qemu (1:7.2+dfsg-7+deb12u5) bookworm; urgency=medium
* +revert-monitor-only-run-coroutine-commands-in-qemu_aio_context.patch
Revert a single upstream change in 7.2.9 which, while fixed a few qemu
lockup bugs, introduced a regression in suspend-resume-hibernate cycle
(triggered by cryptsetup autopkgtest)
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 06 Feb 2024 20:38:06 +0300
qemu (1:7.2+dfsg-7+deb12u4) bookworm; urgency=medium
[ Michael Tokarev ]
* update to upstream 7.2.9 stable/bugfix release, v7.2.9.diff,
https://gitlab.com/qemu-project/qemu/-/commits/v7.2.9 :
- Update version for 7.2.9 release
- target/xtensa: fix OOB TLB entry access
- qtest: bump aspeed_smc-test timeout to 6 minutes
- monitor: only run coroutine commands in qemu_aio_context
- iotests: port 141 to Python for reliable QMP testing
- iotests: add filter_qmp_generated_node_ids()
- block/blklogwrites: Fix a bug when logging "write zeroes" operations.
- virtio-net: correctly copy vnet header when flushing TX
Closes: CVE-2023-6693
- block/io: clear BDRV_BLOCK_RECURSE flag after recursing in
bdrv_co_block_status
- accel/tcg: Revert mapping of PCREL translation block to multiple
virtual addresses
- readthodocs: fully specify a build environment
- hw/scsi/esp-pci: set DMA_STAT_BCMBLT when BLAST command issued
- hw/scsi/esp-pci: synchronise setting of DMA_STAT_DONE with ESP
completion interrupt
- hw/scsi/esp-pci: generate PCI interrupt from separate ESP and PCI sources
- hw/scsi/esp-pci: use correct address register for PCI DMA transfers
- hw/pflash: implement update buffer for block writes
- hw/pflash: use ldn_{be,le}_p and stn_{be,le}_p
- hw/pflash: refactor pflash_data_write()
- target/i386: pcrel: store low bits of physical address in data[0]
- target/i386: fix incorrect EIP in PC-relative translation blocks
- target/i386: Do not re-compute new pc with CF_PCREL
- target/i386: Fix 32-bit wrapping of pc/eip computation
- load_elf: fix iterator's type for elf file processing
- .gitlab-ci.d/buildtest.yml: Work around htags bug when environment
is large
- target/s390x: Fix LAE setting a wrong access register
- hw/intc/arm_gicv3_cpuif: handle LPIs in the list registers
- chardev/char.c: fix "abstract device type" error message
- target/riscv: Fix mcycle/minstret increment behavior
- iotests: Basic tests for internal snapshots
- vl: Improve error message for conflicting -incoming and -loadvm
- block: Fix crash when loading snapshot on inactive node
* update to upstream 7.2.8 stable/bugfix release, v7.2.8.diff,
https://gitlab.com/qemu-project/qemu/-/commits/v7.2.8 :
- Update version for 7.2.8 release
- target/arm/helper: Propagate MDCR_EL2.HPMN into PMCR_EL0.N
- system/memory: use ldn_he_p/stn_he_p
- target/arm: Disable SME if SVE is disabled
- ui/vnc-clipboard: fix inflate_buffer
- ui/gtk-egl: move function calls back to regular code path
- ui/gtk-egl: Check EGLSurface before doing scanout
- msix: unset PCIDevice::msix_vector_poll_notifier in rollback
- hw/acpi/erst: Do not ignore Error* in realize handler
- pcie_sriov: Remove g_new assertion
- hw/audio/hda-codec: fix multiplication overflow
- hw/mips/malta: Fix the malta machine on big endian hosts
- vmdk: Don't corrupt desc file in vmdk_write_cid
- hw/virtio: Add VirtioPCIDeviceTypeInfo::instance_finalize field
- hw/nvram/xlnx-efuse-ctrl: Free XlnxVersalEFuseCtrl[] "pg0-lock" array
- hw/nvram/xlnx-efuse: Free XlnxEFuse::ro_bits[] array on finalize()
- hw/misc/mps2-scc: Free MPS2SCC::oscclk[] array on finalize()
- hw/virtio: Free VirtIOIOMMUPCI::vdev.reserved_regions[] on finalize()
- target/arm: Set IL bit for pauth, SVE access, BTI trap syndromes
- tests/avocado: Replace assertRegexpMatches() for Python 3.12 compatibility
- tests/avocado: Replace assertEquals() for Python 3.12 compatibility
- linux-user: Fix loaddr computation for some elf files
- net: Update MemReentrancyGuard for NIC
- net: Provide MemReentrancyGuard * to qemu_new_nic()
- hw/ide/ahci: fix legacy software reset
- target/arm: Fix SME FMOPA (16-bit), BFMOPA
* remove patches included in 7.2.8:
- hw_mips_malta-Fix-malta-machine-on-big-endian-hosts.patch
- hw-ide-ahci-fix-legacy-software-reset.patch
* ui-clipboard-mark-type-as-not-available-when-no-data-CVE-2023-6683.patch
Closes: #1060749, CVE-2023-6683 (NULL deref in VNC clipboard code)
[ Sergio Durigan Junior ]
* d/rules: omit --no-start for qemu-guest-agent, this should
re-start it on upgrades. Closes: #1061588, #1061683
LP: #2028124
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 30 Jan 2024 19:15:04 +0300
qemu (1:7.2+dfsg-7+deb12u3) bookworm; urgency=medium
* +hw-ide-ahci-fix-legacy-software-reset.patch - fix legacy ide regression
introduced in 7.2.6
* update to upstream 7.2.7 stable/bugfix release, v7.2.7.diff,
https://gitlab.com/qemu-project/qemu/-/commits/v7.2.7 :
- Update version for 7.2.7 release
- target/tricore: Rename tricore_feature
- tracetool: avoid invalid escape in Python string
- tests/tcg/s390x: Test LAALG with negative cc_src
- target/s390x: Fix LAALG not updating cc_src
- tests/qtest: ahci-test: add test exposing reset issue with pending callback
- hw/ide: reset: cancel async DMA operation before resetting state
- target/mips: Fix TX79 LQ/SQ opcodes
- target/mips: Fix MSA BZ/BNZ opcodes displacement
- ui/gtk-egl: apply scale factor when calculating window's dimension
- ui/gtk: force realization of drawing area
- ati-vga: Implement fallback for pixman routines
- block/nvme: nvme_process_completion() fix bound for cid
- target/arm: Correctly propagate stage 1 BTI guarded bit in a two-stage walk
- target/arm: Fix handling of SW and NSW bits for stage 2 walks
- target/arm: Don't allow stage 2 page table walks to downgrade to NS
- target/arm: Don't access TCG code when debugging with KVM
- Revert "linux-user: fix compat with glibc >= 2.36 sys/mount.h"
- Revert "linux-user: add more compat ioctl definitions"
- qemu-iotests: 024: add rebasing test case for overlay_size > backing_size
- qemu-img: rebase: stop when reaching EOF of old backing file
- tests/tcg: Add -fno-stack-protector
- tests/migration: Add -fno-stack-protector
- misc/led: LED state is set opposite of what is expected
- hw/sd/sdhci: Block Size Register bits [14:12] is lost
- lasips2: LASI PS/2 devices are not user-createable
- linux-user/sh4: Fix crashes on signal delivery
- linux-user/mips: fix abort on integer overflow
- migration: Fix analyze-migration read operation signedness
- hw/pvrdma: Protect against buggy or malicious guest driver
- disas/riscv: Fix the typo of inverted order of pmpaddr13 and pmpaddr14
- hw/audio/es1370: reset current sample counter
- migration/qmp: Fix crash on setting tls-authz with null
- amd_iommu: Fix APIC address check
- linux-user/hppa: Fix struct target_sigcontext layout
- chardev/char-pty: Avoid losing bytes when the other side just
(re-)connected
- hw/display/ramfb: plug slight guest-triggerable leak on mode setting
- target/i386: fix memory operand size for CVTPS2PD
- target/i386: generalize operand size "ph" for use in CVTPS2PD
- target/i386: Fix exception classes for MOVNTPS/MOVNTPD.
- target/i386: Fix exception classes for SSE/AVX instructions.
- target/i386: Fix and add some comments next to SSE/AVX instructions.
