[ubuntu-cloud-archive/kilo-updates] libvirt (Accepted)
James Page
james.page at ubuntu.com
Mon Jan 19 14:57:35 UTC 2015
libvirt (1.2.8-0ubuntu19~cloud0) trusty-kilo; urgency=medium
.
* New upstream release for the Ubuntu Cloud Archive.
.
libvirt (1.2.8-0ubuntu19) vivid; urgency=medium
.
* apparmor libvirt-qemu template: allow reading charm-specific ceph config
and silence denials for /tmp/**. (LP: #1403648)
.
libvirt (1.2.8-0ubuntu18) vivid; urgency=medium
.
* mutex cgmanager actions (Thanks to Don Bowman for finding the cause)
(LP: #1397130) (LP: #1367702)
.
libvirt (1.2.8-0ubuntu17) vivid; urgency=low
.
* d/p/upstream-libxl-Allow-libxl-to-find-pygrub-binary.patch:
Allow libxl to figure out the path to pygrub. (LP: #1396942)
.
libvirt (1.2.8-0ubuntu16) vivid; urgency=medium
.
* debian/patches/add-ppc64le-support.patch: Added patches needed
for ppc64le support. (LP: #1396070)
.
libvirt (1.2.8-0ubuntu15) vivid; urgency=medium
.
* libvirt-qemu: add r to sgabios.bin (LP: #1393548)
.
libvirt (1.2.8-0ubuntu14) vivid; urgency=medium
.
[ Serge Hallyn ]
* 9036-util-prepare-uri-for-libxml2-2.9.2.patch: fix FTBFS against new
libxml 2.9.2 (LP: #1390637)
.
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via virConnectListAllDomains
- debian/patches/CVE-2014-3657.patch: fix domain deadlock in
src/conf/domain_conf.c.
- CVE-2014-3657
* SECURITY UPDATE: xml information leak with read-only connections
- debian/patches/CVE-2014-7823.patch: check for migratable flag in
src/libvirt.c, src/remote/remote_protocol.x.
- CVE-2014-7823
.
libvirt (1.2.8-0ubuntu13) vivid; urgency=medium
.
* cull too-new apparmor rules depending on target host (LP: #1387251)
* add mising apparmor permissions for slof (LP: #1374554)
.
libvirt (1.2.8-0ubuntu12) vivid; urgency=medium
.
* complete the 9p support: (LP: #1378434)
- libvirt-qemu: add fowner and fsetid
- virt-aa-helper: add 'l' to 9p file options
* dont-include-non-migrateable-features-in-host-model (LP: #1386503)
.
libvirt (1.2.8-0ubuntu11) utopic; urgency=medium
.
[ Felix Geyer ]
* d/p/ubuntu_machine_type.patch: Fix No PCI buses available. (LP: #1379346).
.
libvirt (1.2.8-0ubuntu10) utopic; urgency=medium
.
* libvirt-bin.upstart: delay start until rc finished
This give hypervisors more time to finish their setup (LP: #1377900).
* libvirt-bin.upstart: add xen:/// uri to the list (LP: #1377960)
.
libvirt (1.2.8-0ubuntu9) utopic; urgency=medium
.
* libvirt-qemu apparmor template: add /sys/firmware/devicetree/** r
(LP: #1374554)
.
libvirt (1.2.8-0ubuntu8) utopic; urgency=medium
.
* libvirt-bin.postinst: fix syntax error (s/if/fi/)
.
libvirt (1.2.8-0ubuntu7) utopic; urgency=medium
.
* libvirt-bin.postinst: check for confiles whichhave been removed rather
than fail package install (LP: #1375910)
.
libvirt (1.2.8-0ubuntu6) utopic; urgency=medium
.
* SECURITY UPDATE: denial of service or information disclosure via
virDomainGetBlockIoTune
- debian/patches/CVE-2014-3633.patch: use correct definition when
looking up disk in src/qemu/qemu_driver.c.
- CVE-2014-3633
.
libvirt (1.2.8-0ubuntu5) utopic; urgency=medium
.
* debian/apparmor/libvirt-lxc (sync with container-base with lxc):
- remove bare 'signal' and 'ptrace' rules (base abstraction covers most
of what we need)
- allow signal (receive) peer=/usr/sbin/libvirtd
- allow ptrace peer=@{profile_name}
- deny mount options=(ro, remount, silent) -> /
- allow mount fstype=hugetlbfs
- shuffle a couple of rules around to make it easier to diff with lxc
policy
* debian/apparmor/TEMPLATE.lxc (sync with lxc-default):
- use attach_disconnected and mediate_deleted
- deny mount fstype=devpts,
.
libvirt (1.2.8-0ubuntu4) utopic; urgency=medium
.
* debian/apparmor/usr.sbin.libvirtd: allow 'network netlink'
.
libvirt (1.2.8-0ubuntu3) utopic; urgency=medium
.
* 9033-apparmor-use-TEMPLATE.qemu-for-kvm.patch - fix failure to start
KVM vms.
.
libvirt (1.2.8-0ubuntu2) utopic; urgency=low
.
* d/p/ubuntu-xend-probe.patch:
Update patch correctly and re-enable it. It seems like it only was
half updated and then disabled without reasons.
* d/p/ubuntu-libxl-Implement-basic-video-device-selection.patch:
Re-activate adapted patch. Some pieces made it into upstream as a
bug fix. The rest is still needed to allow selecing an alternate
graphics device for Xen HVM guests.
* d/p/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch:
Re-activate unchanged patch (for some reason dropped when moving
to 1.2.6).
