Publishing details

Changelog

qemu (1:2.5+dfsg-5ubuntu10.9~cloud0ubuntu3) trusty-mitaka; urgency=medium

  * PPA Build for Trusty UCA

qemu (1:2.5+dfsg-5ubuntu10.9~cloud0ubuntu2) xenial; urgency=medium

  * PPA Build for Xenial

qemu (1:2.5+dfsg-5ubuntu10.9~cloud0ubuntu1) trusty-mitaka; urgency=medium

  * Apply Ericcson virtio-net queue size bump (256 -> 1024) for virtio-net when
    used as VHOST_USER device

qemu (1:2.5+dfsg-5ubuntu10.9~cloud0) trusty-mitaka; urgency=medium

  * New update for the Ubuntu Cloud Archive.

qemu (1:2.5+dfsg-5ubuntu10.9) xenial; urgency=medium

  * fix ambiguous machine trusty and utopic machine types (LP: #1641532)
    - d/p/ubuntu/define-ubuntu-machine-types.patch update type definitions
    - d/qemu-system-x86.NEWS to describe the issue

qemu (1:2.5+dfsg-5ubuntu10.8) xenial; urgency=medium

  [ Dmitrii Shcherbakov ]
  *  d/p/ubuntu/net-fix-qemu_announce_self-not-emitting-packets.patch:
     Cherrypick upstream patch: net: fix qemu_announce_self not emitting
     packets (LP: #1656480)

qemu (1:2.5+dfsg-5ubuntu10.7) xenial; urgency=medium

  [ Rafael David Tinoco ]
  * Fixed wrong migration blocker when vhost is used (LP: #1626972)
    - d/p/vhost_migration-blocker-only-if-shared-log-is-used.patch

qemu (1:2.5+dfsg-5ubuntu10.6) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via unbounded memory allocation
    - debian/patches/CVE-2016-5403.patch: re-enable original patch.
    - debian/patches/CVE-2016-5403-2.patch: recalculate vq->inuse after
      migration in hw/virtio/virtio.c.
    - debian/patches/CVE-2016-5403-3.patch: decrement vq->inuse in
      virtqueue_discard() in hw/virtio/virtio.c.
    - debian/patches/CVE-2016-5403-4.patch: zero vq->inuse in
      virtio_reset() in hw/virtio/virtio.c.
    - CVE-2016-5403
  * SECURITY UPDATE: use after free while writing in vmxnet3
    - debian/patches/CVE-2016-6833.patch: check for device_active before
      write in hw/net/vmxnet3.c.
    - CVE-2016-6833
  * SECURITY UPDATE: DoS via infinite loop during packet fragmentation
    - debian/patches/CVE-2016-6834.patch: check fragment length during
      fragmentation in hw/net/vmxnet_tx_pkt.c.
    - CVE-2016-6834
  * SECURITY UPDATE: Buffer overflow in vmxnet_tx_pkt_parse_headers()
    - debian/patches/CVE-2016-6835.patch: check IP header length in
      hw/net/vmxnet_tx_pkt.c.
    - CVE-2016-6835
  * SECURITY UPDATE: Information leak in vmxnet3_complete_packet
    - debian/patches/CVE-2016-6836.patch: initialise local tx descriptor in
      hw/net/vmxnet3.c.
    - CVE-2016-6836
  * SECURITY UPDATE: Integer overflow in packet initialisation in VMXNET3
    - debian/patches/CVE-2016-6888.patch: use g_new for pkt initialisation
      in hw/net/vmxnet_tx_pkt.c.
    - CVE-2016-6888
  * SECURITY UPDATE: directory traversal flaw in 9p virtio backend
    - debian/patches/CVE-2016-7116-1.patch: forbid illegal path names in
      hw/9pfs/virtio-9p.c.
    - debian/patches/CVE-2016-7116-2.patch: forbid . and .. in file names
      in hw/9pfs/virtio-9p.c.
    - debian/patches/CVE-2016-7116-3.patch: handle walk of ".." in the root
      directory in hw/9pfs/virtio-9p.*.
    - debian/patches/CVE-2016-7116-4.patch: fix potential segfault during
      walk in hw/9pfs/virtio-9p.c.
    - CVE-2016-7116
  * SECURITY UPDATE: OOB read and infinite loop in pvscsi
    - debian/patches/CVE-2016-7155.patch: check page count while
      initialising descriptor rings in hw/scsi/vmw_pvscsi.c.
    - CVE-2016-7155
  * SECURITY UPDATE: infinite loop when building SG list in pvscsi
    - debian/patches/CVE-2016-7156.patch: limit loop to fetch SG list in
      hw/scsi/vmw_pvscsi.c.
    - CVE-2016-7156