- tests/tcg/i386: correct mask for VPERM2F128/VPERM2I128
- target/i386: fix operand size of unary SSE operations
- scsi-disk: ensure that FORMAT UNIT commands are terminated
- esp: restrict non-DMA transfer length to that of available data
- esp: use correct type for esp_dma_enable() in sysbus_esp_gpio_demux()
- optionrom: Remove build-id section
- ui/vnc: fix handling of VNC_FEATURE_XVP
- ui/vnc: fix debug output for invalid audio message
- hw/scsi/scsi-disk: Disallow block sizes smaller than 512 [CVE-2023-42467]
- accel/tcg: mttcg remove false-negative halted assertion
- target/arm: Don't skip MTE checks for LDRT/STRT at EL0
- hw/cxl: Fix CFMW config memory leak
- linux-user/hppa: lock both words of function descriptor
- linux-user/hppa: clear the PSW 'N' bit when delivering signals
- hw/ppc: Always store the decrementer value
- target/ppc: Decrementer fix BookE semantics
- target/ppc: Sign-extend large decrementer to 64-bits
- hw/ppc: Avoid decrementer rounding errors
- hw/ppc: Round up the decrementer interval when converting to ns
- host-utils: Add muldiv64_round_up
- hw/ppc: Introduce functions for conversion between timebase and nanoseconds
* update to upstream 7.2.6 stable/bugfix release, v7.2.6.diff,
https://gitlab.com/qemu-project/qemu/-/commits/v7.2.6 :
- Update version for 7.2.6 release
- tpm: fix crash when FD >= 1024 and unnecessary errors due to EINTR
- s390x/ap: fix missing subsystem reset registration
- ui: fix crash when there are no active_console
- hw/tpm: TIS on sysbus: Remove unsupport ppi command line option
- target/riscv/pmp.c: respect mseccfg.RLB for pmpaddrX changes
- hw/riscv: virt: Fix riscv,pmu DT node path
- linux-user/riscv: Use abi type for target_ucontext
- hw/intc: Make rtc variable names consistent
- hw/intc: Fix upper/lower mtime write calculation
- hw/char/riscv_htif: Fix printing of console characters on big endian hosts
- arm64: Restore trapless ptimer access
- virtio: Drop out of coroutine context in virtio_load()
- qxl: don't assert() if device isn't yet initialized
- hw/net/vmxnet3: Fix guest-triggerable assert()
- docs tests: Fix use of migrate_set_parameter
- qemu-options.hx: Rephrase the descriptions of the -hd* and -cdrom options
- hw/i2c/aspeed: Fix TXBUF transmission start position error
- hw/i2c/aspeed: Fix Tx count and Rx size error in buffer pool mode
- hw/ide/ahci: fix broken SError handling
- hw/ide/ahci: fix ahci_write_fis_sdb()
- hw/ide/ahci: PxCI should not get cleared when ERR_STAT is set
- hw/ide/ahci: PxSACT and PxCI is cleared when PxCMD.ST is cleared
- hw/ide/ahci: simplify and document PxCI handling
- hw/ide/ahci: write D2H FIS when processing NCQ command
- hw/ide/core: set ERR_STAT in unsupported command completion
- target/ppc: Flush inputs to zero with NJ in ppc_store_vscr
- ppc/vof: Fix missed fields in VOF cleanup
- hw/ppc/e500: fix broken snapshot replay
- block-migration: Ensure we don't crash during migration cleanup
- docs/about/license: Update LICENSE URL
- target/arm: Fix 64-bit SSRA
- target/arm: Fix SME ST1Q
- accel/kvm: Specify default IPA size for arm64
- kvm: Introduce kvm_arch_get_default_type hook
- include/hw/virtio/virtio-gpu: Fix virtio-gpu with blob on big endian hosts
- target/s390x: Check reserved bits of VFMIN/VFMAX's M5
- target/s390x: Fix VSTL with a large length
- target/s390x: Use a 16-bit immediate in VREP
- target/s390x: Fix the "ignored match" case in VSTRS
- Fixed incorrect LLONG alignment for openrisc and cris
- include/exec/user: Set ABI_LLONG_ALIGNMENT to 4 for nios2
- include/exec/user: Set ABI_LLONG_ALIGNMENT to 4 for microblaze
- linux-user/elfload: Set V in ELF_HWCAP for RISC-V
- hw/nvme: fix CRC64 for guard tag
- dump: kdump-zlib data pages not dumped with pvtime/aarch64
- hw/smbios: Fix core count in type4
- hw/smbios: Fix thread count in type4
- hw/smbios: Fix smbios_smp_sockets caculation
- machine: Add helpers to get cores/threads per socket
- pnv_lpc: disable reentrancy detection for lpc-hc
- loongarch: mark loongarch_ipi_iocsr re-entrnacy safe
- apic: disable reentrancy detection for apic-msi
- raven: disable reentrancy detection for iomem
- bcm2835_property: disable reentrancy detection for iomem
- lsi53c895a: disable reentrancy detection for MMIO region, too
- lsi53c895a: disable reentrancy detection for script RAM
- hw: replace most qemu_bh_new calls with qemu_bh_new_guarded
- checkpatch: add qemu_bh_new/aio_bh_new checks
- async: avoid use-after-free on re-entrancy guard
- async: Add an optional reentrancy guard to the BH API
- memory: prevent dma-reentracy issues
- python: drop pipenv
- gitlab-ci: check-dco.py: switch from master to stable-7.2 branch
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 03 Dec 2023 15:36:08 +0300
qemu (1:7.2+dfsg-7+deb12u2) bookworm; urgency=medium
* d/rules: add the forgotten --enable-virtfs for the xen build.
This makes 9pfs virtual filesystem available for xen hvm domUs.
This adds no new runtime dependencies. Closes: #1049925.
* update to upstream 7.2.5 stable/bugfix release, v7.2.5.diff,
https://gitlab.com/qemu-project/qemu/-/commits/v7.2.5 :
- hw/ide/piix: properly initialize the BMIBA register
- ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
- qemu-nbd: pass structure into nbd_client_thread instead of plain char*
- qemu-nbd: fix regression with qemu-nbd --fork run over ssh
- qemu-nbd: regression with arguments passing into nbd_client_thread()
- target/s390x: Make CKSM raise an exception if R2 is odd
- target/s390x: Fix CLM with M3=0
- target/s390x: Fix CONVERT TO LOGICAL/FIXED with out-of-range inputs
- target/s390x: Fix ICM with M3=0
- target/s390x: Make MC raise specification exception when class >= 16
- target/s390x: Fix assertion failure in VFMIN/VFMAX with type 13
- target/loongarch: Fix the CSRRD CPUID instruction on big endian hosts
- virtio-pci: add handling of PCI ATS and Device-TLB enable/disable
- vhost: register and change IOMMU flag depending on Device-TLB state
- virtio-net: pass Device-TLB enable/disable events to vhost
- hw/arm/smmu: Handle big-endian hosts correctly
- target/arm: Avoid writing to constant TCGv in trans_CSEL()
- target/ppc: Disable goto_tb with architectural singlestep
- linux-user/armeb: Fix __kernel_cmpxchg() for armeb
- qga/win32: Use rundll for VSS installation
- thread-pool: signal "request_cond" while locked
- xen-block: Avoid leaks on new error path
- io: remove io watch if TLS channel is closed during handshake
- target/nios2: Pass semihosting arg to exit
- target/nios2: Fix semihost lseek offset computation
- target/m68k: Fix semihost lseek offset computation
- hw/virtio-iommu: Fix potential OOB access in virtio_iommu_handle_command()
- virtio-crypto: verify src&dst buffer length for sym request
- target/hppa: Move iaoq registers and thus reduce generated code size
- pci: do not respond config requests after PCI device eject
- hw/i386/intel_iommu: Fix trivial endianness problems
- hw/i386/intel_iommu: Fix endianness problems related to VTD_IR_TableEntry
- hw/i386/intel_iommu: Fix struct VTDInvDescIEC on big endian hosts
- hw/i386/intel_iommu: Fix index calculation in vtd_interrupt_remap_msi()
- hw/i386/x86-iommu: Fix endianness issue in x86_iommu_irq_to_msi_message()
- include/hw/i386/x86-iommu: Fix struct X86IOMMU_MSIMessage for big endian hosts
- vfio/pci: Disable INTx in vfio_realize error path
- vdpa: Fix possible use-after-free for VirtQueueElement
- vdpa: Return -EIO if device ack is VIRTIO_NET_ERR in _load_mac()
- vdpa: Return -EIO if device ack is VIRTIO_NET_ERR in _load_mq()
- target/ppc: Implement ASDR register for ISA v3.0 for HPT
- target/ppc: Fix pending HDEC when entering PM state
- target/ppc: Fix VRMA page size for ISA v3.0
- target/i386: Check CR0.TS before enter_mmx
- Update version for 7.2.5 release
Closes: CVE-2023-3255, CVE-2023-3354, CVE-2023-3180
-- Michael Tokarev <mjt@tls.msk.ru> Thu, 17 Aug 2023 12:33:57 +0300
qemu (1:7.2+dfsg-7+deb12u1) bookworm; urgency=medium
* d/rules: add the forgotten --enable-libusb for the xen build.
This makes usb devices available for xen hvm domUs again,
as it has always been before. Closes: #1037341
* update to upstream 7.2.3 stable/bugfix release, v7.2.3.diff,
https://gitlab.com/qemu-project/qemu/-/commits/v7.2.3 :
- vnc: avoid underflow when accessing user-provided address
- target/i386: Change wrong XFRM value in SGX CPUID leaf
(was in debian already)
- acpi: pcihp: allow repeating hot-unplug requests
- qemu-options: finesse the recommendations around -blockdev
- docs/about/deprecated.rst: Add "since 7.1" tag to dtb-kaslr-seed
deprecation
- target/arm: Initialize debug capabilities only once
- hw/net/msf2-emac: Don't modify descriptor in-place in emac_store_desc()
- hw/arm/boot: Make write_bootloader() public as arm_write_bootloader()
- hw/arm/aspeed: Use arm_write_bootloader() to write the bootloader
- hw/arm/raspi: Use arm_write_bootloader() to write boot code
- hw/intc/allwinner-a10-pic: Don't use set_bit()/clear_bit()
- target/arm: Define and use new load_cpu_field_low32()
- hw/sd/allwinner-sdhost: Correctly byteswap descriptor fields
- hw/net/allwinner-sun8i-emac: Correctly byteswap descriptor fields
- softfloat: Fix the incorrect computation in float32_exp2
- meson: leave unnecessary modules out of the build
- block: Fix use after free in blockdev_mark_auto_del()
- target/riscv: Fix itrigger when icount is used
- accel/tcg: Fix atomic_mmu_lookup for reads
- ui: Fix pixel colour channel order for PNG screenshots
- async: Suppress GCC13 false positive in aio_bh_poll()
- tcg: ppc64: Fix mask generation for vextractdm
- hw/virtio/vhost-user: avoid using uninitialized errp
- virtio: fix reachable assertion due to stale value of cached region size
- block/monitor: Fix crash when executing HMP commit
- target/s390x: Fix EXECUTE of relative branches
- s390x/tcg: Fix LDER instruction format
- 9pfs/xen: Fix segfault on shutdown
- xen/pt: reserve PCI slot 2 for Intel igd-passthru
- Revert "vhost-user: Monitor slave channel in vhost_user_read()"
- Revert "vhost-user: Introduce nested event loop in vhost_user_read()"
- target/ppc: Fix helper_pminsn() prototype
- tests/docker: bump the xtensa base to debian:11-slim
- linux-user: Fix mips fp64 executables loading
- linux-user: fix getgroups/setgroups allocations
(was in debian already)
- migration: Handle block device inactivation failures better
- migration: Minor control flow simplification
- migration: Attempt disk reactivation in more failure scenarios
- target/arm: Fix vd == vm overlap in sve_ldff1_z
- scsi-generic: fix buffer overflow on block limits inquiry
- target/i386: fix operand size for VCOMI/VUCOMI instructions
- target/i386: fix avx2 instructions vzeroall and vpermdq
- vhost: fix possible wrap in SVQ descriptor ring
- virtio-net: not enable vq reset feature unconditionally
- virtio-crypto: fix NULL pointer dereference in virtio_crypto_free_request
- e1000: Count CRC in Tx statistics
- e1000e: Fix tx/rx counters
- rtl8139: fix large_send_mss divide-by-zero
(was in debian already)
- util/vfio-helpers: Use g_file_read_link()
- usb/ohci: Set pad to 0 after frame update
- hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller
(Closes: #1029155, CVE-2023-0330)
- machine: do not crash if default RAM backend name has been stolen
- Update version for 7.2.3 release
* update to upstream 7.2.4 stable/bugfix release, v7.2.4.diff,
https://gitlab.com/qemu-project/qemu/-/commits/v7.2.4 :
- gitlab-ci: Avoid to re-run "configure" in the device-crash-test jobs
- scripts/device-crash-test: Add a parameter to run with TCG only
- hw/ppc/prep: Fix wiring of PIC -> CPU interrupt
- ui/gtk: fix passing y0_top parameter to scanout
- ui/gtk: use widget size for cursor motion event
- ui/gtk-egl: fix scaling for cursor position in scanout mode
- ui/sdl2: fix surface_gl_update_texture: Assertion 'gls' failed
- ui/sdl2: Grab Alt+Tab also in fullscreen mode
- ui/sdl2: Grab Alt+F4 also under Windows
- ui/sdl2: disable SDL_HINT_GRAB_KEYBOARD on Windows
- hw/dma/xilinx_axidma: Check DMASR.HALTED to prevent infinite loop.
