Changes
2802+ - update VCS-git to match the bionic branch
2803+ - sdl2 is yet too unstable for the LTS Ubuntu release given the reports
2804+ we still see upstream and in Debian - furthermore sdl2 isn't in main yet,
2805+ so we revert related changes to stick with the proven for now:
2806+ - 0fd25810 - do not build-depend on libx11-dev (libsdl2-dev already
2807+ depends on it)
2808+ - 9594f820 - switch from sdl1.2 to sdl2 (#870025)
2809+ - d/qemu-system-x86.README.Debian: document intention of nested being
2810+ default is comfort, not full support
2811+ - update Ubuntu machine types for qemu 2.11
2812+ - qemu-guest-agent: freeze-hook fixes (LP: #1484990)
2813+ - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch
2814+ - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
2815+ - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
2816+ - Create and install pxe netboot images for KVM s390x (LP: #1732094)
2817+ - d/rules enable install s390x-netboot.img
2818+ - debian/patches/ubuntu/partial-SLOF-for-s390x-netboot-compilation.patch
2819+ - d/control-in: enable RDMA support in qemu (LP: #1692476)
2820+ - on s390x provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1743560)
2821+ - d/p/ubuntu/linux-headers-update-to-4.15-rc1.patch
2822+ - d/p/ubuntu/linux-headers-update-4.15-rc9.patch
2823+ - d/p/ubuntu/lp1743560-s390x-kvm-Handle-bpb-feature.patch
2824+ - d/p/ubuntu/lp1743560-s390x-kvm-provide-stfle.81.patch
2825+ - tolerate ipxe size change on migrations to >=18.04 (LP: #1713490)
2826+ - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
2827+ reference 256k path
2828+ - d/control: depend on ipxe-qemu-256k-compat-efi-roms to be able to
2829+ handle incoming migrations from former releases.
2830+ - d/control-in: enable seccomp on s390x
2831+ * Dropped changes (no more needed):
2832+ - Dropped VHOST_NET_ENABLED and KVM_HUGEPAGES from /etc/default/qemu-kvm
2833+ The functionality is retained for upgraders, but is deprecated.
2834+ Post 18.04 the implementation for these configurations will be removed.
2835+ * Dropped changes (in Debian now):
2836+ - ppc64[le] support
2837+ - Enable seccomp for ppc64el
2838+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2839+ - disable missing x32 architecture
2840+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2841+ - d/qemu-system-common.docs: new paths since (ac06724a)
2842+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2843+ by qapi-schema.json which is already packaged (since 4d8bb958)
2844+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2845+ to Debian patch to match qemu 2.10)
2846+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2847+ since 8508eee7
2848+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2849+ - make nios2/hppa not installed explicitly until further stablized
2850+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2851+ qemu-ga-ref
2852+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2853+ along the qapi intro
2854+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2855+ dh_missing that are already provided in other formats qemu-doc,
2856+ qemu-qmp-ref,qemu-ga-ref
2857+ * Dropped changes (integrated upstream):
2858+ - d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
2859+ on arm64 when doing suspend/resume and reboots due to older kernels not
2860+ supporting ITS (LP 1731051).
2861+ - Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
2862+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
2863+ calls (LP 1726394)
2864+ - update to upstream 2.10.1 point release (LP 1722808)
2865+
2866+
2867+
2868+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Jan 2018 14:35:18 +0100
2869+
2870 qemu (1:2.11+dfsg-1) unstable; urgency=medium
2871
2872 [ Michael Tokarev ]
2873@@ -2178,6 +4895,238 @@ qemu (1:2.10.0-1) unstable; urgency=medium
2874
2875 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 23 Sep 2017 16:47:02 +0300
2876
2877+qemu (1:2.10+dfsg-0ubuntu5) bionic; urgency=medium
2878+
2879+ * d/p/detect-ITS-and-skip-usage-on-older-kernel.patch to avoid crashes
2880+ on arm64 when doing suspend/resume and reboots due to older kernels not
2881+ supporting ITS (LP: #1731051).
2882+
2883+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 14 Nov 2017 08:30:29 +0100
2884+
2885+qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium
2886+
2887+ * Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
2888+ James Cowgill to prevent qemu-user from forwarding prctl seccomp
2889+ calls (LP: #1726394)
2890+
2891+ -- Julian Andres Klode <juliank@ubuntu.com> Sat, 04 Nov 2017 00:21:14 +0100
2892+
2893+qemu (1:2.10+dfsg-0ubuntu3) artful; urgency=medium
2894+
2895+ * fix enablement of qemu-kvm service (LP: #1720397)
2896+ - rename d/qemu-kvm.service to d/qemu-system-common.qemu-kvm.service
2897+ - d/rules: add proper enablement debhelper calls
2898+ - d/qemu-system-common.install: install covered by dh_installinit
2899+
2900+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Oct 2017 11:28:39 +0200
2901+
2902+qemu (1:2.10+dfsg-0ubuntu2) artful; urgency=medium
2903+
2904+ * update to upstream 2.10.1 point release (LP: #1722808)
2905+
2906+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 11 Oct 2017 15:33:40 +0200
2907+
2908+qemu (1:2.10+dfsg-0ubuntu1) artful; urgency=medium
2909+
2910+ * Merge with Upstream 2.10.0 to pick up final fixes of the 2.10 release
2911+ Remaining changes:
2912+ - qemu-kvm to systemd unit
2913+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2914+ hugepages and architecture specifics
2915+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2916+ - d/qemu-system-common.install: install systemd unit and helper script
2917+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2918+ - d/qemu-system-common.qemu-kvm.default: defaults for
2919+ /etc/default/qemu-kvm
2920+ - d/rules: install /etc/default/qemu-kvm
2921+ - Enable nesting by default
2922+ - set nested=1 module option on intel. (is default on amd)
2923+ - re-load kvm_intel.ko if it was loaded without nested=1
2924+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2925+ in qemu64 cpu type.
2926+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2927+ in qemu64 on amd
2928+ - libvirt/qemu user/group support
2929+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2930+ trigger.
2931+ - qemu-system-common.preinst: add kvm group if needed
2932+ - Distribution specific machine type
2933+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2934+ types to ease future live vm migration.
2935+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
2936+ - improved dependencies
2937+ - Make qemu-system-common depend on qemu-block-extra
2938+ - Make qemu-utils depend on qemu-block-extra
2939+ - let qemu-utils recommend sharutils
2940+ - s390x support
2941+ - Create qemu-system-s390x package
2942+ - Include s390-ccw.img firmware
2943+ - Enable numa support for s390x
2944+ - ppc64[le] support
2945+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
2946+ - Enable seccomp for ppc64el
2947+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
2948+ - arch aware kvm wrappers
2949+ - update VCS-git to match the Artful branch
2950+ - disable missing x32 architecture
2951+ - d/rules: or32 is now named or1k (since 4a09d0bb)
2952+ - d/qemu-system-common.docs: new paths since (ac06724a)
2953+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
2954+ by qapi-schema.json which is already packaged (since 4d8bb958)
2955+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
2956+ to Debian patch to match qemu 2.10)
2957+ - s390x package now builds correctly on all architectures (LP 1710695)
2958+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
2959+ since 8508eee7
2960+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
2961+ - make nios2/hppa not installed explicitly until further stablized
2962+ - d/qemu-guest-agent.install: add the new guest agent reference man page
2963+ qemu-ga-ref
2964+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
2965+ along the qapi intro
2966+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
2967+ dh_missing that are already provided in other formats qemu-doc,
2968+ qemu-qmp-ref,qemu-ga-ref
2969+
2970+
2971+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 05 Sep 2017 08:31:26 +0200
2972+
2973+qemu (1:2.10~rc4+dfsg-0ubuntu1) artful; urgency=medium
2974+
2975+ * Merge with Upstream 2.10-rc4; This fixes a migration issue (LP: #1711602);
2976+ Remaining changes:
2977+ - qemu-kvm to systemd unit
2978+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
2979+ hugepages and architecture specifics
2980+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
2981+ - d/qemu-system-common.install: install systemd unit and helper script
2982+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
2983+ - d/qemu-system-common.qemu-kvm.default: defaults for
2984+ /etc/default/qemu-kvm
2985+ - d/rules: install /etc/default/qemu-kvm
2986+ - Enable nesting by default
2987+ - set nested=1 module option on intel. (is default on amd)
2988+ - re-load kvm_intel.ko if it was loaded without nested=1
2989+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
2990+ in qemu64 cpu type.
2991+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
2992+ in qemu64 on amd
2993+ - libvirt/qemu user/group support
2994+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
2995+ trigger.
2996+ - qemu-system-common.preinst: add kvm group if needed
2997+ - Distribution specific machine type
2998+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
2999+ types to ease future live vm migration.
3000+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
3001+ - improved dependencies
3002+ - Make qemu-system-common depend on qemu-block-extra
3003+ - Make qemu-utils depend on qemu-block-extra
3004+ - let qemu-utils recommend sharutils
3005+ - s390x support
3006+ - Create qemu-system-s390x package
3007+ - Include s390-ccw.img firmware
3008+ - Enable numa support for s390x
3009+ - ppc64[le] support
3010+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
3011+ - Enable seccomp for ppc64el
3012+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
3013+ - arch aware kvm wrappers
3014+ - update VCS-git to match the Artful branch
3015+ - disable missing x32 architecture
3016+ - d/rules: or32 is now named or1k (since 4a09d0bb)
3017+ - d/qemu-system-common.docs: new paths since (ac06724a)
3018+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
3019+ by qapi-schema.json which is already packaged (since 4d8bb958)
3020+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream (Update
3021+ to Debian patch to match qemu 2.10)
3022+ - s390x package now builds correctly on all architectures (LP 1710695)
3023+ * Added changes:
3024+ - d/qemu-system-common.docs: adapt new path of live-block-operations.rst
3025+ since 8508eee7
3026+ - d/qemu-system-common.docs: adapt q35 config paths since 9ca019c1
3027+ - make nios2/hppa not installed explicitly until further stablized
3028+ - d/qemu-guest-agent.install: add the new guest agent reference man page
3029+ qemu-ga-ref
3030+ - d/qemu-system-common.install: add the now generated qapi/qmp reference
3031+ along the qapi intro
3032+ - d/not-installed: ignore further generated (since 56e8bdd4) files in
3033+ dh_missing that are already provided in other formats qemu-doc,
3034+ qemu-qmp-ref,qemu-ga-ref
3035+ - d/p/ubuntu/define-ubuntu-machine-types.patch: update to match new
3036+ changes in 2.10-rc4
3037+
3038+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 25 Aug 2017 07:49:30 +0200
3039+
3040+qemu (1:2.10~rc3+dfsg-0ubuntu1) artful; urgency=medium
3041+
3042+ * Merge with Debian unstable (2.8) and Upstream 2.10-rci3; This fixes
3043+ a set of bugs
3044+ - [FFE] Qemu 2.10 in Artful (LP: #1699968)
3045+ - CPU hot unplug fails after migrating a CPU hotplugged guest
3046+ from source (LP: #1677552)
3047+ - [Feature] KNL/KNM: Numa Distance on KVM(LP: #1647902)
3048+ - New KVM 288 Pass Through (LP: #1672447)
3049+ - aarch64: MSI is not supported by interrupt controller (LP: #1706630)
3050+ * Remaining changes:
3051+ - qemu-kvm to systemd unit
3052+ - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
3053+ hugepages and architecture specifics
3054+ - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
3055+ - d/qemu-system-common.install: install systemd unit and helper script
3056+ - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
3057+ - d/qemu-system-common.qemu-kvm.default: defaults for
3058+ /etc/default/qemu-kvm
3059+ - d/rules: install /etc/default/qemu-kvm
3060+ - Enable nesting by default
3061+ - set nested=1 module option on intel. (is default on amd)
3062+ - re-load kvm_intel.ko if it was loaded without nested=1
3063+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
3064+ in qemu64 cpu type.
3065+ - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
3066+ in qemu64 on amd
3067+ - libvirt/qemu user/group support
3068+ - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
3069+ trigger.
3070+ - qemu-system-common.preinst: add kvm group if needed
3071+ - Distribution specific machine type
3072+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3073+ types to ease future live vm migration.
