Commit Graph

469 Commits

Author SHA1 Message Date
Cole Robinson
61dd8f57d1 Fix SSE4 emulation with accel=tcg (bz #1270703)
CVE-2015-8345: Fix infinite loop in eepro100 (bz #1285214)
CVE-2015-7504: Fix heap overflow in pcnet (bz #1286543)
CVE-2015-7512: Fix buffer overflow in pcnet (bz #1286549)
2015-12-07 14:03:07 -05:00
Cole Robinson
2e7b59e5fe Rebased to version 2.4.1 2015-11-04 15:39:41 -05:00
Cole Robinson
37b11e133b Rebased to version 2.4.0.1
CVE-2015-7295: virtio-net possible remote DoS (bz #1264393)
drive-mirror: Fix coroutine reentrance (bz #1266936)
2015-10-08 13:58:41 -04:00
Cole Robinson
628515809f spec: Fix builddep on libepoxy 2015-09-29 17:11:28 -04:00
Cole Robinson
08c84279b7 CVE-2015-6815: net: e1000: infinite loop issue (bz #1260225)
CVE-2015-6855: ide: divide by zero issue (bz #1261793)
CVE-2015-5278: Infinite loop in ne2000_receive() (bz #1263284)
CVE-2015-5279: Heap overflow vulnerability in ne2000_receive() (bz #1263287)
2015-09-21 18:21:02 -04:00
Richard W.M. Jones
62a7362da2 Fix emulation of various instructions, required by libm in F22 ppc64 guests.
(cherry picked from commit c5e57685f9)
2015-09-20 10:23:57 +01:00
Cole Robinson
8211390ac8 CVE-2015-5255: heap memory corruption in vnc_refresh_server_surface (bz #1255899) 2015-08-31 20:18:31 -04:00
Cole Robinson
74717053dc Rebased to version 2.4.0
Support for virtio-gpu, 2D only
Support for virtio-based keyboard/mouse/tablet emulation
x86 support for memory hot-unplug
ACPI v5.1 table support for 'virt' board
2015-08-11 18:08:40 -04:00
Cole Robinson
d5417f465c Drop perl-Storable requires, texinfo rawhide is fixed now 2015-08-10 10:31:45 -04:00
Cole Robinson
6ac2a80eae Add temporary dep on perl-Storable
see https://bugzilla.redhat.com/show_bug.cgi?id=1251766 for more info
2015-08-09 15:07:58 -04:00
Cole Robinson
4c6dc5b3d6 CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536)
CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)
CVE-2015-5158: scsi stack buffer overflow (bz #1246025)
CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)
CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)
CVE-2015-5166: BlockBackend object use after free issue (bz #1249758)
CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)
2015-08-09 13:08:31 -04:00
Cole Robinson
de4550957e Rebased to v2.4.0-rc0 2015-07-14 17:12:37 -04:00
Richard W.M. Jones
61ce511be4 Bump and rebuild. 2015-07-03 19:23:12 +01:00
Richard W.M. Jones
74ab99f1a6 Revert "Enable -fPIC and -fPIE on every architecture (rhbz 1232499)."
This reverts commit 77b7d81b2b.

