Bug#1070801: bookworm-pu: package qemu/1:7.2+dfsg-7+deb12u6
09.05.2024 14:53, Michael Tokarev wrote:
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: qemu@packages.debian.org, pkg-qemu-devel@lists.alioth.debian.org
Control: affects -1 + src:qemu
[ Reason ]
There were 2 qemu stable/bugfix releases (7.2.10 and 7.2.11) since
the previous debian release, fixing a number of various issues.
It would be nice to have these fixes in debian too, so debian users
will benefit from the qemu stable series.
Among others, this release fixes several (low-priority) security
issues: CVE-2024-3446 CVE-2024-3447 CVE-2024-26327 CVE-2024-26328
I forgot to mention here which I already mentioned in the previous qemu
pu report (#1062044). In this debian release of qemu, I removed revert
of a change which supposedly broke suspend-resume cycle of qemu-based VMs
and hence broke cryptsetup autopkgtests. The change in question, which is
a bugfix, monitor-only-run-coroutine-commands-in-qemu_aio_context.patch,
has exactly nothing to do with suspend-resume, it's a red herring.
The issue depends on the guest kernel instead, - I *think* it is a memory
layout issue instead. With current bookworm kernels, with or without
the patch in question, this suspend-resume issue is present for current
qemu and for a few older qemu releases too.
So I'm dropping this revert in this release, hence making debian qemu
sources to match the upstream.
Thanks,
/mjt
Reply to: