Change log for libvirt package in Ubuntu
| 1 → 50 of 797 results | First • Previous • Next • Last |
| Published in noble-proposed |
libvirt (10.0.0-2ubuntu8.10) noble; urgency=medium
* d/p/u-aa/lp2127492-*: apparmor: Allow AMD-SEV device access for
AMD-SEV VM (LP: #2127492)
-- Hector Cao <email address hidden> Wed, 12 Nov 2025 13:04:43 +0100
Available diffs
| Published in plucky-proposed |
libvirt (11.0.0-2ubuntu6.4) plucky; urgency=medium
* d/p/u-aa/lp2127492-*: apparmor: Allow AMD-SEV device access for
AMD-SEV VM (LP: #2127492)
-- Hector Cao <email address hidden> Wed, 12 Nov 2025 12:51:38 +0100
Available diffs
| Published in questing-proposed |
libvirt (11.6.0-1ubuntu3.1) questing; urgency=medium
* d/p/u-aa/lp2127492-*: apparmor: Allow AMD-SEV device access for
AMD-SEV VM (LP: #2127492)
-- Hector Cao <email address hidden> Wed, 12 Nov 2025 12:40:51 +0100
Available diffs
libvirt (11.6.0-1ubuntu6) resolute; urgency=medium
* d/p/u-aa/lp2127492-*: apparmor: Allow AMD-SEV device access for
AMD-SEV VM (LP: #2127492)
-- Hector Cao <email address hidden> Wed, 29 Oct 2025 09:34:08 +0000
Available diffs
| Superseded in resolute-release |
| Deleted in resolute-proposed (Reason: Moved to resolute) |
| Deleted in resolute-release (Reason: Recall after briney release.) |
| Deleted in resolute-proposed (Reason: Moved to resolute) |
libvirt (11.6.0-1ubuntu5) resolute; urgency=medium
* Cherry-pick from Debian git repo
- [a17e07a] patches: Add backports
- Fix building against Wireshark 4.6.0
- Closes: #1118069
-- Gianfranco Costamagna <email address hidden> Sat, 18 Oct 2025 20:02:01 +0200
Available diffs
- diff from 11.6.0-1ubuntu3 to 11.6.0-1ubuntu5 (20.7 KiB)
- diff from 11.6.0-1ubuntu4 to 11.6.0-1ubuntu5 (20.6 KiB)
| Superseded in resolute-proposed |
libvirt (11.6.0-1ubuntu4) resolute; urgency=medium * Rebuild against new libwireshark19. -- Gianfranco Costamagna <email address hidden> Sat, 18 Oct 2025 19:43:53 +0200
Available diffs
- diff from 11.6.0-1ubuntu3 to 11.6.0-1ubuntu4 (378 bytes)
libvirt (8.0.0-1ubuntu7.14) jammy; urgency=medium
* d/p/u-aa/lp2120278-* : virt-aa-helper: Avoid duplicate when append rule
(LP: #2120278)
-- Hector Cao <email address hidden> Tue, 14 Oct 2025 22:38:25 +0000
Available diffs
libvirt (11.0.0-2ubuntu6.3) plucky; urgency=medium
[ Lukas Märdian ]
* d/p/u/lp-2117467-virdevmapper-device-name-for-targets.patch:
virdevmapper: Always use device name for finding targets. This ensures
that all the target devices of a multipath device are added to the
namespace/cgroup of the guest domain.
Closes LP: #2117467.
[ Hector Cao ]
* d/p/u-aa/lp2079869-* : virt-aa-helper: Avoid duplicate when append rule
(LP: #2120278)
-- Hector Cao <email address hidden> Wed, 17 Sep 2025 01:13:17 +0200
Available diffs
libvirt (10.0.0-2ubuntu8.9) noble; urgency=medium
[ Bhavin Gandhi ]
* d/p/u/lp-2117467-virdevmapper-device-name-for-targets.patch:
virdevmapper: Always use device name for finding targets. This ensures
that all the target devices of a multipath device are added to the
namespace/cgroup of the guest domain.
Closes LP: #2117467.
