[ubuntu/bionic-updates] lxc 3.0.1-0ubuntu1~18.04.1 (Accepted)

Łukasz Zemczak lukasz.zemczak at canonical.com
Thu Jun 21 07:49:52 UTC 2018


lxc (3.0.1-0ubuntu1~18.04.1) bionic; urgency=medium

  * New upstream bugfix release (LP: #1775283):
    - tools: fix unitialized variable
    - storage: fix lvm fs uuid generation
    - lxc-oci: fix Cmd/Entrypoint parsing
    - lxc-oci: make umoci less verbose
    - lxclock: use thread-safe OFD fcntl() locks
    - locktests: fix test suite
    - conf: ensure umounts don’t propagate to host
    - doc: Tweak Japanese translation in lxc.container.conf(5)
    - fix signal sending in lxc.init
    - rootfs pinning: On NFS, make file hidden but don’t delete it
    - conf: fix temporary file creation
    - ringbuf: fix temporary file creation
    - Fix compilation with static libcap and shared gnutls
    - attach: always drop supplementary groups
    - lxc init: remove dead code
    - storage/rsync: free memory on error
    - tools/utils: free memory on error
    - lxc init: coding style
    - utils: define __NR_setns if missing on old glibcs
    - attach: try to always drop supplementary groups
    - conf: ret-try devpts mount without gid=5 on error
    - execute: fix app containers without root mapping
    - conf: fix net type checks in run_script_argv()
    - seccomp: handle arch inversion
    - seccomp: handle all errors
    - seccomp: cleanup compat architecture handling
    - seccomp: improve logging
    - tools: document -d/–daemonize for lxc-execute
    - seccomp: non-functional changes
    - seccomp: handle arch inversion II
    - lxc-oci: mkdir the download directory
    - do_lxcapi_create: set umask
    - lxc/tools/lxc_monitor: include missing <stddef.h>
    - pam-cgfs: ignore the system umask when creating the cgroup hierarchy
    - Also pass action scripts to CRIU on checkpointing
    - Fix the memory leak in cgfsng_attach
    - Fix memory leak in list_active_containers
    - Fix tool_utils.c build when HAVE_SETNS is unset
    - coverity: #1435210
    - coverity: #1435208
    - coverity: #1435207
    - coverity: #1435206
    - coverity: #1435205
    - coverity: #1435203
    - coverity: #1435200
    - coverity: #1435198
    - coverity: #1426734
    - lxccontainer: non-functional changes
    - lxccontainer: use thread-safe OFD locks
    - lxccontainer: non-functional changes
    - lxccontainer: do_lxcapi_is_running()
    - lxccontainer: do_lxcapi_freeze()
    - lxccontainer: do_lxcapi_unfreeze()
    - lxccontainer: non-functional changes
    - lxccontainer: use thread-safe open() + write()
    - lxccontainer: non-functional changes
    - lxccontainer: non-functional changes
    - lxccontainer: non-functional changes
    - coverity: #1435263
    - fix logic for execute log file
    - utils: add LXC_PROC_PID_FD_LEN
    - execute: use static buffer
    - execute: do not check inherited fds again
    - add some TRACE/ERROR reporting
    - execute: account for -o path option count
    - execute: set init_path when existing init is found
    - genl: remove
    - coverity: #1248104
    - coverity: #1248105
    - coverity: #1425744
    - utils: account for terminating \0 byte
    - confile: satisfy gcc-8
    - network: silence gcc-8
    - network: adhere to IFNAMSIZ limit
    - support case ignored suffix for sizes
    - utils: fix parse_byte_size_string() coding style
    - strlcpy: add strlcpy() implementation
    - tree-wide: s/strncpy()/strlcpy()/g
    - CODING_STYLE: add section about using strlcpy()
    - tools: s/strncpy()/strlcpy()/g
    - Revert “tools: s/strncpy()/strlcpy()/g”
    - tools: s/strncpy()/memcpy()/
    - doc: Add “-d/–daemon” option to Japanese lxc-execute(1)
    - doc: Fix size unit style in Japanese lxc.container.conf(5)
    - coverity: #1435604
    - coverity: #1435603
    - coverity: #1435602
    - coverity: #1425844
    - config: allow read-write /sys in user namespace
    - coverity: #1425836
    - coverity: #1248106
    - capabilities: raise ambient capabilities
    - coverity: #1425802
    - cgroups: refactor cgroup handling
    - cgroups: remove freezer_state()
    - seccomp: #ifdef SCMP_ARCH_AARCH64
    - conf: simplify write_id_mapping()
    - log: enable per-thread container name prefix
    - lxc-init: skip signals that can’t be caught
    - execute: use execveat() syscall if supported
    - tools: only create log file when requested
    - seccomp: fix off-by-one error in array allocation for sscanf
    - seccomp: remove confusing comment line
    - seccomp: remove unnecessary memset
    - seccomp: fix type mismatch when parsing syscall arguments filters
    - lxcseccomp: cleanup header
    - seccomp: parse_config_v1()
    - utils: add remove_trailing_newlines()
    - seccomp: get_v2_default_action()
    - seccomp: get_action_name()
    - seccomp: get_v2_action()
    - seccomp: fix get_seccomp_arg_value()
    - seccomp: parse_v2_rules()
    - seccomp: move #ifdefines
    - seccomp: get_hostarch()
    - seccomp: scmp_filter_ctx get_new_ctx()
    - seccomp: do_resolve_add_rule()
    - seccomp: parse_config_v2()
    - seccomp: parse_config()
    - seccomp: lxc_read_seccomp_config()
    - tree-wide: s/sigprocmask/pthread_sigmask()/g
    - utils: fix task_blocking_signal()
    - lxccontainer: fix fd leaks when sending signals
    - confile: order architectures
    - start: log setns() failure
    - seccomp: leak fixup
    - seccomp: re-add action parse error handling
    - seccomp: refactor line handling of parse_config
    - seccomp: error on unrecognized actions
    - seccomp: lxc_read_seccomp_config()
    - seccomp: parse_v2_rules()
    - seccomp: make do_resolve_add_rule() more strict
    - tools: fix lxc-create with global config value
    - tools: fix lxc-create with global config value II
    - coverity: #1435806
    - coverity: #1435805
    - coverity: #1435803
    - coverity: #1435747
    - conf: non-functional changes
    - conf: make is_execute a boolean
    - conf: non-functional changes
    - conf: make close_all_fds a boolean
    - conf: reshuffle mount members
    - conf: simplify tty handling
    - conf: pts -> pty_max
    - conf: non-functional changes
    - utils: fix task_blocking_signal()
    - network: fix socket handle leak
    - start: do not init ns_clone_flags to -1
    - conf: ensure lxc_delete_tty() does not crash
    - start: add reboot macros
    - conf: make root idmap structs const
    - conf: make tmp_umount_proc bool
    - conf: non-functional changes
    - conf: va_end was not called.
    - confile: improve strprint()
    - change defines for return value of handlers
    - start: fix waitpid() blocking issue
    - start: log unknown info.si_code
    - tree-wide: fix mode of some files
    - confile_utils: apply strprint()
    - templates: actually create DOWNLOAD_TEMP directory
    - templates: fix download template
    - Patch lxc-update-config

  * Bump standard to 4.1.4

Date: 2018-06-05 22:26:07.901529+00:00
Changed-By: Stéphane Graber <stgraber at stgraber.org>
Signed-By: Łukasz Zemczak <lukasz.zemczak at canonical.com>
https://launchpad.net/ubuntu/+source/lxc/3.0.1-0ubuntu1~18.04.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list