- hw/arm/xlnx-zynqmp: fix unsigned error when checking the RPUs number
- target/arm: Explicitly select short-format FSR for M-profile
- target/s390x: Fix LCBB overwriting the top 32 bits
- tests/tcg/s390x: Test LCBB
- target/s390x: Fix LOCFHR taking the wrong half of R2
- tests/tcg/s390x: Test LOCFHR
- linux-user/s390x: Fix single-stepping SVC
- tests/tcg/s390x: Test single-stepping SVC
- s390x/tcg: Fix CPU address returned by STIDP
- docs: fix multi-process QEMU documentation
- qga: Fix suspend on Linux guests without systemd
- 9pfs: prevent opening special files (CVE-2023-2861)
- hw/remote: Fix vfu_cfg trace offset format
- vnc: move assert in vnc_worker_thread_loop
- target/ppc: Fix lqarx to set cpu_reserve
- target/ppc: Fix nested-hv HEAI delivery
- target/ppc: Fix PMU hflags calculation
- hw/riscv: qemu crash when NUMA nodes exceed available CPUs
- aspeed/hace: Initialize g_autofree pointer
- target/arm: Fix return value from LDSMIN/LDSMAX 8/16 bit atomics
- target/arm: Return correct result for LDG when ATA=0
- hw/intc/allwinner-a10-pic: Handle IRQ levels other than 0 or 1
- hw/timer/nrf51_timer: Don't lose time when timer is queried in tight loop
- host-utils: Avoid using __builtin_subcll on buggy versions of Apple Clang
- pc-bios/keymaps: Use the official xkb name for Arabic layout,
not the legacy synonym
- target/hppa: Fix OS reboot issues
- target/hppa: Provide qemu version via fw_cfg to firmware
- target/hppa: New SeaBIOS-hppa version 7
(minus the binary pc-bios/hppa-firmware.img changes)
- target/hppa: Update to SeaBIOS-hppa version 8
(minus the binary pc-bios/hppa-firmware.img changes)
- vhost: release memory_listener object in error path
- vdpa: fix not using CVQ buffer in case of error
- vhost-vdpa: do not cleanup the vdpa/vhost-net structures if peer nic
is present
- virtio-gpu: Make non-gl display updates work again when blob=true
- icount: don't adjust virtual time backwards after warp
- vdpa: mask _F_CTRL_GUEST_OFFLOADS for vhost vdpa devices
- target/ppc: Fix decrementer time underflow and infinite timer loop
- vfio/pci: Fix a segfault in vfio_realize
- vfio/pci: Call vfio_prepare_kvm_msi_virq_batch() in MSI retry path
- ui/gtk: set the area of the scanout texture correctly
- Update version for 7.2.4 release
* remove patches included in v7.2.4:
- linux-user-fix-getgroups-setgroups-allocations.patch
- rtl8139-fix-large_send_mss-divide-by-zero.patch
- target_i386-Change-wrong-XFRM-value.patch
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 11 Jul 2023 23:07:58 +0300
qemu (1:7.2+dfsg-7) unstable; urgency=medium
* d/control: qemu-system-xen: add ipxe-qemu dependency (#1035676)
When installing qemu-system-xen on a new system, the boot roms are
not installed. Unfortunately this means HVM Xen DomUs can not be used
at all, because the boot roms are hard requiriment for qemu since 2014,
it fails to start without the boot roms even if (network) booting is
not requested.
Before bookworm, when qemu-system-xen was part of regular
qemu-system-x86 package, the dependency on ipxe-qemu was coming from
that package. But when splitting qemu-system-xen out of it, we forgot
that the boot roms are hard dependency now. This makes qemu-system-xen
unusable on a new install until ipxe-qemu is installed too.
An alternative would be to revert upstream commit 178e785fb
(from 2014) to make rom loading failure a non-fatal error.
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 May 2023 11:29:12 +0300
qemu (1:7.2+dfsg-6) unstable; urgency=medium
[ Michael Tokarev ]
* sync with upstream v7.2.1 stable release, into d/patches/v7.2.1.diff.
All patches from 7.2.1 (besides stuff not relevant for linux, such
as mingw compilation fixes) has already been in d/patches/master/,
now they're in single upstream patch file
* v7.2.2.diff: upstream 7.2.2 stable/bugfix release
* hw-pvrdma-protect-against-guest-driver-CVE-2022-1050.patch:
remove, included in v7.2.2
* d/rules, d/qemu.desktop: provide an icon for gtk display (qemu.display)
* d/gbp.conf: set debian branch to debian-bookworm
* pick 3 more fixes from qemu-devel@:
rtl8139-fix-large_send_mss-divide-by-zero.patch
target_i386-Change-wrong-XFRM-value.patch
hw_mips_malta-Fix-malta-machine-on-big-endian-hosts.patch
* +linux-user-fix-getgroups-setgroups-allocations.patch (Closes: #811087)
[ Vagrant Cascadian ]
* debian/rules: Use 'printf' instead of 'echo' to avoid differences
in underlying /bin/sh implementations. Closes: #1034431
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 29 Apr 2023 13:02:55 +0300
qemu (1:7.2+dfsg-5) unstable; urgency=medium
* d/qemu-guest-agent.udev: fix missing comma
(Christian Schneider <debian@c-schneider.net>, Closes: #1031838)
* remove qemu-make-debian-root.
Ths script debian/qemu-make-debian-root has been broken for ages.
In 2023, it creates /etc/fstab with a reference to /dev/hda1, and
edits /etc/inittab which does not exist. And no one noticed, - so
it's safe to assume it is not used anymore. Just remove it.
* re-pick qemu-stable patches from master (the same patch contents):
master/tests-tcg-i386-Introduce-and-use-reg_t-consistently.patch
master/target-i386-Fix-BEXTR-instruction.patch
master/target-i386-Fix-C-flag-for-BLSI-BLSMSK-BLSR.patch
master/target-i386-fix-ADOX-followed-by-ADCX.patch
* 20 more changes picked from upstream/master:
master/target-i386-Fix-BZHI-instruction.patch
master/block-iscsi-fix-double-free-on-BUSY-or-similar-status.patch
master/hw-smbios-fix-field-corruption-in-type-4-table.patch
master/Revert-x86-do-not-re-randomize-RNG-seed-on-snapshot-.patch
master/Revert-x86-re-initialize-RNG-seed-when-selecting-ker.patch
master/Revert-x86-reinitialize-RNG-seed-on-system-reboot.patch
master/Revert-x86-use-typedef-for-SetupData-struct.patch
master/Revert-x86-return-modified-setup_data-only-if-read-a.patch
master/Revert-hw-i386-pass-RNG-seed-via-setup_data-entry.patch
master/vhost-user-gpio-Configure-vhost_dev-when-connecting.patch
master/vhost-user-i2c-Back-up-vqs-before-cleaning-up-vhost_.patch
master/vhost-user-rng-Back-up-vqs-before-cleaning-up-vhost_.patch
master/virtio-rng-pci-fix-migration-compat-for-vectors.patch
master/virtio-rng-pci-fix-transitional-migration-compat-for.patch
master/hw-timer-hpet-Fix-expiration-time-overflow.patch
master/vdpa-stop-all-svq-on-device-deletion.patch
master/vhost-avoid-a-potential-use-of-an-uninitialized-vari.patch
master/libvhost-user-check-for-NULL-when-allocating-a-virtq.patch
master/chardev-char-socket-set-s-listener-NULL-in-char_sock.patch
master/intel-iommu-fail-MAP-notifier-without-caching-mode.patch
master/intel-iommu-fail-DEVIOTLB_UNMAP-without-dt-mode.patch
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 05 Mar 2023 20:09:04 +0300
qemu (1:7.2+dfsg-4) unstable; urgency=medium
* block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch:
re-pick now from master (the same patch, moved to master/).
* revert x86-don-t-let-decompressed-kernel-image-clobber-setu.patch
Closes: ##1031682 .
This turned out to be wrong move, breaking more stuff than fixing.
Upstream is going to revert it too.
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 20 Feb 2023 21:00:18 +0300
qemu (1:7.2+dfsg-3) unstable; urgency=medium
[ Paride Legovini ]
* Disable LTO on non-amd64 builds (LP: #1921664)
[ Michael Tokarev ]
* target-arm-Fix-physical-address-resolution-for-Stage2.patch:
re-fetch now from master branch
* 4 more patches picked from master:
x86-don-t-let-decompressed-kernel-image-clobber-setu.patch
migration-ram-Fix-error-handling-in-ram_write_tracki.patch
migration-ram-Fix-populate_read_range.patch
qcow2-Fix-theoretical-corruption-in-store_bitmap-err.patch
* 5 fixes picked from current pullreqs:
block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch
tests_tcg_i386-introduce-and-use-reg_t-consistently.patch
target_i386-fix-BEXTR-instruction.patch
target_i386-fix-C-flag-for-BLSI-BLSMSK-BLSR.patch
target_i386-fix-ADOX-followed-by-ADCX.patch
* disable dwz on certain architectures for older dwz
(FTBFS on bullseye, #968670)
-- Michael Tokarev <mjt@tls.msk.ru> Fri, 10 Feb 2023 14:29:12 +0300
qemu (1:7.2+dfsg-2) unstable; urgency=medium
* d/rules: add -ffile-prefix-map when building skiboot
* d/control: provide qemu-kvm in qemu-system-misc on s390x
(Closes: #1029309)
* d/control: drop dependency of qemu-guest-agent on lsb-base
* Picked patches from qemu master branch tagged for qemu-stable
up to commit deabea6e88 (2023-02-02):
target-sh4-Mask-restore-of-env-flags-from-tb-flags.patch
vhost-fix-vq-dirty-bitmap-syncing-when-vIOMMU-is-ena.patch
virtio-mem-Fix-the-bitmap-index-of-the-section-offse.patch
virtio-mem-Fix-the-iterator-variable-in-a-vmem-rdl_l.patch
target-arm-fix-handling-of-HLT-semihosting-in-system.patch
meson-accept-relative-symlinks-in-meson-introspect-i.patch
target-riscv-Set-pc_succ_insn-for-rvc-illegal-insn.patch
acpi-cpuhp-fix-guest-visible-maximum-access-size-to-.patch
hw-nvme-fix-missing-endian-conversions-for-doorbell-.patch
hw-nvme-fix-missing-cq-eventidx-update.patch
configure-fix-GLIB_VERSION-for-cross-compilation.patch
target-arm-Fix-sve_probe_page.patch
target-arm-allow-writes-to-SCR_EL3.HXEn-bit-when-FEA.patch
target-arm-Fix-in_debug-path-in-S1_ptw_translate.patch
* Also: target-arm-Fix-physical-address-resolution-for-Stage.patch
-- Michael Tokarev <mjt@tls.msk.ru> Thu, 02 Feb 2023 21:17:10 +0300
qemu (1:7.2+dfsg-1) unstable; urgency=medium
* new upstream release
Closes: #1025123 CVE-2022-4172
(erst: undefined behavior in memcpy in write_erst_record)
Closes: #1021981 qemu-user: faccessat2 is not implemented
Closes: #1021019 CVE-2022-3165 (VNC: integer underflow in
vnc_client_cut_text_ext leads to CPU exhaustion)
* remove patches applied upstream
* refresh note-missing-module-pkg-name.diff
* slirp is always external package now, not a submodule anymore
* d/control: require meson >> 0.61.5~ for build
* spelling.diff: update with more spelling error
* add some lintian-overrides
* fix minor spelling errors in patches
* d/control: Bump Standards-Version to 4.6.1
* debian shell programs use "which" instead of the "command -v",
fix that (Closes: #1018254)
* Better fix for #1019011 (gcc ICE building palcode-clipper), use -O1
instead of -O2 for the failing compile when it actually fails
(no need to depend on gcc-11, Closes: #1011003)
-- Michael Tokarev <mjt@tls.msk.ru> Thu, 15 Dec 2022 17:17:28 +0300
qemu (1:7.1+dfsg-2) unstable; urgency=medium
* tulip-restrict-DMA-engine-to-memories-CVE-2022-2962.patch
fix possible stack or heap overflow (tulip: DMA reentrancy issue)
Closes: #1018055, CVE-2022-2962
* hw-pvrdma-protect-against-guest-driver-CVE-2022-1050.patch
fix possible use-after-free in paravirtual RDMA device.
Closes: #1014589, CVE-2022-1050
* mention closing of #979677 (CVE-2020-14394) by 7.1
* d/rules: parametrify extra-cflags & extra-ldflags
* d/rules: explicitly disable pie on arm64 due to
https://sourceware.org/bugzilla/show_bug.cgi?id=29514
Fixes FTBFS.
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 13 Sep 2022 20:08:43 +0300
qemu (1:7.1+dfsg-1) unstable; urgency=medium
* new upstream release (7.1)
Closes: #1014958, CVE-2022-35414
Closes: #1014590, CVE-2022-0216
Closes: #979677, CVE-2020-14394
Closes: #987410, CVE-2021-3507
Closes: #988333, #1018913
* d/copyright:
- remove mentions of slirp (packaged separately)
- blindly convert to dep-5 (it needs a complete rewrite)
- add Files-Excluded from d/get-orig-source.sh
* d/gbp.conf: remove filter= (and whole [import-orig])
* d/watch: verify upstream tarballs
* d/rules: stop faking skiboot version, it is now properly included in
roms/skiboot/.version file. Add a dependency on this file too
* d/patches:
- remove use-fixed-data-path.patch: not needed anymore
- linux-user-binfmt-P.diff: refresh
- remove patches applied upstream
* d/control:
- it is --enable-capstone now, not --enable-capstone=system
- it is --enable-png now, not --enable-vnc-png
* d/rules: fix --enable-vhost-* options
* d/rules: remove vnc-png for xen too
* openbios-array-bounds-gcc12.patch
* opensbi-fix-build-with-binutils-2.38.patch
* d/rules: adopt vof build changes
* d/qemu-system-data.docs: omit ccid.txt (removed)
* temporary workaround for gcc-12 bug #1019011: use gcc-11-alpha-linux-gnu
instead of gcc-alpha-linux-gnu (another option is to use -Os)
* d/control: temporarily build-depend on libva-dev till #1019485 is fixed
* add loongarch64 qemu-user and qemu-user arch
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 12 Sep 2022 11:50:53 +0300
qemu (1:7.0+dfsg-7) unstable; urgency=medium
* d/tests/test-qemu-user: rework ls/glob test a bit
* d/tests/test-qemu-user: fix ppc64le qemu architecture name
* d/binfmt-install: use proper name for binfmt.d (*.conf)
Hopefully closes: #1011003
* two virtio-scsi bugfixes from upstream:
virtio-scsi-fix-ctrl-and-event-handler-functions-in-dataplane.patch
virtio-scsi-don-t-waste-CPU-polling-the-event-virtqueue.patch
* 3 patches from upstream to fix possible coroutine crashes:
coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch
coroutine-rename-qemu_coroutine_inc-dec_pool_size.patch
coroutine-revert-to-constant-batch-size.patch
* target-i386-do-not-consult-nonexistent-host-leaves.patch
* d/control: stop suggesting sudo for qemu-user-static
* Revert "d/rules: do not try to enable tcg-interpreter on unsupported
targets, it does not help anymore" - it does help but it needs a bit
more work
* disable xen support for qemu-system-x86 build and create a wrapper
for -i386 to redirect xen-related usage to xen-specific binary
with a warning (for bookworm only)
* common-user-no-user.patch: fix one of FTBFS on unsupported architectures
* d/rules: use regular variable assignment for BUILD_PACKAGES
* two trivial patches to fix spelling in roms:
openbios-spelling-endianess.patch
slof-spelling-seperator.patch
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 15 May 2022 15:49:12 +0300
qemu (1:7.0+dfsg-6) unstable; urgency=medium
* d/rules: the forgotten --enable-xen-pci-passthrough for the xen build
* d/tests/test-qemu-user: rewrite to be more robust and complete and
include test for qemu-user-static too.
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 09 May 2022 01:37:56 +0300
qemu (1:7.0+dfsg-5) unstable; urgency=medium
* d/tests/test-qemu-user.sh: more arch-specific debugging/updates
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 07 May 2022 12:22:26 +0300
qemu (1:7.0+dfsg-4) unstable; urgency=medium
* d/tests/: fix failing tests.
- test-qemu-user: depend on gcc for dpkg-architecture to work,
and print debugging info for future switch to uname -m
- test-qemu-img: switch from using file to qemu-img info
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 07 May 2022 11:33:23 +0300
qemu (1:7.0+dfsg-3) unstable; urgency=medium
[ Michael Tokarev ]
* d/binfmt-install: also generate binfmt.d/ entries for systemd
* d/control: use systemd as preferred alternative to binfmt-support
hopefully Closes: #789011 (Minimal dependencies to register binfmt)
Closes: #985889 (make binfmt setup configurable)
* d/control: remove Riku Voipio from Uploaders. Thank you Riku!
* d/rules: simplify DEB_BUILD_OPTIONS=parallel=N parsing
[ Guido Günther ]
* Add minimal autopkgtest (Closes: #832982)
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 07 May 2022 00:03:24 +0300
qemu (1:7.0+dfsg-2) unstable; urgency=medium
* d/control: add Rules-Requires-Root: no
* d/control: switch to debhelper-compat=13
* d/control: drop "qemu" empty/dummy pseudopackage
* d/control: do not build linux-user* on ia64 and powerpc
(not supported by upstream anymore)
* d/control: add Breaks for qemu-system-data for other packages from which
it borrowed files in the past (Closes: #1008095)
* d/rules: switch to the dh sequence (but keep build-{arch,indep}),
rearrange some rules.
This brings us dh_dwz (very slow) and dh_strip_nondeterminism.
* d/rules: do not explicitly turn off slirp & capstone (now properly
controlled by --with[out]-default-features option)
* d/rules: do not try to enable tcg-interpreter on the unsupported
targets, it does not help to build tools anymore
* d/rules: do not chown -w d/control, it breaks dpkg-source
* d/rules: clean up the clean target
* d/not-installed: list many documentation files and qemu-plugin.h
* configure-make-fortify_source-yes-by-default.patch: enable
fortify-source for minimal builds too
* d/changelog: mention #990562 (CVE-2021-3611) closed by 7.0
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 30 Apr 2022 13:38:12 +0300
qemu (1:7.0+dfsg-1) unstable; urgency=medium
* update to 7.0 release
-- Michael Tokarev <mjt@tls.msk.ru> Thu, 21 Apr 2022 14:19:51 +0300
qemu (1:7.0~rc4+dfsg-1) experimental; urgency=medium
* New upstream 7.0 (rc)
Closes: #990562, CVE-2021-3611
* remove patches applied upstream
* remove new binary file, pc-bios/edk2-x86_64-microvm.fd.bz2
* d/control: remove libxfs-dev build dependency,
the ioctl is implemented inline
* d/control: stop build-depend-indep on libc6.1-dev-alpha-cross,
not needed anymore
* d/rules: update skiboot version check (skiboot hasn't canged since 6.1)
* build & install vbootrom (npcm7xx_bootrom.bin), and
build-depend-indep on gcc-arm-none-eabi
* create a new binary package, qemu-system-xen, which provides
/usr/libexec/xen-qemu-system-i386 binary for use by xen only.
Once xen switches to use this binary instead of usual qemu-system-i386,
xen support will be removed from the regular qemu-system-x86 build
* use a fast inline version of /usr/share/dpkg/architecture.mk
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 17 Apr 2022 15:08:40 +0300
qemu (1:6.2+dfsg-3) unstable; urgency=medium
[ Christian Ehrhardt ]
* d/rules: ensure xen is built on x86
* d/rules: xen libexec dir is no more versioned
* d/kvm-spice: fix when acceleration is already defined on the commandline
[ Michael Tokarev ]
* d/control, d/rules: do not compile xen support on i386,
since it is amd64-only now (since 4.16)
* d/control: add libbpf-dev & --enable-bpf for eBPF support
(Closes: #994573)
-- Michael Tokarev <mjt@tls.msk.ru> Fri, 25 Feb 2022 12:01:46 +0300
qemu (1:6.2+dfsg-2) unstable; urgency=medium
* bump meson build-dep to 0.59.3
* build & include multiboot_dma.bin (Closes: #1003930)
* libxml2 is not needed for parallels.
Enable parallels block image format (Closes: #1003162)
* acpi-validate-hotplug-selector-on-access-CVE-2021-4158.patch
Closes: CVE-2021-4158
* acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch
(Closes: #1004017)
* acpi-fix-OEM_ID-padding.patch
* debian/get-orig-source.sh: repack dfsg archive differently
* mention closing of a few CVEs by 6.2.0
-- Michael Tokarev <mjt@tls.msk.ru> Thu, 20 Jan 2022 10:52:19 +0300
qemu (1:6.2+dfsg-1) unstable; urgency=medium
[ Christian Ehrhardt ]
* 6.2.0 upstream release
Closes: #984452, CVE-2021-20203
(integer overflow issue in the vmxnet3 NIC emulator)
Closes: #984453, CVE-2021-20196
(fdc: check drive block device before usage)
Closes: #984451, CVE-2021-20255
(infinite recursion / DMA reentrancy in eepro100 i8255x device emulator)
* d/get-orig-source.sh: remove pc-bios/multiboot_dma.bin in dfsg-clean
* Drop patches upstream in v6.2.0
* d/p/spelling.diff: update for v6.2.0 (partially accepted)
* d/rules: use new --disable-install-blobs build arg
* Revert "make fuse debian-only, since libfuse3 in ubuntu is in universe",
it is now in main (LP: #1934510)
* d/rules: bump skiboot version for qemu v6.2.0
* d/p/ignore-roms-dependency-in-qtest.patch: fix meson issue
due to dfsg removal of blobs
* d/rules: drop --disable-fdt on microvm builds
(now strictly required on any x86 build)
* d/rules: select default PARISC config for hppa-firmware
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 09 Jan 2022 12:52:10 +0300
qemu (1:6.1+dfsg-8) unstable; urgency=medium
* fix keymaps definitions placement in last upload
(Closes: #997925, #997926)
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 27 Oct 2021 13:27:09 +0300
qemu (1:6.1+dfsg-7) unstable; urgency=medium
* qemu-system-data: do not install qemu.desktop (Closes: #995628)
* remove qemu-user-static.README.Debian (#995633)
* d/rules: update configure rules for different qemu builds
* qemu-system-x86-xen: install only -i386 link to xen path, not -x86_64
* promote qemu-system-x86-xen package on ubuntu to be like qemu-system-x86
since it uses the same modules actually
* enable zstd compression support (Build-Depends)
* qemu-system-data: install usr/share/icons/hicolor/32x32/apps/qemu.bmp
for the sdl ui
* d/control: fix wrong relation (< vs <<)
* d/control: use :native version of python3-sphynx (Closes: #995622)
* do not make qemu-system-gui Multi-Arch:same due to vhost-user-gpu
* quieten gcc11 warnings/errors so roms will compile (Closes: #997082)
* move d/qemu-system-data.install to d/rules
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 26 Oct 2021 10:35:02 +0300
qemu (1:6.1+dfsg-6) unstable; urgency=medium
* virtio-net-fix-use-after-unmap-free-for-sg-CVE-2021-3748.patch
Closes: #993401, CVE-2021-3748: use-after-free in virtio_net_receive_rcu
* ati_2d-fix-buffer-overflow-in-ati_2d_blt-CVE-2021-3638.patch
Closes: #992726, CVE-2021-3638:
inconsistent check in ati_2d_blt() may lead to out-of-bounds write
* refresh uas-add-stream-number-sanity-checks-CVE-2021-3713{.diff=>.patch}
from upstream
* hmp-unbreak-change-vnc.patch from upstream
to fix 'change vnc passwd' command
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 29 Sep 2021 13:41:47 +0300
qemu (1:6.1+dfsg-5) unstable; urgency=medium
* updated debian/patches/linux-user-binfmt-P.diff
to work with in-kernel code
Closes: #993658
* d/rules: do not mark configure target as .PHONY
since it is a real file
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 06 Sep 2021 01:20:59 +0300
qemu (1:6.1+dfsg-4) unstable; urgency=medium
* qemu-sockets-fix-unix-socket-path-copy-again.patch
replacing socket-unix-maxlen.patch
Closes: #993145
* enable more devices for the microvm build:
virtio-gpu & vhost-user-gpu
virtio-input-host & vhost_user_input
* move vhost-user-gpu files from qemu-system-common to qemu-system-gui
this elminates X11 dependencies from non-gui qemu-system install
* build and install vof.bin firmware
* rearrange d/rules a bit to make different qemu builds
to be consistent with sysdata-components
* move ppc dtb firmware files from qemu-system-ppc to qemu-system-data
* device-tree-compiler is now needed in build-indep-depends,
not in build-depends
* d/rules: use CROSSPFX variables
* ubuntu only:
- Revert commit from the previous release which restores
relation between qemu-system-xen and qemu-system-gui
since -xen is not compatible with -gui modules
- qemu-system-xen does not suggest qemu-block-extra (incompatible too)
- qemu-system-s390x recommends qemu-block-extra not suggests it
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 31 Aug 2021 22:27:25 +0300
qemu (1:6.1+dfsg-3) unstable; urgency=medium
* fix brown-paper bag in last upload (--enable-libudev)
* ubuntu only: restore relations (depends/recommends)
between qemu-system-gui and qemu-system-xen since -xen
replaces full qemu-system-x86 and acts the same way
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 31 Aug 2021 02:50:52 +0300
qemu (1:6.1+dfsg-2) unstable; urgency=medium
* rearrange d/rules to be able to configure/build/install
various different kinds of qemu builds (main/microvm/xen/static)
separately, by splitting targets of d/rules into subtargets
* enable many virtio devices for microvm build (Closes: #992029)
* disable libudev and fuse for microvm build
* rearrange options for microvm build in d/rules
* tidy newly added assert in unix-domain socket handling code
to account for extra \0 terminator for socket pathname,
socket-unix-maxlen.patch (Closes: #993145)
* upstream qemu added ignoring of *.patch to .gitignore,
unignore them in d/.gitignore
* re-add 4 patches which were lost from git
during preparation for 6.1
(not affecting the source package)
* uas-add-stream-number-sanity-checks-CVE-2021-3713.diff
Closes: #992727, CVE-2021-3713
* Mention (some) bugs closed by 6.1 upstream
* Mention closing of #947349
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 31 Aug 2021 02:01:51 +0300
qemu (1:6.1+dfsg-1) unstable; urgency=medium
* new upstream release (6.1.0)
Closes: CVE-2021-3607 (pvrdma: ensure correct input on ring init)
Closes: CVE-2021-3608 (pvrdma: unmap initialized dma address)
Closes: #989042, CVE-2021-3544 (vhost-user-gpu resource leaks)
Closes: #989042, CVE-2021-3545 (vhost-user-gpu memory disclosure)
Closes: #989042, CVE-2021-3546 (vhost-user-gpu OOBwr virgl_cmd_get_capset)
Closes: #991911, CVE-2021-3682 (pvrdma: possible mremap overflow)
* refresh patches, remove patches which were applied upstream
* remove newly appeared pc-bios/vof.bin in dfsg-clean
* add python3-sphinx-rtd-theme to build-depends
* removed qemu-system-moxie arch
* actually build many qemu modules as modules, and install
them in qemu-system-common.
* make strong versioned dependency between various qemu-system-*
packages, so that modules works correctly.
* drop very old versions from Build-Depends, Depends and Recommends
for packages which long has much more recent versions in debian
* up qemu-block-extra dependecy level from Suggests to Recommends
* d/control: stop suggesting sgabios by qemu-system-x86
* (experimental for now, needs more work) print name of the package
name for a module which can't be loaded, to give a clue what other
package one may need to install for the requested functionality
* fix some spelling mistakes in visible messages (spelling.diff)
* enable jack audio backend (in qemu-system-gui) (Closes: #984726)
* other small/internal changes in packaging:
- removed --disable-sheepdog which were dropped upstream
- install gui modules in d/rules not in d/q-s-gui.install
to be able to use wildcard in d/q-s-common.install
- recommend qemu-block-extra, not suggest it and not depend on it (ubuntu)
for qemu-system-* and qemu-utils
- reformat qemu "deps" for qemu-system-gui, stop listing -xen there
(it can not satisfy -gui), qemu-system-s390x is :ubuntu:-only
- d/control: stop recommending -gui for xen package
(it is of no use for xen)
- d/control: reformat Depends for qemu-block-extra, do not include -xen
version there, mark -x390x as ubuntu-only,
and allow qemu-utils to satisfy the dependency
- do not install docs which does not exist anymore
- stop omiting Changelog from dh_installchangelog: the file is long gone
- d/rules: explicitly state version of skiboot as it is stored
in a git tag only, or else skiboot does not build (hack)
- put (new in 6.1, new in debian) hw-display-virtio-gpu-gl.so
to qemu-system-gui as it pulls in X11
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 25 Aug 2021 15:59:26 +0300
qemu (1:6.0+dfsg-4) unstable; urgency=medium
* d/rules: fix last ubuntu merge, xen is x86-only, not all-debian
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 17 Aug 2021 19:04:30 +0300
qemu (1:6.0+dfsg-3) unstable; urgency=medium
[ Michael Tokarev ]
* enable /run/qemu mount on ubuntu only
* usbredir-fix-free-call-CVE-2021-3682.patchi
Closes: #991911, CVE-2021-3682
[ Christian Ehrhardt ]
* ubuntu-only changes:
- d/control-in: Make Ubuntu qemu-utils depend on qemu-block-extra
- d/control-in: Make Ubuntu qemu-system-common depend on qemu-block-extra
- d/control*, d/rules: disable xen by default, but provide universe package
qemu-system-x86-xen as alternative
* d/p/target-s390x-Fix-translation-exception-on-illegal-in.patch:
avoid segfaults by uretprobes (LP 1929926)
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 17 Aug 2021 17:49:10 +0300
qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
[ Christian Ehrhardt ]
* qemu 6.0 broke libvirt <7.2, add a Breaks
to avoid partial upgrade issues (LP: #1932264)
* enable SDL as secondary UI backend (LP: #1256185) (Closes: #947349)
* clear all (current and former) modules on purge
* only save modules if /run/qemu isn't noexec
* provide run-qemu.mount in qemu-block-extra
(disabled in debian for now)
* Disable capstone disassembler library support in ubuntu (universe)
[ Michael Tokarev ]
* qemu does not ship Changelog file anymore
* drop version from libfuse-dev build-depends (noticed by Ville Skyttä)
* a few patches from upstream stable:
- target-ppc-fix-load-endianness-for-lxvwsx-lxvdsx.patch
fix various crashes in ppc system emulation.
Thanks to Christian Ehrhardt for pointing this out
- pvrdma-fix-possible-mremap-overflow-in-pvrdma-device-CVE-2021-3582.patch
(Closes: #990565, CVE-2021-3582)
- pvrdma-ensure-correct-input-on-ring-init-CVE-2021-3607.patch
(Closes: #990564, CVE-2021-3607)
- pvrdma-fix-the-ring-init-error-flow-CVE-2021-3608.patch
(Closes: #990563, CVE-2021-3608)
- usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch
usb-redir-avoid-dynamic-stack-allocation-CVE-2021-3527.patch
(Closes: #988157, CVE-2021-3527)
* mention closing of 3 bugs in am53c974 (ESP) device emulation by 6.0
(Closes: #979679, CVE-2020-35504)
(Closes: #984455, CVE-2020-35505)
(Closes: #984454, CVE-2020-35506)
* make fuse debian-only, since libfuse3 in ubuntu is in universe
* fix microvm default machine type for a new build system (LP: #1936894)
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 21 Jul 2021 19:43:37 +0300
qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium
* new upstream release
Closes: #979679, CVE-2020-35504
Closes: #984455, CVE-2020-35505
Closes: #984454, CVE-2020-35506
* remove obsolete patches, refresh use-fixed-data-path.patch
* use libncurses-dev, not old libncursesw5-dev
* enable fuse export (and build-depend on libfuse3-dev)
* install (new) manpages for qemu-storage-daemon
* enable new hexagon qemu-user target
* two patches to fix 3 new spelling mistakes
* remove now-unused shared-library-lacks-prerequisites lintian-overrides
for qemu-user-static
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 08 May 2021 10:16:05 +0300
qemu (1:5.2+dfsg-11) unstable; urgency=medium
* i386-acpi-restore-device-paths-for-pre-5.1-vms.patch
This fixes a serious issue in some VMs (in particuar, Windows & MacOS)
when migrating from buster qemu to bullseye qemu.
(Closes: #990675)
* pvrdma-fix-possible-mremap-overflow-in-pvrdma-device-CVE-2021-3582.patch
(Closes: #990565, CVE-2021-3582)
* pvrdma-ensure-correct-input-on-ring-init-CVE-2021-3607.patch
(Closes: #990564, CVE-2021-3607)
* pvrdma-fix-the-ring-init-error-flow-CVE-2021-3608.patch
(Closes: #990563, CVE-2021-3608)
* ide-atapi-check-logical-block-address-and-read-size-CVE-2020-29443.patch
(Closes: #983575, CVE-2020-29443)
* usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch
usb-redir-avoid-dynamic-stack-allocation-CVE-2021-3527.patch
(Closes: #988157, CVE-2021-3527)
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 18 Jul 2021 16:14:41 +0300
qemu (1:5.2+dfsg-10) unstable; urgency=medium
* 5 sdhci fixes from upstream:
dont-transfer-any-data-when-command-time-out.patch
dont-write-to-SDHC_SYSAD-register-when-transfer-is-in-progress.patch
correctly-set-the-controller-status-for-ADMA.patch
limit-block-size-only-when-SDHC_BLKSIZE-register-is-writable.patch
reset-the-data-pointer-of-s-fifo_buffer-when-a-different-block-size...patch
(Closes: #986795, #970937, CVE-2021-3409, CVE-2020-17380, CVE-2020-25085)
* mptsas-remove-unused-MPTSASState.pending-CVE-2021-3392.patch
fix possible use-after-free in mptsas_free_request
(Cloese: #984449, CVE-2021-3392)
-- Michael Tokarev <mjt@tls.msk.ru> Fri, 16 Apr 2021 12:43:36 +0300
qemu (1:5.2+dfsg-9) unstable; urgency=medium
* do not make qemu-system-data dependent on qemu-system-foo
(Closes: #985040)
* CVE-2021-20263 - implement dropping security.capability xattr
This adds two patches from upstream:
virtiofsd-save-error-code-early-at-the-failure-callsite.patch
virtiofsd-drop-remapped-security.capability-..-needed-CVE-2021-20263.patch
Closes: #985083, CVE-2021-20263
* CVE-2021-3416 fix from upstream
Fixes infinite loop in loopback mode of various network devices,
adding 10 patches from upstream
Closes: #984448, CVE-2021-3416
* net-e1000-fail-early-for-evil-descriptor-CVE-2021-20257.patch
Fix CVE-2021-20257 from upstream: e1000: infinite loop while processing
transmit descriptors
Closes: #984450, CVE-2021-20257
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 17 Mar 2021 21:02:30 +0300
qemu (1:5.2+dfsg-8) unstable; urgency=medium
* a no-change upload to fix broken previous upload
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Mar 2021 12:21:37 +0300
qemu (1:5.2+dfsg-7) unstable; urgency=high
* do not make qemu-system-common dependent on qemu-system-foo.
We removed modules from qemu-system-common for now, so there's no
need for it to depend on any of qemu-system-foo of the same version.
Among other things this fixes #983756 (which should be fixes some
other way anyway, but it should be ok for now).
Closes: #983756, #983921, #985195
Urgency is high because a single bin-NMU of qemu package made it
uninstallable.
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Mar 2021 11:32:54 +0300
qemu (1:5.2+dfsg-6) unstable; urgency=medium
* deprecate qemu-debootstrap. It is not needed anymore with
binfmt F flag, since everything now works without --foreign
debootstrap argument and copying the right qemu binary into
the chroot. Closes: #901197
* fix the brown-paper bag bug: wrong argument order
in the linux-user-binfmt patch (really closes: #970460)
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 16 Feb 2021 12:11:20 +0300
qemu (1:5.2+dfsg-5) unstable; urgency=medium
* d/rules: ensure b/ subdir exists before building palcode and qboot
* d/changelog: #959530 is not fixed by 5.2+dfsg-4
* 3 virtiofsd patches Closes: #980814, CVE-2020-35517
virtiofsd: potential privileged host device access from guest
- virtiofsd-extract-lo_do_open-from-lo_open.patch
- virtiofsd-optionally-return-inode-pointer-from-lo_do_lookup.patch
- virtiofsd-prevent-opening-of-special-files-CVE-2020-35517.patch
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Feb 2021 17:44:06 +0300
qemu (1:5.2+dfsg-4) unstable; urgency=medium
[ Michael Tokarev ]
* require libfdt >= 1.5.0-2 due to #931046
* qemu-user: attempt to preserve argv[0] when run under binfmt
(Closes: #970460)
This changes the enterpreter name for all linux-user registered
binfmts, so it potentially can break stuff. The actual binary
being registered now is /usr/libexec/qemu-binfmt/foo-binfmt-P,
which is a symlink to actual /usr/lib/qemu-foo[-static].
* ignore .git-submodule-status when building source
* some security fixes from upstream:
o arm_gic-fix-interrupt-ID-in-GICD_SGIR-CVE-2021-20221.patch
Closes: CVE-2021-20221
GIC (armv7): out-of-bound heap buffer access via an interrupt ID field
o 9pfs-Fully-restart-unreclaim-loop-CVE-2021-20181.patch
Closes: CVE-2021-20181
* non-security fixes from upstream:
pc-bios-descriptors-fix-paths-in-json-files.patch - fixes wrong paths
in edk2-firmware-related json files introduced in 5.2
[ Christian Ehrhardt ]
* d/control-in: avoid version mismatch of installed binaries
(Closes: #956377)
[ Dan Streetman ]
* Backport configure param --with-git-submodules and set to 'ignore'
-- Michael Tokarev <mjt@tls.msk.ru> Sun, 14 Feb 2021 16:52:10 +0300
qemu (1:5.2+dfsg-3) unstable; urgency=medium
[ Christian Ehrhardt ]
* d/rules: fix qemu-user-static to really be static (LP: #1908331)
[ Michael Tokarev ]
* build most modules statically (besides block and gui parts).
This makes qemu-system-common package to be of less strict dependency
for other qemu-system-* packages, and also Closes: #977301, #978131
* especially remove removed binfmts in qemu-user-{static,binfmt}.preinst
(really Closes: #977015)
* memory-clamp-cached-translation-MMIO-region-CVE-2020-27821.patch
(Closes: #977616, CVE-2020-27821)
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 29 Dec 2020 15:07:03 +0300
qemu (1:5.2+dfsg-2) unstable; urgency=medium
* move ui-opengl.so module from qemu-system-gui to qemu-system-common,
as other modules want it (Closes: #976996, #977022)
* do not install dropped ppc64abi32 binfmt for qemu-user[-static]
(Closes: #977015)
-- Michael Tokarev <mjt@tls.msk.ru> Thu, 10 Dec 2020 11:15:43 +0300
qemu (1:5.2+dfsg-1) unstable; urgency=medium
* new upstream release
Closes: #965978, CVE-2020-15859 (22dc8663d9fc7baa22100544c600b6285a63c7a3)
Closes: #970539, CVE-2020-25084 (21bc31524e8ca487e976f713b878d7338ee00df2)
Closes: #970540, CVE-2020-25085 (dfba99f17feb6d4a129da19d38df1bcd8579d1c3)
Closes: #970541, CVE-2020-25624 (1328fe0c32d5474604105b8105310e944976b058)
Closes: #970542, CVE-2020-25625 (1be90ebecc95b09a2ee5af3f60c412b45a766c4f)
Closes: #974687, CVE-2020-25707 (c2cb511634012344e3d0fe49a037a33b12d8a98a)
Closes: #975276, CVE-2020-25723 (2fdb42d840400d58f2e706ecca82c142b97bcbd6)
Closes: #975265, CVE-2020-27616 (ca1f9cbfdce4d63b10d57de80fef89a89d92a540)
Closes: #973324, CVE-2020-27617 (7564bf7701f00214cdc8a678a9f7df765244def1)
Closes: #972864, CVE-2020-27661 (bea2a9e3e00b275dc40cfa09c760c715b8753e03)
Closes: CVE-2020-27821 (1370d61ae3c9934861d2349349447605202f04e9)
Closes: #976388, CVE-2020-28916 (c2cb511634012344e3d0fe49a037a33b12d8a98a)
* remove obsolete patches
* refresh use-fixed-data-path.patch and debian/get-orig-source.sh
* bump minimum meson version required for build to 0.55.3
* update build rules for several components
* remove deprecated lm32 and unicore32 system emulators
* remove deprecated ppc64abi32 and tilegx linux-user emulators
* install ui-spice-core.so & chardev-spice.so in qemu-system-common
* install ui-egl-headless.so in qemu-system-common
* install hw-display-virtio-*.so in qemu-system-common
* install ui-opengl.so in qemu-system-gui
* install qemu-pr-helper.8 in qemu-system-common
* qemu-pr-helper moved to usr/bin/ again
* qboot.rom renamed from bios-microvm.bin
* remove several unused lintian overrides
* add spelling.diff patch to fix a few spelling errors
* update Standards-Version to 4.5.1
* fix a few trailing whitespaces in d/control and d/changelog
* require libcapstone >= 4.0.2 (v4) for build
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 09 Dec 2020 08:57:41 +0300
qemu (1:5.1+dfsg-4) unstable; urgency=high
* mention closing of CVE-2020-16092 by 5.1
* usb-fix-setup_len-init-CVE-2020-14364.patch
Closes: #968947, CVE-2020-14364
(OOB r/w access in USB emulation)
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 02 Sep 2020 16:14:52 +0300
qemu (1:5.1+dfsg-3) unstable; urgency=medium
* fix one more issue in last upload. This is what happens when
you do "obvious" stuff in a hurry without proper testing..