[ Hector Cao ]
* d/p/u-aa/lp2079869-* : virt-aa-helper: Avoid duplicate when append rule
(LP: #2120278)
-- Hector Cao <email address hidden> Wed, 17 Sep 2025 01:20:45 +0200
Available diffs
libvirt (8.0.0-1ubuntu7.13) jammy; urgency=medium
* d/p/u/lp-2117467-virdevmapper-device-name-for-targets.patch:
virdevmapper: Always use device name for finding targets. This ensures
that all the target devices of a multipath device are added to the
namespace/cgroup of the guest domain.
Closes LP: #2117467.
-- Bhavin Gandhi <email address hidden> Tue, 22 Jul 2025 13:50:20 +0530
Available diffs
| Superseded in resolute-release |
| Published in questing-release |
| Deleted in questing-proposed (Reason: Moved to questing) |
libvirt (11.6.0-1ubuntu3) questing; urgency=medium * Support both GNU and Rust coreutils paths in apparmor policy (LP: #2123870) - d/p/u-aa/lp2123870-apparmor-use-the-coreutils-tunable-for-coreutils.patch -- Georgia Garcia <email address hidden> Thu, 23 Sep 2025 15:53:13 -0300
Available diffs
libvirt (11.6.0-1ubuntu2) questing; urgency=medium [ Lukas Märdian ] * Default to qemu:///system libvirt URI (LP: #2027838) On Ubuntu we always want to initialize the URI to qemu:///system, regardless if running as privileged daemon or not. This keeps backward compatibility with Ubuntu's default behavior, while still allowing users more flexibility in changing that default, through config files or environment variables. - d/p/u/lp-2027838-conf-Default-to-qemu-system-libvirt-URI.patch * d/t/default-uri: add basic test for LIBVIRT_DEFAULT_URI handling * d/libvirt-clients.conffiles: Remove libvirt-uri.sh profile.d script * Drop Changes: - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI for users via user profile (qemu:///system) [ Hector Cao ] * d/p/u-aa/lp2079869-* : virt-aa-helper: Avoid duplicate when append rule (LP: #2120278) -- Hector Cao <email address hidden> Wed, 27 Aug 2025 10:18:49 +0200
Available diffs
libvirt (11.6.0-1ubuntu1) questing; urgency=medium * Merge with Debian experimental (LP: #2115181). Remaining changes: * Remaining changes: - d/p/u-aa/lp2079869-*: allow access for bridge helper to sys node (LP 2079869) - d/*(post|pre)(rm|inst), d/*.install: drop generated files - Disable libssh2 support (universe dependency) - d/control: add libzfslinux-dev to build-deps - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI Secure Boot enabled variants of the OVMF firmware and variable store for the paths where we ship these files in Ubuntu. - Set qemu-group to kvm (for compat with older ubuntu) - Additional apport package-hook - Autostart default bridged network (As upstream does, but not Debian). In addition to just enabling it our solution provides: + do not autostart if subnet is already taken (e.g. in guests). + iterate some alternative subnets before giving up + d/l-d-config-network.postinst: clear 'autostarted' state, to activate network on install (LP 2093864) + d/control: Add Breaks/Replaces, to account for the move of configuration of the default bridged network to libvirt-daemon-config-network. (LP 2107448) + d/t/network: Test automatic virbr0 setup via autopkgtest. + d/l-d-config-network.{pre,post}inst.in: diversions for network config. + d/l-d-config-network.{pre,post}inst.in: retain non pkg owned network config. - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is the group based access to libvirt functions as it was used in Ubuntu for quite a long time. + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests due to the group access change. + d/libvirt-daemon-driver-qemu.postinst*: add users in sudo to the libvirt group. - Update README.Debian with Ubuntu changes - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx - fix autopkgtests (LP 1899180) + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making vmlinuz available and accessible (Debian bug 848314) + d/t/control: fix smoke-qemu-session by ensuring the service will run installing libvirt-daemon-system + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as long as the following undefine succeeds + d/t/smoke-lxc: use systemd instead of sysV to restart the service + d/t/control, d/t/smoke-lxc: retry service restart and skip test if failing; This was flaky on some release/architectures + d/t/smoke-lxc: retry check_domain being flaky on arm64 - dnsmasq related enhancements + run dnsmasq as libvirt-dnsmasq (LP 