Format: 1.8 Date: Mon, 17 Apr 2017 09:34:39 -0500 Source: qemu Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm qemu-system-aarch64 qemu-system-s390x Architecture: source Version: 1:2.5+dfsg-5ubuntu10.9~cloud0ubuntu3 Distribution: trusty Urgency: high Maintainer: Ubuntu Developers Changed-By: Ryan Harper Description: qemu - fast processor emulator qemu-block-extra - extra block backend modules for qemu-system and qemu-utils qemu-guest-agent - Guest-side qemu-system agent qemu-kvm - QEMU Full virtualization qemu-system - QEMU full system emulation binaries qemu-system-aarch64 - QEMU full system emulation binaries (aarch64) qemu-system-arm - QEMU full system emulation binaries (arm) qemu-system-common - QEMU full system emulation binaries (common files) qemu-system-mips - QEMU full system emulation binaries (mips) qemu-system-misc - QEMU full system emulation binaries (miscelaneous) qemu-system-ppc - QEMU full system emulation binaries (ppc) qemu-system-s390x - QEMU full system emulation binaries (s390x) qemu-system-sparc - QEMU full system emulation binaries (sparc) qemu-system-x86 - QEMU full system emulation binaries (x86) qemu-user - QEMU user mode emulation binaries qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 751754 763043 764971 772422 773033 776004 778624 778737 780200 781250 784605 785470 785798 787547 788460 793388 793811 793817 794610 794611 794737 795087 795461 796465 797608 798101 799073 799074 799452 801158 802633 805410 805826 806373 806741 806742 808130 808131 808144 808145 808357 809229 809232 809237 809313 810205 810519 810527 811201 812307 Launchpad-Bugs-Fixed: 1006655 1271653 1409308 1414153 1417937 1419855 1465935 1491050 1491972 1493049 1495895 1508466 1522531 1531191 1533728 1539016 1556306 1560149 1566564 1612089 1621042 1626972 1641532 1656480 Changes: qemu (1:2.5+dfsg-5ubuntu10.9~cloud0ubuntu3) trusty-mitaka; urgency=medium . * PPA Build for Trusty UCA . qemu (1:2.5+dfsg-5ubuntu10.9~cloud0ubuntu2) xenial; urgency=medium . * PPA Build for Xenial . qemu (1:2.5+dfsg-5ubuntu10.9~cloud0ubuntu1) trusty-mitaka; urgency=medium . * Apply Ericcson virtio-net queue size bump (256 -> 1024) for virtio-net when used as VHOST_USER device . qemu (1:2.5+dfsg-5ubuntu10.9~cloud0) trusty-mitaka; urgency=medium . * New update for the Ubuntu Cloud Archive. . qemu (1:2.5+dfsg-5ubuntu10.9) xenial; urgency=medium . * fix ambiguous machine trusty and utopic machine types (LP: #1641532) - d/p/ubuntu/define-ubuntu-machine-types.patch update type definitions - d/qemu-system-x86.NEWS to describe the issue . qemu (1:2.5+dfsg-5ubuntu10.8) xenial; urgency=medium . [ Dmitrii Shcherbakov ] * d/p/ubuntu/net-fix-qemu_announce_self-not-emitting-packets.patch: Cherrypick upstream patch: net: fix qemu_announce_self not emitting packets (LP: #1656480) . qemu (1:2.5+dfsg-5ubuntu10.7) xenial; urgency=medium . [ Rafael David Tinoco ] * Fixed wrong migration blocker when vhost is used (LP: #1626972) - d/p/vhost_migration-blocker-only-if-shared-log-is-used.patch . qemu (1:2.5+dfsg-5ubuntu10.6) xenial-security; urgency=medium . * SECURITY UPDATE: DoS via unbounded memory allocation - debian/patches/CVE-2016-5403.patch: re-enable original patch. - debian/patches/CVE-2016-5403-2.patch: recalculate vq->inuse after migration in hw/virtio/virtio.c. - debian/patches/CVE-2016-5403-3.patch: decrement vq->inuse in virtqueue_discard() in hw/virtio/virtio.c. - debian/patches/CVE-2016-5403-4.patch: zero vq->inuse in virtio_reset() in hw/virtio/virtio.c. - CVE-2016-5403 * SECURITY UPDATE: use after free while writing in vmxnet3 - debian/patches/CVE-2016-6833.patch: check for device_active before write in hw/net/vmxnet3.c. - CVE-2016-6833 * SECURITY UPDATE: DoS via infinite loop during packet fragmentation - debian/patches/CVE-2016-6834.patch: check fragment length during fragmentation in hw/net/vmxnet_tx_pkt.c. - CVE-2016-6834 * SECURITY UPDATE: Buffer overflow in vmxnet_tx_pkt_parse_headers() - debian/patches/CVE-2016-6835.patch: check IP header length in hw/net/vmxnet_tx_pkt.c. - CVE-2016-6835 * SECURITY UPDATE: Information leak in vmxnet3_complete_packet - debian/patches/CVE-2016-6836.patch: initialise local tx descriptor in hw/net/vmxnet3.c. - CVE-2016-6836 * SECURITY UPDATE: Integer overflow in packet initialisation in VMXNET3 - debian/patches/CVE-2016-6888.patch: use g_new for pkt initialisation in hw/net/vmxnet_tx_pkt.c. - CVE-2016-6888 * SECURITY UPDATE: directory traversal flaw in 9p virtio backend - debian/patches/CVE-2016-7116-1.patch: forbid illegal path names in hw/9pfs/virtio-9p.c. - debian/patches/CVE-2016-7116-2.patch: forbid . and .. in file names in hw/9pfs/virtio-9p.c. - debian/patches/CVE-2016-7116-3.patch: handle walk of ".." in the root directory in hw/9pfs/virtio-9p.