This bug was fixed in the package qemu - 1:4.2-1ubuntu1
---------------
qemu (1:4.2-1ubuntu1) focal; urgency=medium
* Merge with Debian testing, Among many other things this fixes LP Bugs:
LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
LP: #1812822 - avoid crashes on detaching vhost_net interfaces
LP: #1852744 - Crypto Passthrough Interrupt Support
LP: #1853316 - CCW IPL Support
Remaining changes:
- qemu-kvm to systemd unit
- d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
hugepages and architecture specifics
- d/qemu-system-common.qemu-kvm.service: systemd unit to call
qemu-kvm-init
- d/qemu-system-common.install: install helper script
- d/qemu-system-common.maintscript: clean old sysv and upstart scripts
- d/qemu-system-common.qemu-kvm.default: defaults for
/etc/default/qemu-kvm
- d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
- Distribution specific machine type (LP: 1304107 1621042)
- d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
types
- d/qemu-system-x86.NEWS Info on fixed machine type definitions
for host-phys-bits=true (LP: 1776189)
- add an info about -hpb machine type in debian/qemu-system-x86.NEWS
- provide pseries-bionic-2.11-sxxm type as convenience with all
meltdown/spectre workarounds enabled by default. (LP: 1761372).
- Enable nesting by default
- d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
in qemu64 cpu type.
- d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
in qemu64 on amd
[ No more strictly needed, but required for backward compatibility ]
- improved dependencies
- Make qemu-system-common depend on qemu-block-extra
- Make qemu-utils depend on qemu-block-extra
- let qemu-utils recommend sharutils
- s390x support
- Create qemu-system-s390x package
- Enable numa support for s390x
- d/rules: build s390-ccw.img with upstream Makefile
- d/rules: build s390-netboot.img with upstream Makefile
- arch aware kvm wrappers
- d/control: update VCS links
- tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
- d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
reference 256k path
- d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
handle incoming migrations from former releases.
- d/control-in: Disable capstone disassembler library support (universe)
- d/control: disable bluetooth being deprecated
- d/not-installed: ignore new interop docs and extra icons for now
- d/not-installed: do not install elf2dmp until namespaced
- d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
- d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
- d/binfmt-update-in: fix binfmt being called in some containers
(LP 1840956)
- Dropped changes (in Debian)
- qemu-guest-agent: freeze-hook fixes (LP: 1484990)
- d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
- d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
- d/control-in: enable RDMA support in qemu (LP: 1692476)
- enable RDMA config option
- add libibumad-dev build-dep
- d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
As that hack to build s390-ccw.img rom can't build s390x-netboot.img
replace it with a build-indep using the upstream makefiles.
This is less prone to miss future changes/fixes that are done to the
makefiles
- remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
- d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
- d/rules: fix qemu-kvm service for debhelper compat >=12
- Refreshed patches for v4.0 context changes
- d/control*: remove sdlabi which was removed upstream
- d/control*: enable docs (now explicit) and provide new build-dep
python3-sphinx
- d/qemu-system-data.install: use new paths for formerly used icons
- Merge with Upstream release of qemu 4.0
- d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
- Dropped changes (Upstream)
- d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
- d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
- d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
fix i386 build error
-
d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector-fac:
fix naming of the new vector facitlity (LP 1836066)
- d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues
for missing SIOCGSTAMP definition; final fix is still in discussion
upstream (LP: 1836159)
- d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer
s390x machines (LP 1836154)
- d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags
(LP 1841066)
- d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.patch:
update the z15 model name (LP 1842774)
- d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
fix a potential hang when qemu or qemu-img where accessing http backed
disks via libcurl (LP 1848556)
- d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*:
fix migration issue from qemu <4.0 when using virtio-balloon (LP 1848497)
- d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
toleration for future machines (LP 1830704)
- SECURITY UPDATE: Add support for exposing md-clear functionality
to guests
- d/p/ubuntu/enable-md-clear.patch
- d/p/ubuntu/enable-md-no.patch
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
- SECURITY UPDATE: heap overflow when loading device tree blob
- d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
copy the device tree blob into is.
- CVE-2018-20815
- SECURITY UPDATE: device driver denial of service via NULL pointer
dereference
- d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
routine
- CVE-2019-5008
- SECURITY UPDATE: information leak in SLiRP
- d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
emulating ident.
- CVE-2019-9824
- d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
unimplement.patch: properly return architecture defined exception
on bad subcodes of diag 308 (LP 1812384)
* Dropped changes (no more needed)
- d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for
mv_conffile since the new path is a directory in the old package
version which can not be handled by mv_conffile.
[ only needed between disco and eoan ]
- disable pvrdma
[ CVEs all fixed now ]
- d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
avoid misdetection of simplified nesting blocking all migrations
[ qemu now detects and handles nesting - needs kernel >=4.20 ]
- Enable nesting by default
- d/qemu-system-x86.modprobe: set nested=1 module option on intel.
(is default on amd)
- d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
without nested=1
[ nesting is default in kernel modules and default selected cpu types ]
* Added changes
- d/control: regenerate debian/control out of control-in
- updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
- added ubuntu focal types for qemu 4.2
- ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
- d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model
(LP: #1857033)
- d/qemu-system-x86.README.Debian: add info about updated nesting changes
- d/control*, d/rules: disable xen by default, but provide universe
package qemu-system-x86-xen as alternative
- fix typos in changelog and d/qemu-system-x86.NEWS
- d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
- d/control*: enable libpmem support for nvdimms (LP: #1790856)
qemu (1:4.2-1) unstable; urgency=medium
* new upstream release (4.2.0)
* removed patches: v4.1.1.diff, enable-pschange-mc-no.patch
* do not make sgabios.bin executable (lintian)
* add s390-netboot.img lintian overrides for qemu-system-data
* build qboot (bios-microvm.bin)
* build-depend-indep on libc6-dev-i386 for qboot
(includes some system headers)
qemu (1:4.1-3) unstable; urgency=medium
* mention #939869 (CVE-2019-15890) in previous changelog entry
* add Provides: sgabios to qemu-data (Closes: #945924)
* fix qemu-debootsrtap (add hppa arch, print correct error message)
thanks to Helge Deller (Closes: #923410)
* enable long binfmt masks again for mips/mips32 (Closes: #829243)
qemu (1:4.1-2) unstable; urgency=medium
* build sgabios in build-indep, conflict with sgabios package
* qemu-system-ppc: build and install canyonlands.dtb in addition to bamboo.dtb
* remove duplicated CVE-2018-20123 & CVE-2018-20124 in prev changelog
* move s390 firmware build rules to debian/s390fw.mak, build s390-netboot.img
* imported v4.1.1.diff - upstream stable branch
Closes: CVE-2019-12068
Closes: #945258, #945072
* enable-pschange-mc-no.patch: i386: add PSCHANGE_MC_NO feature
to allow disabling ITLB multihit mitigations in nested hypervisors
Closes: #944623
* build-depend on nettle-dev, enable nettle, and clarify --enable-lzo
* switch to system libslirp, build-depend on libslirp-dev
Closes: #939869, CVE-2019-15890
qemu (1:4.1-1) unstable; urgency=medium
* new upstream release v4.1
Closes: #933741, CVE-2019-14378 (slirp buff overflow in packet reassembly)
(use internal slirp copy for now)
Closes: #931351, CVE-2019-13164 (qemu-bridge-helper long IFNAME)
Closes: #922923, CVE-2019-8934 (ppc64 emulator leaks hw identity)
Closes: #916442, CVE-2018-20123 (pvrdma memory leak in device hotplug)
Closes: #922461, CVE-2018-20124 (pvrdma num_sge can exceed MAX_SGE)
Closes: #927924 (new upstream version)
Closes: #897054 (AMD Zen CPU support)
Closes: #935324 (FTBFS due to gluster API change)
Closes: CVE-2018-20125 (pvrdma: DoS in create_cq_ring|create_qp_rings)
Closes: CVE-2018-20126 (pvrdma: memleaks in create_cq_ring|create_qp_rings)
Closes: CVE-2018-20191 (pvrdma: DoS due to missing read operation impl.)
Closes: CVE-2018-20216 (pvrdma: infinite loop in pvrdma_dev_ring.c)
* remove patches which are applied upstream, refresh remaining patches
(bt-use-size_t-...-CVE-2018-19665.patch hasn't been applied upstream,
bluetooth subsystem is going to be removed, we keep it for now)
* debian/source/options: ignore slirp/ submodule
* use python3 for building, not python
* debian/optionrom.mk: add pvh.bin
* switch from libssh2 to libssh, and enable libssh support in ubuntu
* bump spice version requiriment to 0.12.5
* enable pvrdma
* debian/control-in: remove reference to libsdl
* debian/rules: add new objects for s390-ccw fw
* debian/control: add build dependency on python3-sphinx for docs
* install ui/icons/qemu.svg and qemu.desktop
* debian/rules: remove pc-bios/bamboo.dtb before building it
* install vhost-user-gpu binary and 50-qemu-gpu.json
* debian/rules: remove old maintscript-helper invocations, not needed anymore
* remove +dfsg for now, upload whole upstream source, will trim it later
-- Christian Ehrhardt <christian.ehrha...@canonical.com> Wed, 08 Jan
2020 15:27:42 +0100
** Changed in: qemu (Ubuntu Focal)
Status: Triaged => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12126
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12127
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12130
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-19665
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20123
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20124
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20125
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20126
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20191
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20216
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20815
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11091
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12068
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-13164
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-14378
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-15890
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-5008
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-8934
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9824
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847806
Title:
eoan: ppc64el install on pseries-eoan VM fails to install
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1847806/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
