-
libvirt (0.9.13-0ubuntu12.6) quantal-security; urgency=medium
* SECURITY UPDATE: denial of service via job usage issues in several APIs
- debian/patches/CVE-2013-6458.patch: fix races in
src/qemu/qemu_driver.c. Backport virReportError macro to cfg.mk,
src/util/virterror_internal.h.
- CVE-2013-6458
* SECURITY UPDATE: denial of service via keepalive feature
- debian/patches/CVE-2014-1447.patch: make sure connection isn't closed
in src/rpc/virnetserverclient.c.
- CVE-2014-1447
-- Marc Deslauriers <email address hidden> Mon, 20 Jan 2014 15:04:57 -0500
-
libvirt (0.9.13-0ubuntu12.5) quantal-security; urgency=low
* SECURITY UPDATE: possible privilege escalation via pkcheck race.
- debian/patches/CVE-2013-4311.patch: add uid to pkcheck call in
configure.ac, daemon/remote.c, src/Makefile.am,
src/rpc/virnetserverclient.*, src/rpc/virnetsocket.c*,
src/util/virprocess.*, src/util/virstring.*.
- debian/rules: use autoreconf.mk.
- debian/control: specify version of policykit-1 security update, add
libpolkit-gobject-1-dev, dh-autoreconf and autopoint to Build-Depends
- CVE-2013-4311
* SECURITY UPDATE: denial of service in remoteDispatchDomainMemoryStats
- debian/patches/CVE-2013-4296.patch: properly initialize stats in
daemon/remote.c.
- CVE-2013-4296
-- Marc Deslauriers <email address hidden> Fri, 13 Sep 2013 20:53:58 -0400
-
libvirt (0.9.13-0ubuntu12.3) quantal-proposed; urgency=low
* put libvirt-bin dnsmasq file into /etc/dnsmasq.d-available, and
create a symlink in /etc/dnsmasq.d, to avoid problems when removing
and re-installing libvirt-bin. (LP: #1113821)
* Add code to postinst to fix any double-migration of /etc/dnsmasq.
(LP: #1157332)
* debian/libvirt-bin.{dirs,install}: install dnsmasq.d-available/libvirt-bin
-- Serge Hallyn <email address hidden> Tue, 16 Apr 2013 07:11:17 -0500
-
libvirt (0.9.13-0ubuntu12.2) quantal-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
uninitialized pointer
- debian/patches/CVE-2013-0170.patch: remove message from queue before
freeing in src/rpc/virnetserverclient.c.
- CVE-2013-0170
-- Marc Deslauriers <email address hidden> Mon, 28 Jan 2013 15:20:54 -0500
-
libvirt (0.9.13-0ubuntu12.1) quantal-proposed; urgency=low
* git_set_xdg_env.patch: correctly define the xdg environment,
otherwise the clients can fail to locate the service (lp: #1074418)
-- Sebastien Bacher <email address hidden> Wed, 28 Nov 2012 15:06:10 +0100
-
libvirt (0.9.13-0ubuntu12) quantal; urgency=low
* Refresh fix-ubuntu-xen-qemu-dm-path.patch to only use executable
names and let the toolchain find out the right paths (LP: #914788).
Thanks George Dunlap.
* Refresh and re-activate xen_hypervisor-treat-missing-privcmd-file-
as-temporary.patch (LP: #922486)
-- Stefan Bader <email address hidden> Fri, 05 Oct 2012 11:35:43 +0200
-
libvirt (0.9.13-0ubuntu11) quantal-proposed; urgency=low
* SECURITY UPDATE: denial of service via invalid RPC command
- debian/patches/CVE-2012-3445.patch: make sure nparams isn't set to
zero in daemon/remote.c.
- CVE-2012-3445
-- Marc Deslauriers <email address hidden> Wed, 26 Sep 2012 11:49:45 -0400
-
libvirt (0.9.13-0ubuntu10) quantal; urgency=high
* apply fix-cve-2012-4423 from upstream to prevent potential daemon
segfaults with newer virsh.
- Fixes: CVE-2012-4423.
-- Serge Hallyn <email address hidden> Fri, 14 Sep 2012 11:05:40 -0500
-
libvirt (0.9.13-0ubuntu9) quantal; urgency=low
* debian/patches/lp1039678.patch: fix segfault in 'snapshot-list'
- LP: #1039678
-- Jamie Strandboge <email address hidden> Tue, 21 Aug 2012 13:59:34 -0500
-
libvirt (0.9.13-0ubuntu8) quantal-proposed; urgency=low
* debian/libvirt-bin.apport: add filter on AppArmor profile names to
prevent false positives from denials originating in other packages.
