Change log for qemu-kvm package in Ubuntu

175 of 237 results
Published in precise-updates on 2015-06-10
Published in precise-security on 2015-06-10
qemu-kvm (1.0+noroms-0ubuntu14.23) precise-security; urgency=medium

  * SECURITY UPDATE: heap overflow in PCNET controller
    - debian/patches/CVE-2015-3209-pre.patch: fix negative array index read
      in hw/pcnet.c.
    - debian/patches/CVE-2015-3209.patch: check bounds in hw/pcnet.c.
    - CVE-2015-3209
  * SECURITY UPDATE: unsafe /tmp filename use by slirp
    - debian/patches/CVE-2015-4037.patch: use mkdtemp in net/slirp.c.
    - CVE-2015-4037

 -- Marc Deslauriers <email address hidden>  Tue, 09 Jun 2015 10:21:44 -0400
Superseded in precise-updates on 2015-06-10
Superseded in precise-security on 2015-06-10
qemu-kvm (1.0+noroms-0ubuntu14.22) precise-security; urgency=medium

  * SECURITY UPDATE: host code execution via floppy device (VEMON)
    - debian/patches/CVE-2015-3456.patch: force the fifo access to be in
      bounds of the allocated buffer in hw/block/fdc.c.
    - CVE-2015-3456

 -- Marc Deslauriers <email address hidden>  Wed, 13 May 2015 08:19:08 -0400
Superseded in precise-updates on 2015-05-13
Superseded in precise-security on 2015-05-13
qemu-kvm (1.0+noroms-0ubuntu14.21) precise-security; urgency=medium

  * SECURITY UPDATE: code execution via savevm data
    - debian/patches/CVE-2014-7840.patch: validate parameters in
      arch_init.c.
    - CVE-2014-7840
  * SECURITY UPDATE: code execution via cirrus vga blit regions
    (LP: #1400775)
    - debian/patches/CVE-2014-8106.patch: properly validate blit regions in
      hw/cirrus_vga.c.
    - CVE-2014-8106
 -- Marc Deslauriers <email address hidden>   Wed, 10 Dec 2014 16:11:32 -0500
Published in lucid-updates on 2014-12-11
Published in lucid-security on 2014-12-11
qemu-kvm (0.12.3+noroms-0ubuntu9.26) lucid-security; urgency=medium

  * SECURITY UPDATE: code execution via cirrus vga blit regions
    (LP: #1400775)
    - debian/patches/CVE-2014-8106.patch: properly validate blit regions in
      hw/cirrus_vga.c.
    - CVE-2014-8106
 -- Marc Deslauriers <email address hidden>   Wed, 10 Dec 2014 16:18:02 -0500
Superseded in precise-updates on 2014-12-11
Deleted in precise-proposed on 2014-12-13 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.20) precise-proposed; urgency=medium

  * Fix segfault on qemu-img convert with nonexistent source file (LP: #1388036)
 -- Serge Hallyn <email address hidden>   Thu, 20 Nov 2014 10:11:21 -0600
Superseded in lucid-updates on 2014-12-11
Superseded in lucid-security on 2014-12-11
qemu-kvm (0.12.3+noroms-0ubuntu9.25) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service via slirp NULL pointer deref
    - debian/patches/CVE-2014-3640.patch: make sure socket is not just a
      stub in slirp/udp.c.
    - CVE-2014-3640
  * SECURITY UPDATE: possible privilege escalation via vmware-vga driver
    - debian/patches/CVE-2014-3689.patch: verify rectangles in
      hw/vmware_vga.c.
    - CVE-2014-3689
  * SECURITY UPDATE: denial of service via VNC console
    - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in vnc.c.
    - CVE-2014-7815
 -- Marc Deslauriers <email address hidden>   Tue, 11 Nov 2014 15:40:19 -0500
Superseded in precise-updates on 2014-12-01
Superseded in precise-security on 2014-12-11
qemu-kvm (1.0+noroms-0ubuntu14.19) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via slirp NULL pointer deref
    - debian/patches/CVE-2014-3640.patch: make sure socket is not just a
      stub in slirp/udp.c.
    - CVE-2014-3640
  * SECURITY UPDATE: possible privilege escalation via vmware-vga driver
    - debian/patches/CVE-2014-3689.patch: verify rectangles in
      hw/vmware_vga.c.
    - CVE-2014-3689
  * SECURITY UPDATE: denial of service via VNC console
    - debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in
      ui/vnc.c.
    - CVE-2014-7815
 -- Marc Deslauriers <email address hidden>   Tue, 11 Nov 2014 15:28:11 -0500
Superseded in precise-updates on 2014-11-13
Deleted in precise-proposed on 2014-11-14 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.18) precise-proposed; urgency=medium