See https://bugzilla.redhat.com/show_bug.cgi?id=1232499#36
2015-07-03 19:20:51 +01:00
Richard W.M. Jones
77b7d81b2b Enable -fPIC and -fPIE on every architecture (rhbz 1232499). 2015-07-03 18:45:22 +01:00
Daniel P. Berrange
bcb37b2ec0 Fix conditional in previous commit 2015-07-03 17:22:51 +01:00
Daniel P. Berrange
d4803feead Use explicit --(enable,disable)-spice args (rhbz #1239102) 2015-07-03 15:02:57 +01:00
Peter Robinson
1ec8e52bb2 Build aarch64 with -fPIC (rhbz 1232499) 2015-07-02 16:32:23 +01:00
Peter Robinson
806ecbe49c Disable stack protection for AArch64. F23's GCC thinks that it is available but F23's glibc does not support it. 2015-07-01 11:26:59 +01:00
Paolo Bonzini
749c3c43c3 Rebuild for libiscsi soname bump 2015-06-26 11:10:12 +02:00
Paolo Bonzini
260c0ac680 Re-enable tcmalloc on arm 2015-06-19 12:03:04 +02:00
Dennis Gilmore
6626651b28 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-18 21:39:31 +00:00
Dan Horák
94a40ce774 - gperftools not available on s390(x) 2015-06-10 22:28:01 +02:00
Cole Robinson
6fc6504bd8 CVE-2015-4037: insecure temporary file use in /net/slirp.c (bz #1222894) 2015-06-05 19:55:57 -04:00
Cole Robinson
d43799b0b3 spec: Drop now unused kvm_target and kvm_archs globals 2015-06-05 18:21:57 -04:00
Daniel P. Berrange
7bf3158612 Fix conditional enablement of tcmalloc
Opps, cant have comments in the middle of multi-line continuations.
2015-06-01 14:43:36 +01:00
Daniel P. Berrange
aa972b9106 Disable broken tcmalloc on arm and re-enable tests 2015-06-01 14:12:15 +01:00
Cole Robinson
198e142c7d Disable _all_ tests on arm, since they are all currently hanging 2015-05-21 14:07:03 -04:00
Cole Robinson
31085aa400 Temporarily disable hanging test on arm 2015-05-20 16:51:14 -04:00
Cole Robinson
7c5a423647 Remove %autopatch macro from changelog 2015-05-13 23:15:28 -04:00
Cole Robinson
18eddd1631 Backport upstream 2.4 patch to link with tcmalloc, enable it
CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz #1221152)
2015-05-13 18:39:05 -04:00
Paolo Bonzini
af53ec630c Backport upstream 2.4 patch to link with tcmalloc, enable it 2015-05-13 15:33:19 +02:00
poma
343c57952d Fix ksm.service (bz 1218814) 2015-05-06 12:52:09 -04:00
Dan Horák
5059f25c8e - Require libseccomp only when built with it 2015-05-05 17:03:52 +02:00
Cole Robinson
41aca9586f Rebased to version 2.3.0 GA
Another attempt at fixing default /dev/kvm permissions (bz 950436)
2015-04-27 13:33:41 -04:00
Cole Robinson
b26fb5a551 qemu: Drop kvm.modules
Looked into this because recent packaging changes broke kvm.modules
installation, see https://bugzilla.redhat.com/show_bug.cgi?id=1212328

But nowadays this isn't even required I don't think. According to
comments here:

https://bugzilla.redhat.com/show_bug.cgi?id=963198

The reason for shipping it is missing devname:kvm for ppc and s390 kvm
modules. But those have been in upstream kernel.git since late 2013,
so it should be safe to drop entirely.
2015-04-16 09:11:00 -04:00
Cole Robinson
9b9ad7bb74 Rebased to version 2.3.0-rc3 2015-04-14 14:51:42 -04:00
Cole Robinson
c61e67e86b Rebased to version 2.3.0-rc2
Don't install ksm services as executable (bz #1192720)
Skip hanging tests on s390 (bz #1206057)
CVE-2015-1779 vnc: insufficient resource limiting in VNC websockets decoder
(bz #1205051, bz #1199572)
2015-04-03 10:21:46 -04:00
Cole Robinson
c2770435bf Big specfile cleanup
- Drop all the crazy kvmonly and separate_kvm bits
- Drop outdates conditionals
- Drop old style things like defattr and RPM_BUILD_ROOT
- Readability improvements
2015-03-27 17:08:26 -04:00
Cole Robinson
355b03ef5c Rebased to version 2.3.0-rc1 2015-03-25 08:48:20 -04:00
Cole Robinson
8055ee2da9 Rebase to qemu-2.3.0-rc0 2015-03-22 11:06:24 -04:00
Richard W.M. Jones
5a454effcf Revert "- Enable seccomp on ARM (thanks: Peter Robinson)."
This reverts commit 76a74e853f.

The upstream (qemu) configure script hard-codes x86 & x86-64,
so you cannot enable seccomp on arm yet.
2015-02-17 15:07:06 +00:00
Richard W.M. Jones
76a74e853f - Enable seccomp on ARM (thanks: Peter Robinson). 2015-02-17 13:37:05 +00:00
Richard W.M. Jones
6c3741c276 - Add -fPIC flag to build to avoid
'relocation R_X86_64_PC32 against undefined symbol' errors.
- Add a hopefully temporary hack so that -fPIC is used to build
  NSS files in libcacard.
2015-02-17 13:35:59 +00:00
Richard W.M. Jones
391fb81c16 Add UEFI support for aarch64. 2015-02-04 15:54:41 +00:00
Daniel P. Berrange
f287dc5662 Re-enable SPICE after previous build fixes circular dep 2015-02-03 14:05:24 +00:00
Daniel P. Berrange
fc57f44566 Stop libcacard linking against the entire world 2015-02-03 11:36:06 +00:00
Daniel P. Berrange
cad2bcb6a1 Temporarily disable SPICE to break circular build-dep on libcacard 2015-02-03 10:57:50 +00:00
Daniel P. Berrange
0716c2e68a Rebuild for changed xen soname 2015-02-03 09:25:11 +00:00
Daniel P. Berrange
10fa62ffc3 Set pkgversion when running configure 2015-01-28 13:25:27 +00:00