Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle.
### New Debian Changes ###
qemu (1:6.1+dfsg-6) unstable; urgency=medium
* virtio-net-fix-use-after-unmap-free-for-sg-CVE-2021-3748.patch
Closes: #993401, CVE-2021-3748: use-after-free in virtio_net_receive_rcu
* ati_2d-fix-buffer-overflow-in-ati_2d_blt-CVE-2021-3638.patch
Closes: #992726, CVE-2021-3638:
inconsistent check in ati_2d_blt() may lead to out-of-bounds write
* refresh uas-add-stream-number-sanity-checks-CVE-2021-3713{.diff=>.patch}
from upstream
* hmp-unbreak-change-vnc.patch from upstream
to fix 'change vnc passwd' command
* updated debian/patches/linux-user-binfmt-P.diff
to work with in-kernel code
Closes: #993658
* d/rules: do not mark configure target as .PHONY
since it is a real file
* qemu-sockets-fix-unix-socket-path-copy-again.patch
replacing socket-unix-maxlen.patch
Closes: #993145
* enable more devices for the microvm build:
virtio-gpu & vhost-user-gpu
virtio-input-host & vhost_user_input
* move vhost-user-gpu files from qemu-system-common to qemu-system-gui
this elminates X11 dependencies from non-gui qemu-system install
* build and install vof.bin firmware
* rearrange d/rules a bit to make different qemu builds
to be consistent with sysdata-components
* move ppc dtb firmware files from qemu-system-ppc to qemu-system-data
* device-tree-compiler is now needed in build-indep-depends,
not in build-depends
* d/rules: use CROSSPFX variables
* ubuntu only:
- Revert commit from the previous release which restores
relation between qemu-system-xen and qemu-system-gui
since -xen is not compatible with -gui modules
- qemu-system-xen does not suggest qemu-block-extra (incompatible too)
- qemu-system-s390x recommends qemu-block-extra not suggests it
-- Michael Tokarev <email address hidden> Tue, 31 Aug 2021 22:27:25 +0300
qemu (1:6.1+dfsg-3) unstable; urgency=medium
* fix brown-paper bag in last upload (--enable-libudev)
* ubuntu only: restore relations (depends/recommends)
between qemu-system-gui and qemu-system-xen since -xen
replaces full qemu-system-x86 and acts the same way
-- Michael Tokarev <email address hidden> Tue, 31 Aug 2021 02:50:52 +0300
qemu (1:6.1+dfsg-2) unstable; urgency=medium
* rearrange d/rules to be able to configure/build/install
various different kinds of qemu builds (main/microvm/xen/static)
separately, by splitting targets of d/rules into subtargets
* enable many virtio devices for microvm build (Closes: #992029)
* disable libudev and fuse for microvm build
* rearrange options for microvm build in d/rules
* tidy newly added assert in unix-domain socket handling code
to account for extra /0 terminator for socket pathname,
socket-unix-maxlen.patch (Closes: #993145)
* upstream qemu added ignoring of *.patch to .gitignore,
unignore them in d/.gitignore
* re-add 4 patches which were lost from git
during preparation for 6.1
(not affecting the source package)
* uas-add-stream-number-sanity-checks-CVE-2021-3713.diff
Closes: #992727, CVE-2021-3713
* Mention (some) bugs closed by 6.1 upstream
* Mention closing of #947349
-- Michael Tokarev <email address hidden> Tue, 31 Aug 2021 02:01:51 +0300
qemu (1:6.1+dfsg-1) unstable; urgency=medium
* new upstream release (6.1.0)
Closes: CVE-2021-3607 (pvrdma: ensure correct input on ring init)
Closes: CVE-2021-3608 (pvrdma: unmap initialized dma address)
Closes: #989042, CVE-2021-3544 (vhost-user-gpu resource leaks)
Closes: #989042, CVE-2021-3545 (vhost-user-gpu memory disclosure)
Closes: #989042, CVE-2021-3546 (vhost-user-gpu OOBwr virgl_cmd_get_capset)
Closes: #991911, CVE-2021-3682 (pvrdma: possible mremap overflow)
* refresh patches, remove patches which were applied upstream
* remove newly appeared pc-bios/vof.bin in dfsg-clean
* add python3-sphinx-rtd-theme to build-depends
* removed qemu-system-moxie arch
* actually build many qemu modules as modules, and install
them in qemu-system-common.
