rpms/qemu
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
767 Commits 47 Branches 218 Tags 8.8 MiB
16769836d7
Commit Graph

674 Commits

Author SHA1 Message Date
Daniel P. Berrange
ac5e33cbfe Remove iasl dep on big endian arches 
iasl is still broken for QEMU usage on big endian

https://bugzilla.redhat.com/show_bug.cgi?id=1332449

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-10-12 09:37:20 +01:00
Daniel P. Berrange
a8c6008b7d Add patches from git master to fix TLS test suite with new GNUTLS 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-10-12 09:26:40 +01:00
Daniel P. Berrange
9acefb8589 Rebuild for libiscsi changed soname again 
The previous rebuild was sent to builders before the build root had
updated to pull in the new libiscsi, so it just built with the old
libiscsi again.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-10-09 10:29:00 +01:00
Paolo Bonzini
4b7bd99c46 Rebuild with new libiscsi for iSER support 2017-10-03 17:36:43 +02:00
Paolo Bonzini
fd8ba3896b Stop using tcmalloc, glibc got faster 2017-09-28 15:14:19 +02:00
Paolo Bonzini
0fb2b27d3a Backport persistent reservation manager in preparation for SELinux work 2017-09-22 16:47:53 +02:00
Nathaniel McCallum
98b428ff80 Fix endianness of e_type in the ppc64le binfmt 2017-09-18 16:27:33 -04:00
Cole Robinson
0b42e7fc18 Rebase to 2.10.0 GA 2017-09-07 16:08:24 -04:00
Nathaniel McCallum
3b6c813012 Fix incorrect byte order in e_machine field in ppc64le binfmt (#1486379) 2017-08-29 12:59:07 -04:00
Cole Robinson
45cb87a59c Fix changelog 2017-08-25 18:14:00 -04:00
Cole Robinson
5264c6a895 Rebase to 2.10.0-rc4 2017-08-25 18:13:05 -04:00
Adam Williamson
c2f33c885f Don't build against rdma on 32-bit ARM (#1484155) 2017-08-22 17:39:41 -07:00
Cole Robinson
14cfc78b3c Rebase to 2.10.0-rc3 2017-08-16 17:38:41 -04:00
Cole Robinson
0323a03914 Remove /dev/kvm udev rules, systemd now provides them (bz #1431876) 2017-08-03 17:33:01 -04:00
Cole Robinson
1a4355e536 Rebase to 2.10.0-rc1 2017-08-03 10:14:19 -04:00
Florian Weimer
26c1ceeaa3 Rebuild with fixed binutils for ppc64le (#1475636) 2017-07-30 15:53:03 +02:00
Daniel P. Berrange
6e16c07206 Re-enable ceph on i386 as build is now fixed (rhbz #1474773) 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-07-26 11:42:02 +01:00
Daniel P. Berrange
a3b9d99ab2 Disabled RBD on i386, arm, ppc64 (rhbz #1474743) 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-07-26 11:40:17 +01:00
Daniel P. Berrange
a949744f38 Replace obsolete ceph-devel dep with librbd1-devel/librados2-devel 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-07-25 09:44:33 +01:00
Daniel P. Berrange
20b2275a19 Rebuild for changed rbd soname 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-07-25 09:35:08 +01:00
Nathaniel McCallum
22c2909bc1 Restrict user-static to user-static builds 2017-07-20 11:51:59 -04:00
Nathaniel McCallum
f73c470a02 Cleanup binfmt deps/scripts; add binfmt for ppc64le 2017-07-20 10:42:28 -04:00
Daniel P. Berrange
1e96c68c3d Fixes for compat with Xen 4.9 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-07-19 12:26:23 +01:00
Nathaniel McCallum
cf6afbb855 Fix invalid ucontext_t references 2017-07-18 21:27:57 -04:00
Daniel P. Berrange
895ba8da7d Rebuild for changed Xen sonames 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-07-18 15:28:08 +01:00
Cole Robinson
335584f502 CVE-2017-8112: vmw_pvscsi: infinite loop in pvscsi_log2 (bz #1445622) 
CVE-2017-8309: audio: host memory lekage via capture buffer (bz #1446520)
CVE-2017-8379: input: host memory lekage via keyboard events (bz #1446560)
CVE-2017-8380: scsi: megasas: out-of-bounds read in megasas_mmio_write (bz #1446578)
CVE-2017-7493: 9pfs: guest privilege escalation in virtfs mapped-file mode (bz #1451711)
CVE-2017-9503: megasas: null pointer dereference while processing megasas command (bz #1459478)
CVE-2017-10806: usb-redirect: stack buffer overflow in debug logging (bz #1468497)
CVE-2017-9524: nbd: segfault due to client non-negotiation (bz #1460172)
CVE-2017-10664: qemu-nbd: server breaks with SIGPIPE upon client abort (bz #1466192)
 2017-07-13 16:21:40 -04:00
Richard W.M. Jones
5eae33f189 Bump release and rebuild to try to fix _ZdlPvm symbol (see RHBZ#1452813). 2017-05-22 09:56:26 +01:00
Cole Robinson
faa9df96ad Fix fedpkg verrel 2017-04-25 16:17:05 -04:00
Cole Robinson
33f79e5eb1 Rebase to qemu-2.9.0 GA 2017-04-25 16:03:50 -04:00
Cole Robinson
514d6bc543 Rebase to qemu-2.9.0-rc4 
Fix ipxe rom links for aarch64
 2017-04-13 19:28:05 -04:00
Richard W.M. Jones
5dd6a73c80 Backport upstream fix for assertion when copy-on-read=true (RHBZ#1439922). 2017-04-08 09:39:38 +01:00
Cole Robinson
74c0a82292 Rebase to qemu-2.9.0-rc3 2017-04-04 18:27:53 -04:00
Cole Robinson
0db3257f1a Rebase to qemu-2.9.0-rc2 
Add Obsoletes for or32-or1k rename (bz 1435016)
 2017-03-29 13:54:10 -04:00
Cole Robinson
996634350a spec: Pull in vga and pxe roms for ppc64 (bz 1431403) 2017-03-29 13:03:29 -04:00
Cole Robinson
1db5811d26 Rebase to qemu-2.9.0-rc1 2017-03-21 18:42:44 -04:00
Cole Robinson
1c7073d8dd Rebase to qemu-2.9.0-rc0 2017-03-15 14:03:33 -04:00
Daniel P. Berrange
6a041ef569 Drop texi2html BR, since QEMU switched to using makeinfo back in 2010 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2017-02-20 17:49:12 +00:00
Fedora Release Engineering
c1f9c0e4d7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-11 11:12:06 +00:00
Cole Robinson
8b317f0917 Rebase to qemu-2.8.0 GA 2016-12-20 16:17:18 -05:00
Cole Robinson
50bb158a7a Rebase to qemu-2.8.0-rc3 2016-12-12 16:04:42 -05:00
Daniel P. Berrange
8288677cfa Rebuild for libxen* soname changes 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2016-12-08 14:17:33 +00:00
Cole Robinson
17a6dacdca Remove --disable-xfsctl option, no longer explicitly required 
It was added at one point to work around temporarily broken
xfsprogs-devel
 2016-12-05 11:57:27 -05:00
Cole Robinson
84eeb10ee8 spec: Share common configure options between static/standard builds 2016-12-05 11:57:27 -05:00
Cole Robinson
151958b44b Rebase to qemu-2.8.0-rc2 2016-12-05 11:57:27 -05:00
Cole Robinson
3bbbcdcb07 Kill changelog entries prior to 2015 2016-12-05 10:45:56 -05:00
Cole Robinson
6f55752c5f Depend on vte291, not vte3 
vte3 is stuck at a certain version, vte291 is actually where new vte
versions are packaged. Yes, that's confusing.
 2016-12-05 10:45:56 -05:00
Paolo Bonzini
b68b5fed43 Do not build aarch64 with -fPIC anymore (rhbz 1232499) 
This seems to be unnecessary now (tested with kvm-unit-tests on aarch64
F25).
 2016-11-28 15:47:34 +01:00
Nathaniel McCallum
0583426e3d Clean up binfmt.d configuration files 
In particular, I performed the following changes:

1. Add the (missing) aarch64 configuration.

2. Mask out e_ident[EI_OSABI]. A single OS can have multiple values
   here. We just pass them all to qemu. I personally ran into this issue
   (where filtering was too strict) on ppc64.

3. Mask out e_ident[EI_ABIVERSION]. On Linux, this value is ignored.

4. Mask out e_ident[EI_PAD]. The current check insists they are zero
   when they are, in fact, undefined.

5. Don't mask any bits for e_ident[EI_VERSION]. We want an exact match
   on this since there has only ever been one version. However, alpha, i386
   and i486 were masking out the least significant bit.

6. Don't mask any bits for e_ident[EI_DATA]. You can't mask out bits for
   endianness because it controls the byte order of later bytes in the
   binfmt match (starting at offset 0x10). So you can never have a rule
   which works with bits masked out on this field. However, alpha, i386 and
   i486 were masking out the least significant bit.
 2016-11-15 10:33:03 -05:00
Richard W.M. Jones
820948cb49 Fix qemu-sanity-check. 2016-11-14 14:37:49 +00:00
Richard W.M. Jones
ecbe006bda Create subpackages for modularized qemu block drivers (RHBZ#1393688). 2016-11-14 14:37:15 +00:00
Cole Robinson
8a588691e2 Fix PPC64 build with memlock file (bz #1387601) 2016-10-25 10:18:57 -04:00
Bastien Nocera
b8878c0ca6 Add "F" flag to static user emulators' binfmt, to make them 
available in containers (#1384615)
- Also fixes the path of those emulators in the binfmt configurations
 2016-10-19 19:19:36 +02:00
Cole Robinson
cf816402f7 Fix nested PPC 'Unknown MMU model' error (bz #1374749) 
Fix flickering display with boxes + wayland VM (bz #1266484)
Add ppc64 kvm memlock file (bz #1293024)
 2016-10-19 13:17:38 -04:00
Cole Robinson
d19693d908 Add ppc64 kvm memlock file (bz 1293024) 2016-10-19 12:23:45 -04:00
Cole Robinson
8dd6b5e9c8 spec: Use power64 macro consistently 2016-10-19 12:17:47 -04:00
Cole Robinson
3a13ddd514 CVE-2016-7155: pvscsi: OOB read and infinite loop (bz #1373463) 
CVE-2016-7156: pvscsi: infinite loop when building SG list (bz #1373480)
CVE-2016-7156: pvscsi: infinite loop when processing IO requests (bz #1373480)
CVE-2016-7170: vmware_vga: OOB stack memory access (bz #1374709)
CVE-2016-7157: mptsas: invalid memory access (bz #1373505)
CVE-2016-7466: usb: xhci memory leakage during device unplug (bz #1377838)
CVE-2016-7423: scsi: mptsas: OOB access (bz #1376777)
CVE-2016-7422: virtio: null pointer dereference (bz #1376756)
CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx (bz #1381193)
CVE-2016-8576: usb: xHCI: infinite loop vulnerability (bz #1382322)
CVE-2016-7995: usb: hcd-ehci: memory leak (bz #1382669)
 2016-10-15 22:24:48 -04:00
Hans de Goede
a2729a240b Fix interrupt endpoints not working with network/spice USB redirection 
on guest with an emulated xhci controller (rhbz#1382331)
 2016-10-10 10:50:30 +02:00
Michal Toman
504e25420b Fix build on MIPS 2016-09-21 09:29:36 +01:00
Cole Robinson
57dbb7a5be Don't depend on edk2 roms where they aren't available (bz 1373576) 2016-09-08 15:56:28 -04:00
Cole Robinson
435be3635e Rebase to qemu 2.7.0 GA 2016-09-08 15:52:09 -04:00
Cole Robinson
94ddf1cc6a Rebase to qemu 2.7.0-rc3 2016-08-19 09:20:37 -04:00
Daniel P. Berrange
d52607ebe6 Also disable static builds on ppc64 due to glibc fubarness 2016-08-17 09:47:57 +01:00
Cole Robinson
ef34be9e72 Rebase to qemu 2.7.0-rc2 
* kvm_stat was moved to the kernel tree
* trace-events renamed to trace-events-all
* several new pxe roms added
 2016-08-08 20:05:39 -04:00
Richard W.M. Jones
84e6ecadd9 Rebuild to attempt to fix '2:qemu-system-xtensa-2.6.0-5.fc25.x86_64 requires libxenctrl.so.4.6()(64bit)' 2016-07-23 16:37:42 +01:00
Daniel P. Berrange
d0bc223280 Add skip for s390x as well as s390 2016-07-15 14:28:04 +01:00
Daniel P. Berrange
9868109a5e Disable qemu-user-static on s390 too 2016-07-14 11:20:48 +01:00
Daniel P. Berrange
ecee1eccfe Add explicit BR on alsa-lib-devel 
Previously we'd get alsa-lib-devel pulled in by accident due to
dep from another package. Latest rawhide doesn't get this so we
must add the dep explicitly in QEMU.
 2016-07-13 15:08:58 +01:00
Daniel P. Berrange
a8a5dc38f8 Cat config.log when configure fails during build 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2016-07-13 15:08:17 +01:00
Daniel P. Berrange
9e71574671 Use precise version in obsoletes line 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2016-07-13 13:49:06 +01:00
Daniel P. Berrange
0835325a86 Introduce qemu-user-static sub-RPM 
The i686 build of this is temp disabled due to fubar
glibc-static on i686