*. - debian/patches/CVE-2016-7116-4.patch: fix potential segfault during walk in hw/9pfs/virtio-9p.c. - CVE-2016-7116 * SECURITY UPDATE: OOB read and infinite loop in pvscsi - debian/patches/CVE-2016-7155.patch: check page count while initialising descriptor rings in hw/scsi/vmw_pvscsi.c. - CVE-2016-7155 * SECURITY UPDATE: infinite loop when building SG list in pvscsi - debian/patches/CVE-2016-7156.patch: limit loop to fetch SG list in hw/scsi/vmw_pvscsi.c. - CVE-2016-7156 * SECURITY UPDATE: buffer overflow in xlnx.xps-ethernetlite - debian/patches/CVE-2016-7161.patch: fix a heap overflow in hw/net/xilinx_ethlite.c. - CVE-2016-7161 * SECURITY UPDATE: OOB stack memory access in vmware_vga - debian/patches/CVE-2016-7170.patch: correct bitmap and pixmap size checks in hw/display/vmware_vga.c. - CVE-2016-7170 * SECURITY UPDATE: Infinite loop when processing IO requests in pvscsi - debian/patches/CVE-2016-7421.patch: limit process IO loop to ring size in hw/scsi/vmw_pvscsi.c. - CVE-2016-7421 * SECURITY UPDATE: memory leakage during device unplug in xhci - debian/patches/CVE-2016-7466.patch: fix memory leak in usb_xhci_exit in hw/usb/hcd-xhci.c. - CVE-2016-7466 * SECURITY UPDATE: denial of service in mcf via invalid count - debian/patches/CVE-2016-7908.patch: limit buffer descriptor count in hw/net/mcf_fec.c. - CVE-2016-7908 * SECURITY UPDATE: denial of service in pcnet via invalid length - debian/patches/CVE-2016-7909.patch: check rx/tx descriptor ring length in hw/net/pcnet.c. - CVE-2016-7909 * SECURITY UPDATE: denial of service via memory leak in virtio-gpu - debian/patches/CVE-2016-7994.patch: fix memory leak in virtio_gpu_resource_create_2d in hw/display/virtio-gpu.c. - CVE-2016-7994 * SECURITY UPDATE: denial of service via infinite loop in xhci - debian/patches/CVE-2016-8576.patch: limit the number of link trbs we are willing to process in hw/usb/hcd-xhci.c. - CVE-2016-8576 * SECURITY UPDATE: host memory leakage in 9pfs - debian/patches/CVE-2016-8577.patch: fix potential host memory leak in v9fs_read in hw/9pfs/virtio-9p.c. - CVE-2016-8577 * SECURITY UPDATE: NULL dereference in 9pfs - debian/patches/CVE-2016-8578.patch: allocate space for guest originated empty strings in fsdev/virtio-9p-marshal.c, hw/9pfs/virtio-9p.c. - CVE-2016-8578 * SECURITY UPDATE: OOB buffer access in rocker switch emulation - debian/patches/CVE-2016-8668.patch: set limit to DMA buffer size in hw/net/rocker/rocker.c. - CVE-2016-8668 * SECURITY UPDATE: infinite loop in Intel HDA controller - debian/patches/CVE-2016-8909.patch: check stream entry count during transfer in hw/audio/intel-hda.c. - CVE-2016-8909 * SECURITY UPDATE: infinite loop in RTL8139 ethernet controller - debian/patches/CVE-2016-8910.patch: limit processing of ring descriptors in hw/net/rtl8139.c. - CVE-2016-8910 * SECURITY UPDATE: memory leakage at device unplug in eepro100 - debian/patches/CVE-2016-9101.patch: fix memory leak in device uninit in hw/net/eepro100.c. - CVE-2016-9101 * SECURITY UPDATE: denial of service via memory leak in 9pfs - debian/patches/CVE-2016-9102.patch: fix memory leak in v9fs_xattrcreate in hw/9pfs/virtio-9p.c. - CVE-2016-9102 * SECURITY UPDATE: information leakage via xattribute in 9pfs - debian/patches/CVE-2016-9103.patch: fix information leak in xattr read in hw/9pfs/virtio-9p.c. - CVE-2016-9103 * SECURITY UPDATE: integer overflow leading to OOB access in 9pfs - debian/patches/CVE-2016-9104.patch: fix integer overflow issue in xattr read/write in hw/9pfs/virtio-9p.c. - CVE-2016-9104 * SECURITY UPDATE: denial of service via memory leakage in 9pfs - debian/patches/CVE-2016-9105.patch: fix memory leak in v9fs_link in hw/9pfs/virtio-9p.c. - CVE-2016-9105 * SECURITY UPDATE: denial of service via memory leakage in 9pfs - debian/patches/CVE-2016-9106.patch: fix memory leak in v9fs_write in hw/9pfs/virtio-9p.c. - CVE-2016-9106 . qemu (1:2.5+dfsg-5ubuntu10.5) xenial; urgency=medium . * fix default machine types. (LP: #1621042) - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch - remove double default and double ubuntu alias - add xenial machine type - add q35 based ubuntu machine type - add ubuntu machine types on ppc64el and s390x . qemu (1:2.5+dfsg-5ubuntu10.4) xenial-security; urgency=medium . * SECURITY REGRESSION: crash on migration with memory stats enabled (LP: #1612089) - debian/patches/CVE-2016-5403.patch: disable for now pending investigation. . qemu (1:2.5+dfsg-5ubuntu10.3) xenial-security; urgency=medium . * SECURITY UPDATE: DoS and possible host code execution in 53C9X Fast SCSI Controller - debian/patches/CVE-2016-4439.patch: check length in hw/scsi/esp.c. - CVE-2016-4439 * SECURITY UPDATE: DoS in 53C9X Fast SCSI Controller - debian/patches/CVE-2016-4441.patch: check DMA length in hw/scsi/esp.c. - CVE-2016-4441 * SECURITY UPDATE: infinite loop in vmware_vga - debian/patches/CVE-2016-4453.patch: limit fifo commands in hw/display/vmware_vga.c. - CVE-2016-4453 * SECURITY UPDATE: DoS or host memory leakage in vmware_vga - debian/patches/CVE-2016-4454.patch: fix sanity checks in hw/display/vmware_vga.c. - CVE-2016-4454 * SECURITY UPDATE: DoS in VMWARE PVSCSI paravirtual SCSI bus - debian/patches/CVE-2016-4952.patch: check command descriptor ring buffer size in hw/scsi/vmw_pvscsi.c. - CVE-2016-4952 * SECURITY UPDATE: MegaRAID SAS 8708EM2 host memory leakage - debian/patches/CVE-2016-5105.patch: initialise local configuration data buffer in hw/scsi/megasas.c. - CVE-2016-5105 * SECURITY UPDATE: DoS in MegaRAID SAS 8708EM2 - debian/patches/CVE-2016-5106.patch: use appropriate property buffer size in hw/scsi/megasas.c. - CVE-2016-5106 * SECURITY UPDATE: DoS in MegaRAID SAS 8708EM2 - debian/patches/CVE-2016-5107.patch: check read_queue_head index value in hw/scsi/megasas.c. - CVE-2016-5107 * SECURITY UPDATE: DoS or code execution via crafted iSCSI asynchronous I/O ioctl call - debian/patches/CVE-2016-5126.patch: avoid potential overflow in block/iscsi.c. - CVE-2016-5126 * SECURITY UPDATE: DoS in 53C9X Fast SCSI Controller - debian/patches/CVE-2016-5238.patch: check buffer length before reading scsi command in hw/scsi/esp.c. - CVE-2016-5238 * SECURITY UPDATE: MegaRAID SAS 8708EM2 host memory leakage - debian/patches/CVE-2016-5337.patch: null terminate bios version buffer in hw/scsi/megasas.c. - CVE-2016-5337 * SECURITY UPDATE: DoS or code execution in 53C9X Fast SCSI Controller - debian/patches/CVE-2016-5338.patch: check TI buffer index in hw/scsi/esp.c. - CVE-2016-5338 * SECURITY UPDATE: DoS via unbounded memory allocation - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c. - CVE-2016-5403 * SECURITY UPDATE: oob write access while reading ESP command - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for maximum CDB size and handle migration in hw/scsi/esp.c, include/hw/scsi/esp.h, include/migration/vmstate.h. - CVE-2016-6351 . qemu (1:2.5+dfsg-5ubuntu10.2) xenial; urgency=medium . * Cherrypick upstream patches to support the query-gic-version QMP command (LP: #1566564) . qemu (1:2.5+dfsg-5ubuntu10.1) xenial-security; urgency=medium . * SECURITY UPDATE: denial of service via multiple eof_timers in ohci - debian/patches/CVE-2016-2391.patch: allocate timer only once in hw/usb/hcd-ohci.c. - CVE-2016-2391 * SECURITY UPDATE: denial of service in in remote NDIS control message handling - debian/patches/CVE-2016-2392.patch: check USB configuration descriptor object in hw/usb/dev-network.c. - CVE-2016-2392 * SECURITY UPDATE: denial of service or host information leak in USB Net device emulation support - debian/patches/CVE-2016-2538.patch: check RNDIS buffer offsets and length in hw/usb/dev-network.c. - CVE-2016-2538 * SECURITY UPDATE: denial of service via infinite loop in ne2000 - debian/patches/CVE-2016-2841.patch: heck ring buffer control registers in hw/net/ne2000.c. - CVE-2016-2841 * SECURITY UPDATE: denial of service via payload length in crafted packet - debian/patches/CVE-2016-2857.patch: check packet payload length in net/checksum.c. - CVE-2016-2857 * SECURITY UPDATE: denial of service in PRNG support - debian/patches/CVE-2016-2858.patch: add request queue support to rng-random in backends/rng-egd.c, backends/rng-random.c, backends/rng.c, include/sysemu/rng.h. - CVE-2016-2858 * SECURITY UPDATE: arbitrary host code execution via VGA module - debian/patches/CVE-2016-3710.patch: fix banked access bounds checking in hw/display/vga.c. - CVE-2016-3710 * SECURITY UPDATE: denial of service via VGA module - debian/patches/CVE-2016-3712.patch: make sure vga register setup for vbe stays intact in hw/display/vga.c. - CVE-2016-3712 * SECURITY UPDATE: denial of service in Luminary Micro Stellaris Ethernet - debian/patches/CVE-2016-4001.patch: check packet length against receive buffer in hw/net/stellaris_enet.c. - CVE-2016-4001 * SECURITY UPDATE: denial of sevice and possible code execution in MIPSnet - debian/patches/CVE-2016-4002.patch: check size in hw/net/mipsnet.c. - CVE-2016-4002 * SECURITY UPDATE: host information leak via TPR access - debian/patches/CVE-2016-4020.patch: initialize variable in hw/i386/kvmvapic.c. - CVE-2016-4020 * SECURITY UPDATE: denial of service via infinite loop in in usb_ehci - debian/patches/CVE-2016-4037.patch: apply limit to iTD/sidt descriptors in hw/usb/hcd-ehci.c. - CVE-2016-4037 . qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium . * qemu-system-s390x only available on s390x, so qemu-system should only depend on it on this arch. * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger relationship, but qemu-efi is still in universe right now. . qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium . * And actually ship the right things in qemu-system-s390x. . qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium . * Create qemu-system-s390x package on ubuntu only. . qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium . * Cherrypick patch from mailing list to fix qemu in sandbox. (LP: #1560149) . qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium . * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch (LP: #1556306) . qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium . * Cherrypick upstream patch to fix snapshot regression (LP: #1533728) . qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium . * d/control{-in}: Re-generate and build with libiscsi-dev now that its in Ubuntu main (LP: #1271653). . qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium . * Make -no-pie conditional, on $(CC) supporting -no-pie flag. . qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium . * No-change rebuild for gnutls transition. . qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium . * Merge with Debian; remaining changes: - debian/rules: do not drop the init scripts loading kvm