]>
git.proxmox.com Git - pve-qemu-kvm.git/log
Wolfgang Bumiller [Tue, 15 Nov 2016 13:31:50 +0000 (14:31 +0100)]
bump version to 2.7.0-7
Wolfgang Bumiller [Fri, 11 Nov 2016 14:02:09 +0000 (15:02 +0100)]
Fix #1182: Update EFI roms to include PXE fixes
Wolfgang Bumiller [Fri, 11 Nov 2016 11:31:25 +0000 (12:31 +0100)]
savevm-async: iothreads fixups
Wolfgang Bumiller [Tue, 8 Nov 2016 10:45:18 +0000 (11:45 +0100)]
bump version to 2.7.0-6
Wolfgang Bumiller [Tue, 8 Nov 2016 10:15:13 +0000 (11:15 +0100)]
Fix #796: convert savevm-async to threads
This should also allow snapshots with RAM to run with
iothreads enabled.
Alexandre Derumier [Mon, 7 Nov 2016 11:08:05 +0000 (12:08 +0100)]
qmp_delete_drive_snapshot : add-aiocontext
fix delete snapshot with qcow2 and iothread enabled
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Wolfgang Bumiller [Mon, 7 Nov 2016 10:14:48 +0000 (11:14 +0100)]
bump version to 2.7.0-5
Wolfgang Bumiller [Mon, 7 Nov 2016 10:10:01 +0000 (11:10 +0100)]
various fixes
CVE-2016-8909:
audio: intel-hda: check stream entry count during transfer
CVE-2016-8910:
net: rtl8139: limit processing of ring descriptors
CVE-2016-9101:
net: eepro100: fix memory leak in device uninit
CVE-2016-9102:
9pfs: fix memory leak in v9fs_xattrcreate
CVE-2016-9103:
9pfs: fix information leak in xattr read
CVE-2016-9104:
9pfs: fix integer overflow issue in xattr read/write
CVE-2016-9105:
9pfs: fix memory leak in v9fs_link
CVE-2016-9106:
9pfs: fix memory leak in v9fs_write
Wolfgang Bumiller [Mon, 7 Nov 2016 08:03:18 +0000 (09:03 +0100)]
Fix #1193: live snapshot state got truncated
Alexandre Derumier [Mon, 7 Nov 2016 07:29:12 +0000 (08:29 +0100)]
pve-qemu-kvm : add libacl1-dev build depend
This is needed by glusterfs
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Wolfgang Bumiller [Mon, 24 Oct 2016 07:40:58 +0000 (09:40 +0200)]
bump version to 2.7.0-4
Wolfgang Bumiller [Mon, 24 Oct 2016 07:33:39 +0000 (09:33 +0200)]
Fix #1178: bring back glusterfs-daemonize patch
Wolfgang Bumiller [Fri, 21 Oct 2016 07:22:47 +0000 (09:22 +0200)]
bump version to 2.7.0-3
Wolfgang Bumiller [Fri, 21 Oct 2016 07:20:06 +0000 (09:20 +0200)]
various fixes
CVE-2016-8668:
net: rocker: set limit to DMA buffer size
CVE-2016-8669:
char: serial: check divider value against baud base
Wolfgang Bumiller [Fri, 21 Oct 2016 07:12:01 +0000 (09:12 +0200)]
add vma backup fix
Wolfgang Bumiller [Thu, 13 Oct 2016 13:27:28 +0000 (15:27 +0200)]
bump version to 2.7.0-2
Wolfgang Bumiller [Thu, 13 Oct 2016 13:19:02 +0000 (15:19 +0200)]
various fixes:
CVE-2016-8576:
xhci: limit the number of link trbs we are willing to process
CVE-2016-8577:
9pfs: fix potential host memory leak in v9fs_read
CVE-2016-8578:
9pfs: allocate space for guest originated empty strings
Alexandre Derumier [Thu, 13 Oct 2016 09:25:36 +0000 (11:25 +0200)]
qemu2.7 : qmp-fix-object-add-assert-without-props
This fix object-add iothread crash
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Wolfgang Bumiller [Fri, 9 Sep 2016 13:53:07 +0000 (15:53 +0200)]
update to 2.7
Wolfgang Bumiller [Fri, 7 Oct 2016 09:00:58 +0000 (11:00 +0200)]
bump version to 2.6.2-2
Fabian Grünbichler [Fri, 7 Oct 2016 08:48:15 +0000 (10:48 +0200)]
fix CVE-2016-7466
memory leak in usb_xhci_exit
Wolfgang Bumiller [Thu, 6 Oct 2016 12:21:55 +0000 (14:21 +0200)]
