-
qemu-kvm (0.12.5+noroms-0ubuntu7.11) maverick-security; urgency=low
* SECURITY UPDATE: fix heap overflow in e1000 driver with crafted legacy
mode packets
- debian/patches/CVE-2012-0029.patch: check for overflow whenever issuing
PCI dma reads
- CVE-2012-0029
-- Jamie Strandboge <email address hidden> Tue, 17 Jan 2012 13:42:24 -0600
-
qemu-kvm (0.12.5+noroms-0ubuntu7.10) maverick-security; urgency=low
* SECURITY UPDATE: fix potential privilege escalation via improper group
handling
- debian/patches/CVE-2011-2527.patch: call initgroups() to drop
supplementary group privileges
- CVE-2011-2527
-- Jamie Strandboge <email address hidden> Tue, 26 Jul 2011 08:03:24 -0500
-
qemu-kvm (0.12.5+noroms-0ubuntu7.9) maverick-proposed; urgency=low
* Add usb-linux-increase-buffer-for-usb-ctrl-req.patch from upstream to
increase the usb control buffer. (LP: #790145)
-- Serge Hallyn <email address hidden> Thu, 07 Jul 2011 09:29:43 -0500
-
qemu-kvm (0.12.5+noroms-0ubuntu7.8) maverick-security; urgency=low
* SECURITY UPDATE: fix to validate virtqueue in and out requests from the
guests
- debian/patches/CVE-2011-2212-virtqueue-indirect-overflow.patch: update
hw/virtio.c to verify the length of indirect descriptors in
virtqueue_pop() and virtqueue_avail_bytes()
- CVE-2011-2212
* SECURITY UPDATE: validate virtio_queue_notify() is non-negative
- debian/patches/CVE-2011-2512-negative-vq-notifies.diff: update
to move comparison out to syborg_virtio_writel(), virtio_ioport_write()
and virtio_queue_notify_vq() and don't call common virtio code if
virtqueue number is invalid. Patch from Debian.
- CVE-2011-2512
-- Jamie Strandboge <email address hidden> Tue, 05 Jul 2011 14:41:30 -0500
-
qemu-kvm (0.12.5+noroms-0ubuntu7.6) maverick-proposed; urgency=low
* Add usb-linux-increase-buffer-for-usb-ctrl-req.patch from upstream to
increase the usb control buffer. (LP: #790145)
-- Serge Hallyn <email address hidden> Mon, 20 Jun 2011 13:24:04 -0500
-
qemu-kvm (0.12.5+noroms-0ubuntu7.5) maverick-security; urgency=low
* SECURITY UPDATE: fix heap buffer overflow from unaligned requests
- virtio-blk-fail-unaligned-access-CVE-2011-1750-52c050236e.diff:
patch from Debian
- CVE-2011-1750
* SECURITY UPDATE: verify no_hotplug attribute when handling hot-unplug
requests
- CVE-2011-1751-prep-pci-cleanly-backout-of-pci_qdev_init-925fe64ae7.diff:
Moving common code to a separate function and using it from another
place to fix a memory leak. Backported by Debian
- CVE-2011-1751-prep-hotplug-0-acpi_piix4-qdevfy-e8ec0571e1.diff: This
qdevifies acpi_piix4 device. Backported by Debian
- CVE-2011-1751-prep-hotplug-1-pci-allow-devices-being-tagged-as-not-hotpluggable-180c22e18b.diff:
Introduce a "no_hotplug" attribute and check it in common places
to ensure such devices wont be hot-(un)plugged. This needs the
pci-cleanly-backout-of-pci_qdev_init patch mentioned above. Backported
by Debian
- CVE-2011-1751-prep-hotplug-2-piix-tag-as-not-hotpluggable-0965f12da6.diff:
Backported by Debian
- CVE-2011-1751-prep-hotplug-3-vga-tag-as-not-hotplugable-be92bbf73d.diff:
Mark certain devices as non-hotpluggable. Backported by Debian
- CVE-2011-1751-hotplug-4-ignore-pci-hotplug-requests-for-unpluggable-devices.diff:
Verifies the no_hotplug attribute when handling hot-unplug request from
guest. Backported by Debian
-- Jamie Strandboge <email address hidden> Sun, 29 May 2011 08:22:56 -0500
-
qemu-kvm (0.12.5+noroms-0ubuntu7.4) maverick-proposed; urgency=low
* Add usb-linux-increase-buffer-for-usb-ctrl-req.patch from upstream to
increase the usb control buffer. (LP: #790145)
-- Serge Hallyn <email address hidden> Thu, 02 Jun 2011 08:28:15 -0500
-
qemu-kvm (0.12.5+noroms-0ubuntu7.3) maverick-proposed; urgency=low
* Pull in changes to vl.c from upstream to fix 'boot once=x'.