  * debian/patches/define-qemu-kvm-mt: define a new (default) machine
    type "pc-1.0-precise" which allows incoming migration in newer qemu to
    distinguish qemu-kvm-created machines from qemu-created machines.
    (LP: #1374612)
 -- Serge Hallyn <email address hidden>   Mon, 22 Sep 2014 13:39:03 -0500
Superseded in lucid-updates on 2014-11-13
Superseded in lucid-security on 2014-11-13
Deleted in lucid-proposed on 2014-11-14 (Reason: moved to -updates)
qemu-kvm (0.12.3+noroms-0ubuntu9.24) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0142.patch: validate extent_size header field
      in block/bochs.c, validate s->tracks in block/parallels.c, validate
      block size in block/vpc.c, backport function to qemu-common.h,
      backport DIV_ROUND_UP to osdep.h.
    - CVE-2014-0142
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0143.patch: validate nb_sectors in
      block.c, validate catalog_size header field in block/bochs.c,
      prevent offsets_size integer overflow in block/cloop.c, fix catalog
      size integer overflow in block/parallels.c, validate new_l1_size in
      block/qcow2-cluster.c, use proper size in block/qcow2-refcount.c,
      check L1 snapshot table size in block/qcow2-snapshot.c, check active
      L1 table size in block/qcow2.c, define max size in block/qcow2.h.
    - CVE-2014-0143
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0144.patch: validate block sizes and offsets
      in block/cloop.c, check offset in block/curl.c, validate size in
      block/qcow2-refcount.c, check number of snapshots in
      block/qcow2-snapshot.c, check sizes and offsets in block/qcow2.c,
      move structs to block/qcow2.h, check sizes in block/vdi.c,
      prevent overflows in block/vpc.c.
    - CVE-2014-0144
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0145.patch: check chunk sizes in block/dmg.c,
      use correct size in block/qcow2-snapshot.c.
    - CVE-2014-0145
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0146.patch: calculate offsets properly in
      block/qcow2.c.
    - CVE-2014-0146
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0147.patch: use proper sizes in block/bochs.c.
    - CVE-2014-0147
  * SECURITY UPDATE: multiple buffer overflows on invalid state load
    - debian/patches: added large number of upstream patches pulled from
      git tree.
    - CVE-2013-4148
    - CVE-2013-4151
    - CVE-2013-4530
    - CVE-2013-4531
    - CVE-2013-4533
    - CVE-2013-4534
    - CVE-2013-4537
    - CVE-2013-4538
    - CVE-2013-4539
    - CVE-2013-4540
    - CVE-2013-6399
    - CVE-2014-0182
    - CVE-2014-0222
    - CVE-2014-0223
 -- Marc Deslauriers <email address hidden>   Tue, 12 Aug 2014 14:35:45 -0400
Superseded in precise-updates on 2014-10-21
Superseded in precise-security on 2014-11-13
Deleted in precise-proposed on 2014-11-14 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.17) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0142.patch: validate extent_size header field
      in block/bochs.c, validate s->tracks in block/parallels.c, validate
      block size in block/vpc.c, backport function to qemu-common.h.
    - CVE-2014-0142
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0143.patch: validate nb_sectors in
      block.c, validate catalog_size header field in block/bochs.c,
      prevent offsets_size integer overflow in block/cloop.c, fix catalog
      size integer overflow in block/parallels.c, validate new_l1_size in
      block/qcow2-cluster.c, use proper size in block/qcow2-refcount.c,
      check L1 snapshot table size in block/qcow2-snapshot.c, check active
      L1 table size in block/qcow2.c, define max size in block/qcow2.h.
    - CVE-2014-0143
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0144.patch: validate block sizes and offsets
      in block/cloop.c, check offset in block/curl.c, validate size in
      block/qcow2-refcount.c, check number of snapshots in
      block/qcow2-snapshot.c, check sizes and offsets in block/qcow2.c,
      move structs to block/qcow2.h, check sizes in block/vdi.c,
      prevent overflows in block/vpc.c.
    - CVE-2014-0144
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0145.patch: check chunk sizes in block/dmg.c,
      use correct size in block/qcow2-snapshot.c.
    - CVE-2014-0145
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0146.patch: calculate offsets properly in
      block/qcow2.c.
    - CVE-2014-0146
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0147.patch: use proper sizes in block/bochs.c,
      properly calculate refcounts in block/qcow2-refcount.c, block/qcow2.c.
    - CVE-2014-0147
  * SECURITY UPDATE: multiple buffer overflows on invalid state load
    - debian/patches: added large number of upstream patches pulled from
      git tree.
    - CVE-2013-4148
    - CVE-2013-4151
    - CVE-2013-4527
    - CVE-2013-4529
    - CVE-2013-4530
    - CVE-2013-4531
    - CVE-2013-4532
    - CVE-2013-4533
    - CVE-2013-4534
    - CVE-2013-4535
    - CVE-2013-4536
    - CVE-2013-4537
    - CVE-2013-4538
    - CVE-2013-4539
    - CVE-2013-4540
    - CVE-2013-4541
    - CVE-2013-6399
    - CVE-2014-0182
    - CVE-2014-0222
    - CVE-2014-0223
    - CVE-2014-3461
 -- Marc Deslauriers <email address hidden>   Tue, 12 Aug 2014 13:30:27 -0400
Superseded in precise-updates on 2014-09-08
Deleted in precise-proposed on 2014-09-10 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.15) precise-proposed; urgency=low