This one is a bit of a work-around mainly for virt-manager which sets
gfx memory to values below the minimum requirement for Xen. And the
UI does not allow to change that. This patch just goes for the minimum
in that case.
.
libvirt (1.2.8-0ubuntu1) utopic; urgency=medium
.
[ Chuck Short ]
* New upstream release: (LP: #1367422)
+ Dropped:
- debian/patches/ovs-delete-port-if-exists-while-adding-new-one
+ Refreshed:
- debian/patches/add-cgmanager-support.patch
- debian/patches/storage-default-permission-mode-to-0711
.
[ Serge Hallyn ]
* d/apparmor
- install TEMPLATE.qemu and TEMPLATE.lxc
- add libvirt-lxc abstraction, add permissions to it needed for
a ubuntu container to start.
- libvirt-qemu - add qemu-bridge-helper policy from upstream
- libvirt-qemu - add qemu-microblaze allows from upstream
- edit lxc.conf to enable apparmor by default (LP: #914716)
(LP: #1008393) (LP: #1088295)
* d/apparmor/libvirt-qemu: add /dev/shm as path to spice.* nodes
for systemd case. (LP: #1365163)
* d/p/9030-create-socket-dir - create session socket dir if
needed (Should be replaced eventually by the upstream fix)
* d/p/9032-lxc-allow-no-security-driver: don't fail if apparmor
driver is not available (else the qa-regression-tests fail with
skip_apparmor)
.
libvirt (1.2.6-0ubuntu6) utopic; urgency=medium
.
* debian/apparmor/usr.sbin.libvirtd: update for abstract socket mediation
(LP: #1362199)
* debian/apparmor/libvirt-qemu: allow 'r' on @{PROC}/sys/kernel/cap_last_cap
* debian/control: Suggests apparmor >= 2.8.96~2541-0ubuntu4~
.
libvirt (1.2.6-0ubuntu5) utopic; urgency=medium
.
* cgroups-ignore-systemd-failure - fix incoming migration failures when
systemd-shim is installed.
* ovs-delete-port-if-exists-while-adding-new-one - cherrypick commit 33445ce
from upstream (LP: #1343262)
.
libvirt (1.2.6-0ubuntu4) utopic; urgency=high
.
* No change rebuild against gnutls28.
.
libvirt (1.2.6-0ubuntu3) utopic; urgency=medium
.
* debian/apparmor/usr.sbin.libvirtd - add cap-sys-resource to fully
fix (LP: #1276719)
.
libvirt (1.2.6-0ubuntu2) utopic; urgency=medium
.
* Rebuild against libparted2.
.
libvirt (1.2.6-0ubuntu1) utopic; urgency=medium
.
* New upstream release:
+ Dropped:
- debian/patches/virt-aa-helper-vhost.patch
- debian/patches/libxl-Implement-basic-video-device-selection.patch
- debian/patches/libxl-Fix-up-VRAM-to-minimum-requirements.patch
+ debian/rules: Include packaging version in the log file. (LP: #1335221)
.
libvirt (1.2.5-0ubuntu6) utopic; urgency=low
.
* libxl: Refresh patch(es) to allow the choice between Cirrus and
VGA for Xen HVM guests.
- d/p/libxl-Implement-basic-video-device-selection.patch [v4]
- d/p/libxl-Fix-up-VRAM-to-minimum-requirements.patch
.
libvirt (1.2.5-0ubuntu5) utopic; urgency=low
.
* debian/apparmor/usr.sbin.libvirtd: allow libvirtd to run
libxl-save-helper (required for save restore through libxl).
(LP: #1334195)
.
libvirt (1.2.5-0ubuntu4) utopic; urgency=low
.
* debian/apparmor/usr.sbin.libvirtd: allow pygrub to be run
(LP: #1326003)
.
libvirt (1.2.5-0ubuntu3) utopic; urgency=medium
.
* d/p/virt-aa-helper-vhost.patch: allow access to /dev/vhost-net if domain
needs it (LP: #1322568)
.
libvirt (1.2.5-0ubuntu2) utopic; urgency=medium
.
* implement cgmanager support (LP: #1322677)
- debian/control: build-dep on libcgmanager-dev, depend on cgmanager
- d/p/add-cgmanager-support.patch
.
libvirt (1.2.5-0ubuntu1) utopic; urgency=medium
.
[ Chuck Short ]
* New upstream version:
+ Rediffed:
- d/p/ubuntu-xend-probe.patch
+ Dropped:
- d/p/libxl-Check-for-control_d-string-to-decide-about-dom.patch
- d/p/libxl-do-not-use-virdomain-id.patch
- d/p/libxl-set-disk-format-for-cdrom.patch
- d/p/libxl-set-vfb0-data-in-build-config.patch
- d/p/libxl-support-sexpr-in-native-to-XML-conversion.patch
- d/p/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
- d/p/accomodate-new-qemu-migration-status-setup.patch
- d/p/9025-apparmor-allow-access-to-filesystem-mounts
- d/p/add-a-mutex-to-serialize-updates-to-fw.patch
- d/p/arm-cpu-baseline.patch
+ debian/control: Add ebtables, iptables, and qemu-utils as a build dependency.
.
[ Serge Hallyn ]
* d/p/ubuntu-skip-virstoragetest: skip a test that hangs in buildds.
* d/apparmor/TEMPLATE: replace libvirt-qemu with libvirt-driver to match
upstream commit 43c030f.
.
libvirt (1.2.2-0ubuntu13.2) utopic; urgency=medium
.
* debian/apparmor/libvirt-qemu: add device-tree access for ppc
(LP: #1321365)
.
libvirt (1.2.2-0ubuntu13.1) trusty-proposed; urgency=medium
.
* debian/control: change apparmor dependency into an inverse conflicts,
so that libvirt can continue to be used without apparmor. (LP: #1304167)
.
libvirt (1.2.2-0ubuntu13) trusty; urgency=medium
.
* Add a dependency on the new apparmor to make sure we have the new
parser around before we attempt to load a profile requiring the new
stanza support. (LP: #1304167)
.
libvirt (1.2.2-0ubuntu12) trusty; urgency=low
.
* d/p/libxl-support-sexpr-in-native-to-XML-conversion.patch:
Allow to use libvirt to convert xend guest configurations into
xml format.
* Add libvirt-migrate-xend-managed-domains migration script.
(LP: #1303886)
* Added breaks for xen-utils-4.(1|3) to ensure postinst order.
.
libvirt (1.2.2-0ubuntu11) trusty; urgency=medium
.
* debian/patches/recognize-trusty-machine-type.patch: Revert patch
since it was causing issues with virtio deivces. (LP: #1304107)
.
libvirt (1.2.2-0ubuntu10) trusty; urgency=medium
.
* d/p/recognize-trusty-machine-type.patch: handle "trusty" qemu machine type
(LP: #1294823)
.
libvirt (1.2.2-0ubuntu9) trusty; urgency=medium
.
[ Jamie Strandboge ]
* updates for AppArmor signals and ptrace mediation (LP: #1298611)
- debian/apparmor/libvirt-qemu: allow guests to receive signals from and
be tracedby libvirtd (additional signal and ptrace rules come from the
AppArmor base abstraction)
- debian/apparmor/usr.sbin.libvirtd:
+ grant bare signal and ptrace rule
+ grant dbus on the system bus (should have been added in 13.10)
.
libvirt (1.2.2-0ubuntu8) trusty; urgency=medium
.
* debian/apparmor/libvirt-qemu: Allow qemu-system-aarch64 to be used.
(LP: #1301516)
.
libvirt (1.2.2-0ubuntu7) trusty; urgency=low
.
* d/p/libxl-Create-log-directory-earlier.patch:
Move creation of log directory inside function that tries to create
a log file inside of it. Fixes startup when the libxl log directory
has not been created, yet.
* d/p/libxl-do-not-use-virdomain-id.patch:
Replace usage of dom->id with vm->def-id inside the driver (as that
is not getting stale). Fixes guest creation and reboot through
virt-manager (apart from possibly other things).
* d/p/libxl-set-disk-format-for-cdrom.patch:
Set disk format, otherwise an empty virtual CDROM makes the guest
unstartable.
* d/p/libxl-set-vfb0-data-in-build-config.patch:
Actually set video and display data in the domain build info. Beside
of preventing disagreement about VNC ports, this allows to select
standard VGA graphics and more VRAM trhough libvirt.
.
libvirt (1.2.2-0ubuntu6) trusty; urgency=medium
.
* debian/libvirt-bin.dirs: Add /var/log/libvirt/libxl.
.
libvirt (1.2.2-0ubuntu5) trusty; urgency=low
.
* Refreshed d/p/libxl-Check-for-control_d-string-to-decide-about-dom.patch
to avoid logging an error when file is not present.
.
libvirt (1.2.2-0ubuntu4) trusty; urgency=medium
.
* debian/patches/arm-cpu-baseline.patch: Implement a stub cpuArchDriver.baseline()
handler for arm.
.
libvirt (1.2.2-0ubuntu3) trusty; urgency=low
.
* d/p/libxl-Check-for-control_d-string-to-decide-about-dom.patch: Prevent
using the libxl driver when not running in dom0 but having xenfs mounted.
(LP: #1248025)
.
libvirt (1.2.2-0ubuntu2) trusty; urgency=medium
.
* d/p/add-a-mutex-to-serialize-updates-to-fw.patch: fix another deadlock
when starting a large number of VMs. (LP: #1228977)
.
libvirt (1.2.2-0ubuntu1) trusty; urgency=medium
.
* New upstream release:
- Rediffed patches:
- debian/patches/Allow-libvirt-group-to-access-the-socket.patch
- debian/patches/9004-libvirtd-group-name.patch
- debian/patches/dnsmasq-as-priv-user
- Dropped patches:
- debian/patches/9005-increase-unix-socket-timeout.patch: No longer
needed.
- debian/patches/rbd-storage-format.patch: No longer needed.
- debian/patches/9022-qemu-enable-host-passthrough-mode-for-aarch64:
No longer needed.
- debian/patches/9023-xen-fix-parsing-xend-http-response.patch:
No longer needed.
- debian/patches/
.
libvirt (1.2.1-0ubuntu10) trusty; urgency=medium
.
* Pull patch from mailing list (merged with separate patch posted to the
bug) to fix 9p mounts. (LP: #1285995)
.
libvirt (1.2.1-0ubuntu9) trusty; urgency=medium
.
* Cherrypick 9024-qemu-implement-a-stub-baseline-handler-for-aarch64 from
upstream git.
.
libvirt (1.2.1-0ubuntu8) trusty; urgency=medium
.
* Add uvtool image path to virt-aa-helper AppArmor profile.
.
libvirt (1.2.1-0ubuntu7) trusty; urgency=low
.
* debian/patches/nwfilter-locking.patch: Dropped causes ftbfs.
