Change log for qemu package in Debian
| 76 → 150 of 317 results | First • Previous • Next • Last |
| Superseded in sid-release |
qemu (1:7.0+dfsg-2) unstable; urgency=medium
* d/control: add Rules-Requires-Root: no
* d/control: switch to debhelper-compat=13
* d/control: drop "qemu" empty/dummy pseudopackage
* d/control: do not build linux-user* on ia64 and powerpc
(not supported by upstream anymore)
* d/control: add Breaks for qemu-system-data for other packages from which
it borrowed files in the past (Closes: #1008095)
* d/rules: switch to the dh sequence (but keep build-{arch,indep}),
rearrange some rules.
This brings us dh_dwz (very slow) and dh_strip_nondeterminism.
* d/rules: do not explicitly turn off slirp & capstone (now properly
controlled by --with[out]-default-features option)
* d/rules: do not try to enable tcg-interpreter on the unsupported
targets, it does not help to build tools anymore
* d/rules: do not chown -w d/control, it breaks dpkg-source
* d/rules: clean up the clean target
* d/not-installed: list many documentation files and qemu-plugin.h
* configure-make-fortify_source-yes-by-default.patch: enable
fortify-source for minimal builds too
* d/changelog: mention #990562 (CVE-2021-3611) closed by 7.0
-- Michael Tokarev <email address hidden> Sat, 30 Apr 2022 13:38:12 +0300
| Superseded in sid-release |
qemu (1:7.0+dfsg-1) unstable; urgency=medium * update to 7.0 release -- Michael Tokarev <email address hidden> Thu, 21 Apr 2022 14:19:51 +0300
| Superseded in sid-release |
qemu (1:7.0~rc4+dfsg-1) experimental; urgency=medium
* start of 7.0 series
* remove patches applied upstream
* remove new binary file, pc-bios/edk2-x86_64-microvm.fd.bz2
* d/control: remove libxfs-dev build dependency,
the ioctl is implemented inline
* d/control: stop build-depend-indep on libc6.1-dev-alpha-cross,
not needed anymore
* d/rules: update skiboot version check (skiboot hasn't canged since 6.1)
* build & install vbootrom (npcm7xx_bootrom.bin), and
build-depend-indep on gcc-arm-none-eabi
* create a new binary package, qemu-system-xen, which provides
/usr/libexec/xen-qemu-system-i386 binary for use by xen only.
Once xen switches to use this binary instead of usual qemu-system-i386,
xen support will be removed from the regular qemu-system-x86 build
* use a fast inline version of /usr/share/dpkg/architecture.mk
-- Michael Tokarev <email address hidden> Sun, 17 Apr 2022 15:08:40 +0300
| Superseded in sid-release |
qemu (1:6.2+dfsg-3) unstable; urgency=medium
[ Christian Ehrhardt ]
* d/rules: ensure xen is built on x86
* d/rules: xen libexec dir is no more versioned
* d/kvm-spice: fix when acceleration is already defined on the commandline
[ Michael Tokarev ]
* d/control, d/rules: do not compile xen support on i386,
since it is amd64-only now (since 4.16)
* d/control: add libbpf-dev & --enable-bpf for eBPF support
(Closes: #994573)
-- Michael Tokarev <email address hidden> Fri, 25 Feb 2022 12:01:46 +0300
| Superseded in sid-release |
qemu (1:6.2+dfsg-2) unstable; urgency=medium
* bump meson build-dep to 0.59.3
* build & include multiboot_dma.bin (Closes: #1003930)
* libxml2 is not needed for parallels.
Enable parallels block image format (Closes: #1003162)
* acpi-validate-hotplug-selector-on-access-CVE-2021-4158.patch
Closes: CVE-2021-4158
* acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch
(Closes: #1004017)
* acpi-fix-OEM_ID-padding.patch
* debian/get-orig-source.sh: repack dfsg archive differently
* mention closing of a few CVEs by 6.2.0
-- Michael Tokarev <email address hidden> Thu, 20 Jan 2022 10:52:19 +0300
| Superseded in sid-release |
qemu (1:6.2+dfsg-1) unstable; urgency=medium
[ Christian Ehrhardt ]
* 6.2.0 upstream release
* d/get-orig-source.sh: remove pc-bios/multiboot_dma.bin in dfsg-clean
* Drop patches upstream in v6.2.0
* d/p/spelling.diff: update for v6.2.0 (partially accepted)
* d/rules: use new --disable-install-blobs build arg
* Revert "make fuse debian-only, since libfuse3 in ubuntu is in universe",
it is now in main (LP: #1934510)
* d/rules: bump skiboot version for qemu v6.2.0
* d/p/ignore-roms-dependency-in-qtest.patch: fix meson issue
due to dfsg removal of blobs
* d/rules: drop --disable-fdt on microvm builds
(now strictly required on any x86 build)
* d/rules: select default PARISC config for hppa-firmware
-- Michael Tokarev <email address hidden> Sun, 09 Jan 2022 12:52:10 +0300
| Superseded in bullseye-release |
qemu (1:5.2+dfsg-11+deb11u1) bullseye-security; urgency=medium
[ Michael Tokarev ]
* usbredir-fix-free-call-CVE-2021-3682.patch
Closes: #991911, CVE-2021-3682: wrong free in usbredir in bufp_alloc()
* uas-add-stream-number-sanity-checks-CVE-2021-3713.patch
Closes: #992727, CVE-2021-3713: an OOB write to UASDevice fields
in UAS device emulation code
* virtio-net-fix-use-after-unmap-free-for-sg-CVE-2021-3748.patch
Closes: #993401, CVE-2021-3748: use-after-free in virtio_net_receive_rcu
* ati_2d-fix-buffer-overflow-in-ati_2d_blt-CVE-2021-3638.patch
Closes: #992726, CVE-2021-3638:
inconsistent check in ati_2d_blt() may lead to out-of-bounds write
* vhost-user-gpu fixes from upstream, 7 patches:
CVE-2021-3544: multiple memory leaks
CVE-2021-3545: information disclosure due to uninitialized memory reads
CVE-2021-3546: out-of-bounds write in virgl_cmd_get_capset()
Closes: #989042, CVE-2021-3544, CVE-2021-3545, CVE-2021-3546
[ Cyril Brulebois ]
* linux-user-elfload-fix-address-calculation-in-fallback.patch
This fixes problems with some access to an unmounted /proc, as seen
while building images for the Raspberry Pi devices. With thanks to
Diederik de Haas for the report and to Bernhard Übelacker for
pinpointing the upstream fix to backport. (Closes: #988174)
-- Michael Tokarev <email address hidden> Wed, 29 Sep 2021 13:14:52 +0300
| Superseded in sid-release |
qemu (1:6.1+dfsg-8) unstable; urgency=medium
* fix keymaps definitions placement in last upload
(Closes: #997925, #997926)
-- Michael Tokarev <email address hidden> Wed, 27 Oct 2021 13:27:09 +0300
| Superseded in sid-release |
qemu (1:6.1+dfsg-7) unstable; urgency=medium
* qemu-system-data: do not install qemu.desktop (Closes: #995628)
* remove qemu-user-static.README.Debian (#995633)
* d/rules: update configure rules for different qemu builds
* qemu-system-x86-xen: install only -i386 link to xen path, not -x86_64
* promote qemu-system-x86-xen package on ubuntu to be like qemu-system-x86
since it uses the same modules actually
* enable zstd compression support (Build-Depends)
* qemu-system-data: install usr/share/icons/hicolor/32x32/apps/qemu.bmp
for the sdl ui
* d/control: fix wrong relation (< vs <<)
* d/control: use :native version of python3-sphynx (Closes: #995622)
* do not make qemu-system-gui Multi-Arch:same due to vhost-user-gpu
* quieten gcc11 warnings/errors so roms will compile (Closes: #997082)
* move d/qemu-system-data.install to d/rules
-- Michael Tokarev <email address hidden> Tue, 26 Oct 2021 10:35:02 +0300
| Superseded in sid-release |
qemu (1:6.1+dfsg-6) unstable; urgency=medium
* virtio-net-fix-use-after-unmap-free-for-sg-CVE-2021-3748.patch
Closes: #993401, CVE-2021-3748: use-after-free in virtio_net_receive_rcu