modules (still needed in precise in cloud archive) - qemu-system-common.postinst: * remove acl placed by udev, and add udevadm trigger. * reload kvm_intel if needed to set nested=1 - qemu-system-common.preinst: add kvm group if needed - add qemu-kvm upstart job and defaults file (rules, qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) - rules,qemu-system-x86.modprobe: support use under older udevs which do not auto-load the kvm kernel module. Enable nesting by default on intel. - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default in qemu64 cpu type. - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types to ease future live vm migration. - apport hook for qemu source package: d/source_qemu-kvm.py, d/qemu-system-common.install - Make qemu-system-common and qemu-utils depend on qemu-block-extra to fix errors with missing block backends. (LP: #1495895) - Enable pie by default, on ubuntu/s390x. - Include s390-ccw.img firmware. . qemu (1:2.5+dfsg-5) unstable; urgency=medium . * fix misspellings in previous debian/changelog entry * e1000-eliminate-infinite-loops-on-out-of-bounds-start-CVE-2016-1981.patch (Closes: #812307, CVE-2016-1981) * hmp-fix-sendkey-out-of-bounds-write-CVE-2015-8619.patch (Closes: #809237, CVE-2015-8619) * use `command -v' instead of `type' to check for command existence . qemu (1:2.5+dfsg-4) unstable; urgency=medium . * change misspelling of won't in NEWS (lintian) * two patches from upstream to enable sigaltstack syscall (linux-user) (Closes: #805826) * word-wrapped last entry in debian/changelog * use type to find out whenever update-binfmts is available * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch (Partial) patch targeted 2.3 which fixes the read side of the issue (Closes: CVE-2016-1714) * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch (Closes: #811201, CVE-2016-1922) . qemu (1:2.5+dfsg-3) unstable; urgency=high . [ Aurelien Jarno ] * debian/copyright: fix a spelling error reported by lintian: dependecy -> dependency. . [ Michael Tokarev ] * net-vmxnet3-avoid-memory-leakage-in-activate_device patch (Closes: #808145, CVE-2015-8567, CVE-2015-8568) * scsi-initialise-info-object-with-appropriate-size-CVE-2015-8613.patch (Closes: #809232, CVE-2015-8613) * net-rocker-fix-an-incorrect-array-bounds-check-CVE-2015-8701.patch (Closes: #809313, CVE-2015-8701) . qemu (1:2.5+dfsg-2) unstable; urgency=high . * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch (Closes: #808144, CVE-2015-8558) * virtio-9p-use-accessor-to-get-thread_pool.patch (Closes: #808357) * two upstream patches from xsa-155 fixing unsafe shared memory access in xen (Closes: #809229, CVE-2015-8550) * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch (Closes: #810519, CVE-2015-8743) * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch (Closes: #810527, CVE-2016-1568) * changed build-depends from libpng12-dev to libpng-dev (Closes: #810205) . qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium . * SECURITY UPDATE: paravirtualized drivers incautious about shared memory contents - debian/patches/CVE-2015-8550-1.patch: avoid double access in hw/block/xen_blkif.h. - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in hw/display/xenfb.c. - CVE-2015-8550 * SECURITY UPDATE: infinite loop in ehci_advance_state - debian/patches/CVE-2015-8558.patch: make idt processing more robust in hw/usb/hcd-ehci.c. - CVE-2015-8558 * SECURITY UPDATE: host memory leakage in vmxnet3 - debian/patches/CVE-2015-856x.patch: avoid memory leakage in hw/net/vmxnet3.c. - CVE-2015-8567 - CVE-2015-8568 * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info - debian/patches/CVE-2015-8613.patch: initialise info object with appropriate size in hw/scsi/megasas.c. - CVE-2015-8613 * SECURITY UPDATE: DoS via Human Monitor Interface - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write in hmp.c, include/ui/console.h, ui/input-legacy.c. - CVE-2015-8619 * SECURITY UPDATE: incorrect array bounds check in rocker - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds check in hw/net/rocker/rocker.c. - CVE-2015-8701 * SECURITY UPDATE: ne2000 OOB r/w in ioport operations - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport operations in hw/net/ne2000.c. - CVE-2015-8743 * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on error in hw/ide/ahci.c. - CVE-2016-1568 * SECURITY UPDATE: DoS via null pointer dereference in vapic_write() - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in hw/i386/kvmvapic.c. - CVE-2016-1922 * SECURITY UPDATE: e1000 infinite loop - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on out-of-bounds transfer start in hw/net/e1000.c - CVE-2016-1981 * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB engines - debian/patches/CVE-2016-2197.patch: add check before calling dma_memory_unmap in hw/ide/ahci.c. - CVE-2016-2197 * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write - debian/patches/CVE-2016-2198.patch: add capability mmio write function in hw/usb/hcd-ehci.c. - CVE-2016-2198 . qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium . * debian/qemu-kvm-init: Call systemd-detect-virt instead of the Ubuntu specific