  * SECURITY UPDATE: buffer overflow in xlnx.xps-ethernetlite
    - debian/patches/CVE-2016-7161.patch: fix a heap overflow in
      hw/net/xilinx_ethlite.c.
    - CVE-2016-7161
  * SECURITY UPDATE: OOB stack memory access in vmware_vga
    - debian/patches/CVE-2016-7170.patch: correct bitmap and pixmap size
      checks in hw/display/vmware_vga.c.
    - CVE-2016-7170
  * SECURITY UPDATE: Infinite loop when processing IO requests in pvscsi
    - debian/patches/CVE-2016-7421.patch: limit process IO loop to ring
      size in hw/scsi/vmw_pvscsi.c.
    - CVE-2016-7421
  * SECURITY UPDATE: memory leakage during device unplug in xhci
    - debian/patches/CVE-2016-7466.patch: fix memory leak in usb_xhci_exit
      in hw/usb/hcd-xhci.c.
    - CVE-2016-7466
  * SECURITY UPDATE: denial of service in mcf via invalid count
    - debian/patches/CVE-2016-7908.patch: limit buffer descriptor count in
      hw/net/mcf_fec.c.
    - CVE-2016-7908
  * SECURITY UPDATE: denial of service in pcnet via invalid length
    - debian/patches/CVE-2016-7909.patch: check rx/tx descriptor ring
      length in hw/net/pcnet.c.
    - CVE-2016-7909
  * SECURITY UPDATE: denial of service via memory leak in virtio-gpu
    - debian/patches/CVE-2016-7994.patch: fix memory leak in
      virtio_gpu_resource_create_2d in hw/display/virtio-gpu.c.
    - CVE-2016-7994
  * SECURITY UPDATE: denial of service via infinite loop in xhci
    - debian/patches/CVE-2016-8576.patch: limit the number of link trbs we
      are willing to process in hw/usb/hcd-xhci.c.
    - CVE-2016-8576
  * SECURITY UPDATE: host memory leakage in 9pfs
    - debian/patches/CVE-2016-8577.patch: fix potential host memory leak in
      v9fs_read in hw/9pfs/virtio-9p.c.
    - CVE-2016-8577
  * SECURITY UPDATE: NULL dereference in 9pfs
    - debian/patches/CVE-2016-8578.patch: allocate space for guest
      originated empty strings in fsdev/virtio-9p-marshal.c,
      hw/9pfs/virtio-9p.c.
    - CVE-2016-8578
  * SECURITY UPDATE: OOB buffer access in rocker switch emulation
    - debian/patches/CVE-2016-8668.patch: set limit to DMA buffer size in
      hw/net/rocker/rocker.c.
    - CVE-2016-8668
  * SECURITY UPDATE: infinite loop in Intel HDA controller
    - debian/patches/CVE-2016-8909.patch: check stream entry count during
      transfer in hw/audio/intel-hda.c.
    - CVE-2016-8909
  * SECURITY UPDATE: infinite loop in RTL8139 ethernet controller
    - debian/patches/CVE-2016-8910.patch: limit processing of ring
      descriptors in hw/net/rtl8139.c.
    - CVE-2016-8910
  * SECURITY UPDATE: memory leakage at device unplug in eepro100
    - debian/patches/CVE-2016-9101.patch: fix memory leak in device uninit
      in hw/net/eepro100.c.
    - CVE-2016-9101
  * SECURITY UPDATE: denial of service via memory leak in 9pfs
    - debian/patches/CVE-2016-9102.patch: fix memory leak in
      v9fs_xattrcreate in hw/9pfs/virtio-9p.c.
    - CVE-2016-9102
  * SECURITY UPDATE: information leakage via xattribute in 9pfs
    - debian/patches/CVE-2016-9103.patch: fix information leak in xattr
      read in hw/9pfs/virtio-9p.c.
    - CVE-2016-9103
  * SECURITY UPDATE: integer overflow leading to OOB access in 9pfs
    - debian/patches/CVE-2016-9104.patch: fix integer overflow issue in
      xattr read/write in hw/9pfs/virtio-9p.c.
    - CVE-2016-9104
  * SECURITY UPDATE: denial of service via memory leakage in 9pfs
    - debian/patches/CVE-2016-9105.patch: fix memory leak in v9fs_link in
      hw/9pfs/virtio-9p.c.
    - CVE-2016-9105
  * SECURITY UPDATE: denial of service via memory leakage in 9pfs
    - debian/patches/CVE-2016-9106.patch: fix memory leak in v9fs_write in
      hw/9pfs/virtio-9p.c.
    - CVE-2016-9106

