Overview Repositories Revisions Requests Users Attributes Meta

Revisions of qemu

Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 13) 
Update to 2023 SLE Secure Boot certificate
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 12) 
- Fix bsc#1188609, bsc#1213925, bsc#1212850, bsc#1215311, bsc#1213210:
  * hw/display/ati_2d: Fix buffer overflow in ati_2d_blt (CVE-2021-3638)
  * virtio-crypto: verify src&dst buffer length for sym request (CVE-2023-3180)
  * io: remove io watch if TLS channel is closed during handshake (CVE-2023-3354)
  * [openSUSE] roms/ipxe: Backport 0aa2e4ec9635, in preparation of binutils 2.41
  * [openSUSE][RPM] pass -p1 to autosetup in qemu.spec
  * target/s390x: Fix the "ignored match" case in VSTRS
  * linux-user/elfload: Enable vxe2 on s390x
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 11) 
- Fix bsc#1213414, bsc#1207205, bsc#1212968, bsc#1179993,
  bsc#1181740, bsc#1213001
  * vhost-vdpa: do not cleanup the vdpa/vhost-net structures if peer nic is present (CVE-2023-3301)
  * hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller (CVE-2023-0330)
  * 9pfs: prevent opening special files (CVE-2023-2861)
  * hw/ide/piix: properly initialize the BMIBA register
  * ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
  * [openSUSE][OBS] Refine the OBS workflow for 15-SP5

- Fix bsc#1211000
- Patches added:
  * Run fstat asynchronously inside coroutines (bsc#1211000)
  * Allow bdrv_get_allocated_file_size to run in bdrv context (bsc#1211000)
  * Convert query-named-block-nodes to coroutine (bsc#1211000)
  * Convert query-block/info_block to coroutine (bsc#1211000)
  * block: Convert bdrv_get_allocated_file_size() to co_wrapper (bsc#1211000)
  * block-coroutine-wrapper.py: support also basic return types (bsc#1211000)
  * [openSUSE][RPM] Backport some spec-file improvements from Factory

- Fix bsc#bsc#1211697
* Patches added:
  smbios: sanitize type from external type before checking have_fields_bitmap (bsc#1211697)
  hw/smbios: fix field corruption in type 4 table (bsc#1211697) 
  linux-user: fill out task state in /proc/self/stat
  test-vmstate: fix bad GTree usage, use-after-free
  qemu/osdep: Switch position of "extern" and "G_NORETURN"

- Switch the packaging workflow to git, like the one we have in place
  already for Factory.
* Patches no longer present as patch files, but applied as commits:
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 10) 
- qtests test are not realiable when run inside OBS builders, so
  let's disable that part of the testsuite for now. There is work
  ongoing to run it somewhere else (on dedicated hosts) to avoid
  loosing coverage. (bsc#1204566)

- Improve dependency handling (e.g., what's recommended vs. what's
  required.
- Add a subpackage (qemu-headless) that brings in all the packages
  that are needed for creating VMs with tools like virt-install
  or VirtManager, run either locally or from a remote host.
  (bsc#1202166)

- Build fails due to exceeding 10 GB disk limit (10430 MB):
  raise disk space contraint to 12 GB

- Fixes bsc#1204082
* Patches added:
  block-io_uring-revert-Use-io_uring_regis.patch
- Due to change in where some documentation files are, if
  qemu-guest-agent is installed, we need to make sure we update it
  to our version (bsc#1203995)

- The links in the forsplit dirs, in each subpackage, born to deal with
  package & subpackage splitting, are not really used. In fact, they're
  "Provides:"-ed by a bunch of subpackages, but there's no "Requires:"
  for any of them. Let's just get rid of them.

- The old qemu-binfmt weappers around the various qemu-$ARCH Linux
  user emulation binaries (see, e.g., bsc#1186256) are not necessary
  any longer, and bsc#1143725 can now be considered fixed.
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 9)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 8) 
rpmlintrc: Ignore executable stack in firmware files
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 7)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 6)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 5)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 4) 
- SLOF: appended signature: Use SLE certificate in addition to project
  certificate for verification.

- ppc secure boot
  + 0001-use-PT_LOAD-constant.patch
  + 0002-calloc.patch
  + 0003-import-nayna-s-mbedtls.patch
  + 0004-mbedtls-fixups.patch
  + 0005-integrate-mbedtls.patch
  + 0006-appended-signature-infrastructure.patch
  + 0007-awful-hack-for-building.patch
  + 0008-Appended-signature-verification.patch
  + 0009-Update-mbedtls-to-support-multiple-signers.patch
  + 0010-update-for-new-mbedtls.patch
  + 0011-verify-ibm-secure-boot-property.patch
  + 0012-require-signed-binary-if-32bit-and-secureboot.patch
  + 0001-Create-fake-AIX-style-ibm-secureboot.patch
  + 0002-Create-fake-ibm-trusted-boot-property.patch
  + 0003-ppc-make-secure-boot-and-trusted-boot-mode-configura.patch
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 3)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 2)
Michal Suchanek's avatar Michal Suchanek (michals) committed (revision 1)
Displaying all 13 revisions
openSUSE Build Service is sponsored by
Places