[ubuntu/bionic-proposed] lxc 3.0.2-0ubuntu1~18.04.1 (Accepted)
Stéphane Graber
stgraber at ubuntu.com
Thu Sep 27 17:22:24 UTC 2018
lxc (3.0.2-0ubuntu1~18.04.1) bionic; urgency=medium
* New upstream bugfix release (LP: #1788457):
- CVE 2018-6556: verify netns fd in lxc-user-nic
- fixed a range of bugs found by Coverity
- lxc-usernsexec: cleanup and bugfixes
- log: add CMD_SYSINFO()
- log: add CMD_SYSERROR()
- state: s/sleep()/nanosleep()/
- lxclock: improve file locking
- lxccontainer: improve file locking
- lxccontainer: fix F_OFD_GETLK checks
- netlink: add __netlink_{send,recv,transaction}
- netns: allocate network namespace id
- MAINTAINERS: add Wolfgang Bumiller
- pam_cgfs: cleanups
- log: add default log priority
- tree-wide: pass unsigned long to prctl()
- macro: add new macro header
- conf: mount devpts without “max” on EINVAL
- tree-wide: handle EINTR in read() and write()
- tree-wide: replace pipe() with pipe2()
- confile: split mount options into flags and data
- conf: improve rootfs setup
- autotools: default to -Wvla -std=gnu11
- tree-wide: remove VLAs
- tree-wide: replace strtok_r() with lxc_iterate_parts()
- utils: add lxc_iterate_parts()
- apparmor: allow start-container to change to lxc-**
- apparmor: update current profiles
- apparmor: Allow /usr/lib* paths for mount and pivot_root
- conf: the atime flags are locked in userns
- conf: handle partially functional device nodes
- conf: create /dev directory
- autotools: build both a shared and static liblxc
- namespace: add api to convert namespaces to standard identifiers
- tree-wide: set MSG_NOSIGNAL
- tree-wide: use mknod() to create dummy files
- cgfsng: respect lxc.cgroup.use
- cgroups: remove is_crucial_cgroup_subsystem()
- tree-wide: remove unneeded log prefixes
- tests: cleanup all tests
- terminal: set FD_CLOEXEC on pty file descriptors
- conf: simplify lxc_setup_dev_console()
- tools: rework tools
- autodev: adapt to changes in Linux 4.18
- log: change DEBUG, INFO, TRACE, NOTICE macro using strerror to SYS* macro
- log: add lxc_log_strerror_r macro
- network: unpriv lxc will run lxc.net.[i].script.up now
- conf: only use newuidmap and newgidmap when necessary
- autotools: support tls in cross-compile
* Cherry-pick upstream fixes:
- 0002-tools-fix-lxc-execute-command-parsing.patch
- 0003-lseek-integer-overflow.patch
- 0004-cmd-lxc-usernsexec-reorder-includes.patch
- 0005-cmd-move-declarations-to-macro.h.patch
- 0006-cmd-use-utils.-c-h-helpers-in-lxc-usernsexec.patch
- 0007-cmd-simplify-lxc-usernsexec.patch
- 0008-cmd-use-safe-number-parsers-in-lxc-usernsexec.patch
- 0009-tools-Indicate-container-startup-failure.patch
- 0010-conf-fix-path-lxcpath-mixups-in-tty-setup.patch
- 0011-cmd-use-goto-for-cleanup-in-lxc-usernsexec.patch
- 0012-utils-split-into-file-string-_utils.-c-h.patch
- 0013-pam_cgfs-build-from-the-same-sources-as-liblxc.patch
- 0014-conf-fix-devpts-mounting-when-fully-unprivileged.patch
- 0015-macro-s-rexit-_exit-g.patch
- 0016-Makefile-don-t-allow-undefined-symbols.patch
- 0017-autotools-check-if-compiler-is-new-enough.patch
- 0018-log-handle-strerror_r-versions.patch
- 0019-autotools-add-disable-enable-thread-safety.patch
- 0020-log-fail-build-on-ENFORCE_THREAD_SAFETY-error.patch
- 0021-macro-add-missing-headers.patch
- 0022-execute-skip-lxc-init-logging-when-unprivileged.patch