The hardended build macro is disabled due to fubar
rpm macros for static linking while hardened, but
the equivalent hardening is turned on manually.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2016-07-13 13:42:21 +01:00
Cole Robinson
cf91b1dfd9 CVE-2016-4002: net: buffer overflow in MIPSnet (bz #1326083) 
CVE-2016-4952 scsi: pvscsi: out-of-bounds access issue
CVE-2016-4964: scsi: mptsas infinite loop (bz #1339157)
CVE-2016-5106: scsi: megasas: out-of-bounds write (bz #1339581)
CVE-2016-5105: scsi: megasas: stack information leakage (bz #1339585)
CVE-2016-5107: scsi: megasas: out-of-bounds read (bz #1339573)
CVE-2016-4454: display: vmsvga: out-of-bounds read (bz #1340740)
CVE-2016-4453: display: vmsvga: infinite loop (bz #1340744)
CVE-2016-5126: block: iscsi: buffer overflow (bz #1340925)
CVE-2016-5238: scsi: esp: OOB write (bz #1341932)
CVE-2016-5338: scsi: esp: OOB r/w access (bz #1343325)
CVE-2016-5337: scsi: megasas: information leakage (bz #1343910)
Fix crash with -nodefaults -sdl (bz #1340931)
Add deps on edk2-ovmf and edk2-aarch64
 2016-06-22 09:40:57 -04:00
Cole Robinson
f9730dab94 Add deps on fedora edk2-ovmf and edk2-aarch64 2016-06-22 08:22:36 -04:00
Cole Robinson
f0208c9e42 CVE-2016-4020: memory leak in kvmvapic.c (bz #1326904) 
CVE-2016-4439: scsi: esb: OOB write #1 (bz #1337503)
CVE-2016-4441: scsi: esb: OOB write #2 (bz #1337506)
Fix regression installing windows 7 with qxl/vga (bz #1339267)
Fix crash with aarch64 gic-version=host and accel=tcg (bz #1339977)
 2016-05-26 11:32:16 -04:00
Cole Robinson
f8dc431e37 Explicitly error if spice GL setup fails 
Fix monitor resizing with virgl (bz #1337564)
Fix libvirt noise when introspecting qemu-kvm without hw virt
 2016-05-20 16:36:01 -04:00
Cole Robinson
837eb7efa2 qemu: Clean up BuildRequires 
Drop outdated:
    nss-devel (old libcacard)
    rsync (no longer used)
    which (no longer used)
    pciutils-devel (no longer used)