* ati_2d-fix-buffer-overflow-in-ati_2d_blt-CVE-2021-3638.patch
Closes: #992726, CVE-2021-3638:
inconsistent check in ati_2d_blt() may lead to out-of-bounds write
* refresh uas-add-stream-number-sanity-checks-CVE-2021-3713{.diff=>.patch}
from upstream
* hmp-unbreak-change-vnc.patch from upstream
to fix 'change vnc passwd' command
-- Michael Tokarev <email address hidden> Wed, 29 Sep 2021 13:41:47 +0300
| Superseded in sid-release |
qemu (1:6.1+dfsg-5) unstable; urgency=medium
* updated debian/patches/linux-user-binfmt-P.diff
to work with in-kernel code
Closes: #993658
* d/rules: do not mark configure target as .PHONY
since it is a real file
-- Michael Tokarev <email address hidden> Mon, 06 Sep 2021 01:20:59 +0300
| Superseded in sid-release |
qemu (1:6.1+dfsg-4) unstable; urgency=medium
* qemu-sockets-fix-unix-socket-path-copy-again.patch
replacing socket-unix-maxlen.patch
Closes: #993145
* enable more devices for the microvm build:
virtio-gpu & vhost-user-gpu
virtio-input-host & vhost_user_input
* move vhost-user-gpu files from qemu-system-common to qemu-system-gui
this elminates X11 dependencies from non-gui qemu-system install
* build and install vof.bin firmware
* rearrange d/rules a bit to make different qemu builds
to be consistent with sysdata-components
* move ppc dtb firmware files from qemu-system-ppc to qemu-system-data
* device-tree-compiler is now needed in build-indep-depends,
not in build-depends
* d/rules: use CROSSPFX variables
* ubuntu only:
- Revert commit from the previous release which restores
relation between qemu-system-xen and qemu-system-gui
since -xen is not compatible with -gui modules
- qemu-system-xen does not suggest qemu-block-extra (incompatible too)
- qemu-system-s390x recommends qemu-block-extra not suggests it
-- Michael Tokarev <email address hidden> Tue, 31 Aug 2021 22:27:25 +0300
| Superseded in sid-release |
qemu (1:6.1+dfsg-3) unstable; urgency=medium
* fix brown-paper bag in last upload (--enable-libudev)
* ubuntu only: restore relations (depends/recommends)
between qemu-system-gui and qemu-system-xen since -xen
replaces full qemu-system-x86 and acts the same way
-- Michael Tokarev <email address hidden> Tue, 31 Aug 2021 02:50:52 +0300
| Superseded in sid-release |
qemu (1:6.1+dfsg-1) unstable; urgency=medium
* new upstream release (6.1.0)
* refresh patches, remove patches which were applied upstream
* remove newly appeared pc-bios/vof.bin in dfsg-clean
* add python3-sphinx-rtd-theme to build-depends
* removed qemu-system-moxie arch
* actually build many qemu modules as modules, and install
them in qemu-system-common.
* make strong versioned dependency between various qemu-system-*
packages, so that modules works correctly.
* drop very old versions from Build-Depends, Depends and Recommends
for packages which long has much more recent versions in debian
* up qemu-block-extra dependecy level from Suggests to Recommends
* d/control: stop suggesting sgabios by qemu-system-x86
* (experimental for now, needs more work) print name of the package
name for a module which can't be loaded, to give a clue what other
package one may need to install for the requested functionality
* fix some spelling mistakes in visible messages (spelling.diff)
* enable jack audio backend (in qemu-system-gui) (Closes: #984726)
* other small/internal changes in packaging:
- removed --disable-sheepdog which were dropped upstream
- install gui modules in d/rules not in d/q-s-gui.install
to be able to use wildcard in d/q-s-common.install
- recommend qemu-block-extra, not suggest it and not depend on it (ubuntu)
for qemu-system-* and qemu-utils
- reformat qemu "deps" for qemu-system-gui, stop listing -xen there
(it can not satisfy -gui), qemu-system-s390x is :ubuntu:-only
- d/control: stop recommending -gui for xen package
(it is of no use for xen)
- d/control: reformat Depends for qemu-block-extra, do not include -xen
version there, mark -x390x as ubuntu-only,
and allow qemu-utils to satisfy the dependency
- do not install docs which does not exist anymore
- stop omiting Changelog from dh_installchangelog: the file is long gone
- d/rules: explicitly state version of skiboot as it is stored
in a git tag only, or else skiboot does not build (hack)
- put (new in 6.1, new in debian) hw-display-virtio-gpu-gl.so
to qemu-system-gui as it pulls in X11
-- Michael Tokarev <email address hidden> Wed, 25 Aug 2021 15:59:26 +0300
| Superseded in sid-release |
qemu (1:6.0+dfsg-4) unstable; urgency=medium * d/rules: fix last ubuntu merge, xen is x86-only, not all-debian -- Michael Tokarev <email address hidden> Tue, 17 Aug 2021 19:04:30 +0300
| Superseded in sid-release |
qemu (1:6.0+dfsg-3) unstable; urgency=medium
[ Michael Tokarev ]
* enable /run/qemu mount on ubuntu only
* usbredir-fix-free-call-CVE-2021-3682.patchi
Closes: #991911, CVE-2021-3682
[ Christian Ehrhardt ]
* ubuntu-only changes:
- d/control-in: Make Ubuntu qemu-utils depend on qemu-block-extra
- d/control-in: Make Ubuntu qemu-system-common depend on qemu-block-extra
- d/control*, d/rules: disable xen by default, but provide universe package
qemu-system-x86-xen as alternative
* d/p/target-s390x-Fix-translation-exception-on-illegal-in.patch:
avoid segfaults by uretprobes (LP 1929926)
-- Michael Tokarev <email address hidden> Tue, 17 Aug 2021 17:49:10 +0300
| Deleted in experimental-release (Reason: None provided.) |
qemu (1:6.0+dfsg-2exp) experimental; urgency=medium
[ Christian Ehrhardt ]
* qemu 6.0 broke libvirt <7.2, add a Breaks
to avoid partial upgrade issues (LP: #1932264)
* enable SDL as secondary UI backend (LP: #1256185)
* clear all (current and former) modules on purge
* only save modules if /run/qemu isn't noexec
* provide run-qemu.mount in qemu-block-extra
(disabled in debian for now)
* Disable capstone disassembler library support in ubuntu (universe)
[ Michael Tokarev ]
* qemu does not ship Changelog file anymore
* drop version from libfuse-dev build-depends (noticed by Ville Skyttä)
* a few patches from upstream stable:
- target-ppc-fix-load-endianness-for-lxvwsx-lxvdsx.patch
fix various crashes in ppc system emulation.
Thanks to Christian Ehrhardt for pointing this out
- pvrdma-fix-possible-mremap-overflow-in-pvrdma-device-CVE-2021-3582.patch
(Closes: #990565, CVE-2021-3582)
- pvrdma-ensure-correct-input-on-ring-init-CVE-2021-3607.patch
(Closes: #990564, CVE-2021-3607)
- pvrdma-fix-the-ring-init-error-flow-CVE-2021-3608.patch
(Closes: #990563, CVE-2021-3608)
- usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch
usb-redir-avoid-dynamic-stack-allocation-CVE-2021-3527.patch
(Closes: #988157, CVE-2021-3527)
* mention closing of 3 bugs in am53c974 (ESP) device emulation by 6.0
(Closes: #979679, CVE-2020-35504)
(Closes: #984455, CVE-2020-35505)
(Closes: #984454, CVE-2020-35506)
* make fuse debian-only, since libfuse3 in ubuntu is in universe
* fix microvm default machine type for a new build system (LP: #1936894)
-- Michael Tokarev <email address hidden> Wed, 21 Jul 2021 19:43:37 +0300
qemu (1:5.2+dfsg-11) unstable; urgency=medium
* i386-acpi-restore-device-paths-for-pre-5.1-vms.patch
This fixes a serious issue in some VMs (in particuar, Windows & MacOS)
when migrating from buster qemu to bullseye qemu.
(Closes: #990675)
* pvrdma-fix-possible-mremap-overflow-in-pvrdma-device-CVE-2021-3582.patch
(Closes: #990565, CVE-2021-3582)
* pvrdma-ensure-correct-input-on-ring-init-CVE-2021-3607.patch
(Closes: #990564, CVE-2021-3607)
* pvrdma-fix-the-ring-init-error-flow-CVE-2021-3608.patch
(Closes: #990563, CVE-2021-3608)
* ide-atapi-check-logical-block-address-and-read-size-CVE-2020-29443.patch
(Closes: #983575, CVE-2020-29443)
* usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch
usb-redir-avoid-dynamic-stack-allocation-CVE-2021-3527.patch
(Closes: #988157, CVE-2021-3527)
-- Michael Tokarev <email address hidden> Sun, 18 Jul 2021 16:14:41 +0300
| Superseded in experimental-release |
qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium
* new upstream release
* remove obsolete patches, refresh use-fixed-data-path.patch
* use libncurses-dev, not old libncursesw5-dev
* enable fuse export (and build-depend on libfuse3-dev)
* install (new) manpages for qemu-storage-daemon
* enable new hexagon qemu-user target
* two patches to fix 3 new spelling mistakes
* remove now-unused shared-library-lacks-prerequisites lintian-overrides
for qemu-user-static
-- Michael Tokarev <email address hidden> Sat, 08 May 2021 10:16:05 +0300
qemu (1:5.2+dfsg-10) unstable; urgency=medium
* 5 sdhci fixes from upstream:
dont-transfer-any-data-when-command-time-out.patch
dont-write-to-SDHC_SYSAD-register-when-transfer-is-in-progress.patch
correctly-set-the-controller-status-for-ADMA.patch
limit-block-size-only-when-SDHC_BLKSIZE-register-is-writable.patch
reset-the-data-pointer-of-s-fifo_buffer-when-a-different-block-size...patch
(Closes: #986795, #970937, CVE-2021-3409, CVE-2020-17380, CVE-2020-25085)
* mptsas-remove-unused-MPTSASState.pending-CVE-2021-3392.patch
fix possible use-after-free in mptsas_free_request
(Cloese: #984449, CVE-2021-3392)
-- Michael Tokarev <email address hidden> Fri, 16 Apr 2021 12:43:36 +0300
| Superseded in sid-release |
qemu (1:5.2+dfsg-9) unstable; urgency=medium
* do not make qemu-system-data dependent on qemu-system-foo
(Closes: #985040)
* CVE-2021-20263 - implement dropping security.capability xattr
This adds two patches from upstream:
virtiofsd-save-error-code-early-at-the-failure-callsite.patch
virtiofsd-drop-remapped-security.capability-..-needed-CVE-2021-20263.patch
Closes: #985083, CVE-2021-20263
* CVE-2021-3416 fix from upstream
Fixes infinite loop in loopback mode of various network devices,
adding 10 patches from upstream
Closes: #984448, CVE-2021-3416
* net-e1000-fail-early-for-evil-descriptor-CVE-2021-20257.patch
Fix CVE-2021-20257 from upstream: e1000: infinite loop while processing
transmit descriptors
Closes: #984450, CVE-2021-20257
-- Michael Tokarev <email address hidden> Wed, 17 Mar 2021 21:02:30 +0300
| Superseded in sid-release |
qemu (1:5.2+dfsg-8) unstable; urgency=medium * a no-change upload to fix broken previous upload -- Michael Tokarev <email address hidden> Sun, 14 Mar 2021 12:21:37 +0300
| Superseded in sid-release |
qemu (1:5.2+dfsg-6) unstable; urgency=medium
* deprecate qemu-debootstrap. It is not needed anymore with
binfmt F flag, since everything now works without --foreign
debootstrap argument and copying the right qemu binary into
the chroot. Closes: #901197
* fix the brown-paper bag bug: wrong argument order
in the linux-user-binfmt patch (really closes: #970460)
-- Michael Tokarev <email address hidden> Tue, 16 Feb 2021 12:11:20 +0300
| Superseded in sid-release |
qemu (1:5.2+dfsg-5) unstable; urgency=medium
* d/rules: ensure b/ subdir exists before building palcode and qboot
* d/changelog: #959530 is not fixed by 5.2+dfsg-4
* 3 virtiofsd patches Closes: #980814, CVE-2020-35517
virtiofsd: potential privileged host device access from guest
- virtiofsd-extract-lo_do_open-from-lo_open.patch
- virtiofsd-optionally-return-inode-pointer-from-lo_do_lookup.patch
- virtiofsd-prevent-opening-of-special-files-CVE-2020-35517.patch
-- Michael Tokarev <email address hidden> Sun, 14 Feb 2021 17:44:06 +0300
| Superseded in sid-release |
qemu (1:5.2+dfsg-3) unstable; urgency=medium [ Christian Ehrhardt ] * d/rules: fix qemu-user-static to really be static (LP: #1908331) [ Michael Tokarev ] * build most modules statically (besides block and gui parts). This makes qemu-system-common package to be of less strict dependency for other qemu-system-* packages, and also Closes: #977301, #978131 * especially remove removed binfmts in qemu-user-{static,binfmt}.preinst (really Closes: #977015) * memory-clamp-cached-translation-MMIO-region-CVE-2020-27821.patch (Closes: #977616, CVE-2020-27821) -- Michael Tokarev <email address hidden> Tue, 29 Dec 2020 15:07:03 +0300
| Superseded in sid-release |
qemu (1:5.2+dfsg-2) unstable; urgency=medium
* move ui-opengl.so module from qemu-system-gui to qemu-system-common,
as other modules want it (Closes: #976996, #977022)
* do not install dropped ppc64abi32 binfmt for qemu-user[-static]
(Closes: #977015)
-- Michael Tokarev <email address hidden> Thu, 10 Dec 2020 11:15:43 +0300
| Superseded in sid-release |
qemu (1:5.2+dfsg-1) unstable; urgency=medium
* new upstream release
Closes: #965978, CVE-2020-15859 (22dc8663d9fc7baa22100544c600b6285a63c7a3)
Closes: #970539, CVE-2020-25084 (21bc31524e8ca487e976f713b878d7338ee00df2)
Closes: #970540, CVE-2020-25085 (dfba99f17feb6d4a129da19d38df1bcd8579d1c3)
Closes: #970541, CVE-2020-25624 (1328fe0c32d5474604105b8105310e944976b058)
Closes: #970542, CVE-2020-25625 (1be90ebecc95b09a2ee5af3f60c412b45a766c4f)
Closes: #974687, CVE-2020-25707 (c2cb511634012344e3d0fe49a037a33b12d8a98a)
Closes: #975276, CVE-2020-25723 (2fdb42d840400d58f2e706ecca82c142b97bcbd6)
Closes: #975265, CVE-2020-27616 (ca1f9cbfdce4d63b10d57de80fef89a89d92a540)
Closes: #973324, CVE-2020-27617 (7564bf7701f00214cdc8a678a9f7df765244def1)
Closes: #972864, CVE-2020-27661 (bea2a9e3e00b275dc40cfa09c760c715b8753e03)
Closes: CVE-2020-27821 (1370d61ae3c9934861d2349349447605202f04e9)
Closes: #976388, CVE-2020-28916 (c2cb511634012344e3d0fe49a037a33b12d8a98a)
* remove obsolete patches
* refresh use-fixed-data-path.patch and debian/get-orig-source.sh
* bump minimum meson version required for build to 0.55.3
* update build rules for several components
* remove deprecated lm32 and unicore32 system emulators
* remove deprecated ppc64abi32 and tilegx linux-user emulators
* install ui-spice-core.so & chardev-spice.so in qemu-system-common
* install ui-egl-headless.so in qemu-system-common
* install hw-display-virtio-*.so in qemu-system-common
* install ui-opengl.so in qemu-system-gui
* install qemu-pr-helper.8 in qemu-system-common
* qemu-pr-helper moved to usr/bin/ again
* qboot.rom renamed from bios-microvm.bin
* remove several unused lintian overrides
* add spelling.diff patch to fix a few spelling errors
* update Standards-Version to 4.5.1
* fix a few trailing whitespaces in d/control and d/changelog
* require libcapstone >= 4.0.2 (v4) for build
-- Michael Tokarev <email address hidden> Wed, 09 Dec 2020 08:57:41 +0300
| Published in buster-release |
qemu (1:3.1+dfsg-8+deb10u8) buster-security; urgency=medium
* mention fixing of CVE-2020-13765 in 3.1+dfsg-8+deb10u6
* xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
ARM-only XGMAC NIC, possible buffer overflow during packet transmission
Closes: CVE-2020-15863
* sm501 OOB read/write due to integer overflow in sm501_2d_operation()
List of patches:
sm501-convert-printf-abort-to-qemu_log_mask.patch
sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
sm501-use-BIT-macro-to-shorten-constant.patch
sm501-clean-up-local-variables-in-sm501_2d_operation.patch
sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
Closes: #961451, CVE-2020-12829
* usb-fix-setup_len-init-CVE-2020-14364.patch
Fix OOB r/w access in USB emulation
Closes: #968947, CVE-2020-14364
* net-assertion-in-net_tx_pkt_add_raw_fragment-CVE-2020-16092.patch
Fix net_tx_pkt_add_raw_fragment assertion in e1000e & vmxnet3
Closes: CVE-2020-16092
-- Michael Tokarev <email address hidden> Fri, 24 Jul 2020 15:00:34 +0300
| Superseded in sid-release |
qemu (1:5.1+dfsg-4) unstable; urgency=high
* mention closing of CVE-2020-16092 by 5.1
* usb-fix-setup_len-init-CVE-2020-14364.patch
Closes: #968947, CVE-2020-14364
(OOB r/w access in USB emulation)
-- Michael Tokarev <email address hidden> Wed, 02 Sep 2020 16:14:52 +0300
| Superseded in sid-release |
qemu (1:5.1+dfsg-3) unstable; urgency=medium
* fix one more issue in last upload. This is what happens when
you do "obvious" stuff in a hurry without proper testing..