  * qemu-kvm.upstart: ignore modprobe errors (LP: #1316812)
 -- Serge Hallyn <email address hidden>   Wed, 07 May 2014 14:06:43 +0000
Superseded in lucid-updates on 2014-09-08
Superseded in lucid-security on 2014-09-08
qemu-kvm (0.12.3+noroms-0ubuntu9.22) lucid-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via MAC address table update
    - debian/patches/CVE-2014-0150.patch: fix overflow in hw/virtio-net.c.
    - CVE-2014-0150
  * SECURITY UPDATE: denial of service and possible code execution via
    smart self test counter
    - debian/patches/CVE-2014-2894.patch: correct self-test count in
      hw/ide/core.c.
    - CVE-2014-2894
 -- Marc Deslauriers <email address hidden>   Fri, 25 Apr 2014 17:41:36 -0400
Superseded in precise-updates on 2014-05-26
Superseded in precise-security on 2014-09-08
qemu-kvm (1.0+noroms-0ubuntu14.14) precise-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via MAC address table update
    - debian/patches/CVE-2014-0150.patch: fix overflow in hw/virtio-net.c.
    - CVE-2014-0150
  * SECURITY UPDATE: denial of service and possible code execution via
    smart self test counter
    - debian/patches/CVE-2014-2894.patch: correct self-test count in
      hw/ide/core.c.
    - CVE-2014-2894
 -- Marc Deslauriers <email address hidden>   Fri, 25 Apr 2014 17:37:13 -0400
Obsolete in quantal-updates on 2015-04-24
Obsolete in quantal-security on 2015-04-24
qemu-kvm (1.2.0+noroms-0ubuntu2.12.10.7) quantal-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via MAC address table update
    - debian/patches/CVE-2014-0150.patch: fix overflow in hw/virtio-net.c.
    - CVE-2014-0150
  * SECURITY UPDATE: denial of service and possible code execution via
    smart self test counter
    - debian/patches/CVE-2014-2894.patch: correct self-test count in
      hw/ide/core.c.
    - CVE-2014-2894
 -- Marc Deslauriers <email address hidden>   Fri, 25 Apr 2014 16:36:17 -0400
Superseded in precise-updates on 2014-04-28
Superseded in precise-security on 2014-04-28
qemu-kvm (1.0+noroms-0ubuntu14.13) precise-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via REPORT LUNS
    - debian/patches/CVE-2013-4344.patch: support more than 256 LUNS in
      hw/scsi-bus.c, hw/scsi.h.
    - CVE-2013-4344
 -- Marc Deslauriers <email address hidden>   Tue, 28 Jan 2014 09:08:09 -0500
Superseded in quantal-updates on 2014-04-28
Superseded in quantal-security on 2014-04-28
qemu-kvm (1.2.0+noroms-0ubuntu2.12.10.6) quantal-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via REPORT LUNS
    - debian/patches/CVE-2013-4344.patch: support more than 256 LUNS in
      hw/scsi-bus.c, hw/scsi.h.
    - CVE-2013-4344
  * SECURITY UPDATE: denial of service in qdisk PV disk backend
    - debian/patches/CVE-2013-4375.patch: mark ioreq as mapped before
      unmapping in error case in hw/xen_disk.c.
    - CVE-2013-4375
 -- Marc Deslauriers <email address hidden>   Tue, 28 Jan 2014 08:31:54 -0500
Superseded in precise-updates on 2014-01-30
Deleted in precise-proposed on 2014-02-01 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.12) precise-proposed; urgency=low

  * migration-do-not-overwrite-zero-pages.patch,
    call-madv-hugepage-for-guest-ram-allocations.patch:
    Fix performance degradation after migrations, and savevm/loadvm.
    (LP: #1100843)
 -- Chris J Arges <email address hidden>   Wed, 02 Oct 2013 16:26:27 -0500
Superseded in quantal-updates on 2014-01-30
Deleted in quantal-proposed on 2014-02-01 (Reason: moved to -updates)
qemu-kvm (1.2.0+noroms-0ubuntu2.12.10.5) quantal-proposed; urgency=low

  * debian/control and qemu-kvm.postinst: remove any g:--- acl on /dev/kvm
    (left over from udev-acl).  (LP: #1057024)
 -- Serge Hallyn <email address hidden>   Wed, 17 Jul 2013 10:23:13 -0500
Superseded in precise-updates on 2013-10-24
Deleted in precise-proposed on 2013-10-25 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.11) precise-proposed; urgency=low

  * debian/control and qemu-kvm.postinst: remove any g:--- acl on /dev/kvm
    (left over from udev-acl).  (LP: #1057024)
 -- Serge Hallyn <email address hidden>   Wed, 17 Jul 2013 10:14:46 -0500
Superseded in precise-updates on 2013-08-27
Deleted in precise-proposed on 2013-08-28 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.10) precise-proposed; urgency=low

  * remove 9004-qcow2-Simplify-count_cow_clusters.patch, which may or may
    not have actually fixed bug 1189926.  Replace ith with:
    9004-qcow2-start-at-0-when-counting-cow-clusters.patch: Fixes corruption
    issues with qcow2. (LP: #1189926)

Superseded in precise-proposed on 2013-07-08
qemu-kvm (1.0+noroms-0ubuntu14.9) precise-proposed; urgency=low

  * 9004-qcow2-Simplify-count_cow_clusters.patch: fixes corruption
    with qcow2. (LP: #1189926)
 -- Chris J Arges <email address hidden>   Wed, 12 Jun 2013 13:19:46 -0500
Superseded in quantal-updates on 2013-08-27
Deleted in quantal-proposed on 2013-08-28 (Reason: moved to -updates)
qemu-kvm (1.2.0+noroms-0ubuntu2.12.10.4) quantal-proposed; urgency=low

  * qemu-kvm.preinst: add kvm group if not present.  (LP: #1103022)
 -- Serge Hallyn <email address hidden>   Fri, 22 Mar 2013 10:14:18 -0500
Superseded in quantal-updates on 2013-05-23
Deleted in quantal-proposed on 2013-05-24 (Reason: moved to -updates)
qemu-kvm (1.2.0+noroms-0ubuntu2.12.10.3) quantal-proposed; urgency=low

  [ Nikolaus Rath ]
  * fix-usb-passthrough.patch: fix problems with accessing some host
    USB devices (Closes: 683983) (LP: #1033727)
 -- Serge Hallyn <email address hidden>   Tue, 29 Jan 2013 22:26:54 -0600
Superseded in precise-updates on 2013-07-16
Deleted in precise-proposed on 2013-07-17 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.8) precise-proposed; urgency=low

  * qemu-utils.links: fix kvm-nbd.8.gz and kvm-img.1.gz symlinks. (LP: #1089402)
  * take 9pfs-remove-noatime-flag-from-ro-open-calls.patch from upstream git
    to make readonly+nonroot 9p mounts succeed.  (LP: #1091430)
 -- Serge Hallyn <email address hidden>   Tue, 29 Jan 2013 22:41:42 -0600
Deleted in raring-proposed on 2013-01-19 (Reason: Replaced by qemu)
qemu-kvm (1.2.0+noroms-0ubuntu8) raring; urgency=low

