qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [Qemu-devel] [ANNOUNCE] QEMU 3.1.1 Stable released
@ 2019-08-02 17:50 Michael Roth
  2019-08-02 17:59 ` Philippe Mathieu-Daudé
  0 siblings, 1 reply; 3+ messages in thread
From: Michael Roth @ 2019-08-02 17:50 UTC (permalink / raw)
  To: qemu-devel; +Cc: qemu-stable

Hi everyone,

I am pleased to announce that the QEMU v3.1.1 stable release is now
available:

You can grab the tarball from our download page here:

  https://www.qemu.org/download/#source

v3.1.1 is now tagged in the official qemu.git repository,
and the stable-3.1 branch has been updated accordingly:

  https://git.qemu.org/?p=qemu.git;a=shortlog;h=refs/heads/stable-3.1

This update contains a fix for CVE-2018-16872 (usb-mtp) and bug/security
fixes for a number of areas.

Please see the changelog for additional details and update accordingly.

Thank you to everyone involved!

CHANGELOG:

71049d2a74: Update version for 3.1.1 release (Michael Roth)
03d7712b4b: qemu-bridge-helper: restrict interface name to IFNAMSIZ (Prasad J Pandit)
4482258130: block: Fix hangs in synchronous APIs with iothreads (Kevin Wolf)
41dd30ff63: pvrdma: release ring object in case of an error (Prasad J Pandit)
a1001760ab: pvrdma: check return value from pvrdma_idx_ring_has_ routines (Prasad J Pandit)
2a0e6f1369: pvrdma: check number of pages when creating rings (Prasad J Pandit)
017f271f7a: device_tree: Fix integer overflowing in load_device_tree() (Markus Armbruster)
5149630fed: device_tree.c: Don't use load_image() (Peter Maydell)
59a823017a: sun4u: add power_mem_read routine (Prasad J Pandit)
3be7eb2f47: qxl: check release info object (Prasad J Pandit)
576964bf2a: seccomp: don't kill process for resource control syscalls (Daniel P. Berrangé)
4c7f4c4bbb: i2c-ddc: fix oob read (Gerd Hoffmann)
4e74e7a867: slirp: check data length while emulating ident function (Prasad J Pandit)
375667af78: scsi-generic: avoid possible out-of-bounds access to r->buf (Paolo Bonzini)
bceff528ba: pvrdma: add uar_read routine (Prasad J Pandit)
1549e3a54a: pvrdma: release device resources in case of an error (Prasad J Pandit)
86d4f40141: gluster: the glfs_io_cbk callback function pointer adds pre/post stat args (Niels de Vos)
37867211d9: gluster: Handle changed glfs_ftruncate signature (Prasanna Kumar Kalever)
43a3a1b694: hw/block/pflash_cfi01: Add missing DeviceReset() handler (Philippe Mathieu-Daudé)
ddacb784b3: hw: Use PFLASH_CFI0{1,2} and TYPE_PFLASH_CFI0{1,2} (Markus Armbruster)
03f130c682: pflash: Rename *CFI_PFLASH* to *PFLASH_CFI* (Markus Armbruster)
10b1d6070a: pflash_cfi01: Log use of flawed "write to buffer" (Markus Armbruster)
e634054c9d: pflash_cfi01: Do not exit() on guest aborting "write to buffer" (Markus Armbruster)
13cb31ce08: pflash: Rename pflash_t to PFlashCFI01, PFlashCFI02 (Markus Armbruster)
d0cb440280: block/pflash_cfi02: Fix memory leak and potential use-after-free (Stephen Checkoway)
21e5c69b85: hw/display/xlnx_dp: Avoid crash when reading empty RX FIFO (Philippe Mathieu-Daudé)
e2ec206ea9: hw/ssi/mss-spi: Avoid crash when reading empty RX FIFO (Philippe Mathieu-Daudé)
1f30e35861: hw/ssi/xilinx_spips: Avoid out-of-bound access to lqspi_buf[] (Philippe Mathieu-Daudé)
19f55e7ab5: target/m68k: Fix a tcg_temp leak (Philippe Mathieu-Daudé)
c6b77a64b4: virtio-balloon: free pbp more aggressively (Michael S. Tsirkin)
0965d5583e: virtio-balloon: don't track subpages for the PBP (David Hildenbrand)
14d9028a7d: virtio-balloon: Use temporary PBP only (David Hildenbrand)
2aa5009412: virtio-balloon: Rework pbp tracking data (David Hildenbrand)
46275f9091: virtio-balloon: Better names for offset variables in inflate/deflate code (David Hildenbrand)
b0d6feca99: virtio-balloon: Simplify deflate with pbp (David Hildenbrand)
07026c30c3: virtio-balloon: Fix QEMU crashes on pagesize > BALLOON_PAGE_SIZE (David Hildenbrand)
11dd808dc0: virtio-balloon: Fix wrong sign extension of PFNs (David Hildenbrand)
f8364784f0: virtio-balloon: Restore MADV_WILLNEED hint on balloon deflate (David Gibson)
38e8e9007d: virtio-balloon: Fix possible guest memory corruption with inflates & deflates (David Gibson)
80c96a7b60: virtio-balloon: Don't mismatch g_malloc()/free (CID 1399146) (David Gibson)
118112024d: virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size (David Gibson)
83cddbaadf: virtio-balloon: Use ram_block_discard_range() instead of raw madvise() (David Gibson)
89b0e359bc: virtio-balloon: Rework ballon_page() interface (David Gibson)
b260cdec21: virtio-balloon: Corrections to address verification (David Gibson)
7a31a0af31: virtio-balloon: Remove unnecessary MADV_WILLNEED on deflate (David Gibson)
f0a334345b: hw/virtio/virtio-balloon: zero-initialize the virtio_balloon_config struct (Peter Maydell)
fc6c2bce38: i386/acpi: show PCI Express bus on pxb-pcie expanders (Evgeny Yakovlev)
11665ca918: i386/acpi: fix gint overflow in crs_range_compare (Evgeny Yakovlev)
df42bc4897: ioapic: kvm: Skip route updates for masked pins (Jan Kiszka)
c00635946f: tpm_emulator: Translate TPM error codes to strings (Stefan Berger)
51ce84e119: tpm: Exit in reset when backend indicates failure (Stefan Berger)
0318166a9f: vhost: fix vhost_log size overflow during migration (Li Hangjing)
261d7f653a: iotests: Test unaligned raw images with O_DIRECT (Max Reitz)
044b0bcedf: block/file-posix: Unaligned O_DIRECT block-status (Max Reitz)
1742e3c74e: iotests: Filter second BLOCK_JOB_ERROR from 229 (Max Reitz)
f173a43a6d: megasas: fix mapped frame size (Peter Lieven)
2157938f7b: s390x/cpumodel: ignore csske for expansion (Christian Borntraeger)
f56e70ee4f: do not call vhost_net_cleanup() on running net from char user event (Dan Streetman)
8a5aaad6c2: block: Fix AioContext switch for bs->drv == NULL (Kevin Wolf)
3c9e488dbe: cutils: Fix size_to_str() on 32-bit platforms (Eric Blake)
c627cc38be: qcow2: Avoid COW during metadata preallocation (Kevin Wolf)
b443db97c1: qemu-img: fix error reporting for -object (Daniel P. Berrangé)
6b29db871d: usb-mtp: use O_NOFOLLOW and O_CLOEXEC. (Gerd Hoffmann)
6c77b5ab35: qga: update docs with systemd suspend support info (Daniel Henrique Barboza)
11cd30e71a: mac_newworld: use node name instead of alias name for hd device in FWPathProvider (Mark Cave-Ayland)
4a25ba2e2b: mac_oldworld: use node name instead of alias name for hd device in FWPathProvider (Mark Cave-Ayland)
847fe10828: configure: improve usbfs check (Thomas Petazzoni)
f3a70a4ae1: qga-win: include glib when building VSS DLL (Michael Roth)
d7cae05bf5: json: Fix % handling when not interpolating (Christophe Fergeau)
d03c389511: i386: remove the 'INTEL_PT' CPUID bit from named CPU models (Paolo Bonzini)
02d735c274: i386: remove the new CPUID 'PCONFIG' from Icelake-Server CPU model (Robert Hoo)
821314aec3: vfio-ap: flag as compatible with balloon (Cornelia Huck)
7c693f0c3f: tpm_tis: fix loop that cancels any seizure by a lower locality (Liam Merwick)
83cd9ed3d7: slirp: check sscanf result when emulating ident (William Bowling)
c6f25642e0: hw/rdma: another clang compilation fix (Marcel Apfelbaum)
27df37c1ea: block: Fix invalidate_cache error path for parent activation (Kevin Wolf)
fe87edd5ed: tpm: Make sure the locality received from backend is valid (Stefan Berger)
27b0c099fd: tpm: Make sure new locality passed to tpm_tis_prep_abort() is valid (Stefan Berger)
00d0932e0b: exec.c: Don't reallocate IOMMUNotifiers that are in use (Peter Maydell)
2e5502300e: s390x: Return specification exception for unimplemented diag 308 subcodes (Janosch Frank)
8ec7368c8f: linux-user: make pwrite64/pread64(fd, NULL, 0, offset) return 0 (Peter Maydell)
85bfce130a: hw/s390x: Fix bad mask in time2tod() (Thomas Huth)
98cf1bb872: pc:piix4: Update smbus I/O space after a migration (Corey Minyard)
5363028d1f: pcie: set link state inactive/active after hot unplug/plug (Zheng Xiang)
0d6b9ce17c: Changes requirement for "vsubsbs" instruction (Paul A. Clarke)
def04278d1: iotests: make 235 work on s390 (and others) (Christian Borntraeger)
08c410e390: i2c: Move typedef of bitbang_i2c_interface to i2c.h (BALATON Zoltan)



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] [ANNOUNCE] QEMU 3.1.1 Stable released
  2019-08-02 17:50 [Qemu-devel] [ANNOUNCE] QEMU 3.1.1 Stable released Michael Roth
@ 2019-08-02 17:59 ` Philippe Mathieu-Daudé
  2019-08-02 20:17   ` Michael Roth
  0 siblings, 1 reply; 3+ messages in thread
From: Philippe Mathieu-Daudé @ 2019-08-02 17:59 UTC (permalink / raw)
  To: Michael Roth, qemu-devel; +Cc: qemu-stable

On 8/2/19 7:50 PM, Michael Roth wrote:
> Hi everyone,
> 
> I am pleased to announce that the QEMU v3.1.1 stable release is now
> available:
> 
> You can grab the tarball from our download page here:
> 
>   https://www.qemu.org/download/#source
> 
> v3.1.1 is now tagged in the official qemu.git repository,
> and the stable-3.1 branch has been updated accordingly:
> 
>   https://git.qemu.org/?p=qemu.git;a=shortlog;h=refs/heads/stable-3.1
> 
> This update contains a fix for CVE-2018-16872 (usb-mtp) and bug/security
> fixes for a number of areas.
> 
> Please see the changelog for additional details and update accordingly.
> 
> Thank you to everyone involved!
> 
> CHANGELOG:
> 
> 71049d2a74: Update version for 3.1.1 release (Michael Roth)
> 03d7712b4b: qemu-bridge-helper: restrict interface name to IFNAMSIZ (Prasad J Pandit)
> 4482258130: block: Fix hangs in synchronous APIs with iothreads (Kevin Wolf)
> 41dd30ff63: pvrdma: release ring object in case of an error (Prasad J Pandit)
> a1001760ab: pvrdma: check return value from pvrdma_idx_ring_has_ routines (Prasad J Pandit)
> 2a0e6f1369: pvrdma: check number of pages when creating rings (Prasad J Pandit)
> 017f271f7a: device_tree: Fix integer overflowing in load_device_tree() (Markus Armbruster)
> 5149630fed: device_tree.c: Don't use load_image() (Peter Maydell)
> 59a823017a: sun4u: add power_mem_read routine (Prasad J Pandit)
> 3be7eb2f47: qxl: check release info object (Prasad J Pandit)
> 576964bf2a: seccomp: don't kill process for resource control syscalls (Daniel P. Berrangé)
> 4c7f4c4bbb: i2c-ddc: fix oob read (Gerd Hoffmann)
> 4e74e7a867: slirp: check data length while emulating ident function (Prasad J Pandit)
> 375667af78: scsi-generic: avoid possible out-of-bounds access to r->buf (Paolo Bonzini)
> bceff528ba: pvrdma: add uar_read routine (Prasad J Pandit)
> 1549e3a54a: pvrdma: release device resources in case of an error (Prasad J Pandit)
> 86d4f40141: gluster: the glfs_io_cbk callback function pointer adds pre/post stat args (Niels de Vos)
> 37867211d9: gluster: Handle changed glfs_ftruncate signature (Prasanna Kumar Kalever)
> 43a3a1b694: hw/block/pflash_cfi01: Add missing DeviceReset() handler (Philippe Mathieu-Daudé)
> ddacb784b3: hw: Use PFLASH_CFI0{1,2} and TYPE_PFLASH_CFI0{1,2} (Markus Armbruster)
> 03f130c682: pflash: Rename *CFI_PFLASH* to *PFLASH_CFI* (Markus Armbruster)
