Hi everyone, I am pleased to announce that the QEMU v7.2.3 stable release is now available.
You can grab the tarball from our download page here: https://www.qemu.org/download/#source v7.2.3 is now tagged in the official qemu.git repository, and the stable-7.2 branch has been updated accordingly: https://gitlab.com/qemu-project/qemu/-/commits/stable-7.2?ref_type=heads This update contains general fixes for various architectures/subsystems, including the following CVE fixes: LSI (CVE-2023-0330) Please see the changelog for additional details and update accordingly. Thank you to everyone involved! CHANGELOG: a8f7a3504d: Update version for 7.2.3 release (Michael Tokarev) 9d52aaa92b: machine: do not crash if default RAM backend name has been stolen (Igor Mammedov) 9fe6e8139d: hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller (CVE-2023-0330) (Thomas Huth) 49d5fc4cfc: usb/ohci: Set pad to 0 after frame update (Paolo Bonzini) 12f0e61758: util/vfio-helpers: Use g_file_read_link() (Akihiko Odaki) 859759ee39: rtl8139: fix large_send_mss divide-by-zero (Stefan Hajnoczi) b121ebe143: e1000e: Fix tx/rx counters (timothee.coca...@gmail.com) f9f42e708f: e1000: Count CRC in Tx statistics (Akihiko Odaki) 926a8380f2: virtio-crypto: fix NULL pointer dereference in virtio_crypto_free_request (Mauro Matteo Cascella) dd63d3a5b8: virtio-net: not enable vq reset feature unconditionally (Eugenio Pérez) 6f4dc62715: vhost: fix possible wrap in SVQ descriptor ring (Hawkins Jiawei) 48b60eb6c9: target/i386: fix avx2 instructions vzeroall and vpermdq (Xinyu Li) eee0666a50: target/i386: fix operand size for VCOMI/VUCOMI instructions (Paolo Bonzini) 61f6b12cf3: scsi-generic: fix buffer overflow on block limits inquiry (Paolo Bonzini) d68a13c672: target/arm: Fix vd == vm overlap in sve_ldff1_z (Richard Henderson) 7405624def: migration: Attempt disk reactivation in more failure scenarios (Eric Blake) b514d5a898: migration: Minor control flow simplification (Eric Blake) 08fd84005f: migration: Handle block device inactivation failures better (Eric Blake) 89bf901afb: linux-user: fix getgroups/setgroups allocations (Michael Tokarev) 95cb7a7255: linux-user: Fix mips fp64 executables loading (Daniil Kovalev) e7f1150829: tests/docker: bump the xtensa base to debian:11-slim (Alex Bennée) 273147b942: target/ppc: Fix helper_pminsn() prototype (Cédric Le Goater) 0c6e9547ae: Revert "vhost-user: Introduce nested event loop in vhost_user_read()" (Greg Kurz) 7620c12422: Revert "vhost-user: Monitor slave channel in vhost_user_read()" (Greg Kurz) 6bebd3f818: xen/pt: reserve PCI slot 2 for Intel igd-passthru (Chuck Zmudzinski) de6596aa9d: 9pfs/xen: Fix segfault on shutdown (Jason Andryuk) 00acdd8a9f: s390x/tcg: Fix LDER instruction format (Ilya Leoshkevich) 6b71859686: target/s390x: Fix EXECUTE of relative branches (Ilya Leoshkevich) b7b814cd87: block/monitor: Fix crash when executing HMP commit (Wang Liang) 2a0afe1bde: virtio: fix reachable assertion due to stale value of cached region size (Carlos López) a641521e50: hw/virtio/vhost-user: avoid using unitialized errp (Albert Esteve) afc11df42a: tcg: ppc64: Fix mask generation for vextractdm (Shivaprasad G Bhat) c94d55f63e: async: Suppress GCC13 false positive in aio_bh_poll() (Cédric Le Goater) 379a05f384: ui: Fix pixel colour channel order for PNG screenshots (Peter Maydell) 0e262ee8e9: accel/tcg: Fix atomic_mmu_lookup for reads (Richard Henderson) 666e6bbf85: target/riscv: Fix itrigger when icount is used (LIU Zhiwei) 89640e03ec: block: Fix use after free in blockdev_mark_auto_del() (Kevin Wolf) e3074f666f: meson: leave unnecessary modules out of the build (Paolo Bonzini) 9b300a100c: softfloat: Fix the incorrect computation in float32_exp2 (Shivaprasad G Bhat) ec979ff52c: hw/net/allwinner-sun8i-emac: Correctly byteswap descriptor fields (Peter Maydell) 4b02ac725a: hw/sd/allwinner-sdhost: Correctly byteswap descriptor fields (Peter Maydell) e4e79c8e00: target/arm: Define and use new load_cpu_field_low32() (Peter Maydell) 5eb742fce5: hw/intc/allwinner-a10-pic: Don't use set_bit()/clear_bit() (Peter Maydell) d46d403616: hw/arm/raspi: Use arm_write_bootloader() to write boot code (Peter Maydell) 5ebe440c2b: hw/arm/aspeed: Use arm_write_bootloader() to write the bootloader (Cédric Le Goater) 8e9c265f14: hw/arm/boot: Make write_bootloader() public as arm_write_bootloader() (Cédric Le Goater) e96dc26e89: hw/net/msf2-emac: Don't modify descriptor in-place in emac_store_desc() (Peter Maydell) 32900bff70: target/arm: Initialize debug capabilities only once (Akihiko Odaki) 0a65c4588c: docs/about/deprecated.rst: Add "since 7.1" tag to dtb-kaslr-seed deprecation (Peter Maydell) 4e35bd88a5: qemu-options: finesse the recommendations around -blockdev (Alex Bennée) e557055653: acpi: pcihp: allow repeating hot-unplug requests (Igor Mammedov) 84d5232d9d: target/i386: Change wrong XFRM value in SGX CPUID leaf (Yang Zhong) bfc532703f: vnc: avoid underflow when accessing user-provided address (Paolo Bonzini)
