-
qemu-kvm (0.12.3+noroms-0ubuntu9.26) lucid-security; urgency=medium
* SECURITY UPDATE: code execution via cirrus vga blit regions
(LP: #1400775)
- debian/patches/CVE-2014-8106.patch: properly validate blit regions in
hw/cirrus_vga.c.
- CVE-2014-8106
-- Marc Deslauriers <email address hidden> Wed, 10 Dec 2014 16:18:02 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.25) lucid-security; urgency=medium
* SECURITY UPDATE: denial of service via slirp NULL pointer deref
- debian/patches/CVE-2014-3640.patch: make sure socket is not just a
stub in slirp/udp.c.
- CVE-2014-3640
* SECURITY UPDATE: possible privilege escalation via vmware-vga driver
- debian/patches/CVE-2014-3689.patch: verify rectangles in
hw/vmware_vga.c.
- CVE-2014-3689
* SECURITY UPDATE: denial of service via VNC console
- debian/patches/CVE-2014-7815.patch: validate bits_per_pixel in vnc.c.
- CVE-2014-7815
-- Marc Deslauriers <email address hidden> Tue, 11 Nov 2014 15:40:19 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.24) lucid-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0142.patch: validate extent_size header field
in block/bochs.c, validate s->tracks in block/parallels.c, validate
block size in block/vpc.c, backport function to qemu-common.h,
backport DIV_ROUND_UP to osdep.h.
- CVE-2014-0142
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0143.patch: validate nb_sectors in
block.c, validate catalog_size header field in block/bochs.c,
prevent offsets_size integer overflow in block/cloop.c, fix catalog
size integer overflow in block/parallels.c, validate new_l1_size in
block/qcow2-cluster.c, use proper size in block/qcow2-refcount.c,
check L1 snapshot table size in block/qcow2-snapshot.c, check active
L1 table size in block/qcow2.c, define max size in block/qcow2.h.
- CVE-2014-0143
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0144.patch: validate block sizes and offsets
in block/cloop.c, check offset in block/curl.c, validate size in
block/qcow2-refcount.c, check number of snapshots in
block/qcow2-snapshot.c, check sizes and offsets in block/qcow2.c,
move structs to block/qcow2.h, check sizes in block/vdi.c,
prevent overflows in block/vpc.c.
- CVE-2014-0144
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0145.patch: check chunk sizes in block/dmg.c,
use correct size in block/qcow2-snapshot.c.
- CVE-2014-0145
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0146.patch: calculate offsets properly in
block/qcow2.c.
- CVE-2014-0146
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0147.patch: use proper sizes in block/bochs.c.
- CVE-2014-0147
* SECURITY UPDATE: multiple buffer overflows on invalid state load
- debian/patches: added large number of upstream patches pulled from
git tree.
- CVE-2013-4148
- CVE-2013-4151
- CVE-2013-4530
- CVE-2013-4531
- CVE-2013-4533
- CVE-2013-4534
- CVE-2013-4537
- CVE-2013-4538
- CVE-2013-4539
- CVE-2013-4540
- CVE-2013-6399
- CVE-2014-0182
- CVE-2014-0222
- CVE-2014-0223
-- Marc Deslauriers <email address hidden> Tue, 12 Aug 2014 14:35:45 -0400
-
qemu-kvm (0.12.3+noroms-0ubuntu9.22) lucid-security; urgency=medium
* SECURITY UPDATE: arbitrary code execution via MAC address table update
- debian/patches/CVE-2014-0150.patch: fix overflow in hw/virtio-net.c.
- CVE-2014-0150
* SECURITY UPDATE: denial of service and possible code execution via
smart self test counter
- debian/patches/CVE-2014-2894.patch: correct self-test count in
hw/ide/core.c.
- CVE-2014-2894
-- Marc Deslauriers <email address hidden> Fri, 25 Apr 2014 17:41:36 -0400
-
qemu-kvm (0.12.3+noroms-0ubuntu9.21) lucid-security; urgency=low
* SECURITY UPDATE: guest denial of service and possible code execution
via e1000 large packets
- debian/patches/CVE-2012-6075.patch: properly discard oversize packets
in hw/e1000.c.
