Hi everyone, I am pleased to announce that the QEMU v2.1.3 stable release is now available at:
http://wiki.qemu.org/download/qemu-2.1.3.tar.bz2 v2.1.3 is now tagged in the official qemu.git repository, and the stable-2.1 branch has been updated accordingly: http://git.qemu.org/?p=qemu.git;a=shortlog;h=refs/heads/stable-2.1 This release includes a number of security fixes relating to the the access of QEMU host-side memory via VNC or vmware-vga emulation, as well as numerous fixes overhauling error-checking, resource leaking, and reference-counting across various image formats, virtio devices, and other areas of QEMU. This is the last release planned for the QEMU 2.1 series. Thank you to everyone involved! CHANGELOG: c2b0926: Update version for v2.1.3 release (Michael Roth) b316937: vl.c: fix regression when reading machine type from config file (Marcel Apfelbaum) 5b5c7bf: PPC: Fix crash on spapr_tce_table_finalize() (David Gibson) 6df8cd2: atomic: fix position of volatile qualifier (Paolo Bonzini) ff2fff6: migration/block: fix pending() return value (Vladimir Sementsov-Ogievskiy) 83a6674: pc: acpi: mark all possible CPUs as enabled in SRAT (Igor Mammedov) 39639d8: target-xtensa: test cross-page opcode (Max Filippov) 6e64c4e: target-xtensa: fix translation for opcodes crossing page boundary (Max Filippov) 73c1527: audio: Don't free hw resources until after hw backend is stopped (Peter Maydell) b466e17: linuxboot: fix loading old kernels (Paolo Bonzini) 6a47ae2: linuxboot: compute initrd loading address (Paolo Bonzini) 5f0681e: block: Don't probe for unknown backing file format (Kevin Wolf) 75eb0f5: qcow2.py: Add required padding for header extensions (Kevin Wolf) b495764: qcow2: Fix header extension size check (Kevin Wolf) 21640bf: block migration: fix return value (Gary R Hook) 6bbb939: block/raw-posix: Fix ret in raw_open_common() (Max Reitz) 178ed9a: qcow2: Respect bdrv_truncate() error (Max Reitz) 0505d48: qcow2: Flushing the caches in qcow2_close may fail (Max Reitz) 0073781: blkdebug: report errors on flush too (Paolo Bonzini) 175117c: qcow2: Prevent numerical overflow (Max Reitz) aa58eed: iotests: Add test for unsupported image creation (Max Reitz) e6c172a: iotests: Only kill NBD server if it runs (Max Reitz) 07ede68: qemu-img: Check create_opts before image amendment (Max Reitz) 2fbad1f: qemu-img: Check create_opts before image creation (Max Reitz) dee2848: block: Check create_opts before image creation (Max Reitz) ad0983b: block/nfs: Add create_opts (Max Reitz) b3729b2: block/vvfat: qcow driver may not be found (Max Reitz) 1b9ea89: block: Omit bdrv_find_format for essential drivers (Max Reitz) cdeb85c: block: Make essential BlockDriver objects public (Max Reitz) b28d7b5: virtio-net: fix unmap leak (Jason Wang) cd2f44c: hw/ide/core.c: Prevent SIGSEGV during migration (Don Slutz) 8444701: exec: Handle multipage ranges in invalidate_and_set_dirty() (Peter Maydell) 05c5feb: l2tpv3: fix possible double free (zhanghailiang) de98dc9: libcacard: fix resource leak (zhanghailiang) 0c80570: virtio-scsi: work around bug in old BIOSes (Paolo Bonzini) 14b51b6: kvm: Fix memory slot page alignment logic (Alexander Graf) ea227e2: target-xtensa: add missing window check for entry (Max Filippov) aae114b: esp-pci: fixup deadlock with linux (Hannes Reinecke) cfa86bc: hw/ppc/spapr_pci.c: Avoid functions not in glib 2.12 (g_hash_table_iter_*) (Peter Maydell) b57b7ec: snapshot: add bdrv_drain_all() to bdrv_snapshot_delete() to avoid concurrency problem (Zhang Haoyu) f8c61eb: hw/xtensa/xtfpga: treat uImage load address as virtual (Max Filippov) c448fb7: hw/core/loader: implement address translation in uimage loader (Max Filippov) 8239a58: tcg/mips: fix store softmmu slow path (Aurelien Jarno) cb91dce: virtio-scsi: sense in virtio_scsi_command_complete (Ting Wang) b2f1d90: vnc: sanitize bits_per_pixel from the client (Petr Matousek) 5a6af97: Make qemu_shutdown_requested signal-safe (Jan Kiszka) 90de7a0: libcacard: don't free sign buffer while sign op is pending (Ray Strode) 5724858: qcow2: Do not overflow when writing an L1 sector (Max Reitz) ff830f9: vmware-vga: use vmsvga_verify_rect in vmsvga_fill_rect (Gerd Hoffmann) 82e8913: vmware-vga: use vmsvga_verify_rect in vmsvga_copy_rect (Gerd Hoffmann) 38e6e1c: vmware-vga: use vmsvga_verify_rect in vmsvga_update_rect (Gerd Hoffmann) 4bcf40b: vmware-vga: add vmsvga_verify_rect (Gerd Hoffmann) 8bf7738: vmware-vga: CVE-2014-3689: turn off hw accel (Gerd Hoffmann) 8100812: pc: Fix disabling of vapic for compat PC models (Jan Kiszka) cf0276b: virtio-9p: fix virtio-9p child refcount in transports (Gonglei) b5ad76a: virtio-9p: use aliases instead of duplicate qdev properties (Gonglei) 20dc758: virtio-balloon: fix virtio-balloon child refcount in transports (Gonglei) 0077793: virtio-rng: fix virtio-rng child refcount in transports (Gonglei) c4164ea: virtio-rng: use aliases instead of duplicate qdev properties (Gonglei) 8c64b47: virtio-serial: fix virtio-serial child refcount in transports (Gonglei) aa383e9: virtio-serial: use aliases instead of duplicate qdev properties (Gonglei) f06c87b: virtio/vhost-scsi: fix virtio-scsi/vhost-scsi child refcount in transports (Gonglei) eb5388e: virtio/vhost-scsi: use aliases instead of duplicate qdev properties (Gonglei) 83f81f3: virtio-net: fix virtio-net child refcount in transports (Gonglei) b6bd501: virtio-net: use aliases instead of duplicate qdev properties (Gonglei) 0369529: vhost-scsi: use virtio_ldl_p (Paolo Bonzini) c29bf82: smbios: Fix assertion on socket count calculation (Eduardo Habkost) e2d402d: snapshot: fix referencing wrong variable in while loop in do_delvm (Zhang Haoyu) 4d492e8: tests: avoid running duplicate qom-tests (Michael Roth) 45c46f2: pc-dimm: Don't check dimm->node when there is non-NUMA config (zhanghailiang) c4379ce: ivshmem: Fix fd leak on error (Andreas Färber) a95569d: ivshmem: Fix potential OOB r/w access (Sebastian Krahmer) 15905fd: ivshmem: validate incoming_posn value from server (Stefan Hajnoczi) f1a8429: ivshmem: Check ivshmem_read() size argument (Stefan Hajnoczi) 09d552b: vhost-user: fix VIRTIO_NET_F_MRG_RXBUF negotiation (Damjan Marion) d754428: virtio-balloon: fix integer overflow in memory stats feature (Luiz Capitulino) 5d35098: monitor: Reset HMP mon->rs in CHR_EVENT_OPEN (Stratos Psomadakis) ff1f973: qemu-iotests: Test missing "driver" key for blockdev-add (Fam Zheng) 0b2d2e0: tests: add QMP input visitor test for unions with no discriminator (Michael Roth) 4a58f3c: qapi: dealloc visitor, implement visit_start_union (Michael Roth) 96c6cf6: qapi: add visit_start_union and visit_end_union (Michael Roth) b5fc105: gdbstub: init mon_chr through qemu_chr_alloc (Pavel Dovgalyuk) e1cf5a2: hw/arm/virt: fix pl011 and pl031 irq flags (Peter Maydell) 490a0f8: spapr_pci: map the MSI window in each PHB (Greg Kurz) e4fb3de: virtio-pci: enable bus master for old guests (Michael S. Tsirkin) 7fb768e: pci: Use bus master address space for delivering MSI/MSI-X messages (Jan Kiszka) 2151206: kvmclock: Add comment explaining why we need cpu_clean_all_dirty() (Eduardo Habkost) c35ba0d: kvmclock: Ensure time in migration never goes backward (Alexander Graf) 61048e1: kvmclock: Ensure proper env->tsc value for kvmclock_current_nsec calculation (Marcelo Tosatti) a9ed615: Introduce cpu_clean_all_dirty (Marcelo Tosatti) 3807aeb: xhci PCIe endpoint migration compatibility fix (Dr. David Alan Gilbert) ff3bd5e: exec: file_ram_alloc(): print error when prealloc fails (Luiz Capitulino) d6af26d: qdev: Add cleanup logic in device_set_realized() to avoid resource leak (Gonglei) 8bb90ee: qdev: Use NULL instead of local_err for qbus_child unrealize (Gonglei)