running-in-container wrapper. (LP: #1539016) . qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high . * Include s390-ccw.img firmware. . qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium . * Place qemu-kvm.defaults file in qemu-system-common, next to the init scripts. Fix the comparison operator when checking KVM_HUGEPAGES. Thanks Simon. (LP: #1531191) . qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium . * Merge with Debian; remaining changes: - debian/rules: do not drop the init scripts loading kvm modules (still needed in precise in cloud archive) - qemu-system-common.postinst: * remove acl placed by udev, and add udevadm trigger. * reload kvm_intel if needed to set nested=1 - qemu-system-common.preinst: add kvm group if needed - add qemu-kvm upstart job and defaults file (rules, qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) - rules,qemu-system-x86.modprobe: support use under older udevs which do not auto-load the kvm kernel module. Enable nesting by default on intel. - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default in qemu64 cpu type. - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types to ease future live vm migration. - apport hook for qemu source package: d/source_qemu-kvm.py, d/qemu-system-common.install - Make qemu-system-common and qemu-utils depend on qemu-block-extra to fix errors with missing block backends. (LP: #1495895) - Enable pie by default, on ubuntu/s390x. * Drop vGICv3 support patches - all is now upstream * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191) . qemu (1:2.5+dfsg-1) unstable; urgency=medium . * new upstream release (Closes: #801158) Closes: #806373 CVE-2015-8345 Closes: #806742 CVE-2015-7504 Closes: #806741 CVE-2015-7512 Closes: #808131 CVE-2015-7549 Closes: #808130 CVE-2015-8504 * adopt for the new upstream: - removed patches which are upstream now - build-depend on libcacard-dev and stop requiring libtool - removed libcacard refs from debian/qemu-system-common.docs - moved qmp docs out of subdir following upstream - removed pc-bios/vgabios-virtio.bin * enable new linux-user target: tilegx * install qemu-ga manpage * install ivshmem-server and ivshmem-client to qemu-utils * stop using cylinders/heads/sectors for sfdisk in qemu-make-debian-root (Closes: #785470) * modify qemu-make-debian-root to use some current tools (this simplifies things, removes usage of uudecode) (usefulness of this utility is questionable anyway) . qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high . * Enable pie by default, on ubuntu/s390x. . qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium . * undo the libseccomp delta from debian. libseccomp is indeed available on other arches, but we need qemu's configure script to be fixed before we can use it on anything other than amd64|i386. Fixes FTBFS. (LP: #1522531) . qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium . * Merge with Debian; remaining changes: - Update the ubuntu machine types patch to reflect upstream churn - debian/rules: do not drop the init scripts loading kvm modules (still needed in precise in cloud archive) - qemu-system-common.postinst: * remove acl placed by udev, and add udevadm trigger. * reload kvm_intel if needed to set nested=1 - qemu-system-common.preinst: add kvm group if needed - add qemu-kvm upstart job and defaults file (rules, qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) - rules,qemu-system-x86.modprobe: support use under older udevs which do not auto-load the kvm kernel module. Enable nesting by default on intel. - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default in qemu64 cpu type. - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty machine type to ease future live vm migration. - apport hook for qemu source package: d/source_qemu-kvm.py, d/qemu-system-common.install - Make qemu-system-common and qemu-utils depend on qemu-block-extra to fix errors with missing block backends. (LP: #1495895) - control-in: build with libseccomp an all architectures - Add vGICv3 support . qemu (1:2.4+dfsg-5) unstable; urgency=medium . * trace-remove-malloc-tracing.patch from upstream. (Closes: #802633) * stop building libcacard, as it is now in its own separate source package and has been removed from upstream qemu in 2.5. Here we just stop producing libcacard binaries, but still use embedded libcacard source to link with it statically. In 2.5 we will switch to external libcacard. (Closes: #805410) . qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium . * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet - debian/patches/CVE-2015-7504.patch: leave room for CRC code in hw/net/pcnet.c. - CVE-2015-7504 * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet - debian/patches/CVE-2015-7512.patch: check packet length in hw/net/pcnet.c. - CVE-2015-7512 * SECURITY UPDATE: infinite loop in eepro100 - debian/patches/CVE-2015-8345.patch: prevent endless loop in hw/net/eepro100.c. - CVE-2015-8345 . qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium . * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition. . qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium . * Merge 2.4 