  * SECURITY UPDATE: guest denial of service and possible code execution
    via e1000 large packets
    - debian/patches/ubuntu/CVE-2012-6075.patch: properly discard oversize
      packets in hw/e1000.c.
    - CVE-2012-6075
 -- Marc Deslauriers <email address hidden>   Wed, 16 Jan 2013 07:48:59 -0500
Superseded in lucid-updates on 2014-04-28
Superseded in lucid-security on 2014-04-28
qemu-kvm (0.12.3+noroms-0ubuntu9.21) lucid-security; urgency=low

  * SECURITY UPDATE: guest denial of service and possible code execution
    via e1000 large packets
    - debian/patches/CVE-2012-6075.patch: properly discard oversize packets
      in hw/e1000.c.
    - CVE-2012-6075
 -- Marc Deslauriers <email address hidden>   Tue, 15 Jan 2013 09:38:06 -0500
Obsolete in oneiric-updates on 2015-04-24
Obsolete in oneiric-security on 2015-04-24
qemu-kvm (0.14.1+noroms-0ubuntu6.6) oneiric-security; urgency=low

  * SECURITY UPDATE: guest denial of service and possible code execution
    via e1000 large packets
    - debian/patches/CVE-2012-6075.patch: properly discard oversize packets
      in hw/e1000.c.
    - CVE-2012-6075
 -- Marc Deslauriers <email address hidden>   Tue, 15 Jan 2013 09:28:46 -0500
Superseded in precise-updates on 2013-03-21
Superseded in precise-security on 2014-01-30
qemu-kvm (1.0+noroms-0ubuntu14.7) precise-security; urgency=low

  * SECURITY UPDATE: guest denial of service and possible code execution
    via e1000 large packets
    - debian/patches/CVE-2012-6075.patch: properly discard oversize packets
      in hw/e1000.c.
    - CVE-2012-6075
 -- Marc Deslauriers <email address hidden>   Tue, 15 Jan 2013 09:27:30 -0500
Superseded in quantal-updates on 2013-03-07
Superseded in quantal-security on 2014-01-30
qemu-kvm (1.2.0+noroms-0ubuntu2.12.10.2) quantal-security; urgency=low

  * SECURITY UPDATE: guest denial of service and possible code execution
    via e1000 large packets
    - debian/patches/CVE-2012-6075.patch: properly discard oversize packets
      in hw/e1000.c.
    - CVE-2012-6075
 -- Marc Deslauriers <email address hidden>   Tue, 15 Jan 2013 09:22:12 -0500
Superseded in precise-updates on 2013-01-16
Deleted in precise-proposed on 2013-01-18 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.6) precise-proposed; urgency=low

  * Fix qemu-kvm.upstart: just don't run in a container.  Otherwise we'll
    still try to load/unload kernel modules.  Also undo the || true after
    sysfs writes.  Since setting those is a part of configuring qemu-kvm
    on the host, failing when they fail makes sense.

Deleted in raring-release on 2013-01-20 (Reason: Obsoleted by the qemu source package)
Deleted in raring-proposed on 2013-01-20 (Reason: moved to release)
qemu-kvm (1.2.0+noroms-0ubuntu7) raring; urgency=low

  * Add a sample /etc/sysctl.d/30-qemu-kvm.conf to aid users in setting
    aside hugepages to back qemu instances.
 -- Serge Hallyn <email address hidden>   Tue, 11 Dec 2012 17:11:47 -0600
Superseded in raring-release on 2012-12-12
Deleted in raring-proposed on 2012-12-13 (Reason: moved to release)
qemu-kvm (1.2.0+noroms-0ubuntu6) raring; urgency=low

  * qemu-kvm.{upstart,default}: support optional mounting of hugetlbfs under
    /run/hugepages/kvm.
 -- Serge Hallyn <email address hidden>   Fri, 30 Nov 2012 09:02:46 -0600
Superseded in precise-proposed on 2013-01-02
qemu-kvm (1.0+noroms-0ubuntu14.5) precise-proposed; urgency=low

  * add udev to qemu-kvm Depends to ensure that postinst succeeds.
    (LP: #1080912)

Superseded in quantal-updates on 2013-01-16
Deleted in quantal-proposed on 2013-01-18 (Reason: moved to -updates)
qemu-kvm (1.2.0+noroms-0ubuntu2.12.10.1) quantal-proposed; urgency=low

  [ Serge Hallyn ]
  * debian/qemu-kvm.postinst: use udevadm trigger to change /dev/kvm perms as
    recommended by Steve Langasek (LP: #1057024)
  * apply debian/patches/nbd-fixes-to-read-only-handling.patch from upstream to
    make read-write mount after read-only mount work.  (LP: #1077838)
  * make qemu-kvm depend on udev (LP: #1080912)

  [ Robert Collins ]
  * Fix upstart job to succeed if ksm settings can't be altered in the same way
    other settings are handled. (LP: #1078530)
 -- Serge Hallyn <email address hidden>   Mon, 19 Nov 2012 09:15:42 -0600
Superseded in raring-release on 2012-11-30
Deleted in raring-proposed on 2012-12-02 (Reason: moved to release)
qemu-kvm (1.2.0+noroms-0ubuntu5) raring; urgency=low

  * add udev to qemu-kvm Depends to ensure that postinst succeeds.
    (LP: #1080912)
 -- Serge Hallyn <email address hidden>   Tue, 20 Nov 2012 09:51:40 -0600
Superseded in precise-proposed on 2012-11-22
qemu-kvm (1.0+noroms-0ubuntu14.4) precise-proposed; urgency=low

  [ Serge Hallyn ]
  * debian/qemu-kvm.postinst: use udevadm trigger to change /dev/kvm perms as
    recommended by Steve Langasek (LP: #1057024)
  * apply debian/patches/nbd-fixes-to-read-only-handling.patch from upstream to
    make read-write mount after read-only mount work.  (LP: #1077838)