-- Marc Deslauriers <email address hidden> Mon, 20 Aug 2012 10:49:17 -0400
-
libvirt (0.9.13-0ubuntu7) quantal; urgency=low
* debian/apparmor/libvirt-qemu: allow owner read access to @{PROC}/*/auxv
-- Jamie Strandboge <email address hidden> Tue, 14 Aug 2012 16:44:30 -0500
-
libvirt (0.9.13-0ubuntu6) quantal; urgency=low
* enable netcf support (LP: #520386)
- debian/control: build-dep on libnetcf-dev
- debian/rules: add --with-netcf to configure args
* add patch netcf-daemon-fix-wrong-macro-name from upstream so netcf support
can actually work.
-- Serge Hallyn <email address hidden> Wed, 08 Aug 2012 07:54:16 -0500
-
libvirt (0.9.13-0ubuntu5) quantal; urgency=low
* add patch Reduce-udevadm-settle-timeout-to-10-seconds.patch (copied from
Debian tree) to fix 3 minute hang during pool-refresh when using LVM
backed pools. (LP: #1027987)
* debian/control: add pm-utils to libvirt-bin Suggests. (LP: #994476)
-- Serge Hallyn <email address hidden> Thu, 26 Jul 2012 11:05:18 -0500
-
libvirt (0.9.13-0ubuntu4) quantal; urgency=low
* debian/patches/add-armhf-sysinfo-infomration.patch:
Provides cpuinfo for armhf cpus.
* debian/patches/add-armhf-cpuinfo-parser.patch:
Fixes compile time warning about armhf cpus.
-- Chuck Short <email address hidden> Thu, 19 Jul 2012 14:54:47 -0500
-
libvirt (0.9.13-0ubuntu3) quantal; urgency=low
* debian/apparmor/libvirt-qemu: add ceph.conf (LP: #1026404)
* debian/patches: re-add 9002-better_default_uri_virsh.patch (LP: #1026515)
-- Serge Hallyn <email address hidden> Thu, 19 Jul 2012 07:58:39 -0500
-
libvirt (0.9.13-0ubuntu2) quantal; urgency=low
* Apply upstream patch to switch default storage pool dir perms from 0700
to 0755. Then push our own patch to change that to 0711. We'll get the
upstream patch on 0.9.14 merge, but we'll want to keep our patch on top
of that.
-- Serge Hallyn <email address hidden> Mon, 16 Jul 2012 18:06:43 +0000
-
libvirt (0.9.13-0ubuntu1) quantal; urgency=low
* New upstream version:
* debian/rules: Remove .la files
* debian/control: Dropped debian vcs info.
* Dropped:
- debian/paches/9022-pass-the-virt-driver-name-into-security-drivers:
Already applied upstream.
- debian/patches/9023-dont-enable-apparmor-driver-with-lxc
Already applied upstream.
- debian/patches/9024-initialize-random-generator-in-lxc:
Already applied upstream.
* Re-diffed:
- debian/patches/9002-better_default_uri_virsh.patch
* Added:
- debian/patches/add-libvirt-highbank-support.patch: Add highbank
CPU detection support.
- debian/patches/fix-lxc-container-unmounting.patch: Fix container
mounting.
-- Chuck Short <email address hidden> Wed, 11 Jul 2012 12:37:49 -0500
-
libvirt (0.9.12-0ubuntu5) quantal; urgency=low
* 9024-initialize-random-generator-in-lxc: invoke virRandomInitialize()
to prevent segfaults when lxc uses virRandomBits(). (LP: #1023205)
-- Serge Hallyn <email address hidden> Wed, 11 Jul 2012 07:59:03 -0500
-
libvirt (0.9.12-0ubuntu4) quantal; urgency=low
* 9022-pass-the-virt-driver-name-into-security-drivers and
9023-dont-enable-apparmor-driver-with-lxc: fix libvirt-lxc breakages
due to incomplete apparmor security driver for lxc.
