Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Dustin Kirkland 
Revision Date: 2009-11-04 13:25:03 UTC

debian/patches/Fix-cluster-freeing-in-qcow2.patch: cherry-pick
from upstream, fixes regression caused by
qcow2-corruption-Fix-alloc_cluster_link_l2-Kevin-W.patch
LP: #404394

Author: Dustin Kirkland 
Revision Date: 2009-11-04 13:25:43 UTC

debian/patches/Fix-cluster-freeing-in-qcow2.patch: cherry-pick
from upstream, fixes regression caused by
qcow2-corruption-Fix-alloc_cluster_link_l2-Kevin-W.patch
LP: #404394

Author: Dustin Kirkland 
Revision Date: 2009-11-04 14:05:14 UTC

debian/patches/Fix-cluster-freeing-in-qcow2.patch: cherry-pick
from upstream, fixes regression caused by
qcow2-corruption-Fix-alloc_cluster_link_l2-Kevin-W.patch
LP: #404394

Author: Dustin Kirkland 
Revision Date: 2009-11-04 14:05:14 UTC

debian/patches/Fix-cluster-freeing-in-qcow2.patch: cherry-pick
from upstream, fixes regression caused by
qcow2-corruption-Fix-alloc_cluster_link_l2-Kevin-W.patch
LP: #404394

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287

Author: Marc Deslauriers
Revision Date: 2009-05-13 08:54:17 UTC

* REGRESSION: "boot" parameter was removed by security update (LP: #375937)
  - debian/patches/CVE-2008-2004.patch: updated to reintroduce "boot"
    parameter.

Author: Dustin Kirkland 
Revision Date: 2009-04-17 09:59:58 UTC

* debian/patches/add-all-virtio-drives.patch: Fix bugs where the caller
  does not specify a perfectly defined list of virtio drives starting at
  index=0 and having no gaps in indices; LP: #360832, #360825
* debian/patches/fix-qcow-corruption: Cherry-pick from kvm stable git
  branch, fixes at least one cause of qcow2 image corruption; no reports
  yet of this in Ubuntu, but I'm being proactive about this one;
  LP: #361938
* debian/source_kvm.py: dpkg -l was a little too heavy, compress this
  output considerably

Author: Dustin Kirkland 
Revision Date: 2009-05-07 16:41:38 UTC

* debian/patches/SECURITY_CVE-2008-1945:
  - SECURITY UPDATE: guest OS users may read arbitrary files on host OS
    + qemu/hw/usb-msd.c: Add image format option for USB mass-storage
      $devices; Author: Aurelien Jarno <aurelien@aurel32.net>
    + CVE-2008-1945: commit 334c0241c006533d1f4ed7e07239ec00b46c6efd
* debian/patches/CVE-2008-2382:
  - SECURITY UPDATE: remote denial of service via crafted message to vnc
    + qemu/vnc.c: Properly handle the case of SetPixelEncodings with a
      length of zero.; Author: Anthony Liguori <aliguori@us.ibm.com>
    + CVE-2008-2382: commit 69dd5c9ffd5c0c6a01ad14b9c6a8d7135ccc2b9a
* debian/patches/CVE-2008-4539:
  - SECURITY UPDATE: local users might gain privileges via heap overflow
    + qemu/hw/cirrus_vga.c: fix a heap overflow in Cirrus emulation;
      Author: Aurelien Jarno <aurelien@aurel32.net>
    + CVE-2008-4539: commit 65d35a09979e63541afc5bfc595b9f1b1b4ae069
* debian/patches/CVE-2008-5714:
  - SECURITY UPDATE: vnc password limited to 7, rather than 8 characters
    + qemu/monitor.c: monitor_readline expects buf_size to include the
      terminating \0, but do_change_vnc in monitor.c calls it as though
      it doesn't; Authors: Chris Webb <chris@arachsys.com> and
      Anthony Liguori <aliguori@us.ibm.com>
    + CVE-2008-5714: commit 2a7e8dda090af586f3d0b3d157054a9e18776a52
* debian/patches/series: updated accordingly

