This bug was fixed in the package qemu - 1:9.2.0+ds-4ubuntu1

---------------
qemu (1:9.2.0+ds-4ubuntu1) plucky; urgency=medium

  * Merge with Debian unstable (LP: #2085275). Remaining changes:
    - qemu-kvm to systemd unit
      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
        hugepages and architecture specifics
      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
        qemu-kvm-init
      - d/qemu-system-common.install: install helper script
      - d/qemu-system-common.qemu-kvm.default: defaults for
        /etc/default/qemu-kvm
      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
    - Distribution specific machine type
      (LP 1304107 1621042 1776189 1761372 1761372 1776189)
      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
        types containing release versioned machine attributes
      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
    - d/p/u/lp2012763-maxcpus-too-low.patch: Bump max_cpus to 1024 on
      Jammy amd64 machine types.  (LP #2012763)
      [ Merged with the previous change. ]
    - Enable nesting by default
      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
        in qemu64 on amd
        [ No more strictly needed, but required for backward compatibility ]
    - tolerate ipxe size change on migrations to >=18.04 (LP 1713490)
      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
        reference 256k path
      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
        handle incoming migrations from former releases.
    - d/qemu-block-extra.postinst: Use latest Ubuntu's QEMU
      package version when deciding whether to invoke
      'deb-systemd-helper purge'.
    - d/control-in: Disable B-D on qemu-system-data.
    - d/rules: Export DEB_BUILD_PROFILES with
      pkg.qemu.use-upstream-vdso when building on non-amd64 architectures.
  * Drop changes:
    - d/rules: Temporarily disable generation of u-boot-sam460ex due
      to LP 2077036.
      [ Not needed. ]
    - d/rules: Reinstate u-boot-sam460ex rules.
    - d/rules: Unset ELF_PACKAGE_METADATA when building ROMs.
      (LP #2077431, #2077036)
      [ Incorporated by Debian. ]
    - d/p/u/lp2028964-add-support-sierra-forest.patch: Add support for
      Sierra Forest CPU model. (LP #2028964, #2077361)
      [ Incorporated upstream. ]
    - Fail gracefully when hotplugging a vCPU fails on PPC. (LP #2076587)
      + d/p/u/lp2076587-cpu-hotplug-crashes-guest-*.patch: Backport
        patches for upstream fix.
      [ Incorporated upstream. ]
    - SECURITY UPDATE: denial of service
      + debian/patches/CVE-2024-4693.patch: virtio-pci: Fix the use of
        an uninitialized irqfd
      + CVE-2024-4693
      [ Incorporated upstream. ]
    - SECURITY UPDATE: heap buffer overflow
      + debian/patches/CVE-2024-7730.patch: add max size bounds check in
        input cb
      + CVE-2024-7730
      [ Incorporated upstream. ]
    - d/p/u/lp-2091099-fix-9p-regression-cve-2023-2861.patch: Fix
      regression regarding CVE-2023-2861 affecting 9p filesystems.
      (LP #2091099)
      [ Incorporated by Debian. ]
    - d/rules: Revert move of helper binaries (qemu-bridge-helper,
      virtfs-proxy-helper, vhost-user-gpu) from /usr/lib/qemu/ to
      /usr/libexec/qemu/.  This was starting to cause breakages on other
      packages (libvirt, for example), and Debian went the same
      route.  This change can be dropped next cycle when QEMU is merged
      again.
      See https://salsa.debian.org/qemu-team/qemu/-/commit/f265f4788f
      for Debian's counterpart. (LP #2079870)
      [ Not needed anymore. ]
  * Add changes:
    - Disable upstream tests (due to impossibility of B-D on
      qemu-system-data).
      + d/control-in: Disable B-D on seabios.
      + d/rules: Add "nocheck" to DEB_BUILD_PROFILES.
    - d/p/u/fix-s390x-migration.patch: Fix s390x migration regression.

 -- Sergio Durigan Junior <[email protected]>  Thu, 23 Jan
2025 17:14:53 -0500

** Changed in: qemu (Ubuntu)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2861

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-4693

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-7730

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2085275

Title:
  Merge qemu from Debian unstable for plucky

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2085275/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to