-- Serge Hallyn <email address hidden> Fri, 29 Jun 2012 18:15:04 -0500
-
libvirt (0.9.12-0ubuntu3) quantal; urgency=low
* install apport hook as right name - libvirt-bin is the binary package,
the source package name is libvirt. (LP: #1007405)
* install /etc/dnsmasq.d/libvirt to configure system wide dnsmasq to not
listen on the libvirt bridge. (Following Stéphane's lxc example)
(LP: #928524) (LP: #231060)
- postinst: restart dnsmasq; postrm: remove dnsmasq.d/libvirt file and
restart dnsmasq; rules, libvirt-bin.dirs and libvirt-bin.install:
install new debian/libvirt-bin.dnsmasq file.
-- Serge Hallyn <email address hidden> Fri, 01 Jun 2012 09:36:58 -0500
-
libvirt (0.9.12-0ubuntu2) quantal; urgency=low
* Warn user about bad pc-0.12 machine type, and help user transition.
(LP: #1001625)
- qemu-warn-on-pc-0.12.patch: When defining or starting a VM which uses the
pc-0.12 machine type, warn in libvirtd.log.
- debian/libvirt-migrate-qemu-machinetype: automatically migrate QEMU VMs
to newest machine type. This is not done automatically as there will
be some users who have good reason to stay with pc-0.12.
-- Serge Hallyn <email address hidden> Mon, 28 May 2012 17:48:50 +0000
-
libvirt (0.9.12-0ubuntu1) quantal; urgency=low
* New upstream version:
* Synchronize with debian packaging:
- debian/control: Update build depends.
- debian/libvirt-bin.postrm: Cleanup /var/log/libvirt
on purge.
- Bump standards verson (no changes).
- debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch: Added
* Dropped patches:
- debian/patches/Debianize-libvirt-guests.patch
- debian/patches/rewrite-lxc-controller-eof-handling-yet-again
- debian/patches/ubuntu/libnl13.patch
- debian/patches/ubuntu/fix-lxc-startup-error.patch
- debian/patches/ubuntu/fix-bridge-fd.patch
- debian/patches/ubuntu/skip-labelling-network-disks.patch
- debian/patches/ubuntu/xen-xend-shutdown-detection.patch
- debian/patches/ubuntu/xen-config-no-vfb-for-hvm.patch
- debian/patches/debian/Disable-daemon-start-test.patch
- debian/patches/debian/Disable-gnulib-s-test-nonplocking-pipe.sh.patch
- debian/patches/ubuntu/9006-default-config-test-case.patch
- debian/patches/fix-block-migration.patch
- debian/patches/ubuntu/9022-qemu-unescape-HMP-commands-before-converting-them-to.patch
- debian/patches/ubuntu/9023-qemu-change-rbd-auth_supported-separation-character-.patch
- debian/patches/ubuntu/9024-qemu-allow-snapshotting-of-sheepdog-and-rbd-disks.patch
- debian/patches/9025-qemu-change-rbd-auth_supported-separation-character-.patch
- debian/patches/ubuntu/arm-gcc-workaround.patch
* Rediffed:
- debian/patches/Allow-libvirt-group-to-access-the-socket.patch
- debian/patches/Disable-failing-virnetsockettest.patch
- debian/patches/dnsmasq-as-priv-user
- debian/patches/9002-better_default_uri_virsh.patch
* debian/control: Add libnl-route-3-dev ass a build depends.
* debian/patches/libnl3-build-fix.patch: Fix build with libnl3.
-- Chuck Short <email address hidden> Sun, 13 May 2012 15:44:12 -0400
-
libvirt (0.9.8-2ubuntu19) quantal; urgency=low
* Warn user about bad pc-0.12 machine type, and help user transition.
(LP: #1001625)
- qemu-warn-on-pc-0.12.patch: When defining or starting a VM which uses the
pc-0.12 machine type, warn in libvirtd.log.
- debian/libvirt-migrate-qemu-machinetype: automatically migrate QEMU VMs
to newest machine type. This is not done automatically as there will
be some users who have good reason to stay with pc-0.12.
-- Serge Hallyn <email address hidden> Wed, 23 May 2012 08:39:45 -0500
-
libvirt (0.9.8-2ubuntu18) quantal; urgency=low
* debian/apparmor/usr.sbin.libvirtd: allow execution of /lib/udev/scsi_id
(LP: #992378)
-- Serge Hallyn <email address hidden> Wed, 02 May 2012 14:02:32 -0500
-
libvirt (0.9.8-2ubuntu17) precise; urgency=low
* debian/apparmor/usr.lib.libvirt.virt-aa-helper: add /**.qed r so qed
drives in non-standard locations can be used. (LP: #981571)
-- Serge Hallyn <email address hidden> Mon, 16 Apr 2012 11:30:47 -0500