-- Michael Tokarev <email address hidden> Mon, 17 Aug 2020 22:19:55 +0300
| Superseded in sid-release |
qemu (1:5.1+dfsg-2) unstable; urgency=medium * fix brown-paper bag bug in last upload -- Michael Tokarev <email address hidden> Mon, 17 Aug 2020 20:58:52 +0300
| Deleted in experimental-release (Reason: None provided.) |
qemu (1:5.1+dfsg-0exp1) experimental; urgency=medium
* new upstream release 5.1.0. Make source DFSG-clean again
Closes: #968088
* remove all patches which are applied upstream
* do not install non-existing doc/qemu/*-ref.*
* qemu-pr-helper is now in /usr/lib/qemu not /usr/bin
* virtfs-proxy-helper is in /usr/lib/qemu now, not /usr/bin
* new architecture: qemu-system-avr
* refresh d/get-orig-source.sh
* d/get-orig-source.sh: report already removed files in dfsg-clean
* install common modules in qemu-system-common
* lintian tag renamed: shared-lib-without-dependency-information to
shared-library-lacks-prerequisites
-- Michael Tokarev <email address hidden> Wed, 12 Aug 2020 19:09:24 +0300
| Superseded in buster-release |
qemu (1:3.1+dfsg-8+deb10u7) buster-security; urgency=medium
* acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
replace acpi-tmr-allow-2-byte-reads.patch with a more complete patch
Closes: #964793
* xhci-fix-valid.max_access_size-to-access-address-registers.patch
This is another issue revealed after the CVE-2020-13754 fix
* slirp-tcp_emu-fix-unsafe-snprintf-usages-CVE-2020-8608.patch
(and a preparational patch, slirp-add-fmt-helpers.patch)
Closes: CVE-2020-8608
-- Michael Tokarev <email address hidden> Wed, 22 Jul 2020 11:21:45 +0300
qemu (1:5.0-14) unstable; urgency=high
* this is a bugfix release before breaking toys with the new upstream
* riscv-allow-64-bit-access-to-SiFive-CLINT.patch
(another fix for revert-memory-accept-..-CVE-2020-13754)
* install /usr/lib/*/qemu/ui-curses.so in qemu-system-common
Closes: #966517
-- Michael Tokarev <email address hidden> Fri, 31 Jul 2020 11:45:25 +0300
qemu (1:5.0-13) unstable; urgency=medium
* seabios-hppa-fno-ipa-sra.patch
fix ftbfs with gcc-10
-- Michael Tokarev <email address hidden> Wed, 22 Jul 2020 22:16:41 +0300
qemu (1:5.0-12) unstable; urgency=medium
* acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
this replace cpi-allow-accessing-acpi-cnt-register-by-byte.patch
and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
* xhci-fix-valid.max_access_size-to-access-address-registers.patch
fix one more incarnation of the breakage after the CVE-2020-13754 fix
* do not install outdated (0.12 and before) Changelog (Closes: #965381)
* xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
ARM-only XGMAC NIC, possible buffer overflow during packet transmission
Closes: CVE-2020-15863
* sm501 OOB read/write due to integer overflow in sm501_2d_operation()
List of patches:
sm501-convert-printf-abort-to-qemu_log_mask.patch
sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
sm501-use-BIT-macro-to-shorten-constant.patch
sm501-clean-up-local-variables-in-sm501_2d_operation.patch
sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
Closes: #961451, CVE-2020-12829
-- Michael Tokarev <email address hidden> Wed, 22 Jul 2020 19:42:29 +0300
qemu (1:5.0-11) unstable; urgency=high
* d/control-in: only enable opengl (libdrm&Co) on linux
* d/control-in: spice: drop versioned deps (even jessie version is enough),
drop libspice-protocol-dev (automatically pulled by libspice-server-dev),
and build on more architectures
* change from debhelper versioned dependency to debhelper-compat (=12)
* acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793)
This is another incarnation of the recent bugfix which actually enabled
memory access constraints, like #964247
Urgency = high due to this issue.
-- Michael Tokarev <email address hidden> Mon, 20 Jul 2020 18:41:17 +0300
| Published in stretch-release |
qemu (1:2.8+dfsg-6+deb9u9) stretch-security; urgency=medium
* slirp possible use-after-free in ip_reass(),
slirp-ip_reass-fix-use-after-free-CVE-CVE-2019-15890.patch
Closes: #939869, CVE-2019-15890
* slirp emulation fixes, Closes: CVE-2020-7039
tcp_emu-fix-OOB-access-CVE-2020-7039.patch
slirp-use-correct-size-while-emulating-commands-CVE-2020-7039.patch
slirp-use-correct-size-while-emulating-IRC-commands-CVE-2020-7039.patch
-- Michael Tokarev <email address hidden> Thu, 30 Jan 2020 23:16:06 +0300
qemu (1:5.0-10) unstable; urgency=medium * fix the wrong $(if) construct for s390x kvm link (FTBFS on s390x) * use the same $(if) construct to simplify #ifdeffery -- Michael Tokarev <email address hidden> Sat, 18 Jul 2020 10:02:41 +0300
qemu (1:5.0-9) unstable; urgency=medium
* move kvm executable/script from qemu-kvm to qemu-system-foo,
make it multi-arch, and remove qemu-kvm package
* remove libcacard leftovers from d/.gitignore
* linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch
(Closes: #965109)
* linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289)
* libudev is linux-specific, do not build-depend on it
on kfreebsd and others
* install virtiofsd in d/rules (!sparc64) instead of
d/qemu-system-common.install (fixes FTBFS on sparc64)
* confirm -static-pie not working today still
* d/control: since qemu-system-data now contains module(s),
it can't be multi-arch. Ditto for qemu-block-extra.