(LP: #719448)
-- Serge Hallyn <email address hidden> Mon, 02 May 2011 14:45:29 -0500
-
qemu-kvm (0.12.5+noroms-0ubuntu7.2) maverick-security; urgency=low
[ Dustin Kirkland ]
* SECURITY UPDATE: Setting VNC password to empty string silently
disables all authentication (LP: #697197).
- debian/patches/697197-fix-vnc-password-semantics.patch: Reverses the
change introduced in Qemu by git commit 52c18be9, thanks to Neil Wilson.
- CVE-2011-0011
[ Kees Cook ]
* debian/rules: disable parallel build; fix FTBFS.
-- Kees Cook <email address hidden> Fri, 11 Feb 2011 15:52:12 -0800
-
qemu-kvm (0.12.5+noroms-0ubuntu7.1) maverick-proposed; urgency=low
* Add caps-lock-key-up-event.patch to enable normal up/down events for
Caps-Lock and Num-Lock keys by setting SDL_DISABLE_LOCK_KEYS (which
requires SDL > 1.2.14). This fixes handling of capslock when capslock is
mapped to something else in host system. (LP: #427612)
-- Benjamin Drung <email address hidden> Wed, 24 Nov 2010 15:35:10 +0100
-
qemu-kvm (0.12.5+noroms-0ubuntu7) maverick; urgency=low
* Resurrect arm-host-fix-compiler-warning patch, applied in
0.12.3-0ubuntu2 but dropped in 0.12.4+noroms-0ubuntu1; this is in git
HEAD but wasn't in the 0.12.5 release, and we need it to build on armel.
-- Colin Watson <email address hidden> Thu, 30 Sep 2010 13:03:19 +0100
-
qemu-kvm (0.12.5+noroms-0ubuntu6) maverick; urgency=low
* debian/fix-CMOS-info-for-drives-defined-with--device.patch: make sure
the CMOS knows about the correct geometry so Windows XP installs
properly. (LP: #586175)
-- Marc Deslauriers <email address hidden> Wed, 15 Sep 2010 19:48:15 -0400
-
qemu-kvm (0.12.5+noroms-0ubuntu5) maverick; urgency=low
* Apply patch to fix the lack of error checking when opening
an initrd file. (LP: #619302)
-- Serge Hallyn <email address hidden> Mon, 30 Aug 2010 12:49:47 -0500
-
qemu-kvm (0.12.5+noroms-0ubuntu4) maverick; urgency=low
* debian/patches/05_improve-qemu-img-errors.patch: Reintroduced and
refreshed patch as it seems this wasn't resolved upsteam. (LP: #623830)
-- Dave Walker (Daviey) <email address hidden> Wed, 25 Aug 2010 13:04:17 +0100
-
qemu-kvm (0.12.5+noroms-0ubuntu3) maverick; urgency=low
* debian/rules, debian/control: enable vnc sasl in the build, LP: #621639
-- Dustin Kirkland <email address hidden> Tue, 24 Aug 2010 09:56:34 -0400
-
qemu-kvm (0.12.5+noroms-0ubuntu2) maverick; urgency=low
* qemu-debootstrap: don't use qemu for lpia if not required (LP: #534155)
-- Emmet Hikory <email address hidden> Tue, 17 Aug 2010 12:54:17 +0200
-
qemu-kvm (0.12.5+noroms-0ubuntu1) maverick; urgency=low
* New upstream release
* Removed patch which is now upstream:
0001-Fix-missing-symbols-in-.rel-.rela.plt-sections.patch
-- Serge Hallyn <email address hidden> Tue, 10 Aug 2010 08:51:54 -0500
-
qemu-kvm (0.12.4+noroms-0ubuntu9) maverick; urgency=low
* qemu-debootstrap: test that the debootstrap command is available, and
suggest installing the debootstrap package otherwise.