1743718) + d/libvirt-daemon-config-network.postinst*: add libvirt-dnsmasq user and group + d/libvirt-daemon-config-network.postrm*: remove libvirt-dnsmasq user and group on purge + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user libvirt-dnsmasq and adapt the self tests to expect that config + Add dnsmasq configuration to work with system wide dnsmasq-base - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default machine type correctly with newer qemu/libvirt - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for (LP 1861125) fixups - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP 1887592) - d/libvirt-daemon-common.libvirt-guests.default: shut guests down in parallel - Apparmor Delta that is Ubuntu specific or yet to be upstreamed split into logical pieces. File names in debian/patches/ubuntu-aa/: + 0020-virt-aa-helper-ubuntu-storage-paths.patch: apparmor, virt-aa-helper: Allow various storage pools and image locations + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, libvirt-qemu: Add 9p support + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: virt-aa-helper: Ask for no deny rule for readonly disk + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: apparmor, libvirt-qemu: Allow reading charm-specific ceph config + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621 LP 1680384 LP 1784023) + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: apparmor, virt-aa-helper: access for snapped nova + lp-1815910-allow-vhost-hotplug.patch: avoid apparmor issues with vhost-net/vhost-vsock/vhost-scsi hotplug (LP 1815910) - libvirt should not use user/group tss for swtpm (LP 1948880) + d/libvirt-daemon-system.postinst: own swtpm logdir by user swtpm + d/p/u/swtpm-by-swtpm-user.patch: change default spawned swtpm processes to user swtpm and adapt expected self test result changes triggered by this + d/libvirt-daemon-system.postinst: create user/group swtpm if not present due to swtpm-tools (LP 1951975) - d/libvirt-clients.lintian-overrides: Add script-not-executable lintian override - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI for users via user profile (qemu:///system) + Update: Set LIBVIRT_DEFAULT_URI to "qemu:///system" in all cases. (LP #2027838) - d/control: Demote passt to Suggests (from Recommends) for libvirt-daemon-driver-qemu, because passt is in universe. - d/control: Make libvirt-daemon Suggest (instead of Recommend) libvirt-daemon-plugin-sanlock, which is in universe. - d/control: re-generate from d/control-in: we stop changing both files and eventually re-generate from d/control-in at built as intended. * Updated changes - d/p/u/ovmf_paths.patch: update to match new upstreams qemu.conf - d/p/u/swtpm-by-swtpm-user.patch: update to match new upstreams qemu.conf -- Christian Ehrhardt <email address hidden> Mon, 04 Aug 2025 13:24:59 +0200
Available diffs
- diff from 11.4.0-1ubuntu2 to 11.6.0-1ubuntu1 (960.1 KiB)
libvirt (11.0.0-2ubuntu6.2) plucky; urgency=medium
* l-d-config-network.postinst: clear 'autostarted' state, to activate
network on install (LP: #2093864)
* d/control: Change Pre-Depends to just Depends on l-d-config-network, as it
turns out the Pre-Depends causes ordering issues and is not actually needed
(LP: #2107448).
Available diffs
- diff from 11.0.0-2ubuntu6.1 to 11.0.0-2ubuntu6.2 (1021 bytes)
libvirt (11.4.0-1ubuntu2) questing; urgency=medium
* d/l-d-config-network.postinst: clear 'autostarted' state, to activate
network on install (LP: #2093864)
* Drop Changes: [Replaced by the above]
- Start default network on install (LP 2093864)
+ d/l-d-config-network.postinst: add explicit virsh net-start workaround
+ d/control: add libvirt-clients Recommends to l-d-config-network
+ d/l-d-config-network.dirs: add var/libvirt/dnsmasq to store lease files
to avoid a warning on install
-- Lukas Märdian <email address hidden> Wed, 25 Jun 2025 11:02:02 +0200
Available diffs