qemu (1:2.5+dfsg-5ubuntu10.5) xenial; urgency=medium

  * fix default machine types. (LP: #1621042)
    - add dep3 header to d/p/ubuntu/define-ubuntu-machine-types.patch
    - remove double default and double ubuntu alias
    - add xenial machine type
    - add q35 based ubuntu machine type
    - add ubuntu machine types on ppc64el and s390x

qemu (1:2.5+dfsg-5ubuntu10.4) xenial-security; urgency=medium

  * SECURITY REGRESSION: crash on migration with memory stats enabled
    (LP: #1612089)
    - debian/patches/CVE-2016-5403.patch: disable for now pending
      investigation.

qemu (1:2.5+dfsg-5ubuntu10.3) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS and possible host code execution in 53C9X Fast
    SCSI Controller
    - debian/patches/CVE-2016-4439.patch: check length in hw/scsi/esp.c.
    - CVE-2016-4439
  * SECURITY UPDATE: DoS in 53C9X Fast SCSI Controller
    - debian/patches/CVE-2016-4441.patch: check DMA length in
      hw/scsi/esp.c.
    - CVE-2016-4441
  * SECURITY UPDATE: infinite loop in vmware_vga
    - debian/patches/CVE-2016-4453.patch: limit fifo commands in
      hw/display/vmware_vga.c.
    - CVE-2016-4453
  * SECURITY UPDATE: DoS or host memory leakage in vmware_vga
    - debian/patches/CVE-2016-4454.patch: fix sanity checks in
      hw/display/vmware_vga.c.
    - CVE-2016-4454
  * SECURITY UPDATE: DoS in VMWARE PVSCSI paravirtual SCSI bus
    - debian/patches/CVE-2016-4952.patch: check command descriptor ring
      buffer size in hw/scsi/vmw_pvscsi.c.
    - CVE-2016-4952
  * SECURITY UPDATE: MegaRAID SAS 8708EM2 host memory leakage
    - debian/patches/CVE-2016-5105.patch: initialise local configuration
      data buffer in hw/scsi/megasas.c.
    - CVE-2016-5105
  * SECURITY UPDATE: DoS in MegaRAID SAS 8708EM2
    - debian/patches/CVE-2016-5106.patch: use appropriate property buffer
      size in hw/scsi/megasas.c.
    - CVE-2016-5106
  * SECURITY UPDATE: DoS in MegaRAID SAS 8708EM2
    - debian/patches/CVE-2016-5107.patch: check read_queue_head index
      value in hw/scsi/megasas.c.
    - CVE-2016-5107
  * SECURITY UPDATE: DoS or code execution via crafted iSCSI asynchronous
    I/O ioctl call
    - debian/patches/CVE-2016-5126.patch: avoid potential overflow in
      block/iscsi.c.
    - CVE-2016-5126
  * SECURITY UPDATE: DoS in 53C9X Fast SCSI Controller
    - debian/patches/CVE-2016-5238.patch: check buffer length before
      reading scsi command in hw/scsi/esp.c.
    - CVE-2016-5238
  * SECURITY UPDATE: MegaRAID SAS 8708EM2 host memory leakage
    - debian/patches/CVE-2016-5337.patch: null terminate bios version
      buffer in hw/scsi/megasas.c.
    - CVE-2016-5337
  * SECURITY UPDATE: DoS or code execution in 53C9X Fast SCSI Controller
    - debian/patches/CVE-2016-5338.patch: check TI buffer index in
      hw/scsi/esp.c.
    - CVE-2016-5338
  * SECURITY UPDATE: DoS via unbounded memory allocation
    - debian/patches/CVE-2016-5403.patch: check size in hw/virtio/virtio.c.
    - CVE-2016-5403
  * SECURITY UPDATE: oob write access while reading ESP command
    - debian/patches/CVE-2016-6351.patch: make cmdbuf big enough for
      maximum CDB size and handle migration in hw/scsi/esp.c,
      include/hw/scsi/esp.h, include/migration/vmstate.h.
    - CVE-2016-6351

qemu (1:2.5+dfsg-5ubuntu10.2) xenial; urgency=medium

  * Cherrypick upstream patches to support the query-gic-version QMP command
    (LP: #1566564)

qemu (1:2.5+dfsg-5ubuntu10.1) xenial-security; urgency=medium

  * SECURITY UPDATE: denial of service via multiple eof_timers in ohci
    - debian/patches/CVE-2016-2391.patch: allocate timer only once in
      hw/usb/hcd-ohci.c.
    - CVE-2016-2391
  * SECURITY UPDATE: denial of service in in remote NDIS control message
    handling
    - debian/patches/CVE-2016-2392.patch: check USB configuration
      descriptor object in hw/usb/dev-network.c.
    - CVE-2016-2392
  * SECURITY UPDATE: denial of service or host information leak in USB Net
    device emulation support
    - debian/patches/CVE-2016-2538.patch: check RNDIS buffer offsets and
      length in hw/usb/dev-network.c.
    - CVE-2016-2538
  * SECURITY UPDATE: denial of service via infinite loop in ne2000
    - debian/patches/CVE-2016-2841.patch: heck ring buffer control
      registers in hw/net/ne2000.c.
    - CVE-2016-2841
  * SECURITY UPDATE: denial of service via payload length in crafted packet
    - debian/patches/CVE-2016-2857.patch: check packet payload length in
      net/checksum.c.
    - CVE-2016-2857
  * SECURITY UPDATE: denial of service in PRNG support
    - debian/patches/CVE-2016-2858.patch: add request queue support to
      rng-random in backends/rng-egd.c, backends/rng-random.c,
      backends/rng.c, include/sysemu/rng.h.
    - CVE-2016-2858
  * SECURITY UPDATE: arbitrary host code execution via VGA module
    - debian/patches/CVE-2016-3710.patch: fix banked access bounds checking
      in hw/display/vga.c.
    - CVE-2016-3710
  * SECURITY UPDATE: denial of service via VGA module
    - debian/patches/CVE-2016-3712.patch: make sure vga register setup for
      vbe stays intact in hw/display/vga.c.
    - CVE-2016-3712
  * SECURITY UPDATE: denial of service in Luminary Micro Stellaris Ethernet
    - debian/patches/CVE-2016-4001.patch: check packet length against
      receive buffer in hw/net/stellaris_enet.c.
    - CVE-2016-4001
  * SECURITY UPDATE: denial of sevice and possible code execution in
    MIPSnet
    - debian/patches/CVE-2016-4002.patch: check size in hw/net/mipsnet.c.
    - CVE-2016-4002
  * SECURITY UPDATE: host information leak via TPR access
    - debian/patches/CVE-2016-4020.patch: initialize variable in
      hw/i386/kvmvapic.c.
    - CVE-2016-4020
  * SECURITY UPDATE: denial of service via infinite loop in in usb_ehci
    - debian/patches/CVE-2016-4037.patch: apply limit to iTD/sidt
      descriptors in hw/usb/hcd-ehci.c.
    - CVE-2016-4037

qemu (1:2.5+dfsg-5ubuntu10) xenial; urgency=medium

  * qemu-system-s390x only available on s390x, so qemu-system should only
    depend on it on this arch.
  * have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
    relationship, but qemu-efi is still in universe right now.

qemu (1:2.5+dfsg-5ubuntu9) xenial; urgency=medium

  * And actually ship the right things in qemu-system-s390x.

qemu (1:2.5+dfsg-5ubuntu8) xenial; urgency=medium

  * Create qemu-system-s390x package on ubuntu only.

qemu (1:2.5+dfsg-5ubuntu7) xenial; urgency=medium

  * Cherrypick patch from mailing list to fix qemu in sandbox.  (LP: #1560149)

qemu (1:2.5+dfsg-5ubuntu6) xenial; urgency=medium

  * Cherrypick upstream patch vhost-user-interrupt-management-fixes.patch
    (LP: #1556306)

qemu (1:2.5+dfsg-5ubuntu5) xenial; urgency=medium

  * Cherrypick upstream patch to fix snapshot regression (LP: #1533728)

qemu (1:2.5+dfsg-5ubuntu4) xenial; urgency=medium

  * d/control{-in}: Re-generate and build with libiscsi-dev now
    that its in Ubuntu main (LP: #1271653).