  [ Robert Collins ]
  * Fix upstart job to succeed if ksm settings can't be altered in the same way
    other settings are handled. (LP: #1078530)
 -- Serge Hallyn <email address hidden>   Thu, 15 Nov 2012 10:42:37 -0600
Superseded in raring-release on 2012-11-20
Deleted in raring-proposed on 2012-11-21 (Reason: moved to release)
qemu-kvm (1.2.0+noroms-0ubuntu4) raring; urgency=low

  [ Serge Hallyn ]
  * debian/qemu-kvm.postinst: use udevadm trigger to change /dev/kvm perms as
    recommended by Steve Langasek (LP: #1057024)
  * apply debian/patches/nbd-fixes-to-read-only-handling.patch from upstream to
    make read-write mount after read-only mount work.  (LP: #1077838)

  [ Robert Collins ]
  * Fix upstart job to succeed if ksm settings can't be altered in the same way
    other settings are handled. (LP: #1078530)
 -- Serge Hallyn <email address hidden>   Wed, 14 Nov 2012 11:30:14 -0600
Superseded in raring-release on 2012-11-14
Deleted in raring-proposed on 2012-11-20 (Reason: moved to release)
qemu-kvm (1.2.0+noroms-0ubuntu3) raring; urgency=low

  * debian/qemu-kvm.postinst: remove the g::--- acl which udev may have
    inserted. (LP: #1057024)
 -- Serge Hallyn <email address hidden>   Thu, 01 Nov 2012 20:46:57 +0100
Superseded in precise-updates on 2013-01-15
Deleted in precise-proposed on 2013-01-16 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14.3) precise-proposed; urgency=low

  * Fix race condition in virtio code on multicore systems. (LP: #997978)
    - 9001-virtio-add-missing-mb-on-notification.patch
    - 9002-virtio-add-missing-mb-on-enable-notification.patch
    - 9003-virtio-order-index-descriptor-reads.patch
 -- Soren Hansen <email address hidden>   Mon, 03 Sep 2012 10:15:54 +0200
Superseded in lucid-updates on 2013-01-16
Superseded in lucid-security on 2013-01-16
qemu-kvm (0.12.3+noroms-0ubuntu9.20) lucid-security; urgency=low

  * SECURITY UPDATE: privilege escalation via VT100 sequences
    - debian/patches/CVE-2012-3515.patch: check bounds in console.c.
    - CVE-2012-3515
 -- Marc Deslauriers <email address hidden>   Tue, 25 Sep 2012 10:13:40 -0400
Obsolete in natty-updates on 2013-06-04
Obsolete in natty-security on 2013-06-04
qemu-kvm (0.14.0+noroms-0ubuntu4.7) natty-security; urgency=low

  * SECURITY UPDATE: privilege escalation via VT100 sequences
    - debian/patches/CVE-2012-3515.patch: check bounds in console.c.
    - CVE-2012-3515
 -- Marc Deslauriers <email address hidden>   Tue, 25 Sep 2012 10:12:33 -0400
Superseded in oneiric-updates on 2013-01-16
Superseded in oneiric-security on 2013-01-16
qemu-kvm (0.14.1+noroms-0ubuntu6.5) oneiric-security; urgency=low

  * SECURITY UPDATE: privilege escalation via VT100 sequences
    - debian/patches/CVE-2012-3515.patch: check bounds in console.c.
    - CVE-2012-3515
 -- Marc Deslauriers <email address hidden>   Tue, 25 Sep 2012 10:11:19 -0400
Superseded in precise-updates on 2012-10-10
Superseded in precise-security on 2013-01-16
qemu-kvm (1.0+noroms-0ubuntu14.2) precise-security; urgency=low

  * SECURITY UPDATE: privilege escalation via VT100 sequences
    - debian/patches/CVE-2012-3515.patch: check bounds in console.c.
    - CVE-2012-3515
 -- Marc Deslauriers <email address hidden>   Tue, 25 Sep 2012 10:05:23 -0400
Superseded in raring-release on 2012-11-01
Obsolete in quantal-release on 2015-04-24
Deleted in quantal-proposed on 2015-05-01 (Reason: moved to release)
qemu-kvm (1.2.0+noroms-0ubuntu2) quantal-proposed; urgency=low

  * debian/rules: drop building of mpc8544ds from pc-bios (as it's no longer
    there) on powerpc to fix FTBFS.
 -- Serge Hallyn <email address hidden>   Mon, 24 Sep 2012 14:14:27 -0500
Superseded in quantal-release on 2012-09-24
qemu-kvm (1.2.0+noroms-0ubuntu1) quantal; urgency=low

  * merge upstream v1.2.0  (LP: #1052932) (LP: #1040033)
    - debian/rules: remove --enable-kvm-device-assignment - configure switch
      no longer supported
    - remaining patches:
      . 02_use_usr_share_kvm_fixed.patch
      . 04_use_etc_kvm_kvm-ifup.patch
      . disable-hpet-for-tcg.patch
      . use-libexecdir.patch
      . ubuntu/larger_default_ram_size.patch
      . ubuntu/fallback-to-tcg.patch - ported to new code
      . ubuntu/dont-try-to-hotplug-cpu.patch
      . ubuntu/expose_vmx_qemu64cpu.patch
      . ubuntu/fix-vmware-vga-negative-vals
      . ubuntu/99-allow-loading-u-boot-initrd-images.patch
 -- Serge Hallyn <email address hidden>   Wed, 12 Sep 2012 10:46:28 -0500
Superseded in quantal-release on 2012-09-20
qemu-kvm (1.1~rc+dfsg-1ubuntu12) quantal; urgency=low

  * cherrpyick kvm-expose-tsc-deadline-timer-feature-to-guest from upstream
    (LP: #1013060)
 -- Serge Hallyn <email address hidden>   Wed, 12 Sep 2012 09:43:23 -0500
Superseded in quantal-release on 2012-09-13
qemu-kvm (1.1~rc+dfsg-1ubuntu11) quantal; urgency=low

