Hi everyone, The QEMU v7.2.22 stable release is now available.
You can grab the tarball from our download page here: https://www.qemu.org/download/#source https://download.qemu.org/qemu-7.2.22.tar.xz https://download.qemu.org/qemu-7.2.22.tar.xz.sig (signature) v7.2.22 is now tagged in the official qemu.git repository, and the stable-7.2 branch has been updated accordingly: https://gitlab.com/qemu-project/qemu/-/commits/stable-7.2 There are 25 changes since the previous v7.2.21 release. The changes include a fix for CVE-2025-11234 (use after free in websocket handshake code). This release is expected to be the last one in 7.2.x series, except if an urgent or security fix will be needed. Thank you everyone who has been involved and helped with the stable series! /mjt Changelog (stable-7.2-hash master-hash Author Name: Commmit-Subject): 30a68773a4 Michael Tokarev: Update version for 7.2.22 release d0a90254f1 5fc50b4ec8 Peter Maydell: hw/misc/npcm_clk: Don't divide by zero when calculating frequency 842f4f8db3 032333eba7 Peter Maydell: hw/display/xlnx_dp: Don't abort for unsupported graphics formats ed8911d1c6 f52db7f342 Peter Maydell: hw/display/xlnx_dp.c: Don't abort on AUX FIFO overrun/underrun 516bab6fdf a01344d9d7 Peter Maydell: net: pad packets to minimum length in qemu_receive_packet() 28efd5e5dd bab496a183 Peter Maydell: hw/net/e1000e_core: Adjust e1000e_write_payload_frag_to_rx_buffers() assert 84b22d847c 9d946d56a2 Peter Maydell: hw/net/e1000e_core: Correct rx oversize packet checks ed8bb28165 6da0c98281 Peter Maydell: hw/net/e1000e_core: Don't advance desc_offset for NULL buffer RX descriptors b048921c1c 9d86181874 Eric Blake: qio: Protect NetListener callback with mutex cd990562fa b5676493a0 Eric Blake: qio: Remember context of qio_net_listener_set_client_func_full 737c9f03e9 6e03d5cdc9 Eric Blake: qio: Unwatch before notify in QIONetListener ab84c84130 59506e59e0 Eric Blake: qio: Add trace points to net_listener 020a726791 ad97769e9d Richard W.M. Jones: block/curl.c: Fix CURLOPT_VERBOSE parameter type 514a83a038 ed26056d90 Richard W.M. Jones: block/curl.c: Use explicit long constants in curl_easy_setopt calls ce3d901244 3995fc238e Daniel P. Berrangé: crypto: stop requiring "key encipherment" usage in x509 certs cebdbd038e b7a1f2ca45 Daniel P. Berrangé: io: fix use after free in websocket handshake code 911c814c8c 322c3c4f3a Daniel P. Berrangé: io: move websock resource release to close method 7769aada0a 2c147611cf Daniel P. Berrangé: io: release active GSource in TLS channel finalizer f3929f32fb 003f15369d Daniel P. Berrangé: io: add trace event when cancelling TLS handshake 87ceabcf34 0db2de22fc Peter Maydell: linux-user: permit sendto() with NULL buf and 0 len a041632d4c 7c70893216 Bastian Blank: linux-user: Use correct type for FIBMAP and FIGETBSZ emulation c88a40041f 58aa1d08bb Paolo Bonzini: target/i386: user: do not set up a valid LDT on reset 5adcdce946 5142397c79 Paolo Bonzini: async: access bottom half flags with qatomic_read 9fed0f14b2 cdba90ac1b YiFei Zhu: i386/tcg/smm_helper: Properly apply DR values on SMM entry / exit f4ede985eb df32e5c568 Paolo Bonzini: i386/cpu: Prevent delivering SIPI during SMM in TCG mode 873955f965 df9a3372dd Mathias Krause: target/i386: Fix CR2 handling for non-canonical addresses