.
libvirt (1.2.1-0ubuntu6) trusty; urgency=medium
.
* debian/control: Move pm-utils from suggests to Recommends.
(LP: #1274772)
* debian/patches/patches/nwfilter-locking.patch: Fix nwfilter locking
causing libvirt to crash. (LP: #1228977)
.
libvirt (1.2.1-0ubuntu5) trusty; urgency=low
.
* cherry-pick "xen: fix parsing xend http response" from upstream
git to fix connecting to xex in xm/xend mode (LP: #915954)
.
libvirt (1.2.1-0ubuntu4) trusty; urgency=medium
.
* cherrypick d/p/9022-qemu-enable-host-passthrough-mode-for-aarch64 from
upstream git.
.
libvirt (1.2.1-0ubuntu3) trusty; urgency=medium
.
* d/control: add nfs-common to build-deps (LP: #1264955)
.
libvirt (1.2.1-0ubuntu2) trusty; urgency=medium
.
* debian/patches/rbd-storage-format.patch: Make image format 2 the default
for RBD.
.
libvirt (1.2.1-0ubuntu1) trusty; urgency=medium
.
* New upstream release:
- Dropped patches:
+ debian/patches/0001-libxl-Fix-devid-init-in-libxlMakeNicList.patch:
No longer needed
+ debian/patches/0001-libxl-Fix-initialization-of-nictype-in-libxl_device_.patch:
No longer needed.
.
libvirt (1.2.0-0ubuntu3) trusty; urgency=medium
.
* debian/apparmor/usr.lib.libvirt.virt-aa-helper: add
/var/lib/nova/instances/snapshots/** r to allow virt-aa-helper to read
the snapshot directory to find images which VMs should be granted access
to. (LP: #1244694)
.
libvirt (1.2.0-0ubuntu2) trusty; urgency=low
.
* Refresh/fix detection of xm/xl toolstack in use. The previous port
had two glitches, one of them causing the daemon to segfault.
* Cherry-pick "libxl: Fix initialization of nictype in libxl_device_nic"
from upstream to have the same default NIC choice with the libxl driver
as we had with the xen(d) driver (HVM guest uses a emulated rtl8139).
* Cherry-pick "libxl: Fix devid init in libxlMakeNicList" from upstream
to allow HVM guests to be brought up from the libxl driver.
.
libvirt (1.2.0-0ubuntu1) trusty; urgency=low
.
* New upstream release:
- Refreshed patches:
+ debian/patches/storage-default-permission-mode-to-0711
- Dropped patches:
+ debian/patches/util_use_w_flag_when_calling_iptables.patch
* debian/control, debian/rules, debian/python.mk,
debian/python-libvirt.install: python libvirt bindings have been
split out into its own source called libvirt-python.
* debian/libvirt-dev.install: Install API files into dev package
.
libvirt (1.1.4-0ubuntu5) trusty; urgency=medium
.
* Build using dh-autoreconf.
* Enable numa support on ppc64 and ppc64el.
.
libvirt (1.1.4-0ubuntu4) trusty; urgency=low
.
* debian/libvirt-dev.install: Add missing libvirt-lxc.so.
.
libvirt (1.1.4-0ubuntu3) trusty; urgency=low
.
* d/p/accomodate-new-qemu-migration-status-setup.patch: work around
libvirt's not yet knowing of qemu's new migration state, 'setup'.
This can be removed when upstream libvirt has a proper patch. QRT
fails without this.
.
libvirt (1.1.4-0ubuntu2) trusty; urgency=low
.
* debian/patches/9002-better_default_uri_virsh.patch: Update to fix the
FTBFS.
.
libvirt (1.1.4-0ubuntu1) trusty; urgency=low
.
[ Chuck Short ]
* New upstream version:
- Rediffed patches:
+ d/p/Don-t-enable-default-network-on-boot.patch
+ d/p/ubuntu-xend-probe.patch
+ d/p/Don-t-fail-if-we-can-t-setup-avahi.patch
+ d/p/Disable-failing-virnetsockettest.patch
+ d/p/Don-t-enable-default-network-on-boot.patch
- Dropped patches:
+ d/p/v1.1.1-maint/0001-xen-fix-memory-corruption-in-legacy-driver.patch
+ d/p/v1.1.1-maint/0002-qemu_migration-Don-t-error-on-tunelled-migration-wit.patch
+ d/p/v1.1.1-maint/0003-build-fix-configure-detection-of-if_bridge.h-on-RHEL.patch
+ d/p/v1.1.1-maint/0004-remote-Fix-a-segfault-in-remoteDomainCreateWithFlags.patch
+ d/p/v1.1.1-maint/0005-Revert-build-fix-configure-detection-of-if_bridge.h-.patch
+ d/p/v1.1.1-maint/0006-build-more-workarounds-for-if_bridge.h.patch
+ d/p/v1.1.1-maint/0007-Fix-qemuProcessReadLog-with-non-zero-offset.patch
+ d/p/v1.1.1-maint/0008-Reverse-logic-allowing-partial-DHCP-host-XML.patch
+ d/p/v1.1.1-maint/0009-virsh-domain-Fix-memleak-in-cmdUndefine-with-storage.patch
+ d/p/v1.1.1-maint/0010-virsh-domain-Fix-memleak-in-cmdCPUBaseline.patch
+ d/p/v1.1.1-maint/0011-virbitmap-Refactor-virBitmapParse-to-avoid-access-be.patch
+ d/p/CVE-2013-4296.patch
+ d/p/CVE-2013-4311.patch
+ d/p/CVE-2013-4297.patch
+ d/p/fix-crash-in-libvirtd-when-events
+ d/p/security-provide-supplemental-groups
+ d/p/add-bounds-checking-on-virdomainmigrate
+ d/p/xen-use-internal-interfaces-in-xendomainusedcpus
+ d/p/fix-remote-client-segfault.patch
+ d/p/ubuntu-xend-xmlcreate-double-free.patch
+ d/p/9002-better_default_uri_virsh.patch
.
[ Serge Hallyn ]
* update and re-add d/p/9002-better_default_uri_virsh.patch. Also patch
new uri-precedence test, as we break it with this patch.
* add d/p/util_use_w_flag_when_calling_iptables.patch (LP: #1245322)
* debian/apparmor/libvirt-qemu: allow access to hugepages mounts
(LP: #1250216)
* debian/apparmor/libvirt-qemu: allow access to usb info (LP: #1245251)
.
libvirt (1.1.1-0ubuntu9) trusty; urgency=low
.
* debian/apparmor/usr.sbin.libvirtd: add audit_write capability
(LP: #1204616)
.
libvirt (1.1.1-0ubuntu8) saucy; urgency=low
.
* SECURITY UPDATE: denial of service via invalid free in
virFileNBDDeviceAssociate.
- debian/patches/CVE-2013-4297.patch: properly initialize qemunbd in
src/util/virfile.c.
- CVE-2013-4297
.
libvirt (1.1.1-0ubuntu7) saucy; urgency=low
.
* fix-crash-in-libvirtd-when-events: make sure to remove all event
callbacks when a client disconnects from libvirtd.
.
libvirt (1.1.1-0ubuntu6) saucy; urgency=low
.
* SECURITY UPDATE: possible privilege escalation via pkcheck race.
- debian/patches/CVE-2013-4311.patch: add uid to pkcheck call in
configure.ac, daemon/remote.c, src/access/viraccessdriverpolkit.c,
src/rpc/virnetserverclient.c, src/util/viridentity.*.
- debian/rules: use DEB_AUTO_UPDATE_AUTOCONF and
DEB_AUTO_UPDATE_AUTOHEADER.
- debian/control: specify version of policykit-1 security update, add
libpolkit-gobject-1-dev to Build-Depends.
- CVE-2013-4311
* SECURITY UPDATE: denial of service in remoteDispatchDomainMemoryStats
- debian/patches/CVE-2013-4296.patch: properly initialize stats in
daemon/remote.c.
- CVE-2013-4296
.
libvirt (1.1.1-0ubuntu5) saucy; urgency=low
.
* add-bounds-checking-on-virdomainmigrate: upstream patch for CVE-2013-4292
* security-provide-supplemental-groups: upstream patch for CVE-2013-4291
.
libvirt (1.1.1-0ubuntu4) saucy; urgency=low
.
* apply all patches from v1.1.1-maint
* cherrypick xen-use-internal-interfaces-in-xendomainusedcpus from upstream
git.
.
libvirt (1.1.1-0ubuntu3) saucy; urgency=low
.
* debian/apparmor/usr.sbin.libvirtd: Include the system bus abstraction in
the libvirtd AppArmor profile as libvirtd connects to the D-Bus system bus
.
libvirt (1.1.1-0ubuntu2) saucy; urgency=low
.
* debian/patches/fix-remote-client-segfault.patch: Fix segfault when
using a remote client.
.
libvirt (1.1.1-0ubuntu1) saucy; urgency=low
.
[ Chuck Short ]
* New usptream version:
- Dropped:
+ debian/patches/CVE-2013-2218-fix-crash-listing-network-interfaces-with-filters:
no longer needed.
+ debian/patches/ubuntu-xen-hypervisor-4.3.patch: no longer needed.
+ debian/patches/ubuntu-xen-fix-api-deadlocks.patch: no longer needed.
- Rediffed:
+ debian/patches/Don-t-enable-default-network-on-boot.patch
+ debian/patches/9005-increase-unix-socket-timeout.patch
.
[ Stefan Bader ]
* Add apparmor rights to call into /usr/lib/xen-common/bin/xen-toolstack
to figure out which one is active.
* debian/patches/ubuntu-xend-probe.patch: Fix failure to detect
whether Xen uses xm/xend toolstack or xl/libxl. Avoid running
"xend status" as we do not package that in a pbublic path.
.
libvirt (1.0.6-0ubuntu4) saucy; urgency=low
.
* ubuntu-xen-fix-api-deadlocks.patch (LP: #1191782)
Fix the deadlocks in the xen driver when doing a dumpxml for active
domains.
* ubuntu-libxl-qemu-nopath.patch
Create libxl configurations without paths for qemu-dm and hvmloader.
The Xen toolstack can figure this out.
* ubuntu-xen-hypervisor-4.3.patch
Update the xen driver to handle the new sysctl and domctl versions
in Xen-4.3.
* Add apparmor definitions to execute scripts in /etc/xen/scrips as
the libxl driver calls out to them (with the xen/xm driver this was
done by the xen toolstack and communication with that was through
a socket).
.
libvirt (1.0.6-0ubuntu3) saucy; urgency=low
.
* debian/apparmor/usr.lib.libvirt.virt-aa-helper: allow owner read of
@{PROC}/[0-9]*/status
.
libvirt (1.0.6-0ubuntu2) saucy; urgency=low
.
* Apply CVE-2013-2218-fix-crash-listing-network-interfaces-with-filters.
.
libvirt (1.0.6-0ubuntu1) saucy; urgency=low
.
* New upstream relase.
+ Dropped patches:
- debian/patches/vnc-socket.patch: Dropped no longer needed.
- debian/patches/Add-sanitytest.py.patch: Dropped no longer needed.
* debian/libvirt-bin.postinst: Make sure qemu.conf isn't world readable
by default.
.
libvirt (1.0.5-0ubuntu1) saucy; urgency=low
.
* New upstream release:
+ Dropped patches:
- debian/patches/fix-virterror-namechange
- debian/patches/apparmor-use-apparmor-setfdlabel
- debian/patches/prevent-lxc-shutdown-host.patch
- debian/patches/apparmor-no-need-to-check-security-model
- debian/patches/nonblock-fix.patch
+ Refreshed patches:
- debian/patches/9002-better_default_uri_virsh.patch
- debian/patches/enable-kvm-spice.patch
- debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
* debian/patches/Add-sanitytest.py.patch: Add patch to fix missing sanitytest.py
when building the testsuite.
* debian/libvirt-dev.install: dont't ship files for static linking.
.
libvirt (1.0.2-0ubuntu12) saucy; urgency=low
.
* debian/libvirt-bin.{dirs,install}: install dnsmasq.d-available/libvirt-bin
(LP: #1113821)
.
libvirt (1.0.2-0ubuntu11) raring; urgency=low
.
* debian/patches/nonblock-fix.patch: cherrypicked upstream patch to
not mark qemu migration fd non-blocking. This fixes tcp live
migration. (LP: #1157626)
.
libvirt (1.0.2-0ubuntu10) raring; urgency=low
.
* Add code to postinst to fix any double-migration of /etc/dnsmasq.
(LP: #1157332)
.
libvirt (1.0.2-0ubuntu9) raring; urgency=low
.
* debian/patches/prevent-lxc-shutdown-host.patch: Backport fix
from upstream to prevent lxc-containets shutting down the host.
.
libvirt (1.0.2-0ubuntu8b1) raring; urgency=low
.
* No-change rebuild against libudev1
.
libvirt (1.0.2-0ubuntu8) raring; urgency=low
.
* put libvirt-bin dnsmasq file into /etc/dnsmasq.d-available, and
create a symlink in /etc/dnsmasq.d, to avoid problems when removing
and re-installing libvirt-bin. (LP: #1113821)
.
libvirt (1.0.2-0ubuntu7) raring; urgency=low
.
* libvirt-bin.postinst: also put admin group members into the libvirtd
group, to support systems installed before precise. (LP: #1124127)
* libvirt-bin.postinst: use getent group instead of grep /etc/group
* rules: pass path to collie to enable sheepdog backend (LP: #1129107)
* control, rules: enable building against libaudit, which is in main.
.
libvirt (1.0.2-0ubuntu6) raring; urgency=low
.
* Really refresh debian/patches/fix-ubuntu-xen-qemu-dm-path.patch and
not only claim to and disable it.
.
libvirt (1.0.2-0ubuntu5) raring; urgency=low
.
* debian/apparmor/libvirt-qemu: allow qemu read access to
@{PROC}/sys/vm/overcommit_memory
.
libvirt (1.0.2-0ubuntu4) raring; urgency=low
.
* Update Readme.Debian
- we use libvirtd, not libvirt group (LP: #1095140)
- we add users from sudo, not admin group, to libvirtd.
* libvirt-bin.postinst: put users from sudo, not admin group, into group
libvirtd. (LP: #1124127)
.
libvirt (1.0.2-0ubuntu3) raring; urgency=low
.
* libvirt-bin.postrm: only remove /etc/dnsmasq.d/libvirt-bin during
remove. (LP: #1113821)
.
libvirt (1.0.2-0ubuntu2) raring; urgency=low
.
* debian/patches/fix-virterror-namechange: Include virterror otherwise
python-libvirt wont be able to find any error codes.
.
libvirt (1.0.2-0ubuntu1) raring; urgency=low
.
[ Chuck Short ]
* New upstream release:
+ Dropped patches:
- debian/patches/Add_RESUME_event_listener_to_qemu_monitor.patch
- debian/patches/build-work-around-broken-kernel-header.patch
- debian/patches/bridge-fix-persistent-networks.patch
- debian/patches/CVE-2013-0170.patch
- debian/patches/qemu-relax-hard-rss-limit.patch
- debian/patches/9003-better-default-arch.patch
+ Refreshed patches:
- debian/patches/fix-ubuntu-xen-qemu-dm-path.patch
- debian/patches/Reduce-udevadm-settle-timeout-to-10-seconds.patch
- debian/patches/9021-fix-uint64_t.patch
- debian/patches/9020-lp545795.patch
- debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch
+ debian/libvirt0.install: Add libvirt-lxc.so.*
.
[ Serge Hallyn ]
* debian/patches/fix-virterror-namechange: fix unfinished name change
causing errors in generated libvirt.py.
.
libvirt (1.0.1-0ubuntu4) raring; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution via
uninitialized pointer
- debian/patches/CVE-2013-0170.patch: remove message from queue before
freeing in src/rpc/virnetserverclient.c.
- CVE-2013-0170
.
libvirt (1.0.1-0ubuntu3) raring; urgency=low
.
* debian/apparmor/libvirt-qemu: add /usr/share/ovmf/** r (LP: #1074207)
.
libvirt (1.0.1-0ubuntu2) raring; urgency=low
.
* add qemu-relax-hard-rss-limit.rss to avoid OOM kills (LP: #1102290)
* debian/rules: replace --without-vbox with --with-vbox (LP: #1103721)
.
libvirt (1.0.1-0ubuntu1) raring; urgency=low
.
* New upstream version. (LP: #1102487)
+ Dropped apparmor-allow-hugepages
+ update dnsmasq-as-priv-user, upstream now uses a configuration file.
+ swap Add_RESUME_event_listener_to_qemu_monitor.patch from git tree for
the backported handle_resume_1.0.0-0ubuntu4.patch.
+ rebuild debian/patches/build-work-around-broken-kernel-header
+ add bridge-fix-persistent-networks.patch from upstream to fix bug
where new networks are not marked persistent.
.
libvirt (1.0.0-0ubuntu5) raring; urgency=low
.
* handle_resume_1.0.0-0ubuntu4.patch: Add RESUME event listener to qemu
monitor (LP: #1097824)
* build-work-around-broken-kernel-header: work around FTBFS due to a
broken linux/if_bridge.h.
.
libvirt (1.0.0-0ubuntu4) raring; urgency=low
.
* debian/patches/apparmor-allow-hugepages: update apparmor policies to
allow use of hugepages. (LP: #646468)
* debian/patches/vnc-socket.patch: If a vnc socket is in use, add it's
path to the apparmor policy. (LP: #1069534)
.
libvirt (1.0.0-0ubuntu3) raring; urgency=low
.
* libvirt-bin.postinst: on first install, don't autostart virbr0 if
192.168.122.0 already is in use. On upgrade, always autostart
virbr0 if and only if it was autostarted before the upgrade.
.
libvirt (1.0.0-0ubuntu2) raring; urgency=low
.
* debian/patches/add-armhf-sysinfo-infomration.patch: Disable
to fix FTBFS on arm.
.
libvirt (1.0.0-0ubuntu1) raring; urgency=low
.
[ Chuck Short ]
* New upstream version:
+ droppped:
- debian/patches/CVE-2012-3445.patch
- debian/patches/fix-cve-2012-4423
- debian/patches/lp1039678.patch
- debian/patches/add-libvirt-highbank-support.patch
- debian/patches/add-armhf-cpuinfo-parser.patch
- debian/patches/fix-lxc-container-unmounting.patch
- debian/patches/libnl3-build-fix.patch
- debian/patches/Don-t-require-gawk-for-a-simple-print-expression.patch
- debian/patches/virsh-Initialize-library-before-calling-virResetLast.patch
- debian/patches/qemu-warn-on-pc-0.12.patch
- debian/patches/storage-default-pool-permission-mode-to-0755
- debian/patches/netcf-daemon-fix-wrong-macro-name
- debian/patches/xen_hypervisor-treat-missing-privcmd-file-as-temporary.patch
+ Re-diffed:
- debian/patches/9002-better_default_uri_virsh.patch
- debian/patches/dnsmasq-as-priv-user
- debian/patches/enable-kvm-spice.patch
+ debian/control, debian/rules: Turn on rbd pool storage.
.
[ Serge Hallyn ]
* Add patches to fix apparmor labeling issue at VM start:
- apparmor-no-need-to-check-security-model
- apparmor-use-apparmor-setfdlabel
.
libvirt (0.9.13-0ubuntu12) quantal; urgency=low
.
* Refresh fix-ubuntu-xen-qemu-dm-path.patch to only use executable
names and let the toolchain find out the right paths (LP: #914788).
Thanks George Dunlap.
* Refresh and re-activate xen_hypervisor-treat-missing-privcmd-file-
as-temporary.patch (LP: #922486)
.
libvirt (0.9.13-0ubuntu11) quantal-proposed; urgency=low
.
* SECURITY UPDATE: denial of service via invalid RPC command
- debian/patches/CVE-2012-3445.patch: make sure nparams isn't set to
zero in daemon/remote.c.
- CVE-2012-3445
.
libvirt (0.9.13-0ubuntu10) quantal; urgency=high
.
* apply fix-cve-2012-4423 from upstream to prevent potential daemon
segfaults with newer virsh.
- Fixes: CVE-2012-4423.
.
libvirt (0.9.13-0ubuntu9) quantal; urgency=low
.
* debian/patches/lp1039678.patch: fix segfault in 'snapshot-list'
- LP: #1039678
.
libvirt (0.9.13-0ubuntu8) quantal-proposed; urgency=low
.
* debian/libvirt-bin.apport: add filter on AppArmor profile names to
prevent false positives from denials originating in other packages.
.
libvirt (0.9.13-0ubuntu7) quantal; urgency=low
.
* debian/apparmor/libvirt-qemu: allow owner read access to @{PROC}/*/auxv
.
libvirt (0.9.13-0ubuntu6) quantal; urgency=low
.
* enable netcf support (LP: #520386)
- debian/control: build-dep on libnetcf-dev
- debian/rules: add --with-netcf to configure args
* add patch netcf-daemon-fix-wrong-macro-name from upstream so netcf support
can actually work.
.
libvirt (0.9.13-0ubuntu5) quantal; urgency=low
.
* add patch Reduce-udevadm-settle-timeout-to-10-seconds.patch (copied from
Debian tree) to fix 3 minute hang during pool-refresh when using LVM
backed pools. (LP: #1027987)
* debian/control: add pm-utils to libvirt-bin Suggests. (LP: #994476)
.
libvirt (0.9.13-0ubuntu4) quantal; urgency=low
.
* debian/patches/add-armhf-sysinfo-infomration.patch:
Provides cpuinfo for armhf cpus.
* debian/patches/add-armhf-cpuinfo-parser.patch:
Fixes compile time warning about armhf cpus.
.
libvirt (0.9.13-0ubuntu3) quantal; urgency=low
.
* debian/apparmor/libvirt-qemu: add ceph.conf (LP: #1026404)
* debian/patches: re-add 9002-better_default_uri_virsh.patch (LP: #1026515)
.
libvirt (0.9.13-0ubuntu2) quantal; urgency=low
.
* Apply upstream patch to switch default storage pool dir perms from 0700
to 0755. Then push our own patch to change that to 0711. We'll get the
upstream patch on 0.9.14 merge, but we'll want to keep our patch on top
of that.
.
libvirt (0.9.13-0ubuntu1) quantal; urgency=low
.
* New upstream version:
* debian/rules: Remove .la files
* debian/control: Dropped debian vcs info.
* Dropped:
- debian/paches/9022-pass-the-virt-driver-name-into-security-drivers:
Already applied upstream.
- debian/patches/9023-dont-enable-apparmor-driver-with-lxc
Already applied upstream.
- debian/patches/9024-initialize-random-generator-in-lxc:
Already applied upstream.
* Re-diffed:
- debian/patches/9002-better_default_uri_virsh.patch
* Added:
- debian/patches/add-libvirt-highbank-support.patch: Add highbank
CPU detection support.
- debian/patches/fix-lxc-container-unmounting.patch: Fix container
mounting.
.
libvirt (0.9.12-0ubuntu5) quantal; urgency=low
.
* 9024-initialize-random-generator-in-lxc: invoke virRandomInitialize()
to prevent segfaults when lxc uses virRandomBits(). (LP: #1023205)
.
libvirt (0.9.12-0ubuntu4) quantal; urgency=low
.
* 9022-pass-the-virt-driver-name-into-security-drivers and
9023-dont-enable-apparmor-driver-with-lxc: fix libvirt-lxc breakages
due to incomplete apparmor security driver for lxc.
.
libvirt (0.9.12-0ubuntu3) quantal; urgency=low
.
* install apport hook as right name - libvirt-bin is the binary package,
the source package name is libvirt. (LP: #1007405)
* install /etc/dnsmasq.d/libvirt to configure system wide dnsmasq to not
listen on the libvirt bridge. (Following Stphane's lxc example)
(LP: #928524) (LP: #231060)
- postinst: restart dnsmasq; postrm: remove dnsmasq.d/libvirt file and
restart dnsmasq; rules, libvirt-bin.dirs and libvirt-bin.install:
install new debian/libvirt-bin.dnsmasq file.
.
libvirt (0.9.12-0ubuntu2) quantal; urgency=low
.
* Warn user about bad pc-0.12 machine type, and help user transition.
(LP: #1001625)
- qemu-warn-on-pc-0.12.patch: When defining or starting a VM which uses the
pc-0.12 machine type, warn in libvirtd.log.
- debian/libvirt-migrate-qemu-machinetype: automatically migrate QEMU VMs
to newest machine type. This is not done automatically as there will
be some users who have good reason to stay with pc-0.12.
.
libvirt (0.9.12-0ubuntu1) quantal; urgency=low
.
* New upstream version:
* Synchronize with debian packaging:
- debian/control: Update build depends.
- debian/libvirt-bin.postrm: Cleanup /var/log/libvirt
on purge.
- Bump standards verson (no changes).
- debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch: Added
* Dropped patches:
- debian/patches/Debianize-libvirt-guests.patch
- debian/patches/rewrite-lxc-controller-eof-handling-yet-again
- debian/patches/ubuntu/libnl13.patch
- debian/patches/ubuntu/fix-lxc-startup-error.patch
- debian/patches/ubuntu/fix-bridge-fd.patch
- debian/patches/ubuntu/skip-labelling-network-disks.patch
- debian/patches/ubuntu/xen-xend-shutdown-detection.patch
- debian/patches/ubuntu/xen-config-no-vfb-for-hvm.patch
- debian/patches/debian/Disable-daemon-start-test.patch
- debian/patches/debian/Disable-gnulib-s-test-nonplocking-pipe.sh.patch
- debian/patches/ubuntu/9006-default-config-test-case.patch
- debian/patches/fix-block-migration.patch
- debian/patches/ubuntu/9022-qemu-unescape-HMP-commands-before-converting-them-to.patch
- debian/patches/ubuntu/9023-qemu-change-rbd-auth_supported-separation-character-.patch
- debian/patches/ubuntu/9024-qemu-allow-snapshotting-of-sheepdog-and-rbd-disks.patch
- debian/patches/9025-qemu-change-rbd-auth_supported-separation-character-.patch
- debian/patches/ubuntu/arm-gcc-workaround.patch
* Rediffed:
- debian/patches/Allow-libvirt-group-to-access-the-socket.patch
- debian/patches/Disable-failing-virnetsockettest.patch
- debian/patches/dnsmasq-as-priv-user
- debian/patches/9002-better_default_uri_virsh.patch
* debian/control: Add libnl-route-3-dev ass a build depends.
* debian/patches/libnl3-build-fix.patch: Fix build with libnl3.
.
libvirt (0.9.8-2ubuntu18) quantal; urgency=low
.
* debian/apparmor/usr.sbin.libvirtd: allow execution of /lib/udev/scsi_id
(LP: #992378)
Date: Fri, 16 Jan 2015 10:30:14 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list