From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:470:142:3::10]:57791)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ityi1-0005uL-0n
 for guix-patches@gnu.org; Tue, 21 Jan 2020 13:57:06 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ityhy-0003HF-Rm
 for guix-patches@gnu.org; Tue, 21 Jan 2020 13:57:04 -0500
Received: from debbugs.gnu.org ([209.51.188.43]:42518)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1ityhy-0003H7-P4
 for guix-patches@gnu.org; Tue, 21 Jan 2020 13:57:02 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1ityhy-0003Zs-Oy
 for guix-patches@gnu.org; Tue, 21 Jan 2020 13:57:02 -0500
Subject: [bug#39225] [PATCH 0/2] QEMU updates
Resent-Message-ID: <handler.39225.B.157963297613672@debbugs.gnu.org>
Received: from eggs.gnu.org ([2001:470:142:3::10]:57683)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <leo@famulari.name>) id 1ityh1-0005qI-Eh
 for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:07 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <leo@famulari.name>) id 1itygx-0002Sr-Lg
 for guix-patches@gnu.org; Tue, 21 Jan 2020 13:56:03 -0500
Received: from out3-smtp.messagingengine.com ([66.111.4.27]:35375)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <leo@famulari.name>) id 1itygx-0002RZ-FY
 for guix-patches@gnu.org; Tue, 21 Jan 2020 13:55:59 -0500
Received: from jasmine.lan (c-76-124-138-63.hsd1.pa.comcast.net
 [76.124.138.63])
 by mail.messagingengine.com (Postfix) with ESMTPA id 15593306097C
 for <guix-patches@gnu.org>; Tue, 21 Jan 2020 13:55:57 -0500 (EST)
From: Leo Famulari <leo@famulari.name>
Date: Tue, 21 Jan 2020 13:55:50 -0500
Message-Id: <cover.1579632845.git.leo@famulari.name>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: 39225@debbugs.gnu.org

The security updates work with our current QEMU package of 4.1.1 as well
as 4.2.0.

I tested both 4.2.0 and the patched 4.1.1 by creating a vm-image and
running it with the "full" QEMU package, and the SLIRP networking works
fine in both cases.

Leo Famulari (2):
  gnu: QEMU: Fix CVE-2020-{7039,7211}.
  gnu: QEMU: Update to 4.2.0.

 gnu/local.mk                                  |   3 +
 gnu/packages/patches/qemu-CVE-2020-7039.patch | 173 ++++++++++++++++++
 gnu/packages/patches/qemu-CVE-2020-7211.patch |  49 +++++
 ...qemu-fix-documentation-build-failure.patch |  43 +++++
 gnu/packages/virtualization.scm               |   7 +-
 5 files changed, 273 insertions(+), 2 deletions(-)
 create mode 100644 gnu/packages/patches/qemu-CVE-2020-7039.patch
 create mode 100644 gnu/packages/patches/qemu-CVE-2020-7211.patch
 create mode 100644 gnu/packages/patches/qemu-fix-documentation-build-failure.patch

-- 
2.25.0