> 10b1d6070a: pflash_cfi01: Log use of flawed "write to buffer" (Markus Armbruster)
> e634054c9d: pflash_cfi01: Do not exit() on guest aborting "write to buffer" (Markus Armbruster)
> 13cb31ce08: pflash: Rename pflash_t to PFlashCFI01, PFlashCFI02 (Markus Armbruster)
> d0cb440280: block/pflash_cfi02: Fix memory leak and potential use-after-free (Stephen Checkoway)
> 21e5c69b85: hw/display/xlnx_dp: Avoid crash when reading empty RX FIFO (Philippe Mathieu-Daudé)
> e2ec206ea9: hw/ssi/mss-spi: Avoid crash when reading empty RX FIFO (Philippe Mathieu-Daudé)
> 1f30e35861: hw/ssi/xilinx_spips: Avoid out-of-bound access to lqspi_buf[] (Philippe Mathieu-Daudé)
> 19f55e7ab5: target/m68k: Fix a tcg_temp leak (Philippe Mathieu-Daudé)
> c6b77a64b4: virtio-balloon: free pbp more aggressively (Michael S. Tsirkin)
> 0965d5583e: virtio-balloon: don't track subpages for the PBP (David Hildenbrand)
> 14d9028a7d: virtio-balloon: Use temporary PBP only (David Hildenbrand)
> 2aa5009412: virtio-balloon: Rework pbp tracking data (David Hildenbrand)
> 46275f9091: virtio-balloon: Better names for offset variables in inflate/deflate code (David Hildenbrand)
> b0d6feca99: virtio-balloon: Simplify deflate with pbp (David Hildenbrand)
> 07026c30c3: virtio-balloon: Fix QEMU crashes on pagesize > BALLOON_PAGE_SIZE (David Hildenbrand)
> 11dd808dc0: virtio-balloon: Fix wrong sign extension of PFNs (David Hildenbrand)
> f8364784f0: virtio-balloon: Restore MADV_WILLNEED hint on balloon deflate (David Gibson)
> 38e8e9007d: virtio-balloon: Fix possible guest memory corruption with inflates & deflates (David Gibson)
> 80c96a7b60: virtio-balloon: Don't mismatch g_malloc()/free (CID 1399146) (David Gibson)
> 118112024d: virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size (David Gibson)
> 83cddbaadf: virtio-balloon: Use ram_block_discard_range() instead of raw madvise() (David Gibson)
> 89b0e359bc: virtio-balloon: Rework ballon_page() interface (David Gibson)
> b260cdec21: virtio-balloon: Corrections to address verification (David Gibson)
> 7a31a0af31: virtio-balloon: Remove unnecessary MADV_WILLNEED on deflate (David Gibson)
> f0a334345b: hw/virtio/virtio-balloon: zero-initialize the virtio_balloon_config struct (Peter Maydell)
> fc6c2bce38: i386/acpi: show PCI Express bus on pxb-pcie expanders (Evgeny Yakovlev)
> 11665ca918: i386/acpi: fix gint overflow in crs_range_compare (Evgeny Yakovlev)
> df42bc4897: ioapic: kvm: Skip route updates for masked pins (Jan Kiszka)
> c00635946f: tpm_emulator: Translate TPM error codes to strings (Stefan Berger)
> 51ce84e119: tpm: Exit in reset when backend indicates failure (Stefan Berger)
> 0318166a9f: vhost: fix vhost_log size overflow during migration (Li Hangjing)
> 261d7f653a: iotests: Test unaligned raw images with O_DIRECT (Max Reitz)