update to qemu-2.6.2
dropping a bunch of upstream fixes
Dietmar Maurer [Thu, 6 Oct 2016 06:12:18 +0000 (08:12 +0200)]
bump version to 2.6.1-7
Wolfgang Bumiller [Wed, 5 Oct 2016 12:35:12 +0000 (14:35 +0200)]
various fixes
CVE-2016-7161: hw/net: Fix a heap overflow in xlnx.xps-ethernetlite
CVE-2016-7422: virtio: add check for descriptor's mapped address
CVE-2016-7907: net: imx: limit buffer descriptor count
CVE-2016-7908: net: mcf: limit buffer descriptor count
CVE-2016-7909: net: pcnet: check rx/tx descriptor ring length
Dietmar Maurer [Tue, 20 Sep 2016 07:42:33 +0000 (09:42 +0200)]
bump version to 2.6.1-6
Dr. David Alan Gilbert [Mon, 19 Sep 2016 11:59:29 +0000 (13:59 +0200)]
fix #615: Windows guests suddenly hangs after couple times of migration
cherry-pick
78d6a05d2f69cbfa6e95f0a4a24a2c934969913b from
qemu master
Fabian Grünbichler [Mon, 19 Sep 2016 07:58:14 +0000 (09:58 +0200)]
various CVE fixes
CVE-2016-7170: vmsvga: correct bitmap and pixmap size checks
CVE-2016-7421: scsi: pvscsi: limit process IO loop to ring size
CVE-2016-7423: scsi: mptsas: use g_new0 to allocate MPTSASRequest object
Dietmar Maurer [Thu, 15 Sep 2016 11:27:30 +0000 (13:27 +0200)]
bump version to 2.6.1-5
Alexandre Derumier [Thu, 15 Sep 2016 09:40:11 +0000 (11:40 +0200)]
qmp_snapshot_drive : add aiocontext
This fix internal snapshot for drive with iothread enabled
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Thu, 8 Sep 2016 10:25:44 +0000 (12:25 +0200)]
bump version to 2.6.1-4
Dominik Csapak [Tue, 6 Sep 2016 08:26:59 +0000 (10:26 +0200)]
add new and correct ovmf images
this adds ovmf images with a readme how they were
compiled
this also includes the logo and the OVMF_CODE image,
which is needed when we want to use an efidisk
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dietmar Maurer [Wed, 7 Sep 2016 10:40:50 +0000 (12:40 +0200)]
use new repoman for upload target
Dietmar Maurer [Wed, 7 Sep 2016 10:14:53 +0000 (12:14 +0200)]
bump version to 2.6.1-3
Wolfgang Bumiller [Wed, 7 Sep 2016 09:58:00 +0000 (11:58 +0200)]
various CVE fixes
CVE-2016-7116:
9pfs: forbid illegal path names
9pfs: forbid . and .. in file names
9pfs: handle walk of ".." in the root directory
CVE-2016-7155: scsi: check page count while initialising descriptor rings
CVE-2016-7156: scsi: pvscsi: avoid infinite loop while building SG list
CVE-2016-7157: scsi: mptconfig: fix an assert expression
Wolfgang Bumiller [Thu, 25 Aug 2016 08:41:04 +0000 (10:41 +0200)]
bump version to 2.6.1-2
Wolfgang Bumiller [Thu, 25 Aug 2016 08:17:46 +0000 (10:17 +0200)]
pull in some stable hotfixes
Wolfgang Bumiller [Mon, 22 Aug 2016 09:57:50 +0000 (11:57 +0200)]
bump version to 2.6.1
Wolfgang Bumiller [Mon, 22 Aug 2016 10:26:56 +0000 (12:26 +0200)]
various CVE fixes
CVE-2016-6833: net: vmxnet3: check for device_active before write
CVE-2016-6834: net: check fragment length during fragmentation
CVE-2016-6835: net: vmxnet: check IP header length
CVE-2016-6836: net: vmxnet: initialise local tx descriptor
CVE-2016-6888: net: vmxnet: use g_new for pkt initialisation
Wolfgang Bumiller [Mon, 22 Aug 2016 09:53:04 +0000 (11:53 +0200)]
rebase patches onto 2.6.1
Wolfgang Bumiller [Mon, 22 Aug 2016 09:48:18 +0000 (11:48 +0200)]
remove patches already in 2.6.1 upstream
Wolfgang Bumiller [Mon, 1 Aug 2016 12:24:42 +0000 (14:24 +0200)]