3074+ - d/qemu-system-x86.NEWS Info on fixed machine type definitions
3075+ - improved dependencies
3076+ - Make qemu-system-common depend on qemu-block-extra
3077+ - Make qemu-utils depend on qemu-block-extra
3078+ - let qemu-utils recommend sharutils
3079+ - s390x support
3080+ - Create qemu-system-s390x package
3081+ - Include s390-ccw.img firmware
3082+ - Enable numa support for s390x
3083+ - ppc64[le] support
3084+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
3085+ - Enable seccomp for ppc64el
3086+ - bump libseccomp-dev dependency, 2.3 is the minimum for ppc64
3087+ - arch aware kvm wrappers
3088+ - disable missing x32 architecture
3089+ - update VCS links
3090+ * Added changes
3091+ - d/rules: or32 is now named or1k (since 4a09d0bb)
3092+ - d/qemu-system-common.docs: new paths since (ac06724a)
3093+ - d/qemu-system-common.install: qmp-commands.txt removed, but replaced
3094+ by qapi-schema.json which is already packaged (since 4d8bb958)
3095+ - Updates in debian/patches to match qemu 2.10
3096+ - d/p/02_kfreebsd.patch: utimensat is no more optional upstream
3097+ - d/p/ubuntu/enable-svm-by-default.patch: target-i386 -> target/i386
3098+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: target-i386 -> target/i386
3099+ - d/p/ubuntu/define-ubuntu-machine-types.patch: new 2.10 ubuntu types
3100+ - update VCS-git to match the Artful branch
3101+ - s390x package now builds correctly on all architectures (LP: #1710695)
3102+ * Dropped changes (integrated upstream):
3103+ - d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
3104+ "spapr/pci: populate PCI DT in reverse order" (LP 1670481).
3105+ - All CVE fixes formerly applied are upstream and thereby dropped.
3106+
3107+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Aug 2017 16:59:19 +0200
3108+
3109 qemu (1:2.8+dfsg-7) unstable; urgency=medium
3110
3111 * uploading to unstable all fixes which went to stretch-security
3112@@ -2287,6 +5236,179 @@ qemu (1:2.8+dfsg-4) unstable; urgency=high
3113
3114 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 03 Apr 2017 16:28:49 +0300
3115
3116+qemu (1:2.8+dfsg-3ubuntu4) artful; urgency=medium
3117+
3118+ * debian/rules: fix installation of /etc/default/qemu-kvm (LP: #1692530)
3119+ This was inadvertently dropped on 2.8 merge.
3120+
3121+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 May 2017 15:45:58 +0200
3122+
3123+qemu (1:2.8+dfsg-3ubuntu3) artful; urgency=medium
3124+
3125+ * SECURITY UPDATE: denial of service via leak in virtFS
3126+ - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in
3127+ hw/9pfs/9p.c.
3128+ - CVE-2017-7377
3129+ * SECURITY UPDATE: denial of service in cirrus_vga
3130+ - debian/patches/CVE-2017-7718.patch: check parameters in
3131+ hw/display/cirrus_vga_rop.h.
3132+ - CVE-2017-7718
3133+ * SECURITY UPDATE: code execution via cirrus_vga OOB r/w
3134+ - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in
3135+ hw/display/cirrus_vga.c.
3136+ - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in
3137+ hw/display/cirrus_vga.c.
3138+ - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling
3139+ in hw/display/cirrus_vga.c.
3140+ - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in
3141+ hw/display/cirrus_vga.c.
3142+ - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch
3143+ in hw/display/cirrus_vga.c.
3144+ - debian/patches/CVE-2017-7980-6.patch: stop passing around dst
3145+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
3146+ hw/display/cirrus_vga_rop2.h.
3147+ - debian/patches/CVE-2017-7980-7.patch: stop passing around src
3148+ pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
3149+ hw/display/cirrus_vga_rop2.h.
3150+ - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in
3151+ hw/display/cirrus_vga_rop.h.
3152+ - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in
3153+ hw/display/cirrus_vga.c.
3154+ - CVE-2017-7980
3155+ * SECURITY UPDATE: denial of service via memory leak in virtFS
3156+ - debian/patches/CVE-2017-8086.patch: fix leak in hw/9pfs/9p-xattr.c.
3157+ - CVE-2017-8086
3158+ * SECURITY UPDATE: denial of service via leak in audio
3159+ - debian/patches/CVE-2017-8309.patch: release capture buffers in
3160+ audio/audio.c.
3161+ - CVE-2017-8309
3162+ * SECURITY UPDATE: denial of service via leak in keyboard
3163+ - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in
3164+ ui/input.c.
3165+ - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in
3166+ ui/input.c.
3167+ - CVE-2017-8379
3168+
3169+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 18 May 2017 09:20:54 -0400
3170+
3171+qemu (1:2.8+dfsg-3ubuntu2.1) zesty-security; urgency=medium
3172+
3173+ * SECURITY UPDATE: DoS in virtio GPU device
3174+ - debian/patches/CVE-2016-10028.patch: check virgl capabilities
3175+ max_size in hw/display/virtio-gpu-3d.c.
3176+ - CVE-2016-10028
3177+ * SECURITY UPDATE: DoS in JAZZ RC4030 chipset emulation
3178+ - debian/patches/CVE-2016-8667.patch: limit interval timer reload value
3179+ in hw/dma/rc4030.c.
3180+ - CVE-2016-8667
3181+ * SECURITY UPDATE: host filesystem access via virtFS
3182+ - debian/patches/CVE-2016-9602.patch: don't follow symlinks in
3183+ hw/9pfs/*.
3184+ - CVE-2016-9602
3185+ * SECURITY UPDATE: arbitrary code execution via Cirrus VGA
3186+ - debian/patches/CVE-2016-9603.patch: remove bitblit support from
3187+ console code in hw/display/cirrus_vga.c, include/ui/console.h,
3188+ ui/console.c, ui/vnc.c.
3189+ - CVE-2016-9603
3190+ * SECURITY UPDATE: information leak in virtio GPU device
3191+ - debian/patches/CVE-2016-9908.patch: properly clear out memory in
3192+ hw/display/virtio-gpu-3d.c.
3193+ - CVE-2016-9908
3194+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
3195+ - debian/patches/CVE-2016-9912.patch: properly free memory in
3196+ hw/display/virtio-gpu.c.
3197+ - CVE-2016-9912
3198+ * SECURITY UPDATE: DoS via virtFS
3199+ - debian/patches/CVE-2016-9914.patch: add cleanup operations to
3200+ fsdev/file-op-9p.h, hw/9pfs/9p.c.
3201+ - CVE-2016-9914
3202+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
3203+ - debian/patches/CVE-2017-5552.patch: check return value in
3204+ hw/display/virtio-gpu-3d.c.
3205+ - CVE-2017-5552
3206+ * SECURITY UPDATE: DoS via memory leak in virtio GPU device
3207+ - debian/patches/CVE-2017-5578.patch: check res->iov in
3208+ hw/display/virtio-gpu.c.
3209+ - CVE-2017-5578
3210+ * SECURITY UPDATE: DoS via infinite loop in SDHCI device emulation
3211+ - debian/patches/CVE-2017-5987-*.patch: fix transfer mode register
3212+ handling in hw/sd/sdhci.c.
3213+ - CVE-2017-5987
3214+ * SECURITY UPDATE: DoS via infinite loop in USB OHCI emulation
3215+ - debian/patches/CVE-2017-6505.patch: limit the number of link eds in
3216+ hw/usb/hcd-ohci.c.
3217+ - CVE-2017-6505
3218+
3219+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 24 Apr 2017 07:30:11 -0400
3220+
3221+qemu (1:2.8+dfsg-3ubuntu2) zesty; urgency=medium
3222+
3223+ * d/p/ubuntu/spapr-pci-populate-PCI-DT-in-reverse-order.patch: backport
3224+ "spapr/pci: populate PCI DT in reverse order" (LP: #1670481).
3225+
3226+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 07 Mar 2017 09:23:08 +0100
3227+
3228+qemu (1:2.8+dfsg-3ubuntu1) zesty; urgency=medium
3229+
3230+ * Merge with Debian;
3231+ This fixes several CVEs that were reported against qemu 2.8 and also
3232+ includes a few important functional backports (LP: #1667033); remaining
3233+ changes:
3234+ - add qemu-kvm init script and defaults file
3235+ (d/qemu-system-common.qemu-kvm.*)
3236+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
3237+ modules and handling /etc/default/qemu-kvm
3238+ - qemu-system-common.preinst: add kvm group if needed
3239+ - Enable nesting by default on intel.
3240+ - set default module option
3241+ - re-load kvm_intel.ko if it was loaded without nested=1
3242+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
3243+ default in qemu64 cpu type.
3244+ - Enable svm by default for qemu64 on amd
3245+ - d/p/ubuntu/define-ubuntu-machine-types.patch, d/qemu-system-x86.NEWS:
3246+ define distro machine types to ease future live vm migration (includes
3247+ all former follow up fixes).
3248+ - Make qemu-system-common depend on qemu-block-extra
3249+ - Make qemu-utils depend on qemu-block-extra
3250+ - s390x support
3251+ - Create qemu-system-s390x package
3252+ - Include s390-ccw.img firmware
3253+ - qemu-system-common.postinst:
3254+ - change acl placed by udev, and add udevadm trigger.
3255+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
3256+ - Several changes were applied but missing in the changelog so far
3257+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
3258+ - arch aware kvm wrapper
3259+ - update VCS links
3260+ - let qemu-utils recommend sharutils
3261+ - disable x32 architecture
3262+ - Enable seccomp for ppc64el
3263+ - Enable numa support for s390x
3264+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
3265+ init.d-script-missing-dependency-on-remote_fs
3266+ - d/qemu-system-common.postinst: fix lintian error type
3267+ command-with-path-in-maintainer-script
3268+ - Transition qemu-kvm to a systemd unit
3269+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
3270+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
3271+ that it shows up where the user expects (sytemctl status, kvm stdout)
3272+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
3273+ - add arch aware kvm wrapper for s390x
3274+ * Dropped Changes (in Debian now):
3275+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
3276+ - d/control-in: change dependencies for fix of wrong acl for newly
3277+ created device node on ubuntu
3278+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
3279+ relationship, but qemu-efi is still in universe right now.
3280+ - Disable glusterfs (Universe dependency)
3281+ - no more skip disable libiscsi on Ubuntu
3282+ - d/rules, d/control-in: avoid people editing d/control
3283+ * Added Changes:
3284+ - d/control: bump libseccomp-dev dependency as enabling libseccomp for
3285+ power makes 2.3 the minimum level.
3286+
3287+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 01 Mar 2017 14:23:16 +0100
3288+
3289 qemu (1:2.8+dfsg-3) unstable; urgency=high
3290
3291 * urgency high due to security fixes
3292@@ -2347,6 +5469,90 @@ qemu (1:2.8+dfsg-3) unstable; urgency=high
3293
3294 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 28 Feb 2017 11:40:18 +0300
3295
3296+qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=medium
3297+
3298+ * Merge with Debian; remaining changes:
3299+ - add qemu-kvm init script and defaults file
3300+ (d/qemu-system-common.qemu-kvm.*)
3301+ - d/rules, d/qemu-kvm-init: add and install script loading kvm
3302+ modules and handling /etc/default/qemu-kvm
3303+ - qemu-system-common.preinst: add kvm group if needed
3304+ - Enable nesting by default on intel.
3305+ - set default module option
3306+ - re-load kvm_intel.ko if it was loaded without nested=1
3307+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by
3308+ default in qemu64 cpu type.
3309+ - Enable svm by default for qemu64 on amd
3310+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3311+ types to ease future live vm migration.
3312+ - Make qemu-system-common depend on qemu-block-extra
3313+ - Make qemu-utils depend on qemu-block-extra
3314+ - s390x support
3315+ - Create qemu-system-s390x package
3316+ - Include s390-ccw.img firmware
3317+ - qemu-system-common.postinst:
3318+ - change acl placed by udev, and add udevadm trigger.
3319+ - d/control-in: change dependencies for fix of wrong acl for newly
3320+ created device node on ubuntu
3321+ - have qemu-system-arm suggest: qemu-efi; this should be a stronger
3322+ relationship, but qemu-efi is still in universe right now.
