[ubuntu/yakkety-proposed] qemu 1:2.6+dfsg-3ubuntu1 (Accepted)
Serge Hallyn
serge.hallyn at ubuntu.com
Thu Jun 16 01:08:14 UTC 2016
qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium
* Merge with Debian; remaining changes:
- debian/rules: do not drop the init scripts loading kvm modules
(still needed in precise in cloud archive)
- qemu-system-common.postinst:
* remove acl placed by udev, and add udevadm trigger.
* reload kvm_intel if needed to set nested=1
- qemu-system-common.preinst: add kvm group if needed
- add qemu-kvm upstart job and defaults file (rules,
qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
- rules,qemu-system-x86.modprobe: support use under older udevs which
do not auto-load the kvm kernel module. Enable nesting by default
on intel.
- d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
in qemu64 cpu type.
- d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
types to ease future live vm migration.
- apport hook for qemu source package: d/source_qemu-kvm.py,
d/qemu-system-common.install
- Make qemu-system-common and qemu-utils depend on qemu-block-extra
to fix errors with missing block backends.
- s390x:
* Create qemu-system-s390x package
* Enable pie by default, on ubuntu/s390x.
* Enable svm by default for qemu64 on amd
* Include s390-ccw.img firmware
* have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
relationship, but qemu-efi is still in universe right now.
qemu (1:2.6+dfsg-3) unstable; urgency=high
* more security fixes picked from upstream:
- CVE-2016-4454 fix (vmsvga) (Closes: CVE-2016-4454)
vmsvga-add-more-fifo-checks-CVE-2016-4454.patch
vmsvga-move-fifo-sanity-checks-to-vmsvga_fifo_length-CVE-2016-4454.patch
vmsvga-shadow-fifo-registers-CVE-2016-4454.patch
- vmsvga-don-t-process-more-than-1024-fifo-commands-at-once-CVE-2016-4453.patch
(Closes: CVE-2016-4453)
- scsi-check-buffer-length-before-reading-scsi-command-CVE-2016-5238.patch
(Closes: #826152, CVE-2016-5238)
* set urgency to high due to the amount of
security fixes accumulated so far
qemu (1:2.6+dfsg-2) unstable; urgency=medium
* add missing log entries for previous upload,
remove closing of #807006 (it is not closed)
* Added vga-add-sr_vbe-register-set.patch from upstream
This fixes regression (in particular with win7 installer)
introduced by the fix for CVE-2016-3712 (commit fd3c136)
* fix-linking-relocatable-objects-on-sparc.patch (Closes: #807006)
* Lots of security patches from upstream:
- net-mipsnet-check-packet-length-against-buffer-CVE-2016-4002.patch
(Closes: #821061, CVE-2016-4002)
- i386-kvmvapic-initialise-imm32-variable-CVE-2016-4020.patch
(Closes: #821062, CVE-2016-4020)
- esp-check-command-buffer-length-before-write-CVE-2016-4439.patch,
esp-check-dma-length-before-reading-scsi-command-CVE-2016-4441.patch
(Closes: #824856, CVE-2016-4439, CVE-2016-4441)
- scsi-mptsas-infinite-loop-while-fetching-requests-CVE-2016-4964.patch
(Closes: #825207, CVE-2016-4964)
- scsi-pvscsi-check-command-descriptor-ring-buffer-size-CVE-2016-4952.patch
(Closes: #825210, CVE-2016-4952)
- scsi-megasas-use-appropriate-property-buffer-size-CVE-2016-5106.patch
(Closes: #825615, CVE-2016-5106)
- scsi-megasas-initialise-local-configuration-data-buffer-CVE-2016-5105.patch
(Closes: #825614, CVE-2016-5105)
- scsi-megasas-check-read_queue_head-index-value-CVE-2016-5107.patch
(Closes: #825616, CVE-2016-5107)
- block-iscsi-avoid-potential-overflow-of-acb-task-cdb-CVE-2016-5126.patch
(Closes: #826151, CVE-2016-5126)
- scsi-esp-check-TI-buffer-index-before-read-write-CVE-2016-5338.patch
(Closes: #827024, CVE-2016-5338)
- scsi-megasas-null-terminate-bios-version-buffer-CVE-2016-5337.patch
(Closes: #827026, CVE-2016-5337)
* hw-dma-omap-spelling-fix-endianness.patch (lintian)
* arm-spelling-fix-mismatch.patch (lintian)
Date: Wed, 15 Jun 2016 16:49:49 -0500
Changed-By: Serge Hallyn <serge.hallyn at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/qemu/1:2.6+dfsg-3ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 15 Jun 2016 16:49:49 -0500
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm qemu-system-aarch64 qemu-system-s390x
Architecture: source
Version: 1:2.6+dfsg-3ubuntu1
Distribution: yakkety
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Serge Hallyn <serge.hallyn at ubuntu.com>
Description:
qemu - fast processor emulator
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization
qemu-system - QEMU full system emulation binaries
qemu-system-aarch64 - QEMU full system emulation binaries (aarch64)
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-s390x - QEMU full system emulation binaries (s390x)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 807006 821061 821062 824856 825207 825210 825614 825615 825616 826151 826152 827024 827026
Changes:
qemu (1:2.6+dfsg-3ubuntu1) yakkety; urgency=medium
.