Add libcap-ng-devel for extra qemu-bridge-helper restrictions
Document all BuildRequires
Separate buildsystem bits vs feature bits
 2016-05-15 14:52:29 -04:00
Cole Robinson
e200903264 Rebase to v2.6.0 GA 2016-05-13 14:18:07 -04:00
Cole Robinson
35faab4c45 Fix gtk UI crash when switching to monitor (bz #1333424) 
Fix sdl2 UI lockup lockup when switching to monitor
Rebased to qemu-2.6.0-rc5
 2016-05-09 13:36:06 -04:00
Cole Robinson
bc7ce050b0 Rebased to version 2.6.0-rc4 
Fix test suite on big endian hosts (bz 1330174)
 2016-05-02 16:08:20 -04:00
Cole Robinson
b455e4b103 Rebuild to pick up spice GL support 2016-04-25 09:01:59 -04:00
Cole Robinson
b0b55fdca8 Rebased to version 2.6.0-rc3 
Fix s390 sysctl file install (bz 1327870)
Adjust spice gl version check to expect F24 backported version
 2016-04-22 08:03:02 -04:00
Cole Robinson
6138a983a3 - Rebased to version 2.6.0-rc2 
- Fix GL deps (bz 1325966)
- Ship sysctl file to fix s390x kvm (bz 1290589)
- Fix FTBFS on s390 (bz 1326247)
 2016-04-14 18:48:51 -04:00
Cole Robinson
c752245c96 Ship sysctl file to fix s390x kvm (bz 1290589) 2016-04-14 18:46:31 -04:00
Cole Robinson
fa6cd1dad5 Fix GL deps (bz 1325966) 2016-04-14 18:34:08 -04:00
Cole Robinson
4097206ab3 Rebased to version 2.6.0-rc1 2016-04-07 13:00:29 -04:00
Cole Robinson
54cb1301c6 CVE-2016-2857: net: out of bounds read (bz #1309564) 
CVE-2016-2392: usb: null pointer dereference (bz #1307115)
 2016-03-17 13:45:47 -04:00
Peter Robinson
ae11374147 Rebuild for tcmalloc ifunc issues on non x86 arches (see rhbz 1312462) 2016-03-09 15:12:12 +00:00
Paolo Bonzini
43821749cc Disable xfsctl, fallocate works fine in newer kernels (bz #1305512) 2016-03-01 13:14:39 +01:00
Peter Robinson
73731f9ecd All Fedora arches have libseccomp support (ARMv7, aarch64, Power64, s390(x)) 2016-03-01 11:46:16 +00:00
Cole Robinson
7d975d9810 CVE-2015-8619: Fix sendkey out of bounds (bz #1292757) 
CVE-2016-1981: infinite loop in e1000 (bz #1299995)
Fix Out-of-bounds read in usb-ehci (bz #1300234, bz #1299455)
CVE-2016-2197: ahci: null pointer dereference (bz #1302952)
Fix gdbstub for VSX registers for ppc64 (bz #1304377)
Fix qemu-img vmdk images to work with VMware (bz #1299185)
 2016-02-15 17:05:41 -05:00
Fedora Release Engineering
95a588650f - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 21:38:06 +00:00
Cole Robinson
b24b7f1644 CVE-2015-8567: net: vmxnet3: host memory leakage (bz #1289818) 
CVE-2016-1922: i386: avoid null pointer dereference (bz #1292766)
CVE-2015-8613: buffer overflow in megasas_ctrl_get_info (bz #1284008)
CVE-2015-8701: Buffer overflow in tx_consume in rocker.c (bz #1293720)
CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bz #1294787)
CVE-2016-1568: Use-after-free vulnerability in ahci (bz #1297023)
Fix modules.d/kvm.conf example syntax (bz #1298823)
 2016-01-20 20:17:04 -05:00
Cole Robinson
78f4db5d1d Fix virtio 9p thread pool usage 
CVE-2015-8558: DoS by infinite loop in ehci_advance_state (bz #1291309)
Re-add dist tag
 2016-01-09 12:35:08 -05:00
Cole Robinson
2a77992272 spec: Re-add dist tag 2016-01-09 11:18:17 -05:00
Cole Robinson
e8a6e4f833 Replace %define usage with %global 2016-01-09 11:16:52 -05:00
Paolo Bonzini
c9396159e8 oops, it is now 2016 2016-01-07 21:07:39 +01:00
Paolo Bonzini
15489f4108 fix previous commit 2016-01-07 21:04:45 +01:00
Paolo Bonzini
0d5e9f6618 add 0001-virtio-9p-use-accessor-to-get-thread-pool.patch 2016-01-07 20:57:53 +01:00
Paolo Bonzini
dda6c386a5 add /etc/modprobe.d/kvm.conf 2016-01-07 20:57:53 +01:00
Cole Robinson
6176f1d7e2 Reabsed to version 2.5.0 2015-12-23 17:49:55 -05:00
Cole Robinson
89aacd5f7a Rebased to version 2.5.0-rc3 2015-12-08 10:29:09 -05:00
Cole Robinson
6baf84acf1 Rebased to version 2.5.0-rc2 2015-11-30 18:00:49 -05:00
Cole Robinson
191c302918 qemu 2.5.0 rc1 2015-11-20 22:24:11 -05:00
Cole Robinson
7bf1a680e6 Drop needless ksm dep on qemu-common 2015-11-20 21:04:54 -05:00
Cole Robinson
48e07c5c6e spec: code movement for clarity 
- Order packages consistently across sections
- Group all %post sections
 2015-11-18 10:28:10 -05:00
Cole Robinson
88b3793f29 2.5.0 rc0 wip 2015-11-18 10:20:33 -05:00
Cole Robinson
4f68392c26 Rebased to version 2.4.1 2015-11-04 15:48:36 -05:00
Cole Robinson
86d7b9f29b Rebuild for xen 4.6 2015-10-11 16:08:44 -04:00
Cole Robinson
b448bfad34 Rebased to version 2.4.0.1 
CVE-2015-7295: virtio-net possible remote DoS (bz #1264393)
drive-mirror: Fix coroutine reentrance (bz #1266936)
 2015-10-08 13:38:49 -04:00
Cole Robinson
1ae1f09f33 spec: Fix builddep on libepoxy 2015-09-29 17:09:48 -04:00
Cole Robinson
cf8819083b CVE-2015-6815: net: e1000: infinite loop issue (bz #1260225) 
CVE-2015-6855: ide: divide by zero issue (bz #1261793)
CVE-2015-5278: Infinite loop in ne2000_receive() (bz #1263284)
CVE-2015-5279: Heap overflow vulnerability in ne2000_receive() (bz #1263287)
 2015-09-21 18:01:46 -04:00
Richard W.M. Jones
c5e57685f9 Fix emulation of various instructions, required by libm in F22 ppc64 guests. 2015-09-20 10:23:16 +01:00
Cole Robinson
8211390ac8 CVE-2015-5255: heap memory corruption in vnc_refresh_server_surface (bz #1255899) 2015-08-31 20:18:31 -04:00
Cole Robinson
74717053dc Rebased to version 2.4.0 
Support for virtio-gpu, 2D only
Support for virtio-based keyboard/mouse/tablet emulation
x86 support for memory hot-unplug
ACPI v5.1 table support for 'virt' board
 2015-08-11 18:08:40 -04:00
Cole Robinson
d5417f465c Drop perl-Storable requires, texinfo rawhide is fixed now 2015-08-10 10:31:45 -04:00
Cole Robinson
6ac2a80eae Add temporary dep on perl-Storable 
see https://bugzilla.redhat.com/show_bug.cgi?id=1251766 for more info
 2015-08-09 15:07:58 -04:00
Cole Robinson
4c6dc5b3d6 CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536) 
CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)
CVE-2015-5158: scsi stack buffer overflow (bz #1246025)
CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)
CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)
CVE-2015-5166: BlockBackend object use after free issue (bz #1249758)
CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)
 2015-08-09 13:08:31 -04:00
Cole Robinson
de4550957e Rebased to v2.4.0-rc0 2015-07-14 17:12:37 -04:00
Richard W.M. Jones
61ce511be4 Bump and rebuild. 2015-07-03 19:23:12 +01:00
Richard W.M. Jones
74ab99f1a6 Revert "Enable -fPIC and -fPIE on every architecture (rhbz 1232499)." 
This reverts commit 77b7d81b2b.