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 17 Aug 2020 22:19:55 +0300
qemu (1:5.1+dfsg-2) unstable; urgency=medium
* fix brown-paper bag bug in last upload
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 17 Aug 2020 20:58:52 +0300
qemu (1:5.1+dfsg-1) unstable; urgency=medium
* hw-display-qxl.so depends on spice so install it
only if it is built just like ui-spice-app
* note #931046 for libfdt
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 17 Aug 2020 18:57:14 +0300
qemu (1:5.1+dfsg-0exp1) experimental; urgency=medium
* new upstream release 5.1.0. Make source DFSG-clean again
Closes: #968088
Closes: CVE-2020-16092 (net_tx_pkt_add_raw_fragment in e1000e & vmxnet3)
* remove all patches which are applied upstream
* do not install non-existing doc/qemu/*-ref.*
* qemu-pr-helper is now in /usr/lib/qemu not /usr/bin
* virtfs-proxy-helper is in /usr/lib/qemu now, not /usr/bin
* new architecture: qemu-system-avr
* refresh d/get-orig-source.sh
* d/get-orig-source.sh: report already removed files in dfsg-clean
* install common modules in qemu-system-common
* lintian tag renamed: shared-lib-without-dependency-information to
shared-library-lacks-prerequisites
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 12 Aug 2020 19:09:24 +0300
qemu (1:5.0-14) unstable; urgency=high
* this is a bugfix release before breaking toys with the new upstream
* riscv-allow-64-bit-access-to-SiFive-CLINT.patch
(another fix for revert-memory-accept-..-CVE-2020-13754)
* install /usr/lib/*/qemu/ui-curses.so in qemu-system-common
Closes: #966517
-- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Jul 2020 11:45:25 +0300
qemu (1:5.0-13) unstable; urgency=medium
* seabios-hppa-fno-ipa-sra.patch
fix ftbfs with gcc-10
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 22 Jul 2020 22:16:41 +0300
qemu (1:5.0-12) unstable; urgency=medium
* acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
this replace cpi-allow-accessing-acpi-cnt-register-by-byte.patch
and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
* xhci-fix-valid.max_access_size-to-access-address-registers.patch
fix one more incarnation of the breakage after the CVE-2020-13754 fix
* do not install outdated (0.12 and before) Changelog (Closes: #965381)
* xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
ARM-only XGMAC NIC, possible buffer overflow during packet transmission
Closes: CVE-2020-15863
* sm501 OOB read/write due to integer overflow in sm501_2d_operation()
List of patches:
sm501-convert-printf-abort-to-qemu_log_mask.patch
sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
sm501-use-BIT-macro-to-shorten-constant.patch
sm501-clean-up-local-variables-in-sm501_2d_operation.patch
sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
Closes: #961451, CVE-2020-12829
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 22 Jul 2020 19:42:29 +0300
qemu (1:5.0-11) unstable; urgency=high
* d/control-in: only enable opengl (libdrm&Co) on linux
* d/control-in: spice: drop versioned deps (even jessie version is enough),
drop libspice-protocol-dev (automatically pulled by libspice-server-dev),
and build on more architectures
* change from debhelper versioned dependency to debhelper-compat (=12)
* acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793)
This is another incarnation of the recent bugfix which actually enabled
memory access constraints, like #964247
Urgency = high due to this issue.
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 20 Jul 2020 18:41:17 +0300
qemu (1:5.0-10) unstable; urgency=medium
* fix the wrong $(if) construct for s390x kvm link (FTBFS on s390x)
* use the same $(if) construct to simplify #ifdeffery
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 18 Jul 2020 10:02:41 +0300
qemu (1:5.0-9) unstable; urgency=medium
* move kvm executable/script from qemu-kvm to qemu-system-foo,
make it multi-arch, and remove qemu-kvm package
* remove libcacard leftovers from d/.gitignore
* linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
(Closes: #965109)
* linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289)
* libudev is linux-specific, do not build-depend on it
on kfreebsd and others
* install virtiofsd in d/rules (!sparc64) instead of
d/qemu-system-common.install (fixes FTBFS on sparc64)
* confirm -static-pie not working today still
* d/control: since qemu-system-data now contains module(s),
it can't be multi-arch. Ditto for qemu-block-extra.
* qemu-system-foo: depend on exact version of qemu-system-data,
due to the latter having modules
* build all modules since there are modules anyway,
no need to hack them in d/rules
* fix spelling in a patch name/subject inlast upload
* d/rules: do not use dh_install and dh_movefiles for individual
pkgs, open-code mkdir+cp/mv, b/c dh_install acts on all files
listed in d/foo.install too, in addition to given on command-line
* remove trailing whitespace from d/changelog
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 18 Jul 2020 08:29:38 +0300
qemu (1:5.0-8) unstable; urgency=medium
* d/control: rdma is linux-only, do not enable it on kfreebsd & hurd
* add comment about virtiofsd conditional to d/qemu-system-common.install
Now qemu FTBFS on sparc64 since virtiofsd is not built due to missing
seccomp onn that platform, we should either make virtiofsd conditional
(!sparc64) or fix seccomp on sparc64 and build-depend on it
* openbios-use-source_date_epoch-in-makefile.patch (Closes: #963466)
* seabios-hppa-use-consistant-date-and-remove-hostname.patch (Closes: #963467)
* slof-remove-user-and-host-from-release-version.patch (Closes: #963472)
* slof-ensure-ld-is-called-with-C-locale.patch (Closes: #963470)
* update previous changelog, mention #945997
* reapply CVE-2020-13253 fixed from upstream:
sdcard-simplify-realize-a-bit.patch (preparation for the next patch)
sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253)
sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational)
sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch
Closes: #961297, CVE-2020-13253
-- Michael Tokarev <mjt@tls.msk.ru> Fri, 17 Jul 2020 09:12:43 +0300
qemu (1:5.0-7) unstable; urgency=medium
* Revert "d/rules: report config log from the correct subdir - base build"
* Revert "d/rules: report config log from the correct subdir - microvm build"
* acpi-tmr-allow-2-byte-reads.patch (Closes: #964247)
* remove sdcard-dont-switch-to-ReceivingData-if-add...-CVE-2020-13253.patch -
upstream decided to fix it differently (Reopens: #961297, CVE-2020-13253)
* explicitly specify --enable-tools on hppa and do the same trick
with --enable-tcg-interpreter --enable-tools on a few other unsupported
arches (Closes: #964372, #945997)
-- Michael Tokarev <mjt@tls.msk.ru> Thu, 16 Jul 2020 18:36:08 +0300
qemu (1:5.0-6) unstable; urgency=medium
[ Christian Ehrhardt ]
* d/control-in: disable pmem on ppc64 as it is currently considered
experimental on that architecture
* d/rules: makefile definitions can't be recursive - sys_systems for s390x
* d/rules: report config log from the correct subdir - base build
* d/rules: report config log from the correct subdir - microvm build
* d/control-in: disable rbd support unavailable on riscv
* fix assert in qemu guest agent that crashes on shutdown (LP: #1878973)
* d/control-in: build-dep libcap is no more needed
* d/rules: update -spice compat (Ubuntu only)
[ Michael Tokarev ]
* save block modules on upgrades (LP: #1847361)
After upgrade a still running qemu of a former version can't load the
new modules e.g. for extended storage support. Qemu 5.0 has the code to
allow defining a path that it will load these modules from.
* ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger
infinite recursion via a crafted mm_index value during
ati_mm_read or ati_mm_write call.
* revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch
Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu
devices which uses min_access_size and max_access_size Memory API fields.
Also closes: CVE-2020-13791
* exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
CVE-2020-13659: address_space_map in exec.c can trigger
a NULL pointer dereference related to BounceBuffer
* megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c
has an OOB read via a crafted reply_queue_head field from a guest OS user
* megasas-use-unsigned-type-for-positive-numeric-fields.patch
fix other possible cases like in CVE-2020-13362 (#961887)
* megasas-fix-possible-out-of-bounds-array-access.patch
Some tracepoints use a guest-controlled value as an index into the
mfi_frame_desc[] array. Thus a malicious guest could cause a very low
impact OOB errors here
* nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server.
This flaw occurs when an nbd-client sends a spec-compliant request that is
near the boundary of maximum permitted request length. A remote nbd-client
could use this flaw to crash the qemu-nbd server resulting in a DoS.
* es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch
Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not
properly validate the frame count, which allows guest OS users to trigger
an out-of-bounds access during an es1370_write() operation
* sdcard-dont-switch-to-ReceivingData-if-address-is-in...-CVE-2020-13253.patch
CVE-2020-13253: sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated
address, which leads to an out-of-bounds read during sdhci_write()
operations. A guest OS user can crash the QEMU process.
And a preparational patch,
sdcard-update-coding-style-to-make-checkpatch-happy.patch
* a few patches from the stable series:
- fix-tulip-breakage.patch
The tulip network driver in a qemu-system-hppa emulation is broken in
the sense that bigger network packages aren't received any longer and
thus even running e.g. "apt update" inside the VM fails. Fix this.
- 9p-lock-directory-streams-with-a-CoMutex.patch
Prevent deadlocks in 9pfs readdir code
- net-do-not-include-a-newline-in-the-id-of-nic-device.patch
Fix newline accidentally sneaked into id string of a nic
- qemu-nbd-close-inherited-stderr.patch
- virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
- virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
- virtio-balloon-unref-the-iothread-when-unrealizing.patch
[ Aurelien Jarno ]
* Remove myself from maintainers
-- Michael Tokarev <mjt@tls.msk.ru> Fri, 03 Jul 2020 18:24:48 +0300
qemu (1:5.0-5) unstable; urgency=medium
* more binfmt-install updates
* CVE-2020-10717 fix from upstream:
virtiofsd-add-rlimit-nofile-NUM-option.patch (preparational) and
virtiofsd-stay-below-fs.file-max-CVE-2020-10717.patch
(Closes: #959746, CVE-2020-10717)
* 2 patches from upstream/stable to fix io_uring fd set buildup:
aio-posix-dont-duplicate-fd-handler-deletion-in-fdmon_io_uring_destroy.patch
aio-posix-disable-fdmon-io_uring-when-GSource-is-used.patch
* upstream stable fix: hostmem-dont-use-mbind-if-host-nodes-is-empty.patch
* upstream stable fix:
net-use-peer-when-purging-queue-in-qemu_flush_or_purge_queue_packets.patch
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 13 May 2020 12:57:19 +0300
qemu (1:5.0-4) unstable; urgency=medium
* fix binfmt registration (Closes: #959222)
* disable PIE for user-static build on x32 too, not only i386
-- Michael Tokarev <mjt@tls.msk.ru> Fri, 01 May 2020 13:30:43 +0300
qemu (1:5.0-3) unstable; urgency=medium
* do not explicitly enable -static-pie on non-i386 architectures.