qemu (1:2.5+dfsg-5ubuntu3) xenial; urgency=medium

  * Make -no-pie conditional, on $(CC) supporting -no-pie flag.

qemu (1:2.5+dfsg-5ubuntu2) xenial; urgency=medium

  * No-change rebuild for gnutls transition.

qemu (1:2.5+dfsg-5ubuntu1) xenial; urgency=medium

  * Merge with Debian; remaining changes:
    - debian/rules: do not drop the init scripts loading kvm modules
      (still needed in precise in cloud archive)
    - qemu-system-common.postinst:
      * remove acl placed by udev, and add udevadm trigger.
      * reload kvm_intel if needed to set nested=1
    - qemu-system-common.preinst: add kvm group if needed
    - add qemu-kvm upstart job and defaults file (rules,
      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
    - rules,qemu-system-x86.modprobe: support use under older udevs which
      do not auto-load the kvm kernel module.  Enable nesting by default
      on intel.
    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
      in qemu64 cpu type.
    - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
      types to ease future live vm migration.
    - apport hook for qemu source package: d/source_qemu-kvm.py,
      d/qemu-system-common.install
    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
      to fix errors with missing block backends. (LP: #1495895)
    - Enable pie by default, on ubuntu/s390x.
    - Include s390-ccw.img firmware.

qemu (1:2.5+dfsg-5) unstable; urgency=medium

  * fix misspellings in previous debian/changelog entry
  * e1000-eliminate-infinite-loops-on-out-of-bounds-start-CVE-2016-1981.patch
    (Closes: #812307, CVE-2016-1981)
  * hmp-fix-sendkey-out-of-bounds-write-CVE-2015-8619.patch
    (Closes: #809237, CVE-2015-8619)
  * use `command -v' instead of `type' to check for command existence

qemu (1:2.5+dfsg-4) unstable; urgency=medium

  * change misspelling of won't in NEWS (lintian)
  * two patches from upstream to enable sigaltstack syscall (linux-user)
    (Closes: #805826)
  * word-wrapped last entry in debian/changelog
  * use type to find out whenever update-binfmts is available
  * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch
    (Partial) patch targeted 2.3 which fixes the read side of the issue
    (Closes: CVE-2016-1714)
  * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch
    (Closes: #811201, CVE-2016-1922)

qemu (1:2.5+dfsg-3) unstable; urgency=high

  [ Aurelien Jarno ]
  * debian/copyright:
    fix a spelling error reported by lintian: dependecy -> dependency.

  [ Michael Tokarev ]
  * net-vmxnet3-avoid-memory-leakage-in-activate_device patch
    (Closes: #808145, CVE-2015-8567, CVE-2015-8568)
  * scsi-initialise-info-object-with-appropriate-size-CVE-2015-8613.patch
    (Closes: #809232, CVE-2015-8613)
  * net-rocker-fix-an-incorrect-array-bounds-check-CVE-2015-8701.patch
    (Closes: #809313, CVE-2015-8701)

qemu (1:2.5+dfsg-2) unstable; urgency=high

  * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch
    (Closes: #808144, CVE-2015-8558)
  * virtio-9p-use-accessor-to-get-thread_pool.patch (Closes: #808357)
  * two upstream patches from xsa-155 fixing unsafe shared memory access in xen
    (Closes: #809229, CVE-2015-8550)
  * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch
    (Closes: #810519, CVE-2015-8743)
  * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch
    (Closes: #810527, CVE-2016-1568)
  * changed build-depends from libpng12-dev to libpng-dev (Closes: #810205)

qemu (1:2.5+dfsg-1ubuntu5) xenial; urgency=medium

  * SECURITY UPDATE: paravirtualized drivers incautious about shared memory
    contents
    - debian/patches/CVE-2015-8550-1.patch: avoid double access in
      hw/block/xen_blkif.h.
    - debian/patches/CVE-2015-8550-2.patch: avoid reading twice in
      hw/display/xenfb.c.
    - CVE-2015-8550
  * SECURITY UPDATE: infinite loop in ehci_advance_state
    - debian/patches/CVE-2015-8558.patch: make idt processing more robust
      in hw/usb/hcd-ehci.c.
    - CVE-2015-8558
  * SECURITY UPDATE: host memory leakage in vmxnet3
    - debian/patches/CVE-2015-856x.patch: avoid memory leakage in
      hw/net/vmxnet3.c.
    - CVE-2015-8567
    - CVE-2015-8568
  * SECURITY UPDATE: buffer overflow in megasas_ctrl_get_info
    - debian/patches/CVE-2015-8613.patch: initialise info object with
      appropriate size in hw/scsi/megasas.c.
    - CVE-2015-8613
  * SECURITY UPDATE: DoS via Human Monitor Interface
    - debian/patches/CVE-2015-8619.patch: fix sendkey out of bounds write
      in hmp.c, include/ui/console.h, ui/input-legacy.c.
    - CVE-2015-8619
  * SECURITY UPDATE: incorrect array bounds check in rocker
    - debian/patches/CVE-2015-8701.patch: fix an incorrect array bounds
      check in hw/net/rocker/rocker.c.
    - CVE-2015-8701
  * SECURITY UPDATE: ne2000 OOB r/w in ioport operations
    - debian/patches/CVE-2015-8743.patch: fix bounds check in ioport
      operations in hw/net/ne2000.c.
    - CVE-2015-8743
  * SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands
    - debian/patches/CVE-2016-1568.patch: reset ncq object to unused on
      error in hw/ide/ahci.c.
    - CVE-2016-1568
  * SECURITY UPDATE: DoS via null pointer dereference in vapic_write()
    - debian/patches/CVE-2016-1922.patch: avoid null pointer dereference in
      hw/i386/kvmvapic.c.
    - CVE-2016-1922
  * SECURITY UPDATE: e1000 infinite loop
    - debian/patches/CVE-2016-1981.patch: eliminate infinite loops on
      out-of-bounds transfer start in hw/net/e1000.c
    - CVE-2016-1981
  * SECURITY UPDATE: AHCI NULL pointer dereference when using FIS CLB
    engines
    - debian/patches/CVE-2016-2197.patch: add check before calling
      dma_memory_unmap in hw/ide/ahci.c.
    - CVE-2016-2197
  * SECURITY UPDATE: ehci null pointer dereference in ehci_caps_write
    - debian/patches/CVE-2016-2198.patch: add capability mmio write
      function in hw/usb/hcd-ehci.c.
    - CVE-2016-2198