See https://bugzilla.redhat.com/show_bug.cgi?id=1232499#36
 2015-07-03 19:20:51 +01:00
Richard W.M. Jones
77b7d81b2b Enable -fPIC and -fPIE on every architecture (rhbz 1232499). 2015-07-03 18:45:22 +01:00
Daniel P. Berrange
bcb37b2ec0 Fix conditional in previous commit 2015-07-03 17:22:51 +01:00
Daniel P. Berrange
d4803feead Use explicit --(enable,disable)-spice args (rhbz #1239102) 2015-07-03 15:02:57 +01:00
Peter Robinson
1ec8e52bb2 Build aarch64 with -fPIC (rhbz 1232499) 2015-07-02 16:32:23 +01:00
Peter Robinson
806ecbe49c Disable stack protection for AArch64. F23's GCC thinks that it is available but F23's glibc does not support it. 2015-07-01 11:26:59 +01:00
Paolo Bonzini
749c3c43c3 Rebuild for libiscsi soname bump 2015-06-26 11:10:12 +02:00
Paolo Bonzini
260c0ac680 Re-enable tcmalloc on arm 2015-06-19 12:03:04 +02:00
Dennis Gilmore
6626651b28 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-18 21:39:31 +00:00
Dan Horák
94a40ce774 - gperftools not available on s390(x) 2015-06-10 22:28:01 +02:00
Cole Robinson
6fc6504bd8 CVE-2015-4037: insecure temporary file use in /net/slirp.c (bz #1222894) 2015-06-05 19:55:57 -04:00
Cole Robinson
d43799b0b3 spec: Drop now unused kvm_target and kvm_archs globals 2015-06-05 18:21:57 -04:00
Daniel P. Berrange
7bf3158612 Fix conditional enablement of tcmalloc 
Opps, cant have comments in the middle of multi-line continuations.
 2015-06-01 14:43:36 +01:00
Daniel P. Berrange
aa972b9106 Disable broken tcmalloc on arm and re-enable tests 2015-06-01 14:12:15 +01:00
Cole Robinson
198e142c7d Disable _all_ tests on arm, since they are all currently hanging 2015-05-21 14:07:03 -04:00
Cole Robinson
31085aa400 Temporarily disable hanging test on arm 2015-05-20 16:51:14 -04:00
Cole Robinson
7c5a423647 Remove %autopatch macro from changelog 2015-05-13 23:15:28 -04:00
Cole Robinson
18eddd1631 Backport upstream 2.4 patch to link with tcmalloc, enable it 
CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz #1221152)
 2015-05-13 18:39:05 -04:00
Paolo Bonzini
af53ec630c Backport upstream 2.4 patch to link with tcmalloc, enable it 2015-05-13 15:33:19 +02:00
poma
343c57952d Fix ksm.service (bz 1218814) 2015-05-06 12:52:09 -04:00
Dan Horák
5059f25c8e - Require libseccomp only when built with it 2015-05-05 17:03:52 +02:00
Cole Robinson
41aca9586f Rebased to version 2.3.0 GA 
Another attempt at fixing default /dev/kvm permissions (bz 950436)
 2015-04-27 13:33:41 -04:00
Cole Robinson
b26fb5a551 qemu: Drop kvm.modules 
Looked into this because recent packaging changes broke kvm.modules
installation, see https://bugzilla.redhat.com/show_bug.cgi?id=1212328