> 044b0bcedf: block/file-posix: Unaligned O_DIRECT block-status (Max Reitz)
> 1742e3c74e: iotests: Filter second BLOCK_JOB_ERROR from 229 (Max Reitz)
> f173a43a6d: megasas: fix mapped frame size (Peter Lieven)
> 2157938f7b: s390x/cpumodel: ignore csske for expansion (Christian Borntraeger)
> f56e70ee4f: do not call vhost_net_cleanup() on running net from char user event (Dan Streetman)
> 8a5aaad6c2: block: Fix AioContext switch for bs->drv == NULL (Kevin Wolf)
> 3c9e488dbe: cutils: Fix size_to_str() on 32-bit platforms (Eric Blake)
> c627cc38be: qcow2: Avoid COW during metadata preallocation (Kevin Wolf)
> b443db97c1: qemu-img: fix error reporting for -object (Daniel P. Berrangé)
> 6b29db871d: usb-mtp: use O_NOFOLLOW and O_CLOEXEC. (Gerd Hoffmann)
> 6c77b5ab35: qga: update docs with systemd suspend support info (Daniel Henrique Barboza)
> 11cd30e71a: mac_newworld: use node name instead of alias name for hd device in FWPathProvider (Mark Cave-Ayland)
> 4a25ba2e2b: mac_oldworld: use node name instead of alias name for hd device in FWPathProvider (Mark Cave-Ayland)
> 847fe10828: configure: improve usbfs check (Thomas Petazzoni)
> f3a70a4ae1: qga-win: include glib when building VSS DLL (Michael Roth)
> d7cae05bf5: json: Fix % handling when not interpolating (Christophe Fergeau)
> d03c389511: i386: remove the 'INTEL_PT' CPUID bit from named CPU models (Paolo Bonzini)
> 02d735c274: i386: remove the new CPUID 'PCONFIG' from Icelake-Server CPU model (Robert Hoo)
> 821314aec3: vfio-ap: flag as compatible with balloon (Cornelia Huck)
> 7c693f0c3f: tpm_tis: fix loop that cancels any seizure by a lower locality (Liam Merwick)
> 83cd9ed3d7: slirp: check sscanf result when emulating ident (William Bowling)
> c6f25642e0: hw/rdma: another clang compilation fix (Marcel Apfelbaum)
> 27df37c1ea: block: Fix invalidate_cache error path for parent activation (Kevin Wolf)
> fe87edd5ed: tpm: Make sure the locality received from backend is valid (Stefan Berger)
> 27b0c099fd: tpm: Make sure new locality passed to tpm_tis_prep_abort() is valid (Stefan Berger)
> 00d0932e0b: exec.c: Don't reallocate IOMMUNotifiers that are in use (Peter Maydell)
> 2e5502300e: s390x: Return specification exception for unimplemented diag 308 subcodes (Janosch Frank)
> 8ec7368c8f: linux-user: make pwrite64/pread64(fd, NULL, 0, offset) return 0 (Peter Maydell)
> 85bfce130a: hw/s390x: Fix bad mask in time2tod() (Thomas Huth)
> 98cf1bb872: pc:piix4: Update smbus I/O space after a migration (Corey Minyard)
> 5363028d1f: pcie: set link state inactive/active after hot unplug/plug (Zheng Xiang)
> 0d6b9ce17c: Changes requirement for "vsubsbs" instruction (Paul A. Clarke)
> def04278d1: iotests: make 235 work on s390 (and others) (Christian Borntraeger)
> 08c410e390: i2c: Move typedef of bitbang_i2c_interface to i2c.h (BALATON Zoltan)

I was testing the CVE-2019-14378 fix, 7min too late :(


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] [ANNOUNCE] QEMU 3.1.1 Stable released
  2019-08-02 17:59 ` Philippe Mathieu-Daudé
@ 2019-08-02 20:17   ` Michael Roth
  0 siblings, 0 replies; 3+ messages in thread
From: Michael Roth @ 2019-08-02 20:17 UTC (permalink / raw)
  To: Philippe Mathieu-Daudé, qemu-devel; +Cc: qemu-stable

Quoting Philippe Mathieu-Daudé (2019-08-02 12:59:08)
> On 8/2/19 7:50 PM, Michael Roth wrote:
> > Hi everyone,
> > 
> > I am pleased to announce that the QEMU v3.1.1 stable release is now
> > available:
> > 
> > You can grab the tarball from our download page here:
> > 
> >   https://www.qemu.org/download/#source
> > 
> > v3.1.1 is now tagged in the official qemu.git repository,
> > and the stable-3.1 branch has been updated accordingly:
> > 
> >   https://git.qemu.org/?p=qemu.git;a=shortlog;h=refs/heads/stable-3.1
> > 
> > This update contains a fix for CVE-2018-16872 (usb-mtp) and bug/security
> > fixes for a number of areas.
> > 
> > Please see the changelog for additional details and update accordingly.
> > 
> > Thank you to everyone involved!
> > 
> > CHANGELOG:
> > 
> > 71049d2a74: Update version for 3.1.1 release (Michael Roth)
> > 03d7712b4b: qemu-bridge-helper: restrict interface name to IFNAMSIZ (Prasad J Pandit)
> > 4482258130: block: Fix hangs in synchronous APIs with iothreads (Kevin Wolf)
> > 41dd30ff63: pvrdma: release ring object in case of an error (Prasad J Pandit)
> > a1001760ab: pvrdma: check return value from pvrdma_idx_ring_has_ routines (Prasad J Pandit)
> > 2a0e6f1369: pvrdma: check number of pages when creating rings (Prasad J Pandit)
> > 017f271f7a: device_tree: Fix integer overflowing in load_device_tree() (Markus Armbruster)
> > 5149630fed: device_tree.c: Don't use load_image() (Peter Maydell)
> > 59a823017a: sun4u: add power_mem_read routine (Prasad J Pandit)
> > 3be7eb2f47: qxl: check release info object (Prasad J Pandit)
> > 576964bf2a: seccomp: don't kill process for resource control syscalls (Daniel P. Berrangé)
> > 4c7f4c4bbb: i2c-ddc: fix oob read (Gerd Hoffmann)
> > 4e74e7a867: slirp: check data length while emulating ident function (Prasad J Pandit)
> > 375667af78: scsi-generic: avoid possible out-of-bounds access to r->buf (Paolo Bonzini)
> > bceff528ba: pvrdma: add uar_read routine (Prasad J Pandit)
> > 1549e3a54a: pvrdma: release device resources in case of an error (Prasad J Pandit)
> > 86d4f40141: gluster: the glfs_io_cbk callback function pointer adds pre/post stat args (Niels de Vos)
> > 37867211d9: gluster: Handle changed glfs_ftruncate signature (Prasanna Kumar Kalever)
> > 43a3a1b694: hw/block/pflash_cfi01: Add missing DeviceReset() handler (Philippe Mathieu-Daudé)
> > ddacb784b3: hw: Use PFLASH_CFI0{1,2} and TYPE_PFLASH_CFI0{1,2} (Markus Armbruster)
> > 03f130c682: pflash: Rename *CFI_PFLASH* to *PFLASH_CFI* (Markus Armbruster)
> > 10b1d6070a: pflash_cfi01: Log use of flawed "write to buffer" (Markus Armbruster)
