| Message ID | cover.1579632845.git.leo@famulari.name |
|---|---|
| Headers | show
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org> X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id EBD7217B02; Tue, 21 Jan 2020 18:57:12 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id 3C4B917B01 for <patchwork@mira.cbaines.net>; Tue, 21 Jan 2020 18:57:11 +0000 (GMT) Received: from localhost ([::1]:59670 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>) id 1ityi6-0005ud-I1 for patchwork@mira.cbaines.net; Tue, 21 Jan 2020 13:57:10 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:57791) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ityi1-0005uL-0n for guix-patches@gnu.org; Tue, 21 Jan 2020 13:57:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ityhy-0003HF-Rm for guix-patches@gnu.org; Tue, 21 Jan 2020 13:57:04 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:42518) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ityhy-0003H7-P4 for guix-patches@gnu.org; Tue, 21 Jan 2020 13:57:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ityhy-0003Zs-Oy for guix-patches@gnu.org; Tue, 21 Jan 2020 13:57:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#39225] [PATCH 0/2] QEMU updates Resent-From: Leo Famulari <leo@famulari.name> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org> Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 21 Jan 2020 18:57:02 +0000 Resent-Message-ID: <handler.39225.B.157963297613672@debbugs.gnu.org> Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 39225 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 39225@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.157963297613672 (code B ref -1); Tue, 21 Jan 2020 18:57:02 +0000 Received: (at submit) by debbugs.gnu.org; 21 Jan 2020 18:56:16 +0000 Received: from localhost ([127.0.0.1]:48487 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>) id 1ityhA-0003YB-LQ for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:16 -0500 Received: from lists.gnu.org ([209.51.188.17]:35785) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo@famulari.name>) id 1ityh5-0003Xu-Dw for submit@debbugs.gnu.org; Tue, 21 Jan 2020 13:56:11 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:57683) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <leo@famulari.name>) id 1ityh1-0005qI-Eh for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:07 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from <leo@famulari.name>) id 1itygx-0002Sr-Lg for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:03 -0500 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:35375) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from <leo@famulari.name>) id 1itygx-0002RZ-FY for guix-patches@gnu.org; Tue, 21 Jan 2020 13:55:59 -0500 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 9D1B921C29; Tue, 21 Jan 2020 13:55:57 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 21 Jan 2020 13:55:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; s=mesmtp; bh=c3sUhCXRkR5HA2TgsIyijsX ljVxXKEv4SHgcfjZLMGw=; b=cRocE5KntjZGPqe09Y/+xuStxVjxZr5Hk7VZX+g GllYCuZJi8G30GLxyS/y3M+BqXpSDLv2/aNKSkBSaUbTXxXyujSQrBtzz7bIxQDD bJMdPY//O6k/eWyyHjzZSV2KhelzhguzsrVJhVJj0SEU7pPVXLmYK8LEjujCzk4y uPq4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=c3sUhCXRkR5HA2Tgs IyijsXljVxXKEv4SHgcfjZLMGw=; b=KUc+uBTbKdQ3HQ8QbrKo4xoFEd0kVBeGo UjSbBLQaslXzx/8BC66i5d+YCv3a4VjDlBjrw+dt3NTzCxAkwmOSsK4l8/0EYeVg px6DCzgL3tz3hGdGWoXzY7ojIagGKps//h/Dwqk5i9ct2qiRORlhwdzTEQgqPy1H e92DHZ1pnbvk4PEectuTFa7BNvhZk9PUeiIN7SaVmxdMp08QB+TqgJaFEHtZrf3V kaQ+C6vIJFWI6jUfDgwxm2NoWwlc9AAnZf3iUfVLdcJOrcB5jaFu6GvZcW1WB/8x nsgtPUQRGADAb66T6ahfmNkURdHv87mv/9b3Tp5Ysz9jv2cXTkPPQ== X-ME-Sender: <xms:PUknXnLwjgf0Ac95hkcu55hTC5rjRacKC8Elnvv2tS6H_9RdgheR6A> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudekgdduudejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgggfestdekredtre dttdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhi rdhnrghmvgeqnecukfhppeejiedruddvgedrudefkedrieefnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhn rghmvg X-ME-Proxy: <xmx:PUknXp7q3LH5eTMlX4W5B-Dfpui2xxn4TXp1atlDPZRFogtfULsRKA> <xmx:PUknXvRh34j0mmu2uBSZ4xyIygtQYAeJxacqF66CSKleap1GG06QYg> <xmx:PUknXqsyRX8aJ1g0OejRshuX1iyRA6NoYP-xmJX0uBcpwmIig70dRg> <xmx:PUknXjkZrVMdlXLX1zywlH3gOVf9KLE4ZLTVTeSJnXjak6KQdvDesg> Received: from jasmine.lan (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 15593306097C for <guix-patches@gnu.org>; Tue, 21 Jan 2020 13:55:57 -0500 (EST) From: Leo Famulari <leo@famulari.name> Date: Tue, 21 Jan 2020 13:55:50 -0500 Message-Id: <cover.1579632845.git.leo@famulari.name> X-Mailer: git-send-email 2.25.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: <guix-patches.gnu.org> List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=unsubscribe> List-Archive: <https://lists.gnu.org/archive/html/guix-patches> List-Post: <mailto:guix-patches@gnu.org> List-Help: <mailto:guix-patches-request@gnu.org?subject=help> List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=subscribe> Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org> X-getmail-retrieved-from-mailbox: Patches |
On Tue, Jan 21, 2020 at 09:14:40PM +0100, Tobias Geerinckx-Rice wrote:
> Have you run the Guix System test suite with this new Qemu?
The basic and openssh tests did pass. I don't have the computing
resources or time to continue testing it. Can we use Cuirass on
<ci.guix.gnu.org> to test it more fully?
On Tue, Jan 21, 2020 at 01:55:50PM -0500, Leo Famulari wrote: > The security updates work with our current QEMU package of 4.1.1 as well > as 4.2.0. > > I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image and > running it with the "full" QEMU package, and the SLIRP networking works > fine in both cases. Pushed as 3778b3d9d013a443eec7990c31f47f887f72fe59, along with a 3rd patch that brings back the QEMU man pages. QEMU 4.0 began requiring the use of Sphinx to build them: https://wiki.qemu.org/ChangeLog/4.0#Build_Dependencies
The security updates work with our current QEMU package of 4.1.1 as well as 4.2.0. I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image and running it with the "full" QEMU package, and the SLIRP networking works fine in both cases. Leo Famulari (2): gnu: QEMU: Fix CVE-2020-{7039,7211}. gnu: QEMU: Update to 4.2.0. gnu/local.mk | 3 + gnu/packages/patches/qemu-CVE-2020-7039.patch | 173 ++++++++++++++++++ gnu/packages/patches/qemu-CVE-2020-7211.patch | 49 +++++ ...qemu-fix-documentation-build-failure.patch | 43 +++++ gnu/packages/virtualization.scm | 7 +- 5 files changed, 273 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/qemu-CVE-2020-7039.patch create mode 100644 gnu/packages/patches/qemu-CVE-2020-7211.patch create mode 100644 gnu/packages/patches/qemu-fix-documentation-build-failure.patch