Changelog
qemu (1:7.2+dfsg-7+deb12u2) bookworm; urgency=medium
* d/rules: add the forgotten --enable-virtfs for the xen build.
This makes 9pfs virtual filesystem available for xen hvm domUs.
This adds no new runtime dependencies. Closes: #1049925.
* update to upstream 7.2.5 stable/bugfix release, v7.2.5.diff,
https://gitlab.com/qemu-project/qemu/-/commits/v7.2.5 :
- hw/ide/piix: properly initialize the BMIBA register
- ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
- qemu-nbd: pass structure into nbd_client_thread instead of plain char*
- qemu-nbd: fix regression with qemu-nbd --fork run over ssh
- qemu-nbd: regression with arguments passing into nbd_client_thread()
- target/s390x: Make CKSM raise an exception if R2 is odd
- target/s390x: Fix CLM with M3=0
- target/s390x: Fix CONVERT TO LOGICAL/FIXED with out-of-range inputs
- target/s390x: Fix ICM with M3=0
- target/s390x: Make MC raise specification exception when class >= 16
- target/s390x: Fix assertion failure in VFMIN/VFMAX with type 13
- target/loongarch: Fix the CSRRD CPUID instruction on big endian hosts
- virtio-pci: add handling of PCI ATS and Device-TLB enable/disable
- vhost: register and change IOMMU flag depending on Device-TLB state
- virtio-net: pass Device-TLB enable/disable events to vhost
- hw/arm/smmu: Handle big-endian hosts correctly
- target/arm: Avoid writing to constant TCGv in trans_CSEL()
- target/ppc: Disable goto_tb with architectural singlestep
- linux-user/armeb: Fix __kernel_cmpxchg() for armeb
- qga/win32: Use rundll for VSS installation
- thread-pool: signal "request_cond" while locked
- xen-block: Avoid leaks on new error path
- io: remove io watch if TLS channel is closed during handshake
- target/nios2: Pass semihosting arg to exit
- target/nios2: Fix semihost lseek offset computation
- target/m68k: Fix semihost lseek offset computation
- hw/virtio-iommu: Fix potential OOB access in virtio_iommu_handle_command()
- virtio-crypto: verify src&dst buffer length for sym request
- target/hppa: Move iaoq registers and thus reduce generated code size
- pci: do not respond config requests after PCI device eject
- hw/i386/intel_iommu: Fix trivial endianness problems
- hw/i386/intel_iommu: Fix endianness problems related to VTD_IR_TableEntry
- hw/i386/intel_iommu: Fix struct VTDInvDescIEC on big endian hosts
- hw/i386/intel_iommu: Fix index calculation in vtd_interrupt_remap_msi()
- hw/i386/x86-iommu: Fix endianness issue in x86_iommu_irq_to_msi_message()
- include/hw/i386/x86-iommu: Fix struct X86IOMMU_MSIMessage for big endian hosts
- vfio/pci: Disable INTx in vfio_realize error path
- vdpa: Fix possible use-after-free for VirtQueueElement
- vdpa: Return -EIO if device ack is VIRTIO_NET_ERR in _load_mac()
- vdpa: Return -EIO if device ack is VIRTIO_NET_ERR in _load_mq()
- target/ppc: Implement ASDR register for ISA v3.0 for HPT
- target/ppc: Fix pending HDEC when entering PM state
- target/ppc: Fix VRMA page size for ISA v3.0
- target/i386: Check CR0.TS before enter_mmx
- Update version for 7.2.5 release
Closes: CVE-2023-3255, CVE-2023-3354, CVE-2023-3180
-- Michael Tokarev <email address hidden> Thu, 17 Aug 2023 12:33:57 +0300