* Merge with Debian; remaining changes:
- debian/rules: do not drop the init scripts loading kvm modules
(still needed in precise in cloud archive)
- qemu-system-common.postinst:
* remove acl placed by udev, and add udevadm trigger.
* reload kvm_intel if needed to set nested=1
- qemu-system-common.preinst: add kvm group if needed
- add qemu-kvm upstart job and defaults file (rules,
qemu-system-x86.qemu-kvm.default, qemu-system-x86.qemu-kvm.upstart)
- rules,qemu-system-x86.modprobe: support use under older udevs which
do not auto-load the kvm kernel module. Enable nesting by default
on intel.
- d/p/ubuntu/expose-vmx_qemu64cpu.patch: enable nested kvm by default
in qemu64 cpu type.
- d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
types to ease future live vm migration.
- apport hook for qemu source package: d/source_qemu-kvm.py,
d/qemu-system-common.install
- Make qemu-system-common and qemu-utils depend on qemu-block-extra
to fix errors with missing block backends.
- s390x:
* Create qemu-system-s390x package
* Enable pie by default, on ubuntu/s390x.
* Enable svm by default for qemu64 on amd
* Include s390-ccw.img firmware
* have qemu-system-aarch64 Suggest: qemu-efi; this should be a stronger
relationship, but qemu-efi is still in universe right now.
.
qemu (1:2.6+dfsg-3) unstable; urgency=high
.
* more security fixes picked from upstream:
- CVE-2016-4454 fix (vmsvga) (Closes: CVE-2016-4454)
vmsvga-add-more-fifo-checks-CVE-2016-4454.patch
vmsvga-move-fifo-sanity-checks-to-vmsvga_fifo_length-CVE-2016-4454.patch
vmsvga-shadow-fifo-registers-CVE-2016-4454.patch
- vmsvga-don-t-process-more-than-1024-fifo-commands-at-once-CVE-2016-4453.patch
(Closes: CVE-2016-4453)
- scsi-check-buffer-length-before-reading-scsi-command-CVE-2016-5238.patch
(Closes: #826152, CVE-2016-5238)
* set urgency to high due to the amount of
security fixes accumulated so far
.
qemu (1:2.6+dfsg-2) unstable; urgency=medium
.
* add missing log entries for previous upload,
remove closing of #807006 (it is not closed)
* Added vga-add-sr_vbe-register-set.patch from upstream
This fixes regression (in particular with win7 installer)
introduced by the fix for CVE-2016-3712 (commit fd3c136)
* fix-linking-relocatable-objects-on-sparc.patch (Closes: #807006)
* Lots of security patches from upstream:
- net-mipsnet-check-packet-length-against-buffer-CVE-2016-4002.patch
(Closes: #821061, CVE-2016-4002)
- i386-kvmvapic-initialise-imm32-variable-CVE-2016-4020.patch
(Closes: #821062, CVE-2016-4020)
- esp-check-command-buffer-length-before-write-CVE-2016-4439.patch,
esp-check-dma-length-before-reading-scsi-command-CVE-2016-4441.patch
(Closes: #824856, CVE-2016-4439, CVE-2016-4441)
- scsi-mptsas-infinite-loop-while-fetching-requests-CVE-2016-4964.patch
(Closes: #825207, CVE-2016-4964)
- scsi-pvscsi-check-command-descriptor-ring-buffer-size-CVE-2016-4952.patch
(Closes: #825210, CVE-2016-4952)
- scsi-megasas-use-appropriate-property-buffer-size-CVE-2016-5106.patch
(Closes: #825615, CVE-2016-5106)
- scsi-megasas-initialise-local-configuration-data-buffer-CVE-2016-5105.patch
(Closes: #825614, CVE-2016-5105)
- scsi-megasas-check-read_queue_head-index-value-CVE-2016-5107.patch
(Closes: #825616, CVE-2016-5107)
- block-iscsi-avoid-potential-overflow-of-acb-task-cdb-CVE-2016-5126.patch
(Closes: #826151, CVE-2016-5126)
- scsi-esp-check-TI-buffer-index-before-read-write-CVE-2016-5338.patch
(Closes: #827024, CVE-2016-5338)
- scsi-megasas-null-terminate-bios-version-buffer-CVE-2016-5337.patch
(Closes: #827026, CVE-2016-5337)
* hw-dma-omap-spelling-fix-endianness.patch (lintian)
* arm-spelling-fix-mismatch.patch (lintian)
Checksums-Sha1:
9caa4dbeae7a98a52bad1fe877e14a6012a7369b 5887 qemu_2.6+dfsg-3ubuntu1.dsc
24302e92c80d30d086665c28a0f8a9e6bf39c64a 6372484 qemu_2.6+dfsg.orig.tar.xz
388fd5560dfdda9e26207cd78e0b791fc2ecb9d2 96288 qemu_2.6+dfsg-3ubuntu1.debian.tar.xz
Checksums-Sha256:
f3606a9a3d6ff64fbf229dc0f69a62417ee385b727d64ec484ed24cb3ae0b417 5887 qemu_2.6+dfsg-3ubuntu1.dsc
63d358ee5c1a99ae8eeffc8461b69d94f8d23ce8e88d6d966b4fb41f8262f871 6372484 qemu_2.6+dfsg.orig.tar.xz
8713f6d18863063bd09117fc35a32983f223278b76ca4943aa12201d24f900ce 96288 qemu_2.6+dfsg-3ubuntu1.debian.tar.xz
Files:
e0301217719d654d47c90248818a9c2f 5887 otherosfs optional qemu_2.6+dfsg-3ubuntu1.dsc
19c5070f23cbafa04dea4cf05a55371f 6372484 otherosfs optional qemu_2.6+dfsg.orig.tar.xz
b0f3ba64b7296b6db968bc03eb78ad72 96288 otherosfs optional qemu_2.6+dfsg-3ubuntu1.debian.tar.xz
Original-Maintainer: Debian QEMU Team <pkg-qemu-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCgAGBQJXYfusAAoJEOn+6gaoXj+d1qIH/3MyBXOKm6SGpL0TPmiJZgUw
eDuKjv0k+HP89VUL7WFU260iCT+1mDTFXSIVyP+ZrfOvYjWB4817HxEAmnbksrfa
IJ3fnIwTecRC95W9rVrEYkWA9hCW3TWEzfw/tnV5RfQFuC4teSvk0maIywgP7Fzt
cxvqNBhpDk97FdZgSytdvSm6vn6iwCY3w75BsFw7MYd1UJLz8a0cNspL1fNDbnOg
aPKcvfgWhv0DQVsA61MruEFUfqDx2L2qtXZLbwhSyYy5lIgZlOR7whYUm5OrP5GF
QqCw14W+SD7YbUiGpwbjQzmBnqmjkQKXguwO0T59+58C90uyIYrHO/9PSmwWrC0=
=ZkyV
-----END PGP SIGNATURE-----
More information about the Yakkety-changes
mailing list