Change logs for qemu-kvm source package in Oneiric

qemu-kvm (0.14.1+noroms-0ubuntu6.6) oneiric-security; urgency=low

  * SECURITY UPDATE: guest denial of service and possible code execution
    via e1000 large packets
    - debian/patches/CVE-2012-6075.patch: properly discard oversize packets
      in hw/e1000.c.
    - CVE-2012-6075
 -- Marc Deslauriers <email address hidden>   Tue, 15 Jan 2013 09:28:46 -0500

qemu-kvm (0.14.1+noroms-0ubuntu6.5) oneiric-security; urgency=low

  * SECURITY UPDATE: privilege escalation via VT100 sequences
    - debian/patches/CVE-2012-3515.patch: check bounds in console.c.
    - CVE-2012-3515
 -- Marc Deslauriers <email address hidden>   Tue, 25 Sep 2012 10:11:19 -0400

qemu-kvm (0.14.1+noroms-0ubuntu6.4) oneiric-security; urgency=low

  * SECURITY UPDATE: file overwrite via incorrect temp file checking
    - debian/patches/CVE-2012-2652.patch: properly check length and
      failures in block.c, block_int.h, block/vvfat.c.
    - CVE-2012-2652
  * This update not _not_ contain the changes from 0.14.1+noroms-0ubuntu6.3
    that was in oneiric-proposed.
 -- Marc Deslauriers <email address hidden>   Tue, 31 Jul 2012 10:27:20 -0400

qemu-kvm (0.14.1+noroms-0ubuntu6.3) oneiric-proposed; urgency=low

  * debian/patches/fix-vmware-vga-negative-vals - if x or y < 0, set them to 0
    (and decrement width/height accordingly)  (LP: #918791)
 -- Serge Hallyn <email address hidden>   Thu, 15 Mar 2012 21:18:48 -0500

qemu-kvm (0.14.1+noroms-0ubuntu6.2) oneiric-security; urgency=low

  * SECURITY UPDATE: fix heap overflow in e1000 driver with crafted legacy
    mode packets
    - debian/patches/CVE-2012-0029.patch: check for overflow whenever issuing
      PCI dma reads
    - CVE-2012-0029
 -- Jamie Strandboge <email address hidden>   Wed, 18 Jan 2012 09:56:15 -0600

qemu-kvm (0.14.1+noroms-0ubuntu6.1) oneiric-proposed; urgency=low

  * debian/qemu-ifdown: don't use full paths for sbin/ifconfig, especially
    as those paths are wrong.  (LP: #898234)
  * debian/patches/dont-try-to-hotplug-cpu.patch: trying to hotplug a cpu
    crashes qemu.  So just don't do it!  (LP: #878422)
 -- Serge Hallyn <email address hidden>   Tue, 06 Dec 2011 14:57:13 -0600

qemu-kvm (0.14.1+noroms-0ubuntu6) oneiric; urgency=low

  * debian/patches/e1000-Dont-set-the-Capabilities-List-bit.patch: Do not set
    the Capabilities Pointer to NULL for e1000 ethernet adapter, allows Windows'
    PCI/PCI Express Compliance Test to pass. Patch cherry picked from upstream
    trunk commit, courtesy of Dann Frazier. (LP: #857746)
 -- Dave Walker (Daviey) <email address hidden>   Mon, 26 Sep 2011 09:36:22 +0100

qemu-kvm (0.14.1+noroms-0ubuntu5) oneiric; urgency=low

  * debian/patches/vpc.patch: detect vpc files which are too big
    (LP: #814222)
 -- Serge Hallyn <email address hidden>   Mon, 12 Sep 2011 11:28:36 -0500

qemu-kvm (0.14.1+noroms-0ubuntu4) oneiric; urgency=low

  * Add a line to the extended package description pointing to ipxe for
    network installs (LP: #819486)
  * Change the qemu-common Suggests from kvm-pxe to ipxe, as ipxe is newer
    and is in main.
 -- Serge Hallyn <email address hidden>   Mon, 12 Sep 2011 10:16:55 -0500