- 0023-execute-pass-proc-self-fd-nr.patch
- 0024-commands-return-1-on-lxc_cmd_get_init_pid-err.patch
* Bump standards to 4.2.0
- Update lintian overrides
* Include new .a file into liblxc-dev
* Override GPG keyserver in autopkgtest
* Run autoreconf during autopkgtest
Date: Mon, 10 Sep 2018 14:43:52 -0400
Changed-By: Stéphane Graber <stgraber at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/lxc/3.0.2-0ubuntu1~18.04.1
-------------- next part --------------
Format: 1.8
Date: Mon, 10 Sep 2018 14:43:52 -0400
Source: lxc
Binary: lxc lxc1 lxc-dev lxc-utils liblxc-common liblxc-dev liblxc1 libpam-cgfs
Architecture: source
Version: 3.0.2-0ubuntu1~18.04.1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Stéphane Graber <stgraber at ubuntu.com>
Description:
liblxc-common - Linux Containers userspace tools (common tools)
liblxc-dev - Linux Containers userspace tools (development)
liblxc1 - Linux Containers userspace tools (library)
libpam-cgfs - PAM module for managing cgroups for LXC
lxc - Transitional package - lxc -> lxc-utils
lxc-dev - Transitional package - lxc-dev -> liblxc-dev
lxc-utils - Linux Containers userspace tools
lxc1 - Transitional package - lxc1 -> lxc-utils
Launchpad-Bugs-Fixed: 1788457
Changes:
lxc (3.0.2-0ubuntu1~18.04.1) bionic; urgency=medium
.
* New upstream bugfix release (LP: #1788457):
- CVE 2018-6556: verify netns fd in lxc-user-nic
- fixed a range of bugs found by Coverity
- lxc-usernsexec: cleanup and bugfixes
- log: add CMD_SYSINFO()
- log: add CMD_SYSERROR()
- state: s/sleep()/nanosleep()/
- lxclock: improve file locking
- lxccontainer: improve file locking
- lxccontainer: fix F_OFD_GETLK checks
- netlink: add __netlink_{send,recv,transaction}
- netns: allocate network namespace id
- MAINTAINERS: add Wolfgang Bumiller
- pam_cgfs: cleanups
- log: add default log priority
- tree-wide: pass unsigned long to prctl()
- macro: add new macro header
- conf: mount devpts without “max” on EINVAL
- tree-wide: handle EINTR in read() and write()
- tree-wide: replace pipe() with pipe2()
- confile: split mount options into flags and data
- conf: improve rootfs setup
- autotools: default to -Wvla -std=gnu11
- tree-wide: remove VLAs
- tree-wide: replace strtok_r() with lxc_iterate_parts()
- utils: add lxc_iterate_parts()
- apparmor: allow start-container to change to lxc-**
- apparmor: update current profiles
- apparmor: Allow /usr/lib* paths for mount and pivot_root
- conf: the atime flags are locked in userns
- conf: handle partially functional device nodes
- conf: create /dev directory
- autotools: build both a shared and static liblxc
- namespace: add api to convert namespaces to standard identifiers
- tree-wide: set MSG_NOSIGNAL
- tree-wide: use mknod() to create dummy files
- cgfsng: respect lxc.cgroup.use
- cgroups: remove is_crucial_cgroup_subsystem()
- tree-wide: remove unneeded log prefixes
- tests: cleanup all tests
- terminal: set FD_CLOEXEC on pty file descriptors
- conf: simplify lxc_setup_dev_console()
- tools: rework tools
- autodev: adapt to changes in Linux 4.18
- log: change DEBUG, INFO, TRACE, NOTICE macro using strerror to SYS* macro
- log: add lxc_log_strerror_r macro
- network: unpriv lxc will run lxc.net.[i].script.up now
- conf: only use newuidmap and newgidmap when necessary
- autotools: support tls in cross-compile
.