* qemu-system-foo: depend on exact version of qemu-system-data,
due to the latter having modules
* build all modules since there are modules anyway,
no need to hack them in d/rules
* fix spelling in a patch name/subject inlast upload
* d/rules: do not use dh_install and dh_movefiles for individual
pkgs, open-code mkdir+cp/mv, b/c dh_install acts on all files
listed in d/foo.install too, in addition to given on command-line
* remove trailing whitespace from d/changelog
-- Michael Tokarev <email address hidden> Sat, 18 Jul 2020 08:29:38 +0300
qemu (1:5.0-8) unstable; urgency=medium
* d/control: rdma is linux-only, do not enable it on kfreebsd & hurd
* add comment about virtiofsd conditional to d/qemu-system-common.install
Now qemu FTBFS on sparc64 since virtiofsd is not built due to missing
seccomp onn that platform, we should either make virtiofsd conditional
(!sparc64) or fix seccomp on sparc64 and build-depend on it
* openbios-use-source_date_epoch-in-makefile.patch (Closes: #963466)
* seabios-hppa-use-consistant-date-and-remove-hostname.patch (Closes: #963467)
* slof-remove-user-and-host-from-release-version.patch (Closes: #963472)
* slof-ensure-ld-is-called-with-C-locale.patch (Closes: #963470)
* update previous changelog, mention #945997
* reapply CVE-2020-13253 fixed from upstream:
sdcard-simplify-realize-a-bit.patch (preparation for the next patch)
sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253)
sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational)
sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch
Closes: #961297, CVE-2020-13253
-- Michael Tokarev <email address hidden> Fri, 17 Jul 2020 09:12:43 +0300
qemu (1:5.0-7) unstable; urgency=medium
* Revert "d/rules: report config log from the correct subdir - base build"
* Revert "d/rules: report config log from the correct subdir - microvm build"
* acpi-tmr-allow-2-byte-reads.patch (Closes: #964247)
* remove sdcard-dont-switch-to-ReceivingData-if-add...-CVE-2020-13253.patch -
upstream decided to fix it differently (Reopens: #961297, CVE-2020-13253)
* explicitly specify --enable-tools on hppa and do the same trick
with --enable-tcg-interpreter --enable-tools on a few other unnsupported
arches (Closes: #964372)
-- Michael Tokarev <email address hidden> Thu, 16 Jul 2020 18:36:08 +0300
qemu (1:5.0-6) unstable; urgency=medium
[ Christian Ehrhardt ]
* d/control-in: disable pmem on ppc64 as it is currently considered
experimental on that architecture
* d/rules: makefile definitions can't be recursive - sys_systems for s390x
* d/rules: report config log from the correct subdir - base build
* d/rules: report config log from the correct subdir - microvm build
* d/control-in: disable rbd support unavailable on riscv
* fix assert in qemu guest agent that crashes on shutdown (LP: #1878973)
* d/control-in: build-dep libcap is no more needed
* d/rules: update -spice compat (Ubuntu only)
[ Michael Tokarev ]
* save block modules on upgrades (LP: #1847361)
After upgrade a still running qemu of a former version can't load the
new modules e.g. for extended storage support. Qemu 5.0 has the code to
allow defining a path that it will load these modules from.
* ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch
Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger
infinite recursion via a crafted mm_index value during
ati_mm_read or ati_mm_write call.
* revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch
Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu
devices which uses min_access_size and max_access_size Memory API fields.
Also closes: CVE-2020-13791
* exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch
CVE-2020-13659: address_space_map in exec.c can trigger
a NULL pointer dereference related to BounceBuffer
* megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch
Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c
has an OOB read via a crafted reply_queue_head field from a guest OS user
* megasas-use-unsigned-type-for-positive-numeric-fields.patch
fix other possible cases like in CVE-2020-13362 (#961887)
* megasas-fix-possible-out-of-bounds-array-access.patch
Some tracepoints use a guest-controlled value as an index into the
mfi_frame_desc[] array. Thus a malicious guest could cause a very low
impact OOB errors here
* nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch
Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server.
This flaw occurs when an nbd-client sends a spec-compliant request that is
near the boundary of maximum permitted request length. A remote nbd-client
could use this flaw to crash the qemu-nbd server resulting in a DoS.
* es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch
Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not
properly validate the frame count, which allows guest OS users to trigger
an out-of-bounds access during an es1370_write() operation
* sdcard-dont-switch-to-ReceivingData-if-address-is-in...-CVE-2020-13253.patch
CVE-2020-13253: sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated
address, which leads to an out-of-bounds read during sdhci_write()
operations. A guest OS user can crash the QEMU process.
And a preparational patch,
sdcard-update-coding-style-to-make-checkpatch-happy.patch
* a few patches from the stable series:
- fix-tulip-breakage.patch
The tulip network driver in a qemu-system-hppa emulation is broken in
the sense that bigger network packages aren't received any longer and
thus even running e.g. "apt update" inside the VM fails. Fix this.
- 9p-lock-directory-streams-with-a-CoMutex.patch
Prevent deadlocks in 9pfs readdir code
- net-do-not-include-a-newline-in-the-id-of-nic-device.patch
Fix newline accidentally sneaked into id string of a nic
- qemu-nbd-close-inherited-stderr.patch
- virtio-balloon-fix-free-page-hinting-check-on-unreal.patch
- virtio-balloon-fix-free-page-hinting-without-an-iothread.patch
- virtio-balloon-unref-the-iothread-when-unrealizing.patch
[ Aurelien Jarno ]
* Remove myself from maintainers
-- Michael Tokarev <email address hidden> Fri, 03 Jul 2020 18:24:48 +0300
qemu (1:5.0-5) unstable; urgency=medium
* more binfmt-install updates
* CVE-2020-10717 fix from upstream:
virtiofsd-add-rlimit-nofile-NUM-option.patch (preparational) and
virtiofsd-stay-below-fs.file-max-CVE-2020-10717.patch
(Closes: #959746, CVE-2020-10717)
* 2 patches from upstream/stable to fix io_uring fd set buildup:
aio-posix-dont-duplicate-fd-handler-deletion-in-fdmon_io_uring_destroy.patch
aio-posix-disable-fdmon-io_uring-when-GSource-is-used.patch
* upstream stable fix: hostmem-dont-use-mbind-if-host-nodes-is-empty.patch
* upstream stable fix:
net-use-peer-when-purging-queue-in-qemu_flush_or_purge_queue_packets.patch
-- Michael Tokarev <email address hidden> Wed, 13 May 2020 12:57:19 +0300
| Superseded in buster-release |
qemu (1:3.1+dfsg-8+deb10u5) buster-security; urgency=medium
* display-bochs-fix-pcie-support-CVE-2019-15034.patch
Fix possible buffer overflow in BOCHS display PCI config space
Closes: CVE-2019-15034
* vnc-fix-memory-leak-when-vnc-disconnect-CVE-2019-20382.patch
Fix misuse of libz in VNC disconnect, leading to memory leak
Closes: CVE-2019-20382
* scsi-lsi-exit-infinite-loop-while-executing-script-CVE-2019-12068.patch
Fix possible infinite loop in lsi_execute_script (LSI SCSI adapter)
Closes: CVE-2019-12068
* iscsi-fix-heap-buffer-overflow-in-iscsi_aio_ioctl_cb.patch
Fix heap buffer overflow in iSCSI's iscsi_aio_ioctl_cb()
* slirp-fix-use-afte-free-in-ip_reass-CVE-2020-1983.patch
Fix another use-after-free in ip_reass() in SLIRP code
Closes: CVE-2020-1983
-- Michael Tokarev <email address hidden> Tue, 21 Apr 2020 15:26:24 +0300
qemu (1:5.0-4) unstable; urgency=medium * fix binfmt registration (Closes: #959222) * disable PIE for user-static build on x32 too, not only i386 -- Michael Tokarev <email address hidden> Fri, 01 May 2020 13:30:43 +0300
qemu (1:5.0-3) unstable; urgency=medium
* do not explicitly enable -static-pie on non-i386 architectures.
Apparenly only amd64 actually support -static-pie for now, and
it is correctly detected.