libvirt (11.4.0-1ubuntu1) questing; urgency=medium [ Christian Ehrhardt ] * Merge with Debian experimental (LP: #2110424) * Among many other imrpovements this fixes - ppc64: P11 Support in Libvirt (LP: #2109469) - s390x: KVM: Implement virsh hypervisor-cpu-models (LP: #2027925) * Remaining changes: - d/p/u-aa/lp2079869-*: allow access for bridge helper to sys node (LP 2079869) - d/*(post|pre)(rm|inst), d/*.install: drop generated files - Disable libssh2 support (universe dependency) - d/control: add libzfslinux-dev to build-deps - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI Secure Boot enabled variants of the OVMF firmware and variable store for the paths where we ship these files in Ubuntu. - Set qemu-group to kvm (for compat with older ubuntu) - Additional apport package-hook - Autostart default bridged network (As upstream does, but not Debian). In addition to just enabling it our solution provides: + do not autostart if subnet is already taken (e.g. in guests). + iterate some alternative subnets before giving up - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is the group based access to libvirt functions as it was used in Ubuntu for quite a long time. + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests due to the group access change. + d/libvirt-daemon-driver-qemu.postinst*: add users in sudo to the libvirt group. - Update README.Debian with Ubuntu changes - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx - fix autopkgtests (LP 1899180) + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making vmlinuz available and accessible (Debian bug 848314) + d/t/control: fix smoke-qemu-session by ensuring the service will run installing libvirt-daemon-system + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as long as the following undefine succeeds + d/t/smoke-lxc: use systemd instead of sysV to restart the service + d/t/control, d/t/smoke-lxc: retry service restart and skip test if failing; This was flaky on some release/architectures + d/t/smoke-lxc: retry check_domain being flaky on arm64 - dnsmasq related enhancements + run dnsmasq as libvirt-dnsmasq (LP 1743718) + d/libvirt-daemon-driver-qemu.postinst*: add libvirt-dnsmasq user and group + d/libvirt-daemon-driver-qemu.postrm*: remove libvirt-dnsmasq user and group on purge + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user libvirt-dnsmasq and adapt the self tests to expect that config + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group + Add dnsmasq configuration to work with system wide dnsmasq-base - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default machine type correctly with newer qemu/libvirt - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for (LP 1861125) fixups - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP 1887592) - d/libvirt-daemon-common.libvirt-guests.default: shut guests down in parallel - Apparmor Delta that is Ubuntu specific or yet to be upstreamed split into logical pieces. File names in debian/patches/ubuntu-aa/: + 0020-virt-aa-helper-ubuntu-storage-paths.patch: apparmor, virt-aa-helper: Allow various storage pools and image locations + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, libvirt-qemu: Add 9p support + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: virt-aa-helper: Ask for no deny rule for readonly disk + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: apparmor, libvirt-qemu: Allow reading charm-specific ceph config + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621 LP 1680384 LP 1784023) + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: apparmor, virt-aa-helper: access for snapped nova + lp-1815910-allow-vhost-hotplug.patch: avoid apparmor issues with vhost-net/vhost-vsock/vhost-scsi hotplug (LP 1815910) - libvirt should not use user/group tss for swtpm (LP 1948880) + d/libvirt-daemon-system.postinst: own swtpm logdir by user swtpm + d/p/u/swtpm-by-swtpm-user.patch: change default spawned swtpm processes to user swtpm and adapt expected self test result changes triggered by this + d/libvirt-daemon-system.postinst: create user/group swtpm if not present due to swtpm-tools (LP 1951975) - d/libvirt-clients.lintian-overrides: Add script-not-executable lintian override - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI for users via user profile (qemu:///system) + Update: Set LIBVIRT_DEFAULT_URI to "qemu:///system" in all cases. (LP #2027838) - d/control: Demote passt to Suggests (from Recommends) for libvirt-daemon-driver-qemu, because passt is in universe. - d/control: Make libvirt-daemon Suggest (instead of Recommend) libvirt-daemon-plugin-sanlock, which is in universe. * Added changes - d/control: re-generate from d/control-in: we stop changing both files and eventually re-generate from d/control-in as it is meant to be. Having more than just d/control-in is only a git-import artifact