* make strong versioned dependency between various qemu-system-*
packages, so that modules works correctly.
* drop very old versions from Build-Depends, Depends and Recommends
* Merge with Debian experimental, remaining changes:
- qemu-kvm to systemd unit
- d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
hugepages and architecture specifics
- d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-init
- d/qemu-system-common.install: install helper script
- d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm
- d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
- Distribution specific machine type
(LP: 1304107 1621042 1776189 1761372 1761372 1776189)
- d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
types containing release versioned machine attributes
- d/qemu-system-x86.NEWS Info on fixed machine type defintions
for host-phys-bits=true
- Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
- ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
- Enable nesting by default
- d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
in qemu64 on amd
[ No more strictly needed, but required for backward compatibility ]
- improved dependencies
- Make qemu-system-common depend on qemu-block-extra
- Make qemu-utils depend on qemu-block-extra
- tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
- d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
reference 256k path
- d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
handle incoming migrations from former releases.
- d/qemu-system-x86.README.Debian: add info about updated nesting changes
- d/control*, d/rules: disable xen by default, but provide universe
package qemu-system-x86-xen as alternative
[includes compat links changes of 5.0-5ubuntu4]
- d/p/ubuntu/enable-svm-by-default.patch: update to match v6.0
- d/p/ubuntu/define-ubuntu-machine-types.patch: add ubuntu machine types
for v6.0
- d/p/ubuntu/lp-1929926-*: avoid segfaults by uretprobes (LP 1929926)
- Ease the use of module retention on upgrades (LP 1913421)
- debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
* Dropped Changes [in 1:6.0+dfsg-2exp]:
- d/control-in: Disable capstone disassembler library support (universe)
- Disable fuse export (universe dependency)
- Ease the use of module retention on upgrades (LP 1913421)
- d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
- d/rules: only save modules if /run/qemu isn't noexec
- d/rules: clear all (current and former) modules on purge
- d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
upgrade issues (LP 1932264)
- Enable SDL as secondary UI backend (LP 1256185)
- d/control: add build dependency libsdl2-dev
- d/control: enable sdl graphics on build
- d/qemu-system-gui.install: add ui-sdl.so
- d/control: add runtime dependency to libgl1
* Dropped Changes [no more needed]
- let qemu-utils recommend sharutils
* Added changes:
- d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
-fcf-protection being unavailble on -march=i486 (LP: #1940029)
- d/p/u/lp-1932175-s390x-cpumodel-add-3931-and-3932.patch: add new 3931
and 3932 machines (LP: #1932175)
- d/p/u/lp-1940288-audio-Never-send-migration-section.patch: fix
migration with audio devices present (LP: #1940288)
-- Christian Ehrhardt <email address hidden> Thu, 12 Aug 2021 15:35:12 +0200
Scheduled-For: 23.01 2expubuntu1
Upstream: tbd
Debian: 1:6.1+dfsg-6
Ubuntu: 1:6.0+dfsg-
Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle.
