Cole Robinson
aeebdca142
CVE-2015-7295: virtio-net possible remote DoS (bz #1264393 )
...
drive-mirror: Fix coroutine reentrance (bz #1266936 )
Fix udp socket 'localaddr' (bz #1268708 )
2015-10-08 13:39:40 -04:00
Cole Robinson
94d6f121d6
Fix emulation of various instructions, required by libm in F22 ppc64 guests
...
Re-add patches accidentally dropped in last build
2015-09-22 09:16:29 -04:00
Cole Robinson
a3fa63d2ce
Fix typo causing qemu-img to link against entire world (bz #1260996 )
...
CVE-2015-6815: net: e1000: infinite loop issue (bz #1260225 )
CVE-2015-6855: ide: divide by zero issue (bz #1261793 )
CVE-2015-5278: Infinite loop in ne2000_receive() (bz #1263284 )
CVE-2015-5279: Heap overflow vulnerability in ne2000_receive() (bz #1263287 )
Make block copy more stable (bz #1264416 )
Fix hang at start of live merge for large images (bz #1262901 )
2015-09-21 18:19:06 -04:00
Richard W.M. Jones
2273d40a00
Fix emulation of various instructions, required by libm in F22 ppc64 guests.
2015-09-20 10:24:27 +01:00
Daniel P. Berrange
ba1746053e
Fix typo causing qemu-img to link against entire world (bz #1260996 )
2015-09-08 12:43:15 +01:00
Cole Robinson
ab42d9f7d6
CVE-2015-5255: heap memory corruption in vnc_refresh_server_surface (bz #1255899 )
2015-08-31 19:59:32 -04:00
Cole Robinson
7fbffc1697
Rebased to version 2.3.1
2015-08-11 18:42:10 -04:00
Cole Robinson
cce96bf59a
Fix crash in qemu_spice_create_display (bz #1163047 )
...
Fix qemu-img map crash for unaligned image (bz #1229394 )
CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536 )
CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728 )
CVE-2015-5158: scsi stack buffer overflow (bz #1246025 )
CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141 )
CVE-2015-5166: BlockBackend object use after free issue (bz #1249758 )
CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160 )
CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755 )
2015-08-11 15:24:18 -04:00
Richard W.M. Jones
8f61459adc
Fix: qemu-img: error while compressing sector <NNN>: Input/output error (bz #1214855 )
2015-07-20 12:10:44 +01:00
Cole Robinson
d902376d84
CVE-2015-4037: insecure temporary file use in /net/slirp.c (bz #1222894 )
2015-06-05 19:37:46 -04:00
Cole Robinson
15d91eb086
CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz #1221152 )
2015-05-13 18:34:08 -04:00
poma
343c57952d
Fix ksm.service (bz 1218814)
2015-05-06 12:52:09 -04:00
Dan Horák
5059f25c8e
- Require libseccomp only when built with it
2015-05-05 17:03:52 +02:00
Cole Robinson
41aca9586f
Rebased to version 2.3.0 GA
...
Another attempt at fixing default /dev/kvm permissions (bz 950436)
2015-04-27 13:33:41 -04:00
Cole Robinson
b26fb5a551
qemu: Drop kvm.modules
...
Looked into this because recent packaging changes broke kvm.modules
installation, see https://bugzilla.redhat.com/show_bug.cgi?id=1212328
But nowadays this isn't even required I don't think. According to
comments here:
https://bugzilla.redhat.com/show_bug.cgi?id=963198
The reason for shipping it is missing devname:kvm for ppc and s390 kvm
modules. But those have been in upstream kernel.git since late 2013,
so it should be safe to drop entirely.
2015-04-16 09:11:00 -04:00
Cole Robinson
9b9ad7bb74
Rebased to version 2.3.0-rc3
2015-04-14 14:51:42 -04:00
Cole Robinson
c61e67e86b
Rebased to version 2.3.0-rc2
...
Don't install ksm services as executable (bz #1192720 )
Skip hanging tests on s390 (bz #1206057 )
CVE-2015-1779 vnc: insufficient resource limiting in VNC websockets decoder
(bz #1205051 , bz #1199572 )
2015-04-03 10:21:46 -04:00
Cole Robinson
c2770435bf
Big specfile cleanup
...
- Drop all the crazy kvmonly and separate_kvm bits
- Drop outdates conditionals
- Drop old style things like defattr and RPM_BUILD_ROOT
- Readability improvements
2015-03-27 17:08:26 -04:00
Cole Robinson
355b03ef5c
Rebased to version 2.3.0-rc1
2015-03-25 08:48:20 -04:00
Cole Robinson
6a451ba509
Remove unused patches
2015-03-22 12:17:06 -04:00
Cole Robinson
8055ee2da9
Rebase to qemu-2.3.0-rc0
2015-03-22 11:06:24 -04:00
Richard W.M. Jones
5a454effcf
Revert "- Enable seccomp on ARM (thanks: Peter Robinson)."
...
This reverts commit 76a74e853f
.
The upstream (qemu) configure script hard-codes x86 & x86-64,
so you cannot enable seccomp on arm yet.
2015-02-17 15:07:06 +00:00
Richard W.M. Jones
76a74e853f
- Enable seccomp on ARM (thanks: Peter Robinson).
2015-02-17 13:37:05 +00:00
Richard W.M. Jones
6c3741c276
- Add -fPIC flag to build to avoid
...
'relocation R_X86_64_PC32 against undefined symbol' errors.
- Add a hopefully temporary hack so that -fPIC is used to build
NSS files in libcacard.
2015-02-17 13:35:59 +00:00
Richard W.M. Jones
391fb81c16
Add UEFI support for aarch64.
2015-02-04 15:54:41 +00:00
Daniel P. Berrange
f287dc5662
Re-enable SPICE after previous build fixes circular dep
2015-02-03 14:05:24 +00:00
Daniel P. Berrange
fc57f44566
Stop libcacard linking against the entire world
2015-02-03 11:36:06 +00:00
Daniel P. Berrange
cad2bcb6a1
Temporarily disable SPICE to break circular build-dep on libcacard
2015-02-03 10:57:50 +00:00
Daniel P. Berrange
0716c2e68a
Rebuild for changed xen soname
2015-02-03 09:25:11 +00:00
Daniel P. Berrange
10fa62ffc3
Set pkgversion when running configure
2015-01-28 13:25:27 +00:00
Cole Robinson
c88cc7e403
Rebased to version 2.2.0
2014-12-09 16:25:38 -05:00
Cole Robinson
bd7b20725b
Add sources
2014-11-30 17:45:14 -05:00
Cole Robinson
1be48f0df6
Update to qemu-2.2.0-rc3
2014-11-30 17:19:56 -05:00
Cole Robinson
259393612c
Update to qemu-2.2.0-rc1
2014-11-15 20:39:24 -05:00
Cole Robinson
725f84b743
CVE-2014-7815 vnc: insufficient bits_per_pixel from the client sanitization (bz #1157647 , bz #1157641 )
...
CVE-2014-3689 vmware_vga: insufficient parameter validation in rectangle functions (bz #1153038 , bz #1153035 )
2014-10-29 15:58:32 -04:00
Daniel P. Berrange
145f8dccfa
Fix dep on numactl-devel to be build time not install time
...
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-10-24 16:38:01 +01:00
Cole Robinson
fbbbab2c57
Fix PPC virtio regression (bz #1144490 )
2014-10-06 12:32:22 -04:00
Dan Horák
215b584050
fix typo
2014-09-30 16:48:14 +02:00
Dan Horák
3a39bf78f1
add ppc64le to KVM arches
2014-09-30 16:46:25 +02:00
Cole Robinson
6c2b2d8a11
Fix date in changelog
2014-09-26 12:51:48 -04:00
Richard W.M. Jones
6ce0be8333
Add Requires seabios >= 1.7.5, otherwise Windows virtio booting does not work.
2014-09-26 16:56:20 +01:00
Cole Robinson
46f3a5c276
Rebased to version 2.1.2
...
CVE-2014-3640 qemu: slirp: NULL pointer (bz #1144821 , bz #1144818 )
2014-09-26 10:26:35 -04:00
Cole Robinson
e84b901375
Fix crash on migration/snapshot (bz #1144490 )
2014-09-21 12:42:19 -04:00
Ruben Kerkhof
2f5a0ef6e6
qemu: Fix building without usbredir
...
The comparison checks if have_usbredir is defined, which it always is.
Check if it's defined and set to 1 instead.
2014-09-15 10:51:00 +01:00
Cole Robinson
723d95470d
Rebased to version 2.1.1
...
CVE-2014-5388: out of bounds memory access (bz #1132962 , bz #1132956 )
CVE-2014-3615 crash when guest sets high resolution (bz #1139121 , bz #1139115 )
2014-09-11 15:58:04 -04:00
Richard W.M. Jones
87bbaebdd6
Remember to update Release field this time.
2014-09-03 11:28:38 +01:00
Richard W.M. Jones
f2a088a4af
Add upstream patches to:
...
* Fix crash in curl driver.
* Add curl timeout option.
* Add curl cookie option.
- Add upstream commit hashes to patches.
2014-09-03 11:27:07 +01:00
Alexey Kardashevskiy
d92cc55200
ppc64: Enable HV and PR KVM
...
Unlike other platforms, PPC64 supports 2 types of KVM:
1. PR KVM emulated in user space - works on every PPC64 platform, even on
old POWERMAC; does not require hypervisor-enabled host CPU (POWER5+ and
newer); does not require OPAL;
2. HV KVM - this requires hypervisor-enabled CPU and OPAL - i.e. recent
POWER7/8 CPUs running as a "powernv" platform only.
So PPC64 KVM is split into 3 kernel modules - kvm_pr, kvm_hv and kvm,
the latter contains bits of code common for both types of KVM.
Recent QEMU supports a "kvm-type" machine option and can instantiate
the requested type of KVM.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
2014-08-27 10:57:47 +01:00
Richard W.M. Jones
e144c654aa
Forgot to update Release field ...
2014-08-20 22:35:42 +01:00
Richard W.M. Jones
4ced99fb02
Add patch for aarch64 which uncompresses -kernel parameter (in arm.next).
2014-08-20 22:28:16 +01:00