qemu-kvm (0.14.1+noroms-0ubuntu3) oneiric; urgency=low

  * debian/patches/etc-qemuifscripts-fix-paths.patch: don't hardcode a path
    to brctl in qemu-ifup.  (LP: #833475)
  * debian/control: move Depends: on bridge-utils from qemu-kvm to
    qemu-common.  (LP: #835355)
  * debian/patches/debian/patches/fix-pa-configure.patch: fix FTBFS.  Fix
    comes from upstream and will be in 0.15 when merged.  (LP: #829492)
 -- Serge Hallyn <email address hidden>   Mon, 29 Aug 2011 12:23:12 -0500

qemu-kvm (0.14.1+noroms-0ubuntu2) oneiric; urgency=low

  * debian/{control,rules}: build with PIE.
 -- Kees Cook <email address hidden>   Wed, 10 Aug 2011 12:04:15 -0700

qemu-kvm (0.14.1+noroms-0ubuntu1) oneiric; urgency=low

  * New upstream release
  * Removed patch applied upstream: debian/patches/CVE-2011-1750.diff
 -- Serge Hallyn <email address hidden>   Tue, 26 Jul 2011 23:06:23 -0500

qemu-kvm (0.14.0+noroms-0ubuntu9) oneiric; urgency=low

  * SECURITY UPDATE: fix potential privilege escalation via improper group
    handling
    - debian/patches/CVE-2011-2527.patch: call initgroups() to drop
      supplementary group privileges
    - CVE-2011-2527
 -- Jamie Strandboge <email address hidden>   Tue, 26 Jul 2011 07:51:28 -0500

qemu-kvm (0.14.0+noroms-0ubuntu8) oneiric; urgency=low

  * SECURITY UPDATE: fix to validate virtqueue in and out requests from the
    guests
    - debian/patches/CVE-2011-2212-virtqueue-indirect-overflow.patch: update
      hw/virtio.c to verify the length of indirect descriptors in
      virtqueue_pop() and virtqueue_avail_bytes()
    - CVE-2011-2212
    - LP: #806167
  * SECURITY UPDATE: validate virtio_queue_notify() is non-negative
    - virtio-guard-against-negative-vq-notifies-CVE-2011-2512.diff: update
      to move comparison out to syborg_virtio_writel(), virtio_ioport_write()
      and virtio_queue_notify_vq() and don't call common virtio code if
      virtqueue number is invalid. Patch from Debian.
    - CVE-2011-2512
    - LP: #806166
 -- Jamie Strandboge <email address hidden>   Tue, 05 Jul 2011 13:24:52 -0500

qemu-kvm (0.14.0+noroms-0ubuntu7) oneiric; urgency=low

  * SECURITY UPDATE: fix heap buffer overflow from unaligned requests
    - CVE-2011-1750
  * SECURITY UPDATE: verify no_hotplug attribute when handling hot-unplug
    requests
    - CVE-2011-1751
 -- Jamie Strandboge <email address hidden>   Sun, 29 May 2011 09:22:55 -0500

qemu-kvm (0.14.0+noroms-0ubuntu6) oneiric; urgency=low

  * We need a versioned depend on vgabios to ensure the files we link to
    exist.  (LP: #783864)
 -- Serge Hallyn <email address hidden>   Tue, 24 May 2011 10:09:01 -0500

qemu-kvm (0.14.0+noroms-0ubuntu5) oneiric; urgency=low

  * Add libattr1-dev to build-depends to enable use of 9p virtfs  (LP: #782973)
 -- Serge Hallyn <email address hidden>   Mon, 16 May 2011 09:53:15 -0500

qemu-kvm (0.14.0+noroms-0ubuntu4) natty; urgency=low

  *LP: #719174
   Typo corrected
 -- Bhaveek Desai <email address hidden>   Fri, 18 Mar 2011 21:06:54 +0530