Apparenly only amd64 actually support -static-pie for now, and
it is correctly detected.
-- Michael Tokarev <mjt@tls.msk.ru> Thu, 30 Apr 2020 08:05:31 +0300
qemu (1:5.0-2) unstable; urgency=medium
* (temporarily) disable pie on i386 static build
For now -static-pie fails on i386 with the following error message:
/usr/bin/ld: /usr/lib/i386-linux-gnu/libc.a(memset_chk-nonshared.o):
unsupported non-PIC call to IFUNC `memset'
* install qemu-system docs in qemu-system-common, not qemu-system-data,
since docs require ./configure run
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 29 Apr 2020 23:41:04 +0300
qemu (1:5.0-1) unstable; urgency=medium
* new upstream release (5.0)
Closes: #958926
Closes: CVE-2020-11869
* refresh patches, remove patches applied upstream
* do not mention openhackware, it is not used anymore
* do not disable bluez (support removed)
* new system arch "rx"
* dont install qemu-doc.* for now,
but install virtiofsd & qemu-storage-daemon
* add shared-lib-without-dependency-information tag
to qemu-user-static.lintian-overrides
* add html docs to qemu-system-data (to /usr/share/doc/qemu-system-common)
* do not install usr/share/doc/qemu/specs & usr/share/doc/qemu/tools
* install qemu-user html docs for qemu-user & qemu-user-static
* build hppa-firmware.img from roms/seabios-hppa
(and Build-Depeds-Indep on gcc-hppa-linux-gnu)
* enable liburing on linux (build-depend on liburing-dev)
* add upstream signing-key.asc (Michael Roth <flukshun@gmail.com>)
* build opensbi firmware
(for riscv64 only, riscv32 is possible with compiler flags)
* add source-level lintian-overrides for binaries-without-sources
(lintian can't find sources for a few firmware images which are in roms/)
-- Michael Tokarev <mjt@tls.msk.ru> Wed, 29 Apr 2020 12:00:12 +0300
qemu (1:4.2-7) unstable; urgency=medium
* qemu-system-gui: Multi-Arch=same, not foreign (Closes: #956763)
* x32 arch is in the same family as i386 & x86_64, omit binfmt registration
* check systemd-detect-virt before running update-binfmt
* gluster is de-facto linux-only, do not build-depend on it on non-linux
* virglrenderer is also essentially linux-specific
* qemu-user-static does not depend on shlibs
* disable parallel building of targets of d/rules
* add lintian overrides (arch-dependent static binaries) for openbios binaries
* separate binary-indep target into install-indep-prep and binary-indep
* split out various components of qemu-system-data into independent
build/install rules and add infrastructure for more components:
x86-optionrom, sgabios, qboot, openbios, skiboot, palcode-clipper,
slof, s390x-fw
* iscsi-fix-heap-buffer-overflow-in-iscsi_aio_ioctl_cb.patch
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 20 Apr 2020 18:30:00 +0300
qemu (1:4.2-6) unstable; urgency=medium
* d/rules: fix FTBFS (brown-paper-bag bug) in last upload
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 17:08:45 +0300
qemu (1:4.2-5) unstable; urgency=medium
* no error-out on address-of-packet-member in openbios
* install ui-spice-app.so only if built, spice is optional
* arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch -
Closes: CVE-2020-10702, weak signature generation
in Pointer Authentication support for ARM
* (temporarily) enable seccomp only on architectures where it can be built
(Closes: #956624)
* seccomp has grown up, no need in versioned build-dep
* do not list librados-dev in build-dep as we only use librbd-dev
and the latter depends on the former
* only enable librbd on architectures where it is buildable
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 15:47:40 +0300
qemu (1:4.2-4) unstable; urgency=medium
[ Michael Tokarev ]
* d/rules: build minimal configuration for qboot/microvm usage
* set microvm to be the default machine type for microvm case
* install ui-spice-app.so in qemu-system-common
* do not depend on libattr-dev, functions are now in libc6 (Closes: #953910)
* net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
(Closes: #956145, CVE-2020-11102, tulip nic buffer overflow)
* qemu-system-data: s/highcolor/hicolor/ (Closes: #955741)
* switch binfmt registration to use update-binfmts --[un]import
(Closes: #866756)
* build openbios-ppc & openbios-sparc binaries in qemu-system-data,
and replace corresponding binary packages.
Add gcc-sparc64-linux-gnu, fcode-utils & xsltproc to build-depend-indep
* build and provide/replace qemu-slof too
[ Aurelien Jarno ]
* enable support for riscv64 hosts
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 12:44:43 +0300
qemu (1:4.2-3) unstable; urgency=medium
* mention closing of #909743 in previous changelog (Closes: #909743)
* do not link to qemu-skiboot from qemu-system-ppc (Closes: #950431)
* provide+conflict qemu-skiboot from qemu-system-data,
as we are not using this package anymore
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 01 Feb 2020 22:10:57 +0300
qemu (1:4.2-2) unstable; urgency=medium
[ Fabrice Bauzac ]
* Fix a typo in the description of the qemu binary package
[ Frédéric Bonnard ]
* Enable powernv emulation with skiboot firmware
[ Michael R. Crusoe ]
* Modernize watch file (Closes: #909743)
[ Christian Ehrhardt ]
* d/control-in: promote qemu-efi/ovmf in Ubuntu
* d/control-in: bump debhelper build-dep for compat 12
* - d/control-in: update VCS links
* - d/control-in: disable bluetooth being deprecated
* d/not-installed: ignore new interop docs and extra icons for now
* do not install elf2dmp until namespaced
* d/control-in: Enable numa support for s390x
* Create qemu-system-s390x package (Ubuntu only for now)
[ Michael Tokarev ]
* stop using inttypes.h in qboot code;
this makes dependency on libc6-dev-i386 to be unnecessary
* qboot-no-jump-tables.diff - use #pragma for one file in qboot
* do not install qemu-edid and qemu-keymap for now
* no need in bluetooth patches as bluetooth is disabled
* scsi-cap-block-count-from-GET-LBA-STATUS-CVE-2020-1711.patch
(Closes: #949731, CVE-2020-1711)
* enable libpmem support on amd64|arm64|ppc64el (Closes: #935327)
-- Michael Tokarev <mjt@tls.msk.ru> Fri, 31 Jan 2020 23:51:09 +0300
qemu (1:4.2-1) unstable; urgency=medium
* new upstream release (4.2.0)
* removed patches: v4.1.1.diff, enable-pschange-mc-no.patch
* do not make sgabios.bin executable (lintian)
* add s390-netboot.img lintian overrides for qemu-system-data
* build qboot (bios-microvm.bin)
* build-depend-indep on libc6-dev-i386 for qboot
(includes some system headers)
-- Michael Tokarev <mjt@tls.msk.ru> Sat, 14 Dec 2019 14:07:27 +0300
qemu (1:4.1-3) unstable; urgency=medium
* mention #939869 (CVE-2019-15890) in previous changelog entry
* add Provides: sgabios to qemu-data (Closes: #945924)
* fix qemu-debootsrtap (add hppa arch, print correct error message)
thanks to Helge Deller (Closes: #923410)
* enable long binfmt masks again for mips/mips32 (Closes: #829243)
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 02 Dec 2019 13:24:58 +0300
qemu (1:4.1-2) unstable; urgency=medium
* build sgabios in build-indep, conflict with sgabios package
* qemu-system-ppc: build and install canyonlands.dtb in addition to bamboo.dtb
* remove duplicated CVE-2018-20123 & CVE-2018-20124 in prev changelog
* move s390 firmware build rules to debian/s390fw.mak, build s390-netboot.img
* imported v4.1.1.diff - upstream stable branch
Closes: CVE-2019-12068
Closes: #945258, #945072
* enable-pschange-mc-no.patch: i386: add PSCHANGE_MC_NO feature
to allow disabling ITLB multihit mitigations in nested hypervisors
Closes: #944623
* build-depend on nettle-dev, enable nettle, and clarify --enable-lzo
* switch to system libslirp, build-depend on libslirp-dev
Closes: #939869, CVE-2019-15890
-- Michael Tokarev <mjt@tls.msk.ru> Mon, 25 Nov 2019 12:54:05 +0300
qemu (1:4.1-1) unstable; urgency=medium
* new upstream release v4.1
Closes: #933741, CVE-2019-14378 (slirp buff overflow in packet reassembly)
(use internal slirp copy for now)
Closes: #931351, CVE-2019-13164 (qemu-bridge-helper long IFNAME)
Closes: #922923, CVE-2019-8934 (ppc64 emulator leaks hw identity)
Closes: #916442, CVE-2018-20123 (pvrdma memory leak in device hotplug)
Closes: #922461, CVE-2018-20124 (pvrdma num_sge can exceed MAX_SGE)
Closes: #927924 (new upstream version)
Closes: #897054 (AMD Zen CPU support)
Closes: #935324 (FTBFS due to gluster API change)
Closes: CVE-2018-20125 (pvrdma: DoS in create_cq_ring|create_qp_rings)
Closes: CVE-2018-20126 (pvrdma: memleaks in create_cq_ring|create_qp_rings)
Closes: CVE-2018-20191 (pvrdma: DoS due to missing read operation impl.)
Closes: CVE-2018-20216 (pvrdma: infinite loop in pvrdma_dev_ring.c)
* remove patches which are applied upstream, refresh remaining patches
(bt-use-size_t-...-CVE-2018-19665.patch hasn't been applied upstream,
bluetooth subsystem is going to be removed, we keep it for now)
* debian/source/options: ignore slirp/ submodule
* use python3 for building, not python
* debian/optionrom.mk: add pvh.bin
* switch from libssh2 to libssh, and enable libssh support in ubuntu
* bump spice version requiriment to 0.12.5
* enable pvrdma
* debian/control-in: remove reference to libsdl
* debian/rules: add new objects for s390-ccw fw
* debian/control: add build dependency on python3-sphinx for docs
* install ui/icons/qemu.svg and qemu.desktop
* debian/rules: remove pc-bios/bamboo.dtb before building it
* install vhost-user-gpu binary and 50-qemu-gpu.json
* debian/rules: remove old maintscript-helper invocations, not needed anymore
* remove +dfsg for now, upload whole upstream source, will trim it later
-- Michael Tokarev <mjt@tls.msk.ru> Tue, 27 Aug 2019 12:43:43 +0300
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog qemu-block-extra`.
Generated by dwww version 1.15 on Wed May 22 15:49:57 CEST 2024.