Format: 1.8 Date: Sat, 17 Feb 2024 10:39:12 -0500 Source: qemu Built-For-Profiles: noudeb Architecture: source Version: 1:8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1 Distribution: mantic Urgency: medium Maintainer: Ubuntu Developers Changed-By: Justin Geibel Closes: 984451 1013952 1041102 1041471 1046056 1049925 1050140 1050142 1051899 1053101 1053172 1055221 1059211 1060087 1060749 Launchpad-Bugs-Fixed: 2003673 2039700 2044425 2045063 2045592 2045594 2048776 2048802 2049703 2051883 Changes: qemu (1:8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1) mantic; urgency=medium . * No-change backport to mantic. . qemu (1:8.2.1+ds-1ubuntu1) noble; urgency=medium . * Merge with Debian unstable (LP: #2051883, #2049703). Remaining changes: - qemu-kvm to systemd unit - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, hugepages and architecture specifics - d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-init - d/qemu-system-common.install: install helper script - d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm - Distribution specific machine type (LP 1304107 1621042 1776189 1761372 1761372 1776189) - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types containing release versioned machine attributes - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type - Enable nesting by default - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default in qemu64 on amd [ No more strictly needed, but required for backward compatibility ] - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types reference 256k path - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to handle incoming migrations from former releases. - Ease the use of module retention on upgrades (LP 1913421) - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS with LTO - d/rules: Enable/disable extra features on microvm variant. (LP #2045594) - Move glusterfs storage driver to Universe in a new package (LP #2045063): + d/control{,-in}: new package qemu-block-supplemental for drivers we want in Universe + d/rules: we only want block-gluster.so in the new qemu-block-supplemental package. Adjust dynamically-created maintainer scripts for qemu-block-extra and -supplemental. . qemu (1:8.2.1+ds-1) unstable; urgency=medium . * new upstream stable/bugfix release * remove all upstream-applied patches * d/patches/note-missing-module-pkg-name.diff: fixup * replace fix for CVE-2023-6683 (A different fix from upstream) * remove the mistakenly-added temp file in d/qemu-block-extra/ * d/.gitignore: refresh . qemu (1:8.2.0+ds-5) unstable; urgency=medium . * d/rules, d/run-qemu.mount: use dh_installsystemd to install run-qemu.mount (Closes: #1060087) * update hppa and seabios-hppa patch series * ui-clipboard-avoid-crash-upon-request-when-clipboard-CVE-2023-6683.patch (Closes: #1060749, CVE-2023-6683) * +target-s390x-Fix-LAE-setting-a-wrong-access-register.patch * +tcg-s390x-Fix-encoding-of-VRIc-VRSa-VRSc-insns.patch fix chacha20 issue on s390x * update hw-vfio-fix-iteration-over-global-VFIODevice-list.patch . qemu (1:8.2.0+ds-4ubuntu2) noble; urgency=medium . * Move glusterfs storage driver to Universe in a new package (LP: #2045063): - d/control{,-in}: new package qemu-block-supplemental for drivers we want in Universe - d/rules: we only want block-gluster.so in the new qemu-block-supplemental package. Adjust dynamically-created maintainer scripts for qemu-block-extra and -supplemental. . qemu (1:8.2.0+ds-4ubuntu1) noble; urgency=medium . * Merge with Debian unstable (LP: #2048802, #2048776). Remaining changes: - qemu-kvm to systemd unit - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, hugepages and architecture specifics - d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-init - d/qemu-system-common.install: install helper script - d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm - Distribution specific machine type (LP 1304107 1621042 1776189 1761372 1761372 1776189) - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types containing release versioned machine attributes - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type - Enable nesting by default - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default in qemu64 on amd [ No more strictly needed, but required for backward compatibility ] - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types reference 256k path - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to handle incoming migrations from former releases. - Ease the use of module retention on upgrades (LP 1913421) - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS with LTO * Drop changes: - d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto hardware to Secure Execution guests. (LP #2003673) [ Incorporated by upstream on version 8.2.0. ] * Add changes: - d/rules: Enable/disable extra features on microvm variant. (LP: #2045594) . qemu (1:8.2.0+ds-4) unstable; urgency=medium . * d/rules: fix "tail -20" usage * note-missing-module-pkg-name.diff: update, to be much more accurate No more sporadic warnings about missing audio backends etc * d/control: clarify qemu-system-gui and qemu-system-modules-* package descriptions a little bit (#1059457) * more fixups from the ML targetting stable: + hw-net-cadence_gem-fix-MDIO_OP_xxx-values.patch + tcg-ppc-use-new-registers-for-LQ-destination.patch + target-riscv-fix-mcycle-minstret-increment-behavior.patch * a bunch of hppa and seabios-hppa fixes targetting -stable for https://gitlab.com/qemu-project/qemu/-/issues/2044 . qemu (1:8.2.0+ds-3) unstable; urgency=medium . * +virtio-net-correctly-copy-vnet-header-when-flushing-TX-CVE-2023-6693.patch Fix CVE-2023-6693 (virtio-net: stack buffer overflow in virtio_net_flush_tx) * +target-i386-the-sgx_epc_get_section-stub-is-reachable.patch * +target-xtensa-fix-OOB-TLB-entry-access.patch * d/rules: print last 20 lines of config.log & meson.log if ./configure fails . qemu (1:8.2.0+ds-2) unstable; urgency=medium . * include-ui-rect.h-fix-qemu_rect_init-mis-assignment.patch fixes virtio-gpu redraw issue (Closes: #1059211) * hw-vfio-fix-iteration-over-global-VFIODevice-list.patch fixes reboot issue with virtio-gpu * target-i386-do-not-re-compute-new-pc-with-CF_PCREL.patch fixes 4M edk2 stall in i386 tcg mode * block-fix-crash-when-loading-snapshot-on-inactive-no.patch fix possible assertion failure when loading snapshot . qemu (1:8.2.0+ds-1) unstable; urgency=medium . * new upstream release 8.2.0 Closes: #1013952 * d/rules: re-enable building static-pie binaries (the default) for qemu-user-static again (formally Closes: #1053101, LP:#1908331) * d/rules: add --disable-pie for static build on i386 due to #1056739 * d/control: qemu-system-x86 depends on seabios >>1.16.3-1 due to ahci fix * d/qemu-user-static.lintian-overrides: +shared-library-lacks-prerequisites for static-pie executables * d/rules: omit qemu-user-static package from dh_shlibdeps run since dpkg-shlibdeps complains about static-pie binaries * d/rules: fix bugzilla.redhat.com url (migrated to issues.redhat.com) * d/patches: remove patches applied upstream * d/patches, d/rules: use --disable-relocatable instead of a patch * d/patches: refresh disable-xen-on-x32.patch * d/control: --enable-pixman (which is optional now) * d/rules: vnc needs pixman too (for xen and microvm builds) * d/copyright: stop excluding subprojects/dtc (not included anymore) * d/source/lintian-overrides: +source-is-missing for vdso.so files . qemu (1:8.1.3+ds-1ubuntu2) noble; urgency=medium . * d/p/u/define-ubuntu-machine-types.patch: Remove -hpb Noble machine types, as they are not needed by OpenStack anymore. (LP: #2045592) . qemu (1:8.1.3+ds-1ubuntu1) noble; urgency=medium . * Merge with Debian unstable (LP: #2044425, #2039700). Remaining changes: - qemu-kvm to systemd unit - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, hugepages and architecture specifics - d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-init - d/qemu-system-common.install: install helper script - d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm - Distribution specific machine type (LP 1304107 1621042 1776189 1761372 1761372 1776189) - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types containing release versioned machine attributes - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type - Enable nesting by default - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default in qemu64 on amd [ No more strictly needed, but required for backward compatibility ] - tolerate ipxe size change on migrations to >=18.04 (LP 1713490) - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types reference 256k path - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to handle incoming migrations from former releases. - Ease the use of module retention on upgrades (LP 1913421) - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664) + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS with LTO - d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto hardware to Secure Execution guests. (LP #2003673) * Drop changes: - d/rules: Incorporate the following changes from Debian unstable, in order to fix the FTBFS caused by -fcf-protection: + d/rules: move icons install rules to install-misc section + d/rules: stop running whole thing with dh, take back *-indep sequence + d/rules: implement arch-dependent install/build targets without dh too [ Fixed in Debian. ] - d/rules: Get rid of binary-helper target; explicitly invoke its commands under binary-{arch,indep}. This makes the build succeed again in Ubuntu, where binary-helper wasn't being properly invoked. [ Fixed in Debian. ] - d/p/u/lp2003673-update-linux-headers-6.3rc5.patch, d/p/u/lp2003673-update-linux-headers-6.5rc1.patch, d/p/u/lp2003673-s390x-fix-missing-subsystem-reset-registration.patch: Drop some of the patches to Enable passthrough of IBM Z crypto hardware to Secure Execution guests. (LP #2003673) [ Applied upstream. ] . qemu (1:8.1.3+ds-1) unstable; urgency=medium . * new upstream stable/bugfix release * remove patches applied upstream: - linux-user-Fixes-for-zero_bss.patch - target-mips-Fix-MSA-BZ-BNZ-opcodes-displacement.patch - hw-ide-reset-cancel-async-DMA-operation-before-reset.patch * d/control, d/qemu-system-gui.install: enable pipewire audio support (Closes: #1055221) . qemu (1:8.1.2+ds-1) unstable; urgency=medium . * upstream 8.1.2 stable/bugfix release * remove all stable-staging/ patches and two more (all included into 8.1.2) * d/rules: microvm build: do not explicitly enable avx2 . qemu (1:8.1.1+ds-2) unstable; urgency=medium . * d/rules: fix binary target to produce both arch and indep binaries instead of omitting indep one(s) * d/patches: sync with current staging-8.1 branch, many new fixes * additional fixes: +hw-ide-ahci-fix-legacy-software-reset.patch +target-mips-Fix-MSA-BZ-BNZ-opcodes-displacement.patch +hw-ide-reset-cancel-async-DMA-operation-before-reset.patch . qemu (1:8.1.1+ds-1) unstable; urgency=medium . * new upstream stable/bugfix release * remove all stable-staging/ patches, keep softmmu-Use-async_run_on_cpu-in-tcg_commit.patch * vfio-display-fix-missing-update-to-set-backing-field.patch * scsi-disk-disallow-small-block-sizes-CVE-2023-42467.patch (Closes: #1051899, CVE-2023-42467) * migration-qmp-Fix-crash-on-setting-tls-authz-with-nu.patch * d/patches/move-vl-opts/ - stop linking everything with async-teardown.c, un-FTBFS on ia64 * d/control: minor: remove old todo comments * d/control: disable rbd (ceph) on 32bit platforms (Closes: #1053172) * d/control: enable rbd on riscv64 once it's built there * d/copyright: also remove subprojects/dtc . qemu (1:8.1.0+ds-6) unstable; urgency=medium . * re-enable softmmu-Use-async_run_on_cpu-in-tcg_commit.patch * add https://www.mail-archive.com/qemu-devel@nongnu.org/msg989073.html fixing https://gitlab.com/qemu-project/qemu/-/issues/1866 * d/rules: reorder some definitions to evaluate in proper order . qemu (1:8.1.0+ds-5) unstable; urgency=medium . * disable softmmu-Use-async_run_on_cpu-in-tcg_commit.patch The change in softmmu-Use-async_run_on_cpu-in-tcg_commit.patch which is a fix for https://gitlab.com/qemu-project/qemu/-/issues/1864 (x86 VM with TCG and SMP fails to start on 8.1.0) introduces https://gitlab.com/qemu-project/qemu/-/issues/1866 * more patches from stable-staging * re-introduce qemu-debootstrap for now until all users of it will be converted to regular debootstrap . qemu (1:8.1.0+ds-4) unstable; urgency=medium . * d/changelog: fix spelling * +linux-user-Fixes-for-zero_bss.patch: fix linux-user zero_bss bug * many small changes for d/rules * d/rules: split out qemu-user build out out of main qemu build When both system and linux-user builds are enabled, linux-user build is getting features only relevant for system (softmmu) configuration, like linking with liburing, libnuma and other softmmu-only stuff. So build it separately. This not only makes qemu-user smaller and neater, but it also makes Built-Using field for qemu-user-static (which is generated from Depends field of qemu-user) accurate. * d/qemu-user[-static].docs: use unprocessed .rst doc instead of html * d/rules: check for nocheck in DEB_BUILD_PROFILES too, not only DEB_BUILD_OPTIONS * d/rules, d/control: disable build-time test due to apparent dak bug . qemu (1:8.1.0+ds-3) unstable; urgency=medium . * d/control: split out most of Build-Depends to Build-Depends-Arch, in order to break B-D loop on qemu-system-data (it is only needed for -Arch) and to reduce arch-all build time. Only very few things left in common Build-Depends. * Removing most things from B-D discovered that skiboot includes openssl header(s) (!), so add libssl-dev to Build-Depends-Indep. * d/control,d/rules: introduce build profiles to omit building some packages (mostly debugging aid, to reduce test build run time). * d/rules: use ninja directly for various qemu builds (non-verbose build now shows errors/warnings nicely) * d/control: Rules-Requires-Root: "binary-targets", not "no", - this enables building as non-root, finally * d/rules: add forgotten -p for mkdir b/user-static * d/not-installed: list 2 files from user/ manual (which is built even on unsupported architectures) . qemu (1:8.1.0+ds-2) unstable; urgency=medium . * d/control: fix descriptions of qemu-system-gui and qemu-system-modules-spice packages * update lintian-overrides * d/rules: enable verbose (-v) build for qboot * d/rules: move lto control to where it actually works * d/rules: remove usage of "standard dh sequencer". It has multiple issues. To name a few: - it exports CFLAGS &Co which breaks badly when trying to compile bios/firmware code (fixes FTBFS with new -fcf-protection) - it performs multiple recursive calls to d/rules which is slow when make variables are set using $(shell), - annoying when debugging - it hides actual actions being done at install/binary stages - it is confusing in override_dh_foo{,-indep,-arch} - it does just too much unknown magic, - just give the control back. . qemu (1:8.1.0+ds-1) unstable; urgency=medium . * d/changelog: mention closing of #984451, CVE-2021-20255 by 8.1 * d/changelog: mention closing of #1041471 by 8.1 * d/patches: add patches currenly staged for 8.1.1 * d/gbp.conf: switch from experimental to master * upload to unstable . qemu (1:8.1.0+ds-1~exp2) experimental; urgency=medium . * qemu-system-modules-spice & qemu-system-modules-opengl packages, containing optional spice and opengl modules from qemu-system-common. Both are recommended by all qemu-system-* but can be removed if not used, to reduce list of dependencies. . qemu (1:8.1.0+ds-1~exp1) experimental; urgency=medium . * new upstream release Closes: #1041102, CVE-2023-3019 (NIC DMA reentrancy issue, problem class) Closes: CVE-2021-3750 (DMA MMIO reentrancy issue, problem class) Closes: #984451, CVE-2021-20255 (DMA reentrancy issue) Closes: #1041471 (qemu-user armel commpage mapping bug) * d/watch: change repack suffix to +ds * d/patches: remove patches applied upstream * disable-xen-on-x32.patch: refresh * d/copyright: stop stripping dtc/ and meson/, removed upstream * d/rules: replace --with-git-submodules=ignore with --disable-download * d/control: build-depend on python3-venv * d/control: bump minimum meson version to 0.63.0 * d/control: build-depend on seabios & qemu-system-data for the testsuite. qemu testsuite runs qemu-system binaries which require firmware even for simple tests * d/rules: run `make check-block' after the main build, as a minimal test for now * qemu-img-omit-errno-value-in-error-message.patch fixes check-block tests on mips* where errno values are different from other architectures. * late fix for 8.1 linux-user-Adjust-brk-for-load_bias.patch . qemu (1:8.0.4+dfsg-3) unstable; urgency=medium . * d/rules: export PYTHONDONTWRITEBYTECODE=1 to stop generating .pyc files (Closes: #1046056) * d/control: list more CPU types emulated by qemu in package descriptions * d/control: refine qemu-system-gui package description * d/rules: remove --interp-prefix= configure option * late fix for 8.1: target-arm-Fix-SME-ST1Q.patch * late fix for 8.1: target-arm-Fix-64-bit-SSRA.patch * d/control: remove old versions from build-deps . qemu (1:8.0.4+dfsg-2) unstable; urgency=medium . * remove linux-user-show-heap-address-in-proc-pid-maps.patch * pick 2 nvme fixes from upstream: - hw-nvme-fix-oob-memory-read-in-fdp-events-log-CVE-2023-4135.patch Closes: #1050142, CVE-2023-4135 - hw-nvme-fix-null-pointer-access-in-directive-receive-CVE-2023-40360.patch Closes: #1050140, CVE-2023-40360 * d/rules: --enable-virtfs (--enable-attr --enable-cap-ng) for xen build to enable 9pfs (Closes: #1049925) * d/rules: run-qemu.mount is linux-specific too (if we ever do non-linux system build) * d/control: disable sndio on debian too (disabled on ubuntu), for now anyway * d/*.install, d/rules: explicitly list all qemu-system modules * d/control: build-depend on libglib2.0-dev (forgotten!) and zlib1g-dev, move the two to the top before all optional deps * d/changelog: fix 7.1+dfsg-1 changelog entry (qemu-user and qemu-system) . qemu (1:8.0.4+dfsg-1ubuntu5) noble; urgency=medium . * d/p/u/lp2003673-*.patch: Enable passthrough of IBM Z crypto hardware to Secure Execution guests. (LP: #2003673) . qemu (1:8.0.4+dfsg-1ubuntu4) noble; urgency=medium . * Rebuild against new libnfs14. Checksums-Sha1: 98459abf69f8f7284f9e629c88c290dd868a4133 9421 qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1.dsc 9238f2282012f96696a66f36055aad46d3cf870a 40632952 qemu_8.2.1+ds.orig.tar.xz 8ac7560db11aeb86517757cd179e276be9aeebfb 152156 qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1.debian.tar.xz 36492ee21d593d29d9368682a39ce15df94fd304 7227 qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1_source.buildinfo Checksums-Sha256: 14169a0f371b5f96900cced13f714a935c3ea7c4e3671bc3c7ee9f65da4703b3 9421 qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1.dsc 42d68d695b358607d2a2c1ea3c26b3c4d220624464ea6fb547e5f51a13e4ea55 40632952 qemu_8.2.1+ds.orig.tar.xz 544f5353e62fe2b4c7f1c985b379b5f94bf75c2940902ba05e604517991fdebe 152156 qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1.debian.tar.xz 9517e2f31c60aa1c9056571f8cde2c6a6d2ccf5a653a46febfd8502ac04fe9ae 7227 qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1_source.buildinfo Files: 6379a0cb8ea3b6e4b8cc2e33ea224c1d 9421 otherosfs optional qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1.dsc ca7e54d9db74a0cb58c06e2a7c58b3a5 40632952 otherosfs optional qemu_8.2.1+ds.orig.tar.xz 9e57e611d0b91d43f9b404a9f29acfa8 152156 otherosfs optional qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1.debian.tar.xz e68c1696dcb1305901767cae9ab65b2a 7227 otherosfs optional qemu_8.2.1+ds-1ubuntu1~bpo23.10.1~ppa1_source.buildinfo Original-Maintainer: Debian QEMU Team