* Cherry-pick upstream fixes:
- 0002-tools-fix-lxc-execute-command-parsing.patch
- 0003-lseek-integer-overflow.patch
- 0004-cmd-lxc-usernsexec-reorder-includes.patch
- 0005-cmd-move-declarations-to-macro.h.patch
- 0006-cmd-use-utils.-c-h-helpers-in-lxc-usernsexec.patch
- 0007-cmd-simplify-lxc-usernsexec.patch
- 0008-cmd-use-safe-number-parsers-in-lxc-usernsexec.patch
- 0009-tools-Indicate-container-startup-failure.patch
- 0010-conf-fix-path-lxcpath-mixups-in-tty-setup.patch
- 0011-cmd-use-goto-for-cleanup-in-lxc-usernsexec.patch
- 0012-utils-split-into-file-string-_utils.-c-h.patch
- 0013-pam_cgfs-build-from-the-same-sources-as-liblxc.patch
- 0014-conf-fix-devpts-mounting-when-fully-unprivileged.patch
- 0015-macro-s-rexit-_exit-g.patch
- 0016-Makefile-don-t-allow-undefined-symbols.patch
- 0017-autotools-check-if-compiler-is-new-enough.patch
- 0018-log-handle-strerror_r-versions.patch
- 0019-autotools-add-disable-enable-thread-safety.patch
- 0020-log-fail-build-on-ENFORCE_THREAD_SAFETY-error.patch
- 0021-macro-add-missing-headers.patch
- 0022-execute-skip-lxc-init-logging-when-unprivileged.patch
- 0023-execute-pass-proc-self-fd-nr.patch
- 0024-commands-return-1-on-lxc_cmd_get_init_pid-err.patch
.
* Bump standards to 4.2.0
- Update lintian overrides
* Include new .a file into liblxc-dev
* Override GPG keyserver in autopkgtest
* Run autoreconf during autopkgtest
Checksums-Sha1:
f1067f00860ce22c076698b515f4e1ceefebfc03 2851 lxc_3.0.2-0ubuntu1~18.04.1.dsc
eeebc4c4b4da017490c2dc4d0fa7939760ebe5cb 1236975 lxc_3.0.2.orig.tar.gz
12000dd6365dec5170408134460ee5343c3eb17f 833 lxc_3.0.2.orig.tar.gz.asc
234f9ad951aae675779deefe49e75dc93744237a 134696 lxc_3.0.2-0ubuntu1~18.04.1.debian.tar.xz
7be3c1b0a417274135ba55260d8ecdc3aaecd3eb 7800 lxc_3.0.2-0ubuntu1~18.04.1_source.buildinfo
Checksums-Sha256:
be017d1741dad5f106f7c26cf97969deb11e9e99f678174de84f9dd95f106abf 2851 lxc_3.0.2-0ubuntu1~18.04.1.dsc
6ab7117b17066220da450c55ed77953998cf2336d415143b879554364af12f5c 1236975 lxc_3.0.2.orig.tar.gz
b0aa63e61b2403ed8835f65ed7d255cf654d5f5cbad00399e36ed90bce0c19b9 833 lxc_3.0.2.orig.tar.gz.asc
5dd9184874aae82c0b029a44fdbef0f205ad2d299af1bee40ef23e654afb0509 134696 lxc_3.0.2-0ubuntu1~18.04.1.debian.tar.xz
40bb3fc03802833b25e1c824ce639e5d231f27b24873fea8628190490219688f 7800 lxc_3.0.2-0ubuntu1~18.04.1_source.buildinfo
Files:
39ed78954927e25f7cf3a3b7fc554a5b 2851 admin optional lxc_3.0.2-0ubuntu1~18.04.1.dsc
72e2f1e718c7ddf3ffa9b18ec0328d8f 1236975 admin optional lxc_3.0.2.orig.tar.gz
be637c1870be8ceeab99d02477003812 833 admin optional lxc_3.0.2.orig.tar.gz.asc
fee332ee2dc4ed58f58c9145ddd502d0 134696 admin optional lxc_3.0.2-0ubuntu1~18.04.1.debian.tar.xz
39ba8dfe3932c592f59187307c64fec7 7800 admin optional lxc_3.0.2-0ubuntu1~18.04.1_source.buildinfo
More information about the Bionic-changes
mailing list