anyway. * Drop changes [in Debian 11.1.0-2] - Fix potential issue in regard to conffile transfer on upgrades (LP 2105496) * Drop changes [in Upstream 11.1.0] - d/control: drop libvirt-lxc, vbox and xen drivers to suggest - apparmor: Allow SGX if configured (LP 2100024) - d/p/u/lp2097886: Enable virtio-mem support not in 11.0 (LP 2097886) [ Lukas Märdian ] * Move autostart of default bridged network from libvirt-daemon-driver-qemu to libvirt-daemon-config-network.postinst, as it depends on the default.xml template shipped by the latter. (LP: #2107448) - Move dnsmasq related enhancements to libvirt-daemon-config-network + run dnsmasq as libvirt-dnsmasq (LP: 1743718) + d/libvirt-daemon-config-network.postinst*: add libvirt-dnsmasq user/group, as moved from d/libvirt-daemon-driver-qemu.postinst. + d/libvirt-daemon-config-network.postrm*: remove libvirt-dnsmasq user/group on purge, as moved from d/libvirt-daemon-driver-qemu.postinst + Move dnsmasq configuration to work with system wide dnsmasq-base from libvirt-daemon-driver-qemu.post* to libvirt-daemon-config-network.post* - d/control: Add Breaks/Replaces, to account for the move of configuration of the default bridged network to libvirt-daemon-config-network. As per https://wiki.debian.org/PackageTransition case #9. - d/t/network: Test automatic virbr0 setup via autopkgtest. - d/l-d-config-network.{pre,post}inst.in: Add diversions for network config. - d/l-d-config-network.{pre,post}inst.in: retain non pkg owned network config. * Start default network on install (LP: #2093864) - d/l-d-config-network.postinst: add explicit virsh net-start workaround - d/control: add libvirt-clients Recommends to l-d-config-network - d/l-d-config-network.dirs: add var/libvirt/dnsmasq to store lease files to avoid a warning on install * Drop Changes: - d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group [Upgrade path for 4.0.0-1ubuntu5~ not relevant anymore] -- Christian Ehrhardt <email address hidden> Wed, 11 Jun 2025 13:11:23 +0200
Available diffs
libvirt (8.0.0-1ubuntu7.12) jammy; urgency=medium
* d/p/u/lp2106812-cpu_map-Drop-mpx-from-x86-cpu-models.patch:
Memory protection extensions (MPX) were introduced in Intel Skylake
generation CPUs and provided hardware support for bound checking. This
feature will not be supported in Intel CPUs beginning with the Ice Lake
generation. Remove missing mpx feature so that libvirts detects correctly
CPU models (Icelake, ..) instead of the old Blackwell (LP: #2106812)
-- Hector Cao <email address hidden> Wed, 23 Apr 2025 03:41:12 +0200
Available diffs
libvirt (10.0.0-2ubuntu8.8) noble; urgency=medium [ Lukas Märdian ] * Move README.Debian to libvirt0 package (LP: #2108995). [ Hector Cao ] * d/p/u/lp2106812-cpu_map-Drop-mpx-from-x86-cpu-models.patch: Memory protection extensions (MPX) were introduced in Intel Skylake generation CPUs and provided hardware support for bound checking. This feature will not be supported in Intel CPUs beginning with the Ice Lake generation. Remove missing mpx feature so that libvirts detects correctly CPU models (Icelake, ..) instead of the old Blackwell (LP: #2106812) -- Lukas Märdian <email address hidden> Wed, 04 Jun 2025 09:53:50 +0200
Available diffs
libvirt (11.0.0-2ubuntu8) questing; urgency=medium * No-change rebuild for libxml2 soname change. -- Matthias Klose <email address hidden> Fri, 23 May 2025 06:06:37 +0200
Available diffs
| Superseded in questing-proposed |
libvirt (11.0.0-2ubuntu7) questing; urgency=medium * Rebuild against latest fuse3 -- Jeremy Bícha <email address hidden> Fri, 02 May 2025 09:11:40 -0400
Available diffs
- diff from 11.0.0-2ubuntu6 to 11.0.0-2ubuntu7 (348 bytes)
| Superseded in plucky-proposed |
libvirt (11.0.0-2ubuntu6.1) plucky; urgency=medium
* d/control: Add Pre-Depends on libvirt-daemon-config-network, as
libvirt-daemon-driver-qemu can modify template data created by
libvirt-daemon-config-network's .postinst maintainer script.
(LP: #2107448)
-- Lukas Märdian <email address hidden> Wed, 16 Apr 2025 10:19:03 +0200
Available diffs
- diff from 11.0.0-2ubuntu6 to 11.0.0-2ubuntu6.1 (655 bytes)
| Superseded in questing-release |
| Published in plucky-release |
| Deleted in plucky-proposed (Reason: Moved to plucky) |
libvirt (11.0.0-2ubuntu6) plucky; urgency=medium
* Fix potential issue in regard to conffile transfer on upgrades
(LP: #2105496) backported from 11.1.0-2.