3323+ - d/qemu-kvm-init, d/kvm.powerpc, d/control-in: check SMT on ppc64el
3324+ - Several changes were applied but missing in the changelog so far
3325+ - d/qemu-system-ppc.links provide usr/bin/qemu-system-ppc64le symlink
3326+ - arch aware kvm wrapper
3327+ - update VCS links
3328+ - no more skip disable libiscsi on Ubuntu
3329+ - let qemu-utils recommend sharutils
3330+ - disable x32 architecture
3331+ * Dropped Changes:
3332+ - Several changes were applied but missing in the changelog so far
3333+ but are no more needed
3334+ - no pie for relocatable LD calls, with toolchain defaulting to
3335+ pie (fixed upstream)
3336+ - enable libnuma-dev (now in Debian)
3337+ - transition for moved init scripts (can be dropped after LTS
3338+ containing >=2.5 which is Xenial)
3339+ - --enable-seccomp related whitespace change (had no effect)
3340+ - apport hook for qemu source package (In Debian)
3341+ - add upstart script (d/qemu-system-common.qemu-kvm.upstart)
3342+ - d/qemu-system-x86.maintscript: transition off of
3343+ /etc/init.d/qemu-system-x86 (can be dropped after Xenial)
3344+ - Enable pie by default, on ubuntu/s390x. (Is the default since
3345+ >=Xenial, no cloud archive backport <=Xenial to consider)
3346+ - no pie for relocatable LD calls (fixed upstream in commit
3347+ 7ecf44a5)
3348+ - CVEs: CVE-2016-5403, CVE-2016-6351, CVE-2016-6490 (now Upstream)
3349+ - Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
3350+ (Improved fix included by upstream)
3351+ - Enable GPU Passthru for ppc64le (is upstream in qemu 2.7)
3352+ - Fixed wrong migration blocker when vhost is used (is upstream in
3353+ qemu 2.8)
3354+ * Added Changes:
3355+ - d/rules, d/control-in: avoid people editing d/control by warning
3356+ header and non writable permissions
3357+ - fixed moving trusty machine type definition which made it
3358+ ambiguous (LP: #1641532)
3359+ - d/qemu-system-x86.NEWS describe the issue
3360+ - Enable seccomp for ppc64el (LP: #1644639)
3361+ - Enable numa support for s390x
3362+ - d/qemu-system-common.qemu-kvm.init: fix lintian error type
3363+ init.d-script-missing-dependency-on-remote_fs
3364+ - d/qemu-system-common.postinst: fix lintian error type
3365+ command-with-path-in-maintainer-script
3366+ - Transition qemu-kvm to a systemd unit
3367+ - Disable glusterfs (Universe dependency)
3368+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check avoid unwanted output
3369+ - d/qemu-kvm-init, d/kvm.powerpc ppc64el SMT check keep output local so
3370+ that it shows up where the user expects (sytemctl status, kvm stdout)
3371+ - d/qemu-kvm-init ppc64el warn on expected second level kvm-hv load failure
3372+ - add arch aware kvm wrapper for s390x
3373+ - d/p/ubuntu/ctrl-a-b-fix-fb5e19d2.patch: char: fix ctrl-a b not working
3374+ - Enable DDW in Yakkety machine type because "Enable GPU Passthru for
3375+ ppc64le" was released as part of qemu 2.6 (can be dropped at 18.10,
3376+ merged in d/p/ubuntu/define-ubuntu-machine-types.patch)
3377+
3378+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 16 Jan 2017 16:27:11 +0100
3379+
3380 qemu (1:2.8+dfsg-2) unstable; urgency=medium
3381
3382 * Revert "update binfmt registration for mipsn32"
3383@@ -2465,6 +5671,67 @@ qemu (1:2.7+dfsg-1) unstable; urgency=medium
3384
3385 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 14 Oct 2016 13:31:40 +0300
3386
3387+qemu (1:2.6.1+dfsg-0ubuntu5) yakkety; urgency=medium
3388+
3389+ * No-change rebuild to compile against new libxen version.
3390+
3391+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 30 Sep 2016 14:24:37 +0200
3392+
3393+qemu (1:2.6.1+dfsg-0ubuntu4) yakkety; urgency=medium
3394+
3395+ * retain older xenial machine type to avoid issues starting guests
3396+ created on xenial prior to the SRU for bug 1621042. In that regard the old
3397+ broken xenial machine type and the new fixed one have both to be considered
3398+ as valid LTS machine types (LP: #1626070).
3399+
3400+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Sep 2016 14:57:09 +0200
3401+
3402+qemu (1:2.6.1+dfsg-0ubuntu3) yakkety; urgency=medium
3403+
3404+ * fix default ubuntu machine types. (LP: #1621042)
3405+ - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch
3406+ - remove double default and double ubuntu alias
3407+ - drop former devel releases utopic, vivid, wily
3408+ - add xenial and yakkety machine types
3409+ - add q35 based ubuntu machine type starting at xenial
3410+ - add ubuntu machine types on ppc64el and s390x starting at xenial
3411+
3412+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Sep 2016 07:50:50 +0200
3413+
3414+qemu (1:2.6.1+dfsg-0ubuntu2) yakkety; urgency=medium
3415+
3416+ * Enable GPU Passthru for ppc64le (LP: #1541902)
3417+ - 0001-spapr-ensure-device-trees-are-always-associated-with.patch
3418+ - 0002-spapr_pci-Use-correct-DMA-LIOBN-when-composing-the-d.patch
3419+ - 0003-spapr_iommu-Finish-renaming-vfio_accel-to-need_vfio.patch
3420+ - 0004-spapr_iommu-Move-table-allocation-to-helpers.patch
3421+ - 0005-vmstate-Define-VARRAY-with-VMS_ALLOC.patch
3422+ - 0006-spapr_iommu-Introduce-enabled-state-for-TCE-table.patch
3423+ - 0007-spapr_iommu-Migrate-full-state.patch
3424+ - 0008-spapr_iommu-Add-root-memory-region.patch
3425+ - 0009-spapr_pci-Reset-DMA-config-on-PHB-reset.patch
3426+ - 0010-spapr_pci-Add-and-export-DMA-resetting-helper.patch
3427+ - 0011-memory-Add-reporting-of-supported-page-sizes.patch
3428+ - 0012-memory-Add-MemoryRegionIOMMUOps.notify_started-stopp.patch
3429+ - 0013-intel_iommu-Throw-hw_error-on-notify_started.patch
3430+ - 0014-spapr_iommu-Realloc-guest-visible-TCE-table-when-sta.patch
3431+ - 0015-vfio-spapr-Add-DMA-memory-preregistering-SPAPR-IOMMU.patch
3432+ - 0016-vfio-Add-host-side-DMA-window-capabilities.patch
3433+ - 0017-vfio-spapr-Create-DMA-window-dynamically-SPAPR-IOMMU.patch
3434+ - 0018-spapr_pci-spapr_pci_vfio-Support-Dynamic-DMA-Windows.patch
3435+ - 0019-vfio-spapr-Remove-stale-ioctl-call.patch
3436+ - 0020-spapr-Fix-undefined-behaviour-in-spapr_tce_reset.patch
3437+ - 0021-memory-Fix-IOMMU-replay-base-address.patch
3438+
3439+ -- Jon Grimm <jon.grimm@canonical.com> Fri, 16 Sep 2016 14:14:47 -0500
3440+
3441+qemu (1:2.6.1+dfsg-0ubuntu1) yakkety; urgency=medium
3442+
3443+ * New upstream release. LP: #1617055.
3444+ * Revert fix for CVE-2016-5403, causes regression see USN-3047-2.
3445+
3446+ -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 09 Sep 2016 23:33:57 +0100
3447+
3448 qemu (1:2.6+dfsg-3.1) unstable; urgency=high
3449
3450 * Non-maintainer upload.
3451@@ -2498,6 +5765,55 @@ qemu (1:2.6+dfsg-3.1) unstable; urgency=high
3452
3453 -- Andrew James <ajames@hpe.com> Wed, 14 Sep 2016 00:56:18 -0600
3454
3455+qemu (1:2.6+dfsg-3ubuntu2) yakkety; urgency=medium
3456+
3457+ * SECURITY UPDATE: DoS via unbounded memory allocation
3458+ - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c.
3459+ - CVE-2016-5403
3460+ * SECURITY UPDATE: oob write access while reading ESP command
3461+ - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for
3462+ maximum CDB size and handle migration in hw/scsi/esp.c,
3463+ include/hw/scsi/esp.h, include/migration/vmstate.h.
3464+ - CVE-2016-6351
3465+ * SECURITY UPDATE: infinite loop in virtqueue_pop
3466+ - debian/patches/CVE-2016-6490.patch: check vring descriptor buffer
3467+ length in hw/virtio/virtio.c.
3468+ - CVE-2016-6490
3469+
3470+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 03 Aug 2016 08:36:16 -0400
3471+
3472+qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium
3473+
3474+ * Merge with Debian; remaining changes:
3475+ - debian/rules: do not drop the init scripts loading kvm modules
3476+ (still needed in precise in cloud archive)
3477+ - qemu-system-common.postinst:
3478+ * remove acl placed by udev, and add udevadm trigger.
3479+ * reload kvm_intel if needed to set nested=1
3480+ - qemu-system-common.preinst: add kvm group if needed
3481+ - add qemu-kvm upstart job and defaults file (rules,
3482+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3483+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3484+ do not auto-load the kvm kernel module. Enable nesting by default
3485+ on intel.
3486+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3487+ in qemu64 cpu type.
3488+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3489+ types to ease future live vm migration.
3490+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3491+ d/qemu-system-common.install
3492+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3493+ to fix errors with missing block backends.
3494+ - s390x:
3495+ * Create qemu-system-s390x package
3496+ * Enable pie by default, on ubuntu/s390x.
3497+ * Enable svm by default for qemu64 on amd
3498+ * Include s390-ccw.img firmware
3499+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
3500+ relationship, but qemu-efi is still in universe right now.
3501+
3502+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Jun 2016 16:49:49 -0500
3503+
3504 qemu (1:2.6+dfsg-3) unstable; urgency=high
3505
3506 * more security fixes picked from upstream:
3507@@ -2551,6 +5867,39 @@ qemu (1:2.6+dfsg-2) unstable; urgency=medium
3508
3509 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 13 Jun 2016 12:10:44 +0300
3510
3511+qemu (1:2.6+dfsg-1ubuntu1) yakkety; urgency=medium
3512+
3513+ * Merge with Debian; remaining changes: (LP: #1583775)
3514+ - debian/rules: do not drop the init scripts loading kvm modules
3515+ (still needed in precise in cloud archive)
3516+ - qemu-system-common.postinst:
3517+ * remove acl placed by udev, and add udevadm trigger.
3518+ * reload kvm_intel if needed to set nested=1
3519+ - qemu-system-common.preinst: add kvm group if needed
3520+ - add qemu-kvm upstart job and defaults file (rules,
3521+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3522+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3523+ do not auto-load the kvm kernel module. Enable nesting by default
3524+ on intel.
3525+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3526+ in qemu64 cpu type.
3527+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3528+ types to ease future live vm migration.
3529+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3530+ d/qemu-system-common.install
3531+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3532+ to fix errors with missing block backends. (LP: #1495895)
3533+ - s390x:
3534+ * Create qemu-system-s390x package
3535+ * Enable pie by default, on ubuntu/s390x.
3536+ * Enable svm by default for qemu64 on amd
3537+ * Include s390-ccw.img firmware
3538+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
3539+ relationship, but qemu-efi is still in universe right now.
3540+ * Drop patches which have been applied upstream:
3541+
3542+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 19 May 2016 12:11:36 -0500
3543+
3544 qemu (1:2.6+dfsg-1) unstable; urgency=medium
3545
3546 * new upstream release
3547@@ -2588,6 +5937,106 @@ qemu (1:2.6+dfsg-1) unstable; urgency=medium
3548
3549 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 18 May 2016 14:44:14 +0300
3550
3551+qemu (1:2.5+dfsg-5ubuntu12) yakkety; urgency=medium
3552+
3553+ * Cherrypick upstream patches to support the query-gic-version QMP command
3554+ (LP: #1566564)
3555+
3556+ -- dann frazier <dannf@ubuntu.com> Tue, 05 Apr 2016 16:56:11 -0600
3557+
3558+qemu (1:2.5+dfsg-5ubuntu11) yakkety; urgency=medium
3559+
3560+ [Stefan Bader]
3561+ * Enable svm by default for qemu64 on amd (LP: #1561019)
3562+
3563+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 22 Apr 2016 16:53:55 -0500
3564+
3565+qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium
3566+
3567+ * qemu-system-s390x only available on s390x, so qemu-system should only
3568+ depend on it on this arch.
3569+ * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
3570+ relationship, but qemu-efi is still in universe right now.
3571+
3572+ -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 19 Apr 2016 13:41:37 -0700
3573+
3574+qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium
3575+
3576+ * And actually ship the right things in qemu-system-s390x.
3577+
3578+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 19 Apr 2016 16:49:00 +0100
3579+
3580+qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium
3581+
3582+ * Create qemu-system-s390x package on ubuntu only.
