summaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2016-05-09Update version for 2.5.1.1 releasev2.5.1.1qemu.org/stable-2.5Michael Roth1-1/+1
2016-05-09cadence_uart: bounds check write offsetMichael S. Tsirkin1-0/+3
2016-05-08Revert "ehci: make idt processing more robust"Gerd Hoffmann1-3/+2
2016-05-08ehci: apply limit to iTD/sidt descriptorsGerd Hoffmann1-1/+5
2016-05-08vga: make sure vga register setup for vbe stays intact (CVE-2016-3712).Gerd Hoffmann1-0/+6
2016-05-08vga: update vga register setup on vbe changesGerd Hoffmann1-0/+1
2016-05-08vga: factor out vga register setupGerd Hoffmann1-34/+44
2016-05-08vga: add vbe_enabled() helperGerd Hoffmann1-4/+9
2016-05-08vga: fix banked access bounds checking (CVE-2016-3710)Gerd Hoffmann1-6/+18
2016-03-29Update version for 2.5.1 releasev2.5.1Michael Roth1-1/+1
2016-03-22hyperv: cpu hotplug fix with HyperV enabledDenis V. Lunev1-0/+1
2016-03-22vmdk: Fix converting to streamOptimizedFam Zheng1-1/+5
2016-03-22vmdk: Create streamOptimized as version 3Fam Zheng1-1/+7
2016-03-22usb: check USB configuration descriptor objectPrasad J Pandit1-1/+2
2016-03-22usb: check RNDIS message lengthPrasad J Pandit1-9/+9
2016-03-22usb: check RNDIS buffer offsets & lengthPrasad J Pandit1-3/+6
2016-03-22usb: check page select value while processing iTDPrasad J Pandit1-4/+6
2016-03-22net: ne2000: fix bounds check in ioport operationsPrasad J Pandit1-4/+6
2016-03-22net: check packet payload lengthPrasad J Pandit1-2/+8
2016-03-22ide: ahci: reset ncq object to unused on errorPrasad J Pandit1-0/+1
2016-03-22i386: avoid null pointer dereferenceP J P1-5/+10
2016-03-22hmp: fix sendkey out of bounds write (CVE-2015-8619)Wolfgang Bumiller3-13/+12
2016-03-22ahci: Do not unmap NULL addressesJohn Snow1-0/+8
2016-03-22migration: allow machine to enforce configuration section migrationGreg Kurz4-3/+32
2016-03-17vl.c: Fix regression in machine error messageMarcel Apfelbaum1-11/+26
2016-03-17quorum: Fix crash in quorum_aio_cb()Alberto Garcia1-5/+7
2016-03-17target-arm: Make reserved ranges in ID_AA64* spaces RAZ, not UNDEFPeter Maydell2-7/+122
2016-03-17vhost-user: don't merge regions with different fdsMichael S. Tsirkin3-0/+31
2016-03-17fw_cfg: unbreak migration compatibility for 2.4 and earlier machinesLaszlo Ersek2-8/+20
2016-03-17hw/virtio: group virtio flags into an enumMarcel Apfelbaum1-7/+10
2016-03-17hw/virtio: fix double use of a virtio flagMarcel Apfelbaum1-1/+1
2016-03-17spapr: skip configuration section during migration of older machinesGreg Kurz1-0/+1
2016-03-17e1000: eliminate infinite loops on out-of-bounds transfer startLaszlo Ersek1-2/+4
2016-03-17block: qemu-iotests - add test for snapshot, commit, snapshot bugJeff Cody3-0/+139
2016-03-17block: set device_list.tqe_prev to NULL on BDS removalJeff Cody3-12/+16
2016-03-17qmp: Fix reference-counting of qnull on empty output visitEric Blake2-7/+36
2016-03-17cpus: use broadcast on qemu_pause_condDr. David Alan Gilbert1-2/+2
2016-03-17fw_cfg: avoid calculating invalid current entry pointerGabriel L. Somlo1-2/+4
2016-03-17s390x/css: fix control flags during cschHalil Pasic1-1/+1
2016-03-17s390x/ioinst: set type and len for SEI responsePierre Morel1-1/+2
2016-03-17block/raw-posix: avoid bogus fixup for cylinders on DASD disksChristian Borntraeger1-7/+0
2016-03-17ehci: update irq on resetGerd Hoffmann1-0/+1
2016-03-17net: set endianness on all backend devicesLaurent Vivier1-12/+11
2016-03-17net: ne2000: check ring buffer control registersPrasad J Pandit1-0/+4
2016-03-17net/filter: fix nf->netdev_id leakLi Zhijian1-0/+1
2016-03-17net/dump: fix nfds->filename leakLi Zhijian1-0/+8
2016-03-17blockdev: Fix 'change' for slot devicesMax Reitz2-4/+30
2016-03-17block: Add blk_dev_has_tray()Max Reitz2-1/+10
2016-03-15net: rocker: fix an incorrect array bounds checkPrasad J Pandit1-4/+4
2016-03-15ivshmem: remove redundant assignment, fix crash with msi=offMarc-André Lureau1-3/+0