  * Cherrypick three patches from upstream
    - kvm-i8254-fix-conversion-of-in-kernel-to-userspace-state
    - kvm-i8254-cache-kernel-clock-offset-in-KVMPITState
    - kvm-i8254-finish-time-conversion-fix
    to fix time passing too quickly in some guests.  (LP: #1046771)
 -- Serge Hallyn <email address hidden>   Thu, 06 Sep 2012 10:06:41 -0500
Superseded in quantal-release on 2012-09-06
qemu-kvm (1.1~rc+dfsg-1ubuntu10) quantal; urgency=low

  * debian/qemu-kvm.modprobe: set nested=1 at module load.  (LP: #1040230)
  * remove patch ubuntu/define_AT_EMPTY_PATH, the real fix is now in eglibc.
 -- Serge Hallyn <email address hidden>   Thu, 23 Aug 2012 11:10:53 -0500
Superseded in oneiric-updates on 2012-10-02
Superseded in oneiric-security on 2012-10-02
qemu-kvm (0.14.1+noroms-0ubuntu6.4) oneiric-security; urgency=low

  * SECURITY UPDATE: file overwrite via incorrect temp file checking
    - debian/patches/CVE-2012-2652.patch: properly check length and
      failures in block.c, block_int.h, block/vvfat.c.
    - CVE-2012-2652
  * This update not _not_ contain the changes from 0.14.1+noroms-0ubuntu6.3
    that was in oneiric-proposed.
 -- Marc Deslauriers <email address hidden>   Tue, 31 Jul 2012 10:27:20 -0400
Superseded in lucid-updates on 2012-10-02
Superseded in lucid-security on 2012-10-02
qemu-kvm (0.12.3+noroms-0ubuntu9.19) lucid-security; urgency=low

  * SECURITY UPDATE: file overwrite via incorrect temp file checking
    - debian/patches/CVE-2012-2652.patch: properly check length and
      failures in block.c, block_int.h, block/vvfat.c.
    - CVE-2012-2652
 -- Marc Deslauriers <email address hidden>   Tue, 31 Jul 2012 10:39:26 -0400
Superseded in natty-updates on 2012-10-02
Superseded in natty-security on 2012-10-02
qemu-kvm (0.14.0+noroms-0ubuntu4.6) natty-security; urgency=low

  * SECURITY UPDATE: file overwrite via incorrect temp file checking
    - debian/patches/CVE-2012-2652.patch: properly check length and
      failures in block.c, block_int.h, block/vvfat.c.
    - CVE-2012-2652
 -- Marc Deslauriers <email address hidden>   Tue, 31 Jul 2012 10:31:50 -0400
Superseded in precise-updates on 2012-10-02
Superseded in precise-security on 2012-10-02
qemu-kvm (1.0+noroms-0ubuntu14.1) precise-security; urgency=low

  * SECURITY UPDATE: file overwrite via incorrect temp file checking
    - debian/patches/CVE-2012-2652.patch: properly check length and
      failures in block.c, block_int.h, block/vvfat.c.
    - CVE-2012-2652
 -- Marc Deslauriers <email address hidden>   Tue, 31 Jul 2012 10:11:19 -0400
Superseded in quantal-release on 2012-08-23
qemu-kvm (1.1~rc+dfsg-1ubuntu9) quantal; urgency=low

  [ Michael Tokarev ]
  * added two patches from upstream qemu-kvm/stable-1.1 branch:
    qemu-kvm-Add-missing-default-machine-options.patch
    qemu-kvm-virtio-Do-not-register-mask-notifiers-witho.patch
    (Closes: #679788) (LP: #1029201)

  [ Serge Hallyn ]
  * remove ubuntu/CVE-2011-2212-virtqueue-indirect-overflow.patch
    patch, which was actually fixed in qemu 0.15 by
    "virtio: fix indirect descriptor buffer overflow"  (Thanks to
    Michael Tokarev for pointing that out)
 -- Serge Hallyn <email address hidden>   Thu, 26 Jul 2012 10:31:53 -0500
Superseded in quantal-release on 2012-07-26
qemu-kvm (1.1~rc+dfsg-1ubuntu8) quantal; urgency=low

  * debian/qemu-kvm.upstart: don't fail if the kernel modules are not
    found.
 -- Serge Hallyn <email address hidden>   Wed, 11 Jul 2012 17:18:06 -0500
Superseded in precise-updates on 2012-08-02
Deleted in precise-proposed on 2012-08-03 (Reason: moved to -updates)
qemu-kvm (1.0+noroms-0ubuntu14) precise-proposed; urgency=low

  * debian/patches/keep-pid-file-locked.patch: keep pidfile locked for the
    lifetime of the process (LP: #1023159)
 -- Serge Hallyn <email address hidden>   Wed, 11 Jul 2012 16:41:05 -0500
Superseded in quantal-release on 2012-07-11
qemu-kvm (1.1~rc+dfsg-1ubuntu7) quantal; urgency=low

  * ubuntu/99-ppc-increase-usability-of-ppce500-pci.patch: Allows more than
    2 PCI devices on e500 type systems.
  * Enable ppc64-softmmu target on PowerPC as well
 -- Ben Collins <email address hidden>   Thu, 28 Jun 2012 21:50:30 -0400
Superseded in quantal-release on 2012-06-29
qemu-kvm (1.1~rc+dfsg-1ubuntu6) quantal; urgency=low

  * Add libfdt-dev [powerpc] to build-deps
  * Force --enable-fdt for powerpc builds
  * 99-allow-loading-u-boot-initrd-images.patch: Add capability to load
    initrd's in U-Image format.
  * 99-increase-u-boot-gunzip-size.patch: By default, qemu only loads
    U-Images less than or equal to 8 Megs, so increase it to 16 Megs.
 -- Ben Collins <email address hidden>   Thu, 28 Jun 2012 01:09:19 -0400
Superseded in quantal-release on 2012-06-28
qemu-kvm (1.1~rc+dfsg-1ubuntu5) quantal; urgency=low

  * Because PPC is a true KVM target, we should be building for it, rather
    than i386/x86-64 on that architecture. However, this package is still
    trying to build the x86 targets on other non-x86 architectures. I did
    not fix this for aything other than ppc because I don't know if those
    other archs are actually KVM enabled, nor can I properly test the build
    and execution on those archs.
  * Fixup for a proper PPC build:
    - debian/control: Make description less x86-centric
    - debian/rules: Use ppc-softmmu as the target on powerpc
    - debian/rules: Enable blobs for some device tree files to be installed
    - debian/*.links: Move some x86-centric links to rules file and create
      proper links for qemu-system-ppc.
 -- Ben Collins <email address hidden>   Fri, 22 Jun 2012 22:42:15 -0400
Superseded in quantal-release on 2012-06-23
qemu-kvm (1.1~rc+dfsg-1ubuntu4) quantal; urgency=low

  * qemu-kvm.post{inst,rm}: don't invoke-rc.d qemu-kvm
  * debian/rules: remove --noscripts from dh_installinit
 -- Serge Hallyn <email address hidden>   Wed, 20 Jun 2012 19:18:24 -0500
Superseded in quantal-release on 2012-06-21
qemu-kvm (1.1~rc+dfsg-1ubuntu3) quantal; urgency=low

  * debian/rules:
    - fix kvm version in dh_gencontrol line (ours is higher than debian's)
    - define DEB_HOST_ARCH and DEB_HOST_ARCH_CPU
    - fix specification of --disable-kvm for arm and powerpc
    - set --{en,dis}able-kvm-device-assignment next to --{en,dis}able-kvm
    - dont' build pc-bios on non-x86, don't build bamboo on ppc
    - create the vgabios and seabios links (for x86 only)
  * debian/qemu-common.links: don't create vgabios/seabios links here
    (they're only for x86)
  * debian/optional-features: comment out --enable-kvm-device-assignment
  * ubuntu/kvm_Enable_use_of_kvm_irqchip_in_kernel_in_hwlib_code - fix
    powerpc and arm (--disable-kvm) builds.
 -- Serge Hallyn <email address hidden>   Wed, 20 Jun 2012 10:26:40 -0500
Superseded in quantal-release on 2012-06-20
qemu-kvm (1.1~rc+dfsg-1ubuntu2) quantal; urgency=low

  * don't build against usbredir (not in main)
    - debian/optional-features: use --disable-usb-redir
    - debian/control: remove libusbredirhost-dev from build-deps
 -- Serge Hallyn <email address hidden>   Wed, 20 Jun 2012 07:38:11 -0500
Superseded in quantal-release on 2012-06-20
qemu-kvm (1.1~rc+dfsg-1ubuntu1) quantal; urgency=low

  * Merge from debian.  Remaining changes:
    - update maintainer
    - debian/optional-features: disable libiscsi, vde and spice
    - debian/control:
      * remove libiscsi-dev, spice and vde2 depends and build-deps (not in main)
      * remove qemu-keymaps depends (offered by qemu-common, and conflicts with
        binary package in universe from qemu-linaro)
      * remove ipxe-qemu depends for qemu-kvm
      * qemu-kvm: add qemu-common depends, tie qemu-utils depends to same version,
        set architecture any, add Provides: qemu
      * remove qemu-kvm-dbg: dbgsym will end up in ddebs anyway
      * add qemu-utils package, which in debian comes from qemu source package
      * add qemu-common package (doesn't exist in debian, provides shared bits
        used by qemu-linaro)
      * add qemu transitional package, qemu-common, and substitude our own kvm
        transitional package (more architectures)
    - debian/rules:
      * change --audio-drv-list order to make pa the default (see lp #304649)
      * add --enable-docs
      * remove powerpc section (for now)
      * add i386 and linux-user to QEMU_TARGET
      * remove override_dh_strip
      * set confsuffix to /qemu
      * add -fno-var-tracking for arm
      * set --disable-kvm for arches other than amd64, i386
      * install roms, bios', and utils into right package
      * build pc-bios/optionrom
      * install kvm-if{up,down} as /etc/qemu-if*
      * create directory links (/etc/kvm, /usr/share/kvm, /usr/share/qemu-kvm)
      * install qemu-kvm apport hook
      * set DEB_BUILD_HARDENING
      * set options for handling DEB_BUILD_OPTIONS=parallel=N
      * add --no-restart-on-upgrade to dh_installinit args
      * do a make install in override_dh_auto_install
      * remove manual install of kvm binary
    - qemu-kvm.postinst and prerm: remove the /usr/share/kvm/keymaps logic
    - add
      * qemu-kvm.links
      * qemu-utils.dirs, qemu-utils.links
      * qemu-common.install, qemu-common.doc, qemu-common.links, qemu-common.dirs
      * source_qemu-kvm.py (apport hook)
      * qemu-kvm.upstart and qemu-kvm.default
    - debian/kvm-ifup: source qemu-kvm.default and honor its $TAPBR
    - debian/kvm-ifdown: keep old ubuntu version
    - push (refreshed) ubuntu patches:
      * ubuntu/CVE-2011-2212-virtqueue-indirect-overflow.patch
      * ubuntu/define_AT_EMPTY_PATH.patch (until LP: 1010069 is fixed)
      * ubuntu/dont-try-to-hotplug-cpu.patch
      * ubuntu/expose_vmx_qemu64cpu.patch
      * ubuntu/fallback-to-tcg.patch
      * ubuntu/fix-vmware-vga-negative-vals
      * ubuntu/larger_default_ram_size.patch
 -- Serge Hallyn <email address hidden>   Fri, 15 Jun 2012 08:06:23 -0500
Superseded in quantal-release on 2012-06-18
Published in precise-release on 2012-04-12
qemu-kvm (1.0+noroms-0ubuntu13) precise; urgency=low

  * d/rules,d/control: Enable RADOS block device (RBD) (LP: #904834)
 -- Clint Byrum <email address hidden>   Thu, 12 Apr 2012 08:58:11 -0700
Superseded in precise-release on 2012-04-12
qemu-kvm (1.0+noroms-0ubuntu12) precise; urgency=low

  * debian/patches/rbd/: apply 3 patches (recommended by Dreamhost) for
    snapshot and live migration.
 -- Serge Hallyn <email address hidden>   Mon, 09 Apr 2012 17:12:09 -0500
Superseded in precise-release on 2012-04-10
qemu-kvm (1.0+noroms-0ubuntu11) precise; urgency=low

  * debian/patches/disable-hpet-for-tcg.patch: implicitly set -no-hpet
    when using tcg (non-accelerated qemu).  (LP: #975240)
 -- Serge Hallyn <email address hidden>   Mon, 09 Apr 2012 11:06:36 -0500
Superseded in precise-release on 2012-04-09
qemu-kvm (1.0+noroms-0ubuntu10) precise; urgency=low

  * debian/rules: set sysconfdir to /etc (LP: #960359)
 -- Serge Hallyn <email address hidden>   Tue, 20 Mar 2012 22:31:21 -0500
Superseded in precise-release on 2012-03-21
qemu-kvm (1.0+noroms-0ubuntu9) precise; urgency=low

  * debian/patches/multiboot-load-fix.diff: fix bug when loading
    multiboot images such as grub via -kernel parameter (LP: #957622)
 -- Scott Moser <email address hidden>   Sun, 18 Mar 2012 19:34:28 -0400
Superseded in precise-release on 2012-03-20
qemu-kvm (1.0+noroms-0ubuntu8) precise; urgency=low

  * debian/patches/slirp-*: fix bad exit with -11 when connecting to a port
    redirect before the service starts listening.  (LP: #932539)
 -- Serge Hallyn <email address hidden>   Fri, 16 Mar 2012 16:34:05 -0500
Deleted in oneiric-proposed on 2012-08-03 (Reason: moved to -updates)
qemu-kvm (0.14.1+noroms-0ubuntu6.3) oneiric-proposed; urgency=low

  * debian/patches/fix-vmware-vga-negative-vals - if x or y < 0, set them to 0
    (and decrement width/height accordingly)  (LP: #918791)
 -- Serge Hallyn <email address hidden>   Thu, 15 Mar 2012 21:18:48 -0500
Superseded in precise-release on 2012-03-16
qemu-kvm (1.0+noroms-0ubuntu7) precise; urgency=low

  [ Dave Walker ]
  * debian/patches/expose_vmx_qemu64cpu.patch: Expose VMX cpuid feature to the
    default "qemu64" CPU type, supporting Intel compatible VMX nested
    virtualization.

  [ Serge Hallyn ]
  * debian/patches/fix-vmware-vga-negative-vals - if x or y < 0, set them to 0
    (and decrement width/height accordingly)  (LP: #918791)
 -- Serge Hallyn <email address hidden>   Wed, 14 Mar 2012 14:52:44 -0500
Superseded in precise-release on 2012-03-14
qemu-kvm (1.0+noroms-0ubuntu6) precise; urgency=low

  [ Stefan Weil ]
  * debian/patches/block_vd_zero_unused_parts: Zero unused parts when
    allocating a new block (LP: #919242)
 -- Serge Hallyn <email address hidden>   Mon, 20 Feb 2012 13:33:05 -0600
Superseded in precise-release on 2012-02-20
qemu-kvm (1.0+noroms-0ubuntu5) precise; urgency=low

  * define_AT_EMPTY_PATH.patch: Make sure AT_EMPTY_PATH is defined.
   (LP: #930181)
  * Be smarter about what bridge to attach a TAP device to (LP: #475327):
    - qemu-ifup-choosebridge.patch: Don't use the default nic as a
      bridge, if it isn't a bridge.
    - debian/qemu-ifdown: use same logic as qemu-ifup to determine
      the bridge
    - debian/qemu-kvm.default: add commented TAPBR option
 -- Serge Hallyn <email address hidden>   Wed, 15 Feb 2012 15:47:57 -0600
Superseded in lucid-updates on 2012-08-02
Deleted in lucid-proposed on 2012-08-03 (Reason: moved to -updates)
qemu-kvm (0.12.3+noroms-0ubuntu9.18) lucid-proposed; urgency=low

  [ Michael Tokarev ]
  * QEMUFileBuffered:-indicate-that-were-ready-when-the-underlying-file-is-ready.diff
   (patch from upstream to speed up migration dramatically)
   (closes: #597517) (LP: #524447)

  [ Serge Hallyn ]
  * debian/control: make qemu-common replace qemu (<< 0.12.3+noroms-0ubuntu9.17)
    (LP: #592010)
 -- Serge Hallyn <email address hidden>   Mon, 13 Feb 2012 11:24:18 -0600
Superseded in precise-release on 2012-02-15
qemu-kvm (1.0+noroms-0ubuntu4) precise; urgency=low

  * SECURITY UPDATE: fix heap overflow in e1000 driver with crafted legacy
    mode packets
    - debian/patches/CVE-2012-0029.patch: check for overflow whenever issuing
      PCI dma reads
    - CVE-2012-0029
 -- Jamie Strandboge <email address hidden>   Mon, 23 Jan 2012 09:09:23 -0600
Superseded in precise-release on 2012-01-23
qemu-kvm (1.0+noroms-0ubuntu3) precise; urgency=low

  * qemu-kvm.default and qemu-kvm.upstart: Enable nested kvm for intel cpus
    by default.
 -- Serge Hallyn <email address hidden>   Thu, 19 Jan 2012 10:44:28 -0600
175 of 237 results