3583+
3584+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 18 Apr 2016 10:16:19 +0100
3585+
3586+qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium
3587+
3588+ * Cherrypick patch from mailing list to fix qemu in sandbox. (LP: #1560149)
3589+
3590+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Apr 2016 15:13:06 -0500
3591+
3592+qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium
3593+
3594+ * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch
3595+ (LP: #1556306)
3596+
3597+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 16 Mar 2016 16:35:22 -0700
3598+
3599+qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium
3600+
3601+ * Cherrypick upstream patch to fix snapshot regression (LP: #1533728)
3602+
3603+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 07 Mar 2016 18:53:34 -0800
3604+
3605+qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium
3606+
3607+ * d/control{-in}: Re-generate and build with libiscsi-dev now
3608+ that its in Ubuntu main (LP: #1271653).
3609+
3610+ -- James Page <james.page@ubuntu.com> Wed, 24 Feb 2016 17:59:13 +0000
3611+
3612+qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium
3613+
3614+ * Make -no-pie conditional, on $(CC) supporting -no-pie flag.
3615+
3616+ -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 24 Feb 2016 14:40:19 +0000
3617+
3618+qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium
3619+
3620+ * No-change rebuild for gnutls transition.
3621+
3622+ -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:27:20 +0000
3623+
3624+qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium
3625+
3626+ * Merge with Debian; remaining changes:
3627+ - debian/rules: do not drop the init scripts loading kvm modules
3628+ (still needed in precise in cloud archive)
3629+ - qemu-system-common.postinst:
3630+ * remove acl placed by udev, and add udevadm trigger.
3631+ * reload kvm_intel if needed to set nested=1
3632+ - qemu-system-common.preinst: add kvm group if needed
3633+ - add qemu-kvm upstart job and defaults file (rules,
3634+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3635+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3636+ do not auto-load the kvm kernel module. Enable nesting by default
3637+ on intel.
3638+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3639+ in qemu64 cpu type.
3640+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3641+ types to ease future live vm migration.
3642+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3643+ d/qemu-system-common.install
3644+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3645+ to fix errors with missing block backends. (LP: #1495895)
3646+ - Enable pie by default, on ubuntu/s390x.
3647+ - Include s390-ccw.img firmware.
3648+
3649+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Feb 2016 10:24:49 -0800
3650+
3651 qemu (1:2.5+dfsg-5) unstable; urgency=medium
3652
3653 * fix misspellings in previous debian/changelog entry
3654@@ -2645,6 +6094,113 @@ qemu (1:2.5+dfsg-2) unstable; urgency=high
3655
3656 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 09 Jan 2016 21:40:43 +0300
3657
3658+qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium
3659+
3660+ * SECURITY UPDATE: paravirtualized drivers incautious about shared memory
3661+ contents
3662+ - debian/patches/CVE-2015-8550-1.patch: avoid double access in
3663+ hw/block/xen_blkif.h.
3664+ - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in
3665+ hw/display/xenfb.c.
3666+ - CVE-2015-8550
3667+ * SECURITY UPDATE: infinite loop in ehci_advance_state
3668+ - debian/patches/CVE-2015-8558.patch: make idt processing more robust
3669+ in hw/usb/hcd-ehci.c.
3670+ - CVE-2015-8558
3671+ * SECURITY UPDATE: host memory leakage in vmxnet3
3672+ - debian/patches/CVE-2015-856x.patch: avoid memory leakage in
3673+ hw/net/vmxnet3.c.
3674+ - CVE-2015-8567
3675+ - CVE-2015-8568
3676+ * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info
3677+ - debian/patches/CVE-2015-8613.patch: initialise info object with
3678+ appropriate size in hw/scsi/megasas.c.
3679+ - CVE-2015-8613
3680+ * SECURITY UPDATE: DoS via Human Monitor Interface
3681+ - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write
3682+ in hmp.c, include/ui/console.h, ui/input-legacy.c.
3683+ - CVE-2015-8619
3684+ * SECURITY UPDATE: incorrect array bounds check in rocker
3685+ - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds
3686+ check in hw/net/rocker/rocker.c.
3687+ - CVE-2015-8701
3688+ * SECURITY UPDATE: ne2000 OOB r/w in ioport operations
3689+ - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport
3690+ operations in hw/net/ne2000.c.
3691+ - CVE-2015-8743
3692+ * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands
3693+ - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on
3694+ error in hw/ide/ahci.c.
3695+ - CVE-2016-1568
3696+ * SECURITY UPDATE: DoS via null pointer dereference in vapic_write()
3697+ - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in
3698+ hw/i386/kvmvapic.c.
3699+ - CVE-2016-1922
3700+ * SECURITY UPDATE: e1000 infinite loop
3701+ - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on
3702+ out-of-bounds transfer start in hw/net/e1000.c
3703+ - CVE-2016-1981
3704+ * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB
3705+ engines
3706+ - debian/patches/CVE-2016-2197.patch: add check before calling
3707+ dma_memory_unmap in hw/ide/ahci.c.
3708+ - CVE-2016-2197
3709+ * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write
3710+ - debian/patches/CVE-2016-2198.patch: add capability mmio write
3711+ function in hw/usb/hcd-ehci.c.
3712+ - CVE-2016-2198
3713+
3714+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 01 Feb 2016 09:39:01 -0500
3715+
3716+qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium
3717+
3718+ * debian/qemu-kvm-init: Call systemd-detect-virt instead of the
3719+ Ubuntu specific running-in-container wrapper. (LP: #1539016)
3720+
3721+ -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 28 Jan 2016 13:24:51 +0100
3722+
3723+qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high
3724+
3725+ * Include s390-ccw.img firmware.
3726+
3727+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 12 Jan 2016 15:53:43 +0000
3728+
3729+qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium
3730+
3731+ * Place qemu-kvm.defaults file in qemu-system-common, next to the init
3732+ scripts. Fix the comparison operator when checking KVM_HUGEPAGES.
3733+ Thanks Simon. (LP: #1531191)
3734+
3735+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 06 Jan 2016 09:45:37 -0800
3736+
3737+qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium
3738+
3739+ * Merge with Debian; remaining changes:
3740+ - debian/rules: do not drop the init scripts loading kvm modules
3741+ (still needed in precise in cloud archive)
3742+ - qemu-system-common.postinst:
3743+ * remove acl placed by udev, and add udevadm trigger.
3744+ * reload kvm_intel if needed to set nested=1
3745+ - qemu-system-common.preinst: add kvm group if needed
3746+ - add qemu-kvm upstart job and defaults file (rules,
3747+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3748+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3749+ do not auto-load the kvm kernel module. Enable nesting by default
3750+ on intel.
3751+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3752+ in qemu64 cpu type.
3753+ - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
3754+ types to ease future live vm migration.
3755+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3756+ d/qemu-system-common.install
3757+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3758+ to fix errors with missing block backends. (LP: #1495895)
3759+ - Enable pie by default, on ubuntu/s390x.
3760+ * Drop vGICv3 support patches - all is now upstream
3761+ * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191)
3762+
3763+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Jan 2016 15:42:50 -0800
3764+
3765 qemu (1:2.5+dfsg-1) unstable; urgency=medium
3766
3767 * new upstream release
3768@@ -2671,6 +6227,49 @@ qemu (1:2.5+dfsg-1) unstable; urgency=medium
3769
3770 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 16 Dec 2015 20:00:04 +0300
3771
3772+qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high
3773+
3774+ * Enable pie by default, on ubuntu/s390x.
3775+
3776+ -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 07 Dec 2015 16:04:16 +0000
3777+
3778+qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium
3779+
3780+ * undo the libseccomp delta from debian. libseccomp is indeed available
3781+ on other arches, but we need qemu's configure script to be fixed before
3782+ we can use it on anything other than amd64|i386. Fixes FTBFS.
3783+ (LP: #1522531)
3784+
3785+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 03 Dec 2015 12:44:46 -0600
3786+
3787+qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium
3788+
3789+ * Merge with Debian; remaining changes:
3790+ - Update the ubuntu machine types patch to reflect upstream churn
3791+ - debian/rules: do not drop the init scripts loading kvm modules
3792+ (still needed in precise in cloud archive)
3793+ - qemu-system-common.postinst:
3794+ * remove acl placed by udev, and add udevadm trigger.
3795+ * reload kvm_intel if needed to set nested=1
3796+ - qemu-system-common.preinst: add kvm group if needed
3797+ - add qemu-kvm upstart job and defaults file (rules,
3798+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3799+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3800+ do not auto-load the kvm kernel module. Enable nesting by default
3801+ on intel.
3802+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3803+ in qemu64 cpu type.
3804+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3805+ machine type to ease future live vm migration.
3806+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3807+ d/qemu-system-common.install
3808+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3809+ to fix errors with missing block backends. (LP: #1495895)
3810+ - control-in: build with libseccomp an all architectures
3811+ - Add vGICv3 support
3812+
3813+ -- Matthias Klose <doko@ubuntu.com> Wed, 02 Dec 2015 21:31:36 +0100
3814+
3815 qemu (1:2.4+dfsg-5) unstable; urgency=medium
3816
3817 * trace-remove-malloc-tracing.patch from upstream.
3818@@ -2683,6 +6282,57 @@ qemu (1:2.4+dfsg-5) unstable; urgency=medium
3819
3820 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 29 Nov 2015 12:22:52 +0300
3821
3822+qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium
3823+
3824+ * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
3825+ - debian/patches/CVE-2015-7504.patch: leave room for CRC code in
3826+ hw/net/pcnet.c.
3827+ - CVE-2015-7504
3828+ * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
3829+ - debian/patches/CVE-2015-7512.patch: check packet length in
3830+ hw/net/pcnet.c.
3831+ - CVE-2015-7512
3832+ * SECURITY UPDATE: infinite loop in eepro100
3833+ - debian/patches/CVE-2015-8345.patch: prevent endless loop in
3834+ hw/net/eepro100.c.
3835+ - CVE-2015-8345
3836+
3837+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 01 Dec 2015 13:36:40 -0500
3838+
3839+qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium
3840+
3841+ * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition.
3842+
3843+ -- dann frazier <dann.frazier@canonical.com> Tue, 03 Nov 2015 08:05:46 -0700
3844+
3845+qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium
3846+
3847+ * Merge 2.4 from unstable. Remaining changes:
3848+ - Update the ubuntu machine types patch to reflect upstream churn
3849+ - debian/rules: do not drop the init scripts loading kvm modules
3850+ (still needed in precise in cloud archive)
3851+ - qemu-system-common.postinst:
3852+ * remove acl placed by udev, and add udevadm trigger.
3853+ * reload kvm_intel if needed to set nested=1
3854+ - qemu-system-common.preinst: add kvm group if needed
3855+ - add qemu-kvm upstart job and defaults file (rules,
3856+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
3857+ - rules,qemu-system-x86.modprobe: support use under older udevs which
3858+ do not auto-load the kvm kernel module. Enable nesting by default
3859+ on intel.
3860+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
3861+ in qemu64 cpu type.
3862+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
3863+ machine type to ease future live vm migration.
3864+ - apport hook for qemu source package: d/source_qemu-kvm.py,
3865+ d/qemu-system-common.install
3866+ - Make qemu-system-common and qemu-utils depend on qemu-block-extra
3867+ to fix errors with missing block backends. (LP: #1495895)
3868+ - control-in: build with libseccomp an all architectures.
3869+ * Add vGICv3 support
3870+
3871+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 27 Oct 2015 13:28:58 -0500
3872+
3873 qemu (1:2.4+dfsg-4) unstable; urgency=medium
3874
3875 * applied 3 patches from upstream to fix virtio-net
3876@@ -2697,7 +6347,7 @@ qemu (1:2.4+dfsg-3) unstable; urgency=high
3877 fix for Heap overflow vulnerability in ne2000_receive() function
3878 (Closes: #799074 CVE-2015-5279)
3879 * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch
3880- (Closes: #799073 CVE-2015-5278)
3881+ (Closes: #799073 CVE-2015-5278)
3882 * some binfmt reorg:
3883 - extend aarch64 to include one more byte as other arches do
3884 - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize
3885@@ -2749,6 +6399,137 @@ qemu (1:2.3+dfsg-6) unstable; urgency=high
3886
3887 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 11 Jun 2015 20:03:40 +0300
3888
3889+qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium
3890+
3891+ * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466)
3892+
3893+ -- Ryan Harper <ryan.harper@canonical.com> Wed, 21 Oct 2015 08:59:29 -0500
3894+
3895+qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low
3896+
3897+ * debian/patches/upstream-fix-irq-route-entries.patch
3898+ Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed"
3899+ (LP: #1465935)
3900+
3901+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 09 Oct 2015 15:38:53 +0200
3902+
3903+qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium
3904+
3905+ * Build using libseccomp on all architectures.
