[Cc apo@] Marcus have you seen this bugreport?
11.09.2021 11:49, Matt Roberds wrote:
Package: qemu-system-x86 Version: 1:2.8+dfsg-6+deb9u15 Severity: important X-Debbugs-Cc: debian-...@lists.debian.org Hello all! Quick version: ============== I recently upgraded the qemu packages on my host from 1:2.8+dfsg-6+deb9u14 to 1:2.8+dfsg-6+deb9u15 , but this breaks user-mode networking in the guest. This is reproducible; going back to deb9u14 on the host makes user-mode networking work again in the guest, and going forward to deb9u15 breaks user-mode networking again in the guest.
I can't say much about the breakage you encountered. It looks like there were a few fixes has been applied to slirp code in it. From those listed in the changelog, nothing appears interesting, - maybe only CVE-2021-3594 fix (udp_input changes) but even there it should not affect regular TCP sessions (again, maybe it affects DNS resolution, I dunno). But I'm suggesting anyway to - 1 - switch away from the user-mode networking since it is really incomplete and not everything works with it. It is good for quick testing but definitely not for anything serious. It is relatively easy to configure a bridge on host and use it to attach tun ports of virtual machines. And 2, while this qemu version _seem_ to be supported, - in fact, only some selected bugs are fixed. Many many other issues remain, and there's no intention to fix these - because backporting the fixes requires quite significant effort and the result will be questionable anyway, since the code changed quite a lot in some areas, we can't guarantee our backport will work correctly. It might be easier to switch to either oldstable (with its own load of bugs including security ones!) or to current stable than to backport stuff to old-old-stable. This is just my opinion, nothing more. Thanks, /mjt