### New Debian Changes ###
qemu (1:6.1+dfsg-6) unstable; urgency=medium
* virtio- net-fix- use-after- unmap-free- for-sg- CVE-2021- 3748.patch net_receive_ rcu fix-buffer- overflow- in-ati_ 2d_blt- CVE-2021- 3638.patch stream- number- sanity- checks- CVE-2021- 3713{.diff= >.patch} change- vnc.patch from upstream
Closes: #993401, CVE-2021-3748: use-after-free in virtio_
* ati_2d-
Closes: #992726, CVE-2021-3638:
inconsistent check in ati_2d_blt() may lead to out-of-bounds write
* refresh uas-add-
from upstream
* hmp-unbreak-
to fix 'change vnc passwd' command
-- Michael Tokarev <email address hidden> Wed, 29 Sep 2021 13:41:47 +0300
qemu (1:6.1+dfsg-5) unstable; urgency=medium
* updated debian/ patches/ linux-user- binfmt- P.diff
to work with in-kernel code
Closes: #993658
* d/rules: do not mark configure target as .PHONY
since it is a real file
-- Michael Tokarev <email address hidden> Mon, 06 Sep 2021 01:20:59 +0300
qemu (1:6.1+dfsg-4) unstable; urgency=medium
* qemu-sockets- fix-unix- socket- path-copy- again.patch unix-maxlen. patch input-host & vhost_user_input tree-compiler is now needed in build-indep- depends,
replacing socket-
Closes: #993145
* enable more devices for the microvm build:
virtio-gpu & vhost-user-gpu
virtio-
* move vhost-user-gpu files from qemu-system-common to qemu-system-gui
this elminates X11 dependencies from non-gui qemu-system install
* build and install vof.bin firmware
* rearrange d/rules a bit to make different qemu builds
to be consistent with sysdata-components
* move ppc dtb firmware files from qemu-system-ppc to qemu-system-data
* device-
not in build-depends
* d/rules: use CROSSPFX variables
* ubuntu only:
- Revert commit from the previous release which restores
relation between qemu-system-xen and qemu-system-gui
since -xen is not compatible with -gui modules
- qemu-system-xen does not suggest qemu-block-extra (incompatible too)
- qemu-system-s390x recommends qemu-block-extra not suggests it
-- Michael Tokarev <email address hidden> Tue, 31 Aug 2021 22:27:25 +0300
qemu (1:6.1+dfsg-3) unstable; urgency=medium
* fix brown-paper bag in last upload (--enable-libudev) recommends)
* ubuntu only: restore relations (depends/
between qemu-system-gui and qemu-system-xen since -xen
replaces full qemu-system-x86 and acts the same way
-- Michael Tokarev <email address hidden> Tue, 31 Aug 2021 02:50:52 +0300
qemu (1:6.1+dfsg-2) unstable; urgency=medium
* rearrange d/rules to be able to configure/ build/install xen/static) unix-maxlen. patch (Closes: #993145) stream- number- sanity- checks- CVE-2021- 3713.diff
various different kinds of qemu builds (main/microvm/
separately, by splitting targets of d/rules into subtargets
* enable many virtio devices for microvm build (Closes: #992029)
* disable libudev and fuse for microvm build
* rearrange options for microvm build in d/rules
* tidy newly added assert in unix-domain socket handling code
to account for extra /0 terminator for socket pathname,
socket-
* upstream qemu added ignoring of *.patch to .gitignore,
unignore them in d/.gitignore
* re-add 4 patches which were lost from git
during preparation for 6.1
(not affecting the source package)
* uas-add-
Closes: #992727, CVE-2021-3713
* Mention (some) bugs closed by 6.1 upstream
* Mention closing of #947349
-- Michael Tokarev <email address hidden> Tue, 31 Aug 2021 02:01:51 +0300
qemu (1:6.1+dfsg-1) unstable; urgency=medium
* new upstream release (6.1.0) get_capset) sphinx- rtd-theme to build-depends
Closes: CVE-2021-3607 (pvrdma: ensure correct input on ring init)
Closes: CVE-2021-3608 (pvrdma: unmap initialized dma address)
Closes: #989042, CVE-2021-3544 (vhost-user-gpu resource leaks)
Closes: #989042, CVE-2021-3545 (vhost-user-gpu memory disclosure)
Closes: #989042, CVE-2021-3546 (vhost-user-gpu OOBwr virgl_cmd_
Closes: #991911, CVE-2021-3682 (pvrdma: possible mremap overflow)
* refresh patches, remove patches which were applied upstream
* remove newly appeared pc-bios/vof.bin in dfsg-clean
* add python3-
* removed qemu-system-moxie arch
* actually build many qemu modules as modules, and install
them in qemu-system-common.