Fix CVE-2016-6490: virtio: check vring descriptor buffer length
Thomas Lamprecht [Tue, 26 Jul 2016 09:51:38 +0000 (11:51 +0200)]
disable libnfs abd fdt when configuring the kvm build
Else they will be included if a build machine has the respective
packages installed.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Tue, 26 Jul 2016 09:51:37 +0000 (11:51 +0200)]
fix various CVEs
For upstream commits
926cde5f3e4d2504ed161ed0 and
cc96677469388bad3d664793 is no CVE number assigned yet.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Alexandre Derumier [Mon, 1 Aug 2016 06:51:02 +0000 (08:51 +0200)]
enable cache=unsafe for vma extract_content and qmp_savevm_start
We don't send any flush here, so we need to open with cache=unsafe.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Mon, 1 Aug 2016 06:51:01 +0000 (08:51 +0200)]
rbd : disable cache_writethtrough_until_flush with cache=unsafe
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Wolfgang Bumiller [Mon, 4 Jul 2016 13:11:50 +0000 (15:11 +0200)]
update to qemu 2.6.0; bump version to 2.6
Wolfgang Bumiller [Tue, 28 Jun 2016 13:16:25 +0000 (15:16 +0200)]
buildsys: add phony deb target, make ${DEBS} non-phony
Wolfgang Bumiller [Mon, 4 Jul 2016 13:09:36 +0000 (15:09 +0200)]
buildsys: turned git-revert into patch; using --depth=1
Makes 'make download' much less of a waste of time, space
and traffic.
Thomas Lamprecht [Fri, 1 Jul 2016 15:26:02 +0000 (17:26 +0200)]
remove patches which got into upstream
They were remove from patches/series in the previous commit.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 1 Jul 2016 15:26:01 +0000 (17:26 +0200)]
update to qemu 2.6.0
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Cc: Wolfgang Bumiller <w.bumiller@proxmox.com>
Dominik Csapak [Wed, 22 Jun 2016 07:33:51 +0000 (09:33 +0200)]
fix #406: add qemu-utils to conflicts
since we ship the same binaries as qemu-utils
(such as qemu-nbd or qemu-img)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dietmar Maurer [Tue, 31 May 2016 16:04:56 +0000 (18:04 +0200)]
bump version to 2.5-19
Wolfgang Bumiller [Tue, 31 May 2016 14:33:32 +0000 (16:33 +0200)]
fix various CVEs
CVE-2016-5105: scsi: megasas: initialise local configuration data buffer
CVE-2016-5106: scsi: megasas: use appropriate property buffer size
CVE-2016-5107: scsi: megasas: check 'read_queue_head' index value
CVE-2016-5126: block/iscsi: avoid potential overflow of acb->task->cdb
CVE-2016-4454:
vmsvga: move fifo sanity checks to vmsvga_fifo_length
vmsvga: add more fifo checks
vmsvga: shadow fifo registers
CVE-2016-4453:
vmsvga: don't process more than 1024 fifo commands at
Dietmar Maurer [Tue, 24 May 2016 15:15:37 +0000 (17:15 +0200)]
bump version to 2.5-18
Wolfgang Bumiller [Tue, 24 May 2016 10:50:03 +0000 (12:50 +0200)]
Fix CVE-2016-4952
scsi: pvscsi: check command descriptor ring buffer size
Dietmar Maurer [Tue, 17 May 2016 10:51:33 +0000 (12:51 +0200)]
bump version to 2.5-17
Thomas Lamprecht [Tue, 17 May 2016 10:38:04 +0000 (12:38 +0200)]
add fix for freezing win7 with VGA #991
This fixes the issue for SeaBIOS, UEFI (OVMF) still has problems.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dietmar Maurer [Tue, 10 May 2016 07:56:41 +0000 (09:56 +0200)]
remobe partch CVE-2016-4037-ehci-apply-limit-to-iTD-sidt-descriptors.patch
now upstream.
