This bug was fixed in the package qemu - 1:7.0+dfsg-7ubuntu1 --------------- qemu (1:7.0+dfsg-7ubuntu1) kinetic; urgency=medium * Merge with Debian unstable (LP: #1971315)(LP: #1980896), remaining changes: - qemu-kvm to systemd unit - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, hugepages and architecture specifics - d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-init - d/qemu-system-common.install: install helper script - d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372 1761372 1776189) - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types containing release versioned machine attributes - d/qemu-system-x86.NEWS Info on fixed machine type defintions for host-phys-bits=true - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type - Enable nesting by default - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default in qemu64 on amd [ No more strictly needed, but required for backward compatibility ] - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types reference 256k path - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to handle incoming migrations from former releases. - d/qemu-system-x86.README.Debian: add info about updated nesting changes - Ease the use of module retention on upgrades (LP 1913421) - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade - Fix I/O stalls when using NVMe storage (LP 1970737). - d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter in laio_io_unplug. - SECURITY UPDATE: heap overflow in floppy disk emulator - debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in hw/block/fdc.c. - CVE-2021-3507 * Dropped Changes [now part of 1:7.0+dfsg-7]: - d/rules: xen libexec dir is no more versioned - d/rules: ensure xen is built on x86 - d/kvm-spice: fix when acceleration is already defined on the commandline - debian/control[-in]: no more disable glusterfs in Ubuntu (LP 1246924) * Dropped Changes [now part of upstream v7.0.0] - d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch Allow long kernel command lines for QEMU (LP 1959984) - d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list - d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit tcg on s390x. - Fix diff handling on ceph that can cause data corruption (LP 1968258) - d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch - d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch - d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock in vnc connections (LP 1970563) - All CVE fixes of 1:6.2+dfsg-2ubuntu8 except CVE-2021-3507 * Dropped Changes - d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch: add patch to workaround FTBFS when building against OpenSSL 3.0. [ now working with OpenSSL 3.0 ] - d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix -fcf-protection being unavailble on -march=i486 (LP 1940029) [ fixed in compiler toolchain ] - Make qemu-system-x86-microvm a transitional package as the binary is now in qemu-system-x86 itself. [ no more needed] * Added Changes - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this landed in Debian but under a different name. - d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS with LTO - d/p/u/lp-1981339-*: fix s390x system emulation (LP: #1981339) qemu (1:7.0+dfsg-7) unstable; urgency=medium * d/tests/test-qemu-user: rework ls/glob test a bit * d/tests/test-qemu-user: fix ppc64le qemu architecture name * d/binfmt-install: use proper name for binfmt.d (*.conf) Hopefully closes: #1011003 * two virtio-scsi bugfixes from upstream: virtio-scsi-fix-ctrl-and-event-handler-functions-in-dataplane.patch virtio-scsi-don-t-waste-CPU-polling-the-event-virtqueue.patch * 3 patches from upstream to fix possible coroutine crashes: coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch coroutine-rename-qemu_coroutine_inc-dec_pool_size.patch coroutine-revert-to-constant-batch-size.patch * target-i386-do-not-consult-nonexistent-host-leaves.patch * d/control: stop suggesting sudo for qemu-user-static * Revert "d/rules: do not try to enable tcg-interpreter on unsupported targets, it does not help anymore" - it does help but it needs a bit more work * disable xen support for qemu-system-x86 build and create a wrapper for -i386 to redirect xen-related usage to xen-specific binary with a warning (for bookworm only) * common-user-no-user.patch: fix one of FTBFS on unsupported architectures * d/rules: use regular variable assignment for BUILD_PACKAGES * two trivial patches to fix spelling in roms: openbios-spelling-endianess.patch slof-spelling-seperator.patch qemu (1:7.0+dfsg-6) unstable; urgency=medium * d/rules: the forgotten --enable-xen-pci-passthrough for the xen build * d/tests/test-qemu-user: rewrite to be more robust and complete and include test for qemu-user-static too. qemu (1:7.0+dfsg-5) unstable; urgency=medium * d/tests/test-qemu-user.sh: more arch-specific debugging/updates qemu (1:7.0+dfsg-4) unstable; urgency=medium * d/tests/: fix failing tests. - test-qemu-user: depend on gcc for dpkg-architecture to work, and print debugging info for future switch to uname -m - test-qemu-img: switch from using file to qemu-img info qemu (1:7.0+dfsg-3) unstable; urgency=medium [ Michael Tokarev ] * d/binfmt-install: also generate binfmt.d/ entries for systemd * d/control: use systemd as preferred alternative to binfmt-support hopefully Closes: #789011 (Minimal dependencies to register binfmt) Closes: #985889 (make binfmt setup configurable) * d/control: remove Riku Voipio from Uploaders. Thank you Riku! * d/rules: simplify DEB_BUILD_OPTIONS=parallel=N parsing [ Guido Günther ] * Add minimal autopkgtest (Closes: #832982) qemu (1:7.0+dfsg-2) unstable; urgency=medium * d/control: add Rules-Requires-Root: no * d/control: switch to debhelper-compat=13 * d/control: drop "qemu" empty/dummy pseudopackage * d/control: do not build linux-user* on ia64 and powerpc (not supported by upstream anymore) * d/control: add Breaks for qemu-system-data for other packages from which it borrowed files in the past (Closes: #1008095) * d/rules: switch to the dh sequence (but keep build-{arch,indep}), rearrange some rules. This brings us dh_dwz (very slow) and dh_strip_nondeterminism. * d/rules: do not explicitly turn off slirp & capstone (now properly controlled by --with[out]-default-features option) * d/rules: do not try to enable tcg-interpreter on the unsupported targets, it does not help to build tools anymore * d/rules: do not chown -w d/control, it breaks dpkg-source * d/rules: clean up the clean target * d/not-installed: list many documentation files and qemu-plugin.h * configure-make-fortify_source-yes-by-default.patch: enable fortify-source for minimal builds too * d/changelog: mention #990562 (CVE-2021-3611) closed by 7.0 qemu (1:7.0+dfsg-1) unstable; urgency=medium * update to 7.0 release qemu (1:7.0~rc4+dfsg-1) experimental; urgency=medium * New upstream 7.0 (rc) Closes: #990562, CVE-2021-3611 * remove patches applied upstream * remove new binary file, pc-bios/edk2-x86_64-microvm.fd.bz2 * d/control: remove libxfs-dev build dependency, the ioctl is implemented inline * d/control: stop build-depend-indep on libc6.1-dev-alpha-cross, not needed anymore * d/rules: update skiboot version check (skiboot hasn't canged since 6.1) * build & install vbootrom (npcm7xx_bootrom.bin), and build-depend-indep on gcc-arm-none-eabi * create a new binary package, qemu-system-xen, which provides /usr/libexec/xen-qemu-system-i386 binary for use by xen only. Once xen switches to use this binary instead of usual qemu-system-i386, xen support will be removed from the regular qemu-system-x86 build * use a fast inline version of /usr/share/dpkg/architecture.mk qemu (1:6.2+dfsg-3) unstable; urgency=medium [ Christian Ehrhardt ] * d/rules: ensure xen is built on x86 * d/rules: xen libexec dir is no more versioned * d/kvm-spice: fix when acceleration is already defined on the commandline [ Michael Tokarev ] * d/control, d/rules: do not compile xen support on i386, since it is amd64-only now (since 4.16) * d/control: add libbpf-dev & --enable-bpf for eBPF support (Closes: #994573) -- Christian Ehrhardt