* Add a Recommends on debootstrap.
-- Loic Minier <email address hidden> Mon, 09 Aug 2010 05:40:06 -0400
-
qemu-kvm (0.12.4+noroms-0ubuntu8) maverick; urgency=low
* qemu-debootstrap: add support for armhf port; I now realize that this
script should query dpkg-architecture instead.
-- Loic Minier <email address hidden> Sat, 07 Aug 2010 15:14:24 -0400
-
qemu-kvm (0.12.4+noroms-0ubuntu7) maverick; urgency=low
* debian/patches/linux-user-do-not-warn-for-missing-pselect6.patch:
Avoid showing unsupported syscall: 335 for pselect. This was fixed for
lucid with the pselect patch, but upstream decided not to apply it as it
it can't guaranty the atomicity for all distros. This patch is backported
from upstream, as they decided to just remove the warn for it (LP: #610742)
-- Ricardo Salveti de Araujo <email address hidden> Wed, 28 Jul 2010 02:56:04 -0300
-
qemu-kvm (0.12.4+noroms-0ubuntu6) maverick; urgency=low
* New patch, arm-ignore-writes-of-perf-reg-cp15-with-crm-12, on ARMv7,
ignore writes to cp15 with crm == 12; these are to setup perf
counters which we don't have; LP: #570456.
-- Loic Minier <email address hidden> Mon, 26 Jul 2010 15:04:23 +0200
-
qemu-kvm (0.12.4+noroms-0ubuntu5) maverick; urgency=low
* Re-add patch Detect-and-use-GCC-atomic-builtins-for-locking from
0.12.2-0ubuntu6arm1 (0.12.2-0ubuntu7) since it was not merged upstream and
is sitll needed to build qemu-kvm in thumb mode on armel; LP: #605252.
-- Loic Minier <email address hidden> Fri, 16 Jul 2010 23:06:00 +0200
-
qemu-kvm (0.12.4+noroms-0ubuntu4) maverick; urgency=low
* merge patch from upstream to fix multiboot.bin (LP: #598649)
-- Serge Hallyn <email address hidden> Mon, 28 Jun 2010 10:44:44 -0500
-
qemu-kvm (0.12.4+noroms-0ubuntu3) maverick; urgency=low
* debian/patches/scm-rights-fd.patch: backport patch from upstream to
stash away SCM_RIGHTS fd until a getfd command arrives. This is required
for attach of network devices in libvirt 0.8.1 and higher.
- e53f27b9d9df73461308618151fa6e6392aebd85
-- Jamie Strandboge <email address hidden> Wed, 16 Jun 2010 11:05:40 -0500
-
qemu-kvm (0.12.4+noroms-0ubuntu2) maverick; urgency=low
* debian/qemu-kvm.links: LP: #594888, add a symlink,
/usr/bin/qemu-system-i386 -> /usr/bin/qemu
-- Dustin Kirkland <email address hidden> Tue, 15 Jun 2010 23:16:36 -0500
-
qemu-kvm (0.12.4+noroms-0ubuntu1) maverick; urgency=low
* New upstream release.
* add block from kees to debian/rules to parallelize make
* Removed patches which have been merged.
* Removed the capslock patch because capslock isn't behaving
right for me in 0.12.3 with the patch anyway, probably bc the
underlying SDL has been fixed. Original patch was for LP: #427612.
-- Serge Hallyn <email address hidden> Fri, 11 Jun 2010 11:58:47 -0500
-
qemu-kvm (0.12.3+noroms-0ubuntu9) lucid; urgency=low
* Architecture-specific fixes (LP: #568904)
- debian/rules: configure with --disable-kvm on powerpc to fix FTBFS
- debian/control: Disable arch:any stuff on ia64: no qemu/kvm support anyway
-- Emmet Hikory <email address hidden> Fri, 23 Apr 2010 18:45:55 +0900