> > e634054c9d: pflash_cfi01: Do not exit() on guest aborting "write to buffer" (Markus Armbruster)
> > 13cb31ce08: pflash: Rename pflash_t to PFlashCFI01, PFlashCFI02 (Markus Armbruster)
> > d0cb440280: block/pflash_cfi02: Fix memory leak and potential use-after-free (Stephen Checkoway)
> > 21e5c69b85: hw/display/xlnx_dp: Avoid crash when reading empty RX FIFO (Philippe Mathieu-Daudé)
> > e2ec206ea9: hw/ssi/mss-spi: Avoid crash when reading empty RX FIFO (Philippe Mathieu-Daudé)
> > 1f30e35861: hw/ssi/xilinx_spips: Avoid out-of-bound access to lqspi_buf[] (Philippe Mathieu-Daudé)
> > 19f55e7ab5: target/m68k: Fix a tcg_temp leak (Philippe Mathieu-Daudé)
> > c6b77a64b4: virtio-balloon: free pbp more aggressively (Michael S. Tsirkin)
> > 0965d5583e: virtio-balloon: don't track subpages for the PBP (David Hildenbrand)
> > 14d9028a7d: virtio-balloon: Use temporary PBP only (David Hildenbrand)
> > 2aa5009412: virtio-balloon: Rework pbp tracking data (David Hildenbrand)
> > 46275f9091: virtio-balloon: Better names for offset variables in inflate/deflate code (David Hildenbrand)
> > b0d6feca99: virtio-balloon: Simplify deflate with pbp (David Hildenbrand)
> > 07026c30c3: virtio-balloon: Fix QEMU crashes on pagesize > BALLOON_PAGE_SIZE (David Hildenbrand)
> > 11dd808dc0: virtio-balloon: Fix wrong sign extension of PFNs (David Hildenbrand)
> > f8364784f0: virtio-balloon: Restore MADV_WILLNEED hint on balloon deflate (David Gibson)
> > 38e8e9007d: virtio-balloon: Fix possible guest memory corruption with inflates & deflates (David Gibson)
> > 80c96a7b60: virtio-balloon: Don't mismatch g_malloc()/free (CID 1399146) (David Gibson)
> > 118112024d: virtio-balloon: Safely handle BALLOON_PAGE_SIZE < host page size (David Gibson)
> > 83cddbaadf: virtio-balloon: Use ram_block_discard_range() instead of raw madvise() (David Gibson)
> > 89b0e359bc: virtio-balloon: Rework ballon_page() interface (David Gibson)
> > b260cdec21: virtio-balloon: Corrections to address verification (David Gibson)
> > 7a31a0af31: virtio-balloon: Remove unnecessary MADV_WILLNEED on deflate (David Gibson)
> > f0a334345b: hw/virtio/virtio-balloon: zero-initialize the virtio_balloon_config struct (Peter Maydell)
> > fc6c2bce38: i386/acpi: show PCI Express bus on pxb-pcie expanders (Evgeny Yakovlev)
> > 11665ca918: i386/acpi: fix gint overflow in crs_range_compare (Evgeny Yakovlev)
> > df42bc4897: ioapic: kvm: Skip route updates for masked pins (Jan Kiszka)
> > c00635946f: tpm_emulator: Translate TPM error codes to strings (Stefan Berger)
> > 51ce84e119: tpm: Exit in reset when backend indicates failure (Stefan Berger)
> > 0318166a9f: vhost: fix vhost_log size overflow during migration (Li Hangjing)
> > 261d7f653a: iotests: Test unaligned raw images with O_DIRECT (Max Reitz)
> > 044b0bcedf: block/file-posix: Unaligned O_DIRECT block-status (Max Reitz)
> > 1742e3c74e: iotests: Filter second BLOCK_JOB_ERROR from 229 (Max Reitz)
> > f173a43a6d: megasas: fix mapped frame size (Peter Lieven)
> > 2157938f7b: s390x/cpumodel: ignore csske for expansion (Christian Borntraeger)
> > f56e70ee4f: do not call vhost_net_cleanup() on running net from char user event (Dan Streetman)
> > 8a5aaad6c2: block: Fix AioContext switch for bs->drv == NULL (Kevin Wolf)
> > 3c9e488dbe: cutils: Fix size_to_str() on 32-bit platforms (Eric Blake)
> > c627cc38be: qcow2: Avoid COW during metadata preallocation (Kevin Wolf)
> > b443db97c1: qemu-img: fix error reporting for -object (Daniel P. Berrangé)
> > 6b29db871d: usb-mtp: use O_NOFOLLOW and O_CLOEXEC. (Gerd Hoffmann)
> > 6c77b5ab35: qga: update docs with systemd suspend support info (Daniel Henrique Barboza)
> > 11cd30e71a: mac_newworld: use node name instead of alias name for hd device in FWPathProvider (Mark Cave-Ayland)
> > 4a25ba2e2b: mac_oldworld: use node name instead of alias name for hd device in FWPathProvider (Mark Cave-Ayland)
> > 847fe10828: configure: improve usbfs check (Thomas Petazzoni)
> > f3a70a4ae1: qga-win: include glib when building VSS DLL (Michael Roth)
> > d7cae05bf5: json: Fix % handling when not interpolating (Christophe Fergeau)
> > d03c389511: i386: remove the 'INTEL_PT' CPUID bit from named CPU models (Paolo Bonzini)
> > 02d735c274: i386: remove the new CPUID 'PCONFIG' from Icelake-Server CPU model (Robert Hoo)
> > 821314aec3: vfio-ap: flag as compatible with balloon (Cornelia Huck)
> > 7c693f0c3f: tpm_tis: fix loop that cancels any seizure by a lower locality (Liam Merwick)
> > 83cd9ed3d7: slirp: check sscanf result when emulating ident (William Bowling)
> > c6f25642e0: hw/rdma: another clang compilation fix (Marcel Apfelbaum)
> > 27df37c1ea: block: Fix invalidate_cache error path for parent activation (Kevin Wolf)
> > fe87edd5ed: tpm: Make sure the locality received from backend is valid (Stefan Berger)
> > 27b0c099fd: tpm: Make sure new locality passed to tpm_tis_prep_abort() is valid (Stefan Berger)
> > 00d0932e0b: exec.c: Don't reallocate IOMMUNotifiers that are in use (Peter Maydell)
> > 2e5502300e: s390x: Return specification exception for unimplemented diag 308 subcodes (Janosch Frank)
> > 8ec7368c8f: linux-user: make pwrite64/pread64(fd, NULL, 0, offset) return 0 (Peter Maydell)
> > 85bfce130a: hw/s390x: Fix bad mask in time2tod() (Thomas Huth)
> > 98cf1bb872: pc:piix4: Update smbus I/O space after a migration (Corey Minyard)
> > 5363028d1f: pcie: set link state inactive/active after hot unplug/plug (Zheng Xiang)
> > 0d6b9ce17c: Changes requirement for "vsubsbs" instruction (Paul A. Clarke)
> > def04278d1: iotests: make 235 work on s390 (and others) (Christian Borntraeger)
> > 08c410e390: i2c: Move typedef of bitbang_i2c_interface to i2c.h (BALATON Zoltan)
> 
> I was testing the CVE-2019-14378 fix, 7min too late :(

We could possibly do a 3.1.1.1 CVE release if it's serious.


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2019-08-02 20:19 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-02 17:50 [Qemu-devel] [ANNOUNCE] QEMU 3.1.1 Stable released Michael Roth
2019-08-02 17:59 ` Philippe Mathieu-Daudé
2019-08-02 20:17   ` Michael Roth

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).