Dietmar Maurer [Tue, 10 May 2016 07:53:50 +0000 (09:53 +0200)]
update to qemu 2.5.1.1, bump version to 2.5-16
Dietmar Maurer [Fri, 29 Apr 2016 06:56:10 +0000 (08:56 +0200)]
bump version to 2.5-15
Wolfgang Bumiller [Thu, 28 Apr 2016 12:00:59 +0000 (14:00 +0200)]
Fix #932: passing BDRV_O_PROTOCOL breaks qcow2 on gluster
Passing BDRV_O_PROTOCOL causes qemu to open protocol based
paths as raw. This fails for our storage when using
glusterfs because we can use qcow2 files on there.
This also causes vma to refuse to write to them as the
expected size (the one the qcow2 was created for) does not
match the recognized file size (the size of the file
itself). (Which is good because it means the files should
not have been accessed via the wrong format backend by
accident.)
The reason for passing it was to deal with format probing
when using RBD without KRBD.
As described in the patch commit: we now provide a way to
specify the format explicitly and thereby follow qemu with
deprecating automatic guessing of raw formats.
This re-enables the raw-probing warning for non-krbd ceph
storages which now has to be addressed by passing the format
to the map fifo in PVE::QemuServer::restore_vma_archive().
Dietmar Maurer [Tue, 26 Apr 2016 13:44:35 +0000 (15:44 +0200)]
bump version to 2.5-14, set RELEASE=4.2
Wolfgang Bumiller [Mon, 25 Apr 2016 13:08:05 +0000 (15:08 +0200)]
Fix CVE-2016-4037
usb: Infinite loop vulnerability in usb_ehci using siTD process
Dietmar Maurer [Thu, 14 Apr 2016 15:07:13 +0000 (17:07 +0200)]
bump version to 2.5-13
Wolfgang Bumiller [Thu, 14 Apr 2016 13:17:21 +0000 (15:17 +0200)]
Fix 'i386: leakage of stack memory to guest in kvmvapic.c'
Dietmar Maurer [Wed, 13 Apr 2016 06:47:29 +0000 (08:47 +0200)]
bump version to 2.5-12
Wolfgang Bumiller [Tue, 12 Apr 2016 12:06:03 +0000 (14:06 +0200)]
Fix #934: assume raw for /dev paths in vma extract
Dietmar Maurer [Fri, 1 Apr 2016 10:03:14 +0000 (12:03 +0200)]
update changelog
Wolfgang Bumiller [Fri, 1 Apr 2016 08:18:34 +0000 (10:18 +0200)]
Added: target-i386: do not read/write MSR_TSC_AUX from KVM if CPUID
Fixes a freezing problelm when migrating from older qemu.
Dietmar Maurer [Fri, 1 Apr 2016 08:09:59 +0000 (10:09 +0200)]
bump version to 2.5-11
Dietmar Maurer [Fri, 1 Apr 2016 08:08:58 +0000 (10:08 +0200)]
add qemu 2.5.1 sources
Wolfgang Bumiller [Fri, 1 Apr 2016 07:56:26 +0000 (09:56 +0200)]
update to 2.5.1
And removing the now unnecessary patches.