* make strong versioned dependency between various qemu-system-*
packages, so that modules works correctly.
* drop very old versions from Build-Depends, Depends and Recommends
### Old Ubuntu Delta ###
qemu (1:6.0+ dfsg-2expubuntu 1) impish; urgency=medium
* Merge with Debian experimental, remaining changes: system- common. qemu-kvm. service: systemd unit to call
qemu-kvm- init system- common. install: install helper script system- common. qemu-kvm. default: defaults for
/etc/default/ qemu-kvm define- ubuntu- machine- types.patch: define distro machine system- x86.NEWS Info on fixed machine type defintions qemu-system- x86.NEWS enable- svm-by- default. patch: Enable nested svm by default pre-bionic- 256k-ipxe- efi-roms. patch: old machine types 256k-compat- efi-roms to be able to system- x86.README. Debian: add info about updated nesting changes enable- svm-by- default. patch: update to match v6.0 define- ubuntu- machine- types.patch: add ubuntu machine types lp-1929926- *: avoid segfaults by uretprobes (LP 1929926) qemu-block- extra.postinst: enable mount unit on install/upgrade system- gui.install: add ui-sdl.so fcf-clashing- with-i486. patch: fix fcf-protection being unavailble on -march=i486 (LP: #1940029) 1932175- s390x-cpumodel- add-3931- and-3932. patch: add new 3931 1940288- audio-Never- send-migration- section. patch: fix
- qemu-kvm to systemd unit
- d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
hugepages and architecture specifics
- d/qemu-
- d/qemu-
- d/qemu-
- d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
- Distribution specific machine type
(LP: 1304107 1621042 1776189 1761372 1761372 1776189)
- d/p/ubuntu/
types containing release versioned machine attributes
- d/qemu-
for host-phys-bits=true
- Add an info about -hpb machine type in debian/
- ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
- Enable nesting by default
- d/p/ubuntu/
in qemu64 on amd
[ No more strictly needed, but required for backward compatibility ]
- improved dependencies
- Make qemu-system-common depend on qemu-block-extra
- Make qemu-utils depend on qemu-block-extra
- tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
- d/p/ubuntu/
reference 256k path
- d/control-in: depend on ipxe-qemu-
handle incoming migrations from former releases.
- d/qemu-
- d/control*, d/rules: disable xen by default, but provide universe
package qemu-system-x86-xen as alternative
[includes compat links changes of 5.0-5ubuntu4]
- d/p/ubuntu/
- d/p/ubuntu/
for v6.0
- d/p/ubuntu/
- Ease the use of module retention on upgrades (LP 1913421)
- debian/
* Dropped Changes [in 1:6.0+dfsg-2exp]:
- d/control-in: Disable capstone disassembler library support (universe)
- Disable fuse export (universe dependency)
- Ease the use of module retention on upgrades (LP 1913421)
- d/run-qemu.mount, d/rules: provide run-qemu.mount in qemu-block-extra
- d/rules: only save modules if /run/qemu isn't noexec
- d/rules: clear all (current and former) modules on purge
- d/control: qemu 6.0 broke libvirt <7.2 add a breaks to avoid partial
upgrade issues (LP 1932264)
- Enable SDL as secondary UI backend (LP 1256185)
- d/control: add build dependency libsdl2-dev
- d/control: enable sdl graphics on build
- d/qemu-
- d/control: add runtime dependency to libgl1
* Dropped Changes [no more needed]
- let qemu-utils recommend sharutils
* Added changes:
- d/optionrom.mak, d/p/u/avoid-
-
- d/p/u/lp-
and 3932 machines (LP: #1932175)
- d/p/u/lp-
migration with audio devices present (LP: #1940288)
-- Christian Ehrhardt <email address hidden> Thu, 12 Aug 2021 15:35:12 +0200