-- Michael Tokarev <email address hidden> Thu, 30 Apr 2020 08:05:31 +0300
qemu (1:5.0-2) unstable; urgency=medium
* (temporarily) disable pie on i386 static build
For now -static-pie fails on i386 with the following error message:
/usr/bin/ld: /usr/lib/i386-linux-gnu/libc.a(memset_chk-nonshared.o):
unsupported non-PIC call to IFUNC `memset'
* install qemu-system docs in qemu-system-common, not qemu-system-data,
since docs require ./configure run
-- Michael Tokarev <email address hidden> Wed, 29 Apr 2020 23:41:04 +0300
qemu (1:5.0-1) unstable; urgency=medium
* new upstream release (5.0)
Closes: #958926
Closes: CVE-2020-11869
* refresh patches, remove patches applied upstream
* do not mention openhackware, it is not used anymore
* do not disable bluez (support removed)
* new system arch "rx"
* dont install qemu-doc.* for now,
but install virtiofsd & qemu-storage-daemon
* add shared-lib-without-dependency-information tag
to qemu-user-static.lintian-overrides
* add html docs to qemu-system-data (to /usr/share/doc/qemu-system-common)
* do not install usr/share/doc/qemu/specs & usr/share/doc/qemu/tools
* install qemu-user html docs for qemu-user & qemu-user-static
* build hppa-firmware.img from roms/seabios-hppa
(and Build-Depeds-Indep on gcc-hppa-linux-gnu)
* enable liburing on linux (build-depend on liburing-dev)
* add upstream signing-key.asc (Michael Roth <email address hidden>)
* build opensbi firmware
(for riscv64 only, riscv32 is possible with compiler flags)
* add source-level lintian-overrides for binaries-without-sources
(lintian can't find sources for a few firmware images which are in roms/)
-- Michael Tokarev <email address hidden> Wed, 29 Apr 2020 12:00:12 +0300
qemu (1:4.2-7) unstable; urgency=medium
* qemu-system-gui: Multi-Arch=same, not foreign (Closes: #956763)
* x32 arch is in the same family as i386 & x86_64, omit binfmt registration
* check systemd-detect-virt before running update-binfmt
* gluster is de-facto linux-only, do not build-depend on it on non-linux
* virglrenderer is also essentially linux-specific
* qemu-user-static does not depend on shlibs
* disable parallel building of targets of d/rules
* add lintian overrides (arch-dependent static binaries) for openbios binaries
* separate binary-indep target into install-indep-prep and binary-indep
* split out various components of qemu-system-data into independent
build/install rules and add infrastructure for more components:
x86-optionrom, sgabios, qboot, openbios, skiboot, palcode-clipper,
slof, s390x-fw
* iscsi-fix-heap-buffer-overflow-in-iscsi_aio_ioctl_cb.patch
-- Michael Tokarev <email address hidden> Mon, 20 Apr 2020 18:30:00 +0300
qemu (1:4.2-6) unstable; urgency=medium * d/rules: fix FTBFS (brown-paper-bag bug) in last upload -- Michael Tokarev <email address hidden> Tue, 14 Apr 2020 17:08:45 +0300
qemu (1:4.2-5) unstable; urgency=medium
* no error-out on address-of-packet-member in openbios
* install ui-spice-app.so only if built, spice is optional
* arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch -
Closes: CVE-2020-10702, weak signature generation
in Pointer Authentication support for ARM
* (temporarily) enable seccomp only on architectures where it can be built
(Closes: #956624)
* seccomp has grown up, no need in versioned build-dep
* do not list librados-dev in build-dep as we only use librbd-dev
and the latter depends on the former
* only enable librbd on architectures where it is buildable
-- Michael Tokarev <email address hidden> Tue, 14 Apr 2020 15:47:40 +0300
qemu (1:4.2-4) unstable; urgency=medium
[ Michael Tokarev ]
* d/rules: build minimal configuration for qboot/microvm usage
* set microvm to be the default machine type for microvm case
* install ui-spice-app.so in qemu-system-common
* do not depend on libattr-dev, functions are now in libc6 (Closes: #953910)
* net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch
(Closes: #956145, CVE-2020-11102, tulip nic buffer overflow)
* qemu-system-data: s/highcolor/hicolor/ (Closes: #955741)
* switch binfmt registration to use update-binfmts --[un]import
(Closes: #866756)
* build openbios-ppc & openbios-sparc binaries in qemu-system-data,
and replace corresponding binary packages.
Add gcc-sparc64-linux-gnu, fcode-utils & xsltproc to build-depend-indep
* build and provide/replace qemu-slof too
[ Aurelien Jarno ]
* enable support for riscv64 hosts
-- Michael Tokarev <email address hidden> Tue, 14 Apr 2020 12:44:43 +0300
| Superseded in buster-release |
qemu (1:3.1+dfsg-8+deb10u3) buster-security; urgency=high * Non-maintainer upload by the Security Team. * target/i386: add PSCHANGE_MC_NO feature -- Salvatore Bonaccorso <email address hidden> Mon, 11 Nov 2019 07:29:19 +0100
qemu (1:4.2-3) unstable; urgency=medium
* mention closing of #909743 in previous changelog (Closes: #909743)
* do not link to qemu-skiboot from qemu-system-ppc (Closes: #950431)
* provide+conflict qemu-skiboot from qemu-system-data,
as we are not using this package anymore
-- Michael Tokarev <email address hidden> Sat, 01 Feb 2020 22:10:57 +0300
qemu (1:4.2-2) unstable; urgency=medium
[ Fabrice Bauzac ]
* Fix a typo in the description of the qemu binary package
[ Frédéric Bonnard ]
* Enable powernv emulation with skiboot firmware
[ Michael R. Crusoe ]
* Modernize watch file (Closes: #909743)
[ Christian Ehrhardt ]
* d/control-in: promote qemu-efi/ovmf in Ubuntu
* d/control-in: bump debhelper build-dep for compat 12
* - d/control-in: update VCS links
* - d/control-in: disable bluetooth being deprecated
* d/not-installed: ignore new interop docs and extra icons for now
* do not install elf2dmp until namespaced
* d/control-in: Enable numa support for s390x
* Create qemu-system-s390x package (Ubuntu only for now)
[ Michael Tokarev ]
* stop using inttypes.h in qboot code;
this makes dependency on libc6-dev-i386 to be unnecessary
* qboot-no-jump-tables.diff - use #pragma for one file in qboot
* do not install qemu-edid and qemu-keymap for now
* no need in bluetooth patches as bluetooth is disabled
* scsi-cap-block-count-from-GET-LBA-STATUS-CVE-2020-1711.patch
(Closes: #949731, CVE-2020-1711)
* enable libpmem support on amd64|arm64|ppc64el (Closes: #935327)
-- Michael Tokarev <email address hidden> Fri, 31 Jan 2020 23:51:09 +0300
qemu (1:4.2-1) unstable; urgency=medium
* new upstream release (4.2.0)
* removed patches: v4.1.1.diff, enable-pschange-mc-no.patch
* do not make sgabios.bin executable (lintian)
* add s390-netboot.img lintian overrides for qemu-system-data
* build qboot (bios-microvm.bin)
* build-depend-indep on libc6-dev-i386 for qboot
(includes some system headers)
-- Michael Tokarev <email address hidden> Sat, 14 Dec 2019 14:07:27 +0300
qemu (1:4.1-3) unstable; urgency=medium
* mention #939869 (CVE-2019-15890) in previous changelog entry
* add Provides: sgabios to qemu-data (Closes: #945924)
* fix qemu-debootsrtap (add hppa arch, print correct error message)
thanks to Helge Deller (Closes: #923410)
* enable long binfmt masks again for mips/mips32 (Closes: #829243)
-- Michael Tokarev <email address hidden> Mon, 02 Dec 2019 13:24:58 +0300
qemu (1:4.1-2) unstable; urgency=medium
* build sgabios in build-indep, conflict with sgabios package
* qemu-system-ppc: build and install canyonlands.dtb in addition to bamboo.dtb
* remove duplicated CVE-2018-20123 & CVE-2018-20124 in prev changelog
* move s390 firmware build rules to debian/s390fw.mak, build s390-netboot.img
* imported v4.1.1.diff - upstream stable branch
Closes: CVE-2019-12068
Closes: #945258, #945072
* enable-pschange-mc-no.patch: i386: add PSCHANGE_MC_NO feature
to allow disabling ITLB multihit mitigations in nested hypervisors
Closes: #944623
* build-depend on nettle-dev, enable nettle, and clarify --enable-lzo
* switch to system libslirp, build-depend on libslirp-dev
Closes: CVE-2019-15890
-- Michael Tokarev <email address hidden> Mon, 25 Nov 2019 12:54:05 +0300
| Superseded in buster-release |
qemu (1:3.1+dfsg-8+deb10u2) buster-security; urgency=medium
* slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch
Closes: #933741, CVE-2019-14378 (slirp heap buffer overflow)
* qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch
Closes: #931351, CVE-2019-13164 (qemu-bridge-helper ifname overflow)
* linux-user-sanitize-interp_info-for-mips-only.patch
Closes: #933650 (some mips binaries fails to start)
-- Michael Tokarev <email address hidden> Sat, 24 Aug 2019 15:56:15 +0300
| Superseded in stretch-release |
qemu (1:2.8+dfsg-6+deb9u8) stretch-security; urgency=medium
[ Michal Arbet ]
* Fix improper backport of CVE-2017-9524 fix that caused NBD
connections to hang (Closes: #873012). Thanks to Geoffrey Thomas.
- nbd-fully-initialize-client-in-case-of-failed-negotiation-CVE-2017-9524.patch:
Don't move nbd_set_handlers before nbd_negotiate.
- nbd-fix-regression-on-resiliency-to-port-scan-CVE-2017-9524.patch:
Refresh.