- CVE-2012-6075
-- Marc Deslauriers <email address hidden> Tue, 15 Jan 2013 09:38:06 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.20) lucid-security; urgency=low
* SECURITY UPDATE: privilege escalation via VT100 sequences
- debian/patches/CVE-2012-3515.patch: check bounds in console.c.
- CVE-2012-3515
-- Marc Deslauriers <email address hidden> Tue, 25 Sep 2012 10:13:40 -0400
-
qemu-kvm (0.12.3+noroms-0ubuntu9.19) lucid-security; urgency=low
* SECURITY UPDATE: file overwrite via incorrect temp file checking
- debian/patches/CVE-2012-2652.patch: properly check length and
failures in block.c, block_int.h, block/vvfat.c.
- CVE-2012-2652
-- Marc Deslauriers <email address hidden> Tue, 31 Jul 2012 10:39:26 -0400
-
qemu-kvm (0.12.3+noroms-0ubuntu9.18) lucid-proposed; urgency=low
[ Michael Tokarev ]
* QEMUFileBuffered:-indicate-that-were-ready-when-the-underlying-file-is-ready.diff
(patch from upstream to speed up migration dramatically)
(closes: #597517) (LP: #524447)
[ Serge Hallyn ]
* debian/control: make qemu-common replace qemu (<< 0.12.3+noroms-0ubuntu9.17)
(LP: #592010)
-- Serge Hallyn <email address hidden> Mon, 13 Feb 2012 11:24:18 -0600
-
qemu-kvm (0.12.3+noroms-0ubuntu9.17) lucid-security; urgency=low
* SECURITY UPDATE: fix heap overflow in e1000 driver with crafted legacy
mode packets
- debian/patches/CVE-2012-0029.patch: check for overflow whenever issuing
PCI dma reads
- CVE-2012-0029
-- Jamie Strandboge <email address hidden> Tue, 17 Jan 2012 13:43:45 -0600
-
qemu-kvm (0.12.3+noroms-0ubuntu9.16) lucid-proposed; urgency=low
* debian/patches/e1000-Dont-set-the-Capabilities-List-bit.patch: Do not set
the Capabilities Pointer to NULL for e1000 ethernet adapter, allows Windows'
PCI/PCI Express Compliance Test to pass. Patch cherry picked from upstream
trunk commit, courtesy of Dann Frazier. (LP: #857746)
-- Serge Hallyn <email address hidden> Tue, 27 Sep 2011 22:35:24 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.15) lucid-security; urgency=low
* SECURITY UPDATE: fix potential privilege escalation via improper group
handling
- debian/patches/CVE-2011-2527.patch: call initgroups() to drop
supplementary group privileges
- CVE-2011-2527
-- Jamie Strandboge <email address hidden> Tue, 26 Jul 2011 08:54:11 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.14) lucid-proposed; urgency=low
* Add usb-linux-increase-buffer-for-usb-ctrl-req.patch from upstream to
increase the usb control buffer. (LP: #790145)
* debian/patches/QEMUFileBuffered-speedup.patch: Add patch from upstream
to fix slow save (LP: #524447)
-- Serge Hallyn <email address hidden> Fri, 22 Jul 2011 10:29:34 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.13) lucid-proposed; urgency=low
* Add usb-linux-increase-buffer-for-usb-ctrl-req.patch from upstream to
increase the usb control buffer. (LP: #790145)
-- Serge Hallyn <email address hidden> Thu, 07 Jul 2011 09:23:32 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.12) lucid-security; urgency=low
* SECURITY UPDATE: fix to validate virtqueue in and out requests from the
guests
- debian/patches/CVE-2011-2212-virtqueue-indirect-overflow.patch: update
hw/virtio.c to verify the length of indirect descriptors in
virtqueue_pop() and virtqueue_avail_bytes()
- CVE-2011-2212
* SECURITY UPDATE: validate virtio_queue_notify() is non-negative
- debian/patches/CVE-2011-2512-negative-vq-notifies.diff: update
to move comparison out to syborg_virtio_writel(), virtio_ioport_write()
and virtio_queue_notify_vq() and don't call common virtio code if
virtqueue number is invalid. Patch from Debian.
