news: document new crypto TLS priority string settings

author Daniel P. Berrangé <berrange@redhat.com>

Tue, 22 Jul 2025 10:35:36 +0000 (11:35 +0100)

committer Daniel P. Berrangé <berrange@redhat.com>

Tue, 22 Jul 2025 13:23:50 +0000 (14:23 +0100)
author Daniel P. Berrangé <berrange@redhat.com>
Tue, 22 Jul 2025 10:35:36 +0000 (11:35 +0100)
committer Daniel P. Berrangé <berrange@redhat.com>
Tue, 22 Jul 2025 13:23:50 +0000 (14:23 +0100)
diff --git a/NEWS.rst b/NEWS.rst

index c7885f01a00ca94301ef4a1434fe35a95fa0d813..e5e8626729511247805554a4099b1931fb47c80c 100644 (file)
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -24,6 +24,14 @@ v11.6.0 (unreleased)
      flag the baseline API would return reasonable output only when run on one of
      the hosts that the input CPU definitions were collected from.
  
+  * Allow control over QEMU TLS priority strings
+
+    The qemu.conf file now has multiple settings allowing control over the
+    QEMU TLS priority strings, for the different subsystems in QEMU that
+    can support TLS. This can be used to workaround a current bug in GNUTLS
+    that is liable to cause crashes of the source QEMU when performing long
+    running live migration operations with TLS enabled.
+
  * **Improvements**
  
    * qemu: Change default SCSI controller model to ``virtio-scsi`` for ARM and RISC-V
author	Daniel P. Berrangé <berrange@redhat.com>
	Tue, 22 Jul 2025 10:35:36 +0000 (11:35 +0100)
committer	Daniel P. Berrangé <berrange@redhat.com>
	Tue, 22 Jul 2025 13:23:50 +0000 (14:23 +0100)