It was intended to make upgrades smoother, but unfortunately
it caused serious issues in certain scenarios. Let dpkg's
built-in logic take care of everything instead
- d/snippets.sh: Drop custom conffile transfer logic
- d/control: Drop Recommends on non-QEMU hypervisor drivers
- d/*.postinst: delete now unused maintainer scripts
- d/NEWS: inform about the remaining drawbacks for awareness
- Thanks to Andrea Bolognani for the fix and Kevin Otte for reporting.
* d/*(post|pre)(rm|inst), d/*.install: drop generated files
-- Christian Ehrhardt <email address hidden> Mon, 31 Mar 2025 15:54:27 +0200
Available diffs
- diff from 11.0.0-2ubuntu5 to 11.0.0-2ubuntu6 (18.8 KiB)
libvirt (11.0.0-2ubuntu5) plucky; urgency=medium * Rebuild against latest xen -- Jeremy Bícha <email address hidden> Sun, 16 Mar 2025 08:16:05 -0400
Available diffs
- diff from 11.0.0-2ubuntu4 to 11.0.0-2ubuntu5 (336 bytes)
libvirt (10.0.0-2ubuntu8.7) noble; urgency=medium [ Heinrich Schuchardt ] * Fix compiler macro to correctly detect RISC-V (LP: #2095488) - d/p/u/lp-2095488-virsysinfo-Try-reading-DMI-table.patch - d/p/u/lp-2095488-virsysinfo-fix-RISC-V-detection.patch [ Lukas Märdian ] * Add full boot order support on s390x (LP: #2051239) - d/p/u/lp2051239/1-qemu-capabilities-Add-QEMU_CAPS_VIRTIO_CCW_DEVICE.patch - d/p/u/lp2051239/2-qemu-command-add-multi-boot-device-support-on-s39.patch * apparmor: Allow SGX if configured (LP: #2100024) - d/p/u-aa/lp-2100024-Allow-SGX-if-configured.patch -- Lukas Märdian <email address hidden> Thu, 13 Mar 2025 17:25:50 +0100
Available diffs
libvirt (10.6.0-1ubuntu3.3) oracular; urgency=medium [ Heinrich Schuchardt ] * Fix compiler macro to correctly detect RISC-V (LP: #2095488) - d/p/u/lp-2095488-virsysinfo-fix-RISC-V-detection.patch [ Lukas Märdian ] * Add full boot order support on s390x (LP: #2051239) - d/p/u/lp2051239/1-qemu-capabilities-Add-QEMU_CAPS_VIRTIO_CCW_DEVICE.patch - d/p/u/lp2051239/2-qemu-command-add-multi-boot-device-support-on-s39.patch * apparmor: Allow SGX if configured (LP: #2100024) - d/p/u-aa/lp-2100024-Allow-SGX-if-configured.patch -- Lukas Märdian <email address hidden> Thu, 13 Mar 2025 17:24:38 +0100
Available diffs
libvirt (8.0.0-1ubuntu7.11) jammy; urgency=medium
* d/p/u/lp-2077336-drop-tpm-tis-arch-validation-*.patch: Drop tpm-tis
validation and fix armv7l VM creation. (LP: #2077336)
-- Sergio Durigan Junior <email address hidden> Wed, 04 Sep 2024 21:27:45 -0400
Available diffs
libvirt (11.0.0-2ubuntu4) plucky; urgency=medium * apparmor: Allow SGX if configured (LP: #2100024) - d/p/u-aa/lp-2100024-Allow-SGX-if-configured.patch -- Lukas Märdian <email address hidden> Wed, 12 Mar 2025 11:40:34 +0100
Available diffs
| Superseded in plucky-proposed |
libvirt (11.0.0-2ubuntu3) plucky; urgency=medium * Rebuild against new libxen4.20. -- Gianfranco Costamagna <email address hidden> Wed, 12 Mar 2025 08:14:40 +0100
Available diffs
- diff from 11.0.0-2ubuntu2 to 11.0.0-2ubuntu3 (357 bytes)
libvirt (11.0.0-2ubuntu2) plucky; urgency=medium * d/p/u/lp2097886: Enable virtio-mem support not in 11.0 (LP: #2097886) [ Hector Cao ] * d/p/u-aa/lp2079869-*: allow access for bridge helper to sys node (LP: #2079869) -- Lukas Märdian <email address hidden> Thu, 13 Feb 2025 09:40:13 +0100
Available diffs
libvirt (11.0.0-2ubuntu1) plucky; urgency=medium * Merge with Debian unstable (LP: #2092350). Remaining changes: - Disable libssh2 support (universe dependency) - d/control: add libzfslinux-dev to build-deps - d/control: drop libvirt-lxc, vbox and xen drivers to suggest - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI Secure Boot enabled variants of the OVMF firmware and variable store for the paths where we ship these files in Ubuntu. - Set qemu-group to kvm (for compat with older ubuntu) - Additional apport package-hook - Autostart default bridged network (As upstream does, but not Debian). In addition to just enabling it our solution provides: + do not autostart if subnet is already taken (e.g. in guests). + iterate some alternative subnets before giving up - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is the group based access to libvirt functions as it was used in Ubuntu for quite a long time. + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests due to the group access change. + d/libvirt-daemon-driver-qemu.postinst*: add users in sudo to the libvirt group. - Update README.Debian with Ubuntu changes - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx - fix autopkgtests (LP 1899180) + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making vmlinuz available and accessible (Debian bug 848314) + d/t/control: fix smoke-qemu-session by ensuring the service will run installing libvirt-daemon-system + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as long as the following undefine succeeds + d/t/smoke-lxc: use systemd instead of sysV to restart the service + d/t/control, d/t/smoke-lxc: retry service restart and skip test if failing; This was flaky on some release/architectures + d/t/smoke-lxc: retry check_domain being flaky on arm64 - dnsmasq related enhancements + run dnsmasq as libvirt-dnsmasq (LP 1743718) + d/libvirt-daemon-driver-qemu.postinst*: add libvirt-dnsmasq user and group + d/libvirt-daemon-driver-qemu.postrm*: remove libvirt-dnsmasq user and group on purge + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user libvirt-dnsmasq and adapt the self tests to expect that config + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group + Add dnsmasq configuration to work with system wide dnsmasq-base - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default machine type correctly with newer qemu/libvirt - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for (LP 1861125) fixups - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP 1887592) - d/libvirt-daemon-common.libvirt-guests.default: shut guests down in parallel - Apparmor Delta that is Ubuntu specific or yet to be upstreamed split into logical pieces. File names in debian/patches/ubuntu-aa/: + 0020-virt-aa-helper-ubuntu-storage-paths.patch: apparmor, virt-aa-helper: Allow various storage pools and image locations + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, libvirt-qemu: Add 9p support + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: virt-aa-helper: Ask for no deny rule for readonly disk + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: apparmor, libvirt-qemu: Allow reading charm-specific ceph config + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621 LP 1680384 LP 1784023) + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: apparmor, virt-aa-helper: access for snapped nova + lp-1815910-allow-vhost-hotplug.patch: avoid apparmor issues with vhost-net/vhost-vsock/vhost-scsi hotplug (LP 1815910) - libvirt should not use user/group tss for swtpm (LP 1948880) + d/libvirt-daemon-system.postinst: own swtpm logdir by user swtpm + d/p/u/swtpm-by-swtpm-user.patch: change default spawned swtpm processes to user swtpm and adapt expected self test result changes triggered by this + d/libvirt-daemon-system.postinst: create user/group swtpm if not present due to swtpm-tools (LP 1951975) - d/libvirt-clients.lintian-overrides: Add script-not-executable lintian override - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI for users via user profile (qemu:///system) + Update: Set LIBVIRT_DEFAULT_URI to "qemu:///system" in all cases. (LP #2027838) - d/control: Demote passt to Suggests (from Recommends) for libvirt-daemon-driver-qemu, because passt is in universe. - d/control: Make libvirt-daemon Suggest (instead of Recommend) libvirt-daemon-plugin-sanlock, which is in universe. * Drop changes: - d/p/u/virsysinfo-fix-RISC-V-detection.patch: Fix compiler macro to correctly detect RISC-V. [ in Debian 11.0.0-2 ] -- Christian Ehrhardt <email address hidden> Fri, 07 Feb 2025 10:55:55 +0100
Available diffs
- diff from 10.10.0-4ubuntu2 to 11.0.0-2ubuntu1 (570.7 KiB)
libvirt (10.10.0-4ubuntu2) plucky; urgency=medium
* d/p/u/virsysinfo-fix-RISC-V-detection.patch: Fix compiler macro to
correctly detect RISC-V. (LP: #2095488)
-- Sergio Durigan Junior <email address hidden> Wed, 22 Jan 2025 18:12:00 -0500
Available diffs
libvirt (10.6.0-1ubuntu3.2) oracular; urgency=medium
[ Heinrich Schuchardt ]
- d/p/ubuntu-aa/virt-aa-helper-allow-riscv64-EDK-II.patch
virt-aa-helper: allow riscv64 EDK II (LP: #2091357)
-- Sergio Durigan Junior <email address hidden> Mon, 20 Jan 2025 19:14:51 -0500
Available diffs
libvirt (10.0.0-2ubuntu8.6) noble; urgency=medium