- CVE-2011-2512
-- Jamie Strandboge <email address hidden> Tue, 05 Jul 2011 15:16:04 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.10) lucid-proposed; urgency=low
* Add usb-linux-increase-buffer-for-usb-ctrl-req.patch from upstream to
increase the usb control buffer. (LP: #790145)
-- Serge Hallyn <email address hidden> Mon, 20 Jun 2011 13:20:29 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.9) lucid-security; urgency=low
* SECURITY UPDATE: fix heap buffer overflow from unaligned requests
- virtio-blk-fail-unaligned-access-CVE-2011-1750-52c050236e.diff:
patch from Debian
- CVE-2011-1750
* SECURITY UPDATE: verify no_hotplug attribute when handling hot-unplug
requests
- CVE-2011-1751-prep-pci-cleanly-backout-of-pci_qdev_init-925fe64ae7.diff:
Moving common code to a separate function and using it from another
place to fix a memory leak. Backported by Debian
- CVE-2011-1751-prep-hotplug-0-acpi_piix4-qdevfy-e8ec0571e1.diff: This
qdevifies acpi_piix4 device. Backported by Debian
- CVE-2011-1751-prep-hotplug-1-pci-allow-devices-being-tagged-as-not-hotpluggable-180c22e18b.diff:
Introduce a "no_hotplug" attribute and check it in common places
to ensure such devices wont be hot-(un)plugged. This needs the
pci-cleanly-backout-of-pci_qdev_init patch mentioned above. Backported
by Debian
- CVE-2011-1751-prep-hotplug-2-piix-tag-as-not-hotpluggable-0965f12da6.diff:
Backported by Debian
- CVE-2011-1751-prep-hotplug-3-vga-tag-as-not-hotplugable-be92bbf73d.diff:
Mark certain devices as non-hotpluggable. Backported by Debian
- CVE-2011-1751-hotplug-4-ignore-pci-hotplug-requests-for-unpluggable-devices.diff:
Verifies the no_hotplug attribute when handling hot-unplug request from
guest. Backported by Debian
-- Jamie Strandboge <email address hidden> Sun, 29 May 2011 08:35:24 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.8) lucid-proposed; urgency=low
* Add usb-linux-increase-buffer-for-usb-ctrl-req.patch from upstream to
increase the usb control buffer. (LP: #790145)
-- Serge Hallyn <email address hidden> Thu, 02 Jun 2011 08:33:48 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.7) lucid-proposed; urgency=low
* Apply three patches from upstream to make '-boot n' work with network card
defined with -device parameters. (LP: #786941)
- net-remove-NICInfo.bootable-field.patch
- net-remove-broken-net_set_boot_mask.patch
- boot-remove-unused-boot_devices_bitmap.patch
-- Serge Hallyn <email address hidden> Mon, 23 May 2011 11:15:02 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.6) lucid-proposed; urgency=low
* Pull in changes to vl.c from upstream to fix 'boot once=x'.
(LP: #719448)
-- Serge Hallyn <email address hidden> Mon, 02 May 2011 14:37:40 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.5) lucid-proposed; urgency=low
* debian/patches/block-fix-sector-comparison.patch: Fix virtio disk
corruption with large (>1Tb) volumes (LP: #574665)
-- Serge Hallyn <email address hidden> Fri, 28 Jan 2011 13:17:30 -0600
-
qemu-kvm (0.12.3+noroms-0ubuntu9.4) lucid-security; urgency=low
* SECURITY UPDATE: Setting VNC password to empty string silently
disables all authentication (LP: #697197)
- debian/patches/697197-fix-vnc-password-semantics.patch: Reverses the
change introduced in Qemu by git commit 52c18be9, thanks to Neil Wilson.
