qemu (1:9.2.0+ds-3~bpo12+2) bookworm-backports; urgency=medium * Rebuild for bookworm-backports: disable libblkio, realize pkg.qemu.use-upstream-vdso build profile for bookworm, disable pycotap -- Michael Tokarev Fri, 27 Dec 2024 13:25:25 +0300 qemu (1:9.2.0+ds-3) unstable; urgency=medium * d/changelog: mention #924667, #1027781, #1016810 for previous entry * d/rules: use 2 timeout multiplier for tests on all platforms, not just riscv64 (Closes: #1089870) -- Michael Tokarev Tue, 24 Dec 2024 19:28:22 +0300 qemu (1:9.2.0+ds-2) unstable; urgency=medium * d/binfmt-install: remove forgotten cris linux-user target registration (Closes: #1089851) * d/rules,d/binfmt-install: pass list of targets on command line to catch errors like the previous one * d/binfmt-install: add 2 forgotten architectures: microblazeel and or1k * d/binfmt-install: note when we dropped binfmt-support registration * d/binfmt-install: drop compat symlinks for same-family binfmts from qemu-user-static doc dir. Between [8.0 .. 9.1) (during trixie release cycle), we shipped /usr/share/doc/qemu-user-static/qemu-x86_64.conf etc on x86 (all architectures for the host cpu family) instead of enabling them, because it is too risky to enable emulation for same-family arch. These files were used by the user to manually register the binfmts from /etc/binfmt.d. This does not work anymore, - if you used this setup, manually registering a binfmt for an architecture from the same family as your host CPU, please reconfigure them to point to the correct location, which is /usr/share/qemu/binfmt.d/. (cf: #924667, #1027781, #1016810) -- Michael Tokarev Sat, 14 Dec 2024 10:03:36 +0300 qemu (1:9.2.0+ds-1) unstable; urgency=medium * add 3 patches queued for stable from upstream master branch 9pfs-fix-regression-regarding-CVE-2023-2861.patch tcg-Reset-free_temps-before-tcg_optimize.patch tcg-riscv-Fix-StoreStore-barrier-generation.patch -- Michael Tokarev Fri, 13 Dec 2024 17:00:51 +0300 qemu (1:9.2.0+ds-1~exp1) experimental; urgency=medium * new upstream version * d/gbp.conf: switch to upstream-9.2 branch * d/copyright: stop removing pc-bios/s390-netboot.img (not shipped anymore) * d/copyright: remove roms/opensbi (not used anymore) * d/copyright: remove vendored rust crates (mk-origtargz does not handle Files-Included: correctly) * d/control: break old qemu-system-s390x (due to dropped s390x-netboot) * d/control.mk: remove cris architecture (dropped upstream) * remove openbios-spelling-endianess.patch * d/control: minimum meson version is 1.5 now * remove meson-Fix-MESONINTROSPECT-parsing.patch * d/rules: remove --disable-bpf for linux-user (fixed upstream) * d/control.mk: vdso-version=9.2.0~rc3+ds-1~ * d/control.mk: checked-version=9.2.0+ds * d/control: new build dependency: python3-pycotap * d/qemu-system-common.*: virtfs-proxy-helper is gone * d/qemu-system-arm.lintian-overrides: remove "wTH" override * d/rules: remove qemu-vmsr-helper if !system (dh_missing complains about it) * gnu-hurd.patch: add more fixes * d/qemu-user.lintian-overrides: add statically-linked-binary override * d/control: qemu-guest-agent is linux-any for now (does not work on hurd) * d/rules: enable/disable guest agent explicitly at configure time -- Michael Tokarev Wed, 11 Dec 2024 20:26:36 +0300 qemu (1:9.1.2+ds-1) unstable; urgency=medium * new upstream stable/bugfix release * remove revert-hw-audio-hda-fix-memory-leak-on-audio-setup.patch * add lintian-overrides for "wTH" spelling-error-in-binary for qemu-system-arm, qemu-system-mips, qemu-system-ppc and qemu-user * d/rules: move system package definitions to d/control.mk -- Michael Tokarev Mon, 02 Dec 2024 11:29:54 +0300 qemu (1:9.1.1+ds-5) unstable; urgency=medium * upload to rebuild with fixed libiscsi * move "addd" lintian-override from qemu-system-misc to qemu-system-riscv * d/qemu-user-static.lintian-overrides: remove "statically-linked-binary" override (not emitted anymore?) -- Michael Tokarev Fri, 15 Nov 2024 09:30:28 +0300 qemu (1:9.1.1+ds-4) unstable; urgency=medium * d/tests/test-qemu-img.sh: fix syntax error in recent change * remove hw-audio-hda-avoid-unnecessary-re-open-stream-on-rec.patch (does not solve the issue) * +revert-hw-audio-hda-fix-memory-leak-on-audio-setup.patch revert the upstream change for now, til a better solution is found -- Michael Tokarev Mon, 11 Nov 2024 10:37:00 +0300 qemu (1:9.1.1+ds-3) unstable; urgency=medium * d/tests/test-qemu-img.sh: use filesystem block size for ls -s, remove temp code for ppc64el * hw-audio-hda-avoid-unnecessary-re-open-stream-on-rec.patch fixing https://gitlab.com/qemu-project/qemu/-/issues/2639 (hopefully) -- Michael Tokarev Thu, 07 Nov 2024 13:51:24 +0300 qemu (1:9.1.1+ds-2) unstable; urgency=medium * linux-user-elf-endianness.diff: remove the temp workaround the fix is in upstream qemu now, double fix breaks again. * d/control: temporarily add Depends: qemu-system-riscv, qemu-system-s390x (debain only) for qemu-system-misc to compensate for the split. Should downgrade this to Recommends once the tests are fixed (#1086026, #1086024, edk2 !17) -- Michael Tokarev Fri, 25 Oct 2024 16:22:29 +0300 qemu (1:9.1.1+ds-1) unstable; urgency=medium * new upstream stable/bugfix release Closes: #1081849, #1081850 Includes a change listed as a fix for #1082406 (CVE-2024-8612) -- Michael Tokarev Thu, 24 Oct 2024 21:41:12 +0300 qemu (1:9.1.0+ds-9~exp0) experimental; urgency=medium * d/tests/test-qemu-img.sh: print diagnostics on ppc64el where the test fails (temporary) * d/control-in: expand Enhances: list for qemu-block-extra (and qemu-block-supplemental on Ubuntu) * make qemu-system-s390x a separate package, just like on ubuntu * split out qemu-system-riscv* from qemu-system-misc to qemu-system-riscv * d/qemu-system-misc.NEWS: add NEWS item about s390x and riscv split -- Michael Tokarev Sat, 05 Oct 2024 12:53:34 +0300 qemu (1:9.1.0+ds-8) unstable; urgency=medium * d/qemu-user.lintian-overrides: add statically-linked-binary override for all qemu-* binaries * d/rules: specify -m for each install invocation, and use -m consistently * d/tests/test-qemu-user: rewrite, install and run busybox for all release architectures. Remove superficial restriction - it is now a real test * d/patches/linux-user-elf-endianness.diff: temp/test patch to address #1081850 -- Michael Tokarev Tue, 01 Oct 2024 11:35:40 +0300 qemu (1:9.1.0+ds-7) unstable; urgency=medium * d/qemu-system-misc.links: remove escaped newlines, swap order (again!) (Closes: #1082771) -- Michael Tokarev Thu, 26 Sep 2024 15:31:31 +0300 qemu (1:9.1.0+ds-6) unstable; urgency=medium * d/qemu-system-misc.links: fix the order of source/destination pairs (Closes: #1082771) -- Michael Tokarev Thu, 26 Sep 2024 05:49:22 +0300 qemu (1:9.1.0+ds-5) unstable; urgency=medium * d/control: fix opensbi dependency (missing tilde) (Closes: #1082750) -- Michael Tokarev Wed, 25 Sep 2024 19:35:14 +0300 qemu (1:9.1.0+ds-4) unstable; urgency=medium * d/control: fix typo in comment, add comment * d/control: s/Built-Using/Static-Built-Using/ for qemu-user (static build) (this should allow qemu to migrate to testing much more easily) * stop building opensbi firmware, use packaged version (Closes: #1058905) -- Michael Tokarev Wed, 25 Sep 2024 13:50:06 +0300 qemu (1:9.1.0+ds-3) unstable; urgency=medium * revert the move of the helper binaries (qemu-bridge-helper, virtfs-proxy-helper, vhost-user-gpu) to /usr/libexec/qemu/, moving them back to /usr/lib/qemu/ where they had always been. This restores suid-root dpkg-statoverride for qemu-bridge-helper if the user enabled it, and makes common tools like libvirt to work correctly again. Such change needs more thinking. Closes: #1080456. * d/microvm-devices.mak: disable VIRTIO_MEM and VIRTIO_PMEM devices These are PCI-only devices but PCI is disabled for microvm. * d/patches: remove revert-hw-virtio-move-stubs-out-of-stubs.patch after disabling virtio-mem and virtio-pmem. * d/microvm-devices.mak: disable Q35 machine type now when it is possible (in version 6.1 where microvm has been enabled it didn't work). * d/qemu-user-static.NEWS: write a news entry about qemu-user-static merge to qemu-user package * d/changelog: mention closing of #1079603 by 9.1.0+ds-1 (qemu-user merge) * d/changelog: fix a typo in old (7.2+dfsg-4) entry * d/changelog: remove duplicate entries from 9.0.2+ds-2 log * d/rules: disable tests on sparc64 (it fails there) -- Michael Tokarev Fri, 06 Sep 2024 14:33:28 +0300 qemu (1:9.1.0+ds-2) unstable; urgency=medium * d/binfmt-install: do not install old/compat binfmt symlinks for qemu-user-binfmt package (there was none) (fixes FTBFS) -- Michael Tokarev Thu, 05 Sep 2024 08:31:03 +0300 qemu (1:9.1.0+ds-1) unstable; urgency=medium * new upstream release (9.1): - debian/gbp.conf: switch to 9.1 (experimental) - remove patches which are applied upstream: nbd-server-CVE-2024-7409-* scsi-fix-regression-and-honor-bootindex-again-for-le.patch virtio-net-Ensure-queue-index-fits-with-RSS-CVE-2024-6505.patch virtio-pci-Fix-the-use-of-an-uninitialized-irqfd.patch - cap-OPEN_MAX.diff: remove, not needed anymore (new code is different) - d/rules: stop --disable-pvrdma (it is removed) - d/control: bump meson build dep to >>1.1.0 - d/control: drop version requirement for libpipewire - d/rules,d/control.mk: remove nios2 targets (dropped upstream) - revert-hw-virtio-move-stubs-out-of-stubs.patch: temp, - to work around upstream minimal microvm build breaklage - d/rules: install (x86-specific) qemu-vmsr-helper (binary and systemd units) * d/rules: switch system manpages from symlinks back to .so (cross-package symlinks to manpages are not handled by dh_installman) * merge qemu-user-static binaries into qemu-user package, making making qemu-user-static to be a helper/compatibility/transitional only: - d/binfmt-install: work on fixed packages - d/rules: expand $(install-user) - d/rules: move user-alias-* definitions closer to usage - d/rules install -static compat symlinks for qemu-user-static package - d/source/lintian-overrides: add unusual-field-spacing: Breaks - d/binfmt-install: little rework for $omit handling - d/binfmt-install: ship links to native-family binfmts in /usr/share/doc/$pkg for compatibility with 8.0..9.1~ Closes: #1079603 -- Michael Tokarev Thu, 05 Sep 2024 00:16:01 +0300 qemu (1:9.0.2+ds-7) unstable; urgency=medium * d/rules: make check actually needs system (disable testsuite if !system) * d/patches/gnu-hurd.patch: add IOV_MAX define too * d/rules: add mandir and man1dir variables to shorten things * d/rules: simplify/streamline install-system macro a little bit * d/rules: install-system macro: no need for leading tabs * d/binfmt-install: omit loongarch64 binfmt on loong64 (Closes: #1080085) * d/rules: use meson instead of make to run tests * d/rules: increase test timeout by a factor of 2 on riscv64 build -- Michael Tokarev Sat, 31 Aug 2024 08:56:40 +0300 qemu (1:9.0.2+ds-6) unstable; urgency=medium * cap-OPEN_MAX.diff: update to include second case of the same code (really closes: #1078757) * gnu-hurd.patch: update to define PATH_MAX on hurd * Revert "d/patches,d/binfmt-install: stop patching qemu to support old kernel binfmt interface (remove linux-user-binfmt-P.diff)" This change can be kept for longer to support bullseye and older kernels * d/binfmt-install: add aarch6_be fmt * d/binfmt-install: change a few \x7fELF into \x7f\x45\x4c\x46 in magic strings to align with masks and be consistent (no actual changes) * d/rules,d/control.mk: move some stuff from d/rules to d/control.mk and include control.mk earlier * d/control.mk: remember upstream version we built for and complain if it is not the same * d/rules: move user-targets definition to control.mk and verify if the list is correct * d/rules: move vdso list and handling to d/control.mk and verify vdso hasn't changed since last version * d/control, d/rules: enable the testsuite again (block only) since we build-depend on qemu-system-data. Add build-depends on seabios -- Michael Tokarev Mon, 26 Aug 2024 17:39:35 +0300 qemu (1:9.0.2+ds-5) unstable; urgency=medium [ Sergio Durigan Junior ] * d/rules: Unset ELF_PACKAGE_METADATA when building ROMs. Ubuntu started setting ELF_PACKAGE_METADATA during builds, but that can badly affect ROMs (see LP #2077431). [ Michael Tokarev ] * d/control: add alpha to utils-arch * d/control: remove kfreebsd-* * +gnu-hurd.patch (test) * d/rules: split-out d/control.mk * d/binfmt-install: remove s390x leftover (covered by last "*" entry) * d/rules: disable-bpf for qemu-user[-static] builds, it is leaked into the link uselessly * d/control: add the forgotten for qemu-system-gui * d/rules: remove --disable-install-blobs from xen build (it is in common options already) * d/rules: pass --extra-cflags explicitly to each build * d/rules: pass --extra-ldflags to each build explicitly too * d/rules: generate Built-Using: for qemu-user-static from a linker .map file * d/patches,d/binfmt-install: stop patching qemu to support old kernel binfmt interface (remove linux-user-binfmt-P.diff) * refine build-depend-arch: qemu-system-data for ubuntu and refine comment around this * cap-OPEN_MAX.diff - temporary, Closes: #1078757 (fixed for good in 9.1) * virtio-pci-Fix-the-use-of-an-uninitialized-irqfd.patch - refresh from upstream * +nbd-server-CVE-2024-7409-Avoid-use-after-free-when-c.patch - one more fix for CVE-2024-7409 -- Michael Tokarev Sun, 25 Aug 2024 18:50:52 +0300 qemu (1:9.0.2+ds-4) unstable; urgency=medium * d/rules: fix the brown-paper-bag bug in last upload * d/changelog: remove "Closes #1075428" from the previous entry, that issue has nothing to do with qemu -- Michael Tokarev Mon, 12 Aug 2024 08:05:39 +0300 qemu (1:9.0.2+ds-3) unstable; urgency=medium [ Sergio Durigan Junior ] * d/rules: Install block-gluster.so (instead of block-glusterfs.so). [ Michael Tokarev ] * d/control: vdso is needed by qemu-USER targets, not system * d/control, d/rules: instead of requiring the same version of qemu-system-data for vdso, use a fixed version of last interest * d/rules: build both opensbi64 and opensbi32 firmware (was 32bit only) * d/rules: simplify openbios build rule with patsubst * d/rules: --disable-containers * +virtio-net-Ensure-queue-index-fits-with-RSS-CVE-2024-6505.patch (Closes: #1075919, CVE-2024-6505) * CVE-2024-7409 (nbd server DoS) fixes: +nbd-server-Plumb-in-new-args-to-nbd_client_add.patch +nbd-server-CVE-2024-7409-Cap-default-max-connections.patch +nbd-server-CVE-2024-7409-Drop-non-negotiating-client.patch +nbd-server-CVE-2024-7409-Close-stray-clients-at-serv.patch -- Michael Tokarev Mon, 12 Aug 2024 07:06:03 +0300 qemu (1:9.0.2+ds-2) unstable; urgency=medium * d/rules: pass CROSS_COMPILE= to u-boot* config targets too, not just build targets * u-boot-sam460ex-build.patch: u-boot-sam460ex build fixes/workarounds * move helper binaries (qemu-bridge-helper, virtfs-proxy-helper, vhost-user-gpu) from usr/lib/qemu to usr/libexec/qemu * d/*.NEWS: use common indent of 2 spaces instead of sometimes-3 * switch from gcc-arm-none-eabi to gcc-arm-linux-gnueabi to build npcm7xx vbootrom * d/rules: use the same cross_prefix_* variables in d/rules as ./configure recognizes and export them for ./configure * d/rules: expand seabios-hpppa build and use cross_prefix_hppa* vars * d/rules: do not install opensbi-riscv64-generic-fw_dynamic.elf (only .bin file is needed) * rebuild linux-user vdso files during arch-indep build, so no pre-built binaries are used: - require all cross compilers in Build-Depend-Indep - build vdso archive (build-vdso) and ship it in qemu-system-data - Build-Depends-Arch: qemu-system-data (=source:Version) (with vdso archive) - pkg.qemu.use-upstream-vdso profile to avoid all this - allow building and using vdso files in single arch+indep build without using vdso archive from qemu-system-data - pkg.qemu.omit-vdso-build-dep profile to omit the dependency on qemu-system-data (for single arch+indep build) -- Michael Tokarev Sat, 03 Aug 2024 19:23:13 +0300 qemu (1:9.0.2+ds-1) unstable; urgency=medium * new upstream stable/bugfix release * remove patches applied upstream (from the previous upload) * + scsi-fix-regression-and-honor-bootindex-again-for-le.patch (https://forum.proxmox.com/threads/149772/post-679433) -- Michael Tokarev Wed, 17 Jul 2024 14:11:32 +0300 qemu (1:9.0.1+ds-1) unstable; urgency=medium * new upstream release * linux-user-binfmt-P.diff: refresh * d/rules: install the right qemu-system-x86_64-microvm binary * d/control: Build-Depend-Indep: gcc-hppa64-linux-gnu (for 64bit seabios-hppa) * d/rules: install hppa-firmware64.img * d/qemu-user-static.lintian-overrides: embedded-library zlib * +meson-Fix-MESONINTROSPECT-parsing.patch - fix build in a dir containing tilde (~) or other special chars * add 3 patches from upstream (fixing CVE-2024-4467, adding tests * +block-Parse-filenames-only-when-explicitly-requested.patch (avoid potentially dangerous parsing of (embedded) filenames) * d/rules drop dwz version check for bullseye and before * d/qemu-system-xen.lintian-overrides: drop the now-unused override * rewrap description of qemu-system-modules-opengl to fit in 80 columns * d/qemu-block-extra.postinst: add #DEBHELPER# token -- Michael Tokarev Fri, 05 Jul 2024 17:08:48 +0300 qemu (1:8.2.5+ds-2) unstable; urgency=medium * d/gen-module-upgrade.sh: move removal of run-qemu.mount to qemu-block-extra.postinst * gen-modules-upgrade.sh &Co: extend to handle multiple packages * add (ubuntu-specific) qemu-block-supplemental package (with glusterfs module) * d/control: qemu-block-extra Provides: qemu-block-supplemental on debian to be compatible with ubuntu * d/control: enable libblkio on sparc64 too (becomes the same as gluster, all 64bit architectures) * move block-blkio to qemu-block-supplemental on ubuntu like block-glusterfs * note-missing-module-pkg-name.diff: refresh, mention qemu-block-supplemental package * qboot-Disable-LTO-for-ELF-binary-build-step.patch (from ubuntu) (LP#1988710 LP#1921664 #1015607) * d/rules: enable a few optional features for microvm build virtfs: 9pfs, easier guest managing from local filesystem linux-aio, linux-io-uring: scalability numa (scalability) seccomp (security) Most of this (besides io-uring) has been enabled on ubuntu (LP#2045594) * d/rules,d/control: add system-arch-linux-64 list * d/control: enable numa on all system-arch-linux * debian/rules: remove references to ia64 (it is dead) * d/control: remove seccomp from x32 build (system is not built on x32) * d/rule: make user-arch the same as system-arch-linux (adds powerpc & powerpcspe) * d/rules,d/control: enable loong64 (Closes: #1074513) * d/control: mark more build-deps/--enable with system-arch[-linux] * d/control: s/dbus/D-Bus/ * d/rules: simplify ${VENDOR} handling and lowercase it -- Michael Tokarev Sun, 30 Jun 2024 23:21:27 +0300 qemu (1:8.2.5+ds-1) unstable; urgency=medium * new upstream stable/bugfix release * d/control: drop rbd support on ppc64 and sparc64 (it does not build there, always failing) * d/control: fuse is linux-only * d/control: ia64 is dead -- Michael Tokarev Thu, 13 Jun 2024 13:39:33 +0300 qemu (1:8.2.4+ds-2) unstable; urgency=medium * d/control: build-depend on pkgconf * annotate more deps for cross-build (#995622), incl. native glib for hexagon build-time tool * virtio-pci-Fix-the-use-of-an-uninitialized-irqfd.patch (fixing qemu segfault in cryptsetup CI) -- Michael Tokarev Fri, 31 May 2024 14:59:28 +0300 qemu (1:8.2.4+ds-1) unstable; urgency=medium * new upstream stable/bugfix release * remove patches applied upstream * enable libblkio (blkio extra block driver) on some 64bit platforms -- Michael Tokarev Mon, 20 May 2024 16:14:17 +0300 qemu (1:8.2.3+ds-2) unstable; urgency=medium * d/changelog: add Closes: for security bugs fixed by 8.2.3 * static-linux-user-stubs: provide some stubs for static linux-user build (this avoids ld warnings about getpw*()) * add 3 missing upstream commits to fix 8.2.3 breakage on riscv64 The broken commit is 1e4ec0958e "target/riscv/kvm: fix timebase-frequency when using KVM acceleration", which requires other changes in the same patch series: target-riscv-kvm-change-KVM_REG_RISCV_FP_F-to-u32.patch target-riscv-kvm-change-KVM_REG_RISCV_FP_D-to-u64.patch target-riscv-kvm-change-timer-regs-size-to-u64.patch (Closes: #1069892) -- Michael Tokarev Sat, 27 Apr 2024 20:09:22 +0300 qemu (1:8.2.3+ds-1) unstable; urgency=medium [ Michael Tokarev ] * new upstream stable/bugfix release Closes: #1068819, CVE-2024-26327, CVE-2024-26328 Closes: #1068820, CVE-2024-3446 Closes: #1068821, CVE-2024-3447 Closes: #1068822, CVE-2024-3567 * fix typo in newly added change (expection) * d/rules: run dh_installdocs for install-indep too [ Sergio Durigan Junior ] * d/control: Fix typo in long description of qemu-system-gui package -- Michael Tokarev Thu, 25 Apr 2024 07:48:12 +0300 qemu (1:8.2.2+ds-2) unstable; urgency=medium * d/control: fix qemu version in Breaks: to include the missing epoch (Closes: #1065469) * d/rules: remove x32 from qemu-user host arch list and add it to tools -- Michael Tokarev Tue, 05 Mar 2024 10:27:47 +0300 qemu (1:8.2.2+ds-1) unstable; urgency=medium * new upstream stable/bugfix release * d/gen-module-upgrade.sh: change addfr() for clarity * d/rules: stop qemu-system-${arch} packages from providing themselves (different fix, really closes: #1063233) * d/rules: ensure ${sysdataidir} is created in pre-install-indep * d/control: stop build-depending on texinfo (not used) * d/rules: build docs directly with sphinx, --disable-docs, install more docs * move system docs to qemu-system-data * d/rules: stop compressing config examples * d/control: bc isn't needed for u-boot anymore * d/copyright: exclude python/wheels/*.whl (not used on debian) * remove patch included upstream now: ui-clipboard-mark-type-as-not-available-when-no-data-CVE-2023-6683.patch * d/rules: disable building qemu-system on x32 * remove disable-xen-on-x32.patch -- Michael Tokarev Mon, 04 Mar 2024 22:55:03 +0300 qemu (1:8.2.1+ds-2) unstable; urgency=medium * rework module-upgrade handling: do not ship /run/qemu.mount unit anymore, instead bind-mount-exec particular subdir in /run/qemu/ on upgrade only if some qemu-system-foo processes are running * d/control: Rules-Requires-Root: no * d/control: Standards-Version: 4.6.2 * d/rules: stop qemu-system-${arch} packages from providing themselves (Closes: #1063233) * d/rules: run ./configure in arch-indep build and build some roms from there * build x86 optionrom using qemu build rules * d/rules: move fragments which builds firmware out of qemu arch-indep subdir closer together (no code changes) * d/control: clarify qemu-system-gui description: this is not a management gui for qemu * d/control: set minimum version for libpipewire (for bullseye) * d/control: require recent python3 or separate tomli (for bullseye) -- Michael Tokarev Sat, 24 Feb 2024 12:19:35 +0300 qemu (1:8.2.1+ds-1) unstable; urgency=medium * new upstream stable/bugfix release * remove all upstream-applied patches * d/patches/note-missing-module-pkg-name.diff: fixup * replace fix for CVE-2023-6683 (A different fix from upstream) * remove the mistakenly-added temp file in d/qemu-block-extra/ * d/.gitignore: refresh -- Michael Tokarev Tue, 30 Jan 2024 10:32:17 +0300 qemu (1:8.2.0+ds-5) unstable; urgency=medium * d/rules, d/run-qemu.mount: use dh_installsystemd to install run-qemu.mount (Closes: #1060087) * update hppa and seabios-hppa patch series * ui-clipboard-avoid-crash-upon-request-when-clipboard-CVE-2023-6683.patch (Closes: #1060749, CVE-2023-6683) * +target-s390x-Fix-LAE-setting-a-wrong-access-register.patch * +tcg-s390x-Fix-encoding-of-VRIc-VRSa-VRSc-insns.patch fix chacha20 issue on s390x * update hw-vfio-fix-iteration-over-global-VFIODevice-list.patch -- Michael Tokarev Thu, 18 Jan 2024 10:16:31 +0300 qemu (1:8.2.0+ds-4) unstable; urgency=medium * d/rules: fix "tail -20" usage * note-missing-module-pkg-name.diff: update, to be much more accurate No more sporadic warnings about missing audio backends etc * d/control: clarify qemu-system-gui and qemu-system-modules-* package descriptions a little bit (#1059457) * more fixups from the ML targetting stable: + hw-net-cadence_gem-fix-MDIO_OP_xxx-values.patch + tcg-ppc-use-new-registers-for-LQ-destination.patch + target-riscv-fix-mcycle-minstret-increment-behavior.patch * a bunch of hppa and seabios-hppa fixes targetting -stable for https://gitlab.com/qemu-project/qemu/-/issues/2044 -- Michael Tokarev Thu, 04 Jan 2024 22:47:59 +0300 qemu (1:8.2.0+ds-3) unstable; urgency=medium * +virtio-net-correctly-copy-vnet-header-when-flushing-TX-CVE-2023-6693.patch Fix CVE-2023-6693 (virtio-net: stack buffer overflow in virtio_net_flush_tx) * +target-i386-the-sgx_epc_get_section-stub-is-reachable.patch * +target-xtensa-fix-OOB-TLB-entry-access.patch * d/rules: print last 20 lines of config.log & meson.log if ./configure fails -- Michael Tokarev Tue, 02 Jan 2024 15:54:35 +0300 qemu (1:8.2.0+ds-2) unstable; urgency=medium * include-ui-rect.h-fix-qemu_rect_init-mis-assignment.patch fixes virtio-gpu redraw issue (Closes: #1059211) * hw-vfio-fix-iteration-over-global-VFIODevice-list.patch fixes reboot issue with virtio-gpu * target-i386-do-not-re-compute-new-pc-with-CF_PCREL.patch fixes 4M edk2 stall in i386 tcg mode * block-fix-crash-when-loading-snapshot-on-inactive-no.patch fix possible assertion failure when loading snapshot -- Michael Tokarev Tue, 02 Jan 2024 12:10:14 +0300 qemu (1:8.2.0+ds-1) unstable; urgency=medium * new upstream release 8.2.0 Closes: #1013952 * d/rules: re-enable building static-pie binaries (the default) for qemu-user-static again (formally Closes: #1053101, LP:#1908331) * d/rules: add --disable-pie for static build on i386 due to #1056739 * d/control: qemu-system-x86 depends on seabios >>1.16.3-1 due to ahci fix * d/qemu-user-static.lintian-overrides: +shared-library-lacks-prerequisites for static-pie executables * d/rules: omit qemu-user-static package from dh_shlibdeps run since dpkg-shlibdeps complains about static-pie binaries * d/rules: fix bugzilla.redhat.com url (migrated to issues.redhat.com) * d/patches: remove patches applied upstream * d/patches, d/rules: use --disable-relocatable instead of a patch * d/patches: refresh disable-xen-on-x32.patch * d/control: --enable-pixman (which is optional now) * d/rules: vnc needs pixman too (for xen and microvm builds) * d/copyright: stop excluding subprojects/dtc (not included anymore) * d/source/lintian-overrides: +source-is-missing for vdso.so files -- Michael Tokarev Wed, 20 Dec 2023 18:21:19 +0300 qemu (1:8.1.3+ds-1) unstable; urgency=medium * new upstream stable/bugfix release * remove patches applied upstream: - linux-user-Fixes-for-zero_bss.patch - target-mips-Fix-MSA-BZ-BNZ-opcodes-displacement.patch - hw-ide-reset-cancel-async-DMA-operation-before-reset.patch * d/control, d/qemu-system-gui.install: enable pipewire audio support (Closes: #1055221) -- Michael Tokarev Wed, 22 Nov 2023 17:56:06 +0300 qemu (1:8.1.2+ds-1) unstable; urgency=medium * upstream 8.1.2 stable/bugfix release * remove all stable-staging/ patches and two more (all included into 8.1.2) * d/rules: microvm build: do not explicitly enable avx2 -- Michael Tokarev Tue, 17 Oct 2023 09:44:39 +0300 qemu (1:8.1.1+ds-2) unstable; urgency=medium * d/rules: fix binary target to produce both arch and indep binaries instead of omitting indep one(s) * d/patches: sync with current staging-8.1 branch, many new fixes * additional fixes: +hw-ide-ahci-fix-legacy-software-reset.patch +target-mips-Fix-MSA-BZ-BNZ-opcodes-displacement.patch +hw-ide-reset-cancel-async-DMA-operation-before-reset.patch -- Michael Tokarev Sun, 08 Oct 2023 12:28:55 +0300 qemu (1:8.1.1+ds-1) unstable; urgency=medium * new upstream stable/bugfix release * remove all stable-staging/ patches, keep softmmu-Use-async_run_on_cpu-in-tcg_commit.patch * vfio-display-fix-missing-update-to-set-backing-field.patch * scsi-disk-disallow-small-block-sizes-CVE-2023-42467.patch (Closes: #1051899, CVE-2023-42467) * migration-qmp-Fix-crash-on-setting-tls-authz-with-nu.patch * d/patches/move-vl-opts/ - stop linking everything with async-teardown.c, un-FTBFS on ia64 * d/control: minor: remove old todo comments * d/control: disable rbd (ceph) on 32bit platforms (Closes: #1053172) * d/control: enable rbd on riscv64 once it's built there * d/copyright: also remove subprojects/dtc -- Michael Tokarev Sun, 01 Oct 2023 22:11:24 +0300 qemu (1:8.1.0+ds-6) unstable; urgency=medium * re-enable softmmu-Use-async_run_on_cpu-in-tcg_commit.patch * add https://www.mail-archive.com/qemu-devel@nongnu.org/msg989073.html fixing https://gitlab.com/qemu-project/qemu/-/issues/1866 * d/rules: reorder some definitions to evaluate in proper order -- Michael Tokarev Wed, 20 Sep 2023 23:31:59 +0300 qemu (1:8.1.0+ds-5) unstable; urgency=medium * disable softmmu-Use-async_run_on_cpu-in-tcg_commit.patch The change in softmmu-Use-async_run_on_cpu-in-tcg_commit.patch which is a fix for https://gitlab.com/qemu-project/qemu/-/issues/1864 (x86 VM with TCG and SMP fails to start on 8.1.0) introduces https://gitlab.com/qemu-project/qemu/-/issues/1866 * more patches from stable-staging * re-introduce qemu-debootstrap for now until all users of it will be converted to regular debootstrap -- Michael Tokarev Sun, 17 Sep 2023 19:10:34 +0300 qemu (1:8.1.0+ds-4) unstable; urgency=medium * d/changelog: fix spelling * +linux-user-Fixes-for-zero_bss.patch: fix linux-user zero_bss bug * many small changes for d/rules * d/rules: split out qemu-user build out out of main qemu build When both system and linux-user builds are enabled, linux-user build is getting features only relevant for system (softmmu) configuration, like linking with liburing, libnuma and other softmmu-only stuff. So build it separately. This not only makes qemu-user smaller and neater, but it also makes Built-Using field for qemu-user-static (which is generated from Depends field of qemu-user) accurate. * d/qemu-user[-static].docs: use unprocessed .rst doc instead of html * d/rules: check for nocheck in DEB_BUILD_PROFILES too, not only DEB_BUILD_OPTIONS * d/rules, d/control: disable build-time test due to apparent dak bug -- Michael Tokarev Mon, 11 Sep 2023 14:19:32 +0300 qemu (1:8.1.0+ds-3) unstable; urgency=medium * d/control: split out most of Build-Depends to Build-Depends-Arch, in order to break B-D loop on qemu-system-data (it is only needed for -Arch) and to reduce arch-all build time. Only very few things left in common Build-Depends. * Removing most things from B-D discovered that skiboot includes openssl header(s) (!), so add libssl-dev to Build-Depends-Indep. * d/control,d/rules: introduce build profiles to omit building some packages (mostly debugging aid, to reduce test build run time). * d/rules: use ninja directly for various qemu builds (non-verbose build now shows errors/warnings nicely) * d/control: Rules-Requires-Root: "binary-targets", not "no", - this enables building as non-root, finally * d/rules: add forgotten -p for mkdir b/user-static * d/not-installed: list 2 files from user/ manual (which is built even on unsupported architectures) -- Michael Tokarev Sun, 10 Sep 2023 01:30:15 +0300 qemu (1:8.1.0+ds-2) unstable; urgency=medium * d/control: fix descriptions of qemu-system-gui and qemu-system-modules-spice packages * update lintian-overrides * d/rules: enable verbose (-v) build for qboot * d/rules: move lto control to where it actually works * d/rules: remove usage of "standard dh sequencer". It has multiple issues. To name a few: - it exports CFLAGS &Co which breaks badly when trying to compile bios/firmware code (fixes FTBFS with new -fcf-protection) - it performs multiple recursive calls to d/rules which is slow when make variables are set using $(shell), - annoying when debugging - it hides actual actions being done at install/binary stages - it is confusing in override_dh_foo{,-indep,-arch} - it does just too much unknown magic, - just give the control back. -- Michael Tokarev Sat, 09 Sep 2023 22:37:02 +0300 qemu (1:8.1.0+ds-1) unstable; urgency=medium * d/changelog: mention closing of #984451, CVE-2021-20255 by 8.1 * d/changelog: mention closing of #1041471 by 8.1 * d/patches: add patches currenly staged for 8.1.1 * d/gbp.conf: switch from experimental to master * upload to unstable -- Michael Tokarev Sat, 09 Sep 2023 17:03:54 +0300 qemu (1:8.1.0+ds-1~exp2) experimental; urgency=medium * qemu-system-modules-spice & qemu-system-modules-opengl packages, containing optional spice and opengl modules from qemu-system-common. Both are recommended by all qemu-system-* but can be removed if not used, to reduce list of dependencies. -- Michael Tokarev Wed, 23 Aug 2023 12:37:55 +0300 qemu (1:8.1.0+ds-1~exp1) experimental; urgency=medium * new upstream release Closes: #1041102, CVE-2023-3019 (NIC DMA reentrancy issue, problem class) Closes: CVE-2021-3750 (DMA MMIO reentrancy issue, problem class) Closes: #984451, CVE-2021-20255 (DMA reentrancy issue) Closes: #1041471 (qemu-user armel commpage mapping bug) * d/watch: change repack suffix to +ds * d/patches: remove patches applied upstream * disable-xen-on-x32.patch: refresh * d/copyright: stop stripping dtc/ and meson/, removed upstream * d/rules: replace --with-git-submodules=ignore with --disable-download * d/control: build-depend on python3-venv * d/control: bump minimum meson version to 0.63.0 * d/control: build-depend on seabios & qemu-system-data for the testsuite. qemu testsuite runs qemu-system binaries which require firmware even for simple tests * d/rules: run `make check-block' after the main build, as a minimal test for now * qemu-img-omit-errno-value-in-error-message.patch fixes check-block tests on mips* where errno values are different from other architectures. * late fix for 8.1 linux-user-Adjust-brk-for-load_bias.patch -- Michael Tokarev Wed, 23 Aug 2023 08:01:13 +0300 qemu (1:8.0.4+dfsg-3) unstable; urgency=medium * d/rules: export PYTHONDONTWRITEBYTECODE=1 to stop generating .pyc files (Closes: #1046056) * d/control: list more CPU types emulated by qemu in package descriptions * d/control: refine qemu-system-gui package description * d/rules: remove --interp-prefix= configure option * late fix for 8.1: target-arm-Fix-SME-ST1Q.patch * late fix for 8.1: target-arm-Fix-64-bit-SSRA.patch * d/control: remove old versions from build-deps -- Michael Tokarev Tue, 22 Aug 2023 20:15:07 +0300 qemu (1:8.0.4+dfsg-2) unstable; urgency=medium * remove linux-user-show-heap-address-in-proc-pid-maps.patch * pick 2 nvme fixes from upstream: - hw-nvme-fix-oob-memory-read-in-fdp-events-log-CVE-2023-4135.patch Closes: #1050142, CVE-2023-4135 - hw-nvme-fix-null-pointer-access-in-directive-receive-CVE-2023-40360.patch Closes: #1050140, CVE-2023-40360 * d/rules: --enable-virtfs (--enable-attr --enable-cap-ng) for xen build to enable 9pfs (Closes: #1049925) * d/rules: run-qemu.mount is linux-specific too (if we ever do non-linux system build) * d/control: disable sndio on debian too (disabled on ubuntu), for now anyway * d/*.install, d/rules: explicitly list all qemu-system modules * d/control: build-depend on libglib2.0-dev (forgotten!) and zlib1g-dev, move the two to the top before all optional deps * d/changelog: fix 7.1+dfsg-1 changelog entry (qemu-user and qemu-system) -- Michael Tokarev Mon, 21 Aug 2023 09:57:59 +0300 qemu (1:8.0.4+dfsg-1) unstable; urgency=medium * new upstream stable/bugfix release Closes: CVE-2023-3180 (virtual crypto virtio_crypto_handle_sym_req) Closes: CVE-2023-3354 (VNC server QIOChannel NULL ptr deref) Closes: CVE-2023-3255 (VNC: infinite loop in inflate_buffer) * d/patches: remove patches picked up from stable-staging branch which are applied in 8.0.4 * d/control: build-depend on libglib2.0-dev (forgotten!) and zlib1g-dev, move the two to the top before all optional deps * remove xen-specific wrapper for qemu-system-i386 (needed for bookworm upgrade only) -- Michael Tokarev Fri, 11 Aug 2023 22:13:36 +0300 qemu (1:8.0.3+dfsg-5) unstable; urgency=medium * remove previous 2 mmap/brk patches for now linux-user-optimize-memory-layout-for-static-and-dyn.patch linux-user-load-pie-executables-at-upper-memory.patch These are intended for 8.1, and causes other issues on 8.0. Closes: #1042808 Reopens: #1040981 -- Michael Tokarev Wed, 02 Aug 2023 10:55:50 +0300 qemu (1:8.0.3+dfsg-4) unstable; urgency=medium * more linux-user address fixes from Helge Deller Remove stable-staging/linux-user-fix-qemu-arm-to-run-static-armhf-binaries.patch linux-user-limit-brk-adjustment-wrt-interp.brk-to-arm32.patch Add linux-user-show-heap-address-in-proc-pid-maps.patch linux-user-optimize-memory-layout-for-static-and-dyn.patch linux-user-load-pie-executables-at-upper-memory.patch This *might* fix #1041859. * stable-staging/tcg-ppc-fix-race-in-goto_tb-implementation.patch fix qemu sigsegv on ppc -smp. Should fix autopkgtests (debvm, others) * Stop passing --no-start to qga's dh_installsystemd. qga is activated from an udev rule, but we need to restart it on upgrade. Change by Sergio Durigan. Closes: LP#2028124. -- Michael Tokarev Wed, 26 Jul 2023 07:51:20 +0300 qemu (1:8.0.3+dfsg-3) unstable; urgency=medium * d/control: glusterfs: drop pre-buster glusterfs-common alternative, restrict glusterfs support to 64bit (see #1039604) * linux-user-limit-brk-adjustment-wrt-interp.brk-to-arm32.patch Fix (band-aid for now) an unexpected breakage caused by the previous patch in this area which fixes static executables loading on armhf. * d/binfmt-install: update mips* magic strings from upstream commit 77d119dd335f910c7: mips: allow nonzero EI_ABIVERSION, distinguish o32 and n32 (Closes: #1041597) -- Michael Tokarev Sat, 22 Jul 2023 11:53:38 +0300 qemu (1:8.0.3+dfsg-2) unstable; urgency=medium * d/patches: set Forwarded: URLs for some patches * add 5 qemu-user fixes staging for the next stable: linux-user-make-sure-initial-brk-0-is-page-aligned.patch linux-user-fix-qemu-brk-to-not-zero-bytes-on-current-page.patch linux-user-prohibit-brk-to-to-shrink-below-initial-address.patch linux-user-fix-signed-math-overflow-in-brk-syscall.patch linux-user-fix-qemu-arm-to-run-static-armhf-binaries.patch (Closes: #1040981) -- Michael Tokarev Thu, 20 Jul 2023 09:59:49 +0300 qemu (1:8.0.3+dfsg-1) unstable; urgency=medium * new upstream stable/bugfix release 8.0.3 Including the following security fix(es): - 9pfs: prevent opening special files (CVE-2023-2861) * remove patches now included upstream: - hw-mips-malta-fix-the-malta-machine-on-big-endian-hosts.patch - qga-fix-suspend-on-linux-guests-without-systemd.patch - hw_intc_allwinner-a10-pic-handle-IRQ-levels-other-than-0-or-1.patch - linux-user-Avoid-mmap-of-the-last-byte-of-the-reserv.patch * d/rules: omit qemu-systemd-data from dh_dwz run * d/rules: create qemu-system-armhf & qemu-system-armel aliases for qemu-system-arm (Closes: #1040209) -- Michael Tokarev Tue, 11 Jul 2023 15:07:04 +0300 qemu (1:8.0.2+dfsg-3) unstable; urgency=medium * d/patches/*: update, add DEP-3 headers * d/rules: strip ../../ prefix from compile paths to undo sub-subdir build (-ffile-prefix-map) * linux-user-Avoid-mmap-of-the-last-byte-of-the-reserv.patch: (hackish) fix for recent memory failures -- Michael Tokarev Thu, 29 Jun 2023 18:36:33 +0300 qemu (1:8.0.2+dfsg-2) unstable; urgency=medium * d/rules: --enable-libusb for xen build (Closes: #1037341) * reapply linux-user-binfmt-P.diff. Re-rely on qemu-user's argv0 to detect it is running in binfmt context. The problem is that while we ship kernel which can pass this info the qemu way, there are many containers which are running on older kernels still, including bullseye kernel (5.10) which does not have this feature. Keep it for a bit more. * hw_intc_allwinner-a10-pic-handle-IRQ-levels-other-than-0-or-1.patch Pick a patch from upstream mailinglist to fix regression in 8.0.2 -- Michael Tokarev Thu, 15 Jun 2023 22:25:50 +0300 qemu (1:8.0.2+dfsg-1) unstable; urgency=medium * new upstream stable/bugfix release Closes: #1029155, CVE-2023-0330: A DMA-MMIO reentrancy problem in lsi53c895a device * keep full upstream version number, not just first 2 components (Closes: #855966) * d/copyright: remove stray newline * d/control: drop libuuid-dev build-dep (not used) * clarify files in d/not-installed just a little bit * fixup qemu(1) refs in qemu-storage-daemon(1) * move qemu-storage-daemon and qemu-block-drivers.7 from qemu-system-common to qemu-utils * remove patches now included upstream: - linux-user-fix-getgroups-setgroups-allocations.patch - rtl8139-fix-large_send_mss-divide-by-zero.patch - target_i386-Change-wrong-XFRM-value.patch * qga-fix-suspend-on-linux-guests-without-systemd.patch (hopefully Closes: #1004943) * d/rules: disable pvrdma (Closes: #1034179, CVE-2023-1544) CVE-2023-1544: huge number of page tables for a ring of descriptors for CQ and async events, potentially leading to an OOB read and crash -- Michael Tokarev Sun, 11 Jun 2023 11:49:17 +0300 qemu (1:8.0+dfsg-4) experimental; urgency=medium * d/control: do not use --enable-spice on sh4 and --enable-seccomp on hppa where qemu-system is not being built * spelling-information.patch: add headers * merge d/qemu-system-x86.NEWS into d/qemu-system-common.NEWS * d/rules: migrate docs for individual qemu-system-foo into symlinks pointing to qemu-system-common docs * d/rules: move qemu-user-binfmt doclink to the proper place, and remove installdocs and installchangelogs overrides * d/qemu-system-common.README.Debian, d/qemu-user*.README.Debian: update statement about ppc64el in READMEs * d/rules: switch to more declarative approach to generating various qemu-system-foo packages, fix some bugs * d/rules: switch to use "-" in variable names instead of "_" to avoid exporting variables from environment * add qemu-system-for-arch package (commented-out for now) * refresh d/source/lintian-overrides -- Michael Tokarev Fri, 21 Apr 2023 19:11:53 +0300 qemu (1:8.0+dfsg-3) experimental; urgency=medium * Release highlights: - build only tools on unsupported arches - much easier arch control in a single place - much easier dependency/options control - stop building system targets on ia64 and kfreebsd * d/control: generate Architecture: field dynamically from d/rules * demote ia64 and kfreebsd from system arches to tools arches * include m68k into list of utils arches * optional dependencies and --enable-feature in d/control: - update d/extract-config-opts to expect dpkg-like [arch] patterns - d/control: unify and simplify arch strings for --enable-foo and dependencies - d/control: switch some build-deps to [:system-arch:] * stop using --enable-tcg-interpreter for unsupported arches, add --enable-tools for main qemu build * provide --disable-xkbcommon to stop building qemu-keymap tool (!) * d/rules: for !enable-system build, remove qemu.1 manpage * install upstream qemu.desktop file instead of debian-specific * d/*.install: list files relative to d/tmp/, use ${DEB_HOST_MULTIARCH} * d/qemu-system-common.install: move 3 linux-specific files from d/rules to here * d/rules: move qemu-block-extrs maintscript/savedir generation to instide enable-system -- Michael Tokarev Thu, 20 Apr 2023 20:50:35 +0300 qemu (1:8.0+dfsg-2) experimental; urgency=medium * re-add the dropped-on-the-way Provides: qemu-system-any * specify versions for all Provides: so it's possible to add versioned deps (including qemu-system-any and qemu-kvm) * d/control: collapse Depends: qemu-system-* into tne new qemu-system-any * drop Breaks:/Replaces: qemu-kvm (it was for old qemu-kvm binary pkg) -- Michael Tokarev Thu, 20 Apr 2023 13:09:57 +0300 qemu (1:8.0+dfsg-1) experimental; urgency=medium * New qemu release 8.0.0. * remove binfmt-support registration, use systemd binfmd.d/ only No more binfmt-support support. Unregister any entries on upgrades. * binfmt: ship (but not enable) entries for all arches, do not omit native Ship all really-foreign binfmt entries in /usr/lib/binfmt.d/ as usual, to be enable automatically at package install. Also ship the same-cpu-family entries in /usr/share/doc/qemu-user-static/qemu-foo.conf - this way it will not be enabled automatically but it will be possible to (carefully) symlink the needed additional entries to /etc/binfmt.d/. (Closes: #924667, #1016810, #1027781) * qemu-system-*: add extra names to use as qemu-system-${DEB_HOST_ARCH_CPU}, for both the Provides: line and executable file names. See /usr/share/doc/qemu-system-common/README.Debian. * qemu-system-*: also Provides: qemu-system-any * qemu-system-ppc: provide qemu-kvm on ppc64el too, the same as ppc64 * qemu-user, qemu-user-static: provide qemu-${DEB_HOST_ARCH}[-static] aliases too, when qemu arch is different from debian arch. See /usr/share/doc/qemu-user[-static]/README.Debian. * d/binfmt-install: fix disabled .conf entries install for qemu-user-binfmt (those goes to qemu-user doc dir, not qemu-user-binfmt doc dir) * d/control: remove old (pre-bullseye) Breaks/Replaces * qemu-bridge-helper-path.patch: use the right path for qemu-bridge-helper in docs (Closes: #1027447) * d/qemu-system-common.NEWS: document dropping of virtiofsd * d/rules: add comment saying why savemoddir block needs to be generated * stop trying to provide os-specific qemu-ifup * two more spelling fixes for mistyped "information" -- Michael Tokarev Thu, 20 Apr 2023 04:19:06 +0300 qemu (1:8.0~rc4+dfsg-2) experimental; urgency=medium [ Vagrant Cascadian ] * debian/rules: Use 'printf' instead of 'echo' to avoid differences in underlying /bin/sh implementations. Closes: #1034431 [ Michael Tokarev ] * Provide Debian architecture names for qemu-system-foo packages and binaries, for arm64, armel, armhf, powerpc, amd64, loong64 and ppc64el. It is now possible to run qemu-system-$debianarch binary or depend on qemu-system-$debianarch package. This should simplify various tools for cross compilation and the like. Also Closes: #825841. * d/qemu-system-ppc.README.Debian: remove obsolete README about video.x -- Michael Tokarev Tue, 18 Apr 2023 05:04:04 +0300 qemu (1:8.0~rc4+dfsg-1) experimental; urgency=medium * update to 8.0.0-rc4 * d/rules, d/qemu.desktop: install a simple .desktop file in qemu-system-data so that qemu-system-foo has an icon under gnome/wayland * re-enable build on x32 - disable new CONFIG_XEN_EMU which is now enabled unconditionally on x86 * d/patches: restore note-missing-module-pkg-name.diff (lost in one of previous commits) * pick 3 more fixes from qemu-devel@: +rtl8139-fix-large_send_mss-divide-by-zero.patch +target_i386-Change-wrong-XFRM-value.patch +hw_mips_malta-Fix-malta-machine-on-big-endian-hosts.patch -- Michael Tokarev Fri, 14 Apr 2023 12:25:57 +0300 qemu (1:8.0~rc3+dfsg-2) experimental; urgency=medium * d/rules: fix qemu.svg install and remove .png fallback icons again (qemu window still doesn't have an icon) * d/binfmt-install: fix systemd binfmt registration broken since previous upload * +linux-user-fix-getgroups-setgroups-allocations.patch (Closes: #811087) -- Michael Tokarev Mon, 10 Apr 2023 12:33:01 +0300 qemu (1:8.0~rc3+dfsg-1) experimental; urgency=medium * new upstream release candidate (8.0.0-rc3) * d/control: build-depend on gcc-powerpc-linux-gnu (for u-boot code) * d/rules: build u-boot-sam460 ppc firmware (u-boot-sam460-20100605.bin) * +u-boot-sam460ex-fdi.patch * +u-boot-sam460ex-mstring.patch * d/copyright: stop stripping roms/u-boot/, we need it for u-boot.e500 * d/rules: build u-boot.e500 binary (Closes: #756833) * d/rules: install all png icons too (for gtk display) * d/rules: remove old compat qboot symlink * remove skip-meson-pc-bios.diff (and skip-unpack-edk2-blobs.patch), fix pc-bios/meson.build instead * remove d/get-orig-source.sh now when d/copyright is set up * d/source/options: stop diff-ignoring submodules -- Michael Tokarev Thu, 06 Apr 2023 09:50:41 +0300 qemu (1:8.0~rc2+dfsg-1) experimental; urgency=medium [ Michael Tokarev ] * new upstream 8.0 (rc2) Packaging changes: * d/rules, d/qemu-system-common.lintian-overrides: do not try to install virtiofsd, it is removed in qemu 8.0 * d/rules: do not build sgabios, it is removed upstream in 8.0 * spelling.diff: remove hunks which has been applied, adopt virtio.c=>virtio-hmp.c for remaining * patches: remove all patches from d/patches/master/ (picked from upstream) * hw-pvrdma-protect-against-guest-driver-CVE-2022-1050.patch: remove, also applied upstream * microvm-default-machine-type.patch: adjust for 8.0 * openbios-address-of-packet-member.patch: remove, not needed anymore * d/control: build-depend on flex & bison * d/rules: it is --disable-install-blobs, not --disable-blobs for xen too * build microblaze firmware (petalogic-*.dtb) instead of using shipped one * remove microblaze firmware (petalogic-*.dtb) for -dfsg * remove previously deprecated qemu-debootstrap * stop using custom $argv[0] for binfmt * d/rules: always disable dwz if <<0.14 * stop enabling avx512f for xen build (it is disabled by default) * d/rules: install .bmp icon, not .png [ Christian Ehrhardt ] * d/control-in: libsndio is in universe in ubuntu * d/control-in: libnfs is in main since focal, enable direct nfs storage support (LP: #1988704) -- Michael Tokarev Fri, 31 Mar 2023 15:44:21 +0300 qemu (1:7.2+dfsg-5) unstable; urgency=medium * d/qemu-guest-agent.udev: fix missing comma (Christian Schneider , Closes: #1031838) * remove qemu-make-debian-root. Ths script debian/qemu-make-debian-root has been broken for ages. In 2023, it creates /etc/fstab with a reference to /dev/hda1, and edits /etc/inittab which does not exist. And no one noticed, - so it's safe to assume it is not used anymore. Just remove it. * re-pick qemu-stable patches from master (the same patch contents): master/tests-tcg-i386-Introduce-and-use-reg_t-consistently.patch master/target-i386-Fix-BEXTR-instruction.patch master/target-i386-Fix-C-flag-for-BLSI-BLSMSK-BLSR.patch master/target-i386-fix-ADOX-followed-by-ADCX.patch * 20 more changes picked from upstream/master: master/target-i386-Fix-BZHI-instruction.patch master/block-iscsi-fix-double-free-on-BUSY-or-similar-status.patch master/hw-smbios-fix-field-corruption-in-type-4-table.patch master/Revert-x86-do-not-re-randomize-RNG-seed-on-snapshot-.patch master/Revert-x86-re-initialize-RNG-seed-when-selecting-ker.patch master/Revert-x86-reinitialize-RNG-seed-on-system-reboot.patch master/Revert-x86-use-typedef-for-SetupData-struct.patch master/Revert-x86-return-modified-setup_data-only-if-read-a.patch master/Revert-hw-i386-pass-RNG-seed-via-setup_data-entry.patch master/vhost-user-gpio-Configure-vhost_dev-when-connecting.patch master/vhost-user-i2c-Back-up-vqs-before-cleaning-up-vhost_.patch master/vhost-user-rng-Back-up-vqs-before-cleaning-up-vhost_.patch master/virtio-rng-pci-fix-migration-compat-for-vectors.patch master/virtio-rng-pci-fix-transitional-migration-compat-for.patch master/hw-timer-hpet-Fix-expiration-time-overflow.patch master/vdpa-stop-all-svq-on-device-deletion.patch master/vhost-avoid-a-potential-use-of-an-uninitialized-vari.patch master/libvhost-user-check-for-NULL-when-allocating-a-virtq.patch master/chardev-char-socket-set-s-listener-NULL-in-char_sock.patch master/intel-iommu-fail-MAP-notifier-without-caching-mode.patch master/intel-iommu-fail-DEVIOTLB_UNMAP-without-dt-mode.patch -- Michael Tokarev Sun, 05 Mar 2023 20:09:04 +0300 qemu (1:7.2+dfsg-4) unstable; urgency=medium * block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch: re-pick now from master (the same patch, moved to master/). * revert x86-don-t-let-decompressed-kernel-image-clobber-setu.patch Closes: #1031682. This turned out to be wrong move, breaking more stuff than fixing. Upstream is going to revert it too. -- Michael Tokarev Mon, 20 Feb 2023 21:00:18 +0300 qemu (1:7.2+dfsg-3) unstable; urgency=medium [ Paride Legovini ] * Disable LTO on non-amd64 builds (LP: #1921664) [ Michael Tokarev ] * target-arm-Fix-physical-address-resolution-for-Stage2.patch: re-fetch now from master branch * 4 more patches picked from master: x86-don-t-let-decompressed-kernel-image-clobber-setu.patch migration-ram-Fix-error-handling-in-ram_write_tracki.patch migration-ram-Fix-populate_read_range.patch qcow2-Fix-theoretical-corruption-in-store_bitmap-err.patch * 5 fixes picked from current pullreqs: block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch tests_tcg_i386-introduce-and-use-reg_t-consistently.patch target_i386-fix-BEXTR-instruction.patch target_i386-fix-C-flag-for-BLSI-BLSMSK-BLSR.patch target_i386-fix-ADOX-followed-by-ADCX.patch * disable dwz on certain architectures for older dwz (FTBFS on bullseye, #968670) -- Michael Tokarev Fri, 10 Feb 2023 14:29:12 +0300 qemu (1:7.2+dfsg-2) unstable; urgency=medium * d/rules: add -ffile-prefix-map when building skiboot * d/control: provide qemu-kvm in qemu-system-misc on s390x (Closes: #1029309) * d/control: drop dependency of qemu-guest-agent on lsb-base * Picked patches from qemu master branch tagged for qemu-stable up to commit deabea6e88 (2023-02-02): target-sh4-Mask-restore-of-env-flags-from-tb-flags.patch vhost-fix-vq-dirty-bitmap-syncing-when-vIOMMU-is-ena.patch virtio-mem-Fix-the-bitmap-index-of-the-section-offse.patch virtio-mem-Fix-the-iterator-variable-in-a-vmem-rdl_l.patch target-arm-fix-handling-of-HLT-semihosting-in-system.patch meson-accept-relative-symlinks-in-meson-introspect-i.patch target-riscv-Set-pc_succ_insn-for-rvc-illegal-insn.patch acpi-cpuhp-fix-guest-visible-maximum-access-size-to-.patch hw-nvme-fix-missing-endian-conversions-for-doorbell-.patch hw-nvme-fix-missing-cq-eventidx-update.patch configure-fix-GLIB_VERSION-for-cross-compilation.patch target-arm-Fix-sve_probe_page.patch target-arm-allow-writes-to-SCR_EL3.HXEn-bit-when-FEA.patch target-arm-Fix-in_debug-path-in-S1_ptw_translate.patch * Also: target-arm-Fix-physical-address-resolution-for-Stage.patch -- Michael Tokarev Thu, 02 Feb 2023 21:17:10 +0300 qemu (1:7.2+dfsg-1) unstable; urgency=medium * new upstream release Closes: #1025123 CVE-2022-4172 (erst: undefined behavior in memcpy in write_erst_record) Closes: #1021981 qemu-user: faccessat2 is not implemented Closes: #1021019 CVE-2022-3165 (VNC: integer underflow in vnc_client_cut_text_ext leads to CPU exhaustion) * remove patches applied upstream * refresh note-missing-module-pkg-name.diff * slirp is always external package now, not a submodule anymore * d/control: require meson >> 0.61.5~ for build * spelling.diff: update with more spelling error * add some lintian-overrides * fix minor spelling errors in patches * d/control: Bump Standards-Version to 4.6.1 * debian shell programs use "which" instead of the "command -v", fix that (Closes: #1018254) * Better fix for #1019011 (gcc ICE building palcode-clipper), use -O1 instead of -O2 for the failing compile when it actually fails (no need to depend on gcc-11, Closes: #1011003) -- Michael Tokarev Thu, 15 Dec 2022 17:17:28 +0300 qemu (1:7.1+dfsg-2) unstable; urgency=medium * tulip-restrict-DMA-engine-to-memories-CVE-2022-2962.patch fix possible stack or heap overflow (tulip: DMA reentrancy issue) Closes: #1018055, CVE-2022-2962 * hw-pvrdma-protect-against-guest-driver-CVE-2022-1050.patch fix possible use-after-free in paravirtual RDMA device. Closes: #1014589, CVE-2022-1050 * mention closing of #979677 (CVE-2020-14394) by 7.1 * d/rules: parametrify extra-cflags & extra-ldflags * d/rules: explicitly disable pie on arm64 due to https://sourceware.org/bugzilla/show_bug.cgi?id=29514 Fixes FTBFS. -- Michael Tokarev Tue, 13 Sep 2022 20:08:43 +0300 qemu (1:7.1+dfsg-1) unstable; urgency=medium * new upstream release (7.1) Closes: #1014958, CVE-2022-35414 Closes: #1014590, CVE-2022-0216 Closes: #979677, CVE-2020-14394 Closes: #987410, CVE-2021-3507 Closes: #988333, #1018913 * d/copyright: - remove mentions of slirp (packaged separately) - blindly convert to dep-5 (it needs a complete rewrite) - add Files-Excluded from d/get-orig-source.sh * d/gbp.conf: remove filter= (and whole [import-orig]) * d/watch: verify upstream tarballs * d/rules: stop faking skiboot version, it is now properly included in roms/skiboot/.version file. Add a dependency on this file too * d/patches: - remove use-fixed-data-path.patch: not needed anymore - linux-user-binfmt-P.diff: refresh - remove patches applied upstream * d/control: - it is --enable-capstone now, not --enable-capstone=system - it is --enable-png now, not --enable-vnc-png * d/rules: fix --enable-vhost-* options * d/rules: remove vnc-png for xen too * openbios-array-bounds-gcc12.patch * opensbi-fix-build-with-binutils-2.38.patch * d/rules: adopt vof build changes * d/qemu-system-data.docs: omit ccid.txt (removed) * temporary workaround for gcc-12 bug #1019011: use gcc-11-alpha-linux-gnu instead of gcc-alpha-linux-gnu (another option is to use -Os) * d/control: temporarily build-depend on libva-dev till #1019485 is fixed * add loongarch64 qemu-user and qemu-system arch -- Michael Tokarev Mon, 12 Sep 2022 11:50:53 +0300 qemu (1:7.0+dfsg-7) unstable; urgency=medium * d/tests/test-qemu-user: rework ls/glob test a bit * d/tests/test-qemu-user: fix ppc64le qemu architecture name * d/binfmt-install: use proper name for binfmt.d (*.conf) Hopefully closes: #1011003 * two virtio-scsi bugfixes from upstream: virtio-scsi-fix-ctrl-and-event-handler-functions-in-dataplane.patch virtio-scsi-don-t-waste-CPU-polling-the-event-virtqueue.patch * 3 patches from upstream to fix possible coroutine crashes: coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch coroutine-rename-qemu_coroutine_inc-dec_pool_size.patch coroutine-revert-to-constant-batch-size.patch * target-i386-do-not-consult-nonexistent-host-leaves.patch * d/control: stop suggesting sudo for qemu-user-static * Revert "d/rules: do not try to enable tcg-interpreter on unsupported targets, it does not help anymore" - it does help but it needs a bit more work * disable xen support for qemu-system-x86 build and create a wrapper for -i386 to redirect xen-related usage to xen-specific binary with a warning (for bookworm only) * common-user-no-user.patch: fix one of FTBFS on unsupported architectures * d/rules: use regular variable assignment for BUILD_PACKAGES * two trivial patches to fix spelling in roms: openbios-spelling-endianess.patch slof-spelling-seperator.patch -- Michael Tokarev Sun, 15 May 2022 15:49:12 +0300 qemu (1:7.0+dfsg-6) unstable; urgency=medium * d/rules: the forgotten --enable-xen-pci-passthrough for the xen build * d/tests/test-qemu-user: rewrite to be more robust and complete and include test for qemu-user-static too. -- Michael Tokarev Mon, 09 May 2022 01:37:56 +0300 qemu (1:7.0+dfsg-5) unstable; urgency=medium * d/tests/test-qemu-user.sh: more arch-specific debugging/updates -- Michael Tokarev Sat, 07 May 2022 12:22:26 +0300 qemu (1:7.0+dfsg-4) unstable; urgency=medium * d/tests/: fix failing tests. - test-qemu-user: depend on gcc for dpkg-architecture to work, and print debugging info for future switch to uname -m - test-qemu-img: switch from using file to qemu-img info -- Michael Tokarev Sat, 07 May 2022 11:33:23 +0300 qemu (1:7.0+dfsg-3) unstable; urgency=medium [ Michael Tokarev ] * d/binfmt-install: also generate binfmt.d/ entries for systemd * d/control: use systemd as preferred alternative to binfmt-support hopefully Closes: #789011 (Minimal dependencies to register binfmt) Closes: #985889 (make binfmt setup configurable) * d/control: remove Riku Voipio from Uploaders. Thank you Riku! * d/rules: simplify DEB_BUILD_OPTIONS=parallel=N parsing [ Guido Günther ] * Add minimal autopkgtest (Closes: #832982) -- Michael Tokarev Sat, 07 May 2022 00:03:24 +0300 qemu (1:7.0+dfsg-2) unstable; urgency=medium * d/control: add Rules-Requires-Root: no * d/control: switch to debhelper-compat=13 * d/control: drop "qemu" empty/dummy pseudopackage * d/control: do not build linux-user* on ia64 and powerpc (not supported by upstream anymore) * d/control: add Breaks for qemu-system-data for other packages from which it borrowed files in the past (Closes: #1008095) * d/rules: switch to the dh sequence (but keep build-{arch,indep}), rearrange some rules. This brings us dh_dwz (very slow) and dh_strip_nondeterminism. * d/rules: do not explicitly turn off slirp & capstone (now properly controlled by --with[out]-default-features option) * d/rules: do not try to enable tcg-interpreter on the unsupported targets, it does not help to build tools anymore * d/rules: do not chown -w d/control, it breaks dpkg-source * d/rules: clean up the clean target * d/not-installed: list many documentation files and qemu-plugin.h * configure-make-fortify_source-yes-by-default.patch: enable fortify-source for minimal builds too * d/changelog: mention #990562 (CVE-2021-3611) closed by 7.0 -- Michael Tokarev Sat, 30 Apr 2022 13:38:12 +0300 qemu (1:7.0+dfsg-1) unstable; urgency=medium * update to 7.0 release -- Michael Tokarev Thu, 21 Apr 2022 14:19:51 +0300 qemu (1:7.0~rc4+dfsg-1) experimental; urgency=medium * New upstream 7.0 (rc) Closes: #990562, CVE-2021-3611 * remove patches applied upstream * remove new binary file, pc-bios/edk2-x86_64-microvm.fd.bz2 * d/control: remove libxfs-dev build dependency, the ioctl is implemented inline * d/control: stop build-depend-indep on libc6.1-dev-alpha-cross, not needed anymore * d/rules: update skiboot version check (skiboot hasn't canged since 6.1) * build & install vbootrom (npcm7xx_bootrom.bin), and build-depend-indep on gcc-arm-none-eabi * create a new binary package, qemu-system-xen, which provides /usr/libexec/xen-qemu-system-i386 binary for use by xen only. Once xen switches to use this binary instead of usual qemu-system-i386, xen support will be removed from the regular qemu-system-x86 build * use a fast inline version of /usr/share/dpkg/architecture.mk -- Michael Tokarev Sun, 17 Apr 2022 15:08:40 +0300 qemu (1:6.2+dfsg-3) unstable; urgency=medium [ Christian Ehrhardt ] * d/rules: ensure xen is built on x86 * d/rules: xen libexec dir is no more versioned * d/kvm-spice: fix when acceleration is already defined on the commandline [ Michael Tokarev ] * d/control, d/rules: do not compile xen support on i386, since it is amd64-only now (since 4.16) * d/control: add libbpf-dev & --enable-bpf for eBPF support (Closes: #994573) -- Michael Tokarev Fri, 25 Feb 2022 12:01:46 +0300 qemu (1:6.2+dfsg-2) unstable; urgency=medium * bump meson build-dep to 0.59.3 * build & include multiboot_dma.bin (Closes: #1003930) * libxml2 is not needed for parallels. Enable parallels block image format (Closes: #1003162) * acpi-validate-hotplug-selector-on-access-CVE-2021-4158.patch Closes: CVE-2021-4158 * acpi-fix-QEMU-crash-when-started-with-SLIC-table.patch (Closes: #1004017) * acpi-fix-OEM_ID-padding.patch * debian/get-orig-source.sh: repack dfsg archive differently * mention closing of a few CVEs by 6.2.0 -- Michael Tokarev Thu, 20 Jan 2022 10:52:19 +0300 qemu (1:6.2+dfsg-1) unstable; urgency=medium [ Christian Ehrhardt ] * 6.2.0 upstream release Closes: #984452, CVE-2021-20203 (integer overflow issue in the vmxnet3 NIC emulator) Closes: #984453, CVE-2021-20196 (fdc: check drive block device before usage) Closes: #984451, CVE-2021-20255 (infinite recursion / DMA reentrancy in eepro100 i8255x device emulator) * d/get-orig-source.sh: remove pc-bios/multiboot_dma.bin in dfsg-clean * Drop patches upstream in v6.2.0 * d/p/spelling.diff: update for v6.2.0 (partially accepted) * d/rules: use new --disable-install-blobs build arg * Revert "make fuse debian-only, since libfuse3 in ubuntu is in universe", it is now in main (LP: #1934510) * d/rules: bump skiboot version for qemu v6.2.0 * d/p/ignore-roms-dependency-in-qtest.patch: fix meson issue due to dfsg removal of blobs * d/rules: drop --disable-fdt on microvm builds (now strictly required on any x86 build) * d/rules: select default PARISC config for hppa-firmware -- Michael Tokarev Sun, 09 Jan 2022 12:52:10 +0300 qemu (1:6.1+dfsg-8) unstable; urgency=medium * fix keymaps definitions placement in last upload (Closes: #997925, #997926) -- Michael Tokarev Wed, 27 Oct 2021 13:27:09 +0300 qemu (1:6.1+dfsg-7) unstable; urgency=medium * qemu-system-data: do not install qemu.desktop (Closes: #995628) * remove qemu-user-static.README.Debian (#995633) * d/rules: update configure rules for different qemu builds * qemu-system-x86-xen: install only -i386 link to xen path, not -x86_64 * promote qemu-system-x86-xen package on ubuntu to be like qemu-system-x86 since it uses the same modules actually * enable zstd compression support (Build-Depends) * qemu-system-data: install usr/share/icons/hicolor/32x32/apps/qemu.bmp for the sdl ui * d/control: fix wrong relation (< vs <<) * d/control: use :native version of python3-sphynx (Closes: #995622) * do not make qemu-system-gui Multi-Arch:same due to vhost-user-gpu * quieten gcc11 warnings/errors so roms will compile (Closes: #997082) * move d/qemu-system-data.install to d/rules -- Michael Tokarev Tue, 26 Oct 2021 10:35:02 +0300 qemu (1:6.1+dfsg-6) unstable; urgency=medium * virtio-net-fix-use-after-unmap-free-for-sg-CVE-2021-3748.patch Closes: #993401, CVE-2021-3748: use-after-free in virtio_net_receive_rcu * ati_2d-fix-buffer-overflow-in-ati_2d_blt-CVE-2021-3638.patch Closes: #992726, CVE-2021-3638: inconsistent check in ati_2d_blt() may lead to out-of-bounds write * refresh uas-add-stream-number-sanity-checks-CVE-2021-3713{.diff=>.patch} from upstream * hmp-unbreak-change-vnc.patch from upstream to fix 'change vnc passwd' command -- Michael Tokarev Wed, 29 Sep 2021 13:41:47 +0300 qemu (1:6.1+dfsg-5) unstable; urgency=medium * updated debian/patches/linux-user-binfmt-P.diff to work with in-kernel code Closes: #993658 * d/rules: do not mark configure target as .PHONY since it is a real file -- Michael Tokarev Mon, 06 Sep 2021 01:20:59 +0300 qemu (1:6.1+dfsg-4) unstable; urgency=medium * qemu-sockets-fix-unix-socket-path-copy-again.patch replacing socket-unix-maxlen.patch Closes: #993145 * enable more devices for the microvm build: virtio-gpu & vhost-user-gpu virtio-input-host & vhost_user_input * move vhost-user-gpu files from qemu-system-common to qemu-system-gui this elminates X11 dependencies from non-gui qemu-system install * build and install vof.bin firmware * rearrange d/rules a bit to make different qemu builds to be consistent with sysdata-components * move ppc dtb firmware files from qemu-system-ppc to qemu-system-data * device-tree-compiler is now needed in build-indep-depends, not in build-depends * d/rules: use CROSSPFX variables * ubuntu only: - Revert commit from the previous release which restores relation between qemu-system-xen and qemu-system-gui since -xen is not compatible with -gui modules - qemu-system-xen does not suggest qemu-block-extra (incompatible too) - qemu-system-s390x recommends qemu-block-extra not suggests it -- Michael Tokarev Tue, 31 Aug 2021 22:27:25 +0300 qemu (1:6.1+dfsg-3) unstable; urgency=medium * fix brown-paper bag in last upload (--enable-libudev) * ubuntu only: restore relations (depends/recommends) between qemu-system-gui and qemu-system-xen since -xen replaces full qemu-system-x86 and acts the same way -- Michael Tokarev Tue, 31 Aug 2021 02:50:52 +0300 qemu (1:6.1+dfsg-2) unstable; urgency=medium * rearrange d/rules to be able to configure/build/install various different kinds of qemu builds (main/microvm/xen/static) separately, by splitting targets of d/rules into subtargets * enable many virtio devices for microvm build (Closes: #992029) * disable libudev and fuse for microvm build * rearrange options for microvm build in d/rules * tidy newly added assert in unix-domain socket handling code to account for extra \0 terminator for socket pathname, socket-unix-maxlen.patch (Closes: #993145) * upstream qemu added ignoring of *.patch to .gitignore, unignore them in d/.gitignore * re-add 4 patches which were lost from git during preparation for 6.1 (not affecting the source package) * uas-add-stream-number-sanity-checks-CVE-2021-3713.diff Closes: #992727, CVE-2021-3713 * Mention (some) bugs closed by 6.1 upstream * Mention closing of #947349 -- Michael Tokarev Tue, 31 Aug 2021 02:01:51 +0300 qemu (1:6.1+dfsg-1) unstable; urgency=medium * new upstream release (6.1.0) Closes: CVE-2021-3607 (pvrdma: ensure correct input on ring init) Closes: CVE-2021-3608 (pvrdma: unmap initialized dma address) Closes: #989042, CVE-2021-3544 (vhost-user-gpu resource leaks) Closes: #989042, CVE-2021-3545 (vhost-user-gpu memory disclosure) Closes: #989042, CVE-2021-3546 (vhost-user-gpu OOBwr virgl_cmd_get_capset) Closes: #991911, CVE-2021-3682 (pvrdma: possible mremap overflow) * refresh patches, remove patches which were applied upstream * remove newly appeared pc-bios/vof.bin in dfsg-clean * add python3-sphinx-rtd-theme to build-depends * removed qemu-system-moxie arch * actually build many qemu modules as modules, and install them in qemu-system-common. * make strong versioned dependency between various qemu-system-* packages, so that modules works correctly. * drop very old versions from Build-Depends, Depends and Recommends for packages which long has much more recent versions in debian * up qemu-block-extra dependecy level from Suggests to Recommends * d/control: stop suggesting sgabios by qemu-system-x86 * (experimental for now, needs more work) print name of the package name for a module which can't be loaded, to give a clue what other package one may need to install for the requested functionality * fix some spelling mistakes in visible messages (spelling.diff) * enable jack audio backend (in qemu-system-gui) (Closes: #984726) * other small/internal changes in packaging: - removed --disable-sheepdog which were dropped upstream - install gui modules in d/rules not in d/q-s-gui.install to be able to use wildcard in d/q-s-common.install - recommend qemu-block-extra, not suggest it and not depend on it (ubuntu) for qemu-system-* and qemu-utils - reformat qemu "deps" for qemu-system-gui, stop listing -xen there (it can not satisfy -gui), qemu-system-s390x is :ubuntu:-only - d/control: stop recommending -gui for xen package (it is of no use for xen) - d/control: reformat Depends for qemu-block-extra, do not include -xen version there, mark -x390x as ubuntu-only, and allow qemu-utils to satisfy the dependency - do not install docs which does not exist anymore - stop omiting Changelog from dh_installchangelog: the file is long gone - d/rules: explicitly state version of skiboot as it is stored in a git tag only, or else skiboot does not build (hack) - put (new in 6.1, new in debian) hw-display-virtio-gpu-gl.so to qemu-system-gui as it pulls in X11 -- Michael Tokarev Wed, 25 Aug 2021 15:59:26 +0300 qemu (1:6.0+dfsg-4) unstable; urgency=medium * d/rules: fix last ubuntu merge, xen is x86-only, not all-debian -- Michael Tokarev Tue, 17 Aug 2021 19:04:30 +0300 qemu (1:6.0+dfsg-3) unstable; urgency=medium [ Michael Tokarev ] * enable /run/qemu mount on ubuntu only * usbredir-fix-free-call-CVE-2021-3682.patchi Closes: #991911, CVE-2021-3682 [ Christian Ehrhardt ] * ubuntu-only changes: - d/control-in: Make Ubuntu qemu-utils depend on qemu-block-extra - d/control-in: Make Ubuntu qemu-system-common depend on qemu-block-extra - d/control*, d/rules: disable xen by default, but provide universe package qemu-system-x86-xen as alternative * d/p/target-s390x-Fix-translation-exception-on-illegal-in.patch: avoid segfaults by uretprobes (LP 1929926) -- Michael Tokarev Tue, 17 Aug 2021 17:49:10 +0300 qemu (1:6.0+dfsg-2exp) experimental; urgency=medium [ Christian Ehrhardt ] * qemu 6.0 broke libvirt <7.2, add a Breaks to avoid partial upgrade issues (LP: #1932264) * enable SDL as secondary UI backend (LP: #1256185) (Closes: #947349) * clear all (current and former) modules on purge * only save modules if /run/qemu isn't noexec * provide run-qemu.mount in qemu-block-extra (disabled in debian for now) * Disable capstone disassembler library support in ubuntu (universe) [ Michael Tokarev ] * qemu does not ship Changelog file anymore * drop version from libfuse-dev build-depends (noticed by Ville Skyttä) * a few patches from upstream stable: - target-ppc-fix-load-endianness-for-lxvwsx-lxvdsx.patch fix various crashes in ppc system emulation. Thanks to Christian Ehrhardt for pointing this out - pvrdma-fix-possible-mremap-overflow-in-pvrdma-device-CVE-2021-3582.patch (Closes: #990565, CVE-2021-3582) - pvrdma-ensure-correct-input-on-ring-init-CVE-2021-3607.patch (Closes: #990564, CVE-2021-3607) - pvrdma-fix-the-ring-init-error-flow-CVE-2021-3608.patch (Closes: #990563, CVE-2021-3608) - usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch usb-redir-avoid-dynamic-stack-allocation-CVE-2021-3527.patch (Closes: #988157, CVE-2021-3527) * mention closing of 3 bugs in am53c974 (ESP) device emulation by 6.0 (Closes: #979679, CVE-2020-35504) (Closes: #984455, CVE-2020-35505) (Closes: #984454, CVE-2020-35506) * make fuse debian-only, since libfuse3 in ubuntu is in universe * fix microvm default machine type for a new build system (LP: #1936894) -- Michael Tokarev Wed, 21 Jul 2021 19:43:37 +0300 qemu (1:6.0+dfsg-1~exp0) experimental; urgency=medium * new upstream release Closes: #979679, CVE-2020-35504 Closes: #984455, CVE-2020-35505 Closes: #984454, CVE-2020-35506 * remove obsolete patches, refresh use-fixed-data-path.patch * use libncurses-dev, not old libncursesw5-dev * enable fuse export (and build-depend on libfuse3-dev) * install (new) manpages for qemu-storage-daemon * enable new hexagon qemu-user target * two patches to fix 3 new spelling mistakes * remove now-unused shared-library-lacks-prerequisites lintian-overrides for qemu-user-static -- Michael Tokarev Sat, 08 May 2021 10:16:05 +0300 qemu (1:5.2+dfsg-11) unstable; urgency=medium * i386-acpi-restore-device-paths-for-pre-5.1-vms.patch This fixes a serious issue in some VMs (in particuar, Windows & MacOS) when migrating from buster qemu to bullseye qemu. (Closes: #990675) * pvrdma-fix-possible-mremap-overflow-in-pvrdma-device-CVE-2021-3582.patch (Closes: #990565, CVE-2021-3582) * pvrdma-ensure-correct-input-on-ring-init-CVE-2021-3607.patch (Closes: #990564, CVE-2021-3607) * pvrdma-fix-the-ring-init-error-flow-CVE-2021-3608.patch (Closes: #990563, CVE-2021-3608) * ide-atapi-check-logical-block-address-and-read-size-CVE-2020-29443.patch (Closes: #983575, CVE-2020-29443) * usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch usb-redir-avoid-dynamic-stack-allocation-CVE-2021-3527.patch (Closes: #988157, CVE-2021-3527) -- Michael Tokarev Sun, 18 Jul 2021 16:14:41 +0300 qemu (1:5.2+dfsg-10) unstable; urgency=medium * 5 sdhci fixes from upstream: dont-transfer-any-data-when-command-time-out.patch dont-write-to-SDHC_SYSAD-register-when-transfer-is-in-progress.patch correctly-set-the-controller-status-for-ADMA.patch limit-block-size-only-when-SDHC_BLKSIZE-register-is-writable.patch reset-the-data-pointer-of-s-fifo_buffer-when-a-different-block-size...patch (Closes: #986795, #970937, CVE-2021-3409, CVE-2020-17380, CVE-2020-25085) * mptsas-remove-unused-MPTSASState.pending-CVE-2021-3392.patch fix possible use-after-free in mptsas_free_request (Cloese: #984449, CVE-2021-3392) -- Michael Tokarev Fri, 16 Apr 2021 12:43:36 +0300 qemu (1:5.2+dfsg-9) unstable; urgency=medium * do not make qemu-system-data dependent on qemu-system-foo (Closes: #985040) * CVE-2021-20263 - implement dropping security.capability xattr This adds two patches from upstream: virtiofsd-save-error-code-early-at-the-failure-callsite.patch virtiofsd-drop-remapped-security.capability-..-needed-CVE-2021-20263.patch Closes: #985083, CVE-2021-20263 * CVE-2021-3416 fix from upstream Fixes infinite loop in loopback mode of various network devices, adding 10 patches from upstream Closes: #984448, CVE-2021-3416 * net-e1000-fail-early-for-evil-descriptor-CVE-2021-20257.patch Fix CVE-2021-20257 from upstream: e1000: infinite loop while processing transmit descriptors Closes: #984450, CVE-2021-20257 -- Michael Tokarev Wed, 17 Mar 2021 21:02:30 +0300 qemu (1:5.2+dfsg-8) unstable; urgency=medium * a no-change upload to fix broken previous upload -- Michael Tokarev Sun, 14 Mar 2021 12:21:37 +0300 qemu (1:5.2+dfsg-7) unstable; urgency=high * do not make qemu-system-common dependent on qemu-system-foo. We removed modules from qemu-system-common for now, so there's no need for it to depend on any of qemu-system-foo of the same version. Among other things this fixes #983756 (which should be fixes some other way anyway, but it should be ok for now). Closes: #983756, #983921, #985195 Urgency is high because a single bin-NMU of qemu package made it uninstallable. -- Michael Tokarev Sun, 14 Mar 2021 11:32:54 +0300 qemu (1:5.2+dfsg-6) unstable; urgency=medium * deprecate qemu-debootstrap. It is not needed anymore with binfmt F flag, since everything now works without --foreign debootstrap argument and copying the right qemu binary into the chroot. Closes: #901197 * fix the brown-paper bag bug: wrong argument order in the linux-user-binfmt patch (really closes: #970460) -- Michael Tokarev Tue, 16 Feb 2021 12:11:20 +0300 qemu (1:5.2+dfsg-5) unstable; urgency=medium * d/rules: ensure b/ subdir exists before building palcode and qboot * d/changelog: #959530 is not fixed by 5.2+dfsg-4 * 3 virtiofsd patches Closes: #980814, CVE-2020-35517 virtiofsd: potential privileged host device access from guest - virtiofsd-extract-lo_do_open-from-lo_open.patch - virtiofsd-optionally-return-inode-pointer-from-lo_do_lookup.patch - virtiofsd-prevent-opening-of-special-files-CVE-2020-35517.patch -- Michael Tokarev Sun, 14 Feb 2021 17:44:06 +0300 qemu (1:5.2+dfsg-4) unstable; urgency=medium [ Michael Tokarev ] * require libfdt >= 1.5.0-2 due to #931046 * qemu-user: attempt to preserve argv[0] when run under binfmt (Closes: #970460) This changes the enterpreter name for all linux-user registered binfmts, so it potentially can break stuff. The actual binary being registered now is /usr/libexec/qemu-binfmt/foo-binfmt-P, which is a symlink to actual /usr/lib/qemu-foo[-static]. * ignore .git-submodule-status when building source * some security fixes from upstream: o arm_gic-fix-interrupt-ID-in-GICD_SGIR-CVE-2021-20221.patch Closes: CVE-2021-20221 GIC (armv7): out-of-bound heap buffer access via an interrupt ID field o 9pfs-Fully-restart-unreclaim-loop-CVE-2021-20181.patch Closes: CVE-2021-20181 * non-security fixes from upstream: pc-bios-descriptors-fix-paths-in-json-files.patch - fixes wrong paths in edk2-firmware-related json files introduced in 5.2 [ Christian Ehrhardt ] * d/control-in: avoid version mismatch of installed binaries (Closes: #956377) [ Dan Streetman ] * Backport configure param --with-git-submodules and set to 'ignore' -- Michael Tokarev Sun, 14 Feb 2021 16:52:10 +0300 qemu (1:5.2+dfsg-3) unstable; urgency=medium [ Christian Ehrhardt ] * d/rules: fix qemu-user-static to really be static (LP: #1908331) [ Michael Tokarev ] * build most modules statically (besides block and gui parts). This makes qemu-system-common package to be of less strict dependency for other qemu-system-* packages, and also Closes: #977301, #978131 * especially remove removed binfmts in qemu-user-{static,binfmt}.preinst (really Closes: #977015) * memory-clamp-cached-translation-MMIO-region-CVE-2020-27821.patch (Closes: #977616, CVE-2020-27821) -- Michael Tokarev Tue, 29 Dec 2020 15:07:03 +0300 qemu (1:5.2+dfsg-2) unstable; urgency=medium * move ui-opengl.so module from qemu-system-gui to qemu-system-common, as other modules want it (Closes: #976996, #977022) * do not install dropped ppc64abi32 binfmt for qemu-user[-static] (Closes: #977015) -- Michael Tokarev Thu, 10 Dec 2020 11:15:43 +0300 qemu (1:5.2+dfsg-1) unstable; urgency=medium * new upstream release Closes: #965978, CVE-2020-15859 (22dc8663d9fc7baa22100544c600b6285a63c7a3) Closes: #970539, CVE-2020-25084 (21bc31524e8ca487e976f713b878d7338ee00df2) Closes: #970540, CVE-2020-25085 (dfba99f17feb6d4a129da19d38df1bcd8579d1c3) Closes: #970541, CVE-2020-25624 (1328fe0c32d5474604105b8105310e944976b058) Closes: #970542, CVE-2020-25625 (1be90ebecc95b09a2ee5af3f60c412b45a766c4f) Closes: #974687, CVE-2020-25707 (c2cb511634012344e3d0fe49a037a33b12d8a98a) Closes: #975276, CVE-2020-25723 (2fdb42d840400d58f2e706ecca82c142b97bcbd6) Closes: #975265, CVE-2020-27616 (ca1f9cbfdce4d63b10d57de80fef89a89d92a540) Closes: #973324, CVE-2020-27617 (7564bf7701f00214cdc8a678a9f7df765244def1) Closes: #972864, CVE-2020-27661 (bea2a9e3e00b275dc40cfa09c760c715b8753e03) Closes: CVE-2020-27821 (1370d61ae3c9934861d2349349447605202f04e9) Closes: #976388, CVE-2020-28916 (c2cb511634012344e3d0fe49a037a33b12d8a98a) * remove obsolete patches * refresh use-fixed-data-path.patch and debian/get-orig-source.sh * bump minimum meson version required for build to 0.55.3 * update build rules for several components * remove deprecated lm32 and unicore32 system emulators * remove deprecated ppc64abi32 and tilegx linux-user emulators * install ui-spice-core.so & chardev-spice.so in qemu-system-common * install ui-egl-headless.so in qemu-system-common * install hw-display-virtio-*.so in qemu-system-common * install ui-opengl.so in qemu-system-gui * install qemu-pr-helper.8 in qemu-system-common * qemu-pr-helper moved to usr/bin/ again * qboot.rom renamed from bios-microvm.bin * remove several unused lintian overrides * add spelling.diff patch to fix a few spelling errors * update Standards-Version to 4.5.1 * fix a few trailing whitespaces in d/control and d/changelog * require libcapstone >= 4.0.2 (v4) for build -- Michael Tokarev Wed, 09 Dec 2020 08:57:41 +0300 qemu (1:5.1+dfsg-4) unstable; urgency=high * mention closing of CVE-2020-16092 by 5.1 * usb-fix-setup_len-init-CVE-2020-14364.patch Closes: #968947, CVE-2020-14364 (OOB r/w access in USB emulation) -- Michael Tokarev Wed, 02 Sep 2020 16:14:52 +0300 qemu (1:5.1+dfsg-3) unstable; urgency=medium * fix one more issue in last upload. This is what happens when you do "obvious" stuff in a hurry without proper testing.. -- Michael Tokarev Mon, 17 Aug 2020 22:19:55 +0300 qemu (1:5.1+dfsg-2) unstable; urgency=medium * fix brown-paper bag bug in last upload -- Michael Tokarev Mon, 17 Aug 2020 20:58:52 +0300 qemu (1:5.1+dfsg-1) unstable; urgency=medium * hw-display-qxl.so depends on spice so install it only if it is built just like ui-spice-app * note #931046 for libfdt -- Michael Tokarev Mon, 17 Aug 2020 18:57:14 +0300 qemu (1:5.1+dfsg-0exp1) experimental; urgency=medium * new upstream release 5.1.0. Make source DFSG-clean again Closes: #968088 Closes: CVE-2020-16092 (net_tx_pkt_add_raw_fragment in e1000e & vmxnet3) * remove all patches which are applied upstream * do not install non-existing doc/qemu/*-ref.* * qemu-pr-helper is now in /usr/lib/qemu not /usr/bin * virtfs-proxy-helper is in /usr/lib/qemu now, not /usr/bin * new architecture: qemu-system-avr * refresh d/get-orig-source.sh * d/get-orig-source.sh: report already removed files in dfsg-clean * install common modules in qemu-system-common * lintian tag renamed: shared-lib-without-dependency-information to shared-library-lacks-prerequisites -- Michael Tokarev Wed, 12 Aug 2020 19:09:24 +0300 qemu (1:5.0-14) unstable; urgency=high * this is a bugfix release before breaking toys with the new upstream * riscv-allow-64-bit-access-to-SiFive-CLINT.patch (another fix for revert-memory-accept-..-CVE-2020-13754) * install /usr/lib/*/qemu/ui-curses.so in qemu-system-common Closes: #966517 -- Michael Tokarev Fri, 31 Jul 2020 11:45:25 +0300 qemu (1:5.0-13) unstable; urgency=medium * seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10 -- Michael Tokarev Wed, 22 Jul 2020 22:16:41 +0300 qemu (1:5.0-12) unstable; urgency=medium * acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch this replace cpi-allow-accessing-acpi-cnt-register-by-byte.patch and acpi-tmr-allow-2-byte-reads.patch, a more complete fix * xhci-fix-valid.max_access_size-to-access-address-registers.patch fix one more incarnation of the breakage after the CVE-2020-13754 fix * do not install outdated (0.12 and before) Changelog (Closes: #965381) * xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch ARM-only XGMAC NIC, possible buffer overflow during packet transmission Closes: CVE-2020-15863 * sm501 OOB read/write due to integer overflow in sm501_2d_operation() List of patches: sm501-convert-printf-abort-to-qemu_log_mask.patch sm501-shorten-long-variable-names-in-sm501_2d_operation.patch sm501-use-BIT-macro-to-shorten-constant.patch sm501-clean-up-local-variables-in-sm501_2d_operation.patch sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch Closes: #961451, CVE-2020-12829 -- Michael Tokarev Wed, 22 Jul 2020 19:42:29 +0300 qemu (1:5.0-11) unstable; urgency=high * d/control-in: only enable opengl (libdrm&Co) on linux * d/control-in: spice: drop versioned deps (even jessie version is enough), drop libspice-protocol-dev (automatically pulled by libspice-server-dev), and build on more architectures * change from debhelper versioned dependency to debhelper-compat (=12) * acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793) This is another incarnation of the recent bugfix which actually enabled memory access constraints, like #964247 Urgency = high due to this issue. -- Michael Tokarev Mon, 20 Jul 2020 18:41:17 +0300 qemu (1:5.0-10) unstable; urgency=medium * fix the wrong $(if) construct for s390x kvm link (FTBFS on s390x) * use the same $(if) construct to simplify #ifdeffery -- Michael Tokarev Sat, 18 Jul 2020 10:02:41 +0300 qemu (1:5.0-9) unstable; urgency=medium * move kvm executable/script from qemu-kvm to qemu-system-foo, make it multi-arch, and remove qemu-kvm package * remove libcacard leftovers from d/.gitignore * linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch (Closes: #965109) * linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289) * libudev is linux-specific, do not build-depend on it on kfreebsd and others * install virtiofsd in d/rules (!sparc64) instead of d/qemu-system-common.install (fixes FTBFS on sparc64) * confirm -static-pie not working today still * d/control: since qemu-system-data now contains module(s), it can't be multi-arch. Ditto for qemu-block-extra. * qemu-system-foo: depend on exact version of qemu-system-data, due to the latter having modules * build all modules since there are modules anyway, no need to hack them in d/rules * fix spelling in a patch name/subject inlast upload * d/rules: do not use dh_install and dh_movefiles for individual pkgs, open-code mkdir+cp/mv, b/c dh_install acts on all files listed in d/foo.install too, in addition to given on command-line * remove trailing whitespace from d/changelog -- Michael Tokarev Sat, 18 Jul 2020 08:29:38 +0300 qemu (1:5.0-8) unstable; urgency=medium * d/control: rdma is linux-only, do not enable it on kfreebsd & hurd * add comment about virtiofsd conditional to d/qemu-system-common.install Now qemu FTBFS on sparc64 since virtiofsd is not built due to missing seccomp onn that platform, we should either make virtiofsd conditional (!sparc64) or fix seccomp on sparc64 and build-depend on it * openbios-use-source_date_epoch-in-makefile.patch (Closes: #963466) * seabios-hppa-use-consistant-date-and-remove-hostname.patch (Closes: #963467) * slof-remove-user-and-host-from-release-version.patch (Closes: #963472) * slof-ensure-ld-is-called-with-C-locale.patch (Closes: #963470) * update previous changelog, mention #945997 * reapply CVE-2020-13253 fixed from upstream: sdcard-simplify-realize-a-bit.patch (preparation for the next patch) sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253) sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational) sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch Closes: #961297, CVE-2020-13253 -- Michael Tokarev Fri, 17 Jul 2020 09:12:43 +0300 qemu (1:5.0-7) unstable; urgency=medium * Revert "d/rules: report config log from the correct subdir - base build" * Revert "d/rules: report config log from the correct subdir - microvm build" * acpi-tmr-allow-2-byte-reads.patch (Closes: #964247) * remove sdcard-dont-switch-to-ReceivingData-if-add...-CVE-2020-13253.patch - upstream decided to fix it differently (Reopens: #961297, CVE-2020-13253) * explicitly specify --enable-tools on hppa and do the same trick with --enable-tcg-interpreter --enable-tools on a few other unsupported arches (Closes: #964372, #945997) -- Michael Tokarev Thu, 16 Jul 2020 18:36:08 +0300 qemu (1:5.0-6) unstable; urgency=medium [ Christian Ehrhardt ] * d/control-in: disable pmem on ppc64 as it is currently considered experimental on that architecture * d/rules: makefile definitions can't be recursive - sys_systems for s390x * d/rules: report config log from the correct subdir - base build * d/rules: report config log from the correct subdir - microvm build * d/control-in: disable rbd support unavailable on riscv * fix assert in qemu guest agent that crashes on shutdown (LP: #1878973) * d/control-in: build-dep libcap is no more needed * d/rules: update -spice compat (Ubuntu only) [ Michael Tokarev ] * save block modules on upgrades (LP: #1847361) After upgrade a still running qemu of a former version can't load the new modules e.g. for extended storage support. Qemu 5.0 has the code to allow defining a path that it will load these modules from. * ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger infinite recursion via a crafted mm_index value during ati_mm_read or ati_mm_write call. * revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu devices which uses min_access_size and max_access_size Memory API fields. Also closes: CVE-2020-13791 * exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch CVE-2020-13659: address_space_map in exec.c can trigger a NULL pointer dereference related to BounceBuffer * megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c has an OOB read via a crafted reply_queue_head field from a guest OS user * megasas-use-unsigned-type-for-positive-numeric-fields.patch fix other possible cases like in CVE-2020-13362 (#961887) * megasas-fix-possible-out-of-bounds-array-access.patch Some tracepoints use a guest-controlled value as an index into the mfi_frame_desc[] array. Thus a malicious guest could cause a very low impact OOB errors here * nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a DoS. * es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation * sdcard-dont-switch-to-ReceivingData-if-address-is-in...-CVE-2020-13253.patch CVE-2020-13253: sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. And a preparational patch, sdcard-update-coding-style-to-make-checkpatch-happy.patch * a few patches from the stable series: - fix-tulip-breakage.patch The tulip network driver in a qemu-system-hppa emulation is broken in the sense that bigger network packages aren't received any longer and thus even running e.g. "apt update" inside the VM fails. Fix this. - 9p-lock-directory-streams-with-a-CoMutex.patch Prevent deadlocks in 9pfs readdir code - net-do-not-include-a-newline-in-the-id-of-nic-device.patch Fix newline accidentally sneaked into id string of a nic - qemu-nbd-close-inherited-stderr.patch - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch - virtio-balloon-unref-the-iothread-when-unrealizing.patch [ Aurelien Jarno ] * Remove myself from maintainers -- Michael Tokarev Fri, 03 Jul 2020 18:24:48 +0300 qemu (1:5.0-5) unstable; urgency=medium * more binfmt-install updates * CVE-2020-10717 fix from upstream: virtiofsd-add-rlimit-nofile-NUM-option.patch (preparational) and virtiofsd-stay-below-fs.file-max-CVE-2020-10717.patch (Closes: #959746, CVE-2020-10717) * 2 patches from upstream/stable to fix io_uring fd set buildup: aio-posix-dont-duplicate-fd-handler-deletion-in-fdmon_io_uring_destroy.patch aio-posix-disable-fdmon-io_uring-when-GSource-is-used.patch * upstream stable fix: hostmem-dont-use-mbind-if-host-nodes-is-empty.patch * upstream stable fix: net-use-peer-when-purging-queue-in-qemu_flush_or_purge_queue_packets.patch -- Michael Tokarev Wed, 13 May 2020 12:57:19 +0300 qemu (1:5.0-4) unstable; urgency=medium * fix binfmt registration (Closes: #959222) * disable PIE for user-static build on x32 too, not only i386 -- Michael Tokarev Fri, 01 May 2020 13:30:43 +0300 qemu (1:5.0-3) unstable; urgency=medium * do not explicitly enable -static-pie on non-i386 architectures. Apparenly only amd64 actually support -static-pie for now, and it is correctly detected. -- Michael Tokarev Thu, 30 Apr 2020 08:05:31 +0300 qemu (1:5.0-2) unstable; urgency=medium * (temporarily) disable pie on i386 static build For now -static-pie fails on i386 with the following error message: /usr/bin/ld: /usr/lib/i386-linux-gnu/libc.a(memset_chk-nonshared.o): unsupported non-PIC call to IFUNC `memset' * install qemu-system docs in qemu-system-common, not qemu-system-data, since docs require ./configure run -- Michael Tokarev Wed, 29 Apr 2020 23:41:04 +0300 qemu (1:5.0-1) unstable; urgency=medium * new upstream release (5.0) Closes: #958926 Closes: CVE-2020-11869 * refresh patches, remove patches applied upstream * do not mention openhackware, it is not used anymore * do not disable bluez (support removed) * new system arch "rx" * dont install qemu-doc.* for now, but install virtiofsd & qemu-storage-daemon * add shared-lib-without-dependency-information tag to qemu-user-static.lintian-overrides * add html docs to qemu-system-data (to /usr/share/doc/qemu-system-common) * do not install usr/share/doc/qemu/specs & usr/share/doc/qemu/tools * install qemu-user html docs for qemu-user & qemu-user-static * build hppa-firmware.img from roms/seabios-hppa (and Build-Depeds-Indep on gcc-hppa-linux-gnu) * enable liburing on linux (build-depend on liburing-dev) * add upstream signing-key.asc (Michael Roth ) * build opensbi firmware (for riscv64 only, riscv32 is possible with compiler flags) * add source-level lintian-overrides for binaries-without-sources (lintian can't find sources for a few firmware images which are in roms/) -- Michael Tokarev Wed, 29 Apr 2020 12:00:12 +0300 qemu (1:4.2-7) unstable; urgency=medium * qemu-system-gui: Multi-Arch=same, not foreign (Closes: #956763) * x32 arch is in the same family as i386 & x86_64, omit binfmt registration * check systemd-detect-virt before running update-binfmt * gluster is de-facto linux-only, do not build-depend on it on non-linux * virglrenderer is also essentially linux-specific * qemu-user-static does not depend on shlibs * disable parallel building of targets of d/rules * add lintian overrides (arch-dependent static binaries) for openbios binaries * separate binary-indep target into install-indep-prep and binary-indep * split out various components of qemu-system-data into independent build/install rules and add infrastructure for more components: x86-optionrom, sgabios, qboot, openbios, skiboot, palcode-clipper, slof, s390x-fw * iscsi-fix-heap-buffer-overflow-in-iscsi_aio_ioctl_cb.patch -- Michael Tokarev Mon, 20 Apr 2020 18:30:00 +0300 qemu (1:4.2-6) unstable; urgency=medium * d/rules: fix FTBFS (brown-paper-bag bug) in last upload -- Michael Tokarev Tue, 14 Apr 2020 17:08:45 +0300 qemu (1:4.2-5) unstable; urgency=medium * no error-out on address-of-packet-member in openbios * install ui-spice-app.so only if built, spice is optional * arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch - Closes: CVE-2020-10702, weak signature generation in Pointer Authentication support for ARM * (temporarily) enable seccomp only on architectures where it can be built (Closes: #956624) * seccomp has grown up, no need in versioned build-dep * do not list librados-dev in build-dep as we only use librbd-dev and the latter depends on the former * only enable librbd on architectures where it is buildable -- Michael Tokarev Tue, 14 Apr 2020 15:47:40 +0300 qemu (1:4.2-4) unstable; urgency=medium [ Michael Tokarev ] * d/rules: build minimal configuration for qboot/microvm usage * set microvm to be the default machine type for microvm case * install ui-spice-app.so in qemu-system-common * do not depend on libattr-dev, functions are now in libc6 (Closes: #953910) * net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch (Closes: #956145, CVE-2020-11102, tulip nic buffer overflow) * qemu-system-data: s/highcolor/hicolor/ (Closes: #955741) * switch binfmt registration to use update-binfmts --[un]import (Closes: #866756) * build openbios-ppc & openbios-sparc binaries in qemu-system-data, and replace corresponding binary packages. Add gcc-sparc64-linux-gnu, fcode-utils & xsltproc to build-depend-indep * build and provide/replace qemu-slof too [ Aurelien Jarno ] * enable support for riscv64 hosts -- Michael Tokarev Tue, 14 Apr 2020 12:44:43 +0300 qemu (1:4.2-3) unstable; urgency=medium * mention closing of #909743 in previous changelog (Closes: #909743) * do not link to qemu-skiboot from qemu-system-ppc (Closes: #950431) * provide+conflict qemu-skiboot from qemu-system-data, as we are not using this package anymore -- Michael Tokarev Sat, 01 Feb 2020 22:10:57 +0300 qemu (1:4.2-2) unstable; urgency=medium [ Fabrice Bauzac ] * Fix a typo in the description of the qemu binary package [ Frédéric Bonnard ] * Enable powernv emulation with skiboot firmware [ Michael R. Crusoe ] * Modernize watch file (Closes: #909743) [ Christian Ehrhardt ] * d/control-in: promote qemu-efi/ovmf in Ubuntu * d/control-in: bump debhelper build-dep for compat 12 * - d/control-in: update VCS links * - d/control-in: disable bluetooth being deprecated * d/not-installed: ignore new interop docs and extra icons for now * do not install elf2dmp until namespaced * d/control-in: Enable numa support for s390x * Create qemu-system-s390x package (Ubuntu only for now) [ Michael Tokarev ] * stop using inttypes.h in qboot code; this makes dependency on libc6-dev-i386 to be unnecessary * qboot-no-jump-tables.diff - use #pragma for one file in qboot * do not install qemu-edid and qemu-keymap for now * no need in bluetooth patches as bluetooth is disabled * scsi-cap-block-count-from-GET-LBA-STATUS-CVE-2020-1711.patch (Closes: #949731, CVE-2020-1711) * enable libpmem support on amd64|arm64|ppc64el (Closes: #935327) -- Michael Tokarev Fri, 31 Jan 2020 23:51:09 +0300 qemu (1:4.2-1) unstable; urgency=medium * new upstream release (4.2.0) * removed patches: v4.1.1.diff, enable-pschange-mc-no.patch * do not make sgabios.bin executable (lintian) * add s390-netboot.img lintian overrides for qemu-system-data * build qboot (bios-microvm.bin) * build-depend-indep on libc6-dev-i386 for qboot (includes some system headers) -- Michael Tokarev Sat, 14 Dec 2019 14:07:27 +0300 qemu (1:4.1-3) unstable; urgency=medium * mention #939869 (CVE-2019-15890) in previous changelog entry * add Provides: sgabios to qemu-data (Closes: #945924) * fix qemu-debootsrtap (add hppa arch, print correct error message) thanks to Helge Deller (Closes: #923410) * enable long binfmt masks again for mips/mips32 (Closes: #829243) -- Michael Tokarev Mon, 02 Dec 2019 13:24:58 +0300 qemu (1:4.1-2) unstable; urgency=medium * build sgabios in build-indep, conflict with sgabios package * qemu-system-ppc: build and install canyonlands.dtb in addition to bamboo.dtb * remove duplicated CVE-2018-20123 & CVE-2018-20124 in prev changelog * move s390 firmware build rules to debian/s390fw.mak, build s390-netboot.img * imported v4.1.1.diff - upstream stable branch Closes: CVE-2019-12068 Closes: #945258, #945072 * enable-pschange-mc-no.patch: i386: add PSCHANGE_MC_NO feature to allow disabling ITLB multihit mitigations in nested hypervisors Closes: #944623 * build-depend on nettle-dev, enable nettle, and clarify --enable-lzo * switch to system libslirp, build-depend on libslirp-dev Closes: #939869, CVE-2019-15890 -- Michael Tokarev Mon, 25 Nov 2019 12:54:05 +0300 qemu (1:4.1-1) unstable; urgency=medium * new upstream release v4.1 Closes: #933741, CVE-2019-14378 (slirp buff overflow in packet reassembly) (use internal slirp copy for now) Closes: #931351, CVE-2019-13164 (qemu-bridge-helper long IFNAME) Closes: #922923, CVE-2019-8934 (ppc64 emulator leaks hw identity) Closes: #916442, CVE-2018-20123 (pvrdma memory leak in device hotplug) Closes: #922461, CVE-2018-20124 (pvrdma num_sge can exceed MAX_SGE) Closes: #927924 (new upstream version) Closes: #897054 (AMD Zen CPU support) Closes: #935324 (FTBFS due to gluster API change) Closes: CVE-2018-20125 (pvrdma: DoS in create_cq_ring|create_qp_rings) Closes: CVE-2018-20126 (pvrdma: memleaks in create_cq_ring|create_qp_rings) Closes: CVE-2018-20191 (pvrdma: DoS due to missing read operation impl.) Closes: CVE-2018-20216 (pvrdma: infinite loop in pvrdma_dev_ring.c) * remove patches which are applied upstream, refresh remaining patches (bt-use-size_t-...-CVE-2018-19665.patch hasn't been applied upstream, bluetooth subsystem is going to be removed, we keep it for now) * debian/source/options: ignore slirp/ submodule * use python3 for building, not python * debian/optionrom.mk: add pvh.bin * switch from libssh2 to libssh, and enable libssh support in ubuntu * bump spice version requiriment to 0.12.5 * enable pvrdma * debian/control-in: remove reference to libsdl * debian/rules: add new objects for s390-ccw fw * debian/control: add build dependency on python3-sphinx for docs * install ui/icons/qemu.svg and qemu.desktop * debian/rules: remove pc-bios/bamboo.dtb before building it * install vhost-user-gpu binary and 50-qemu-gpu.json * debian/rules: remove old maintscript-helper invocations, not needed anymore * remove +dfsg for now, upload whole upstream source, will trim it later -- Michael Tokarev Tue, 27 Aug 2019 12:43:43 +0300 qemu (1:3.1+dfsg-8) unstable; urgency=high * sun4u-add-power_mem_read-routine-CVE-2019-5008.patch fixes a null-pointer dereference in sparc/sun4u emulated hw Closes: #927439, CVE-2019-5008 * enable-md-no.patch & enable-md-clear.patch mitigation for MDS (Microarchitectural Data Sampling) issues Closes: #929067, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 * qxl-check-release-info-object-CVE-2019-12155.patch fixes null-pointer deref in qxl cleanup code Closes: #929353, CVE-2019-12155 * aarch32-exception-return-to-switch-from-hyp-mon.patch fixes booting U-Boot in UEFI mode on aarch32 Closes: #927763 * stop qemu-system-common pre-depending on adduser Closes: #929261 -- Michael Tokarev Mon, 27 May 2019 07:49:25 +0300 qemu (1:3.1+dfsg-7) unstable; urgency=high [ Michael Tokarev ] * device_tree-don-t-use-load_image-CVE-2018-20815.patch fix heap buffer overflow while loading device tree blob (Closes: CVE-2018-20815) [ Christian Ehrhardt ] * qemu-guest-agent: fix path of fsfreeze-hook (LP: #1820291) - d/qemu-guest-agent.install: use correct path for fsfreeze-hook - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for mv_conffile since the new path is a directory in the old package version which can not be handled by mv_conffile. -- Michael Tokarev Wed, 27 Mar 2019 14:24:06 +0300 qemu (1:3.1+dfsg-6) unstable; urgency=high * slirp-check-sscanf-result-when-emulating-ident-CVE-2019-9824.patch fix information leakage in slirp code (Closes: CVE-2019-9824) -- Michael Tokarev Mon, 18 Mar 2019 14:41:51 +0300 qemu (1:3.1+dfsg-5) unstable; urgency=high * i2c-ddc-fix-oob-read-CVE-2019-3812.patch fixes OOB read in hw/i2c/i2c-ddc.c which allows for memory disclosure. Closes: #922635, CVE-2019-3812 -- Michael Tokarev Mon, 11 Mar 2019 14:30:44 +0300 qemu (1:3.1+dfsg-4) unstable; urgency=medium * mention closing of #855043 by 3.1+dfsg-3 * disable pvrdma for now, it is a bit too buggy. Besides several security holes there are many other bugs there as well, and the amount of patches applied upstream after 3.1 release is large (Closes, or really makes unimportant again: CVE-2018-20123 CVE-2018-20124 CVE-2018-20125 CVE-2018-20126 CVE-2018-20191 CVE-2018-20216) -- Michael Tokarev Mon, 11 Feb 2019 14:00:09 +0300 qemu (1:3.1+dfsg-3) unstable; urgency=medium [ Michael Tokarev ] * mention #696289 closed by 2.10 * move ovmf to recommends on debian and update aarch ovmf refs (Closes: #889885, #855043) * remove /dev/kvm permission handling (moved to systemd 239-6) (Closes: #892945) * build qemu-palcode using alpha cross-compiler (Closes: #913103) * fix path in qemu-guest-agent.service (#918378), fixs Bind[s]To (Closes: #918378 * use int for sparc64 timeval.tv_usec (Closes: #920032) * build-depend on libglusterfs-dev not glusterfs-common (Closes: #919668, #881527) * add breaks: qemu-system-data to qemu-system-common, to close #916279 completely (all this can be removed after buster) (Closes: #916279) * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch (Closes: #920222, CVE-2019-6501) * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch (Closes: #921525) * pvrdma-release-device-resources-on-error-CVE-2018-20123.patch (Closes: #916442, CVE-2018-20123) * enable rdma and pvrdma, build-depend on librdmacm-dev, libibverbs-dev, libibumad-dev * sync debian/qemu-user-static.1 and debian/qemu-user.1 generate the latter from the former (finally Closes: #901407) * move ivshmem-server & ivshmem-client from qemu-utils to qemu-system-common (the binaries are also specific to qemu-system, not useable alone) * move qemu-pr-helper from qemu-utils to qemu-system-common - this is an internal qemu-system helper, with possible socket activation, not intended for use outside of qemu-system [ Christian Ehrhardt ] * qemu-guest-agent: freeze-hook to ignore dpkg files (packaging changes) -- Michael Tokarev Wed, 06 Feb 2019 12:23:01 +0300 qemu (1:3.1+dfsg-2) unstable; urgency=medium * d/rules: split arch and indep builds * enable s390x cross-compiler and build s390-ccw.img (Closes: #684909) * build x86 optionrom in qemu-system-data (was in seabios/debian/) * qemu-system-data: Multi-Arch: allowed=>foreign (Closes: #903562) * fix Replaces: version for qemu-system-common (Closes: #916279) * add simple udev rules file for systemd guest agent (Closes: #916674) * usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch Race condition in usb_mtp implementation (Closes: #916397) * bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665.patch Memory corruption in bluetooth subsystem (Closes: #916278) * hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch (Closes: #917007) * bump debhelper compat to 12 (>>11) * d/rules: use dh_missing instead of dh_install --list-missing (compat=12) * use dh_installsystemd for guest agent (Closes: #916625) * mention closing by 3.1: Closes: #912655, CVE-2018-16847 * mention closing by 2.10: Closes: #849798, CVE-2016-10028 Closes: CVE-2017-9060 Closes: CVE-2017-8284 -- Michael Tokarev Fri, 21 Dec 2018 16:51:39 +0300 qemu (1:3.1+dfsg-1) unstable; urgency=medium * new upstream release (3.1) * Security bugs fixed by upstream: Closes: #910431, CVE-2018-10839: integer overflow leads to buffer overflow issue Closes: #911468, CVE-2018-17962 pcnet: integer overflow leads to buffer overflow Closes: #911469, CVE-2018-17963 net: ignore packets with large size Closes: #908682, CVE-2018-3639 qemu should be able to pass the ssbd cpu flag Closes: #901017, CVE-2018-11806 m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams Closes: #902725, CVE-2018-12617 qmp_guest_file_read in qemu-ga has an integer overflow Closes: #907500, CVE-2018-15746 qemu-seccomp might allow local OS guest users to cause a denial of service Closes: #915884, CVE-2018-16867 dev-mtp: path traversal in usb_mtp_write_data of the MTP Closes: #911499, CVE-2018-17958 Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used Closes: #911470, CVE-2018-18438 integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value Closes: #912535, CVE-2018-18849 lsi53c895a: OOB msg buffer access leads to DoS Closes: #914604, CVE-2018-18954 pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory Closes: #914599, CVE-2018-19364 Use-after-free due to race condition while updating fid path Closes: #914727, CVE-2018-19489 9pfs: crash due to race condition in renaming files Closes: #912655, CVE-2018-16847 Out-of-bounds r/w buffer access in cmb operations * remove patches which were applied upstream * add new manpage qemu-cpu-models.7 * qemu-system-ppcemb is gone, use qemu-system-ppc[64] * do-not-link-everything-with-xen.patch (trivial) * get-orig-source: handle 3.x and 4.x, and remove roms again, as upstream wants us to use separate source packages for that stuff * move generated data from qemu-system-data back to qemu-system-common * d/control: enable spice on arm64 (Closes: #902501) (probably should enable on all) * d/control: change git@salsa urls to https * add qemu-guest-agent.service (Closes: #795486) * enable opengl support and virglrenderer (Closes: #813658) * simplify d/rules just a little bit * build-depend on libudev-dev, for qga -- Michael Tokarev Sun, 02 Dec 2018 19:10:27 +0300 qemu (1:2.12+dfsg-3) unstable; urgency=medium * make qemu-system-foo depending on qemu-system-data >>ver~, not >>ver (Closes: #900585) * do not build qemu-system-gui on hppa * use dh_lintian for lintian overrides * update VCS fields to point to salsa.debian.org -- Michael Tokarev Fri, 01 Jun 2018 21:42:29 +0300 qemu (1:2.12+dfsg-2) unstable; urgency=medium * create new package, qemu-system-gui, and package GTK module and audio modules in there Closes: #850584 * add an item about qemu-system-gui to debian/qemu-system-common.NEWS * qemu-system-*: require more recent qemu-system-common * switch all builds to be in a single b/ subdir * d/get-orig-source: remove .oco (object) files from roms/SLOF/ * refresh patches/use-fixed-data-path.patch: remove now-unused local var too * ccid-card-passthru-fix-regression-in-realize.patch (Closes: #900006) * debian/control-in: enable seccomp on linux-any (Closes: #900055) * create new arch-indep package qemu-system-data, for data and firmware files. Move common data files from qemu-system-common to it, for now * fix sata/ahci stalls (ahci-fix-PxCI-register-race.patch) * tcg-i386-Fix-dup_vec-in-non-AVX2-codepath.patch (Closes: #900372) -- Michael Tokarev Thu, 31 May 2018 13:22:55 +0300 qemu (1:2.12+dfsg-1) unstable; urgency=medium * new upstream release * get-orig-source: do not remove roms/* directories, since we will use these to build the roms * disable building on hppa arch (not supported upstream since ong time) * Use https://download.qemu.org to download new tarballs (Closes: #895067) * add Breaks: binfmt-support (<<2.1.7) so that --fix-binary works; also fix qemu-user-static description (Closes: #896478) -- Michael Tokarev Thu, 26 Apr 2018 20:29:36 +0300 qemu (1:2.12~rc3+dfsg-2) unstable; urgency=medium * fix typo in previous changelog entry * add riscv32/riscv64 to qemu-debootstrap * install gtk message catalogs into qemu-system-common (Closes: #878130) (and install-gtk-message-catalogs-if-CONFIG_GTK.patch) * tcg_mips-handle-large-offsets-from-target-env-to-tlb_table.patch: fix FTBFS on mips targets -- Michael Tokarev Sat, 14 Apr 2018 17:01:24 +0300 qemu (1:2.12~rc3+dfsg-1) unstable; urgency=medium * new upstream 2.12 release (Release Candidate 3) Closes: #892041, CVE-2018-7550 Closes: #884806, CVE-2017-15124 Closes: #887392, CVE-2018-5683 Closes: #892497, CVE-2018-7858 Closes: #882136, CVE-2017-16845 Closes: #886532, #892947, #891375, #887892, #860822, #851694 * refresh local debian patches * d/rules: enable new system (hppa riscv32 riscv64) and user (aarch64_be xtensa xtensaeb riscv32 riscv64) targets Closes: #893767 * fix d/source/options to match current reality * drop use-data-path.patch, upstream now has --firmwarepath= option * enable capstone disassembler library support (build-depend on libcapstone-dev) * debian/extract-config-opts: use tab for option / condition separator * qemu-block-extra: install only block modules * make `qemu' metapackage to be dummy, to remove it in a future release * do not suggest kmod, it is pointless * install /usr/bin/qemu-pr-helper to qemu-utils package * switch from sdl2 to gtk ui Closes: #839695, #886671, #879536, #879534, #879532, #879193, #894852 * qemu-system-ppc: forgotten qemu-system-ppc64le.1 link * mention closing of #880582 by 2.11 * package will built against spice 0.14, so Closes: #854959 * check sfdisk presence in qemu-make-debian-root (Closes: #872098) * check mke2fs presence in qemu-make-debian-root (Closes: #887207) * debian/binfmt-update-in: include forgotten hppa (Closes: #891261) * debian/TODO: removed some old ToDo items * use binfmt-support --fix-binary option (Closes: #868030) -- Michael Tokarev Thu, 12 Apr 2018 19:04:03 +0300 qemu (1:2.11+dfsg-1) unstable; urgency=medium [ Michael Tokarev ] * update to new upstream (2.11) release Closes: #883625, CVE-2017-17381 Closes: #880832, CVE-2017-15289 Closes: #880836, CVE-2017-15268 Closes: #883399, CVE-2017-15119 Closes: #883406, CVE-2017-15118 Closes: #880582 * update to new upstream, remove old patches, refresh debian patches * disable sdl audio driver (pulse or oss should work fine) * do not build-depend on libx11-dev (libsdl2-dev already depends on it) * move libpulse-dev build-dep to a better place * clean up d/control from various old conflicts/replaces/provides * remove --with-system-pixman, not used anymore * remove ubuntu-specific qemu-system-aarch64 transitional package (trusty) * remove ubuntu-specific mentions of old qemu-kvm-spice package (precise) * remove old comment about /etc/kvm from qemu-kvm description * add Suggests: openbios-sparc for qemu-system-sparc on ubuntu (similar to what is done for qemu-system-ppc) * update get-orig-source.sh with new blobs/submodules * update debian/watch a bit [ Aurelien Jarno ] * debian/control-in: build qemu-system and qemu-user on mips64 and mips64el. Closes: #880485. [ Christian Ehrhardt ] * ppc64[le]: provide symlink matching arch name * d/control-in: Enable seccomp for ppc64el, this bumps minimum libseccomp version -- Michael Tokarev Thu, 11 Jan 2018 14:42:12 +0300 qemu (1:2.10.0+dfsg-2) unstable; urgency=medium * update to upstream 2.10.1 point release Closes: #877160 Closes: CVE-2017-13673 * remove 3 patches included upstream: multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch vga-stop-passing-pointers-to-vga_draw_line-functions-CVE-2017-13672.patch slirp-fix-clearing-ifq_so-from-pending-packets-CVE-2017-13711.patch * 9pfs-use-g_malloc0-to-allocate-space-for-xattr-CVE-2017-15038.patch Closes: #877890, CVE-2017-15038 * remove-trailing-whitespace-from-qemu-options.hx.patch Closes: #875711 * drop dh_makeshlibs call (was for libcacard) * drop linux-libc-dev build-dependency (it gets pulled by libc-dev) * switch from sdl1 to sdl2 (Closes: #870025) -- Michael Tokarev Sun, 08 Oct 2017 12:51:09 +0300 qemu (1:2.10.0+dfsg-1) unstable; urgency=medium * remove blobs, to DFSG'ify it again (there's still no source for some blobs included in upstream tarball) There's no way to revert to 2-number version due to prev. upload * update from upstream git (no changes but include date & commit-id): multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch * update previous changelog entry (fix bug/closes refs): Closes: #873851, CVE-2017-13672 Closes: #874606, CVE-2017-14167 Closes: #873875, CVE-2017-13711 -- Michael Tokarev Mon, 25 Sep 2017 09:46:53 +0300 qemu (1:2.10.0-1) unstable; urgency=medium * new upstream release, 2.10 Closes: #865754, CVE-2017-9503 Closes: #864219, CVE-2017-9375 Closes: #869945 Closes: #867978 Closes: #871648, #871702, #872257 Closes: #851694 Closes: #696289 Closed in this upstream release: #865755, CVE-2017-9524 #863840, CVE-2017-9310 #863943, CVE-2017-9330 #864216, CVE-2017-9373 #864568, CVE-2017-9374 #869171, CVE-2017-11434 #869173, CVE-2017-11334 #869706, CVE-2017-10911 #867751, CVE-2017-10806 #866674, CVE-2017-10664 #873849, CVE-2017-12809 #849798, CVE-2016-10028 CVE-2017-9060 CVE-2017-8284 * dropped all fixes, applied upstream * dropped 02_kfreebsd.patch - apparently not relevant anymore * dropped +dfsg, use upstream tarball directly: we do not use binaries shipped there, and even for those, upstream tarball contains the sources * refreshed list of targets: qemu-or32, qemu-system-or32 => qemu-or1k, qemu-system-or1k +qemu-nios2, qemu-system-nios2 +qemu-hppa * added hppa binfmt entry * refreshed docs lists for various packages * new (security) patches: vga-stop-passing-pointers-to-vga_draw_line-functions-CVE-2017-13672.patch Closes: #873851, CVE-2017-13672 multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch Closes: #874606, CVE-2017-14167 slirp-fix-clearing-ifq_so-from-pending-packets-CVE-2017-13711.patch Closes: #873875, CVE-2017-13711 -- Michael Tokarev Sat, 23 Sep 2017 16:47:02 +0300 qemu (1:2.8+dfsg-7) unstable; urgency=medium * uploading to unstable all fixes which went to stretch-security (exactly the same as 2.8+dfsg-6+deb9u2) -- Michael Tokarev Sat, 05 Aug 2017 16:35:01 +0300 qemu (1:2.8+dfsg-6+deb9u2) stretch-security; urgency=high * actually apply the nbd server patches, not only include in debian/patches/ Really closes: #865755, CVE-2017-9524 * slirp-check-len-against-dhcp-options-array-end-CVE-2017-11434.patch Closes: #869171, CVE-2017-11434 * exec-use-qemu_ram_ptr_length-to-access-guest-ram-CVE-2017-11334.patch Closes: #869173, CVE-2017-11334 * usb-redir-fix-stack-overflow-in-usbredir_log_data-CVE-2017-10806.patch Closes: #867751, CVE-2017-10806 * add reference to #869706 to xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch * disable xhci recursive calls fix for now, as it causes instant crash (xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch) Reopens: #864219, CVE-2017-9375 Closes: #869945 -- Michael Tokarev Wed, 02 Aug 2017 16:57:34 +0300 qemu (1:2.8+dfsg-6+deb9u1) stretch-security; urgency=high * net-e1000e-fix-an-infinite-loop-issue-CVE-2017-9310.patch Closes: #863840, CVE-2017-9310 * usb-ohci-fix-error-return-code-in-servicing-iso-td-CVE-2017-9330.patch Closes: #863943, CVE-2017-9330 * ide-ahci-call-cleanup-function-in-ahci-unit-CVE-2017-9373.patch Closes: #864216, CVE-2017-9373 * xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch Closes: #864219, CVE-2017-9375 * usb-ehci-fix-memory-leak-in-ehci-CVE-2017-9374.patch Closes: #864568, CVE-2017-9374 * nbd-ignore-SIGPIPE-CVE-2017-10664.patch Closes: #866674, CVE-2017-10664 * nbd-fully-initialize-client-in-case-of-failed-negotiation-CVE-2017-9524.patch nbd-fix-regression-on-resiliency-to-port-scan-CVE-2017-9524.patch Closes: #865755, CVE-2017-9524 * xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch Closes: CVE-2017-10911 -- Michael Tokarev Wed, 12 Jul 2017 11:05:16 +0300 qemu (1:2.8+dfsg-6) unstable; urgency=high * 9pfs-local-forbid-client-access-to-metadata-CVE-2017-7493.patch Closes: CVE-2017-7493 * group all 9p patches together * drop obsolete comment about libiscsi on ubuntu from d/control -- Michael Tokarev Tue, 23 May 2017 09:58:03 +0300 qemu (1:2.8+dfsg-5) unstable; urgency=high * Security fix release * 9pfs-local-set-path-of-export-root-to-dot-CVE-2017-7471.patch Closes: #860785, CVE-2017-7471 * 9pfs-xattr-fix-memory-leak-in-v9fs_list_xattr-CVE-2017-8086.patch Closes: #861348, CVE-2017-8086 * vmw_pvscsi-check-message-ring-page-count-at-init-CVE-2017-8112.patch Closes: #861351, CVE-2017-8112 * scsi-avoid-an-off-by-one-error-in-megasas_mmio_write-CVE-2017-8380.patch Closes: #862282, CVE-2017-8380 * input-limit-kbd-queue-depth-CVE-2017-8379.patch Closes: #862289, CVE-2017-8379 * audio-release-capture-buffers-CVE-2017-8309.patch Closes: #862280, CVE-2017-8309 -- Michael Tokarev Wed, 17 May 2017 09:01:24 +0300 qemu (1:2.8+dfsg-4) unstable; urgency=high * usb-ohci-limit-the-number-of-link-eds-CVE-2017-6505.patch Closes: #856969, CVE-2017-6505 * linux-user-fix-apt-get-update-on-linux-user-hppa.patch Closes: #846084 * update to 2.8.1 upstream stable/bugfix release (v2.8.1.diff from upstream, except of seabios blob bits). Closes: #857744, CVE-2016-9603 Patches dropped because they're included in 2.8.1 release: 9pfs-symlink-attack-fixes-CVE-2016-9602.patch char-fix-ctrl-a-b-not-working.patch cirrus-add-blit_is_unsafe-to-cirrus_bitblt_cputovideo-CVE-2017-2620.patch cirrus-fix-oob-access-issue-CVE-2017-2615.patch cirrus-ignore-source-pitch-as-needed-in-blit_is_unsafe.patch linux-user-fix-s390x-safe-syscall-for-z900.patch nbd_client-fix-drop_sync-CVE-2017-2630.patch s390x-use-qemu-cpu-model-in-user-mode.patch sd-sdhci-check-data-length-during-dma_memory_read-CVE-2017-5667.patch virtio-crypto-fix-possible-integer-and-heap-overflow-CVE-2017-5931.patch vmxnet3-fix-memory-corruption-on-vlan-header-stripping-CVE-2017-6058.patch * bump seabios dependency to 1.10.2 due to ahci fix in 2.8.1 * 9pfs-fix-file-descriptor-leak-CVE-2017-7377.patch (Closes: #859854, CVE-2017-7377) * dma-rc4030-limit-interval-timer-reload-value-CVE-2016-8667.patch Closes: #840950, CVE-2016-8667 * make d/control un-writable to stop users from changing a generated file * two patches from upstream to fix user-mode network with IPv6 slirp-make-RA-build-more-flexible.patch slirp-send-RDNSS-in-RA-only-if-host-has-an-IPv6-DNS.patch (Closes: #844566) -- Michael Tokarev Mon, 03 Apr 2017 16:28:49 +0300 qemu (1:2.8+dfsg-3) unstable; urgency=high * urgency high due to security fixes [ Michael Tokarev ] * serial-fix-memory-leak-in-serial-exit-CVE-2017-5579.patch Closes: #853002, CVE-2017-5579 * cirrus-ignore-source-pitch-as-needed-in-blit_is_unsafe.patch (needed for the next patch, CVE-2017-2620 fix) * cirrus-add-blit_is_unsafe-to-cirrus_bitblt_cputovideo-CVE-2017-2620.patch Closes: #855791, CVE-2017-2620 * nbd_client-fix-drop_sync-CVE-2017-2630.diff Closes: #855227, CVE-2017-2630 * sd-sdhci-check-transfer-mode-register-in-multi-block-CVE-2017-5987.patch Closes: #855159, CVE-2017-5987 * vmxnet3-fix-memory-corruption-on-vlan-header-stripping-CVE-2017-6058.patch Closes: #855616, CVE-2017-6058 * 3 CVE fixes from upstream for #853996: sd-sdhci-check-data-length-during-dma_memory_read-CVE-2017-5667.patch megasas-fix-guest-triggered-memory-leak-CVE-2017-5856.patch virtio-gpu-fix-resource-leak-in-virgl_cmd_resource-CVE-2017-5857.patch Closes: #853996, CVE-2017-5667, CVE-2017-5856, CVE-2017-5857 * usb-ccid-check-ccid-apdu-length-CVE-2017-5898.patch Closes: #854729, CVE-2017-5898 * virtio-crypto-fix-possible-integer-and-heap-overflow-CVE-2017-5931.patch Closes: #854730, CVE-2017-5931 * xhci-apply-limits-to-loops-CVE-2017-5973.patch Closes: #855611, CVE-2017-5973 * net-imx-limit-buffer-descriptor-count-CVE-2016-7907.patch Closes: #839986, CVE-2016-7907 * cirrus-fix-oob-access-issue-CVE-2017-2615.patch Closes: #854731, CVE-2017-2615 * 9pfs-symlink-attack-fixes-CVE-2016-9602.patch Closes: #853006 * vnc-do-not-disconnect-on-EAGAIN.patch Closes: #854032 * xhci-fix-event-queue-IRQ-handling.patch (win7 xhci issue fix) * xhci-only-free-completed-transfers.patch Closes: #855659 * char-fix-ctrl-a-b-not-working.patch Closes: https://bugs.launchpad.net/bugs/1654137 * char-drop-data-written-to-a-disconnected-pty.patch Closes: https://bugs.launchpad.net/bugs/1667033 * s390x-use-qemu-cpu-model-in-user-mode.patch Closes: #854893 * d/control is autogenerated, add comment * check if debootstrap is available in qemu-debootstrap Closes: #846497 [ Christian Ehrhardt ] * (ubuntu) no more skip enable libiscsi (now in main) * (ubuntu) Disable glusterfs (Universe dependency) * (ubuntu) have qemu-system-arm suggest: qemu-efi; this should be a stronger relationship, but qemu-efi is still in universe right now. * (ubuntu) change dependencies for fix of wrong acl for newly created device node on ubuntu -- Michael Tokarev Tue, 28 Feb 2017 11:40:18 +0300 qemu (1:2.8+dfsg-2) unstable; urgency=medium * Revert "update binfmt registration for mipsn32" Reopens: #829243 Closes: #843032 Will re-enable it for stretch+1, since for now upgrades from jessie are broken (jessie comes with 3.16 kernel), and there's no easy fix for this * Revert "enable virtio gpu (virglrenderer) and opengl support" Revert "switch from sdl1 to gtk3" Revert other gtk2/drm/vte/virgl-related changes Reopens: #813658, #839695 The change were too close to stretch release and too large, bringing too much graphics stuff for headless servers, will re-think this for stretch+1. sdl1 back: Closes: #851509 virtio-3d bugs: Closes: #849798, #852119 * mention closing of #769983 (multi-threaded linux-user) by 2.7 * mention closing of #842455, CVE-2016-9101 by 2.8 * audio-ac97-add-exit-function-CVE-2017-5525.patch (Closes: #852021) * audio-es1370-add-exit-function-CVE-2017-5526.patch (Closes: #851910) * watchdog-6300esb-add-exit-function-CVE-2016-10155.patch (Closes: #852232) -- Michael Tokarev Mon, 23 Jan 2017 14:06:54 +0300 qemu (1:2.8+dfsg-1) unstable; urgency=medium * new upstream release Closes: #837191, CVE-2016-7156 Closes: #837316, CVE-2016-7170 Closes: #839835, CVE-2016-7908 Closes: #839834, CVE-2016-7909 Closes: #840228, CVE-2016-7994 Closes: #840236, CVE-2016-7995 Closes: #840343, CVE-2016-8576 Closes: #840341, CVE-2016-8577 Closes: #840340, CVE-2016-8578 Closes: #840948, CVE-2016-8668 Closes: #840945, CVE-2016-8669 Closes: #841950, CVE-2016-8909 Closes: #841955, CVE-2016-8910 Closes: #842463, CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106 Closes: #846797, CVE-2016-9776 Closes: #847381, CVE-2016-9845 Closes: #847382, CVE-2017-9846 Closes: #847953, CVE-2016-9907 Closes: #847400, CVE-2016-9908 Closes: #847951, CVE-2016-9911 Closes: #847391, CVE-2016-9912 Closes: #847496, CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Closes: #847960, CVE-2016-9921 CVE-2016-9922 Closes: #847957, CVE-2016-9923 Closes: #842455, CVE-2016-9101 (git2634ab7fe29b3f75d0865b719caf8f310d634aae) Closes: #819755, #833162 Hopefully closes: #844361 * remove unicore32 linux-user target, removed upstream * remove all patches which were applied upstream (most of them) * actually fix #841060 * doc-don-t-mention-memory-it-is-m.patch, Closes: #833619 * don't pass --enable-uuid (always enabled) * build-depend on libncursesw5-dev, not libncurses5-dev * install trace-events-all in qemu-system-common * do not install qemu-tech.html (not provided by upstream anymore) * switch from sdl1 to gtk3 (Closes: #839695) * enable virtio gpu (virglrenderer) and opengl support (Closes: #813658) * strip out -ldrm out of OPENGL_LIBS, since libdrm is actually not needed * enable nfs support (libnfs-dev), in qemu-block-extra * enable glusterfs support (glusterfs-common), in qemu-block-extra (Closes: #775431) * enable numa support (libnuma-dev) (Closes: #758189) -- Michael Tokarev Wed, 28 Dec 2016 15:31:37 +0300 qemu (1:2.7+dfsg-3) unstable; urgency=medium * add PIE.patch to change loadable modules linker flags, from Adrian (Closes: #837574) * linux-user-fix-s390x-safe-syscall-for-z900.patch - fix FTBFS on s390x * mention CVE-2016-7466 for 2.7+dfsg-1 (Closes: #838687, CVE-2016-7466) -- Michael Tokarev Thu, 27 Oct 2016 19:38:01 +0300 qemu (1:2.7+dfsg-2) unstable; urgency=medium * fix distribution field in previous changelog entry * add depends: on seabios >= 1.9 with linuxboot_dma.bin (Closes: #840853, #841060, #842161) * add more links for openbios-sparc to qemu-system-sparc, bump dependency (Closes: #827456) * include license for qemu logo files (Closes: #785362) -- Michael Tokarev Wed, 26 Oct 2016 20:04:15 +0300 qemu (1:2.7+dfsg-1) unstable; urgency=medium * Acknowledge the previous NMU. Thank you Andrew! * New upstream release, 2.7 (Closes: #748043, #839292) Closes: #838850, CVE-2016-7161 Closes: #473240 (qcow encryption support has been removed) Closes: #769983 (multi-threaded linux-user) * removed patches which went upstream, refreshed use-data-path.patch * renamed remaining patches to include CVE#s and added Bug-Debian headers * added Depends on lsb-base to qemu-guest-agent (Closes: #840740) * update binfmt registration for mipsn32 (Closes: #829243) Thank you Adam Borowski for investigation and the patch * replace CVE-2016-7156 (#837339) patch with actual code from upstream * scsi-mptsas-use-g_new0-to-allocate-MPTSASRequest-obj-CVE-2016-7423.patch (Closes: #838145, CVE-2016-7423) * virtio-add-check-for-descriptor-s-mapped-address-CVE-2016-7422.patch (Closes: #838146, CVE-2016-7422) * scsi-pvscsi-limit-process-IO-loop-to-ring-size-CVE-2016-7421.patch (Closes: #838147, CVE-2016-7421) * usb-xhci-fix-memory-leak-in-usb_xhci_exit-CVE-2016-7466.patch (Closes: #838687, CVE-2016-7466) -- Michael Tokarev Fri, 14 Oct 2016 13:31:40 +0300 qemu (1:2.6+dfsg-3.1) unstable; urgency=high * Non-maintainer upload. * Security fixes from upstream: - virtio-error-out-if-guest-exceeds-virtqueue-size-CVE-2015-5403.patch (Closes: #832619, CVE-2015-5403) - scsi-pvscsi-avoid-infinite-loop-while-building-SG-list.patch (Closes: #837339, CVE-2016-7156) - scsi-pvscsi-check-page-count-while-initialising-descriptor-rings.patch (Closes: #837174, CVE-2016-7155) - CVE-2016-6351: scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch and scsi-esp-fix-migration.patch (Closes: #832621, CVE-2016-6351) - virtio-check-vring-descriptor-buffer-length.patch (Closes: #832767, CVE-2016-6490) - net-vmxnet3-check-for-device_active-before-write.patch (Closes: #834904, CVE-2016-6833) - net-check-fragment-length-during-fragmentation.patch (Closes: #834905, CVE-2016-6834) - net-vmxnet-check-IP-header-length.patch (Closes: #835031, CVE-2016-6835) - net-vmxnet-initialise-local-tx-descriptor.patch (Closes: #834944, CVE-2016-6836) - net-vmxnet-use-g_new-for-pkt-initialisation.patch (Closes: #834902, CVE-2016-6888) - CVE-2016-7116: 9pfs-forbid-.-and-.-in-file-names.patch, 9pfs-forbid-illegal-path-names.patch and 9pfs-handle-walk-of-.-in-the-root-directory.patch (Closes: #836502, CVE-2016-7116) - CVE-2016-7157: scsi-mptconfig-fix-an-assert-expression.patch and scsi-mptconfig-fix-misuse-of-MPTSAS_CONFIG_PACK.patch (Closes: #837603, CVE-2016-7157) -- Andrew James Wed, 14 Sep 2016 00:56:18 -0600 qemu (1:2.6+dfsg-3) unstable; urgency=high * more security fixes picked from upstream: - CVE-2016-4454 fix (vmsvga) (Closes: CVE-2016-4454) vmsvga-add-more-fifo-checks-CVE-2016-4454.patch vmsvga-move-fifo-sanity-checks-to-vmsvga_fifo_length-CVE-2016-4454.patch vmsvga-shadow-fifo-registers-CVE-2016-4454.patch - vmsvga-don-t-process-more-than-1024-fifo-commands-at-once-CVE-2016-4453.patch (Closes: CVE-2016-4453) - scsi-check-buffer-length-before-reading-scsi-command-CVE-2016-5238.patch (Closes: #826152, CVE-2016-5238) * set urgency to high due to the amount of security fixes accumulated so far -- Michael Tokarev Wed, 15 Jun 2016 08:54:12 +0300 qemu (1:2.6+dfsg-2) unstable; urgency=medium * add missing log entries for previous upload, remove closing of #807006 (it is not closed) * Added vga-add-sr_vbe-register-set.patch from upstream This fixes regression (in particular with win7 installer) introduced by the fix for CVE-2016-3712 (commit fd3c136) * fix-linking-relocatable-objects-on-sparc.patch (Closes: #807006) * Lots of security patches from upstream: - net-mipsnet-check-packet-length-against-buffer-CVE-2016-4002.patch (Closes: #821061, CVE-2016-4002) - i386-kvmvapic-initialise-imm32-variable-CVE-2016-4020.patch (Closes: #821062, CVE-2016-4020) - esp-check-command-buffer-length-before-write-CVE-2016-4439.patch, esp-check-dma-length-before-reading-scsi-command-CVE-2016-4441.patch (Closes: #824856, CVE-2016-4439, CVE-2016-4441) - scsi-mptsas-infinite-loop-while-fetching-requests-CVE-2016-4964.patch (Closes: #825207, CVE-2016-4964) - scsi-pvscsi-check-command-descriptor-ring-buffer-size-CVE-2016-4952.patch (Closes: #825210, CVE-2016-4952) - scsi-megasas-use-appropriate-property-buffer-size-CVE-2016-5106.patch (Closes: #825615, CVE-2016-5106) - scsi-megasas-initialise-local-configuration-data-buffer-CVE-2016-5105.patch (Closes: #825614, CVE-2016-5105) - scsi-megasas-check-read_queue_head-index-value-CVE-2016-5107.patch (Closes: #825616, CVE-2016-5107) - block-iscsi-avoid-potential-overflow-of-acb-task-cdb-CVE-2016-5126.patch (Closes: #826151, CVE-2016-5126) - scsi-esp-check-TI-buffer-index-before-read-write-CVE-2016-5338.patch (Closes: #827024, CVE-2016-5338) - scsi-megasas-null-terminate-bios-version-buffer-CVE-2016-5337.patch (Closes: #827026, CVE-2016-5337) * hw-dma-omap-spelling-fix-endianness.patch (lintian) * arm-spelling-fix-mismatch.patch (lintian) -- Michael Tokarev Mon, 13 Jun 2016 12:10:44 +0300 qemu (1:2.6+dfsg-1) unstable; urgency=medium * new upstream release Closes: #799115 Closes: #822369, #823588 Closes: #813698 Closes: #805827 Closes: #813585 Closes: #823830 CVE-2016-3710 CVE-2016-3712 Closes: #813193 CVE-2016-2198 Closes: #813194 CVE-2016-2197 Closes: #815008 CVE-2016-2392 Closes: #815009 CVE-2016-2391 Closes: #815680 CVE-2016-2538 Closes: #821038 CVE-2016-4001 Closes: #822344 CVE-2016-4037 Closes: #817181 CVE-2016-2841 Closes: #817182 CVE-2016-2857 Closes: #817183 CVE-2016-2858 - removed all patches applied upstream - removed mjt-set-oem-in-rsdt-like-slic.diff, feature has been implemented in upstream differently - refreshed local patches * do not recommend sharutils for qemu-utils anymore (Closes: #820449) * typo fix in qemu-system-misc description (Closes: #822883) * allow qemu-debootstrap to create mips64el chroot (Closes: #817234) * switch VCS URLs from http to https (lintian) * Bump Standards-Version to 3.9.8 (no changes) * code spelling fixes from upstream * added s390x-virtio-ccw-fix-spelling.patch from upstream * added hw-ipmi-fix-spelling.patch from upstream * added docs-specify-spell-fix.patch from upstream * added fsdev-spelling-fix.patch from upstream * fold long list of supported arches in package descriptions -- Michael Tokarev Wed, 18 May 2016 14:44:14 +0300 qemu (1:2.5+dfsg-5) unstable; urgency=medium * fix misspellings in previous debian/changelog entry * e1000-eliminate-infinite-loops-on-out-of-bounds-start-CVE-2016-1981.patch (Closes: #812307, CVE-2016-1981) * hmp-fix-sendkey-out-of-bounds-write-CVE-2015-8619.patch (Closes: #809237, CVE-2015-8619) * use `command -v' instead of `type' to check for command existence -- Michael Tokarev Thu, 28 Jan 2016 18:39:21 +0300 qemu (1:2.5+dfsg-4) unstable; urgency=medium * change misspelling of won't in NEWS (lintian) * two patches from upstream to enable sigaltstack syscall (linux-user) (Closes: #805826) * word-wrapped last entry in debian/changelog * use type to find out whenever update-binfmts is available * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch (Partial) patch targeted 2.3 which fixes the read side of the issue (Closes: CVE-2016-1714) * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch (Closes: #811201, CVE-2016-1922) -- Michael Tokarev Thu, 21 Jan 2016 13:06:06 +0300 qemu (1:2.5+dfsg-3) unstable; urgency=high [ Aurelien Jarno ] * debian/copyright: fix a spelling error reported by lintian: dependecy -> dependency. [ Michael Tokarev ] * net-vmxnet3-avoid-memory-leakage-in-activate_device patch (Closes: #808145, CVE-2015-8567, CVE-2015-8568) * scsi-initialise-info-object-with-appropriate-size-CVE-2015-8613.patch (Closes: #809232, CVE-2015-8613) * net-rocker-fix-an-incorrect-array-bounds-check-CVE-2015-8701.patch (Closes: #809313, CVE-2015-8701) -- Michael Tokarev Sun, 10 Jan 2016 10:59:46 +0300 qemu (1:2.5+dfsg-2) unstable; urgency=high * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch (Closes: #808144, CVE-2015-8558) * virtio-9p-use-accessor-to-get-thread_pool.patch (Closes: #808357) * two upstream patches from xsa-155 fixing unsafe shared memory access in xen (Closes: #809229, CVE-2015-8550) * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch (Closes: #810519, CVE-2015-8743) * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch (Closes: #810527, CVE-2016-1568) * changed build-depends from libpng12-dev to libpng-dev (Closes: #810205) -- Michael Tokarev Sat, 09 Jan 2016 21:40:43 +0300 qemu (1:2.5+dfsg-1) unstable; urgency=medium * new upstream release (Closes: #801158) Closes: #806373 CVE-2015-8345 Closes: #806742 CVE-2015-7504 Closes: #806741 CVE-2015-7512 Closes: #808131 CVE-2015-7549 Closes: #808130 CVE-2015-8504 * adopt for the new upstream: - removed patches which are upstream now - build-depend on libcacard-dev and stop requiring libtool - removed libcacard refs from debian/qemu-system-common.docs - moved qmp docs out of subdir following upstream - removed pc-bios/vgabios-virtio.bin * enable new linux-user target: tilegx * install qemu-ga manpage * install ivshmem-server and ivshmem-client to qemu-utils * stop using cylinders/heads/sectors for sfdisk in qemu-make-debian-root (Closes: #785470) * modify qemu-make-debian-root to use some current tools (this simplifies things, removes usage of uudecode) (usefulness of this utility is questionable anyway) -- Michael Tokarev Wed, 16 Dec 2015 20:00:04 +0300 qemu (1:2.4+dfsg-5) unstable; urgency=medium * trace-remove-malloc-tracing.patch from upstream. (Closes: #802633) * stop building libcacard, as it is now in its own separate source package and has been removed from upstream qemu in 2.5. Here we just stop producing libcacard binaries, but still use embedded libcacard source to link with it statically. In 2.5 we will switch to external libcacard. (Closes: #805410) -- Michael Tokarev Sun, 29 Nov 2015 12:22:52 +0300 qemu (1:2.4+dfsg-4) unstable; urgency=medium * applied 3 patches from upstream to fix virtio-net possible remote DoS (Closes: #799452 CVE-2015-7295) * remove now-unused /etc/qemu too (Closes: #797608) -- Michael Tokarev Thu, 08 Oct 2015 20:30:03 +0300 qemu (1:2.4+dfsg-3) unstable; urgency=high * ne2000-add-checks-to-validate-ring-buffer-pointers-CVE-2015-5279.patch fix for Heap overflow vulnerability in ne2000_receive() function (Closes: #799074 CVE-2015-5279) * ne2000-avoid-infinite-loop-when-receiving-packets-CVE-2015-5278.patch (Closes: #799073 CVE-2015-5278) * some binfmt reorg: - extend aarch64 to include one more byte as other arches do - set OSABI mask to 0xfc for i386, ppc*, s390x, sparc*, to recognize OSABI=3 (GNU/Linux) in addition to NONE/SysV (Closes: #784605, #794737) - tighten sh4 & sh4eb, fixing OSABI mask to be \xfc not 0 -- Michael Tokarev Tue, 15 Sep 2015 19:30:18 +0300 qemu (1:2.4+dfsg-2) unstable; urgency=high * Add e1000-avoid-infinite-loop-in-transmit-CVE-2015-6815.patch. CVE-2015-6815: net: e1000 infinite loop issue in processing transmit descriptor. (Closes: #798101 CVE-2015-6815) * Add ide-fix-ATAPI-command-permissions-CVE-2015-6855.patch. CVE-2015-6855: ide: qemu allows arbitrary commands to be sent to an ATAPI device from guest, while illegal comands might have security impact, f.e. WIN_READ_NATIVE_MAX results in divide by zero error. (Closes: CVE-2015-6855) -- Michael Tokarev Fri, 11 Sep 2015 19:54:07 +0300 qemu (1:2.4+dfsg-1a) unstable; urgency=medium * new upstream (2.4.0) release Closes: #795461, #793811, #794610, #795087, #794611, #793388 CVE-2015-3214 CVE-2015-5154 CVE-2015-5165 CVE-2015-5745 CVE-2015-5166 CVE-2015-5158 Closes: #793817 * removed all upstreamed patches * remove --enable-vnc-ws option (not used anymore) * update mjt-set-oem-in-rsdt-like-slic.diff * vnc-fix-memory-corruption-CVE-2015-5225.patch from upstream Closes: #796465 CVE-2015-5225 * remove now-unused /etc/qemu/target-x86_64.conf -- Michael Tokarev Mon, 31 Aug 2015 16:28:08 +0300 qemu (1:2.3+dfsg-6a) unstable; urgency=medium * fix d/copyright leftover in previous upload -- Michael Tokarev Thu, 11 Jun 2015 20:31:07 +0300 qemu (1:2.3+dfsg-6) unstable; urgency=high * pcnet-force-buffer-access-to-be-in-bounds-CVE-2015-3209.patch from upstream (Closes: #788460 CVE-2015-3209) -- Michael Tokarev Thu, 11 Jun 2015 20:03:40 +0300 qemu (1:2.3+dfsg-5) unstable; urgency=high * slirp-use-less-predictable-directory-name-in-tmp-CVE-2015-4037.patch (Closes: CVE-2015-4037) * 11 patches for XEN PCI pass-through issues (Closes: #787547 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106) * kbd-add-brazil-kbd-keys-*.patch, adding two keys found on Brazilian keyboards (Closes: #772422) -- Michael Tokarev Wed, 03 Jun 2015 17:18:58 +0300 qemu (1:2.3+dfsg-4) unstable; urgency=medium * rules.mak-force-CFLAGS-for-all-objects-in-DSO.patch: patch from upstream to fix FTBFS on some arches * libcacard-dev: depend on libnss3-dev (Closes: #785798) * libcacard-dev: do not depend on pkg-config -- Michael Tokarev Wed, 20 May 2015 14:21:09 +0300 qemu (1:2.3+dfsg-3) unstable; urgency=high * fdc-force-the-fifo-access-to-be-in-bounds-CVE-2015-3456.patch (Closes: CVE-2015-3456) * fix the OSABI binfmt mask for x86_64 arch, to actually fix #763043. Original fix didn't work, because "someone" forgot arithmetics. (Really Closes: #763043) * align binfmt magics/masks to be in single column -- Michael Tokarev Tue, 12 May 2015 23:02:29 +0300 qemu (1:2.3+dfsg-2) unstable; urgency=medium * do not install upstream changelog file, it is unused for a long time * mention closing of #781250 #769299 by 2.3 * mention qemu-block-extra split in NEWS files * fix spelling prob in the manpage * bump Standards-Version to 3.9.6 (no changes needed) * add mips64 and mips64el binfmt registration (Closes: #778624) -- Michael Tokarev Mon, 04 May 2015 13:01:03 +0300 qemu (1:2.3+dfsg-1) unstable; urgency=medium * new upstream release (2.3) (Closes: #781250 #769299 #781250 #769299) -- Michael Tokarev Fri, 24 Apr 2015 17:33:46 +0300 qemu (1:2.2+dfsg-6exp) experimental; urgency=medium * qemu 2.2.1 stable/bugfix release (remove included upstream exec-change-default-exception_index-value-for-migration-to--1.patch) * added mips64(el) to list of architectures where qemu-utils is built (Closes: #780200) * added kvm-on-x32.patch from Adam Borowski (Closes: #778737) * create qemu-block-extra package * rules.mak-fix-module-build.patch from upstream to fix module build * pass --enable-modules to configure * pass multiarch --libdir to configure * mjt-set-oem-in-rsdt-like-slic.diff: update FACP table too, not only RSDT. FACP is needed for win7 booting in UEFI mode. * enable libcacard (closes: #764971) - build-depend on libnss3-dev & libtool-bin - --enable-smartcard-nss - run dh_makeshlibs - rm libcacard.la - add libcacard0, libcacard-dev and libcacard-tools packages - add libcacard*.install and libcacard0.symbols -- Michael Tokarev Fri, 17 Apr 2015 21:54:53 +0300 qemu (1:2.2+dfsg-5exp) experimental; urgency=medium * fix initscript removal once again -- Michael Tokarev Fri, 23 Jan 2015 15:05:46 +0300 qemu (1:2.2+dfsg-4exp) experimental; urgency=medium * fix a brown-paper bag bug removing the qemu-system-x86 initscript (Closes: #776004) -- Michael Tokarev Thu, 22 Jan 2015 20:33:38 +0300 qemu (1:2.2+dfsg-3exp) experimental; urgency=medium * mention closing of #753887 by 2.2 * install only specific bamboo.dtb for ppc, not *.dtb (Closes: #773033) * install qemu-system-misc firmware in d/*.install not d/rules, as other firmware files * exec-change-default-exception_index-value-for-migration-to--1.patch: cherry-picked commit adee64249ee37e from upstream * stop messing up with alternatives (qemu for qemu-system-*) * stop shipping qemu-system-x86 initscript to load kvm modules (kernel since 3.4 does that automatically) (Closes: #751754) -- Michael Tokarev Thu, 22 Jan 2015 09:28:01 +0300 qemu (1:2.2+dfsg-2exp) experimental; urgency=medium * and finally uploading to experimental as it should be -- Michael Tokarev Wed, 10 Dec 2014 00:58:32 +0300 qemu (2.2+dfsg-1exp) unstable; urgency=medium * new upstream release 2.2.0 (Closes: #751078, #726629, #753887) * removed all patches which was cherry-picked from upstream, only keeping debian-specific changes * refreshed mjt-set-oem-in-rsdt-like-slic.diff * added tricore to qemu-system-misc package (new arch) * restore upstream pc-bios/petalogix-*.dtb "blobs": upstream says it is the canonical form, dtc is used to convert from dts to dtb and back, the conversion is reversible * install petalogix firmware for microblaze (Closes: #769068) -- Michael Tokarev Tue, 09 Dec 2014 23:09:26 +0300 qemu (1:2.1+dfsg-11) unstable; urgency=medium * bump epoch and reupload to cancel 2.2+dfsg-1exp upload mistakenly done to unstable. No other changes. -- Michael Tokarev Wed, 10 Dec 2014 00:52:28 +0300 qemu (2.1+dfsg-10) unstable; urgency=medium * make (debian-specific) x86 data path (with seabios and ipxe in it) non-x86-specific, since other arches use firmware files too (Closes: #772127) * add seabios to Recommends to qemu-system-misc, qemu-system-mips, qemu-system-ppc and qemu-system-sparc packages, because these packages contains emulators using vgabios which is part of seabios package (#772127). * add ipxe-qemu to Recommends to qemu-system-misc, qemu-system-arm, qemu-system-mips, qemu-system-ppc, qemu-system-sparc packages, because these packages contains emulators using network boot roms (#772127), in a similar way. -- Michael Tokarev Tue, 09 Dec 2014 13:47:36 +0300 qemu (2.1+dfsg-9) unstable; urgency=high * apply upstream patches for CVE-2014-8106 (cirrus: insufficient blit region checks) (Closes: #772025 CVE-2014-8106) -- Michael Tokarev Thu, 04 Dec 2014 00:10:43 +0300 qemu (2.1+dfsg-8) unstable; urgency=low [ Michael Tokarev ] * add Built-Using control field for qemu-user-static package: take contents of qemu-user ${shlibs:Depends} and transform it into list of source packages with versions. (Closes: #768926) * run remove-alternatives in qemu-system.postinst (the metapkg) too, not only in qemu-system-XX.postinst, to handle upgrades from wheezy (Closes: #768244) * several fixes for debian/qemu-user.1 manpage. It needs more work, but at least some easy and obvious errors are fixed now. (Closes: #763841) * migration-fix-parameter-validation-on-ram-load.patch from upstream (Closes: #769451 CVE-2014-7840) * fix x86_64 binfmt mask to allow more values in ELF_OSABI field (byte7). Current gcc/binfmt sometimes produces binaries with this field set to 3 (OSABI_GNU) not 0 (OSABI_SYSV) as used to be. Set mask to 0xfb not 0xff here, to allow 0 (traditional SYSV), 1 (HPUX), 2 (NETBSD) or 3 (GNU). This lets 2 more types than necessary, but qemu will reject wrong types so no harm is done. Some other binfmts ignore this field completely (with mask=0). Maybe some day we'll have 2 different binfmt registrations for the 2 different ABI types. (Closes: #763043) * usb-host-fix-usb_host_speed_compat-tyops.patch -- fix host usb devices attach, without this patch many USB devices does not work * qdev-monitor-fix-segmentation-fault-on-qdev_device_h.patch - trivial patch from upstream to fix segfault in -device foo,help (Closes: #770880) [ Aurelien Jarno ] * Add tcg-mips-fix-store-softmmu-slow-path.patch from upstream to fix TCG support on mips/mipsel hosts (Closes: #769470). [ Ian Campbell ] * Backport patch to fix unmapping of persistent grants in the Xen qdisk backend (Closes: #770468). -- Michael Tokarev Thu, 27 Nov 2014 18:32:45 +0300 qemu (2.1+dfsg-7) unstable; urgency=high * urgency is high due to 2 security fixes (one current and one forgotten in previous release) and because of possible data corruption bugfix * vnc-sanitize-bits_per_pixel-from-the-client-CVE-2014-7815.patch from upstream (Closes: CVE-2014-7815) * fix spelling mistake in previous changelog entry * add two patches from upstream for block/raw-posix.c to work around probs in FS_IOC_FIEMAP ioctl and to prefer seek_hole over fiemap. This should fix a long-standing ghost data corruption observed in various places. -- Michael Tokarev Mon, 03 Nov 2014 18:44:34 +0300 qemu (2.1+dfsg-6) unstable; urgency=medium * mention closing of CVE-2014-3615 by 2.1.2 (2.1+dfsg-5) * 9p-use-little-endian-format-for-xattr-values.patch (Closes: #755740) * mention closing of #760386 * mention closing of more CVEs by 2.1+dfsg-1 * recognize ppc64el in qemu-debootstrap (Luca Falavigna) (Closes: #760949) * use dpkg-vendor to let derived distros to use our d/rules * use /usr/share/dpkg/architecture.mk to get DEB_HOST_* and DEB_BUILD_* variables. This restores cross building support. * use /usr/share/dpkg/buildflags.mk for CFLAGS LDFLAGS &Co * pass -DVENDOR_{DEBIAN,UBUNTU} to compiler * do not treat ppc* and ppc*le as compatible for binfmt registrations * mention ACPI SLIC to RSDT id copying if slic table is supplied, thank you Tim Small for the patch (Closes: #765075) * apply 5 patches from upstream to fix a security issue in vmware-vga (Closes: #765496 CVE-2014-3689) * apply two patches from upstream to make qemu to work with samba4 (Closes: #747636) -- Michael Tokarev Mon, 03 Nov 2014 18:07:48 +0300 qemu (2.1+dfsg-5) unstable; urgency=medium * upstream bugfix release v2.1.2 (Closes: #762532 CVE-2014-3640 CVE-2014-5388 CVE-2014-3615) * Add x32 to the list of supported architectures (patch by Thorsten Glaser) (Closes: #760386) * fix wrong reference in kvm.1 (Closes: #761137) * removed patches (applied upstream): l2tp-linux-only.patch ide-only-constrain-read_write-requests-to-drive-size.diff pc-reserve-more-memory-for-acpi.patch -- Michael Tokarev Fri, 26 Sep 2014 17:43:26 +0400 qemu (2.1+dfsg-4) unstable; urgency=medium * mention libnuma-dev but not enable for now * 9p-readdir.patch: fix readdir in 9p mapped mode (Closes: #755738) * pc-reserve-more-memory-for-acpi.patch: fix linux -kernel not working with new qemu (Closes: #759522) * qemu-options-add-missing--drive-discard-option-to-cmdline-help.diff - documentation fix * mention that 2.1 closed #754336. * move qemu-bridge-helper to /usr/lib/qemu/ subdir (lintian) * debian/binfmt-update-in (Serge Hallyn): - don't run in a container - add ppc64le as target * add apport hook from ubuntu package (ubuntu-only for now) -- Michael Tokarev Sun, 31 Aug 2014 09:32:59 +0400 qemu (2.1+dfsg-3) unstable; urgency=medium * set SHELL = /bin/sh -e, so that more complex shell constructs in d/rules will fail if any command fail inside * check for pipe2() being a stub too, like utimensat() etc * build-depend on gnutls-dev, not libgnutls*-dev, so the buuld system will pick default gnutls impl (so it works for backports and future versions) * build-depend on libjpeg-dev not libjpeg8-dev * minimum version of seabios is 1.7.5 (Closes: #757958) * ide-only-constrain-read_write-requests-to-drive-size.diff (Closes: #757927) * added use-arch-data-path.patch, to be able to search for binary blobs in several (arch-specific) data directories instead of just one. * removed all blob/firmware symlinks from qemu-system-x86, using arch-specific datapath instead (/usr/share/seabios:/usr/lib/ipxe/qemu) * removed retry-pxe-after-efi.patch and depend on ipxe-qemu which introduced efi boot roms. qemu should not try to load "wrong" ROM, or else migration will fail due to rom size mismatch. * include /usr/lib/qemu-bridge-helper binary, but not make it setuid due to security concerns outlined in #691138 (Closes: #691138) * make vnc-jpeg not debian-specific * install kvm-spice symlinks on ubuntu -- Michael Tokarev Thu, 14 Aug 2014 14:30:24 +0400 qemu (2.1+dfsg-2) unstable; urgency=medium * l2tp-linux-only.patch: fix FTBFS on kfreebsd * imx_timer_TIMER_MAX_clash.diff: fix ITIMER_MAX definition clash * remove kfreebsd hack which disabled usb support on this platform since qemu-1.3: it isn't needed anymore -- Michael Tokarev Sat, 02 Aug 2014 00:51:04 +0400 qemu (2.1+dfsg-1) unstable; urgency=medium * new upstream release Closes: #739589: CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4526 CVE-2013-4527 CVE-2013-4528 CVE-2013-4530 CVE-2013-4531 CVE-2013-4532 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0182 CVE-2014-3461 Closes: #735618 Closes: #754336 Closes: CVE-2014-3471 (pcie hotplug/hotunplug) * versioned build-depend on libiscsi-dev (>>1.9.0~) * added ppc64le user target * fix description of qemu-user-binfmt wrt "empty" (Closes: #755988) * use /usr/share/dpkg/pkg-info.mk instead of inventing the same locally * added debian/get-orig-source.sh (and a d/rules target) * set ubuntu vcs branch to ubuntu-utopic * binfmt-update-in: make sure to filter out compat arches -- Michael Tokarev Fri, 01 Aug 2014 20:06:22 +0400 qemu (2.0.0+dfsg-7) unstable; urgency=medium * clarify description of qemu-user-binfmt a bit * build-depend on acpica-tools (iasl) in order to rebuild .dsl files * remove qemu-keymaps package, since it is not used by other tools anymore, and ship keymaps in qemu-system-common. * remove (and break by qemu-system-common) old qemu-common for ubuntu too, since it was transitional-to-qemu-keymaps pkg * reorganize docs (Closes: #751376): - do not ship docs in qemu (meta)package, except of qemu-doc.html - ship most of docs/* in qemu-system-common in /usr/share/doc/q-s-c/ - make symlinks from /usr/share/doc/qemu-system-foo/common to ../q-s-c/ - ship doc-base file for qemu-system-common too (for qemu-doc.html) - rename qemu.1 manpage to qemu-system.1 * qemu-user-static & qemu-user-binfmt conflict with each other, not break. * mention that qemu-user-binfmt is empty package (lintian) -- Michael Tokarev Thu, 24 Jul 2014 16:51:16 +0400 qemu (2.0.0+dfsg-6) unstable; urgency=medium * build-depend on libgnutls28-dev not libgnutls-dev * added qcow1 block format validation patches from upstream: block-fmt-validation/qcow1-check-maximum-cluster-size.patch block-fmt-validation/qcow1-stricter-backing-file-length-check.patch block-fmt-validation/qcow1-validate-image-size-CVE-2014-0223.patch block-fmt-validation/qcow1-validate-L2-table-size-CVE-2014-0222.patch (Finally closes: #742730, CVE-2014-0222, CVE-2014-0223) -- Michael Tokarev Fri, 23 May 2014 12:12:38 +0400 qemu (2.0.0+dfsg-5) unstable; urgency=medium * re-re-enable rbd (ceph) support again (Closes: #689239) Should watch for breakage and for runtime dependencies closely from now on. * fix qemu-kvm package description (stop mentioning it is transitional) * move all binfmt handling from many files to d/binfmt-update-in * introduce qemu-user-binfmt (dummy) package to support binfmt registration of qemu-user binaries (Closes: #677529) -- Michael Tokarev Tue, 13 May 2014 21:15:48 +0400 qemu (2.0.0+dfsg-4) unstable; urgency=medium * suggests ovmf, not recommends it as it is not in -main (Closes: #745698) * cputlb-fix-regression-with-TCG-interpreter.patch (Closes: #744342) -- Michael Tokarev Wed, 30 Apr 2014 10:03:55 +0400 qemu (2.0.0+dfsg-3) unstable; urgency=low * 2.0.0 closed #744213 (CVE-2013-4544) and #745157 (CVE-2014-2894) * mjt-set-oem-in-rsdt-like-slic.diff: apply a (hackish) patch to simplify running OEM versions of windows vista and 7 in qemu using SLIC table from current hardware. * set VENDOR in d/rules * added forgotten qemu-kvm Pre-Depends field * switch back from sdl2 to sdl1, as the former apparently isn't ready yet (Closes: #745269) -- Michael Tokarev Mon, 21 Apr 2014 12:34:03 +0400 qemu (2.0.0+dfsg-2) unstable; urgency=medium * resurrect 02_kfreebsd.patch, -- without it qemu FTBFS on current Debian kFreeBSD system still. -- Michael Tokarev Thu, 17 Apr 2014 22:04:38 +0400 qemu (2.0.0+dfsg-1) unstable; urgency=low * new upstream major release Closes: #744213 CVE-2013-4544 Closes: #745157 CVE-2014-2894 * 2.0 actually does not close #739589, remove it from from last changelog entry * mention closing of #707629 by 2.0 * mention a list of CVE IDs closed by #742730 * mention closing of CVE-2013-4377 by 1.7.0-6 * do not set --enable-uname-release=2.6.32 for qemu-user anymore (was needed for old ubuntu builders) * removed 02_kfreebsd.patch: it adds configure check for futimens() and futimesat() syscalls on FreeBSD, however futimens() appeared in FreeBSD 5.0, and futimesat() in 8.0, and 8.0 is the earliest supported version * kmod dependency is linux-any * doc-grammify-allows-to.patch: fix some lintian warnings * remove alternatives for qemu: different architectures aren't really alternatives and never had been * update Standards-Version to 3.9.5 (no changes needed) * exec-limit-translation-limiting-in-address_space_translate-to-xen.diff - fixes windows BSOD with virtio-scsi when upgrading from 1.7.0 to 1.7.1 or 2.0, among other things -- Michael Tokarev Thu, 17 Apr 2014 18:27:15 +0400 qemu (2.0.0~rc1+dfsg-1exp) experimental; urgency=low * new upstream release candidate (2.0-rc1) Closes: #742730 -- image format processing issues: CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0148 Closes: #743235, #707629 * refreshed patches: 02_kfreebsd.patch retry-pxe-after-efi.patch use-fixed-data-path.patch * removed patches applied upstream: qemu-1.7.1.diff address_space_translate-do-not-cross-page-boundaries.diff fix-smb-security-share.patch slirp-smb-redirect-port-445-too.patch implement-posix-timers.diff linux-user-fixed-s390x-clone-argument-order.patch * added bios-256k.bin symlink and bump seabios dependency to >= 1.7.4-2 * recommend ovmf package for qemu-system-x86 to support UEFI boot (Closes: #714249) * switch from sdl1 to sdl2 (build-depend on libsdl2-dev) * output last 50 lines of config.log in case configure failed -- Michael Tokarev Sat, 05 Apr 2014 16:23:48 +0400 qemu (1.7.0+dfsg-9) unstable; urgency=medium * remove rbd/rados/ceph support *again*, till they'll actually provide some symbol/library version mechanism (Closes: #744364, Reopens: #729961, #689239) -- Michael Tokarev Sun, 13 Apr 2014 18:49:46 +0400 qemu (1.7.0+dfsg-8) unstable; urgency=low * fix a brown-paper-bag bug in the previous upload -- Michael Tokarev Fri, 11 Apr 2014 22:01:32 +0400 qemu (1.7.0+dfsg-7) unstable; urgency=high * fix guest-triggerable buffer overrun in virtio-net device (Closes: #744221 CVE-2014-0150) -- Michael Tokarev Fri, 11 Apr 2014 20:27:16 +0400 qemu (1.7.0+dfsg-6) unstable; urgency=medium * make ceph (rbd) support linux-only, since it exists only on linux -- Michael Tokarev Sat, 05 Apr 2014 13:59:48 +0400 qemu (1.7.0+dfsg-5) unstable; urgency=medium * remove OVMF.fd symlink added in -4, it belongs to ovmf (Closes: #741494) * qemu-debootstrap: add support for arm64 architecture (Closes: #740112) * mention closing of #725176 by 1.7.0 -- Michael Tokarev Thu, 13 Mar 2014 06:21:01 +0400 qemu (1.7.0+dfsg-4) unstable; urgency=medium [ Michael Tokarev ] * 1.7.1 stable upstream release (Closes: #719633) Closes: CVE-2013-4377 * implement-posix-timers.diff from upstream (Closes: #732258) * address_space_translate-do-not-cross-page-boundaries.diff - upstream bugfix for xen * break libvirt << 1.2, not just 1.0, we need 1.2+ after qemu-1.6. * add linux-user-fixed-s390x-clone-argument-order.patch (Closes: #739800) * re-enable cepth (rbd) support (Closes: #729961, #689239) [ Steve Langasek ] * (from Ubuntu) add symlink for OVMF.fd, which is now available in Debian non-free. * libusbredir is enabled in Ubuntu too, so sync debian/control. * Enable building for ppc64el (in both Debian and Ubuntu): Debian does not have a ppc64el port yet, but qemu builds out of the box there so it's safe/appropriate to enable. * Merge in Ubuntu-specific (and Ubuntu-tagged) debian/control changes. * Enable building for arm64; the arm64 target is not yet merged, but the package doesn't need arm64 target support to build for an arm64 host. [ Riku Voipio ] * control: build-depend on python:any (change originally made in Aug-2013 but reverted by mjt later) -- Michael Tokarev Wed, 12 Mar 2014 18:34:03 +0400 qemu (1.7.0+dfsg-3) unstable; urgency=low * qemu-kvm: fix versions for Breaks/Replaces/Depends on qemu-system-x86 * qemu-system-ppc: depend on openbios-ppc >= 1.1+svn1229 to fix boot issues * qemu-system-sparc: depend on openbios-sparc >= 1.1+svn1229 too * remove unused lintian overrides for qemu-user from qemu (meta)package * qemu-system-*: depend on unversioned qemu-keymaps and qemu-system-common packages (no particular version of any is hard-required) * remove debian/README.source (was from quilt) * add myself to debian/copyright * reorder d/control to have Recommends:/Suggests: closer to Depends. * rename d/control to d/control-in and add a d/rules rule to build it based on ${VENDOR} * allow different content in d/control for debian/ubuntu * added debian/README-components-versions * fixed qemu-armeb binfmt (Closes: #735078) * added powerpcspe host arch (Closes: #734696) * do not check for presence of update-alternatives which is part of dpkg (Closes: #733222) * do not call update-alternative --remove from postrm:remove (lintian complains about this) * add efi netrom links. This requires new ipxe-qemu. -- Michael Tokarev Thu, 16 Jan 2014 15:17:46 +0400 qemu (1.7.0+dfsg-2) unstable; urgency=low * switch from vgabios to seavgabios * rework update-alternatives handling for qemu-system (Closes: #722914) * mention closing of #326886, #390444, #706237 and CVE-2013-4375 for 1.7.0 * rearrange libvte-dev build-dependency to come together with gtk, and comment it out (since gtk frontend isn't being built) * re-introduce qemu-kvm package with just a wrapper (/usr/bin/kvm) and make this wrapper to force kvm mode (Closes: #727762) * use less strict dependency on qemu-keymaps * added fix-smb-security-share.patch by Michael Büsch (Closes: #727756) * added move-ncalrpc-dir-to-tmp.patch by Michael Büsch (Closes: #728876) -- Michael Tokarev Fri, 29 Nov 2013 00:16:44 +0400 qemu (1.7.0+dfsg-1) unstable; urgency=low * new upstream release (Closes: #724758, #326886, #390444, #706237, #725176) Also fixes CVE-2013-4375 (xen-specific qemu disk backend (qdisk) resource leak) * tweak kvm loading script to not load module for 3.4+ kernel (kernel autoloads kvm modules since 3.4) (Closes: #717811) * mention closing of #721713, #710971, #674201 * refresh use-fixed-data-path.patch to contain just the min. changes * fix pxe-eepro100.rom link (never worked in qemu due to wrong name) * remove old $Id$ line from debian/rules -- Michael Tokarev Thu, 28 Nov 2013 03:14:21 +0400 qemu (1.6.0+dfsg-2) unstable; urgency=low * Build-depend in seccomp again once it is in -testing * 1.6.1 upstream bugfix release (Closes: #725944, #721713, #710971) * fix "allows [one] to" in qemu-ga description * fix descriptions for qemu-system and qemu-system-common packages -- Michael Tokarev Fri, 11 Oct 2013 01:15:48 +0400 qemu (1.6.0+dfsg-1) unstable; urgency=low * final upstream v1.6.0 (Closes: #718180, #714273, #605525, #701855, #674201) * removed configure-explicitly-disable-virtfs-if-softmmu=no.patch * mention closing of #717724 by 1.6 * mention closing of #710971 by 1.5 (which disabled gtk support) [ Riku Voipio ] * - set --cross-prefix in debian/rules when cross-compiling -- Michael Tokarev Mon, 02 Sep 2013 15:18:49 +0400 qemu (1.6.0~rc0+dfsg-1exp) experimental; urgency=low * uploading to experimental (rc0) * new upstream release (release candidate) (Closes: #718016, #717724) * removed patches: - qemu-1.5.1.diff - sparc-linux-user-fix-missing-symbols-in-.rel-.rela.plt-sections.patch * refreshed use-fixed-data-path.patch * ship new qemu_logo_no_text.svg * stop shipping sgabios symlink, it is moved to sgabios package * bump version of libseccomp build dependency to 2.1 (minimum required to build) and disable libseccomp for now (because it isn't available in debian yet) -- Michael Tokarev Wed, 31 Jul 2013 10:49:30 +0400 qemu (1.5.0+dfsg-5) unstable; urgency=low * new upstream 1.5.1 stable/bugfix release (as qemu-1.5.1.diff) removed qemu_openpty_raw-helper.patch (included upstream) * configure-explicitly-disable-virtfs-if-softmmu=no.patch -- do not build virtfs-proxy-helper stuff if not building system emulator (fix FTBFS on s390) * disable gtk ui and build dependencies, as it adds almost nothing compared with sdl (well, except bugs and limitations), and has lots of additional dependencies (Closes: #710971) * remove obsolete /etc/init.d/qemu-kvm (Closes: #712898) * fix versions of obsolete qemu-kvm conffiles to be removed * provide manpage for obsolete kvm (Closes: #716891, #586973) * add --daemonize option to the guest-agent startup script (Closes: #715502) * clarify what qemu-guest-agent does (Closes: #714270) and provide its json schema as a doc -- Michael Tokarev Tue, 23 Jul 2013 22:39:54 +0400 qemu (1.5.0+dfsg-4) unstable; urgency=medium * urgency is medium to make it go faster because, on one hand, we've been in unstable for quite a bit longer than needed already and have nothing but (build) fixes in there, but on the other hand we're holding migration of other packages which are waiting for us, again, for too long already * added qemu_openpty_raw-helper.patch - a cleanup patch submitted upstream which removes #include from common header and hence works around FTBFS problem on debian sparc where somehow, conflicts with . -- Michael Tokarev Thu, 06 Jun 2013 01:50:32 +0400 qemu (1.5.0+dfsg-3) unstable; urgency=low * fix sections: misc => otherosfs * remove obsolete conffiles (kvm-ifup, kvm-ifdown, target-x86_64.conf) from /etc/kvm/ in qemu-kvm (Closes: #710328) * rework debian/rules a bit, to build various bits depending on which packages are requested, not depending on ad-hoc host/arch logic * do not fail at install if kvm module loading failed on x86 or if modprobe isn't installed (Closes: #710496) * also suggest kmod to be able to load x86 kvm modules * suggest sgabios for qemu-system-x86 and put a symlink to sgabios.bin (Closes: #696985) * add rules to build just one of arch/indep parts, to make buildd log scanner happier (E-binary-arch-produces-all) * use verbose build by default (V=1) and let it to be overridden -- Michael Tokarev Sun, 02 Jun 2013 01:49:47 +0400 qemu (1.5.0+dfsg-2) unstable; urgency=low * merged development history of wheezy and experimental branches. Now the history is ordered by version, but is not chronological. As a base we now have wheezy (1.1.2+dfsg-6a) version. * removed trailing whitespaces from changelog file * run dh_installinit properly (Closes: #709199) * run dh_installman (Closes: #709241) * remove build-dependendy on texi2html, upstream switched to makeinfo -- Michael Tokarev Tue, 28 May 2013 10:48:41 +0400 qemu (1.5.0+dfsg-1) unstable; urgency=low * update to 1.5.0 (Closes: #707732) * upload to unstable * mention that 1.5 closes #697641 and #705544 * bump dependency on openbios (openbios-ppc for qemu-system-ppc, openbios-sparc for qemu-system-sparc) from 1.0+svn1060 to 1.1 (Closes: #707727) * bump dependency on seabios to be >= 1.7.2-2 * add retry-pxe-after-efi.patch to try pxe-XXXX.rom after unsuccessfully trying efi-XXXX.rom - this is for NICs, until pxe-qemu package will be able to provide necessary efi-XXXX.rom files. * add (versioned) dependency on libusb-1.0 now when the right version is available in debian * use-fixed-data-path.patch: do not try to derive data path from executable location, always use /usr/share/qemu -- Michael Tokarev Tue, 21 May 2013 00:49:47 +0400 qemu (1.5.0~rc0+dfsg-1) experimental; urgency=low * update to new upstream release candidate (1.5.0-rc0) (Closes: #697641, #705544) * remove --audio-card-list * added new moxie system target * added new linux-user targets: mips64 mips64el mipsn32 mipsn32el * add libgtk2 and libvte to dependencies (new UI) * added libssh2 to dependencies (new block device) * s/libvdeplug2-dev/libvdeplug-dev/ * define localstatedir (for guest-agent) -- Michael Tokarev Wed, 08 May 2013 01:01:01 +0400 qemu (1.4.0+dfsg-2exp) experimental; urgency=low [ Michael Tokarev ] * set qemu-kvm priority to extra * fix distribution field in last qemu-system.NEWS entry * bump Standards-Version to 3.9.4 (no changes needed) * fix update-rc.d args for qemu-system-x86 * pre-Depend on adduser for qemu-system-common (Closes: #700840) * move guest agent binary (qemu-ga) to /usr/sbin * add versioned build-depends on libspice-protocol-dev (>= 0.12.3) * refresh qemu-ifunc-sparc.patch, use proper submission from patchwork (sparc-linux-user-fix-missing-symbols...) instead. * apply 1.4.1 upstream stable patch * release as 1.4.0 [ Aurelien Jarno ] * debian/rules: don't build spapr-rtas.bin from .hex file. * qemu-system-ppc: add a depends on qemu-slof and add the corresponding links (Closes: #686979). -- Michael Tokarev Thu, 18 Apr 2013 14:45:30 +0400 qemu (1.4.0+dfsg-1exp) experimental; urgency=low [ Michael Tokarev ] * 1.4.0 final release * remove fix-virtio-net-for-win-guests.patch (upstream now has better fix) * fix debian/control arch fields. Build-Depends: foo [bar] means foo will be selected for build on LINUX-bar, not any-bar. So stop using [bar], always use [linux-bar] or [any-bar], as appropriate. This fix spice and xen (non)selection on kfreebsd-{i386,amd64}. * fix manpage "links" generation (man qemu-system-* was broken) * change Vcs fields to point to anonscm.debian.org (lintian) * add a check for (lxc) container to qemu-system-x86 initscript [ Steve Langasek ] * Pass --enable-uname-release=2.6.32 for the user emulation builds, so that we have a sensible baseline kernel value regardless of what the underlying host kernel is. This makes eglibc happier when running under emulation on a very old kernel for instance (whose host syscall ABI has nothing to do with what emulated syscalls are supported), and probably also lets us steer clear for the moment of code that has problem with the new kernel upstream versioning convention. LP: #921078. -- Michael Tokarev Sat, 16 Feb 2013 12:34:54 +0400 qemu (1.4.0~rc0+dfsg-1exp) experimental; urgency=low * new upstream 1.4.0-rc0 (first release candidate). (Closes: #549195) * remove patches included upstream: e1000-discard-oversized-packets-based-on-SBP_LPE.patch link-seccomp-only-with-softmmu-targets.patch revert-serial-fix-retry-logic.patch savevm.c-cleanup-system-includes.patch * refresh qemu-ifunc-sparc.patch * add fix-virtio-net-for-win-guests.patch bandaid to make virtio-net in windows guest to work again * don't install virtfs-proxy-helper in its own subdir in /usr/bin * add qemu-io manpage. Thank you Asias He for the work! (Closes: #652518) * move config options from debian/configure-opts into debian/control, to keep list of build-deps & corresponding config flags in one place * use initscript from old qemu-kvm package to load kvm modules for qemu-system-x86, and clean it up (Closes: #699404) * load vhost_net module in the initscript too * mention default NIC change in qemu-kvm.NEWS and old conffiles * remove mentions of (ubuntu-specific) qemu-common from debian/control for now, as it does not help anyway (other changes are needed anyway and it is better to keep them in one place) * add a (preliminary) qemu-guest-agent startup script * qemu-system-x86 break libvirt0 << 1.0, because older versions didn't work with qemu 1.3+ correctly -- Michael Tokarev Sat, 02 Feb 2013 21:05:28 +0400 qemu (1.3.0+dfsg-5exp) experimental; urgency=low * qemu-system-split: split qemu-system into several target-specific packages: qemu-system-arm, qemu-system-mips, qemu-system-ppc, qemu-system-sparc, qemu-system-x86, and qemu-system-misc, plus qemu-system-common. (Closes: #636000) * add initial qemu-guest-agent package (just the binary for now, no startup script) (Closes: #676959) * do not try to install (linux-specific) virtfs-proxy-helper on kfreebsd * change order of audio drivers, in particular put pulseaudio (pa) first * ship OS-specific qemu-ifup (use trivial ifconfig invocation on kfreebsd) * qemu-system replaces qemu-utils due to virtfs-proxy-helper binary * chmod +x qemu-ifdown -- Michael Tokarev Mon, 28 Jan 2013 15:05:57 +0400 qemu (1.3.0+dfsg-4exp) experimental; urgency=low * install forgotten /etc/qemu-ifdown (dummy, but qemu complains without it) * install virtfs-proxy-helper in qemu-system not qemu-utils * add qemu-kvm.NEWS mentioning transition from qemu-kvm to qemu-system-x86_64. * do not pass -cpu kvm64 to qemu in kvm wrapper script, previous qemu-kvm used qemu64 cpu instead - the same as new qemu uses. * install kvm wrapper on x86 only, and install it as /usr/bin/kvm not /usr/bin/kvm/kvm (Closes: #698736). * stop shipping /usr/share/qemu/vapic.bin link (qemu uses kvmvapic.bin) * stop shipping /usr/share/qemu/vgabios.bin link (qemu uses vgabios-*.bin) * enable all guest audio devices * add breaks/replaces/provides/conflicts with kvm (very old package), qemu-kvm, and ubuntu's qemu-common. * stop caring about old (pre-squeeze) qemu -- Michael Tokarev Wed, 23 Jan 2013 11:08:47 +0400 qemu (1.3.0+dfsg-3exp) experimental; urgency=low * add ability to specify os-arch in configure-opts * libseccomp is linux-x86 not linux-any * e1000-discard-oversized-packets-based-on-SBP_LPE.patch CVE-2012-6075 (Closes: #696051) -- Michael Tokarev Mon, 21 Jan 2013 02:54:15 +0400 qemu (1.3.0+dfsg-2exp) experimental; urgency=low * qemu-nbd and qemu-io should be installed on kFreeBSD too * install qemu-system docs into /usr/share/doc/qemu-system, not .../qemu (Closes: #697085) * do not depend on ipxe, it does not provide our ROMs * move vde2 from Recommends to Suggests, since it isn't used often * require libspice-server-dev >= 0.12.2 and require it on i386 too, enable spice support * require libusbredirparser-dev >= 0.6, enable usb-redir * enable xen explicitly on amd64|i386 * enable xfsctl explicitly on linux * sort build-deps in debian/control and add comments * set permissions of /dev/kvm in qemu-system.postinst the same way it is done in old qemu-kvm package * set --localstatedir=/var (will be used later by guest agent) * bump qemu-system dependency on seabios to 1.7.2 and add symlinks for acpi-dsdt.aml and q35-acpi-dsdt.aml * import qemu-ifup and qemu-ifdown scripts from qemu-kvm, and modify qemu-ifup to allow usage of just `ip' command from iproute package (if installed) instead of old brctl+ifconfig. Add Breaks: for old iproute without bridge controls. Add iproute to Recomments, so that the scripts will actually work (previous script used sudo which should be in recommends too) * enable seccomp (and libseccomp-dev b-d) on linux, and add link-seccomp-only-with-softmmu-targets.patch * use $(MAKE) not make when building spapr-rtas.bin * update debian/watch (new place and new extensions) * add qemu-kvm package (transitional, depends on qemu-system), and add /usr/bin/kvm wrapper that calls qemu-system-x86_64 with some arguments to match original qemu-kvm behavour. (Closes: #560853) -- Michael Tokarev Sun, 20 Jan 2013 22:12:11 +0400 qemu (1.3.0+dfsg-1~exp3) experimental; urgency=low * enable vde on kFreebsd too (no idea why it was disabled) * bluez (libbluetooth) is linux-specific * savevm.c-cleanup-system-includes.patch: remove excessive #includes from savevm.c (fixes FTBFS on kFreebsd due to wrong #include) -- Michael Tokarev Mon, 31 Dec 2012 15:52:23 +0400 qemu (1.3.0+dfsg-1~exp2) experimental; urgency=low * mention that 1.3: Closes #622319, #597527, #593547, #660154 * libcap and libcap-ng are linux-specific * include spapr-rtas.bin file in a pre-compiled pseudo-hex-with-assembly form in debian/spapr-rtas.hex, "compile" it (using sed magic) in build step and compare the result with the actually built binary on ppc. This binary is needed for ppc system emulation (qemu-system-ppc*). (Closes: #670909). * rename system-build to qemu-build, and merge user-build to qemu-build, building qemu-system and qemu-user in one go. Only qemu-system-static is left in separate build dir. Note that current qemu-user is linux-specific, even if qemu has bsd-user targets. * add or32 user target * debian/configure-opts - list of (possible arch- or os-specific) features to enable/disable. This is in order to ensure we always build with specific options enabled and error out if new upstream will dislike our dependencies, or if the deps will not work. Move config_audio_drv from debian/rules to this file too. For now do not explicitly enable xen, spice, usb-redir, since these requires some more work. Also pass $(QEMU_CONFIGURE_OPTIONS) to qemu configure line, to be able to quickly override some options. * do not build-depend on sharutils, since no uuencoded binaries are shipped anymore * do not build-depend on nasm, we don't compile from assembly anymore * remove libgpmg1-dev from build-depends. It was due to #267174, because of static link of qemu with libsdl. Now only qemu-user-static is linked statically, and this one does not use libsdl. * add myself to uploaders, and remove dm-upload-allowed * added main docs to qemu-system package * specify --libexecdir=/usr/lib to configure * mark all packages as Multi-Arch: foreign (at least it is possible to install i386 versions on amd64 arch) * replace "flags OC" with "credentials yes" in debian/binfmts/*, since that's the format update-binfmts expects to enable setuid binaries. (Closes: #683205) * build-depend on debhelper 9, and set debian/compat to 9 -- Michael Tokarev Mon, 31 Dec 2012 01:40:35 +0400 qemu (1.3.0+dfsg-1~exp1) experimental; urgency=low [ Michael Tokarev ] * new upstream version (1.3.0) (Closes: #676374, #622319, #597527, #593547, #660154) - Removed patches included upstream: do-not-include-libutil.h.patch configure-nss-usbredir.patch tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch net-add--netdev-options-to-man-page.patch - update 02_kfreebsd.patch - do not build mpc8544ds.dtb - include new targets * Cleaned up the build system ALOT. Larger changes: - used explicit lists of emulated targets in debian/rules and generate everything else from there, instead of repeating these lists in lots of places. - stop using debian/$pkg.manpages and other auxilary files like this, moving eveything to debian/$pkg.install, because with the number of packages growing, amount of these small files becomes very large and the result is difficult to maintain. * ship forgotten target-x86_64.conf in qemu-system. * ship virtfs-proxy-helper in qemu-utils. * stop shipping tundev.c, since it does not reflect the reality for a long time now (Closes: #325761, #325754). * re-introduce support parallel build using DEB_BUILD_OPTIONS=parallel=N, this time by adding to $MAKEFLAGS instead of passing down to submakes * build-depend on libcap-ng-dev (for virtfs-proxy-helper) [ Vagrant Cascadian ] * Add libcap-dev to Build-Depends to support virtfs-proxy-helper. -- Michael Tokarev Sun, 30 Dec 2012 01:52:21 +0400 qemu (1.1.2+dfsg-6a) unstable; urgency=low * reupload to remove two unrelated files slipped in debian/ -- Michael Tokarev Mon, 18 Mar 2013 10:09:37 +0400 qemu (1.1.2+dfsg-6) unstable; urgency=low * another bugfix for USB, upstream from early days of past-1.1. usb-split-endpoint-init-and-reset.patch. With certain redirected to guest USB devices, qemu process may crash: usb_packet_complete: Assertion `((&ep->queue)->tqh_first) == p' failed. The patch fixes this by de-coupling reset and complete paths. Big thanks goes to Joseph Price who found the fix by doing a reverse git bisection. (Closes: #701926) -- Michael Tokarev Mon, 18 Mar 2013 09:07:24 +0400 qemu (1.1.2+dfsg-5) unstable; urgency=low * fix USB regression introduced in 1.1 (Closes: #683983) uhci-don-t-queue-up-packets-after-one-with-the-SPD-flag-set.patch Big thanks to Peter Schaefer (https://bugs.launchpad.net/bugs/1033727) for the help identifying the fix. -- Michael Tokarev Mon, 14 Jan 2013 12:20:29 +0400 qemu (1.1.2+dfsg-4) unstable; urgency=medium * linux-user-fix-mips-32-on-64-prealloc-case.patch (Closes: #668658) * e1000-discard-oversized-packets-based-on-SBP_LPE.patch: the second half of the fix for CVE-2012-6075. (Finally Closes: #696051) -- Michael Tokarev Wed, 09 Jan 2013 23:05:17 +0400 qemu (1.1.2+dfsg-3) unstable; urgency=low * add build-dependency on libcap-dev [linux-any] to enable virtfs support which has been dropped in 1.1. (Closes: #677654) * intel_hda-do-not-call-msi_reset-when-only-device-state-needs-resetting.patch patch to fix Fixing reset of MSI function in intel-hda virtual device. The fix (applied to stable-1.1.1) was partially wrong, as it actually added the msi_reset() call to two code paths instead of one as planned. Fix this by splitting the function in question into two parts. (Closes: #688964) * blockdev-preserve-readonly-and-snapshot-states-across-media-changes.patch: allow opening of read-only cdrom images/devices (Closes: #686776) * ahci-properly-reset-PxCMD-on-HBA-reset.patch: fix windows install on ahci (Closes: #696052) * e1000-discard-packets-that-are-too-long-if-not-SBP-and-not-LPE.patch: discard too long rx packets which may overflow guest buffer (Closes: #696051) * eepro100-fix-network-hang-when-rx-buffers-run-out.patch: fix e100 stall (Closes: #696061) * fix possible network stalls/slowness in e1000 device emulation: net-notify-iothread-after-flushing-queue.patch e1000-flush-queue-whenever-can_receive-can-go-from-false-to-true.patch (Closes: #696063) * fixes-related-to-processing-of-qemu-s-numa-option.patch: fixes numa handling (Closes: #691343) * qcow2-fix-avail_sectors-in-cluster-allocation-code.patch: fixes data corruption in stacked qcow2 (Closes: #695905) * qcow2-fix-refcount-table-size-calculation.patch: another possible corruption or crash in qcow2 (Closes: #691569) * tap-reset-vnet-header-size-on-open.patch: always ensure tap device is in known state initially (Closes: #696057) * vmdk-fix-data-corruption-bug-in-WRITE-and-READ-handling.patch: possible data corruption bug in vmdk image format (Closes: #696050) -- Michael Tokarev Sun, 16 Dec 2012 23:08:40 +0400 qemu (1.1.2+dfsg-2) unstable; urgency=low * remove debian/patches/fix-armhf-prctl.patch, it is included upstream in 1.1.0 version and is misapplied since 1.1.0~rc3+dfsg-1. * drop -jN passing to downstream makes, as it breaks dpkg-buildpackage -j and actually breaks build (Closes: #597524 - said to be fixed in 0.14.1 but was still present) * add revert-serial-fix-retry-logic.patch that restores old (semi-)working behavour of a virtual serial port. -- Michael Tokarev Wed, 19 Sep 2012 13:54:05 +0400 qemu (1.1.2+dfsg-1) unstable; urgency=low [Michael Tokarev] * new upstream stable/bugfix release, fixing a LOT of bugs, including CVE-2012-3515 (Closes: #686973, #681985) * bump versioned depends of seabios to 1.7.0~, since this version ships kvmvapic.bin. * ship /usr/share/qemu/qemu-icon.bmp (Closes: #681317) * do not build-depend on ceph (librbd-dev librados-dev), since ceph is having longstanding issues in wheezy. * add tcg_s390-fix-ld_st-with-CONFIG_TCG_PASS_AREG0.patch - upstream fix to un-break s390[x] emulation code. Similar fixes were included for other platforms in 1.1.2 changeset. Without this fix, qemu is basically useless on s390. * document -netdev option in the manpage, a long-standing omission (net-add--netdev-options-to-man-page.patch) [Vagrant Cascadian] * qemu-system: Add symlinks for extboot.bin, kvmvapic.bin and vapic.bin to binaries shipped in seabios. Closes: #678217, #679004. * qemu-system: Remove dead link for ne2k_isa.rom, which is not included in ipxe. Closes: #679004. * qemu-system: Bump versioned openbios-sparc and openbios-ppc Depends to 1.0+svn1060, to ensure we use at least version which is used by upstream. Wheezy already has the right version, but we should not break partial upgrades. -- Michael Tokarev Sun, 09 Sep 2012 18:52:57 +0400 qemu (1.1.0+dfsg-1) unstable; urgency=low [ Vagrant Cascadian ] * New upstream release. (Closes: #655604, #655145) [ Michael Tokarev ] * do-not-include-libutil.h.patch - don't include libutil.h&Co when not needed. Fixes FTBFS on kFreebsd with recent libbsd-dev. * drop libbsd-dev support on kFreebsd - no longer needed. * do not build USB host support on kFreebsd (qemu uses obsolete, now removed, USB API). Use the same hack/technique as FreeBSD qemu port does -- changing HOST_USB to "stub" after configure run. -- Vagrant Cascadian Thu, 07 Jun 2012 13:44:26 -0700 qemu (1.1.0~rc3+dfsg-1) experimental; urgency=low * New upstream release candidate. * debian/patches: - Update 02_kfreebsd. - Remove dont-block-sigchld, applied upstream. - Update configure-nss-usbredir. - Update fix-armhf-prctl. * debian/rules: Remove --disable-darwin-user from configure, as it is no longer present. * Apply patch to qemu-make-debian-root to improve argument handling. (Closes: #671723). Thanks to Askar Safin. * qemu-utils: Add recommends on sharutils, used by qemu-make-debian-root (Closes: #660296). * Add Build-Depends on libusbredirparser-dev to support usbredir protocol. * Add Build-Depends on libbsd-dev for kfreebsd. -- Vagrant Cascadian Wed, 30 May 2012 20:24:59 -0700 qemu (1.0.1+dfsg-1) unstable; urgency=low [ Aurelien Jarno ] * New upstream stable version: - remove debian/patches/fix-malta-i8259 - remove debian/patches/qemu-ifunc-ppc.patch - remove debian/patches/x86-fix-cmpxchg.patch [ Michael Tokarev ] * apply patch to change backticks `` in debian/rules variables to $(shell) construct, by Allard Hoeve. (Closes: #660133) * depend on vgabios >= 0.6c-3~ not 0.6c-3, to assist backporting [ Hector Oron ] * Fix prctl syscall (Closes: #656926, #651083). [ Vagrant Cascadian ] * Update to Standards-Version 3.9.3, no changes necessary. -- Vagrant Cascadian Mon, 05 Mar 2012 13:05:14 -0800 qemu (1.0+dfsg-3) unstable; urgency=low [ Aurelien Jarno ] * Add a build-depends on libfdt-dev to enable some more emulated machines. * Really add binfmt support for s390x. [ Michael Tokarev ] * Depend on ipxe-qemu | ipxe (<< 1.0.0+git-20120202.f6840ba-2) after ipxe package split. This will probably need to be changed to just ipxe-qemu once it will be landed properly. [ Vagrant Cascadian ] * Apply patch to use dpkg-buildflags (Closes: #656276). Thanks to Moritz Muehlenhoff. -- Vagrant Cascadian Mon, 06 Feb 2012 17:56:15 -0800 qemu (1.0+dfsg-2) unstable; urgency=low [ Aurelien Jarno ] * Add patch from upstream to fix cmpxchg on x86. * Add patch to not link user builds with NSS (Closes: #648202). * Add binfmt support for s390x. * Bump depends on openbios-ppc and openbios-sparc on versions compatible with version 1.0. * Build on s390x (Closes: #651048). [ Vagrant Cascadian ] * qemu-make-debian-root: Fix argument processing to handle when both -s and -k are specified. Thanks to Mats Erik Andersson (Closes: #638047). * Add Patch from upstream to fix regression on malta with i8259 interrupts. * qemu-debootstrap: Add support for armhf and s390x. * debian/rules: remove config.log in the clean target. * qemu-make-debian-root: Use debootstrap's minbase variant, instead of a long list of excludes. -- Vagrant Cascadian Mon, 09 Jan 2012 16:01:17 -0800 qemu (1.0+dfsg-1) experimental; urgency=low * New upstream version. * Add build-dep on libxen-dev to enable xen support. * Add build-dep on libiscsi-dev to enable iscsi support. * Add patch from upstream to not block SIGCHLD (Closes: #618743). -- Vagrant Cascadian Fri, 30 Dec 2011 16:12:03 -0800 qemu (1.0~rc4+dfsg-1) experimental; urgency=low * New upstream version: - Fixes CVE-2011-4111. * remove patches applied upstream: - security/leftover.patch - Move_QEMU_INCLUDES_before_QEMU_CFLAGS - runnning-typo.patch * Install new qemu-system variants: xtensa, xtensaeb, alpha * debian/rules: Drop hack to rename "qemu" binary to "qemu-system-i386", as upstream now does the same. * Enable spice support on amd64: - Add Build-Depends: libspice-server-dev, libspice-protocol-dev * debian/rules: use dh_prep instead of "dh_clean -k", which is deprecated. * qemu-system: Bump dependency on seabios to 1.6.3~. -- Vagrant Cascadian Mon, 28 Nov 2011 23:40:24 -0800 qemu (0.15.1+dfsg-3) unstable; urgency=low * Add patch from upstream to fix FTBFS on ia64. -- Vagrant Cascadian Fri, 09 Dec 2011 23:48:21 -0800 qemu (0.15.1+dfsg-2) unstable; urgency=low * Add patch that fixes a buffer overrun (CVE-2011-4111). * Enable spice support on amd64: - Add Build-Depends: libspice-server-dev, libspice-protocol-dev * debian/rules: Use dh_prep instead of "dh_clean -k", which is deprecated. -- Vagrant Cascadian Mon, 28 Nov 2011 20:34:50 -0800 qemu (0.15.1+dfsg-1) unstable; urgency=low * New upstream version. -- Vagrant Cascadian Sun, 06 Nov 2011 10:37:31 -0800 qemu (0.15.0+dfsg-1) unstable; urgency=low * New upstream version. * Install new qemu-system, qemu-user and qemu-user-static variants: lm32, microblazeel, s390x, unicore32 * Patch from upstream to set QEMU_INCLUDES before QEMU_CFLAGS. * Update debian/watch to check http://qemu.org/download. -- Vagrant Cascadian Mon, 03 Oct 2011 12:29:18 -0700 qemu (0.15.0~rc2+dfsg-1) experimental; urgency=low * New upstream version. * qemu-debootstrap: Return the exit status of debootstrap instead of hard-coding a sucessful exit status. * Build-depend on librbd-dev. * Remove qemu-mipsel-debian-rootfs.patch, a variation was applied upstream. * Remove pcnet-ipxe patch, applied upstream. * Add Build-Depends on python. * Rename pxe rom symlinks to match upstream rename. -- Vagrant Cascadian Sun, 07 Aug 2011 13:27:43 +0200 qemu (0.14.1+dfsg-3) unstable; urgency=low [ Aurelien Jarno ] * Add patches/qemu-ifunc-ppc.patch and patches/qemu-ifunc-sparc.patch to fix FTBFS on ppc and sparc. [ Vagrant Cascadian ] * Apply patch to fix qemu-user-static mipsel emulation (Closes: #562887). * Drop support for esd (Closes: #633390). Thanks to Adrian Bunk. * Add dummy debian/rules build-indep/build-arch targets to resolve lintian warnings and future policy requirements. * Remove needless mention of "Author(s)" which triggers a lintian warning. * Fix maintainer-script-without-set-e lintian checks. * Fix hyphen-used-as-minus-sign lintian check for qemu-debootstrap manpage. -- Vagrant Cascadian Sat, 23 Jul 2011 10:18:37 +0200 qemu (0.14.1+dfsg-2) unstable; urgency=low * Add override for qemu-user-static binaries which embed needed libraries. * Add qemu-debootstrap manpage. * Add patch to fix typo in qemu-system-* (runnning -> running). * Update to Standards-Version 3.9.2, no changes necessary. -- Vagrant Cascadian Sat, 02 Jul 2011 22:29:17 -0700 qemu (0.14.1+dfsg-1) unstable; urgency=low * New upstream version. * Depend on ipxe instead of etherboot-qemu. * Add pcnet-ipxe.patch from upstream to fix ipxe with pcnet nic. * Add symlink for network boot with eepro100 cards (i82551, i82557b, i82559er). * Drop 01_rdb.patch, applied upstream. * Add support for building on armhf architecture. * Support debootstrap options that require arguments in qemu-debootstrap. Thanks to Stefano Rivera for the patch. Closes: #605660. -- Vagrant Cascadian Fri, 01 Jul 2011 22:49:40 -0700 qemu (0.14.0+dfsg-5.1) unstable; urgency=low * Non-maintainer upload. * Replace "librados1-dev" by "librados-dev" in Build-Dependencies. -- Mehdi Dogguy Fri, 29 Apr 2011 17:45:05 +0200 qemu (0.14.0+dfsg-5) unstable; urgency=low * Don't register qemu-mips(el) with binfmt on mips(el). Closes: #618369. -- Aurelien Jarno Thu, 17 Mar 2011 20:13:27 +0100 qemu (0.14.0+dfsg-4) unstable; urgency=low * Reupload without automatically generated patch debian-changes-0.14.0+dfsg-3. -- Aurelien Jarno Mon, 28 Feb 2011 15:10:04 +0100 qemu (0.14.0+dfsg-3) unstable; urgency=low [ Aurelien Jarno ] * Depends on vgabios (>= 0.6c-3) and add symlinks for qxl, stdvga and vmware bioses. Closes: #614252, #614169. * Tighten build-depends on linux-libc-dev to (>= 2.6.34), to get vhost-net support. * Build-depends on xfslibs-dev in order to get TRIM support on XFS filesystems. * Build-depends on librados1-dev to get rdb support. Closes: #614150. -- Aurelien Jarno Mon, 28 Feb 2011 09:06:00 +0100 qemu (0.14.0+dfsg-2) unstable; urgency=low [ Aurelien Jarno ] * Tighten dependencies on openbios-ppc, openbios-sparc and seabios to the versions in upstream 0.14.0. * patches/02_kfreebsd.patch: don't consider futimens/utimensat available if it is a stub. -- Aurelien Jarno Sun, 20 Feb 2011 00:36:20 +0100 qemu (0.14.0+dfsg-1) unstable; urgency=low [ Vagrant Cascadian ] * New upstream release candidate version. * qemu-user-static: - Drop binfmt support for emulating amd64 on i386, as it is broken and including it interferes with environments capable of running amd64 natively. Closes: #604712. - Remove binfmt support for installed targets in postinst before installing supported targets, to ensure no-longer-supported targets are actually removed. - Remove binfmt support for installed targets in prerm. [ Aurelien Jarno ] * Fix configuration files directory. Closes: #600735. * Enable AIO support. [ Vagrant Cascadian ] * Update debian/copyright to refer to upstream git repositry and clarify which binary blobs are removed to make the dfsg-free tarball. * Refresh debian/patches/security/leftover.patch. -- Vagrant Cascadian Fri, 18 Feb 2011 21:07:01 -0800 qemu (0.13.0+dfsg-2) experimental; urgency=low * Fix Build-Depends to exclude kfreebsd-any wildcards where appropriate. Thanks to Jon Severinsson. Closes: #592215 -- Vagrant Cascadian Sun, 24 Oct 2010 09:02:27 -0700 qemu (0.13.0+dfsg-1) experimental; urgency=low [ Aurelien Jarno ] * mips/mipsel binfmt registration: also match EI_ABIVERSION=1, used by OpenWRT. Closes: #591543. * Build-depends on libattr1-dev to enable VirtFS (9p) support. Closes: #592215. * Use architecture wildcards instead of explicit architecture list. [ Vagrant Cascadian ] * Switch to source format 3.0 (quilt). * New upstream version. * Drop 99_stable.diff, applied in new upstream version. * debian/watch: update to properly handle upstream rc versions. -- Vagrant Cascadian Mon, 18 Oct 2010 10:22:44 -0700 qemu (0.13.0~rc0+dfsg-2) experimental; urgency=low [ Aurelien Jarno ] * Add ia64 to the list of supported architectures. * Bump Standards-Version to 3.9.1 (no changes). * Update seabios, openbios-ppc and openbios-sparc dependencies. * Add 99_stable.diff to update from the stable-0.13 branch: - Fix sparc FTBFS. Closes: #591249. * Add qemu-debootstrap from Loïc Minier in qemu-static. Closes: #572952. -- Aurelien Jarno Tue, 03 Aug 2010 07:25:06 +0200 qemu (0.13.0~rc0+dfsg-1) experimental; urgency=low * New upstream release candidate version. * Do not configure audio drivers for qemu-user and qemu-user-static targets. * Remove patches: - 05_bochs_vbe, applied upstream. - 06_sh4, applied upstream. - 03_support_pselect_in_linux_user_arm, upstream implemented a simpler workaround. * Add Build-Depends on texinfo. * Drop libqemu-dev package. -- Vagrant Cascadian Thu, 29 Jul 2010 19:51:01 -0400 qemu (0.12.5+dfsg-3) unstable; urgency=medium * qemu-user-static: - Drop binfmt support for emulating amd64 on i386, as it is broken and including it interferes with environments capable of running amd64 natively. Closes: #604712. - Remove binfmt support for installed targets in postinst before installing supported targets, to ensure no-longer-supported targets are actually removed. - Remove binfmt support for installed targets in prerm. -- Vagrant Cascadian Sun, 28 Nov 2010 15:57:11 -0800 qemu (0.12.5+dfsg-2) unstable; urgency=low * mips/mipsel binfmt registration: also match EI_ABIVERSION=1, used by OpenWRT. Closes: #591543. * Update 99_stable.diff from the stable branch: - Fix windows XP boot with libvirt. Closes: bug#579166. -- Aurelien Jarno Tue, 17 Aug 2010 12:56:30 +0200 qemu (0.12.5+dfsg-1) unstable; urgency=low * New upstream stable version. * qemu-system: don't suggests kqemu-source. Closes: bug#589217. * qemu-keymaps: fix short description. -- Aurelien Jarno Fri, 23 Jul 2010 19:02:14 +0200 qemu (0.12.4+dfsg-4) unstable; urgency=high * Update debian/copyright. Closes: bug#588911. * Update 99_stable.diff from the stable branch: - Add documentation for the stdio signal option. Closes: bug#588514. * Split out keymaps in the qemu-keymaps package. Closes: bug#559174. * Bump Standards-Version to 3.9.0 (no changes). -- Aurelien Jarno Wed, 14 Jul 2010 15:13:04 +0200 qemu (0.12.4+dfsg-3) unstable; urgency=low * Update 99_stable.diff from the stable branch. -- Aurelien Jarno Wed, 16 Jun 2010 23:07:36 +0200 qemu (0.12.4+dfsg-2) unstable; urgency=low [ Vagrant Cascadian ] * qemu-system: Depend on etherboot-qemu package for PXE roms. Closes: #552406. [ Aurelien Jarno ] * Add 99_stable.diff to update from the stable branch. * Use --with-pkgversion to set the packaging version. -- Aurelien Jarno Wed, 02 Jun 2010 21:24:26 +0200 qemu (0.12.4+dfsg-1) unstable; urgency=low * New upstream stable version: - remove debian/patches/01_redir_doc.patch - remove debian/patches/04_cmd646.patch - update debian/patches/06_sh4.diff -- Aurelien Jarno Fri, 07 May 2010 19:43:48 +0200 qemu (0.12.3+dfsg-4) unstable; urgency=low * Add 05_bochs_vbe.diff backported from uptream to support vgabios 0.6c. * Add 06_sh4.diff containing a few SH4 specific fixes backported from upstream. -- Aurelien Jarno Fri, 09 Apr 2010 01:44:38 +0200 qemu (0.12.3+dfsg-3) unstable; urgency=low * Add symlink for seabios's multiboot.bin. * Change configure-stamp depends to non-phony target $(QUILT_STAMPFN). Closes: #574444. * Fix a crash in cmd646 bmdma code that can be triggered by the guest. Closes: #574539. * Explain that KQEMU support has been removed in qemu-system.NEWS. * Build-Conflicts with oss4-dev, as this package install a broken header. Closes: #575320. -- Aurelien Jarno Sat, 03 Apr 2010 17:07:23 +0200 qemu (0.12.3+dfsg-2) unstable; urgency=low [ Aurelien Jarno ] * Disable KVM support on PowerPC, as it needs at least 2.6.33 kernel headers. [ Vagrant Cascadian ] * Support pselect for linux-user arm target. Patch by Michael Casadevall. * Add symlink for seabios's linuxboot.bin to fix -kernel option. Thanks to Sami Liedes. Closes: #574174. * qemu-system: Switch back to using versioned dependencies for vgabios, bochsbios, openhackware, openbios-ppc and openbios-sparc rather than recommends/conflicts, to ensure a proper upgrade path. Closes: #573397. Reopens: #436094. -- Vagrant Cascadian Fri, 19 Mar 2010 09:31:29 -0700 qemu (0.12.3+dfsg-1) unstable; urgency=low [ Vagrant Cascadian ] * New upstream version: - Fix access to block devices on GNU/kFreeBSD. Closes: #558447. - Correctly update clock when waking up from sleep. Closes: #414165. - Slirp works with other network interfaces. Closes: #407702. - Add the possibility to specify a host to bind to with the -redir option. Closes: #366847. - Fix cirrus graphics card with windows 98. Closes: #522124. * Indicate repackaged upstream tarball by adding "+dfsg" to the version. Closes: #388740. * Remove second libgnutls-dev from build depends. * Update debian/watch with current location of tarball releases. * Drop binutils-gold patch, applied upstream. * Switch from bochsbios to seabios. Update bios.bin symlink and recommends/conflicts. * Bump Standards-Version to 3.8.4 (no changes). * Update my email address to vagrant@debian.org. [ Aurelien Jarno ] * Create a kvm group in postinst and set the group of /dev/kvm to kvm. Closes: #570544. * Add mips and mipsel to the list of supported architectures. * Add patches/01_redir_doc.patch to fix a mistake in the redirection documentation. * Add patches/02_kfreebsd.patch to use the legacy USB stack on GNU/kFreeBSD. * Force the depends from qemu on qemu-system, qemu-user and qemu-utils to (>= {source:Version}). * Update openbios related conflicts. -- Vagrant Cascadian Sun, 07 Mar 2010 09:20:43 -0800 qemu (0.11.1-2) unstable; urgency=low * Add versioned build-depends on etherboot. * Add PXE boot support for virtio network adapters. * Move qemu-make-debian-root to qemu-utils package, as it only produces disk images not useable by qemu-user. Lower recommends on debootstrap to suggests. Add Conflicts and Replaces on older versions of qemu-user. * Register /usr/bin/qemu with the alternatives system. Closes: #413840. * qemu: Add ${misc:Depends} so that debhelper can add dependencies if needed. -- Vagrant Cascadian Fri, 08 Jan 2010 09:26:11 -0800 qemu (0.11.1-1) unstable; urgency=low [ Aurelien Jarno ] * New upstream version. * Drop build-depends on libfreebsd-dev on GNU/kFreeBSD. * qemu: suggests qemu-user-static. * qemu-user-static: register QEMU with binfmt mecanism. Closes: #306637. * Bump conflicts on openbios-ppc to (<< 1.0+svn505-1). * Add 01-binutils-gold.diff to fix FTBFS with binutils-gold. Closes: #556301. * Add sparc64 support. * Use new roms location in etherboot package. [ Vagrant Cascadian ] * qemu-utils, qemu-user, qemu-system: Set both Conflicts and Replaces for older versions of qemu to ensure proper upgrade path. * Add versioned build-dep on linux-libc-dev to ensure that KVM support is enabled. * qemu-system: Lower dependencies on vgabios, bochsbios, openhackware, openbios-ppc and openbios-sparc to recommends. Conflict with versions that are incompatible. Closes: #436094. * qemu-utils: Tighten the versioned conflicts with kvm, as not all older versions actually conflict. * qemu-make-debian-root: Apply modified patch from Nicolas Boulenguez that documents usage of -s, exits on error, and mentions that it is normally run as root. Closes: #447034. -- Aurelien Jarno Sun, 27 Dec 2009 12:09:11 +0100 qemu (0.11.0-6) unstable; urgency=low * Update from stable-0.11 branch. * qemu-utils: add Replaces: qemu (<< 0.11.0-2). Closes: #556627, #556860. -- Aurelien Jarno Fri, 20 Nov 2009 08:24:32 +0100 qemu (0.11.0-5) unstable; urgency=low * Change the Conflicts: into Replaces: to handle the move of /etc/ifup from one package to another correctly. Tighten the version. Closes: #556627. -- Aurelien Jarno Wed, 18 Nov 2009 16:30:39 +0000 qemu (0.11.0-4) unstable; urgency=low [ Aurelien Jarno ] * Update from stable-0.11 branch. * Default to alsa before OSS. Closes: #451234. [ Vagrant Cascadian ] * Updated Vcs-Git to a url more likely to work with debcommit. -- Aurelien Jarno Wed, 18 Nov 2009 16:26:17 +0100 qemu (0.11.0-3) unstable; urgency=low * qemu-system, qemu-user: fix conflicts version. Closes: #556627. * qemu-utils: conflicts with kvm (<= 85+dfsg-4.1), as it also provides qemu-io. -- Aurelien Jarno Tue, 17 Nov 2009 09:49:24 +0100 qemu (0.11.0-2) unstable; urgency=low * Update from stable-0.11 branch. * Move qemu-user.1 and qemu-make-debian-root.8 to the qemu-user package. * Add build-depends on uuid-dev. * Use a specific install file for qemu-utils on GNU/kFreeBSD. * Call dh_install with -s. -- Aurelien Jarno Tue, 17 Nov 2009 09:11:29 +0100 qemu (0.11.0-1) unstable; urgency=low [ Aurelien Jarno ] * New upstream version. - Documents virtio NIC. Closes: #541182. - Increase the maximum TCG op a target instruction op can expand to. Closes: #530645, #542297. - KVM is enabled by default. Closes: #520894. - Fix CVE-2009-3616. Closes: #553589. * Drop 65_kfreebsd.patch. * Split the qemu package and use out of tree building. Based on a patch from Vagrant Cascadian. Closes: #524774. * Only recommends debootstrap for qemu-user and qemu-user static. Closes: #543356. * Remove /usr/share/qemu/proll.elf. Closes: bug#542247. * Add build-depends on libcurl4-gnutls-dev, libgnutls-dev and libsasl2-dev to enable new upstream features. * Bump Standards-Version to 3.8.3 (no changes). * Update Vcs-* fields to point to the new git repository. * Add Vagrant Cascadian to uploaders, and set DM-Upload-Allowed to yes. -- Aurelien Jarno Mon, 26 Oct 2009 10:17:57 +0000 qemu (0.10.50+git20090729-1) experimental; urgency=low [ Josh Triplett ] * Remove myself from Uploaders. [ Riku Voipio ] * new upstream RC version * nuke all linux-user patches (applied upstream) 06_exit_segfault 12_signal_powerpc_support 21_net_soopts 30_syscall_ipc 32_syscall_sysctl 35_syscall_sockaddr 48_signal_terminate 55_unmux_socketcall * nuke all other applied-upstream patches 01_nostrip (better version upstream) 07_i386_exec_name (can be reintroduced in debian/rules) 50_linuxbios_isa_bios_ram (shouldn't be needed anymore) 51_linuxbios_piix_ram_size (applied) 56_dhcp (crap) 60_ppc_ld (reintroduce if needed) 64_ppc_asm_constraints (ditto) 66_tls_ld.patch (ditto) 81_compile_dtb.patch (applied upstream) 82_qemu-img_decimal (ditto) * move to git * simplify build rules * Correct my email address -- Riku Voipio Wed, 29 Jul 2009 13:28:05 +0300 qemu (0.10.6-1) unstable; urgency=low [ Josh Triplett ] * Remove myself from Uploaders. [ Aurelien Jarno ] * New upstream version. * Bump Standards-Version to 3.8.2 (no changes). * Update debian/watch (closes: bug#538781). -- Aurelien Jarno Fri, 31 Jul 2009 15:25:36 +0200 qemu (0.10.5-1) unstable; urgency=low * New upstream version. -- Aurelien Jarno Sun, 24 May 2009 16:15:35 +0200 qemu (0.10.4-1) unstable; urgency=low * New upstream version. * debian/NEWS.Debian: new file, describing the cache policy options (closes: bug#526832). * debian/patches/70_versatile_memsize.patch: new patch to set a upper limit on the memory size of the versatile boards (closes: bug#527264). -- Aurelien Jarno Tue, 12 May 2009 18:31:29 +0200 qemu (0.10.3-1) unstable; urgency=low * New upstream version. * Tighten dependency on bochsbios. -- Aurelien Jarno Sat, 02 May 2009 10:14:21 +0200 qemu (0.10.2-2) unstable; urgency=low * Add missing comma in build-depends (closes: bug#524207). * Tighten dependency on vgabios. -- Aurelien Jarno Wed, 15 Apr 2009 22:30:43 +0200 qemu (0.10.2-1) unstable; urgency=low [ Aurelien Jarno ] * New upstream stable release. -- Aurelien Jarno Tue, 07 Apr 2009 07:37:15 +0200 qemu (0.10.1-1) unstable; urgency=low [ Aurelien Jarno ] * New upstream stable release: - patches/80_stable-branch.patch: remove. * debian/control: - Remove depends on proll. - Move depends on device-tree-compiler to build-depends. - Bump Standards-Version to 3.8.1 (no changes). * patches/82_qemu-img_decimal.patch: new patch from upstream to make qemu-img accept sizes with decimal values (closes: bug#501400). -- Aurelien Jarno Sun, 22 Mar 2009 10:13:17 +0100 qemu (0.10.0-1) unstable; urgency=low [ Aurelien Jarno ] * New upstream release: - Fix fr-be keyboard mapping (closes: bug#514462). - Fix stat64 structure on ppc-linux-user (closes: bug#470231). - Add a chroot option (closes: bug#415996). - Add evdev support (closes: bug#513210). - Fix loop on symlinks in user mode (closes: bug#297572). - Bump depends on openbios-sparc. - Depends on openbios-ppc. - Update 12_signal_powerpc_support.patch. - Update 21_net_soopts.patch. - Drop 44_socklen_t_check.patch (merged upstream). - Drop 49_null_check.patch (merged upstream). - Update 64_ppc_asm_constraints.patch. - Drop security/CVE-2008-0928-fedora.patch (merged upstream). - Drop security/CVE-2007-5730.patch (merged upstream). * patches/80_stable-branch.patch: add patches from stable branch: - Fix race condition between signal handler/execution loop (closes: bug#474386, bug#501731). * debian/copyright: update. * Compile and install .dtb files: - debian/control: build-depends on device-tree-compiler. - debian/patches/81_compile_dtb.patch: new patch from upstream. - debian/rules: compile and install bamboo.dtb and mpc8544.dtb. -- Aurelien Jarno Sat, 07 Mar 2009 06:20:34 +0100 qemu (0.9.1+svn20090104-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. * Disable security/CVE-2008-0928-fedora.patch, it still breaks qcow format. -- Aurelien Jarno Sun, 04 Jan 2009 16:31:40 +0100 qemu (0.9.1+svn20081223-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. - Fix CVE-2008-2382 * Update patches/48_signal_terminate.patch. * debian/rules: remove upstream flags from CFLAGS. -- Aurelien Jarno Tue, 23 Dec 2008 14:51:25 +0100 qemu (0.9.1+svn20081214-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. - Fix jmp im on x86_64 when executing 32-bit code. Fix grub installation (Closes: bug#467148). -- Aurelien Jarno Sun, 14 Dec 2008 23:26:04 +0100 qemu (0.9.1+svn20081207-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. - Do not depend on gcc-3.4 anymore (Closes: bug#440425, bug#463066). - Fix broken display introduced by CVE-2007-1320 (Closes: bug#422578). * debian/control: remove build-dependency on gcc-3.4. * debian/rules: remove code for dyngen targets. * Split 90_security.patch into - security/CVE-2007-5730.patch - security/leftover.patch * Replace 91_security.patch by security/CVE-2008-0928-fedora.patch taken from fedora repository and enable it (Closes: #469649). [ Riku Voipio ] * 2 patches gone, 19 to go: - 10_signal_jobs.patch: drop, merged upstream - 11_signal_sigaction.patch: drop, merged upstream - series: update -- Aurelien Jarno Sun, 07 Dec 2008 19:40:09 +0100 qemu (0.9.1+svn20081128-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. - Include documentation for network downscript option (Closes: bug#506994). - Drop 00_bios.patch and pass --disable-blobs instead. - Update 12_signal_powerpc_support.patch. [ Riku Voipio ] * Drop 31_syscalls.patch as it makes no sense using host uselib to load target code into qemu's host memoryspace. -- Aurelien Jarno Sat, 29 Nov 2008 09:04:41 +0100 qemu (0.9.1+svn20081112-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. - does not need a disk image anymore (Closes: bug#260935). - 53_openbios_size.patch: drop (merged upstream). - 90_security: update. * debian/control: depend on openbios-sparc (>= 1.0~alpha2+20081109) (Closes: bug#502411, bug#502414). -- Aurelien Jarno Sun, 09 Nov 2008 14:42:37 +0100 qemu (0.9.1+svn20081101-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. - fix a heap overflow in Cirrus emulation (CVE-2008-4539). - 50_linuxbios_isa_bios_ram.patch: update. - 90_security.patch: update. -- Aurelien Jarno Sat, 01 Nov 2008 09:26:45 +0100 qemu (0.9.1+svn20081023-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. - 12_signal_powerpc_support.patch: update. - 50_linuxbios_isa_bios_ram.patch: update. -- Aurelien Jarno Thu, 23 Oct 2008 21:34:26 +0200 qemu (0.9.1+svn20081016-1) experimental; urgency=low [ Aurelien Jarno ] * New upstream snapshot. * patches/31_syscalls.patch: remove parts merged upstream. * debian/qemu-make-debian-root: - Fix bug introduced when fixing bug#496394 (Closes: bug#502325). -- Aurelien Jarno Mon, 13 Oct 2008 23:11:15 +0200 qemu (0.9.1+svn20081012-1) experimental; urgency=low [ Riku Voipio ] * Add a bunch of patches from scratchbox - 44_socklen_t_check work better with badbehavin net apps - 48_signal_terminate make qemu binary terminate on signals as expected - 49_null_checks don't bother some syscalls when null/zero is passed [ Aurelien Jarno ] * New upstream snapshot. - alpha is now a TCG target. - comma has been added to sendkey (closes: bug#414342). * patches/31_syscalls.patch: remove parts merged upstream. * patches/39_syscall_fadvise64.patch: remove (merged upstream). * patches/90_security.patch: remove parts merged upstream. * debian/control: build-depends on libbluetooth-dev. -- Aurelien Jarno Sun, 12 Oct 2008 18:46:54 +0200 qemu (0.9.1+svn20080905-1) experimental; urgency=low * New upstream snapshot. - SH4 is now a TCG target. * debian/watch: update URL location. -- Aurelien Jarno Tue, 02 Sep 2008 01:43:24 +0200 qemu (0.9.1+svn20080826-1) experimental; urgency=low * New upstream snapshot. * debian/qemu-make-debian-root: - Use mktemp instead of $$ to create temporary directories (Closes: bug#496394). * Ship a libqemu-dev package (Closes: bug#451618). -- Aurelien Jarno Tue, 26 Aug 2008 09:55:36 +0200 qemu (0.9.1+svn20080822-1) experimental; urgency=low * New upstream snapshot. - Focus to monitor to ask password (Closes: bug#473240). - TCG SPARC host support (Closes: bug#450817). - Check KQEMU availability before allocating memory (Closes: bug#414566). - Fix dead keys (Closes: bug#489594). - Fix ES1370 emulation (Closes: bug#494462). - New USB UHCI implemnation (Closes: bug#457651). - Add debian/patches/00_bios.patch. - Remove debian/patches/02_snapshot_use_tmpdir.patch (merged). - Remove debian/patches/04_do_not_print_rtc_freq_if_ok.patch (merged). - Remove patches/05_non-fatal_if_linux_hd_missing.patch (merged). - Update debian/patches/07_i386_exec_name.patch - Update debian/patches/12_signal_powerpc_support.patch - Remove debian/patches/33_syscall_ppc_clone.patch (merged differently). - Remove debian/patches/41_arm_fpa_sigfpe.patch (merged). - Remove debian/patches/42_arm_tls.patch (merged differently). - Update debian/patches/55_unmux_socketcall.patch. - Remove debian/patches/63_sparc_build.patch (useless). - Update debian/patches/65_kfreebsd.patch. - Update debian/patches/66_tls_ld.patch. - Remove debian/patches/70_manpage.patch (merged). - Remove debian/patches/71_doc.patch (merged). - Remove debian/patches/80_ui_curses.patch (merged). - Remove debian/patches/81_mips32r2_fpu.patch (merged). - Remove debian/patches/82_mips_abs.patch (merged). - Remove debian/patches/83_usb-serial.patch (merged). - Remove debian/patches/84_rtl8139.patch (merged). - Remove debian/patches/85_vvfat.patch (merged). - Remove debian/patches/86_df.patch (merged). - Remove debian/patches/87_eoi.patch (merged). - Remove debian/patches/88_dma.patch (merged). - Remove debian/patches/89_braille.patch (merged). - Remove debian/patches/92_no_shutdown.patch (merged). - Remove debian/patches/93_tmpfs.patch (merged). - Remove debian/patches/94_security.patch (merged). * debian/README.source: new file. * debian/patches/*: convert to patchlevel 1 (Closes: bug#484963). * debian/control: - Add build-depends on libesd0-dev. - Add build-depends on libpulse-dev. - Add build-depends on libvdeplug2-dev. - Add build-depends on etherboot. - Update list of supported targets (Closes: bug#488339). - Suggests kqemu-source. - Bump Standards-Version to 3.8.0. * debian/links: - Add missing manpage symlinks. * debian/rules: - Enable audio drivers depending on the system. - Enable DYNGEN targets depending on the system. - Install PXE bios from etherboot (Closes: bug#412010). - Don't ignore make clean errors. - Don't build DYNGEN targets on kfreebsd-amd64 (Closes: bug#494353). * debian/patches/22_net_tuntap_stall.patch: remove (outdated). -- Aurelien Jarno Fri, 22 Aug 2008 01:00:54 +0200 qemu (0.9.1-5) unstable; urgency=high [ Guillem Jover ] * Add Homepage field. * Add Vcs-Browser and Vcs-Svn fields. * Remove packaging repository information from debian/copyright. * Add former package co-maintainers to debian/copyright. * Serialize patch and configure steps in debian/rules to support parallel builds, as we are patching configure. * Remove myself from Uploaders. [ Aurelien Jarno ] * debian/patches/70_manpage.patch: remove curses documentation, it is already in debian/patches/80_ui_curses.patch (Closes: bug#477369). * debian/patches/94_security.patch: add format= to drive options (CVE-2008-2004). -- Aurelien Jarno Mon, 28 Apr 2008 21:54:12 +0200 qemu (0.9.1-4) unstable; urgency=high * debian/patches/52_ne2000_return.patch: drop, the patch is wrong. * Backports from upstream: - Typo in curses_keys.h - Documentation for the -curses option - Fix broken absoluteness check for cabs.d.*. - USB-to-serial device. - rtl8139: fix endianness on big endian targets - restore rw support for vvfat - x86-64: recompute DF after eflags has been modified when emulating SYSCALL - ignore reads to the EOI register - IDE: Improve DMA transfers by increasing the buffer size - Braille device support - Add -no-shutdown option (Closes: #326406) - Ask to use "mount -o remount" instead of "umount" and "mount" /dev/shm (Closes: #476539). * debian/qemu.doc-base: fix section. -- Aurelien Jarno Sun, 20 Apr 2008 23:29:42 +0200 qemu (0.9.1-3) unstable; urgency=low [ Aurelien Jarno ] * debian/patches/42_arm_tls.patch: fix to get qemu-system-arm working again. (Closes: #471722). * debian/patches/56_dhcp.patch: fix DHCP server to correctly support MS-Windows guests. (Closes: #471452). -- Aurelien Jarno Wed, 19 Mar 2008 18:58:29 +0100 qemu (0.9.1-2) unstable; urgency=low [ Aurelien Jarno ] * debian/patches/80_ui_curses.patch: pull new patch from upstream CVS (Closes: #442274). * debian/patches/65_kfreebsd.patch: link with -lfreebsd. (Closes: #465932). * debian/patches/81_mips32r2_fpu.patch: patch pulled from upstream to fix FPU issue on MIPS32R2. * debian/patches/42_arm_tls.patch: reenable, mistakenly disabled in the previous upload. (Closes: #469743). * debian/rules: fix parallel building. (Closes: #469981). * debian/patches/07_i386_exec_name.patch: install the i386 emulator as qemu-system-i386, and change qemu into a link pointing to the i386 version. * debian/README.Debian: add notes about qemu-system-ppc and video.x (Closes: #388735). * debian/patches/70_manpage.patch: describe the -curses option. (Closes: #433658). * debian/patches/71_doc.patch: fix the monitor change option. (Closes: #467106). * debian/patches/35_syscall_sockaddr.patch: fix sockaddr (Closes: #469351). * debian/patches/43_arm_cpustate.patch: disable (Closes: #444171). -- Aurelien Jarno Mon, 17 Mar 2008 01:29:03 +0100 qemu (0.9.1-1) unstable; urgency=low [ Aurelien Jarno ] * New upstream version. (Closes: #459801) - Supports s390 host. (Closes: #441119) - Fix PCI bar allocation. (Closes: #413315) - Fix typo in keys name. (Closes: #426181) - Fix segfault of qemu-i386 (Closes: #446868). - debian/control: bump depends on openbios-sparc to >= 1.0~alpha2+20080106. - debian/patches/02_snapshot_use_tmpdir.patch: Refreshed. - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. - debian/patches/06_exit_segfault.patch: Likewise. - debian/patches/10_signal_jobs.patch: Likewise. - debian/patches/11_signal_sigaction.patch: Likewise. - debian/patches/12_signal_powerpc_support.patch: Likewise. - debian/patches/21_net_soopts.patch: Likewise. - debian/patches/30_syscall_ipc.patch: Likewise. - debian/patches/31_syscalls.patch: Likewise. - debian/patches/32_syscall_sysctl.patch: Likewise. - debian/patches/33_syscall_ppc_clone.patch: Likewise. - debian/patches/35_syscall_sockaddr.patch: Likewise. - debian/patches/41_arm_fpa_sigfpe.patch: Likewise. - debian/patches/42_arm_tls.patch: Likewise. - debian/patches/50_linuxbios_isa_bios_ram.patch: Likewise - debian/patches/51_linuxbios_piix_ram_size.patch: Likewise - debian/patches/61_safe_64bit_int.patch: Removed, merged upstream. - debian/patches/63_sparc_build.patch: Refreshed. - debian/patches/80_ui_curses.patch: Likewise. * debian/patches/90_security.patch: fix 64-bit overflow. (Closes: #425634) * debian/qemu-make-debian-root: add a -s option to create sparse image. (Closes: #322325) * debian/control: bump depends on bochsbios to >= 2.3.5-1. Use BIOS-qemu-latest instead of BIOS-bochs-latest. (Closes: #402289, #442822) * debian/rules: build the non-dyngen part with default gcc. * debian/rules: support DEB_BUILD_OPTIONS="parallel=n". * debian/patches/70_manpage.patch: describe the arguments of the -usbdevice option in the manpage. (Closes: #443801) * debian/control: now using Standards-Version 3.7.3 (no changes needed). * debian/control: build-depends on libgnutls-dev to enable TLS support in VNC. * debian/patches/01_nostrip.patch: don't strip binaries during make install. (Closes: #437866) * debian/patches/53_openbios_size.patch: increase maximum prom size to support latest openbios. -- Aurelien Jarno Mon, 28 Jan 2008 21:24:14 +0100 qemu (0.9.0+20070816-1) unstable; urgency=low [ Guillem Jover ] * New upstream snapshot. - Fix hang on ARM during Etch installation. (Closes: #430164) - Fix data corruption with qcow 2. (Closes: #440296) - Fix errors with raw images > 4 GiB. (Closes: #425634) - debian/patches/01_typo_qemu-img.patch: Removed, merged upstream. - debian/patches/03_machines_list_no_error.patch: Likewise. - debian/patches/36_syscall_prctl.patch: Likewise. - debian/patches/37_syscall_mount.patch: Likewise. - debian/patches/38_syscall_semctl.patch: Likewise. - debian/patches/40_sparc_fp_to_int.patch: Likewise. - debian/patches/44_arm_eabi_built_on_64bit_arches.patch: Likewise. - debian/patches/62_linux_boot_nasm.patch: Likewise. - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Synced. - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. - debian/patches/31_syscalls.patch: Likewise. - debian/patches/35_syscall_sockaddr.patch: Likewise. - debian/patches/42_arm_tls.patch: Likewise. - debian/patches/43_arm_cpustate.patch: Likewise. - debian/patches/51_linuxbios_piix_ram_size.patch: Likewise. - debian/patches/55_unmux_socketcall.patch: Likewise. - debian/patches/60_ppc_ld.patch: Likewise. - debian/patches/65_kfreebsd.patch: Likewise. - debian/patches/80_ui_curses.patch: Likewise. - debian/patches/90_security.patch: Likewise. * Remove Elrond and Guilherme de S. Pastore from Uploaders, with their permission, and add Aurelien Jarno and Riku Voipio. * Remove Tag field, this is better maintained outside of the package. * Add openbios-sparc64 to qemu_bios_files in debian/rules. [ Aurelien Jarno ] * Fix FTBFS on amd64. (Closes: #434296) - Drop debian/patches/34_syscalls_types.patch * debian/control: - Suggest samba. (Closes: #430368) * Add OpenBIOS for sparc. (Closes: #407076) - debian/control: depends on openbios-sparc. - debian/links: provide symlinks in /usr/share/qemu. -- Guillem Jover Tue, 04 Sep 2007 04:04:47 +0300 qemu (0.9.0-2) unstable; urgency=high [ Guillem Jover ] * Fix several security issues. (Closes: #424070) Thanks to Tavis Ormandy . - Cirrus LGD-54XX "bitblt" heap overflow. CVE-2007-1320 - NE2000 "mtu" heap overflow. - QEMU "net socket" heap overflow. - QEMU NE2000 "receive" integer signedness error. CVE-2007-1321 - Infinite loop in the emulated SB16 device. - Unprivileged "aam" instruction does not correctly handle the undocumented divisor operand. CVE-2007-1322 - Unprivileged "icebp" instruction will halt emulation. CVE-2007-1322 - debian/patches/90_security.patch: New file. * Enable adlib audio emulation. (Closes: #419170) * Fix structure padding for target_eabi_flock64 when built for a 64 bit architecture. (Closes: #414799) Thanks to Stuart Anderson . - debian/patches/44_arm_eabi_built_on_64bit_arches.patch: New file. * Fix qemu to be able to use LinuxBios. (Closes: #412212) Thanks to Ed Swierk . - debian/patches/50_linuxbios_isa_bios_ram.patch: New file. - 51_linuxbios_piix_ram_size.patch: Likewise. * Fix segfault when booting a Linux kernel w/o a disk image, by exiting but clarifying the message, as to use '/dev/null'. (Closes: #409817, #411780) Thanks to Robert Millan . - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Updated. * Fix segfault by using addrlen instead of target_addrlen in do_getpeername()/do_getsockname(). (Closes: #411910) Thanks to Stuart Anderson . - debian/patches/35_syscall_sockaddr.patch: Updated. * Fix semctl() for 32 bit targets on 64 bit hosts. (Closes: #414809) Thanks to Stuart Anderson . - debian/patches/38_syscall_semctl.patch: New file. * Remove Elrond from Uploaders with consent, always welcome to join back anytime. -- Guillem Jover Wed, 16 May 2007 08:08:31 +0300 qemu (0.9.0-1) experimental; urgency=low [ Guillem Jover ] * New upstream release. (Closes: #409989) - Support for relative paths in backing files for disk images. (Closes: #390446) - debian/patches/01_doc_typos.patch: Removed, merged upstream. - debian/patches/38_syscall_arm_statfs64.patch: Likewise. - debian/patches/51_serial_small_divider.patch: Likewise. - debian/patches/67_ppc_ftbfs.patch: Likewise. - debian/patches/21_net_soopts.patch: Synced. - debian/patches/30_syscall_ipc.patch: Likewise. - debian/patches/31_syscalls.patch: Likewise. - debian/patches/35_syscall_sockaddr.patch: Likewise. - debian/patches/39_syscall_fadvise64.patch: Likewise. - debian/patches/42_arm_tls.patch: Likewise. - debian/patches/55_unmux_socketcall.patch: Likewise. - debian/patches/80_ui_curses.patch: Likewise. * Update the copyright information. * The ACPI initialization code has been moved to bochsbios. - debian/patches/acpi-dsdt.hex: Removed. - debian/rules: Do not install acpi-dsdt.hex. * Add more files to the list of roms removed from the tarball needed to be touched so that upstream 'make install' does not fail. * Added armeb and armel to Architecture fields and libgpmg1-dev Build-Depends. * Recommend vde2 instead of the transitional vde package. (Closes: #407251) * Fix typo in qemu-img output. (Closes: #408542) - debian/patches/01_typo_qemu-img.patch: New file. Thanks to Adam Buchbinder . * Symlink qemu-user(1) to qemu-m68k(1). * Reduce redundancy in qemu-user(1) synopsis. * Fix rounding in sparc floating point to integer conversions. - debian/patches/40_sparc_fp_to_int.patch: New file. Thanks to Aurelien Jarno . -- Guillem Jover Thu, 8 Feb 2007 01:01:29 +0200 qemu (0.8.2-5) unstable; urgency=low [ Guillem Jover ] * Added a missing part to the ARM NPTL support patch, initially lost. - debian/patches/42_arm_tls.patch: Updated. -- Guillem Jover Tue, 16 Jan 2007 11:44:00 +0200 qemu (0.8.2-4) unstable; urgency=medium [ Guillem Jover ] * Disable using iasl for now until it's ported to big-endian systems and include a locally built acpi-dsdt.hex file. -- Guillem Jover Sun, 3 Dec 2006 21:10:23 +0200 qemu (0.8.2-3) unstable; urgency=low [ Guillem Jover ] * Hopefully really fix powerpc FTBFS. -- Guillem Jover Sun, 5 Nov 2006 17:09:53 +0200 qemu (0.8.2-2) unstable; urgency=low [ Guillem Jover ] * Update Tag field to match new debtags vocabulary. * Clean properly. (Closes: #390166) - Remove the acpi generated files and the docs. - Revert the docs regeneration forcing logic. Thanks to Anderson Lizardo . * On install use DESTDIR instead of specifying all paths. (Closes: #396139) Thanks to Anderson Lizardo . * Port to GNU/kFreeBSD. (Closes: #327622) - Disable ALSA on non-linux systems. - Add a Build-Depends on libfreebsd-dev on kfreebsd systems. - Add kfreebsd-i386 and kfreebsd-amd64 to the Architecture field. - debian/patches/65_kfreebsd.patch: New file. Thanks Petr Salinger . * In qemu-make-debian-root do not explicitely install in aptitude and libsigc++-1.2-5c102, they are pulled now by default. And do not remove aptitude afterwards. (Closes: #392481) Thanks to Ted Percival . * Add experimental ncurses ui support. (Closes: #369462) - debian/patches/80_ui_curses.patch: New file. Thanks to Andrzej Zaborowski . * Add SO_PEERCRED and SO_SNDTIMEO support, and fix accept syscall when being passed NULL pointers. - debian/patches/21_net_sockopts.patch: Renamed to ... - debian/patches/21_net_soopts.patch: ... here. Modify. Thanks to Pablo Virolainen. * Add a fadvise64 syscall stub. - debian/patches/39_syscall_fadvise64.patch: New file. Thanks to Pablo Virolainen. * Add EABI unmuxed socket syscalls. - debian/patches/55_unmux_socketcall.patch: New file. Thanks to Riku Voipio. * Add TLS sections to the ARM and x86 linker scripts so that qemu user emulators can be linked statically. - debian/patches/66_tls_ld.patch: New file. * Move the documentation of the binary blob removals from the original upstream tarball from README.Debian to debian/copyright. * Reword the emphasis on "FAST!" from the package description. * Fix FTBFS on powerpc by adding the missing fp_status variable to the int32_to_float32 function calls. - debian/patches/67_ppc_ftbfs.patch: New file. -- Guillem Jover Sun, 5 Nov 2006 08:48:27 +0200 qemu (0.8.2-1) unstable; urgency=low [ Guillem Jover ] * New upstream release. (Closes: #379461, #385029, #388810) - Add ACPI BIOS emulation support. (Closes: #372533) - Fix mouse invisible wall when using Windows XP. (Closes: #384666) - debian/patches/01_doc_typos.patch: Sync. - debian/patches/03_machines_list_no_error.patch: Likewise. - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. - debian/patches/06_exit_segfault.patch: Likewise. - debian/patches/12_signal_powerpc_support.patch: Likewise. - debian/patches/21_net_sockopt.patch: Likewise. - debian/patches/22_net_tuntap_stall.patch: Likewise. - debian/patches/30_syscall_ipc.patch: Likewise. - debian/patches/31_syscalls.patch: Likewise. - debian/patches/32_syscall_sysctl.patch: Likewise. - debian/patches/33_syscall_ppc_clone.patch: Likewise. - debian/patches/35_syscall_sockaddr.patch: Likewise. - debian/patches/36_syscall_prctl.patch: Likewise. - debian/patches/37_syscall_mount.patch: Likewise. - debian/patches/41_arm_fpa_sigfpe.patch: Likewise. - debian/patches/42_arm_tls.patch: Likewise. - debian/patches/61_safe_64bit_int.patch: Likewise. - debian/patches/63_sparc_build.patch: Likewise. - debian/patches/50_missing_keycodes.patch: Removed, integrated upstream. * Switch to quilt: - debian/control: Add quilt (>= 0.40) to Build-Depends. - debian/patches/series: New file. - debian/patch.mk: Removed. - debian/rules: Include '/usr/share/quilt/quilt.make' instead of 'debian/patch.mk'. * Build the ACPI Source Language files with iasl. * Add a Tag field to the binary package, using data from debtags. * Add 2006 to the debian/copyright years. * Add a Recommends on vde. (Closes: #386780) * Fix spelling error in package description (peripherials -> peripherals). (Closes: #388700) Thanks to Rakesh 'arky' Ambati . * Fix ne2000_can_receive return code to 0 when the command is STOP. (Closes: #386209) - debian/patches/52_ne2000_return.patch: New file. Thanks to Samuel Thibault . * Document the binary blob removals from the original upstream tarball in README.Debian. (Closes: #388740) -- Guillem Jover Mon, 25 Sep 2006 04:16:25 +0300 qemu (0.8.1-1) unstable; urgency=low [ Guillem Jover ] * New upstream release. (Closes: #366955, #366637) - debian/patches/01_doc_typos.patch: Sync. - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. - debian/patches/12_signal_powerpc_support.patch: Likewise. - debian/patches/21_net_sockopt.patch: Likewise. - debian/patches/22_net_tuntap_stall.patch: Likewise. - debian/patches/30_syscall_ipc.patch: Likewise. - debian/patches/31_syscalls.patch: Likewise. - debian/patches/32_syscall_sysctl.patch: Likewise. - debian/patches/33_syscall_ppc_clone.patch: Likewise. - debian/patches/35_syscall_sockaddr.patch: Likewise. - debian/patches/36_syscall_prctl.patch: Likewise. - debian/patches/37_syscall_mount.patch: Likewise. - debian/patches/41_arm_fpa_sigfpe.patch: Likewise. - debian/patches/42_arm_tls.patch: Likewise. - debian/patches/43_arm_cpustate.patch: Likewise. - debian/patches/50_missing_keycodes.patch: Likewise. - debian/patches/51_serial_small_divider.patch: Likewise. - debian/patches/61_safe_64bit_int.patch: Likewise. - debian/patches/63_sparc_build.patch: Likewise. - debian/patches/40_arm_nwfpe_cpsr.patch: Removed, integrated upstream. * Make the patch system apply the patch on the first run. - debian/patches/64_ppc_asm_constraints.patch: Add DPATCHLEVEL. * Document how to use the images created with qemu-make-debian-root in the man page. Thanks to Jacobo . (Closes: #343450) * Add support for the -snapshot option to use the TMPDIR evironment variable. (Closes: #353880) - debian/patches/02_snapshot_use_tmpdir.patch: New file. * Do not exit with an error when using '-M ?'. (Closes: #365209) - debian/patches/03_machines_list_no_error.patch: New file. * Added symlink for system-mipsel emulator man page. * Build and clean the pc-bios directory. * Avoid segfaulting by using _exit(2) instead of exit(3) in qemu user emulators. (Closes: #338289) - debian/patches/06_exit_segfault.patch: New file. * Enable ALSA audio support and add libasound2-dev to the Build-Depends. * Now using Standards-Version 3.7.2 (no changes needed). -- Guillem Jover Sun, 28 May 2006 20:51:10 +0300 qemu (0.8.0-3) unstable; urgency=low [ Josh Triplett ] * Fix FTBFS on PowerPC caused by asm constraint problem. (Closes: #361727) - debian/patches/64_ppc_asm_constraints.patch. [ Guillem Jover ] * Clamp addrlen from host to target when using AF_UNIX. This fixes socket problems when using EABI. - debian/patches/35_syscall_sockaddr.patch: New file. * Fix floating point comparison on ARM NWFPE, due to glue code missmatch. (Closes: #356287) - debian/patches/40_arm_nwfpe_cpsr.patch: New file. - debian/patches/40_fpu_arm_sigfpe.patch: Rename to ... - debian/patches/41_arm_fpa_sigfpe.patch: ... this. Resync. Thanks to Ulrich Hecht. * Fix POSIX threads creation on ARM hanging when initializing the cpu structure being it cyclic. - debian/patches/43_arm_cpustate.patch: New file. * Add TLS support for ARM. Stolen from Scratchbox. - debian/patches/42_arm_tls.patch: New file. * Fix sysctl endian problem. - debian/patches/32_syscall_sysctl.patch: Update. Thanks to Timo Savola . * Remove now default '--enable-slirp' build option. (Closes: #356284) Thanks to Anderson Lizardo . * Remove unused sharedir to 'make install'. (Closes: #356418) Thanks to Anderson Lizardo . * Fix package not cleaning properly. (Closes: #356279) Thanks to Anderson Lizardo for the initial patch. * Add needed syscalls to make debootstrap work. (Closes: #356291) - debian/patches/36_syscall_prctl.patch: New file. - debian/patches/37_syscall_mount.patch: Likewise. - debian/patches/38_syscall_arm_statfs64.patch: Likewise. Thanks to Anderson Lizardo . * Remove obsolete Build-Dependency xlibs-dev. -- Guillem Jover Thu, 13 Apr 2006 11:53:00 +0300 qemu (0.8.0-2) unstable; urgency=low [ Guillem Jover ] * Switch away from cdbs to plain debhelper. * Upgrade to debhelper compat level 5. * Allow overriding CC compiler variable. (Closes: #345772) * Do not redefine 64 bit types on 64 bit arches. - debian/patches/61_safe_64bit_int.patch: New file. * Allow linux_boot.bin to be built on any arch by switching to nasm, and Build-Depending on it. - debian/patches/62_linux_boot_nasm.patch: New file. * The serial hw driver uses a small divider that gets zeroed when shifting bits to the right. (Closes: #276276, #348098) - debian/patches/51_serial_small_divider.patch: New file. Thanks to Samuel Thibault . * Escaped hyphens in qemu-user manpage, use italics for filenames and parameters and bold for options. * Partial build failure fix for Sparc. (Bugs: #317145, #336970) Thanks to Jurij Smakov . -- Guillem Jover Mon, 20 Feb 2006 09:17:46 +0200 qemu (0.8.0-1) unstable; urgency=low [ Guillem Jover ] * New upstream release. (Closes: #344339) - Added support for Virtual FAT. (Closes: #313123) - Emulate repeated keystrokes when holding a key. (Closes: #298864) - debian/patches/01_doc_typos.patch: Sync. - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. - debian/patches/12_signal_powerpc_support.patch: Likewise. - debian/patches/21_net_sockopt.patch: Likewise. - debian/patches/22_net_tuntap_stall.patch: Likewise. - debian/patches/30_syscall_ipc.patch: Likewise. - debian/patches/31_syscalls.patch: Likewise. - debian/patches/32_syscall_sysctl.patch: Likewise. - debian/patches/33_syscall_ppc_clone.patch: Likewise. - debian/patches/40_fpu_arm_sigfpe.patch: Likewise. - debian/patches/50_missing_keycodes.patch: Likewise. * Added mips and mipsel to the lintian overrides for the user emulators being shlib-with-non-pic-code. * Added symlinks for mips, mipsel and system-arm emulator manpages. -- Guillem Jover Fri, 30 Dec 2005 05:44:53 +0200 qemu (0.7.2-2) unstable; urgency=low [ Josh Triplett ] * Add support for signal handling on PowerPC. (Closes: #335509) - debian/patches/12_signal_powerpc_support.patch: New file. [ Guillem Jover ] * Add Josh Triplett to Uploaders and packaging team. * Fix PowerPC build failure by reintroducing the ppc linker script and adding the missing _SDA_BASE_ and _SDA2_BASE_ symbols. (Closes: #336983) * Remove invalid patch making X11 fail at runtime. - debian/patches/20_net_socket.patch: Remove. - debian/patches/32_syscall_sysctl.patch: Sync. Thanks to Daniel Gimpelevich . * Avoid the patch system to try until it applies. - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Added patch level. - debian/patches/12_signal_powerpc_support.patch: Likewise. -- Guillem Jover Wed, 21 Dec 2005 22:11:34 +0200 qemu (0.7.2-1) unstable; urgency=low [ Guillem Jover ] * New upstream release. (Closes: #321232, #327168) - debian/patches/12_signal_silent.patch: Integrated upstream, remove. - debian/patches/50_ppc_ldscript.patch: Likewise. - debian/patches/33_syscall_truncate64.patch: Likewise. - debian/patches/01_doc_typos.patch: Resync with upstream. - debian/patches/04_do_not_print_rtc_freq_if_ok.patch: Likewise. - debian/patches/05_non-fatal_if_linux_hd_missing.patch: Likewise. - debian/patches/10_signal_jobs.patch: Likewise. - debian/patches/11_signal_sigaction.patch: Likewise. - debian/patches/20_net_socket.patch: Likewise. - debian/patches/21_net_sockopt.patch: Likewise. - debian/patches/22_net_tuntap_stall.patch: Likewise. - debian/patches/30_syscall_ipc.patch: Likewise. - debian/patches/31_syscalls.patch: Likewise. - debian/patches/32_syscall_sysctl.patch: Likewise. - debian/patches/40_fpu_arm_sigfpe.patch: Likewise. * Repackaged upstream source to deal with binaries w/o sources. - pc-bios/video.x: New file removed. * Create a new qemu-user(1) manpage and link all user emulator manpages to it. (Closes: #335163) * Add missing '-' and '=' keycodes for sendkey command. - debian/patches/50_missing_keycodes.patch: New file. (Closes: #334071) Thanks to Robert Millan . * Add manpage link for qemu-system-mips. * Make sysctl byte-swap the name values. - debian/patches/32_syscall_sysctl.patch: Merge patch. (Closes: #334458) Thanks to Josh Triplett . * Change documentation menu section to "Apps/Emulators". (Closes: #335062) Thanks to Frans Pop . * On PowerPC, do not zero registers r7-r31 in do_fork and zero register r3. Fixing segfaults on programs using the clone syscall. - debian/patches/33_syscall_ppc_clone.patch: New file. (Closes: #335159) Thanks to Josh Triplett and Paul Brook . * Tighten vgabios and bochsbios versioned Depends. * Add video.x to the list of roms to touch to make qemu Makefile happy. * Add lintian overrides for the user emulators being shlib-with-non-pic-code. * Wrap lines in debian/control fields (knowingly breaking policy). [ Guilherme de S. Pastore ] * debian/control: - Updated my e-mail address. * debian/copyright: - Dropped André from team members list, not a single contribution ever. -- Guillem Jover Mon, 31 Oct 2005 05:01:45 +0200 qemu (0.7.0-4) unstable; urgency=low [ Guillem Jover ] * Rebuild source with locally deborked dpkg-source. (Closes: #321019) * Added the location of the Subversion repo used for the packages and fixed the upstream URL in debian/copyright. * Lower case title header in qemu-make-debian-root man page. * Use dd instead of cat to generate the qemu debian root image. (Closes: #315952) -- Guillem Jover Wed, 3 Aug 2005 05:53:30 +0300 qemu (0.7.0-3) unstable; urgency=low [ Guillem Jover ] * Update watch file to version 3, use perlre and new upstream site. * Now using Standards-Version 3.6.2 (no changes needed). * Fix TUN/TAP network interface stalling the connection. (Closes: #290569) Thanks to Vitaly Belostotsky . * Link against librt, needed by the new clock_gettime syscall. - debian/patches/31_syscalls.patch: Update. (Closes: #315388) Thanks to Timo Savola for noticing. * Force Build-Dependency on binutils >= 2.16-1 needed by the amd64 and powerpc linker scripts. (Closes: #262655) * Force usage of gcc-3.4. (Closes: #319527) * Add missing Build-Dependency on zlib1g-dev. Thanks to Reinhard Tartler . * Include in syscall.c to avoid the broken headers in linux-kernel-headers 2.6.12. - debian/patches/34_syscalls_types.patch: New file. Thanks to Octavian Cerna . * Fix powerpc linker script. - debian/patches/50_ppc_ldscript.patch: New file. Thanks to Octavian Cerna . -- Guillem Jover Mon, 1 Aug 2005 02:48:09 +0300 qemu (0.7.0-2) unstable; urgency=low [ Guillem Jover ] * Add alpha, sparc, arm and s390 to Architectures (and to the libgpmg1-dev Build-Depends). * Forward SIGSTOP and SIGCONT sent to QEMU to the emulated application. - debian/patches/10_signal_jobs.patch: New file. Thanks to Ulrich Hecht. * Return EINVAL on emulated sigaction when given invalid signal parameters SIGKILL and SIGSTOP. - debian/patches/11_signal_sigaction.patch: New fle. Thanks to Valtteri Rahkonen. * Do not print messsages for uncaught signal, thus fixing the case were some applications want to kill their siblings. - debian/patches/12_signal_silent.patch: New file. Thanks to Valtteri Rahkonen * Fix Unix sockets by handling correctly AF_UNIX socket address structure length. - debian/patches/20_net_socket.patch: New file. Thanks to Timo Savola. * Implement SO_LINGER, SO_RCVTIMEO, SO_SNDTIMEO, SO_PEERNAME and SO_PEERCRED getsockoptions. - debian/patches/21_net_sockopt.patch: New file. Thanks to Valtteri Rahkonen. * Implement SysV IPC message and semaphore syscalls. - debian/patches/30_syscall_ipc.patch: New file. Thanks to Valtteri Rahkonen. * Implement acct, umount2, uselib, swapon, syslog, ftruncate64, mincore, madvise, readahead and clock_gettime syscalls. - debian/patches/31_syscalls.patch: New file. Thanks to Ulrich Hecht. * Implement sysctl CTL_KERN/KERN_VERSION - debian/patches/32_syscall_sysctl.patch: New file. Thanks to Timo Savola. * Implement truncate64 syscall. - debian/patches/33_syscall_truncate64.patch: New file. Thanks to Valtteri Rahkonen. * Implement ARM floating point exeption emulation. - debian/patches/40_fpu_arm_sigfpe.patch: New file. Thanks to Ulrich Hecht. -- Guillem Jover Sun, 19 Jun 2005 15:05:37 +0300 qemu (0.7.0-1) experimental; urgency=low [ Guillem Jover ] * New upstream release. (Closes: #308459, #308494) * Do not require a disk image when booting a Linux kernel. (Closes: #260935) Thanks to Jonas Smedegaard . [ Guilherme de S. Pastore ] * Rewrote README.Debian for more clarity * Add support for amd64 as a host architecture. (Closes: #262655) - Add build-depend on libgpmg1-dev on amd64. * Fixed qemu-make-debian-root so that it shows the name by which it was called on the usage notice, not "%s". (Closes: #303507) Thanks to Micah Anderson . [ Elrond ] * Clean up more files, so they don't end up in the final .diff.gz * Switch to external proll and openhackware: - Instead of patching qemu's Makefile, trick it by giving it empty files to install and remove them straight after install. - Don't ship the roms in debian/roms any more! - Instead add more symlinks. - Update Depends: apropiately. -- Guillem Jover Fri, 27 May 2005 02:06:20 +0300 qemu (0.6.1+20050407-1) unstable; urgency=low [ Guillem Jover ] * New upstream snapshot. - Fix -user-net. (Closes: #295019) - Fix win2k and winxp image booting. (Closes: #285170, #292707) - Fix installation of outdated documentation. (Closes: #286931) - Provide qemu-img instead of qemu-mkcow. (Closes: #290713) - Remove debian/patches/05_fix_openpic_timer_test.patch, integrated upstream. - Remove debian/patches/02_selectable_sdl_keyboard.patch, superseded by new keyboard implementation. (Closes: #284510, #299432) - Remove debian/patches/01_mkcow_section_and_hyphens.patch. - Conditionalize qemu -g option for some architectures. (Closes: #298988) * Added new copyright year to debian/copyright. * Added initial qemu-make-debian-root man page. (Closes: #286932) * Fixed typos in qemu documentation. (Closes: #301933) Thanks to A Costa . * Added Elrond to Uploaders and packaging team. * Use the default target list: - Do not build qemu-fast anymore as it is deprecated upstream anyway. (Closes: #278602, #281510) - New targets armeb and system-x86_64. * Updated ROM images under debian/roms/: - OpenHackWare 0.4. - Proll 18 with qemu specific patches. * Remove uudecoded files from pc-bios/ on clean. * Fix qemu-make-debian-root to behave correctly even if the needed Recommends are not installed. [ Guilherme de S. Pastore ] * Create a doc-base entry for the package (Closes: #290669) * debian/control: - Add debootstrap to the 'Recommends: ' line, as needed by qemu-make-debian-root (Closes: #302848) - Moved sharutils from dependency to recommendation, as it is only needed by qemu-make-debian-root * debian/docs: - Do not include README.distrib in the binary package (Closes: #302853) [ Elrond ] * Replace "libgpmg1-dev | not+linux-gnu" by "libgpmg1-dev [i386 powerpc]" in Build-Depends. qemu should not need to build-depend on it anyway, the real problem is described in Bug#267174. When it is solved, we can remove our dependency. Until then please remember to add any arch, which we will build on and that has gpm. This change hopefully calms: * Add versions to the dependencies on bochsbios and vgabios (Closes: #288997): - vgabios: Use the current version from testing/unstable (0.4c+20041014-1), according to Frans Pop , this fixed those "blank screen" problems. - bochsbios: Use the current version from unstable (2.1.1+20041109-3), as Guillem Jover fixed the networking in that version. -- Guillem Jover Thu, 7 Apr 2005 01:26:01 +0300 qemu (0.6.1-1) unstable; urgency=low [ Guillem Jover ] * New upstream release. (Closes: #281626) - Booting from drive b is not supported anymore. (Closes: #275679) - Fix ne2k network interface that was not working in some situations. (Closes: #281862) - Remove debian/patches/06_build_gcc3.4.patch, fixed upstream. - Remove debian/patches/04_lfs.patch, fixed upstream. - Remove debian/patches/02_fix_powerpc_FTBFS.patch, fixed upstream. - Remove debian/patches/00_escape_manpage_hyphens.patch, not needed. - Sync debian/patches/03_use_external_bios.patch. * Include uuencoded source for proll 18, some build fixes and its binary proll.bin on debian/roms/. * Suggests sudo to be used by the qemu-ifup script. Thanks to Elrond . * Make sudo in qemu-ifup explain what the password is for. (Closes: #281380) * Add an option to select the method to convert keyevent to keycode in the SDL keyboard handling code. Added support for Right Shift in the generic handler. (Closes: #282658) Thanks to Elrond . * Do not set RTC frequency to 1024 or warn about this if it has already the correct value. (Closes: #281403) * Enabled sparc-softmmu support. -- Guillem Jover Sat, 27 Nov 2004 23:23:49 +0100 qemu (0.6.0.dfsg.2-1) unstable; urgency=low [ Guillem Jover ] * Repackaged upstream source to remove external included files. - pc-bios/ppc-rom.bin: Removed. - pc-bios/OpenHackWare_0.3.tar.bz2: Likewise. - pc-bios/vgabios.bin: Likewise. - pc-bios/vgabios-cirrus.bin: Likewise. - pc-bios/vgabios-cvs-2004-06-17.tgz: Likewise. * Include uuencoded source for OpenHackWare 0.3.1 and its binary ppc-rom.bin on debian/roms/. Add a Build-Depends on sharutils. * Update tundev.c. Pass -tun-dev to qemu without the equal sign. Thanks to Isaac Clerencia . * Fix README.Debian to point to the renamed qemu-make-debian-root. * Add Depends on sharutils needed by qemu-make-debian-root. (Closes: #272130) * Use and depend on vgabios package, which is in sync with bochsbios that checks for rom bios checksums. (Closes: #281202) * Enable LFS globally, thus fixing problems with qemu-mkcow when using an existing large image. (Closes: #279925) * Fix openpic timer write test, catched from a warning about a constant value larger than the type it was casted to. * Fix build failure with gcc 3.4. Patch stolen from Gentoo BTS. -- Guillem Jover Mon, 15 Nov 2004 10:46:54 +0100 qemu (0.6.0.dfsg.1-1) unstable; urgency=high [ Guillem Jover ] * Repackaged upstream source to deal with binaries w/o sources. (Closes: #268780) - pc-bios/bios.bin: Removed binary without source. Now using bochsbios package. - pc-bios/vgabios.bin: Rebuilt from vgabios cvs 2004-06-17 snapshot, source included. - pc-bios/vgabios-cirrus.bin: Likewise. - pc-bios/ppc-rom.bin: Rebuilt on voltaire, source included. - pc-bios/linux_boot.bin: Rebuilt from source. * Move make-debian-root.sh to /usr/sbin/qemu-make-debian-root. (Closes: #268705) -- Guillem Jover Mon, 13 Sep 2004 01:28:54 +0200 qemu (0.6.0-2) unstable; urgency=high [ Guilherme de S. Pastore ] * Fixed dangling symlinks under /usr/share/man/man1. (Closes: #264764) [ Guillem Jover ] * Fix FTBFS on powerpc. - debian/patches/02_fix_powerpc_FTBFS.patch: New file. -- Guillem Jover Wed, 18 Aug 2004 15:50:43 +0200 qemu (0.6.0-1) unstable; urgency=medium * New maintainers. (Closes: #258900) * New upstream release. (Closes: #258732) - Installs ppc BIOS ROM file. (Closes: #257492) - Builds with -fno-strict-aliasing. (Closes: #257123) [ Guilherme de S. Pastore ] * debian/rules: - Cleaned up. - Ported to use CDBS. * 00_escape_manpage_hyphens.patch: - Correct a little typo and escape hyphens in upstream manpage. * 01_mkcow_section_and_hyphens.patch: - Fix section mismatch and escape hyphens in the qemu-mkcow manpage. * Added simple /etc/qemu-ifup helper script. (Closes: #245281) Thanks to Martin Michlmayr . * Cleaned debian/watch. * UTF-8'ed debian/changelog. * Updated Standards-Version to 3.6.1.1. * Removed outdated and unnecessary debian/qemu-i386.sgml. - Removed build dependency on docbook-to-man. * Removed "x86" part from the description (hey, qemu is not x86-only in any way). Deserves a complete rewrite, shall be done soon. [ Guillem Jover ] * Lower-case package short description. * Added missing CPU emulations to the description. * Cleaned and updated debian/copyright. * Removed manually added libx11-6 dependency. * Only Build-Depends on libgpmg1-dev on GNU/Linux systems. * Cosmetic unification to debian/changelog. * debian/rules: - Remove generated files. - Give exec perms to qemu-ifup. -- Guillem Jover Sun, 8 Aug 2004 17:24:08 +0200 qemu (0.5.5-2) unstable; urgency=low * Re-enable SDL disabled while I was bugchasing. (Closes: #255014) * Yes, this is really 0.5.5. (Closes: #254655) * Enable slirp networking. (Closes: #253573) * Add Build-Depends on libgpmg1-dev (found by Bastian Blank, probably breaks Hurd but that's a problem for another day). -- Paul Russell Thu, 24 Jun 2004 06:26:42 +0200 qemu (0.5.5-1) unstable; urgency=low * New upstream release. (Closes: #237556, #237556) * Applied patch to add options to make_debian_root.sh. (Closes: #238787) * Applied patch for other archs: hmmm... (Closes: #251420) * Do umount -d in make_debian_root.sh. (Closes: #251775) -- Paul Russell Tue, 1 Jun 2004 03:50:05 +0200 qemu (0.5.4-1) unstable; urgency=low * New upstream release. (Closes: #246634) * qemu-mkcow included in upstream. * Added tundev program source in doc, to see if people find it useful. -- Paul Russell Mon, 3 May 2004 08:14:49 +0200 qemu (0.5.3-1) unstable; urgency=low * New upstream release. (Closes: #237556) * Use aalib-config --static-libs. (Closes: #243325) * Document Control-Shift to release mouse pointer. (Closes: #238074) -- Paul Russell Tue, 13 Apr 2004 02:58:49 +0200 qemu (0.5.2-4) unstable; urgency=low * Fix PPC install (Michel Daenzer patch). (Closes: #238431) * Simplify deps (might be wrong, but it's neater). (Closes: #238430) -- Paul Russell Wed, 17 Mar 2004 01:35:47 +0100 qemu (0.5.2-3) unstable; urgency=low * Make compile on woody. (Closes: #238163) * Include qemu-doc.html. (Closes: #238076) * Wrote qemu-i386 man page. (Closes: #238077) -- Paul Russell Mon, 15 Mar 2004 23:56:25 +0100 qemu (0.5.2-2) unstable; urgency=low * Fix build problem so bios.bin etc. can be found. (Closes: #237553) -- Paul Russell Fri, 12 Mar 2004 05:43:00 +0100 qemu (0.5.2-1) unstable; urgency=low * Initial Release. (Closes: #187407) -- Paul Russell Wed, 3 Mar 2004 02:18:54 +0100