3906+
3907+ -- Matthias Klose <doko@ubuntu.com> Sat, 03 Oct 2015 21:12:15 +0200
3908+
3909+qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium
3910+
3911+ * SECURITY UPDATE: denial of service via NE2000 driver
3912+ - debian/patches/CVE-2015-5278.patch: fix infinite loop in
3913+ hw/net/ne2000.c.
3914+ - CVE-2015-5278
3915+ * SECURITY UPDATE: denial of service and possible code execution via
3916+ heap overflow in NE2000 driver
3917+ - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in
3918+ hw/net/ne2000.c.
3919+ - CVE-2015-5279
3920+ * SECURITY UPDATE: denial of service via e1000 infinite loop
3921+ - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c.
3922+ - CVE-2015-6815
3923+ * SECURITY UPDATE: denial of service via illegal ATAPI commands
3924+ - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in
3925+ hw/ide/core.c.
3926+ - CVE-2015-6855
3927+
3928+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 23 Sep 2015 15:05:51 -0400
3929+
3930+qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium
3931+
3932+ * Make qemu-system-common and qemu-utils depend on qemu-block-extra
3933+ to fix errors with missing block backends. (LP: #1495895)
3934+ * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655)
3935+ * Apply fix for memory corruption during live-migration in tcg mode
3936+ (LP: #1493049)
3937+ * Apply tracing patch to remove use of custom vtable in newer glibc
3938+ (LP: #1491972)
3939+
3940+ -- Ryan Harper <ryan.harper@canonical.com> Tue, 15 Sep 2015 09:37:23 -0500
3941+
3942+qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium
3943+
3944+ * Import qcow2-handle-eagain-from-update_refcount from upstream
3945+ to fix errors when using qemu-img convert -c. (LP: #1491050)
3946+
3947+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Sep 2015 16:35:56 -0500
3948+
3949+qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium
3950+
3951+ * SECURITY UPDATE: process heap memory disclosure
3952+ - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c.
3953+ - CVE-2015-5165
3954+ * SECURITY UPDATE: privilege escalation via block device unplugging
3955+ - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend
3956+ in hw/ide/piix.c.
3957+ - CVE-2015-5166
3958+ * SECURITY UPDATE: privilege escalation via memory corruption in vnc
3959+ - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply
3960+ limits in ui/vnc.c.
3961+ - CVE-2015-5225
3962+ * SECURITY UPDATE: denial of service via virtio-serial
3963+ - debian/patches/CVE-2015-5745.patch: don't assume a specific layout
3964+ for control messages in hw/char/virtio-serial-bus.c.
3965+ - CVE-2015-5745
3966+
3967+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 25 Aug 2015 09:38:43 -0400
3968+
3969+qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium
3970+
3971+ * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
3972+ - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
3973+ - CVE-2015-3214
3974+ * SECURITY UPDATE: heap overflow when processing ATAPI commands
3975+ - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
3976+ hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
3977+ - CVE-2015-5154
3978+ * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
3979+ - debian/patches/CVE-2015-5158.patch: check length in
3980+ hw/scsi/scsi-bus.c.
3981+ - CVE-2015-5158
3982+
3983+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jul 2015 10:07:05 -0400
3984+
3985+qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium
3986+
3987+ * SECURITY UPDATE: heap overflow in PCNET controller
3988+ - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c.
3989+ - CVE-2015-3209
3990+
3991+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Jun 2015 14:25:05 -0400
3992+
3993+qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium
3994+
3995+ * Merge 1:2.3+dfsg-5 from Debian.
3996+ * Remaining changes:
3997+ - debian/rules: do not drop the init scripts loading kvm modules
3998+ (still needed in precise in cloud archive)
3999+ - qemu-system-common.postinst:
4000+ * remove acl placed by udev, and add udevadm trigger.
4001+ * reload kvm_intel if needed to set nested=1
4002+ - qemu-system-common.preinst: add kvm group if needed
4003+ - add qemu-kvm upstart job and defaults file (rules,
4004+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4005+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4006+ do not auto-load the kvm kernel module. Enable nesting by default
4007+ on intel.
4008+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4009+ in qemu64 cpu type.
4010+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4011+ machine type to ease future live vm migration.
4012+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4013+ d/qemu-system-common.install
4014+ * Refreshed patches:
4015+ - ubuntu/expose-vmx_qemu64cpu.patch
4016+ - ubuntu/define-ubuntu-machine-types.patch
4017+
4018+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 10 Jun 2015 14:28:39 -0500
4019+
4020 qemu (1:2.3+dfsg-5) unstable; urgency=high
4021
4022 * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch
4023@@ -2760,6 +6541,35 @@ qemu (1:2.3+dfsg-5) unstable; urgency=high
4024
4025 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 03 Jun 2015 17:18:58 +0300
4026
4027+qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium
4028+
4029+ * Merge 1:2.3+dfsg-4 from Debian.
4030+ * Remaining changes:
4031+ - debian/rules: do not drop the init scripts loading kvm modules
4032+ (still needed in precise in cloud archive)
4033+ - qemu-system-common.postinst:
4034+ * remove acl placed by udev, and add udevadm trigger.
4035+ * reload kvm_intel if needed to set nested=1
4036+ - qemu-system-common.preinst: add kvm group if needed
4037+ - add qemu-kvm upstart job and defaults file (rules,
4038+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4039+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4040+ do not auto-load the kvm kernel module. Enable nesting by default
4041+ on intel.
4042+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4043+ in qemu64 cpu type.
4044+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4045+ machine type to ease future live vm migration.
4046+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4047+ d/qemu-system-common.install
4048+ * Dropped all patches which are applied upstream
4049+ * Move the upstart jobs to a generic script
4050+ - add new qemu-kvm-init script
4051+ - call that from upstart and sysvrc qemu-kvm scripts
4052+ - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc}
4053+
4054+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 03 Jun 2015 13:36:36 -0500
4055+
4056 qemu (1:2.3+dfsg-4) unstable; urgency=medium
4057
4058 * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch:
4059@@ -2821,6 +6631,98 @@ qemu (1:2.2+dfsg-6exp) experimental; urgency=medium
4060
4061 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 17 Apr 2015 21:54:53 +0300
4062
4063+qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium
4064+
4065+ * SECURITY UPDATE: denial of service in vnc web
4066+ - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket
4067+ frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h.
4068+ - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from
4069+ websockets clients in ui/vnc-ws.c.
4070+ - CVE-2015-1779
4071+ * SECURITY UPDATE: host code execution via floppy device (VEMON)
4072+ - debian/patches/CVE-2015-3456.patch: force the fifo access to be in
4073+ bounds of the allocated buffer in hw/block/fdc.c.
4074+ - CVE-2015-3456
4075+
4076+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 13 May 2015 07:25:59 -0400
4077+
4078+qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low
4079+
4080+ * CVE-2015-2756 / XSA-126
4081+ - xen: limit guest control of PCI command register
4082+
4083+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 08 Apr 2015 10:17:45 +0200
4084+
4085+qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium
4086+
4087+ * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not
4088+ accidentally create /1
4089+
4090+ -- Steve Beattie <sbeattie@ubuntu.com> Thu, 12 Mar 2015 16:46:51 -0700
4091+
4092+qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low
4093+
4094+ * No-change rebuild to pull in libxl-4.5 (take 2: step to the right).
4095+
4096+ -- Stefan Bader <stefan.bader@canonical.com> Thu, 26 Feb 2015 08:55:35 +0100
4097+
4098+qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low
4099+
4100+ * No-change rebuild to pull in libxl-4.5.
4101+
4102+ -- Stefan Bader <stefan.bader@canonical.com> Wed, 25 Feb 2015 13:58:37 +0100
4103+
4104+qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium
4105+
4106+ * debian/control-in: enable numa on architectures where numa is built
4107+ (LP: #1417937)
4108+
4109+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 23:18:58 -0600
4110+
4111+qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium
4112+
4113+ [Scott Moser]
4114+ * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa
4115+ profile when started by libvirt.
4116+
4117+ [Serge Hallyn]
4118+ * add symlink qemu-system-ppc64le -> qemu-system-ppc64
4119+ * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script
4120+ (LP: #1419855)
4121+
4122+ [Chris J Arges]
4123+ * Determine if we are running inside a virtual environment. If running inside
4124+ a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153)
4125+
4126+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 13:04:21 -0600
4127+
4128+qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium
4129+
4130+ * Merge 1:2.2+dfsg-5exp from Debian. (LP: #1409308)
4131+ - debian/rules: do not drop the init scripts loading kvm modules
4132+ (still needed in precise in cloud archive)
4133+ * Remaining changes:
4134+ - qemu-system-common.postinst:
4135+ * remove acl placed by udev, and add udevadm trigger.
4136+ * reload kvm_intel if needed to set nested=1
4137+ - qemu-system-common.preinst: add kvm group if needed
4138+ - add qemu-kvm upstart job and defaults file (rules,
4139+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4140+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4141+ do not auto-load the kvm kernel module. Enable nesting by default
4142+ on intel.
4143+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4144+ in qemu64 cpu type.
4145+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4146+ machine type to ease future live vm migration.
4147+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4148+ d/qemu-system-common.install
4149+ * Dropped all patches which are applied upstream
4150+ * Update ubuntu-vivid machine type to default to std graphics (following
4151+ upstream's lead for pc-i440fx-2.2 machine type)
4152+
4153+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 09 Feb 2015 22:31:09 -0600
4154+
4155 qemu (1:2.2+dfsg-5exp) experimental; urgency=medium
4156
4157 * fix initscript removal once again
4158@@ -2870,6 +6772,47 @@ qemu (2.2+dfsg-1exp) unstable; urgency=medium
4159
4160 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 09 Dec 2014 23:09:26 +0300
4161
4162+qemu (1:2.1+dfsg-11ubuntu2) vivid; urgency=medium
4163+
4164+ * Cherrypick upstream patch needed to allow ESx hosts to run under
4165+ kvm (LP: #1411575)
4166+
4167+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 16 Jan 2015 16:32:48 -0600
4168+
4169+qemu (1:2.1+dfsg-11ubuntu1) vivid; urgency=medium
4170+
4171+ * Merge 2.1+dfsg-11. Remaining changes:
4172+ - qemu-system-common.postinst:
4173+ * remove acl placed by udev, and add udevadm trigger.
4174+ * reload kvm_intel if needed to set nested=1
4175+ - qemu-system-common.preinst: add kvm group if needed
4176+ - add qemu-kvm upstart job and defaults file (rules,
4177+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4178+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4179+ do not auto-load the kvm kernel module. Enable nesting by default
4180+ on intel.
4181+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4182+ removed the alternatives bit later.
4183+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4184+ in qemu64 cpu type.
4185+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4186+ machine type to ease future live vm migration.
4187+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4188+ d/qemu-system-common.install
4189+ - debian/binfmt-update-in: support ppcle
4190+ * debian/binfmt-update-in
4191+ * Support-ppcle.patch
4192+ - Upstream patches to fix AArch64 emulation ignoring SPSel=0:
4193+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
4194+ * d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
4195+ * d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
4196+ * Dropped patches (upstream or now in debian's tree):
4197+ - upstream-xen_disk-fix-unmapping-of-persistent-grants.patch
4198+ - CVE-2014-7840.patch
4199+ - CVE-2014-8106.patch
4200+
4201+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Dec 2014 13:57:34 -0600
4202+
4203 qemu (1:2.1+dfsg-11) unstable; urgency=medium
4204
4205 * bump epoch and reupload to cancel 2.2+dfsg-1exp upload
4206@@ -2939,6 +6882,81 @@ qemu (2.1+dfsg-8) unstable; urgency=low
4207
4208 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 27 Nov 2014 18:32:45 +0300
4209
4210+qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium
4211+
4212+ * SECURITY UPDATE: code execution via savevm data
4213+ - debian/patches/CVE-2014-7840.patch: validate parameters in
4214+ arch_init.c.
4215+ - CVE-2014-7840
4216+ * SECURITY UPDATE: code execution via cirrus vga blit regions
4217+ (LP: #1400775)
4218+ - debian/patches/CVE-2014-8106.patch: properly validate blit regions in
4219+ hw/display/cirrus_vga.c.