Author: Dustin Kirkland 
Revision Date: 2009-05-07 16:41:38 UTC

* debian/patches/SECURITY_CVE-2008-1945:
  - SECURITY UPDATE: guest OS users may read arbitrary files on host OS
    + qemu/hw/usb-msd.c: Add image format option for USB mass-storage
      $devices; Author: Aurelien Jarno <aurelien@aurel32.net>
    + CVE-2008-1945: commit 334c0241c006533d1f4ed7e07239ec00b46c6efd
* debian/patches/CVE-2008-2382:
  - SECURITY UPDATE: remote denial of service via crafted message to vnc
    + qemu/vnc.c: Properly handle the case of SetPixelEncodings with a
      length of zero.; Author: Anthony Liguori <aliguori@us.ibm.com>
    + CVE-2008-2382: commit 69dd5c9ffd5c0c6a01ad14b9c6a8d7135ccc2b9a
* debian/patches/CVE-2008-4539:
  - SECURITY UPDATE: local users might gain privileges via heap overflow
    + qemu/hw/cirrus_vga.c: fix a heap overflow in Cirrus emulation;
      Author: Aurelien Jarno <aurelien@aurel32.net>
    + CVE-2008-4539: commit 65d35a09979e63541afc5bfc595b9f1b1b4ae069
* debian/patches/CVE-2008-5714:
  - SECURITY UPDATE: vnc password limited to 7, rather than 8 characters
    + qemu/monitor.c: monitor_readline expects buf_size to include the
      terminating \0, but do_change_vnc in monitor.c calls it as though
      it doesn't; Authors: Chris Webb <chris@arachsys.com> and
      Anthony Liguori <aliguori@us.ibm.com>
    + CVE-2008-5714: commit 2a7e8dda090af586f3d0b3d157054a9e18776a52
* debian/patches/series: updated accordingly

Author: Dustin Kirkland 
Revision Date: 2008-09-24 17:25:20 UTC

* debian/patches/evdev_keycode_map.patch, debian/patches/series: ported the
  gtk-vnc patch that fixes evdev keycode mapping (LP: #258389)
* debian/control: explicitly depend on libx11-dev

Author: Marc Deslauriers
Revision Date: 2009-05-13 08:54:17 UTC

* REGRESSION: "boot" parameter was removed by security update (LP: #375937)
  - debian/patches/CVE-2008-2004.patch: updated to reintroduce "boot"
    parameter.

Author: Soren Hansen
Revision Date: 2008-07-07 16:58:08 UTC

* Disable CAP_CLOCKSOURCE. This works around the ABI incompatibility of the
  paravirt clock between Hardy's kernels on the host side and the rest of
  the known universe on the guest side. (LP: #243677) This allows guest
  2.6.26 and onwards kernels with KVM_GUEST enabled to boot.
* Updated Maintainer field to reflect main promotion.

Author: Soren Hansen
Revision Date: 2008-04-22 19:09:33 UTC

Revert sighandler.patch and virtio_hang.patch. Fixes hang in installer and
likely other places, too. (LP: #217815)

Author: Chris Halse Rogers
Revision Date: 2007-09-29 18:53:27 UTC

* debian/rules:
  + Call dh_installudev again (LP #127704). We have a slightly different
    udev policy to Debian.
* debian/preinst:
  + Remove code to delete old kvm.rules file. The file it references was
    never in the Ubuntu packages, and we use dh_installudev now.
* debian/control:
  + Demote the Recommends on kvm-source to Suggests. kvm works with the
    kernel modules we ship, so the kvm-source package doesn't add much.

Author: Ben Collins
Revision Date: 2007-04-15 17:52:01 UTC

* Revert to kvm-16 to match released kernel.
* Add epoch.

Author: Dustin Kirkland 
Revision Date: 2009-07-29 15:00:32 UTC

* debian/patches/CVE-2009-2287.patch:
* SECURITY UPDATE: Users could cause a NULL pointer exception
  by passing a bogus value of cr3 (LP: #406584).
 - debian/patches/CVE-2009-2287.patch:
 - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=59839dfff5eabca01cc4e20b45797a60a80af8cb
 - CVE-2009-2287