Planning/4.0: Difference between revisions

From QEMU
Line 72: Line 72:


* "0/3 usb-mtp: fix ObjectInfo request handling" (potential guest-triggered security issue, read off end of buffer, only present if you're using usb-mtp and have explicitly enabled write support) https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02524.html -- we might want to just apply patch 2 which is the security fix and looks safe to me
* "0/3 usb-mtp: fix ObjectInfo request handling" (potential guest-triggered security issue, read off end of buffer, only present if you're using usb-mtp and have explicitly enabled write support) https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02524.html -- we might want to just apply patch 2 which is the security fix and looks safe to me
* qcow2 corruption bug in a corner case in a new feature (kwolf to send pullreq)


=== Issues that will not be fixed ===
=== Issues that will not be fixed ===

Revision as of 14:24, 16 April 2019

Release Schedule

Tentatively proposed dates, still to be discussed/agreed.

2018-12-12 Beginning of development phase
2019-03-12 Soft feature freeze. Only bug fixes after this point. All feature changes must be already in a sub maintainer tree and all pull requests from submaintainers must have been sent to the list by this date.
2019-03-19 Hard feature freeze. Tag rc0
2019-03-26 Tag rc1
2019-04-02 Tag rc2
2019-04-09 Tag rc3
2019-04-16 Release, or tag rc4 if extra RC cycle needed
2019-04-23 Release, if we needed an rc4.

Known issues

Please list all patch series or bugs which need to be fixed for the release here. That way I can be sure I don't miss any when I'm rolling release candidates.

Fixed in rc0

Fixed in rc1

Fixed in rc2

Fixed in rc3

Will be fixed in rc4

Not yet fixed in any rc

  • "0/3 usb-mtp: fix ObjectInfo request handling" (potential guest-triggered security issue, read off end of buffer, only present if you're using usb-mtp and have explicitly enabled write support) https://lists.gnu.org/archive/html/qemu-devel/2019-04/msg02524.html -- we might want to just apply patch 2 which is the security fix and looks safe to me
  • qcow2 corruption bug in a corner case in a new feature (kwolf to send pullreq)

Issues that will not be fixed

Targeted Features

See the ChangeLog/4.0 for full details.