4220+ - CVE-2014-8106
4221+
4222+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 11 Dec 2014 14:11:52 -0500
4223+
4224+qemu (2.1+dfsg-7ubuntu4) vivid; urgency=low
4225+
4226+ * d/rules: Fix vendor check to make kvm-spice symlinks (DEB_VENDOR got
4227+ dropped and VENDOR now will be all capital UBUNTU).
4228+
4229+ -- Stefan Bader <stefan.bader@canonical.com> Mon, 08 Dec 2014 14:45:31 +0100
4230+
4231+qemu (2.1+dfsg-7ubuntu3) vivid; urgency=medium
4232+
4233+ * d/p/target-arm-A64-Break-out-aarch64_save-restore_sp.patch
4234+ d/p/target-arm-A64-Respect-SPSEL-in-ERET-SP-restore.patch
4235+ d/p/target-arm-A64-Respect-SPSEL-when-taking-exceptions.patch:
4236+ Cherry-pick of upstream patches in order to fix AArch64 emulation ignoring
4237+ SPSel=0 in certain conditions. (LP: #1349277)
4238+
4239+ -- Chris J Arges <chris.j.arges@canonical.com> Thu, 04 Dec 2014 14:17:01 -0600
4240+
4241+qemu (2.1+dfsg-7ubuntu2) vivid; urgency=low
4242+
4243+ * d/p/upstream-xen_disk-fix-unmapping-of-persistent-grants.patch:
4244+ Cherry-pick of qemu-upstream patch to fix issues with persistent
4245+ grants and the PV backend (Qdisk) (LP: #1394327).
4246+
4247+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 28 Nov 2014 13:14:37 +0100
4248+
4249+qemu (2.1+dfsg-7ubuntu1) vivid; urgency=medium
4250+
4251+ * Merge 2.1+dfsg-7. Remaining changes:
4252+ - qemu-system-common.postinst:
4253+ * remove acl placed by udev, and add udevadm trigger.
4254+ * reload kvm_intel if needed to set nested=1
4255+ - qemu-system-common.preinst: add kvm group if needed
4256+ - add qemu-kvm upstart job and defaults file (rules,
4257+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4258+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4259+ do not auto-load the kvm kernel module. Enable nesting by default
4260+ on intel.
4261+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4262+ removed the alternatives bit later.
4263+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4264+ in qemu64 cpu type.
4265+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4266+ machine type to ease future live vm migration.
4267+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4268+ d/qemu-system-common.install
4269+ - debian/binfmt-update-in: support ppcle
4270+ * debian/binfmt-update-in
4271+ * Support-ppcle.patch
4272+ * Dropped patches (upstream or now in debian's tree):
4273+ - pc-reserve-more-memory-for-acpi.patch
4274+ - CVE-2014-5388.patch
4275+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap and
4276+ 502-block-raw-posic-use-seek-hole-ahead-of-fiemap (combined
4277+ in debian)
4278+ - CVE-2014-3615.patch
4279+ - CVE-2014-3640.patch
4280+ - CVE-2014-3689.patch
4281+ - CVE-2014-7815.patch
4282+
4283+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 22 Nov 2014 18:36:53 -0600
4284+
4285 qemu (2.1+dfsg-7) unstable; urgency=high
4286
4287 * urgency is high due to 2 security fixes
4288@@ -2990,6 +7008,119 @@ qemu (2.1+dfsg-5) unstable; urgency=medium
4289
4290 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 26 Sep 2014 17:43:26 +0400
4291
4292+qemu (2.1+dfsg-4ubuntu9) vivid; urgency=medium
4293+
4294+ * SECURITY UPDATE: information disclosure via vga driver
4295+ - debian/patches/CVE-2014-3615.patch: return the correct memory size,
4296+ sanity check register writes, and don't use fixed buffer sizes in
4297+ hw/display/qxl.c, hw/display/vga.c, hw/display/vga_int.h,
4298+ ui/spice-display.c.
4299+ - CVE-2014-3615
4300+ * SECURITY UPDATE: denial of service via slirp NULL pointer deref
4301+ - debian/patches/CVE-2014-3640.patch: make sure socket is not just a
4302+ stub in slirp/udp.c.
4303+ - CVE-2014-3640
4304+ * SECURITY UPDATE: possible privilege escalation via vmware-vga driver
4305+ - debian/patches/CVE-2014-3689.patch: verify rectangles in
4306+ hw/display/vmware_vga.c.
4307+ - CVE-2014-3689
4308+ * SECURITY UPDATE: denial of service via VNC console
4309+ - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in
4310+ ui/vnc.c.
4311+ - CVE-2014-7815
4312+
4313+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 13 Nov 2014 07:31:03 -0500
4314+
4315+qemu (2.1+dfsg-4ubuntu8) vivid; urgency=medium
4316+
4317+ * Support qemu-kvm on x32, arm64, ppc64 and pp64el architectures
4318+ (LP: #1389897) (Patch thanks to mwhudson, BenC, and infinity)
4319+
4320+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Nov 2014 15:51:47 -0600
4321+
4322+qemu (2.1+dfsg-4ubuntu7) vivid; urgency=medium
4323+
4324+ * Apply two patches to fix intermittent qemu-img corruption
4325+ (LP: #1368815)
4326+ - 501-block-raw-posix-fix-disk-corruption-in-try-fiemap
4327+ - 502-block-raw-posic-use-seek-hole-ahead-of-fiemap
4328+
4329+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 29 Oct 2014 22:31:43 -0500
4330+
4331+qemu (2.1+dfsg-4ubuntu6) utopic; urgency=medium
4332+
4333+ * debian/control: slof is moving into main, so we can depend on qemu-slof as
4334+ debian does.
4335+
4336+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Oct 2014 22:01:27 +0200
4337+
4338+qemu (2.1+dfsg-4ubuntu5) utopic; urgency=medium
4339+
4340+ * debian/binfmt-update-in: don't blacklist ppc64le on ppc64 and vice
4341+ versa.
4342+ * Drop Support-ppc64le.pach, as that architecture appears to not exist yet.
4343+ * update d/p/ubuntu/define-ubuntu-machine-types.patch to keep -M pc pointing
4344+ to latest upstream machine type, rather than distro one. Add 'ubuntu'
4345+ machine type for that.
4346+
4347+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 06 Oct 2014 13:41:31 -0500
4348+
4349+qemu (2.1+dfsg-4ubuntu4) utopic; urgency=medium
4350+
4351+ * debian/qemu-system-x86.qemu-kvm.upstart: create /dev/kvm in a
4352+ container. (LP: #1370199)
4353+ * load kvm module on ppc64le at boot (LP: #1369785)
4354+ - debian/rules: install qemu-kvm on ppc64el
4355+ - add debian/qemu-system-ppc.qemu-kvm.{upstart,default} to autoload the
4356+ kvm-hv module if available
4357+ * qemu-system-x86.maintscript: remove accidentally installed
4358+ /etc/init.d/qemu-system-x86 (from 2.0.0+dfsg-6ubuntu1 and a few earlier)
4359+ * rename qemu-system-x86 init script to qemu-kvm so it gets installed in
4360+ ubuntu.
4361+
4362+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 17 Sep 2014 14:20:12 -0500
4363+
4364+qemu (2.1+dfsg-4ubuntu3) utopic; urgency=medium
4365+
4366+ * Re-stick the trusty machine type to 2.0 (where it must always stay) and
4367+ define a new, default, pc-i440fx-utopic machine type (LP: #1369481)
4368+
4369+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 15 Sep 2014 14:04:57 -0500
4370+
4371+qemu (2.1+dfsg-4ubuntu2) utopic; urgency=medium
4372+
4373+ * move kvm_intel nested setting to qemu-system-x86.postinst.
4374+
4375+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 12 Sep 2014 23:12:52 +0000
4376+
4377+qemu (2.1+dfsg-4ubuntu1) utopic; urgency=medium
4378+
4379+ * Merge new debian release
4380+ * Remaining changes:
4381+ - qemu-system-common.postinst:
4382+ * remove acl placed by udev, and add udevadm trigger.
4383+ * reload kvm_intel if needed to set nested=1
4384+ - qemu-system-common.preinst: add kvm group if needed
4385+ - add qemu-kvm upstart job and defaults file (rules,
4386+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4387+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4388+ do not auto-load the kvm kernel module. Enable nesting by default
4389+ on intel.
4390+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4391+ removed the alternatives bit later.
4392+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4393+ in qemu64 cpu type.
4394+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4395+ machine type to ease future live vm migration.
4396+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4397+ d/qemu-system-common.install
4398+ - debian/binfmt-update-in: support ppcle
4399+ * debian/binfmt-update-in
4400+ * Support-ppcle.patch
4401+ - d/p/CVE-2014-5388.patch
4402+
4403+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 09 Sep 2014 17:56:15 -0500
4404+
4405 qemu (2.1+dfsg-4) unstable; urgency=medium
4406
4407 * mention libnuma-dev but not enable for now
4408@@ -3007,6 +7138,59 @@ qemu (2.1+dfsg-4) unstable; urgency=medium
4409
4410 -- Michael Tokarev <mjt@tls.msk.ru> Sun, 31 Aug 2014 09:32:59 +0400
4411
4412+qemu (2.1+dfsg-3ubuntu4) utopic; urgency=medium
4413+
4414+ * SECURITY UPDATE: memory disclosure via out-of-bounds array access
4415+ - debian/patches/CVE-2014-5388.patch: fix check in hw/acpi/pcihp.c.
4416+ - CVE-2014-5388
4417+
4418+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 09 Sep 2014 08:26:24 -0400
4419+
4420+qemu (2.1+dfsg-3ubuntu3) utopic; urgency=medium
4421+
4422+ * replace d/p/revert-acpi-table-size-bump with
4423+ pc-reserve-more-memory-for-acpi.patch from upstream
4424+ * debian/binfmt-update-in
4425+ - don't run in a container
4426+ - add ppc64le as target (LP: #1358268)
4427+ * Add experimental ppcle support (LP: #1358268)
4428+
4429+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 27 Aug 2014 18:24:32 -0500
4430+
4431+qemu (2.1+dfsg-3ubuntu2) utopic; urgency=medium
4432+
4433+ * revert-acpi-table-size-bump - get qemu -kernel working again.
4434+
4435+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 15:33:24 -0500
4436+
4437+qemu (2.1+dfsg-3ubuntu1) utopic; urgency=medium
4438+
4439+ * Merge new debian release
4440+ * Remaining changes:
4441+ - control-in: stick to libsdl1.2-dev.
4442+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
4443+ qemu-bridge-helper
4444+ - qemu-system-common.postinst: remove acl placed by udev,
4445+ and add udevadm trigger.
4446+ - qemu-system-common.preinst: add kvm group if needed
4447+ - add qemu-kvm upstart job and defaults file (rules,
4448+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4449+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4450+ do not auto-load the kvm kernel module. Enable nesting by default
4451+ on intel.
4452+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4453+ removed the alternatives bit later.
4454+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4455+ in qemu64 cpu type.
4456+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4457+ machine type to ease future live vm migration.
4458+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4459+ d/qemu-system-common.install
4460+ * Upstart job: use getent group to check for kvm group
4461+ * apport: 'qemu' doesn't exist any more, so check for any qemu* tasks
4462+
4463+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 15 Aug 2014 08:44:54 -0500
4464+
4465 qemu (2.1+dfsg-3) unstable; urgency=medium
4466
4467 * set SHELL = /bin/sh -e, so that more complex shell constructs
4468@@ -3033,6 +7217,42 @@ qemu (2.1+dfsg-3) unstable; urgency=medium
4469
4470 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 14 Aug 2014 14:30:24 +0400
4471
4472+qemu (2.1+dfsg-2ubuntu2) utopic; urgency=medium
4473+
4474+ * reload kvm_intel if needed to set the nested=Y flag (LP: #1324174)
4475+
4476+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Aug 2014 12:58:50 -0500
4477+
4478+qemu (2.1+dfsg-2ubuntu1) utopic; urgency=medium
4479+
4480+ * Merge new debian release
4481+ * Remaining changes:
4482+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
4483+ have in ipxe-qemu package.
4484+ - control-in: stick to libsdl1.2-dev.
4485+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
4486+ qemu-bridge-helper
4487+ - qemu-system-common.postinst: remove acl placed by udev,
4488+ and add udevadm trigger.
4489+ - qemu-system-common.preinst: add kvm group if needed
4490+ - add qemu-kvm upstart job and defaults file (rules,
4491+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4492+ - debian/rules: add qemu-kvm-spice
4493+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4494+ do not auto-load the kvm kernel module. Enable nesting by default
4495+ on intel.
4496+ - binfmt-update-in: make sure to filter out compat arches.
4497+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4498+ removed the alternatives bit later.
4499+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4500+ in qemu64 cpu type.
4501+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4502+ machine type to ease future live vm migration.
4503+ - apport hook for qemu source package: d/source_qemu-kvm.py,
4504+ d/qemu-system-common.install
4505+
4506+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 05 Aug 2014 13:53:06 -0500
4507+
4508 qemu (2.1+dfsg-2) unstable; urgency=medium
4509
4510 * l2tp-linux-only.patch: fix FTBFS on kfreebsd
4511@@ -3067,7 +7287,7 @@ qemu (2.1+dfsg-1) unstable; urgency=medium
4512
4513 qemu (2.0.0+dfsg-7) unstable; urgency=medium
4514
4515- * clarify description of qemu-user-binfmt a bit
4516+ * clarify description of qemu-user-binfmt a bit
4517 * build-depend on acpica-tools (iasl) in order to rebuild .dsl files
4518 * remove qemu-keymaps package, since it is not used by other tools
4519 anymore, and ship keymaps in qemu-system-common.
4520@@ -3084,6 +7304,43 @@ qemu (2.0.0+dfsg-7) unstable; urgency=medium
4521
4522 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 24 Jul 2014 16:51:16 +0400
4523
4524+qemu (2.0.0+dfsg-6ubuntu2) utopic; urgency=medium
4525+
4526+ * d/qemu-system-x86.qemu-kvm.upstart: change the early-exit check from
4527+ /usr/bin/kvm to qemu-system-x86_64. (LP: #1348551)
4528+
4529+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 25 Jul 2014 08:35:02 -0500
4530+
4531+qemu (2.0.0+dfsg-6ubuntu1) utopic; urgency=medium
4532+
4533+ * Merge 2.0.0+dfsg-6. Remaining changes:
4534+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
4535+ have in ipxe-qemu package.
4536+ - control-in: stick to libgnutls-dev and libsdl1.2-dev.
4537+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
4538+ qemu-bridge-helper
4539+ - qemu-system-common.postinst: remove acl placed by udev,
4540+ and add udevadm trigger.
4541+ - qemu-system-common.preinst: add kvm group if needed
4542+ - add qemu-kvm upstart job and defaults file (rules,
4543+ qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
4544+ - debian/rules: add qemu-kvm-spice
4545+ - rules,qemu-system-x86.modprobe: support use under older udevs which
4546+ do not auto-load the kvm kernel module. Enable nesting by default
4547+ on intel.
4548+ - binfmt-update-in: make sure to filter out compat arches.
4549+ - debian/qemu-system-alternatives.in: use a later version as ubuntu
4550+ removed the alternatives bit later.
4551+ - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
4552+ in qemu64 cpu type.
4553+ - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
4554+ machine type to ease future live vm migration.
4555+ - re-introduce apport hook for qemu source package:
4556+ d/source_qemu-kvm.py, d/qemu-system-common.install
4557+ * enable-build-dep on libjpeg8-dev - which is now in main
4558+
4559+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 23 Jun 2014 14:52:54 -0500
4560+
4561 qemu (2.0.0+dfsg-6) unstable; urgency=medium
4562
4563 * build-depend on libgnutls28-dev not libgnutls-dev
4564@@ -3127,6 +7384,59 @@ qemu (2.0.0+dfsg-3) unstable; urgency=low
4565
4566 -- Michael Tokarev <mjt@tls.msk.ru> Mon, 21 Apr 2014 12:34:03 +0400
4567
4568+qemu (2.0.0+dfsg-2ubuntu3) utopic; urgency=medium
4569+
4570+ * remove alternatives for qemu: different architectures
4571+ aren't really alternatives and never had been (LP: #1316829)
4572+
4573+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 07 May 2014 15:12:33 +0000
4574+
4575+qemu (2.0.0+dfsg-2ubuntu2) utopic; urgency=medium
4576+
4577+ * debian/rules: install the proper /etc/init/qemu-kvm.conf (LP: #1315402)
4578+ * debian/control: drop the versioning requirement from libfdt-dev
4579+ build-dependency, as it is longer needed (LP: #1295072)
4580+
4581+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 02 May 2014 11:43:44 -0500
4582+
4583+qemu (2.0.0+dfsg-2ubuntu1) trusty-proposed; urgency=medium
4584+
4585+ * Merge 2.0.0+dfsg-2
4586+ * Incorporates a fix for spice users (LP: #1309452)
4587+ * drop patch kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch, as
4588+ the regression requiring it was reverted for 2.0 upstream.
4589+ * remove qemu-system-common depends on the qemu-system-aarch64 metapackage
4590+ * debian/qemu-debootstrap: add arm64
4591+ * Remaining changes from debian:
4592+ - keep qemu 'alternative' (not something to change in SRU)
4593+ - debian/control and debian/control-in:
4594+ * versioned libfdt-dev check, until libfdt is fixed in precise
4595+ * enable rbd
4596+ * remove ovmf Recommends, as it is in multiverse
4597+ * use libsdl1.2, not libsdl2, since libsdl2-dev is in universe
4598+ * add a qemu-system-aarch64 metapackage for transitions from trusty
4599+ development version. This can be removed after trusty.
4600+ - qemu-system-common.install: add debian/tmp/usr/lib to install the
4601+ qemu-bridge-helper
4602+ - qemu-system-common.postinst: fix /dev/kvm acls
4603+ - qemu-system-common.preinst: add kvm group if needed
4604+ - qemu-system-x86.links: add eepro100.rom link, drop links which we
4605+ have in ipxe-qemu package.
4606+ - qemu-system-x86.modprobe: set module options for older releases
4607+ - qemu-system-x86.qemu-kvm.default: defaults for the upstart job
4608+ - qemu-system-x86.qemu-kvm.upstart: qemu-kvm upstart job
4609+ - qemu-user-static.postinst-in: remove qemu-arm64-static on arm64
4610+ - debian/rules
4611+ * add legacy kvm-spice link
4612+ * fix ppc and arm slections
4613+ * add aarch64 to user_targets
4614+ - debian/patches/ubuntu/define-trusty-machine-type.patch: define a
4615+ pc-i440fx-trusty machine type as the default.
4616+ - debian/patches/ubuntu/expose-vmx_qemu64cpu.patch: support nesting by
4617+ default in qemu64 cpu time.
4618+
4619+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 18 Apr 2014 09:23:27 -0500
4620+
4621 qemu (2.0.0+dfsg-2) unstable; urgency=medium
4622
4623 * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current
4624@@ -3152,7 +7462,7 @@ qemu (2.0.0+dfsg-1) unstable; urgency=low
4625 * kmod dependency is linux-any
4626 * doc-grammify-allows-to.patch: fix some lintian warnings
4627 * remove alternatives for qemu: different architectures
4628- aren't really alternatives and never had been
4629+ aren't really alternatives and never had been
4630 * update Standards-Version to 3.9.5 (no changes needed)
4631 * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff -
4632 fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1
4633@@ -3186,6 +7496,50 @@ qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low
4634
4635 -- Michael Tokarev <mjt@tls.msk.ru> Sat, 05 Apr 2014 16:23:48 +0400
4636
4637+qemu (2.0.0~rc1+dfsg-0ubuntu3) trusty; urgency=medium
4638+
4639+ * d/p/ubuntu/kvm_physical_sync_dirty_bitmap-ignore-ENOENT-from-kv.patch
4640+ don't abort() just because the kernel has no dirty bitmap.
4641+ (LP: #1303926)
4642+
4643+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 22:32:00 -0500
4644+
4645+qemu (2.0.0~rc1+dfsg-0ubuntu2) trusty; urgency=medium
4646+
4647+ * define-trusty-machine-type.patch: update the trusty machine type name to
4648+ pc-i440fx-trusty (LP: #1304107)
4649+
4650+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 08 Apr 2014 11:49:04 -0500
4651+
4652+qemu (2.0.0~rc1+dfsg-0ubuntu1) trusty; urgency=medium
4653+
4654+ * Merge 2.0.0-rc1
4655+ * debian/rules: consolidate ppc filter entries.
4656+ * Move qemu-system-arch64 into qemu-system-arm
4657+ * debian/patches/define-trusty-machine-type.patch: define a trusty machine
4658+ type, currently the same as pc-i440fx-2.0, to put is in a better position
4659+ to enable live migrations from trusty onward. (LP: #1294823)
4660+ * debian/control: build-dep on libfdt >= 1.4.0 (LP: #1295072)
4661+ * Merge latest upstream git to commit dc9528f
4662+ * Debian/rules:
4663+ - remove -enable-uname-release=2.6.32
4664+ - don't make the aarch64 target Ubuntu-specific.
4665+ * Remove patches which are now upstream:
4666+ - fix-smb-security-share.patch
4667+ - slirp-smb-redirect-port-445-too.patch
4668+ - linux-user-Implement-sendmmsg-syscall.patch (better version is upstream)
4669+ - signal-added-a-wrapper-for-sigprocmask-function.patch
4670+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
4671+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
4672+ - ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch
4673+ * add link for /usr/share/qemu/bios-256k.bin
4674+ * Remove all linaro patches.
4675+ * Remove all arm64/ patches. Many but not all are upstream.
4676+ * Remove CVE-2013-4377.patch which is upstream.
4677+ * debian/control-in: don't make qemu-system-aarch64 ubuntu-specific
4678+
4679+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 25 Feb 2014 22:31:43 -0600
4680+
4681 qemu (1.7.0+dfsg-9) unstable; urgency=medium
4682
4683 * remove rbd/rados/ceph support *again*, till they'll actually provide
4684@@ -3250,6 +7604,104 @@ qemu (1.7.0+dfsg-4) unstable; urgency=medium
4685
4686 -- Michael Tokarev <mjt@tls.msk.ru> Wed, 12 Mar 2014 18:34:03 +0400
4687
4688+qemu (1.7.0+dfsg-3ubuntu7) trusty; urgency=low
4689+
4690+ * No-change rebuild to build with libxen-4.4.
4691+
4692+ -- Stefan Bader <stefan.bader@canonical.com> Fri, 21 Mar 2014 10:04:36 +0100
4693+
4694+qemu (1.7.0+dfsg-3ubuntu6) trusty; urgency=medium
4695+
4696+ * d/p/ubuntu/ppc-force-cpu-threads-count-to-be-power-of-2.patch: cherrypick
4697+ upstream patch to force cpu count on ppc to be a power of 2. (LP: #1279682)
4698+
4699+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Mar 2014 00:03:00 -0500
4700+
4701+qemu (1.7.0+dfsg-3ubuntu5) trusty; urgency=medium
4702+
4703+ [ dann frazier ]
4704+ * Add patches from the susematz tree to avoid intermittent segfaults:
4705+ - ubuntu/signal-added-a-wrapper-for-sigprocmask-function.patch
4706+ - ubuntu/signal-sigsegv-protection-on-do_sigprocmask.patch
4707+ - ubuntu/Don-t-block-SIGSEGV-at-more-places.patch
4708+
4709+ [ Serge Hallyn ]
4710+ * Modify do_sigprocmask to only change behavior for aarch64.
4711+ (LP: #1285363)
4712+
4713+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 06 Mar 2014 16:15:50 -0600
4714+
4715+qemu (1.7.0+dfsg-3ubuntu4) trusty; urgency=medium
4716+
4717+ [ Steve Langasek ]
4718+ * Merge debian/control with unreleased Debian branch: our architecture
4719+ lists should now be in sync.
4720+
4721+ [ Dann Frazier ]
4722+ * ubuntu/linux-user-Implement-sendmmsg-syscall.patch: Fix user mode DNS
4723+ on arm64 and maybe others. (LP: #1284344)
4724+
4725+ [ Serge Hallyn ]
4726+ * Move the OVMF.fd link to the ovmf package.
4727+
4728+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 21 Feb 2014 12:14:53 -0800
4729+
4730+qemu (1.7.0+dfsg-3ubuntu3) trusty; urgency=medium
4731+
4732+ * Add ppc64el to the architecture list (supposedly added in the previous
4733+ upload, but really wasn't).
4734+
4735+ -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 20 Feb 2014 23:40:07 -0800
4736+
4737+qemu (1.7.0+dfsg-3ubuntu2) trusty; urgency=medium
4738+
4739+ * Backport changes to enable qemu-user-static support for aarch64
4740+ * debian/control: add ppc64el to Architectures
4741+ * debian/rules: only install qemu-system-aarch64 on arm64.