But nowadays this isn't even required I don't think. According to
comments here:

https://bugzilla.redhat.com/show_bug.cgi?id=963198

The reason for shipping it is missing devname:kvm for ppc and s390 kvm
modules. But those have been in upstream kernel.git since late 2013,
so it should be safe to drop entirely.
 2015-04-16 09:11:00 -04:00
Cole Robinson
9b9ad7bb74 Rebased to version 2.3.0-rc3 2015-04-14 14:51:42 -04:00
Cole Robinson
c61e67e86b Rebased to version 2.3.0-rc2 
Don't install ksm services as executable (bz #1192720)
Skip hanging tests on s390 (bz #1206057)
CVE-2015-1779 vnc: insufficient resource limiting in VNC websockets decoder
(bz #1205051, bz #1199572)
 2015-04-03 10:21:46 -04:00
Cole Robinson
c2770435bf Big specfile cleanup 
- Drop all the crazy kvmonly and separate_kvm bits
- Drop outdates conditionals
- Drop old style things like defattr and RPM_BUILD_ROOT
- Readability improvements
 2015-03-27 17:08:26 -04:00
Cole Robinson
355b03ef5c Rebased to version 2.3.0-rc1 2015-03-25 08:48:20 -04:00
Cole Robinson
8055ee2da9 Rebase to qemu-2.3.0-rc0 2015-03-22 11:06:24 -04:00
Richard W.M. Jones
5a454effcf Revert "- Enable seccomp on ARM (thanks: Peter Robinson)." 
This reverts commit 76a74e853f.

The upstream (qemu) configure script hard-codes x86 & x86-64,
so you cannot enable seccomp on arm yet.
 2015-02-17 15:07:06 +00:00
Richard W.M. Jones
76a74e853f - Enable seccomp on ARM (thanks: Peter Robinson). 2015-02-17 13:37:05 +00:00
Richard W.M. Jones
6c3741c276 - Add -fPIC flag to build to avoid 
'relocation R_X86_64_PC32 against undefined symbol' errors.
- Add a hopefully temporary hack so that -fPIC is used to build
  NSS files in libcacard.
 2015-02-17 13:35:59 +00:00
Richard W.M. Jones
391fb81c16 Add UEFI support for aarch64. 2015-02-04 15:54:41 +00:00