- CVE-2011-0011
-- Dustin Kirkland <email address hidden> Fri, 11 Feb 2011 09:57:30 -0600
-
qemu-kvm (0.12.3+noroms-0ubuntu9.3) lucid-proposed; urgency=low
* Fix segfault when using scsi with writeback (LP: #595438)
-- Serge Hallyn <email address hidden> Wed, 28 Jul 2010 09:56:56 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.2) lucid-proposed; urgency=low
* Previous patch did not fix memleak for everyone. Appending another
separate memleak fix patch. This package (tried out in
ppa:serge-hallyn/virt/ubuntu) was confirmed by David Weber to fix
his memory leak. (LP: #588293)
-- Serge Hallyn <email address hidden> Mon, 21 Jun 2010 11:55:23 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9.1) lucid-proposed; urgency=low
* Apply a patch to fix a slow (but huge) memory leak (LP: #588293)
-- Serge Hallyn <email address hidden> Tue, 15 Jun 2010 07:52:46 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9) lucid; urgency=low
* Architecture-specific fixes (LP: #568904)
- debian/rules: configure with --disable-kvm on powerpc to fix FTBFS
- debian/control: Disable arch:any stuff on ia64: no qemu/kvm support anyway
-- Emmet Hikory <email address hidden> Fri, 23 Apr 2010 18:45:55 +0900
-
qemu-kvm (0.12.3+noroms-0ubuntu8) lucid; urgency=low
* debian/qemu-kvm-extras-static.postrm, .postinst: use "invoke-rc.d procps
start" instead of "start procps" to honor policy-rc.d and hence be
chroot-safe.
-- Loic Minier <email address hidden> Tue, 20 Apr 2010 13:12:08 +0200
-
qemu-kvm (0.12.3+noroms-0ubuntu6) lucid; urgency=low
* debian/qemu-kvm.upstart: fix logic that was preventing upstart
job from starting properly, LP: #559896
-- Dustin Kirkland <email address hidden> Sat, 10 Apr 2010 11:06:47 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu5) lucid; urgency=low
* debian/qemu-kvm.default: allow the kernel to determine the default,
comment out the configuration option, but leave it there so as to
be discoverable; seems that 2000 sleep-millisecs renders KSM basically
useless
-- Dustin Kirkland <email address hidden> Fri, 02 Apr 2010 16:35:05 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu4) lucid; urgency=low
* debian/patches/SDL-wrong-behaviour-of-caps-lock.patch:
Qemu does not pass pressed capslock to client, LP: #427612
-- Benjamin Drung <email address hidden> Thu, 01 Apr 2010 00:22:02 +0200
-
qemu-kvm (0.12.3+noroms-0ubuntu3) lucid; urgency=low
* debian/qemu-kvm.default, debian/qemu-kvm.upstart:
raise the default sleep between kernel same-page merging
(KSM) from 20 milliseconds to 2000 milliseconds, LP: #550985
-- Dustin Kirkland <email address hidden> Mon, 29 Mar 2010 11:35:44 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu2) lucid; urgency=low
* debian/control: ensure that qemu-common replaces qemu-kvm, since
it has the common keymaps and other functionality, LP: #545741
-- Dustin Kirkland <email address hidden> Wed, 24 Mar 2010 10:13:01 -0700
-
qemu-kvm (0.12.3+noroms-0ubuntu1) lucid; urgency=low
* Re-roll the orig tarball, after having manually deleted the included
binary-only bios rom blobs who source was not also included in the
package, LP: #541524; the following files were removed:
- pc-bios/bios.bin
- pc-bios/linuxboot.bin
- pc-bios/multiboot.bin
- pc-bios/openbios-ppc
- pc-bios/openbios-sparc
- pc-bios/openbios-sparc32
- pc-bios/openbios-sparc64
- pc-bios/ppc_rom.bin
- pc-bios/pxe-e1000.bin
- pc-bios/pxe-i82559er.bin
- pc-bios/pxe-ne2k_pci.bin
- pc-bios/pxe-pcnet.bin
- pc-bios/pxe-rtl8139.bin
- pc-bios/pxe-virtio.bin
- pc-bios/vapic.bin
- pc-bios/vgabios.bin
- pc-bios/vgabios-cirrus.bin
- pc-bios/video.x
* debian/control:
- qemu-common goes back to depending on vgabios and seabios
- suggest mol-drivers-macosx, which is in multiverse, and provides
video.x (when that package actually builds)
- suggest openbios-sparc, which is in universe, and provides the
powerpc/sparc openbios roms (when that package actually builds)
* debian/links:
- put links in place for the external seabios and vgabios blobs
* debian/patches/larger_default_ram_size.patch: increase the default
mem size for virtual machines from the mostly unusable 128M to 384M,
which most modern distros require
-- Dustin Kirkland <email address hidden> Mon, 22 Mar 2010 18:14:30 -0700
-
qemu-kvm (0.12.3-0ubuntu17) lucid; urgency=low
* qemu-debootstrap: test for basename part of $0 to enable build-arm-chroot
compat mode.