[ Michael Tokarev ]
* slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch
bugfix in user-level networking
Closes: #933741, CVE-2019-14378
* qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch
Closes: #931351, CVE-2019-13164
* integrate fix-md-clear-backport.patch into enable-md-clear.patch
Thanks Moritz Mühlenhoff and Vincent Tondellier
* device_tree-dont-use-load_image-CVE-2018-20815.patch
fix unlikely overflow via saved image file size
Closes: CVE-2018-20815
-- Michael Tokarev <email address hidden> Fri, 09 Aug 2019 13:41:43 +0300
qemu (1:4.1-1) unstable; urgency=medium
* new upstream release v4.1
Closes: #933741, CVE-2019-14378 (slirp buff overflow in packet reassembly)
(use internal slirp copy for now)
Closes: #931351, CVE-2019-13164 (qemu-bridge-helper long IFNAME)
Closes: #922923, CVE-2019-8934 (ppc64 emulator leaks hw identity)
Closes: #916442, CVE-2018-20123 (pvrdma memory leak in device hotplug)
Closes: #922461, CVE-2018-20124 (pvrdma num_sge can exceed MAX_SGE)
Closes: #927924 (new upstream version)
Closes: #897054 (AMD Zen CPU support)
Closes: #935324 (FTBFS due to gluster API change)
Closes: #916442, CVE-2018-20123 (pvrdma: memleak after init error)
Closes: #922461, CVE-2018-20124 (pvrdma: OOB access with large num_sge)
Closes: CVE-2018-20125 (pvrdma: DoS in create_cq_ring|create_qp_rings)
Closes: CVE-2018-20126 (pvrdma: memleaks in create_cq_ring|create_qp_rings)
Closes: CVE-2018-20191 (pvrdma: DoS due to missing read operation impl.)
Closes: CVE-2018-20216 (pvrdma: infinite loop in pvrdma_dev_ring.c)
* remove patches which are applied upstream, refresh remaining patches
(bt-use-size_t-...-CVE-2018-19665.patch hasn't been applied upstream,
bluetooth subsystem is going to be removed, we keep it for now)
* debian/source/options: ignore slirp/ submodule
* use python3 for building, not python
* debian/optionrom.mk: add pvh.bin
* switch from libssh2 to libssh, and enable libssh support in ubuntu
* bump spice version requiriment to 0.12.5
* enable pvrdma
* debian/control-in: remove reference to libsdl
* debian/rules: add new objects for s390-ccw fw
* debian/control: add build dependency on python3-sphinx for docs
* install ui/icons/qemu.svg and qemu.desktop
* debian/rules: remove pc-bios/bamboo.dtb before building it
* install vhost-user-gpu binary and 50-qemu-gpu.json
* debian/rules: remove old maintscript-helper invocations, not needed anymore
* remove +dfsg for now, upload whole upstream source, will trim it later
-- Michael Tokarev <email address hidden> Tue, 27 Aug 2019 12:43:43 +0300
| Superseded in buster-release |
qemu (1:3.1+dfsg-8~deb10u1) buster; urgency=medium * Non-maintainer upload. * Rebuild for buster (Cf. #929607) -- Salvatore Bonaccorso <email address hidden> Fri, 07 Jun 2019 20:42:24 +0200
| Superseded in sid-release |
qemu (1:3.1+dfsg-8) unstable; urgency=high
* sun4u-add-power_mem_read-routine-CVE-2019-5008.patch
fixes a null-pointer dereference in sparc/sun4u emulated hw
Closes: #927439, CVE-2019-5008
* enable-md-no.patch & enable-md-clear.patch
mitigation for MDS (Microarchitectural Data Sampling) issues
Closes: #929067,
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
* qxl-check-release-info-object-CVE-2019-12155.patch
fixes null-pointer deref in qxl cleanup code
Closes: #929353, CVE-2019-12155
* aarch32-exception-return-to-switch-from-hyp-mon.patch
fixes booting U-Boot in UEFI mode on aarch32
Closes: #927763
* stop qemu-system-common pre-depending on adduser
Closes: #929261
-- Michael Tokarev <email address hidden> Mon, 27 May 2019 07:49:25 +0300
qemu (1:3.1+dfsg-7) unstable; urgency=high
[ Michael Tokarev ]
* device_tree-don-t-use-load_image-CVE-2018-20815.patch
fix heap buffer overflow while loading device tree blob
(Closes: CVE-2018-20815)
[ Christian Ehrhardt ]
* qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291)
- d/qemu-guest-agent.install: use correct path for fsfreeze-hook
- d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
mv_conffile since the new path is a directory in the old package
version which can not be handled by mv_conffile.
-- Michael Tokarev <email address hidden> Wed, 27 Mar 2019 14:24:06 +0300
| Superseded in sid-release |
qemu (1:3.1+dfsg-6) unstable; urgency=high
* slirp-check-sscanf-result-when-emulating-ident-CVE-2019-9824.patch
fix information leakage in slirp code (Closes: CVE-2019-9824)
-- Michael Tokarev <email address hidden> Mon, 18 Mar 2019 14:41:51 +0300
qemu (1:3.1+dfsg-5) unstable; urgency=high
* i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes
OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure.
Closes: #922635, CVE-2019-3812
-- Michael Tokarev <email address hidden> Mon, 11 Mar 2019 14:30:44 +0300
| Superseded in stretch-release |
qemu (1:2.8+dfsg-6+deb9u5) stretch-security; urgency=medium * Backport SSBD support (Closes: #908682) * CVE-2018-10839 (Closes: #910431) * CVE-2018-17962 (Closes: #911468) * CVE-2018-17963 (Closes: #911469) -- Moritz Mühlenhoff <email address hidden> Thu, 08 Nov 2018 16:41:45 +0100
qemu (1:3.1+dfsg-4) unstable; urgency=medium
* mention closing of #855043 by 3.1+dfsg-3
* disable pvrdma for now, it is a bit too buggy.
Besides several security holes there are many other bugs there as well,
and the amount of patches applied upstream after 3.1 release is large
(Closes, or really makes unimportant again: CVE-2018-20123 CVE-2018-20124
CVE-2018-20125 CVE-2018-20126 CVE-2018-20191 CVE-2018-20216)
-- Michael Tokarev <email address hidden> Mon, 11 Feb 2019 14:00:09 +0300
| Superseded in sid-release |
qemu (1:3.1+dfsg-3) unstable; urgency=medium
[ Michael Tokarev ]
* mention #696289 closed by 2.10
* move ovmf to recommends on debian and update aarch ovmf refs
(Closes: #889885)
* remove /dev/kvm permission handling (moved to systemd 239-6)
(Closes: #892945)
* build qemu-palcode using alpha cross-compiler
(Closes: #913103)
* fix path in qemu-guest-agent.service (#918378), fixs Bind[s]To
(Closes: #918378
* use int for sparc64 timeval.tv_usec
(Closes: #920032)
* build-depend on libglusterfs-dev not glusterfs-common
(Closes: #919668, #881527)
* add breaks: qemu-system-data to qemu-system-common,
to close #916279 completely (all this can be removed after buster)
(Closes: #916279)
* scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
(Closes: #920222, CVE-2019-6501)
* slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
(Closes: #921525)
* pvrdma-release-device-resources-on-error-CVE-2018-20123.patch
(Closes: #916442, CVE-2018-20123)
* enable rdma and pvrdma, build-depend on
librdmacm-dev, libibverbs-dev, libibumad-dev
* sync debian/qemu-user-static.1 and debian/qemu-user.1 generate the latter
from the former (finally Closes: #901407)
* move ivshmem-server & ivshmem-client from qemu-utils to qemu-system-common
(the binaries are also specific to qemu-system, not useable alone)
* move qemu-pr-helper from qemu-utils to qemu-system-common -
this is an internal qemu-system helper, with possible socket activation,
not intended for use outside of qemu-system
[ Christian Ehrhardt ]
* qemu-guest-agent: freeze-hook to ignore dpkg files (packaging changes)
-- Michael Tokarev <email address hidden> Wed, 06 Feb 2019 12:23:01 +0300
qemu (1:3.1+dfsg-2) unstable; urgency=medium
* d/rules: split arch and indep builds
* enable s390x cross-compiler and build s390-ccw.img (Closes: #684909)