Dietmar Maurer [Mon, 21 Mar 2016 08:48:11 +0000 (09:48 +0100)]
bump version to 2.5-10
Wolfgang Bumiller [Fri, 18 Mar 2016 11:17:39 +0000 (12:17 +0100)]
add the zeroinit block driver filter
Dietmar Maurer [Mon, 7 Mar 2016 16:08:42 +0000 (17:08 +0100)]
bump version to 2.5-9
Wolfgang Bumiller [Mon, 7 Mar 2016 10:07:17 +0000 (11:07 +0100)]
Fix CVE-2016-2841, CVE-2016-2857, CVE-2016-2858
CVE-2016-2841: net: ne2000: check ring buffer control registers
CVE-2016-2857: net: check packet payload length
CVE-2016-2858: rng: add request queue support to rng-random
Dietmar Maurer [Wed, 24 Feb 2016 15:28:56 +0000 (16:28 +0100)]
bump version to 2.5-8
Wolfgang Bumiller [Wed, 24 Feb 2016 12:56:30 +0000 (13:56 +0100)]
Fix CVE-2016-2538
usb: check RNDIS message length
usb: check RNDIS buffer offsets & length
Wolfgang Bumiller [Wed, 24 Feb 2016 12:56:16 +0000 (13:56 +0100)]
vma: better driver guessing for bdrv_open
Dietmar Maurer [Fri, 19 Feb 2016 08:32:29 +0000 (09:32 +0100)]
bump version to 2.5-7
Alexandre Derumier [Fri, 19 Feb 2016 08:13:13 +0000 (09:13 +0100)]
add fw_cfg-unbreak-migration-compatibility-for-2.4 patch
This should fix migration from qemu 2.5 (machine 2.4) to qemu 2.4
http://lists.nongnu.org/archive/html/qemu-devel/2016-02/msg04310.html
https://forum.proxmox.com/threads/cant-live-migrate-after-dist-upgrade.26097/
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Thu, 18 Feb 2016 08:45:04 +0000 (09:45 +0100)]
bump version to 2.5-6
Wolfgang Bumiller [Wed, 17 Feb 2016 10:25:37 +0000 (11:25 +0100)]
Fix CVE-2016-2392
usb: check USB configuration descriptor object
Wolfgang Bumiller [Tue, 16 Feb 2016 15:18:55 +0000 (16:18 +0100)]
Fix CVE-2016-2391: usb: ohci avoid multiple eof timers
Dietmar Maurer [Mon, 8 Feb 2016 10:38:38 +0000 (11:38 +0100)]
bump version to 2.5-5
Wolfgang Bumiller [Mon, 8 Feb 2016 07:40:19 +0000 (08:40 +0100)]
Fix #885: vma-writer: don't bail out on zero length files
Dietmar Maurer [Mon, 1 Feb 2016 16:16:36 +0000 (17:16 +0100)]
bump version to 2.5-4
Wolfgang Bumiller [Mon, 1 Feb 2016 09:57:25 +0000 (10:57 +0100)]
Fix CVE-2016-2197 and CVE-2016-2198
CVE-2016-2197: ide: ahci: add check before calling dma_memory_unmap
CVE-2016-2198: usb: ehci: add capability mmio write function
Dietmar Maurer [Fri, 22 Jan 2016 08:09:53 +0000 (09:09 +0100)]
bump version to 2.5-3
Wolfgang Bumiller [Fri, 22 Jan 2016 07:54:49 +0000 (08:54 +0100)]
Fix CVE-2016-1981
e1000: eliminate infinite loops on out-of-bounds transfer start
Dietmar Maurer [Wed, 20 Jan 2016 07:41:16 +0000 (08:41 +0100)]
bump version to 2.5-2
Wolfgang Bumiller [Mon, 18 Jan 2016 10:21:29 +0000 (11:21 +0100)]
Added CVE-2016-1922 and tlscreds use-after-free fix
vnc: clear vs->tlscreds after unparenting it
CVE-2016-1922: i386: avoid null pointer dereference
Wolfgang Bumiller [Mon, 18 Jan 2016 10:21:28 +0000 (11:21 +0100)]
bump version to 2.5
--disable-smartcard-nss is now --disable-smartcard
--enable-vnc-tls is gone
--enable-gnutls was added instead
Wolfgang Bumiller [Mon, 18 Jan 2016 10:21:27 +0000 (11:21 +0100)]
adding 2.5 pve patches and left-over extra fixes
Wolfgang Bumiller [Mon, 18 Jan 2016 10:21:26 +0000 (11:21 +0100)]
moving all old patches to the old/ directory
Wolfgang Bumiller [Mon, 11 Jan 2016 08:52:18 +0000 (09:52 +0100)]
Two more fixes
New version for CVE-2015-8619:
hmp: fix sendkey out of bounds write (CVE-2015-8619)
And:
CVE-2016-1568: ide: ahci: reset ncq object to unused on error
Dietmar Maurer [Mon, 11 Jan 2016 14:23:40 +0000 (15:23 +0100)]
bump version to 2.4-21
Wolfgang Bumiller [Mon, 11 Jan 2016 08:51:27 +0000 (09:51 +0100)]
close #849: iproute is a transitional package for iproute2
Dietmar Maurer [Fri, 8 Jan 2016 11:43:42 +0000 (12:43 +0100)]
bump version to 2.4-20
Wolfgang Bumiller [Fri, 8 Jan 2016 09:21:53 +0000 (10:21 +0100)]
Removing wrong CVE-2015-8619
It's not required and breaks 'sendkey' of combined keys such
as "ctrl-f1".