* New patch, arm-higher-initrd-load-addr, set INITRD_LOAD_ADDR to 0x00d00000
instead of 0x00800000 as to leave enough room for our piggish vmlinuz +
its decompressed counterpart; should fix initramfs and initrd support;
thanks Jason Andrews; LP: #524893.
-- Loic Minier <email address hidden> Sat, 20 Mar 2010 10:30:21 +0100
-
qemu-kvm (0.12.3-0ubuntu16) lucid; urgency=low
* debian/rules: need to dh_link in binary-indep to create the ifup/ifdown
links, LP: #540218
-- Dustin Kirkland <email address hidden> Wed, 17 Mar 2010 14:23:55 -0500
-
qemu-kvm (0.12.3-0ubuntu15) lucid; urgency=low
* debian/patches/block_avoid_creating_too_large_iovecs_in_multiwrite_merge.patch:
- block: avoid creating too large iovecs in multiwrite_merge,
fixes LP: #511620, cherry pick from upstream git
-- Dustin Kirkland <email address hidden> Fri, 12 Mar 2010 13:30:30 -0600
-
qemu-kvm (0.12.3-0ubuntu14) lucid; urgency=low
* debian/rules: ensure that the upstart job starts on package install,
LP: #537682
-- Dustin Kirkland <email address hidden> Thu, 11 Mar 2010 19:20:54 -0600
-
qemu-kvm (0.12.3-0ubuntu13) lucid; urgency=low
* Rename the default debhelper files to qemu-kvm.*, makes the namespace
a little more managable as we split this source package up into better
logical binary packages
- debian/postinst -> debian/qemu-kvm.postinst
- debian/doc -> debian/qemu-common.doc
- debian/links -> debian/qemu-kvm.links
- debian/install -> debian/qemu-kvm.install
- debian/upstart -> debian/qemu-kvm.upstart
* debian/qemu-common.install, debian/qemu-common.links, debian/control:
- new binary package that contains the architecture independent and
common files (bios roms, keymaps, documentation, and scripts)
* debian/rules:
- populate the binary-indep action to handle the qemu-common package
- manually prune the keymaps from qemu-kvm, since qemu-common contains
these now
* debian/kvm-ok, debian/control: move the kvm-ok script over to the
cpu-checker package, and recommend this package, LP: #429443
-- Dustin Kirkland <email address hidden> Mon, 08 Mar 2010 17:18:13 -0600
-
qemu-kvm (0.12.3-0ubuntu12) lucid; urgency=low
* debian/install: install the two necessary ppc bios files, LP: #60478;
note that these should eventually move to a qemu-common package
-- Dustin Kirkland <email address hidden> Mon, 08 Mar 2010 15:08:17 -0600
-
qemu-kvm (0.12.3-0ubuntu11) lucid; urgency=low
* debian/control: build depend on libaio-dev, to enable a nice performance
improvement when running preallocated raw disks or block device backing
disks, LP: #534273
-- Dustin Kirkland <email address hidden> Mon, 08 Mar 2010 12:10:36 -0600
-
qemu-kvm (0.12.3-0ubuntu10) lucid; urgency=low
* Drop build-arm-chroot and add new qemu-debootstrap script as an
arch-neutral replacement; ship a build-arm-chroot -> qemu-debootstrap
symlink; qemu-debootstrap works as build-arm-chroot used to when called as
"build-arm-chroot" but will print a deprecation warning.