* build x86 optionrom in qemu-system-data (was in seabios/debian/)
* qemu-system-data: Multi-Arch: allowed=>foreign (Closes: #903562)
* fix Replaces: version for qemu-system-common (Closes: #916279)
* add simple udev rules file for systemd guest agent (Closes: #916674)
* usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
Race condition in usb_mtp implementation (Closes: #916397)
* bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665.patch
Memory corruption in bluetooth subsystem (Closes: #916278)
* hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch (Closes: #917007)
* bump debhelper compat to 12 (>>11)
* d/rules: use dh_missing instead of dh_install --list-missing (compat=12)
* use dh_installsystemd for guest agent (Closes: #916625)
* mention closing by 3.1: Closes: #912655, CVE-2018-16847
* mention closing by 2.10:
Closes: #849798, CVE-2016-10028
Closes: CVE-2017-9060
Closes: CVE-2017-8284
-- Michael Tokarev <email address hidden> Fri, 21 Dec 2018 16:51:39 +0300
| Superseded in sid-release |
qemu (1:3.1+dfsg-1) unstable; urgency=medium
* new upstream release (3.1)
* Security bugs fixed by upstream:
Closes: #910431, CVE-2018-10839:
integer overflow leads to buffer overflow issue
Closes: #911468, CVE-2018-17962
pcnet: integer overflow leads to buffer overflow
Closes: #911469, CVE-2018-17963
net: ignore packets with large size
Closes: #908682, CVE-2018-3639
qemu should be able to pass the ssbd cpu flag
Closes: #901017, CVE-2018-11806
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow
via incoming fragmented datagrams
Closes: #902725, CVE-2018-12617
qmp_guest_file_read in qemu-ga has an integer overflow
Closes: #907500, CVE-2018-15746
qemu-seccomp might allow local OS guest users to cause a denial of service
Closes: #915884, CVE-2018-16867
dev-mtp: path traversal in usb_mtp_write_data of the MTP
Closes: #911499, CVE-2018-17958
Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c
because an incorrect integer data type is used
Closes: #911470, CVE-2018-18438
integer overflows because IOReadHandler and its associated functions
use a signed integer data type for a size value
Closes: #912535, CVE-2018-18849
lsi53c895a: OOB msg buffer access leads to DoS
Closes: #914604, CVE-2018-18954
pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1
allows out-of-bounds write or read access to PowerNV memory
Closes: #914599, CVE-2018-19364
Use-after-free due to race condition while updating fid path
Closes: #914727, CVE-2018-19489
9pfs: crash due to race condition in renaming files
* remove patches which were applied upstream
* add new manpage qemu-cpu-models.7
* qemu-system-ppcemb is gone, use qemu-system-ppc[64]
* do-not-link-everything-with-xen.patch (trivial)
* get-orig-source: handle 3.x and 4.x, and remove roms again, as
upstream wants us to use separate source packages for that stuff
* move generated data from qemu-system-data back to qemu-system-common
* d/control: enable spice on arm64 (Closes: #902501)
(probably should enable on all)
* d/control: change git@salsa urls to https
* add qemu-guest-agent.service (Closes: #795486)
* enable opengl support and virglrenderer (Closes: #813658)
* simplify d/rules just a little bit
* build-depend on libudev-dev, for qga
-- Michael Tokarev <email address hidden> Sun, 02 Dec 2018 19:10:27 +0300
| Superseded in stretch-release |
qemu (1:2.8+dfsg-6+deb9u4) stretch-security; urgency=high
* CVE-2017-5715 (spectre/meltdown) fixes for i386 and s390x:
CVE-2017-5715/i386-increase-X86CPUDefinition-model_id-to-49.patch
CVE-2017-5715/i386-add-support-for-SPEC_CTRL-MSR.patch
CVE-2017-5715/i386-add-spec-ctrl-CPUID-bit.patch
CVE-2017-5715/i386-add-FEAT_8000_0008_EBX-CPUID-feature-word.patch
CVE-2017-5715/i386-add-new-IBRS-versions-of-Intel-CPU-models.patch
CVE-2017-5715/s390x-kvm-introduce-branch-prediction-blocking-contr.patch
CVE-2017-5715/s390x-kvm-handle-bpb-feature.patch
Closes: #886532, CVE-2017-5715
* multiboot-bss_end_addr-can-be-zero-CVE-2018-7550.patch
Closes: #892041, CVE-2018-7550
* vga-check-the-validation-of-memory-addr-when-draw-text-CVE-2018-5683.patch
Closes: #887392, CVE-2018-5683
* osdep-fix-ROUND_UP-64-bit-32-bit-CVE-2017-18043.patch
Closes: CVE-2017-18043
* virtio-check-VirtQueue-Vring-object-is-set-CVE-2017-17381.patch
Closes: #883625, CVE-2017-17381
* ps2-check-PS2Queue-pointers-in-post_load-routine-CVE-2017-16845.patch
Closes: #882136, CVE-2017-16845
* cirrus-fix-oob-access-in-mode4and5-write-functions-CVE-2017-15289.patch
Closes: #880832, CVE-2017-15289
* io-monitor-encoutput-buffer-size-from-websocket-GSource-CVE-2017-15268.patch
Closes: #880836, CVE-2017-15268
* nbd-server-CVE-2017-15119-Reject-options-larger-than-32M.patch
Closes: #883399, CVE-2017-15119
* 9pfs-use-g_malloc0-to-allocate-space-for-xattr-CVE-2017-15038.patch
Closes: #877890, CVE-2017-15038
* CVE-2017-15124 (VNC server unbounded memory usage) fixes:
CVE-2017-15124/01-ui-remove-sync-parameter-from-vnc_update_client.patch
CVE-2017-15124/02-ui-remove-unreachable-code-in-vnc_update_client.patch
CVE-2017-15124/03-ui-remove-redundant-indentation-in-vnc_client_update.patch
CVE-2017-15124/04-ui-avoid-pointless-VNC-updates-if-framebuffer-isn-t-.patch
CVE-2017-15124/05-ui-track-how-much-decoded-data-we-consumed-when-doin.patch
CVE-2017-15124/06-ui-introduce-enum-to-track-VNC-client-framebuffer-up.patch
CVE-2017-15124/07-ui-correctly-reset-framebuffer-update-state-after-pr.patch
CVE-2017-15124/08-ui-refactor-code-for-determining-if-an-update-should.patch
CVE-2017-15124/09-ui-fix-VNC-client-throttling-when-audio-capture-is-a.patch
CVE-2017-15124/10-ui-fix-VNC-client-throttling-when-forced-update-is-r.patch
CVE-2017-15124/11-ui-place-a-hard-cap-on-VNC-server-output-buffer-size.patch
CVE-2017-15124/12-ui-add-trace-events-related-to-VNC-client-throttling.patch
CVE-2017-15124/13-ui-mix-misleading-comments-return-types-of-VNC-I-O-h.patch
Closes: #884806, CVE-2017-15124
-- Michael Tokarev <email address hidden> Sat, 26 May 2018 13:06:04 +0300
qemu (1:2.12+dfsg-3) unstable; urgency=medium
* make qemu-system-foo depending
on qemu-system-data >>ver~, not >>ver
(Closes: #900585)
* do not build qemu-system-gui on hppa
* use dh_lintian for lintian overrides
* update VCS fields to point to salsa.debian.org
-- Michael Tokarev <email address hidden> Fri, 01 Jun 2018 21:42:29 +0300
| Superseded in sid-release |
qemu (1:2.12+dfsg-2) unstable; urgency=medium
* create new package, qemu-system-gui,
and package GTK module and audio modules in there
Closes: #850584
* add an item about qemu-system-gui to debian/qemu-system-common.NEWS
* qemu-system-*: require more recent qemu-system-common
* switch all builds to be in a single b/ subdir
* d/get-orig-source: remove .oco (object) files from roms/SLOF/
* refresh patches/use-fixed-data-path.patch: remove now-unused local var too
* ccid-card-passthru-fix-regression-in-realize.patch (Closes: #900006)
* debian/control-in: enable seccomp on linux-any (Closes: #900055)
* create new arch-indep package qemu-system-data, for data and firmware files.
Move common data files from qemu-system-common to it, for now
* fix sata/ahci stalls (ahci-fix-PxCI-register-race.patch)
* tcg-i386-Fix-dup_vec-in-non-AVX2-codepath.patch (Closes: #900372)
-- Michael Tokarev <email address hidden> Thu, 31 May 2018 13:22:55 +0300
| 76 → 150 of 317 results | First • Previous • Next • Last |