qemu (1:2.5+dfsg-1ubuntu4) xenial; urgency=medium

  * debian/qemu-kvm-init: Call systemd-detect-virt instead of the
    Ubuntu specific running-in-container wrapper. (LP: #1539016)

qemu (1:2.5+dfsg-1ubuntu3) xenial; urgency=high

  * Include s390-ccw.img firmware.

qemu (1:2.5+dfsg-1ubuntu2) xenial; urgency=medium

  * Place qemu-kvm.defaults file in qemu-system-common, next to the init
    scripts.  Fix the comparison operator when checking KVM_HUGEPAGES.
    Thanks Simon.  (LP: #1531191)

qemu (1:2.5+dfsg-1ubuntu1) xenial; urgency=medium

  * Merge with Debian; remaining changes:
    - debian/rules: do not drop the init scripts loading kvm modules
      (still needed in precise in cloud archive)
    - qemu-system-common.postinst:
      * remove acl placed by udev, and add udevadm trigger.
      * reload kvm_intel if needed to set nested=1
    - qemu-system-common.preinst: add kvm group if needed
    - add qemu-kvm upstart job and defaults file (rules,
      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
    - rules,qemu-system-x86.modprobe: support use under older udevs which
      do not auto-load the kvm kernel module.  Enable nesting by default
      on intel.
    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
      in qemu64 cpu type.
    - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
      types to ease future live vm migration.
    - apport hook for qemu source package: d/source_qemu-kvm.py,
      d/qemu-system-common.install
    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
      to fix errors with missing block backends. (LP: #1495895)
    - Enable pie by default, on ubuntu/s390x.
  * Drop vGICv3 support patches - all is now upstream
  * debian/qemu-kvm-init: handle KVM_HUGEPAGES being unset (LP: #1531191)

qemu (1:2.5+dfsg-1) unstable; urgency=medium

  * new upstream release
    (Closes: #801158)
    Closes: #806373 CVE-2015-8345
    Closes: #806742 CVE-2015-7504
    Closes: #806741 CVE-2015-7512
    Closes: #808131 CVE-2015-7549
    Closes: #808130 CVE-2015-8504
  * adopt for the new upstream:
   - removed patches which are upstream now
   - build-depend on libcacard-dev and stop requiring libtool
   - removed libcacard refs from debian/qemu-system-common.docs
   - moved qmp docs out of subdir following upstream
   - removed pc-bios/vgabios-virtio.bin
  * enable new linux-user target: tilegx
  * install qemu-ga manpage
  * install ivshmem-server and ivshmem-client to qemu-utils
  * stop using cylinders/heads/sectors for sfdisk
    in qemu-make-debian-root (Closes: #785470)
  * modify qemu-make-debian-root to use some current tools
    (this simplifies things, removes usage of uudecode)
    (usefulness of this utility is questionable anyway)

qemu (1:2.4+dfsg-5ubuntu3) xenial; urgency=high

  * Enable pie by default, on ubuntu/s390x.

qemu (1:2.4+dfsg-5ubuntu2) xenial; urgency=medium

  * undo the libseccomp delta from debian.  libseccomp is indeed available
    on other arches, but we need qemu's configure script to be fixed before
    we can use it on anything other than amd64|i386.  Fixes FTBFS.
    (LP: #1522531)

qemu (1:2.4+dfsg-5ubuntu1) xenial; urgency=medium

  * Merge with Debian; remaining changes:
    - Update the ubuntu machine types patch to reflect upstream churn
    - debian/rules: do not drop the init scripts loading kvm modules
      (still needed in precise in cloud archive)
    - qemu-system-common.postinst:
      * remove acl placed by udev, and add udevadm trigger.
      * reload kvm_intel if needed to set nested=1
    - qemu-system-common.preinst: add kvm group if needed
    - add qemu-kvm upstart job and defaults file (rules,
      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
    - rules,qemu-system-x86.modprobe: support use under older udevs which
      do not auto-load the kvm kernel module.  Enable nesting by default
      on intel.
    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
      in qemu64 cpu type.
    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
      machine type to ease future live vm migration.
    - apport hook for qemu source package: d/source_qemu-kvm.py,
      d/qemu-system-common.install
    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
      to fix errors with missing block backends. (LP: #1495895)
    - control-in: build with libseccomp an all architectures
    - Add vGICv3 support

qemu (1:2.4+dfsg-5) unstable; urgency=medium

  * trace-remove-malloc-tracing.patch from upstream.
    (Closes: #802633)
  * stop building libcacard, as it is now in its own separate
    source package and has been removed from upstream qemu in 2.5.
    Here we just stop producing libcacard binaries, but still use
    embedded libcacard source to link with it statically.  In 2.5
    we will switch to external libcacard. (Closes: #805410)

qemu (1:2.4+dfsg-4ubuntu3) xenial; urgency=medium

  * SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
    - debian/patches/CVE-2015-7504.patch: leave room for CRC code in
      hw/net/pcnet.c.
    - CVE-2015-7504
  * SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
    - debian/patches/CVE-2015-7512.patch: check packet length in
      hw/net/pcnet.c.
    - CVE-2015-7512
  * SECURITY UPDATE: infinite loop in eepro100
    - debian/patches/CVE-2015-8345.patch: prevent endless loop in
      hw/net/eepro100.c.
    - CVE-2015-8345

qemu (1:2.4+dfsg-4ubuntu2) xenial; urgency=medium

  * d/p/u/define-ubuntu-machine-type.patch: Fix typo in utopic definition.

qemu (1:2.4+dfsg-4ubuntu1) xenial; urgency=medium

  * Merge 2.4 from unstable.  Remaining changes:
    - Update the ubuntu machine types patch to reflect upstream churn
    - debian/rules: do not drop the init scripts loading kvm modules
      (still needed in precise in cloud archive)
    - qemu-system-common.postinst:
      * remove acl placed by udev, and add udevadm trigger.
      * reload kvm_intel if needed to set nested=1
    - qemu-system-common.preinst: add kvm group if needed
    - add qemu-kvm upstart job and defaults file (rules,
      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
    - rules,qemu-system-x86.modprobe: support use under older udevs which
      do not auto-load the kvm kernel module.  Enable nesting by default
      on intel.
    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
      in qemu64 cpu type.
    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
      machine type to ease future live vm migration.
    - apport hook for qemu source package: d/source_qemu-kvm.py,
      d/qemu-system-common.install
    - Make qemu-system-common and qemu-utils depend on qemu-block-extra
      to fix errors with missing block backends. (LP: #1495895)
    - control-in: build with libseccomp an all architectures.
  * Add vGICv3 support

qemu (1:2.4+dfsg-4) unstable; urgency=medium

  * applied 3 patches from upstream to fix virtio-net
    possible remote DoS (Closes: #799452 CVE-2015-7295)
  * remove now-unused /etc/qemu too (Closes: #797608)

qemu (1:2.4+dfsg-3) unstable; urgency=high

  * ne2000-add-checks-to-validate-ring-buffer-pointers-CVE-2015-5279.patch
    fix for Heap overflow vulnerability in ne2000_receive() function
    (Closes: #799074 CVE-2015-5279)
  * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch
    (Closes: #799073 CVE-2015-5278)
  * some binfmt reorg:
   - extend aarch64 to include one more byte as other arches do
   - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize
     OSABI=3 (GNU/Linux) in addition to NONE/SysV
     (Closes: #784605, #794737)
   - tighten sh4 & sh4eb, fixing OSABI mask to be \xfc not 0

qemu (1:2.4+dfsg-2) unstable; urgency=high

  * Add e1000-avoid-infinite-loop-in-transmit-CVE-2015-6815.patch.
    CVE-2015-6815: net: e1000 infinite loop issue in processing transmit
    descriptor.  (Closes: #798101 CVE-2015-6815)
  * Add ide-fix-ATAPI-command-permissions-CVE-2015-6855.patch.
    CVE-2015-6855: ide: qemu allows arbitrary commands to be sent to an ATAPI
    device from guest, while illegal comands might have security impact,
    f.e. WIN_READ_NATIVE_MAX results in divide by zero error.
    (Closes: CVE-2015-6855)

qemu (1:2.4+dfsg-1a) unstable; urgency=medium

  * new upstream (2.4.0) release
    Closes: #795461, #793811, #794610, #795087, #794611, #793388
    CVE-2015-3214 CVE-2015-5154 CVE-2015-5165 CVE-2015-5745
    CVE-2015-5166 CVE-2015-5158
    Closes: #793817
  * removed all upstreamed patches
  * remove --enable-vnc-ws option (not used anymore)
  * update mjt-set-oem-in-rsdt-like-slic.diff
  * vnc-fix-memory-corruption-CVE-2015-5225.patch from upstream
    Closes: #796465 CVE-2015-5225
  * remove now-unused /etc/qemu/target-x86_64.conf

qemu (1:2.3+dfsg-6a) unstable; urgency=medium

  * fix d/copyright leftover in previous upload

qemu (1:2.3+dfsg-6) unstable; urgency=high

  * pcnet-force-buffer-access-to-be-in-bounds-CVE-2015-3209.patch
    from upstream (Closes: #788460 CVE-2015-3209)

qemu (1:2.3+dfsg-5ubuntu10) xenial; urgency=medium

  * debian/patches/fix-curses-with-xterm-256.patch (LP: #1508466)

qemu (1:2.3+dfsg-5ubuntu9) wily; urgency=low

  * debian/patches/upstream-fix-irq-route-entries.patch
    Fix "kvm_irqchip_commit_routes: Assertion 'ret == 0' failed"
    (LP: #1465935)

qemu (1:2.3+dfsg-5ubuntu8) wily; urgency=medium

  * Build using libseccomp on all architectures.

qemu (1:2.3+dfsg-5ubuntu7) wily; urgency=medium

  * SECURITY UPDATE: denial of service via NE2000 driver
    - debian/patches/CVE-2015-5278.patch: fix infinite loop in
      hw/net/ne2000.c.
    - CVE-2015-5278
  * SECURITY UPDATE: denial of service and possible code execution via
    heap overflow in NE2000 driver
    - debian/patches/CVE-2015-5279.patch: validate ring buffer pointers in
      hw/net/ne2000.c.
    - CVE-2015-5279
  * SECURITY UPDATE: denial of service via e1000 infinite loop
    - debian/patches/CVE-2015-6815.patch: check bytes in hw/net/e1000.c.
    - CVE-2015-6815
  * SECURITY UPDATE: denial of service via illegal ATAPI commands
    - debian/patches/CVE-2015-6855.patch: fix ATAPI command permissions in
      hw/ide/core.c.
    - CVE-2015-6855

qemu (1:2.3+dfsg-5ubuntu6) wily; urgency=medium

  * Make qemu-system-common and qemu-utils depend on qemu-block-extra
    to fix errors with missing block backends. (LP: #1495895)
  * Cherry pick fixes for vmdk stream-optimized subformat (LP: #1006655)
  * Apply fix for memory corruption during live-migration in tcg mode
    (LP: #1493049)
  * Apply tracing patch to remove use of custom vtable in newer glibc
    (LP: #1491972)

qemu (1:2.3+dfsg-5ubuntu5) wily; urgency=medium

  * Import qcow2-handle-eagain-from-update_refcount from upstream
    to fix errors when using qemu-img convert -c.  (LP: #1491050)

qemu (1:2.3+dfsg-5ubuntu4) wily; urgency=medium

  * SECURITY UPDATE: process heap memory disclosure
    - debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c.
    - CVE-2015-5165
  * SECURITY UPDATE: privilege escalation via block device unplugging
    - debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend
      in hw/ide/piix.c.
    - CVE-2015-5166
  * SECURITY UPDATE: privilege escalation via memory corruption in vnc
    - debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply
      limits in ui/vnc.c.
    - CVE-2015-5225
  * SECURITY UPDATE: denial of service via virtio-serial
    - debian/patches/CVE-2015-5745.patch: don't assume a specific layout
      for control messages in hw/char/virtio-serial-bus.c.
    - CVE-2015-5745

qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium

  * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
    - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
    - CVE-2015-3214
  * SECURITY UPDATE: heap overflow when processing ATAPI commands
    - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
      hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
    - CVE-2015-5154
  * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
    - debian/patches/CVE-2015-5158.patch: check length in
      hw/scsi/scsi-bus.c.
    - CVE-2015-5158

qemu (1:2.3+dfsg-5ubuntu2) wily; urgency=medium

  * SECURITY UPDATE: heap overflow in PCNET controller
    - debian/patches/CVE-2015-3209.patch: check bounds in hw/net/pcnet.c.
    - CVE-2015-3209

qemu (1:2.3+dfsg-5ubuntu1) wily; urgency=medium

  * Merge 1:2.3+dfsg-5 from Debian.
  * Remaining changes:
    - debian/rules: do not drop the init scripts loading kvm modules
      (still needed in precise in cloud archive)
    - qemu-system-common.postinst:
      * remove acl placed by udev, and add udevadm trigger.
      * reload kvm_intel if needed to set nested=1
    - qemu-system-common.preinst: add kvm group if needed
    - add qemu-kvm upstart job and defaults file (rules,
      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
    - rules,qemu-system-x86.modprobe: support use under older udevs which
      do not auto-load the kvm kernel module.  Enable nesting by default
      on intel.
    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
      in qemu64 cpu type.
    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
      machine type to ease future live vm migration.
    - apport hook for qemu source package: d/source_qemu-kvm.py,
      d/qemu-system-common.install
  * Refreshed patches:
    - ubuntu/expose-vmx_qemu64cpu.patch
    - ubuntu/define-ubuntu-machine-types.patch

qemu (1:2.3+dfsg-5) unstable; urgency=high

  * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch
    (Closes: CVE-2015-4037)
  * 11 patches for XEN PCI pass-through issues
    (Closes: #787547 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106)
  * kbd-add-brazil-kbd-keys-*.patch, adding two keys found on Brazilian
    keyboards (Closes: #772422)

qemu (1:2.3+dfsg-4ubuntu1) wily; urgency=medium

  * Merge 1:2.3+dfsg-4 from Debian.
  * Remaining changes:
    - debian/rules: do not drop the init scripts loading kvm modules
      (still needed in precise in cloud archive)
    - qemu-system-common.postinst:
      * remove acl placed by udev, and add udevadm trigger.
      * reload kvm_intel if needed to set nested=1
    - qemu-system-common.preinst: add kvm group if needed
    - add qemu-kvm upstart job and defaults file (rules,
      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
    - rules,qemu-system-x86.modprobe: support use under older udevs which
      do not auto-load the kvm kernel module.  Enable nesting by default
      on intel.
    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
      in qemu64 cpu type.
    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
      machine type to ease future live vm migration.
    - apport hook for qemu source package: d/source_qemu-kvm.py,
      d/qemu-system-common.install
  * Dropped all patches which are applied upstream
  * Move the upstart jobs to a generic script
    - add new qemu-kvm-init script
    - call that from upstart and sysvrc qemu-kvm scripts
    - move to qemu-system-common, which must now B/R qemu-system-{x86,ppc}

qemu (1:2.3+dfsg-4) unstable; urgency=medium

  * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch:
    patch from upstream to fix FTBFS on some arches
  * libcacard-dev: depend on libnss3-dev (Closes: #785798)
  * libcacard-dev: do not depend on pkg-config

qemu (1:2.3+dfsg-3) unstable; urgency=high

  * fdc-force-the-fifo-access-to-be-in-bounds-CVE-2015-3456.patch
    (Closes: CVE-2015-3456)
  * fix the OSABI binfmt mask for x86_64 arch, to actually fix #763043.
    Original fix didn't work, because "someone" forgot arithmetics.
    (Really Closes: #763043)
  * align binfmt magics/masks to be in single column

qemu (1:2.3+dfsg-2) unstable; urgency=medium

  * do not install upstream changelog file, it is unused for a long time
  * mention closing of #781250 #769299 by 2.3
  * mention qemu-block-extra split in NEWS files
  * fix spelling prob in the manpage
  * bump Standards-Version to 3.9.6 (no changes needed)
  * add mips64 and mips64el binfmt registration (Closes: #778624)

qemu (1:2.3+dfsg-1) unstable; urgency=medium

  * new upstream release (2.3)
    (Closes: #781250 #769299 #781250 #769299)

qemu (1:2.2+dfsg-6exp) experimental; urgency=medium

  * qemu 2.2.1 stable/bugfix release (remove included upstream
    exec-change-default-exception_index-value-for-migration-to--1.patch)
  * added mips64(el) to list of architectures where qemu-utils is built
    (Closes: #780200)
  * added kvm-on-x32.patch from Adam Borowski (Closes: #778737)
  * create qemu-block-extra package
  * rules.mak-fix-module-build.patch from upstream to fix module build
  * pass --enable-modules to configure
  * pass multiarch --libdir to configure
  * mjt-set-oem-in-rsdt-like-slic.diff: update FACP table too,
    not only RSDT.  FACP is needed for win7 booting in UEFI mode.
  * enable libcacard (closes: #764971)
   - build-depend on libnss3-dev & libtool-bin
   - --enable-smartcard-nss
   - run dh_makeshlibs
   - rm libcacard.la
   - add libcacard0, libcacard-dev and libcacard-tools packages
   - add libcacard*.install and libcacard0.symbols

qemu (1:2.2+dfsg-5expubuntu10) wily; urgency=medium

  * SECURITY UPDATE: denial of service in vnc web
    - debian/patches/CVE-2015-1779-1.patch: incrementally decode websocket
      frames in ui/vnc-ws.c, ui/vnc-ws.h, ui/vnc.h.
    - debian/patches/CVE-2015-1779-2.patch: limit size of HTTP headers from
      websockets clients in ui/vnc-ws.c.
    - CVE-2015-1779
  * SECURITY UPDATE: host code execution via floppy device (VEMON)
    - debian/patches/CVE-2015-3456.patch: force the fifo access to be in
      bounds of the allocated buffer in hw/block/fdc.c.
    - CVE-2015-3456

qemu (1:2.2+dfsg-5expubuntu9) vivid; urgency=low

  * CVE-2015-2756 / XSA-126
    - xen: limit guest control of PCI command register

qemu (1:2.2+dfsg-5expubuntu8) vivid; urgency=medium

  * debian/qemu-system-x86.qemu-kvm.upstart: fix redirection to not
    accidentally create /1

qemu (1:2.2+dfsg-5expubuntu7) vivid; urgency=low

  * No-change rebuild to pull in libxl-4.5 (take 2: step to the right).

qemu (1:2.2+dfsg-5expubuntu6) vivid; urgency=low

  * No-change rebuild to pull in libxl-4.5.

qemu (1:2.2+dfsg-5expubuntu5) vivid; urgency=medium

  * debian/control-in: enable numa on architectures where numa is built
    (LP: #1417937)

qemu (1:2.2+dfsg-5expubuntu4) vivid; urgency=medium

  [Scott Moser]
  * update d/kvm.powerpc to avoid use of awk, which isn't allowed by aa
    profile when started by libvirt.

  [Serge Hallyn]
  * add symlink qemu-system-ppc64le -> qemu-system-ppc64
  * debian/rules: fix DEB_HOST_ARCh fix to ppc64el for installing qemu-kvm init script
    (LP: #1419855)

  [Chris J Arges]
  * Determine if we are running inside a virtual environment. If running inside
    a virtualized enviornment do _not_ automatically enable KSM. (LP: #1414153)

qemu (1:2.2+dfsg-5expubuntu1) vivid; urgency=medium

  * Merge 1:2.2+dfsg-5exp from Debian.  (LP: #1409308)
    - debian/rules: do not drop the init scripts loading kvm modules
      (still needed in precise in cloud archive)
  * Remaining changes:
    - qemu-system-common.postinst:
      * remove acl placed by udev, and add udevadm trigger.
      * reload kvm_intel if needed to set nested=1
    - qemu-system-common.preinst: add kvm group if needed
    - add qemu-kvm upstart job and defaults file (rules,
      qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
    - rules,qemu-system-x86.modprobe: support use under older udevs which
      do not auto-load the kvm kernel module.  Enable nesting by default
      on intel.
    - d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
      in qemu64 cpu type.
    - d/p/ubuntu/define-trusty-machine-type.patch: define a default trusty
      machine type to ease future live vm migration.
    - apport hook for qemu source package: d/source_qemu-kvm.py,
      d/qemu-system-common.install
  * Dropped all patches which are applied upstream
  * Update ubuntu-vivid machine type to default to std graphics (following
    upstream's lead for pc-i440fx-2.2 machine type)

qemu (1:2.2+dfsg-5exp) experimental; urgency=medium

  * fix initscript removal once again

qemu (1:2.2+dfsg-4exp) experimental; urgency=medium

  * fix a brown-paper bag bug removing the qemu-system-x86 initscript
    (Closes: #776004)

qemu (1:2.2+dfsg-3exp) experimental; urgency=medium

  * mention closing of #753887 by 2.2
  * install only specific bamboo.dtb for ppc, not *.dtb
    (Closes: #773033)
  * install qemu-system-misc firmware in d/*.install not d/rules,
    as other firmware files
  * exec-change-default-exception_index-value-for-migration-to--1.patch:
    cherry-picked commit adee64249ee37e from upstream
  * stop messing up with alternatives (qemu for qemu-system-*)
  * stop shipping qemu-system-x86 initscript to load kvm modules
    (kernel since 3.4 does that automatically) (Closes: #751754)

qemu (1:2.2+dfsg-2exp) experimental; urgency=medium

  * and finally uploading to experimental as it should be

 -- Ryan Harper <email address hidden>  Mon, 17 Apr 2017 09:34:39 -0500

Available diffs

Builds

Built packages

Package files