4742+ Fixes a FTBFS when built twice in a row on non-arm64 due to a stale
4743+ debian/qemu-system-aarch64 directory
4744+
4745+ -- dann frazier <dann.frazier@canonical.com> Tue, 11 Feb 2014 15:41:53 -0700
4746+
4747+qemu (1.7.0+dfsg-3ubuntu1) trusty; urgency=medium
4748+
4749+ * Fix broken filter_binfmts
4750+ * Remove use of dpkg-version in postinsts, as we're not Depending on
4751+ dpkg-dev.
4752+
4753+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 05 Feb 2014 21:57:38 -0600
4754+
4755+qemu (1.7.0+dfsg-3ubuntu1~ppa1) trusty; urgency=medium
4756+
4757+ * Merge 1.7.0+dfsg-3 from debian. Remaining changes:
4758+ - debian/patches/ubuntu:
4759+ * expose-vmx_qemu64cpu.patch
4760+ * linaro (omap3) and arm64 patches
4761+ * ubuntu/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS
4762+ on ppc
4763+ * ubuntu/CVE-2013-4377.patch: fix denial of service via virtio
4764+ - debian/qemu-system-x86.modprobe: set kvm_intel nested=1 options
4765+ - debian/control:
4766+ * add arm64 to Architectures
4767+ * add qemu-common and qemu-system-aarch64 packages
4768+ - debian/qemu-system-common.install: add debian/tmp/usr/lib
4769+ - debian/qemu-system-common.preinst: add kvm group
4770+ - debian/qemu-system-common.postinst: remove acl placed by udev,
4771+ and add udevadm trigger.
4772+ - qemu-system-x86.links: add eepro100.rom, remove pxe-virtio,
4773+ pxe-e1000 and pxe-rtl8139.
4774+ - add qemu-system-x86.qemu-kvm.upstart and .default
4775+ - qemu-user-static.postinst-in: remove arm64 binfmt
4776+ - debian/rules:
4777+ * allow parallel build
4778+ * add aarch64 to system_targets and sys_systems
4779+ * add qemu-kvm-spice links
4780+ * install qemu-system-x86.modprobe
4781+ - add debian/qemu-system-common.links for OVMF.fd link
4782+ * Remove kvm-img, kvm-nbd, kvm-ifup and kvm-ifdown symlinks.
4783+
4784+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 04 Feb 2014 12:13:08 -0600
4785+
4786 qemu (1.7.0+dfsg-3) unstable; urgency=low
4787
4788 * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86
4789@@ -3275,6 +7727,121 @@ qemu (1.7.0+dfsg-3) unstable; urgency=low
4790
4791 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 16 Jan 2014 15:17:46 +0400
4792
4793+qemu (1.7.0+dfsg-2ubuntu9) trusty; urgency=medium
4794+
4795+ * debian/qemu-user-static.postinst-in: remove arm64 qemu-user binfmt, which
4796+ may have been installed up to 1.6.0+dfsg-2ubuntu4 (LP: #1273654)
4797+
4798+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 Jan 2014 14:41:20 +0000
4799+
4800+qemu (1.7.0+dfsg-2ubuntu8) trusty; urgency=medium
4801+
4802+ * SECURITY UPDATE: denial of service via virtio device hot-plugging
4803+ - debian/patches/CVE-2013-4377.patch: upstream commits to refactor
4804+ virtio device unplugging.
4805+ - CVE-2013-4377
4806+
4807+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Jan 2014 09:10:37 -0500
4808+
4809+qemu (1.7.0+dfsg-2ubuntu7) trusty; urgency=medium
4810+
4811+ * d/p/target-ppc-add-stubs-for-kvm-breakpoints: fix FTBFS on
4812+ powerpc.
4813+
4814+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 22 Jan 2014 11:59:26 -0600
4815+
4816+qemu (1.7.0+dfsg-2ubuntu6) trusty; urgency=medium
4817+
4818+ [ Serge Hallyn ]
4819+ * add arm64 patchset from upstream. The three arm virt patches previously
4820+ pushed are in that set, so drop them.
4821+
4822+ [ dann frazier ]
4823+ * Add packaging for qemu-system-aarch64. This package is currently only
4824+ available for arm64, as full software emulation is not yet supported.
4825+
4826+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 10 Jan 2014 12:19:08 -0600
4827+
4828+qemu (1.7.0+dfsg-2ubuntu5) trusty; urgency=medium
4829+
4830+ * Drop d/p/fix-pci-add: upstream does not intend for pci_add to be
4831+ supported any longer.
4832+ * Add patchset from git://git.linaro.org/qemu/qemu-linaro.git#rebasing
4833+ * Refresh debian/patches/hw_arm_add_virt_platform.patch against context
4834+ churn caused by linaro patchset.
4835+ * debian/rules: enable parallel builds.
4836+
4837+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 03 Jan 2014 10:53:17 -0600
4838+
4839+qemu (1.7.0+dfsg-2ubuntu4) trusty; urgency=medium
4840+
4841+ * d/control: enable usbredir (LP: 1126390)
4842+
4843+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 02 Jan 2014 08:55:43 -0600
4844+
4845+qemu (1.7.0+dfsg-2ubuntu3) trusty; urgency=medium
4846+
4847+ * add missing arm virt patches from the mach-virt-v7 branch of
4848+ git://git.linaro.org/people/cdall/qemu-arm.git
4849+
4850+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 18 Dec 2013 12:25:59 -0600
4851+
4852+qemu (1.7.0+dfsg-2ubuntu2) trusty; urgency=medium
4853+
4854+ * debian/control: add arm64 to list of architectures.
4855+
4856+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Dec 2013 10:22:47 -0600
4857+
4858+qemu (1.7.0+dfsg-2ubuntu1) trusty; urgency=low
4859+
4860+ * Merge 1.7.0+dfsg-2 from debian experimental. Remaining changes:
4861+ - debian/control
4862+ * update maintainer
4863+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4864+ from build-deps
4865+ * enable rbd
4866+ * add qemu-system and qemu-common B/R to qemu-keymaps
4867+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4868+ qemu-system-common
4869+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4870+ - add qemu-common, qemu-kvm, kvm to B/R
4871+ - remove openbios-sparc from qemu-system-sparc D
4872+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
4873+ * qemu-system-x86:
4874+ - add qemu-common to Breaks/Replaces.
4875+ - add cpu-checker to Recommends.
4876+ * qemu-user: add B/R:qemu-kvm
4877+ * qemu-kvm:
4878+ - add armhf armel powerpc sparc to Architecture
4879+ - C/R/P: qemu-kvm-spice
4880+ * add qemu-common package
4881+ * drop qemu-slof which is not packaged in ubuntu
4882+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4883+ - qemu-system-x86.links:
4884+ * remove pxe rom links which are in kvm-ipxe
4885+ - debian/rules
4886+ * add kvm-spice symlink to qemu-kvm
4887+ * call dh_installmodules for qemu-system-x86
4888+ * update dh_installinit to install upstart script
4889+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4890+ - Add qemu-utils.links for kvm-* symlinks.
4891+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4892+ - Add qemu-system-x86.modprobe to set nesting=1
4893+ - Add qemu-system-common.preinst to add kvm group
4894+ - qemu-system-common.postinst: remove bad group acl if there, then have
4895+ udev relabel /dev/kvm.
4896+ - New linaro patches from qemu-linaro rebasing branch
4897+ - Dropped patches:
4898+ * linaro patchset
4899+ * mach-virt patchset
4900+ - Kept patches:
4901+ * expose_vms_qemu64cpu.patch
4902+ * fix-pci-add
4903+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
4904+ qemu-bridge-helper
4905+
4906+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Sat, 07 Dec 2013 06:08:11 +0000
4907+
4908 qemu (1.7.0+dfsg-2) unstable; urgency=low
4909
4910 * switch from vgabios to seavgabios
4911@@ -3304,6 +7871,73 @@ qemu (1.7.0+dfsg-1) unstable; urgency=low
4912
4913 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 28 Nov 2013 03:14:21 +0400
4914
4915+qemu (1.6.0+dfsg-2ubuntu2) trusty; urgency=low
4916+
4917+ * debian/control: qemu-utils must Replace: qemu-kvm as it did in raring,
4918+ to prevent lts-to-lts updates from breaking. (LP: #1243403)
4919+
4920+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 23 Oct 2013 14:31:05 -0500
4921+
4922+qemu (1.6.0+dfsg-2ubuntu1) trusty; urgency=low
4923+
4924+ * Merge 1.6.0~rc0+dfsg-2exp from debian experimental. Remaining changes:
4925+ - debian/control
4926+ * update maintainer
4927+ * remove libiscsi, usb-redir, vde, vnc-jpeg, and libssh2-1-dev
4928+ from build-deps
4929+ * enable rbd
4930+ * add qemu-system and qemu-common B/R to qemu-keymaps
4931+ * add D:udev, R:qemu, R:qemu-common and B:qemu-common to
4932+ qemu-system-common
4933+ * qemu-system-arm, qemu-system-ppc, qemu-system-sparc:
4934+ - add qemu-kvm to Provides
4935+ - add qemu-common, qemu-kvm, kvm to B/R
4936+ - remove openbios-sparc from qemu-system-sparc D
4937+ - drop openbios-ppc and openhackware Depends to Suggests (for now)
4938+ * qemu-system-x86:
4939+ - add qemu-common to Breaks/Replaces.
4940+ - add cpu-checker to Recommends.
4941+ * qemu-user: add B/R:qemu-kvm
4942+ * qemu-kvm:
4943+ - add armhf armel powerpc sparc to Architecture
4944+ - C/R/P: qemu-kvm-spice
4945+ * add qemu-common package
4946+ * drop qemu-slof which is not packaged in ubuntu
4947+ - add qemu-system-common.links for tap ifup/down scripts and OVMF link.
4948+ - qemu-system-x86.links:
4949+ * remove pxe rom links which are in kvm-ipxe
4950+ * add symlink for kvm.1 manpage
4951+ - debian/rules
4952+ * add kvm-spice symlink to qemu-kvm
4953+ * call dh_installmodules for qemu-system-x86
4954+ * update dh_installinit to install upstart script
4955+ * run dh_installman (Closes: #709241) (cherrypicked from 1.5.0+dfsg-2)
4956+ - Add qemu-utils.links for kvm-* symlinks.
4957+ - Add qemu-system-x86.qemu-kvm.upstart and .default
4958+ - Add qemu-system-x86.modprobe to set nesting=1
4959+ - Add qemu-system-common.preinst to add kvm group
4960+ - qemu-system-common.postinst: remove bad group acl if there, then have
4961+ udev relabel /dev/kvm.
4962+ - New linaro patches from qemu-linaro rebasing branch
4963+ - Dropped patches:
4964+ * xen-simplify-xen_enabled.patch
4965+ * sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch
4966+ * main_loop-do-not-set-nonblocking-if-xen_enabled.patch
4967+ * xen_machine_pv-do-not-create-a-dummy-CPU-in-machine-.patch
4968+ * virtio-rng-fix-crash
4969+ - Kept patches:
4970+ * expose_vms_qemu64cpu.patch - updated
4971+ * linaro arm patches from qemu-linaro rebasing branch
4972+ - New patches:
4973+ * fix-pci-add: change CONFIG variable in ifdef to make sure that
4974+ pci_add is defined.
4975+ * Add linaro patches
4976+ * Add experimental mach-virt patches for arm virtualization.
4977+ * qemu-system-common.install: add debian/tmp/usr/lib to install the
4978+ qemu-bridge-helper
4979+
4980+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 22 Oct 2013 22:47:07 -0500
4981+
4982 qemu (1.6.0+dfsg-2) unstable; urgency=low
4983
4984 * Build-depend in seccomp again once it is in -testing
4985@@ -3374,6 +8008,89 @@ qemu (1.5.0+dfsg-4) unstable; urgency=medium
4986
4987 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 06 Jun 2013 01:50:32 +0400
4988
4989+qemu (1.5.0+dfsg-3ubuntu6) trusty; urgency=low
4990+
4991+ * No change rebuild for new seccomp.
4992+
4993+ -- Stéphane Graber <stgraber@ubuntu.com> Mon, 21 Oct 2013 18:34:50 -0400
4994+
4995+qemu (1.5.0+dfsg-3ubuntu5) saucy; urgency=low
4996+
4997+ * Cherrypick upstream patch to fix crash with rng device (LP: #1235017)
4998+ - virtio-rng-fix-crash
4999+
5000+ -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 09 Oct 2013 17:46:49 -0500
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches