-
qemu-kvm (0.12.5+dfsg-5+squeeze11) squeeze-security; urgency=high
* fix guest-triggerable buffer overrun in virtio-net device
(Closes: #744221 CVE-2014-0150)
-- Michael Tokarev <email address hidden> Sat, 12 Apr 2014 11:57:35 +0400
-
qemu-kvm (0.12.5+dfsg-5+squeeze10) stable-security; urgency=low
* CVE-2012-6075 fix (Closes: #696051):
e1000-discard-packets-that-are-too-long-if-not-SBP-and-not-LPE.patch
e1000-discard-oversized-packets-based-on-SBP_LPE.patch
-- Michael Tokarev <email address hidden> Mon, 14 Jan 2013 12:58:32 +0400
-
qemu-kvm (0.12.5+dfsg-5+squeeze9) stable-security; urgency=low
* console-bounds-check-whenever-changing-the-cursor-CVE-2012-3515.patch
upstream fix for CVE-2012-3515, VT100 emulation vulnerability.
(Closes: #686974)
* block-prevent-snapshot-mode-TMPDIR-symlink-attack-CVE-2012-2652.patch
upstream fix for CVE-2012-2652, symlink attacks in snapshot mode.
(Closes: #686977)
-- Michael Tokarev <email address hidden> Sat, 08 Sep 2012 09:36:46 +0400
-
qemu-kvm (0.12.5+dfsg-5+squeeze8) stable-security; urgency=low
* patch fix-vnc-memory-corruption-with-width=1440.diff from
Gerd Hoffman, fixing guest-triggerable memory corruption
in vnc with one of standard display sizes (1440x1050 or
1440x900 or others -- these can be set by guest if run
with -vga {std|vmware}. Closes: #608756.
* e1000-bounds-packet-size-against-buffer-size-CVE-2012-0029.diff
patch from upstream to fix CVE-2012-0029 (Closes: #657529)
-- Michael Tokarev <email address hidden> Fri, 27 Jan 2012 00:55:42 +0400
-
qemu-kvm (0.12.5+dfsg-5+squeeze7) stable; urgency=low
* stash-away-SCM_RIGHTS-fd-until-a-getfd-command-arrives-e53f27b9d9.diff
patch from upstream (included in 0.13 and up, and also in ubuntu)
to fix NIC hotplug from libvirt (Closes: #637990)
-- Michael Tokarev <email address hidden> Wed, 17 Aug 2011 13:35:03 +0400
-
qemu-kvm (0.12.5+dfsg-5+squeeze6) stable-security; urgency=low
* virtio-fix-indirect-descriptor-buffer-overflow-CVE-2011-2212
fixes a guest-triggerable buffer overflow in virtio handling
(closes: #632987)
* os-posix-set-groups-properly-for--runas-CVE-2011-2527
clears supplementary groups for -runas (closes: #633669)
-- Michael Tokarev <email address hidden> Wed, 13 Jul 2011 01:45:15 +0400
-
qemu-kvm (0.12.5+dfsg-5+squeeze3) stable; urgency=low
* cirrus_vga:fix-division-by-0-for-color-expansion-rop-92d675d1c1.diff (fix from upstream) - fixes division by zero with some guests like WinNT 4.0 and WinME. * fix-vnc-zlib-overflow.diff (backport from 0.14) (closes: #616159) * qdev-dont-hw_error-in-qdev_init_nofail-bd6c9a61.diff - don't abort but exit on user errors (closes: #619452) * fix transitional kvm package description (closes: #625206) * fix long-standing migration bug on 32bits (closes: #625571) -- Michael Tokarev <email address hidden> Sat, 28 May 2011 13:39:58 +0400
-
qemu-kvm (0.12.5+dfsg-5) unstable; urgency=low
[ Michael Tokarev ]
* scsi:-Dequeue-requests-before-invoking-completion-callback.diff
fix SIGSEGV when using lsil scsi emulation, from upstream
(closes: #603223)
* seabios-mark-irq9-active-high-in-DSDT.diff - fix non-working
acpi buttons (system_powerdown) for FreeBSD and other guests.
* don't ship roms/seabios/src/acpi-dsdt.hex which is a generated file
(this ensures it gets rebuilt properly after previous patch too),
and fix their makefile to properly state deps from it (closes: #603219)
* two patches from upstream git to fix alsa audio issues:
- fix-100%-CPU-load-when-idle-with-ALSA.diff
- issue-snd_pcm_start-when-capturing-audio.diff
(closes: #588899)
-- Jan Lübbe <email address hidden> Fri, 12 Nov 2010 11:18:12 +0100
-
qemu-kvm (0.12.5+dfsg-4) unstable; urgency=low
[ Michael Tokarev ]
* QEMUFileBuffered:-indicate-that-were-ready-when-the-underlying-file-is-ready.diff
(patch from upstream to speed up migration dramatically)
(closes: #597517)
* use versioned build-depends for etherboot now when it's available in bpo
(closes: #588940, #581356, #598802)
-- Guido Günther <email address hidden> Mon, 04 Oct 2010 09:36:58 +0200
-
qemu-kvm (0.12.5+dfsg-3) unstable; urgency=medium
[ Michael Tokarev ]
* CVE-2010-2784-fix-segfault-in-mmio-subpage-handling-code.diff
(closes: #594478)
-- Jan Lübbe <email address hidden> Sat, 04 Sep 2010 19:29:59 +0200
-
qemu-kvm (0.12.5+dfsg-2) unstable; urgency=low
[ Michael Tokarev ]
* patch from upstream: add-support-for-GET-EVENT-STATUS-NOTIFICATION.diff
(closes: #593144)
* two patches from upstream qemu/stable-0.12:
upstream-stable01-make-PIIX-and-ISA-IDE-init-functions-return-the-qdev.diff
upstream-stable02-fix-CMOS-info-for-drives-defined-with--device.diff
(closes: #588739)
* revert-all-bdrv_write_sync-changes.diff - this patch reverts the changes
which went into 0.12.5 upstream and make all metadata writes (for qcow&Co)
syncronous. Yes it's more correct, but the resulting write speed is
insanely slow and makes all image formats except raw unusable.
(closes: #594069)
-- Jan Lübbe <email address hidden> Wed, 25 Aug 2010 13:15:11 +0200
-
qemu-kvm (0.12.5+dfsg-1) unstable; urgency=low
[ Michael Tokarev ]
* new upstream bugfix/minor release, with many bugfixes
incorporated:
block:-fix-sector-comparism-in-multiwrite_req_compare.diff
pci:-irq_state-vmstate-breakage.diff
(closes: #589009, #582493, #580649)
* add /etc/kvm/kvm-ifdown (dummy) script (closes: #583590)
* add seabios-ps2-fixes.diff (two patches from seabios git)
(closes: #591266)
* sdl-do-not-disable-screensaver.diff (closes: #578672)
* fix-curses-return-key-when-using--k.diff (closes: #583478)
* vmstate:-fix-breakage-by-7e72abc382b700a72549e8147bdea413534eeedc.diff
(fixes cirrus vga breakage on migration)
* added qdev-device-use.txt documentation file from upstream
* actually ship debian/changelog.upstream-qemu-kvm
[ Jan Lübbe ]
* Add Michael Tokarev as Uploader
* Update Standards-Version to 3.9.1 (don't reference BSD license from
common-licenses)
-- Jan Lübbe <email address hidden> Mon, 09 Aug 2010 14:23:37 +0200
-
qemu-kvm (0.12.4+dfsg-1) unstable; urgency=low
[ Michael Tokarev ]
* New upstream minor/stable release 0.12.4, incorporating
the following patches:
avoid_creating_too_large_iovecs_in_multiwrite_merge.patch
net:-remove-broken-net_set_boot_mask-boot-device-validation.diff
block:-free-iovec-arrays-allocated-by-multiwrite_merge.diff
bail-out-when-VCPU_CREATE-fails.diff
* add madv_mergeable-for-old-kernheaders-hack.diff, mostly
to help bpo builds (it is to enable KMS even when compiled
against old kernel headers, when running on recent-enough
kernel)
* fix kvm transitional package to have Priority: extra
* also fix kvm transitional package to properly run with reportbug,
and simplify the bug-script and use dh_bugfiles to install them.
* adedd isa-refine-irq-reservations.patch from Gerd Hoffmann
(closes: #574051)
* added be_more_specific_in_-mem-path_error_messages.diff trivial
patch to be more specific when throwing errors. (closes: #574073)
* bump debhelper build-depend version to 7.2.3 due to dh_bugfiles.
* net:-remove-broken-net_set_boot_mask-boot-device-validation.diff
(to let it to boot from network using new -netdev syntax, cherry-
picked from stable) (closes: #575628)
* block:-free-iovec-arrays-allocated-by-multiwrite_merge.diff
to fix a memory leak in virtio-blk implementation
* rehash 04_use_etc_kvm_kvm-ifup.patch - apparently the #defines
are now in two places, remove one of them and patch another
* bail-out-when-VCPU_CREATE-fails.diff - new patch to make kvm to behave
a bit nicely if vcpu_create fails: before it were just segfaulting.
(closes: #558029)
* give-useful-error-messages-when-tap-open-fails.diff: when manipulation
of /dev/net/tun fails, give some more useful error messages.
(closes: #578154)
* document -incoming option (document--incoming-option.diff).
(closes: #565573)
* (preliminary) fix for usb keyboard keymap, usbkbd-menu-logo-keys.diff.
(closes: #578846)
-- Jan Lübbe <email address hidden> Tue, 18 May 2010 22:43:54 +0200
-
qemu-kvm (0.12.3+dfsg-4) unstable; urgency=low
[ Michael Tokarev ]
* added patch from upstream, ff5414990645653bf43bf64adfc1ca77ffb9edcb,
revert-sdlaudio:-make-it-suck-less.diff (closes: #572943)
Note that this is only relevant to sdl audio (QEMU_AUDIO_DRV=sdl)
* don't report system dmi information in the bugreports anymore, it
serves almost no useful purpose these days, much less than previously.
VMX/SVM is either enabled or not, and if it is not enabled, kvm module
will warn user about this fact in dmesg during load.
(closes: #572930, #572924)
* switch back to vgabios as shipped in upstream tarball in kvm/vgabios.
I overlooked it, thinking it went away together with seabios as
both roms/seabios and roms/vgabios are empty in upstream, but vgabios
has never been removed. So we're back at using it.
Big thanks to Bjørn Mork for the hard work he did finding bugs in the
version we shipped in 0.12.3+dfsg-2, which is wrong and the work
should have not been required. But it helped finding all the pieces
finally. (closes: #572991)
* build-depend on linux-libc-dev >= 2.6.32, to enable KSM (Kernel
Samepage Merge) and to ensure we'll not have spurious preadv()
problems
* build-depend on libaio-dev to compile in aio support
(which does not do any harm if not explicitly enabled)
* fix cleanups of old conffiles in preinst. (closes: #573280)
* include 573439-fail-to-set-hdd-serial-number.diff - a fix by
Kouichi ONO broken hdd serial number support (closes: #573439)
-- Jan Lübbe <email address hidden> Thu, 11 Mar 2010 17:15:31 +0100
-
qemu-kvm (0.11.1+dfsg-1) unstable; urgency=low
[ Jan Lübbe ]
* New upstream release
* Provide kvm from qemu-kvm (closes: #558026)
[ Michael Tokarev ]
* clean up kvm/userspace in `clean' target or else the package
does not build twice in a row (closes: #527371).
Also add more workarounds to the clean target, namely,
clean up kvm/user/test/lib from .*.d files and remove
generated qemu-monitor.texi
* fix /etc/kvm/kvm-ifup script (missing {} in awk), thanks to
Andrea Zagli for the fix (closes: #560436)
* check in /etc/kvm/kvm-ifup that we actually found default route
interface and that it's actually a bridge
* handle etherboot-5.4.4 which moved roms from /usr/share/etherboot
to /usr/lib/etherboot and actually provided virtio boot rom. Thanks
to John Morrissey for the fix and patch. (closes: #522179).
[ Jan Lübbe ]
* Remove NAME="%k" from udev rule (closes: #559300)
[ Guido Günther ]
* add ksm support
-- Jan Lübbe <email address hidden> Mon, 11 Jan 2010 14:48:32 +0100
-
qemu-kvm (0.11.0+dfsg-1) unstable; urgency=low
* Package qemu-kvm (stable series) instead of kvm (snapshots)
* Simplify the packaging, remove support for external module source
* Move old debian/changelog to debian/changlog.kvm
-- Jan Lübbe <email address hidden> Mon, 02 Nov 2009 11:49:28 +0100