from unstable. Remaining changes: - Update the ubuntu machine types patch to reflect upstream churn - debian/rules: do not drop the init scripts loading kvm modules (still needed in precise in cloud archive) - qemu-system-common.postinst: * remove acl placed by udev, and add udevadm trigger. * reload kvm_intel if needed to set nested=1 - qemu-system-common.preinst: add kvm group if needed - add qemu-kvm upstart job and defaults file (rules, qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) - rules,qemu-system-x86.modprobe: support use under older udevs which do not auto-load the kvm kernel module. Enable nesting by default on intel. - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default in qemu64 cpu type. - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty machine type to ease future live vm migration. - apport hook for qemu source package: d/source_qemu-kvm.py, d/qemu-system-common.install - Make qemu-system-common and qemu-utils depend on qemu-block-extra to fix errors with missing block backends. (LP: #1495895) - control-in: build with libseccomp an all architectures. * Add vGICv3 support . qemu (1:2.4+dfsg-4) unstable; urgency=medium . * applied 3 patches from upstream to fix virtio-net possible remote DoS (Closes: #799452 CVE-2015-7295) * remove now-unused /etc/qemu too (Closes: #797608) . qemu (1:2.4+dfsg-3) unstable; urgency=high . * ne2000-add-checks-to-validate-ring-buffer-pointers-CVE-2015-5279.patch fix for Heap overflow vulnerability in ne2000_receive() function (Closes: #799074 CVE-2015-5279) * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch (Closes: #799073 CVE-2015-5278) * some binfmt reorg: - extend aarch64 to include one more byte as other arches do - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize OSABI=3 (GNU/Linux) in addition to NONE/SysV (Closes: #784605, #794737) - tighten sh4 & sh4eb, fixing OSABI mask to be \xfc not 0 . qemu (1:2.4+dfsg-2) unstable; urgency=high . * Add e1000-avoid-infinite-loop-in-transmit-CVE-2015-6815.patch. CVE-2015-6815: net: e1000 infinite loop issue in processing transmit descriptor. (Closes: #798101 CVE-2015-6815) * Add ide-fix-ATAPI-command-permissions-CVE-2015-6855.patch. CVE-2015-6855: ide: qemu allows arbitrary commands to be sent to an ATAPI device from guest, while illegal comands might have security impact, f.e. WIN_READ_NATIVE_MAX results in divide by zero error. (Closes: CVE-2015-6855) . qemu (1:2.4+dfsg-1a) unstable; urgency=medium . * new upstream (2.4.0) release Closes: #795461, #793811, #794610, #795087, #794611, #793388 CVE-2015-3214 CVE-2015-5154 CVE-2015-5165 CVE-2015-5745 CVE-2015-5166 CVE-2015-5158 Closes: #793817 * removed all upstreamed patches * remove --enable-vnc-ws option (not used anymore) * update mjt-set-oem-in-rsdt-like-slic.diff * vnc-fix-memory-corruption-CVE-2015-5225.patch from upstream Closes: #796465 CVE-2015-5225 * remove now-unused /etc/qemu/target-x86_64.conf . qemu (1:2.3+dfsg-6a) unstable; urgency=medium . * fix d/copyright leftover in previous upload . qemu (1:2.3+dfsg-6) unstable; urgency=high . * pcnet-force-buffer-access-to-be-in-bounds-CVE-2015-3209.patch from upstream (Closes: #788460 CVE-2015-3209) . qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium . * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466) . qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low . * debian/patches/upstream-fix-irq-route-entries.patch Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed" (LP: #1465935) . qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium . * Build using libseccomp on all architectures. . qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium . * SECURITY UPDATE: denial of service via NE2000 driver - debian/patches/CVE-2015-5278.patch: fix infinite loop in hw/net/ne2000.c. - CVE-2015-5278 * SECURITY UPDATE: denial of service and possible code execution via heap overflow in NE2000 driver - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in hw/net/ne2000.c. - CVE-2015-5279 * SECURITY UPDATE: denial of service via e1000 infinite loop - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c. - CVE-2015-6815 * SECURITY UPDATE: denial of service via illegal ATAPI commands - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in hw/ide/core.c. - CVE-2015-6855 . qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium . * Make qemu-system-common and qemu-utils depend on qemu-block-extra to fix errors with missing block backends. (LP: #1495895) * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655) * Apply fix for memory corruption during live-migration in tcg mode (LP: #1493049) * Apply tracing patch to remove use of custom vtable in newer glibc (LP: #1491972) . qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium . * Import qcow2-handle-eagain-from-update_refcount from upstream to fix errors when using qemu-img convert -c. (LP: #1491050) . qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium . * SECURITY UPDATE: process heap memory disclosure - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c. - CVE-2015-5165 * SECURITY UPDATE: privilege escalation via block device unplugging - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend in hw/ide/piix.c. - CVE-2015-5166 * SECURITY UPDATE: privilege escalation via memory corruption in vnc - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply limits in ui/vnc.c. - CVE-2015-5225 * SECURITY UPDATE: denial of service via virtio-serial - debian/patches/CVE-2015-5745.patch: don't assume a specific layout for control messages in hw/char/virtio-serial-bus.c. - CVE-2015-5745 . qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium . * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read() - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c. - CVE-2015-3214 * SECURITY UPDATE: heap overflow when processing ATAPI commands - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in hw/ide/core.c, make sure command is completed in hw/ide/atapi.c. - CVE-2015-5154 * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb - debian/patches/CVE-2015-5158.patch: check length in hw/scsi/scsi-bus.c. - CVE-2015-5158 . qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium . * SECURITY UPDATE: heap overflow in PCNET controller - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c. - CVE-2015-3209 . qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium . * Merge 1:2.3+dfsg-5 from Debian. * Remaining changes: - debian/rules: do not drop the init scripts loading kvm modules (still needed in precise in cloud archive) - qemu-system-common.postinst: * remove acl placed by udev, and add udevadm trigger. * reload kvm_intel if needed to set nested=1 - qemu-system-common.preinst: add kvm group if needed - add qemu-kvm upstart job and defaults file (rules, qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) - rules,qemu-system-x86.modprobe: support use under older udevs which do not auto-load the kvm kernel module. Enable nesting by default on intel. - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default in qemu64 cpu type. - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty machine type to ease future live vm migration. - apport hook for qemu source package: d/source_qemu-kvm.py, d/qemu-system-common.install * Refreshed patches: - ubuntu/expose-vmx_qemu64cpu.patch - ubuntu/define-ubuntu-machine-types.patch . qemu (1:2.3+dfsg-5) unstable; urgency=high . * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch (Closes: CVE-2015-4037) * 11 patches for XEN PCI pass-through issues (Closes: #787547 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106) * kbd-add-brazil-kbd-keys-*.patch, adding two keys found on Brazilian keyboards (Closes: #772422) . qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium . * Merge 1:2.3+dfsg-4 from Debian. * Remaining changes: - debian/rules: do not drop the init scripts loading kvm modules (still needed in precise in cloud archive) - qemu-system-common.postinst: * remove acl placed by udev, and add udevadm trigger. * reload kvm_intel if needed to set nested=1 - qemu-system-common.preinst: add kvm group if needed - add qemu-kvm upstart job and defaults file (rules, qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) - rules,qemu-system-x86.modprobe: support use under older udevs which do not auto-load the kvm kernel module. Enable nesting by default on intel. - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default in qemu64 cpu type. - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty machine type to ease future live vm migration. - apport hook for qemu source package: d/source_qemu-kvm.py, d/qemu-system-common.install * Dropped all patches which are applied upstream * Move the upstart jobs to a generic script - add new qemu-kvm-init script - call that from upstart and sysvrc qemu-kvm scripts - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc} . qemu (1:2.3+dfsg-4) unstable; urgency=medium . * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch: patch from upstream to fix FTBFS on some arches * libcacard-dev: depend on libnss3-dev (Closes: #785798) * libcacard-dev: do not depend on pkg-config . qemu (1:2.3+dfsg-3) unstable; urgency=high . * fdc-force-the-fifo-access-to-be-in-bounds-CVE-2015-3456.patch (Closes: CVE-2015-3456) * fix the OSABI binfmt mask for x86_64 arch, to actually fix #763043. Original fix didn't work, because "someone" forgot arithmetics. (Really Closes: #763043) * align binfmt magics/masks to be in single column . qemu (1:2.3+dfsg-2) unstable; urgency=medium . * do not install upstream changelog file, it is unused for a long time * mention closing of #781250 #769299 by 2.3 * mention qemu-block-extra split in NEWS files * fix spelling prob in the manpage * bump Standards-Version to 3.9.6 (no changes needed) * add mips64 and mips64el binfmt registration (Closes: #778624) . qemu (1:2.3+dfsg-1) unstable; urgency=medium . * new upstream release (2.3) (Closes: #781250 #769299 #781250 #769299) . qemu (1:2.2+dfsg-6exp) experimental; urgency=medium . * qemu 2.2.1 stable/bugfix release (remove included upstream exec-change-default-exception_index-value-for-migration-to--1.patch) * added mips64(el) to list of architectures where qemu-utils is built (Closes: #780200) * added kvm-on-x32.patch from Adam Borowski (Closes: #778737) * create qemu-block-extra package * rules.mak-fix-module-build.patch from upstream to fix module build * pass --enable-modules to configure * pass multiarch --libdir to configure * mjt-set-oem-in-rsdt-like-slic.diff: update FACP table too, not only RSDT. FACP is needed for win7 booting in UEFI mode. * enable libcacard (closes: #764971) - build-depend on libnss3-dev & libtool-bin - --enable-smartcard-nss - run dh_makeshlibs - rm libcacard.la - add libcacard0, libcacard-dev and libcacard-tools packages - add libcacard*.install and libcacard0.symbols . qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium . * SECURITY UPDATE: denial of service in vnc web - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h. - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from websockets clients in ui/vnc-ws.c. - CVE-2015-1779 * SECURITY UPDATE: host code execution via floppy device (VEMON) - debian/patches/CVE-2015-3456.patch: force the fifo access to be in bounds of the allocated buffer in hw/block/fdc.c. - CVE-2015-3456 . qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low . * CVE-2015-2756 / XSA-126 - xen: limit guest control of PCI command register . qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium . * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not accidentally create /1 . qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low . * No-change rebuild to pull in libxl-4.5 (take 2: step to the right). . qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low . * No-change rebuild to pull in libxl-4.5. . qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium . * debian/control-in: enable numa on architectures where numa is built (LP: #1417937) . qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium . [Scott Moser] * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa profile when started by libvirt. . [Serge Hallyn] * add symlink qemu-system-ppc64le -> qemu-system-ppc64 * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script (LP: #1419855) . [Chris J Arges] * Determine if we are running inside a virtual environment. If running inside a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153) . qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium . * Merge 1:2.2+dfsg-5exp from Debian. (LP: #1409308) - debian/rules: do not drop the init scripts loading kvm modules (still needed in precise in cloud archive) * Remaining changes: - qemu-system-common.postinst: * remove acl placed by udev, and add udevadm trigger. * reload kvm_intel if needed to set nested=1 - qemu-system-common.preinst: add kvm group if needed - add qemu-kvm upstart job and defaults file (rules, qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart) - rules,qemu-system-x86.modprobe: support use under older udevs which do not auto-load the kvm kernel module. Enable nesting by default on intel. - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default in qemu64 cpu type. - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty machine type to ease future live vm migration. - apport hook for qemu source package: d/source_qemu-kvm.py, d/qemu-system-common.install * Dropped all patches which are applied upstream * Update ubuntu-vivid machine type to default to std graphics (following upstream's lead for pc-i440fx-2.2 machine type) . qemu (1:2.2+dfsg-5exp) experimental; urgency=medium . * fix initscript removal once again . qemu (1:2.2+dfsg-4exp) experimental; urgency=medium . * fix a brown-paper bag bug removing the qemu-system-x86 initscript (Closes: #776004) . qemu (1:2.2+dfsg-3exp) experimental; urgency=medium . * mention closing of #753887 by 2.2 * install only specific bamboo.dtb for ppc, not *.dtb (Closes: #773033) * install qemu-system-misc firmware in d/*.install not d/rules, as other firmware files * exec-change-default-exception_index-value-for-migration-to--1.patch: cherry-picked commit adee64249ee37e from upstream * stop messing up with alternatives (qemu for qemu-system-*) * stop shipping qemu-system-x86 initscript to load kvm modules (kernel since 3.4 does that automatically) (Closes: #751754) . qemu (1:2.2+dfsg-2exp) experimental; urgency=medium . * and finally uploading to experimental as it should be Checksums-Sha1: 07634de0213b9c078775e8598da99d4431e45fd0 5951 qemu_2.5+dfsg-5ubuntu10.9~cloud0ubuntu3.dsc 75dbdc7d2faaf988276ee45fb696faa0b9ef5bcb 5917224 qemu_2.5+dfsg.orig.tar.xz 64874ee2f218c8e19dae83097375b6560403777c 126540 qemu_2.5+dfsg-5ubuntu10.9~cloud0ubuntu3.debian.tar.xz Checksums-Sha256: c8f7307357d111e0f00620cc56f0fedc69095ce7e759528826427bcb1b0a5617 5951 qemu_2.5+dfsg-5ubuntu10.9~cloud0ubuntu3.dsc 7507dc37281ac7a42e13fff062a88e8742734d42fad2b6c2aeb6cc96060b120a 5917224 qemu_2.5+dfsg.orig.tar.xz 958fc13c07d61d5f210ebf863eb149e567318121c3b72d7d9d81e25f0dc89ced 126540 qemu_2.5+dfsg-5ubuntu10.9~cloud0ubuntu3.debian.tar.xz Files: f9c8d7f8e427e511d8e09a8fdde762c5 5951 otherosfs optional qemu_2.5+dfsg-5ubuntu10.9~cloud0ubuntu3.dsc 83a1b1bc152dd9b46a3bd992930a8db7 5917224 otherosfs optional qemu_2.5+dfsg.orig.tar.xz 55246abe254efacfb65a0604591eff4c 126540 otherosfs optional qemu_2.5+dfsg-5ubuntu10.9~cloud0ubuntu3.debian.tar.xz Original-Maintainer: Debian QEMU Team