-- Loic Minier <email address hidden> Sun, 07 Mar 2010 16:39:47 +0100
-
qemu-kvm (0.12.3-0ubuntu9) lucid; urgency=low
* debian/postinst: slightly cleaner handling of old conffile cleanup
-- Dustin Kirkland <email address hidden> Sat, 06 Mar 2010 17:21:19 -0600
-
qemu-kvm (0.12.3-0ubuntu8) lucid; urgency=low
* debian/postinst: test file's existence before removing, and use a bigger
hammer, LP: #533249
-- Dustin Kirkland <email address hidden> Sat, 06 Mar 2010 11:35:17 -0600
-
qemu-kvm (0.12.3-0ubuntu7) lucid; urgency=low
* debian/postinst: only prune dirs if empty
-- Dustin Kirkland <email address hidden> Sat, 06 Mar 2010 00:11:07 -0600
-
qemu-kvm (0.12.3-0ubuntu6) lucid; urgency=low
[ Dustin Kirkland ]
* debian/postinst: clean up jaunty-era conffiles on upgrade, LP: #455411
* debian/links, debian/qemu-kvm-extras.links: install non-x86 arch
manpages in the qemu-kvm-extras package, LP: #478552
[ Brian Thomason ]
* debian/patches/better_describe_-net_options.patch: improve port
forwarding documentation, LP: #474969, LP: #453617
-- Dustin Kirkland <email address hidden> Fri, 05 Mar 2010 18:39:19 -0600
-
qemu-kvm (0.12.3-0ubuntu5) lucid; urgency=low
* debian/install, debian/control: use the bios bin's shipped with
qemu-kvm, rather than those provided by vgabios and seabios (for now);
we're seeing issues building and using the versions of vgabios and
seabios in the archive; the ones shipped with qemu-kvm are those
"recommended" and known to work by upstream; when we converge on a
new package with debian for lucid+1, we should revisit this.
LP: #513273
-- Dustin Kirkland <email address hidden> Thu, 04 Mar 2010 16:53:17 -0600
-
qemu-kvm (0.12.3-0ubuntu4) lucid; urgency=low
* debian/links: fix broken manpage symlink, LP: #472969
-- Dustin Kirkland <email address hidden> Mon, 01 Mar 2010 18:49:23 -0600
-
qemu-kvm (0.12.3-0ubuntu3) lucid; urgency=low
* debian/rules: prefer pa over alsa by default (reverting one of Loic's
changes below, and creating a minor diff with Debian--we should
perhaps try to convince them to default to pulseaudio?)
-- Dustin Kirkland <email address hidden> Mon, 01 Mar 2010 16:59:39 -0600
-
qemu-kvm (0.12.3-0ubuntu2) lucid; urgency=low
* New patch, arm-host-fix-compiler-warning, drops __arm__ specific code
which was probably FPA specific (certainly not ARM/VFP) and was dropped
upstream in bc4347b883e8175dadef77ed9e02ccaa5e8eba94; helps build on
armel.
* Configure builds with --disable-strip to get useful -dbgsym packages.
* Also configure the static build with --disable-blobs and
--audio-drv-list=.
* Configure builds with --interp-prefix=/etc/qemu-binfmt/%M as to allow
overriding shared libs etc. with files over there; this matches Debian's
config.
* Match Debian's audio-drv-list to only build ALSA on linux.
* Also filter-out config-host.mak when copying files to the static build dir
to avoid a race if the build is interrupted before the static configure
has run.
* After careful examination, drop TARGET_SYSTEM_TCG and TARGET_LINUX_TCG;
the upstream configure turns all these on by default plus one recently
added architecture (microblaze) which proves that this list can't be kept
up-to-date. Also drop ia64 specific settings -- the ia64 build doesn't
pass in Ubuntu ATM anyway, and Debian doesn't special ia64, so it can only
help, right? Do however pass --target-list="" for now as the current
upstream configure sets x86_64-softmmu as the default.
* Also drop TARGET_STATIC_TCG and pass --disable-system; this will turn off
all softmmu targets and do the right thing; while this will increase the
size of the binary package, this will also permit development towards
other targets such as powerpc, or running x86 binaries from ARM. Also
pass --target-list="".
* Drop unused QEMU_EXE and BUILD_CPU vars.
* Add more binfmts, copied from the Debian qemu package but modified to
point at the qemu-kvm-extras-static package instead of qemu-user-static
and to set "credentials yes"; also dropped spurious trailing newlines on
some of them. Copy the logic to set BINFMT_TARGETS from the Debian
package as well.
* Create qemu-kvm-extras dirs via debian/*.dirs instead of mkdir.
* Depend on $(QUILT_STAMPFN) instead of patch to avoid rebuilding everything
every time.
-- Loic Minier <email address hidden> Sat, 27 Feb 2010 11:59:10 +0100
-
qemu-kvm (0.12.3-0ubuntu1) lucid; urgency=low
* Merge upstream stable release (bug fixes only)
-- Dustin Kirkland <email address hidden> Fri, 26 Feb 2010 16:26:00 -0600
-
qemu-kvm (0.12.2-0ubuntu8) lucid; urgency=low
* debian/binfmts/qemu-arm: add "credentials yes" to allow running setuid
binaries in their security context with qemu-arm-static as the binary
interpreter, for instance sudo; bump binfmt-support dep to >= 1.2.17.
-- Loic Minier <email address hidden> Fri, 19 Feb 2010 15:18:52 +0100
-
qemu-kvm (0.12.2-0ubuntu7) lucid; urgency=low
* Replace patch Don-t-bark-for-syscalls-missing-in-linux-too with patch
This-patch-adds-support-for-the-pselect-syscall-in-l from the upstream
mailing-list from Michael Casadevall and acked by Riku Voipio to add
pselect6() syscall; LP: #520480.
-- Loic Minier <email address hidden> Thu, 18 Feb 2010 14:08:33 +0100
-
qemu-kvm (0.12.2-0ubuntu6) lucid; urgency=low
* debian/upstart: complete the enable/disable KSM support
-- Dustin Kirkland <email address hidden> Sat, 06 Feb 2010 10:23:00 -0800
-
qemu-kvm (0.12.2-0ubuntu5) lucid; urgency=low
* debian/default/qemu-kvm, debian/upstart:
- provide a mechanism for disabling KSM conveniently
- improve the logic in the upstart scripts
-- Dustin Kirkland <email address hidden> Sat, 06 Feb 2010 09:46:25 -0800
-
qemu-kvm (0.12.2-0ubuntu4) lucid; urgency=low
* debian/qemu-kvm-extras-static.prerm: also update-binfmt --remove on
upgrade as I believe was originally intended by registering the format in
postinst/configure.
* Readd debian/qemu-arm-static.postinst to also update-binfmt --remove the
old format since old binary packages wont do that properly; also do this
in debian/qemu-kvm-extras-static.postinst for people who already removed
debian/qemu-arm-static.
-- Loic Minier <email address hidden> Sat, 06 Feb 2010 10:19:46 +0100
-
qemu-kvm (0.12.2-0ubuntu3) lucid; urgency=low
* debian/init, debian/upstart:
- migrate sysvinit script to upstart
- enable ksm by default in Ubuntu
* debian/control: depend on seabios now that it's in main, LP: #508870
-- Dustin Kirkland <email address hidden> Fri, 05 Feb 2010 23:12:29 -0800
-
qemu-kvm (0.12.2-0ubuntu2) lucid; urgency=low
* Rename package qemu-arm-static to qemu-kvm-extras-static for consistency
and to avoid hardcoding the arch name in the package. Add a transitional
package. Move conffile in new package preinst and use the occasion to
prefix it with "30-", according to /etc/sysctl.d/README.
* Rename arm binfmt to qemu-arm.
* Use start procps upstart task to reapply all /etc/sysctl.d in
postinst/configure but also in postrm/purge; unfortunately, the settings
will remain applied as long as the package is in the removed state; see
LP #515706.
* Add ${misc:Depends} and tweak descriptions of transitional packages to
keep lintian happy.
-- Loic Minier <email address hidden> Mon, 01 Feb 2010 20:48:05 +0100
-
qemu-kvm (0.12.2-0ubuntu1) lucid; urgency=low
* Merge upstream release
-- Dustin Kirkland <email address hidden> Thu, 21 Jan 2010 16:22:13 +1300
-
qemu-kvm (0.12.1.2-0ubuntu2) lucid; urgency=low
* debian/links: drop the seabios link (temporarily) until it gets
promoted to main
-- Dustin Kirkland <email address hidden> Thu, 21 Jan 2010 10:48:03 +1300
-
qemu-kvm (0.12.1.2-0ubuntu1) lucid; urgency=low
* Merge from upstream
- debian/rules:
+ drop bios hacks, as we now depend on vgabios
+ align our configure line more closely with fedora, preferring pa
for audio (let's give this another try, might need to revert by
Lucid Beta), and accepting the project defaults for audio hw
- debian/control: depend on vgabios, LP: #181876
- debian/patches/*: drop patches now included upstream
+ 02_extboot_build_fixes.patch
+ 05_improve-qemu-img-errors.patch
+ 06_set_sdl_title.patch
+ 07_right_ctrl_grab.patch
+ 08_fix_qemu-ifup.patch
+ 09_qemu-fix-qcow2-backing-file-with-virtio.patch
+ 10_fix_scsi_hotplug.patch
+ 11_fix_virtio-blk_hot_add_after_remove.patch
+ 12_whitelist_host_virtio_networking_features.patch
+ 60_armv4l-typo.patch
- debian/patches/*: apply two patches from Loic Minier, both submitted
and acked by upstream (should be dropped in a future merge)
+ 0001-linux-user-adapt-uname-machine-to-emulated-CPU.patch
+ 0001-Fix-missing-symbols-in-.rela.plt-sections.patch
- debian/install, debian/links: install the necessary bios roms;
when seabios gets promoted to main, we should depend on it, and use
its bios.bin instead of this one
-- Dustin Kirkland <email address hidden> Wed, 20 Jan 2010 17:54:24 +1300
-
qemu-kvm (0.11.0-0ubuntu6.3) karmic-security; urgency=low
* SECURITY UPDATE: linux <= 2.6.25 guests (e.g. hardy) with virtio
networking are subject to DoS by qemu-kvm application crash;
the crash can be remotely triggered by a malicious user flooding any
open network port (LP: #458521)
- debian/patches/12_whitelist_host_virtio_networking_features.patch:
fix accounting of virtio networking features available to make
available to the guests
- CVE-2009-XXXX
* debian/kvm-ok: check for other common reasons why KVM might not be
usable, LP: #452323
* debian/control: build-depend on libcurl devel, to allow booting from
ISOs over http, LP: #453441
-- Dustin Kirkland <email address hidden> Thu, 29 Oct 2009 11:36:18 -0500
-
qemu-kvm (0.11.0-0ubuntu6) karmic; urgency=low
* debian/control: Version the conflicts/replaces with qemu and kvm so that
the transitional packages are actually installable (LP: #455114)
-- Thierry Carrez <email address hidden> Mon, 19 Oct 2009 11:32:12 +0200
