qemu-3.1.0

[Douglas R. Reno]

Multiple integer overflow issues were found and reported in various NIC emulations in QEMU. These integer overflow could occur while receiving packets and could lead to OOB stack buffer access, resulting in DoS scenario.

• CVE-2018-10839 Qemu: ne2000: integer overflow leads to buffer overflow issue

Upstream fix:

-> ​https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03273.html

• CVE-2018-17958 Qemu: rtl8139: integer overflow leads to buffer overflow

Upstream fix:

-> ​https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03269.html

• CVE-2018-17962 Qemu: pcnet: integer overflow leads to buffer overflow

Upstream fix:

-> ​https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html

• CVE-2018-17963 Qemu: net: ignore packets with large size

Upstream fix:

-> ​https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html

[Bruce Dubbs]

It's been a while since the last qenu release -- about two months. Let's give this a few weeks to see if we get a new release.

[Bruce Dubbs]

New minor version.

[Bruce Dubbs]

Changelog is quite extensive. See ​https://wiki.qemu.org/ChangeLog/3.1 for the full list.

Incompatible changes

• The "qemu-system-ppcemb" target has been removed. "qemu-system-ppc" or "qemu-system-ppc64" should be used instead.
• The "tls", "x509", and "x509verify" options to "-vnc" have been removed. The "tls-creds" option should be used instead to point to a "tls-creds-x509" object created using "-object"
• The -drive options "cyls", "heads", "secs", "trans", "addr" and "serial" have been removed. The corresponding options of the "-device" parameter have to be used instead now.
• The "-balloon" option has been removed since it is replaced by "-device virtio-balloon" now.
• The "-nodefconfig" option has been removed. Use "-no-user-config" instead.
• The "-startdate", "-localtime" and "-rtc-td-hack" options have been removed. Use the corresponding parameters of "-rtc" instead.
• The "-tftp", "-bootp", "-redir" and "-smb" options have been removed. Use the corresponding parameters of "-nic" or "-netdev" instead.
• The "ssi-sd" device cannot be created anymore with "-device". This could be changed again in the future.
• x86 machines cannot be live-migrated if nested Intel virtualization is enabled. The next version of QEMU will be able to do live migration when nested virtualization is enabled, if supported by the kernel.

New deprecated options and features

• The '-machine enforce-config-section' parameter is replaced by the '-global migration.send-configuration' option.
• The 'name' parameter of the '-net' option is a synonym for the 'id' parameter, which should now be used instead.
• The 'hub_id name' parameter tuple of the 'hostfwd_add' and 'hostfwd_remove' HMP commands has been replaced by 'netdev_id'.
• The PowerPC target 'prep' machine type should be replaced by the '40p' machine type.
• Parsing of key,value pair filenames for the RBD block device
• Incorrect CPU topologies specified by -smp socket,core,thread options that are describing number of VCPUs not equal to 'maxcpus'

x86

• Multi-threaded TCG is now supported.
• Documented recommendations for choosing CPU models to ensure good performance and security of x86 guests.
• New CPU models IceLake-Server and IceLake-Client.

Build Dependencies

• Support for the GTK2 display frontend has been removed. GTK3 should be used instead
• The minimum Python version is now 2.7. The next release of QEMU should remove Python 2.x support.
• The minimum GTK3 version is now 3.14.0
• The minimum GNUTLS version is now 3.1.18
• The minimum libgcrypt version is now 1.5.0
• The minimum nettle version is now 2.7.1
• The minimum libseccomp version is now 2.2.0.
• libudev is now an optional dependency for qemu-ga.

[Bruce Dubbs]

Fixed at revision 20850.