- d/p/u/lp-2084136-fix-get-number-block-io-throttle-params.patch:
Fix issue preventing the user to obtain the number of block I/O
parameters. (LP: #2084136)
[ Heinrich Schuchardt ]
- d/p/ubuntu-aa/virt-aa-helper-allow-riscv64-EDK-II.patch
virt-aa-helper: allow riscv64 EDK II (LP: #2091357)
-- Sergio Durigan Junior <email address hidden> Mon, 20 Jan 2025 14:38:05 -0500
Available diffs
| Superseded in plucky-proposed |
libvirt (10.10.0-4ubuntu1) plucky; urgency=medium * Merge with Debian unstable (LP: #2093212, #2093355). Remaining changes: - Disable libssh2 support (universe dependency) - d/control: add libzfslinux-dev to build-deps - d/control: drop libvirt-lxc, vbox and xen drivers to suggest - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI Secure Boot enabled variants of the OVMF firmware and variable store for the paths where we ship these files in Ubuntu. - Set qemu-group to kvm (for compat with older ubuntu) - Additional apport package-hook - Autostart default bridged network (As upstream does, but not Debian). In addition to just enabling it our solution provides: + do not autostart if subnet is already taken (e.g. in guests). + iterate some alternative subnets before giving up - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is the group based access to libvirt functions as it was used in Ubuntu for quite a long time. + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests due to the group access change. + d/libvirt-daemon-driver-qemu.postinst*: add users in sudo to the libvirt group. - Update README.Debian with Ubuntu changes - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx - fix autopkgtests (LP 1899180) + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making vmlinuz available and accessible (Debian bug 848314) + d/t/control: fix smoke-qemu-session by ensuring the service will run installing libvirt-daemon-system + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as long as the following undefine succeeds + d/t/smoke-lxc: use systemd instead of sysV to restart the service + d/t/control, d/t/smoke-lxc: retry service restart and skip test if failing; This was flaky on some release/architectures + d/t/smoke-lxc: retry check_domain being flaky on arm64 - dnsmasq related enhancements + run dnsmasq as libvirt-dnsmasq (LP 1743718) + d/libvirt-daemon-driver-qemu.postinst*: add libvirt-dnsmasq user and group + d/libvirt-daemon-driver-qemu.postrm*: remove libvirt-dnsmasq user and group on purge + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user libvirt-dnsmasq and adapt the self tests to expect that config + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group + Add dnsmasq configuration to work with system wide dnsmasq-base - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default machine type correctly with newer qemu/libvirt - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for (LP 1861125) fixups - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP 1887592) - d/libvirt-daemon-common.libvirt-guests.default: shut guests down in parallel - Apparmor Delta that is Ubuntu specific or yet to be upstreamed split into logical pieces. File names in debian/patches/ubuntu-aa/: + 0020-virt-aa-helper-ubuntu-storage-paths.patch: apparmor, virt-aa-helper: Allow various storage pools and image locations + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, libvirt-qemu: Add 9p support + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: virt-aa-helper: Ask for no deny rule for readonly disk + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: apparmor, libvirt-qemu: Allow reading charm-specific ceph config + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621 LP 1680384 LP 1784023) + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: apparmor, virt-aa-helper: access for snapped nova + lp-1815910-allow-vhost-hotplug.patch: avoid apparmor issues with vhost-net/vhost-vsock/vhost-scsi hotplug (LP 1815910) - libvirt should not use user/group tss for swtpm (LP 1948880) + d/libvirt-daemon-system.postinst: own swtpm logdir by user swtpm + d/p/u/swtpm-by-swtpm-user.patch: change default spawned swtpm processes to user swtpm and adapt expected self test result changes triggered by this + d/libvirt-daemon-system.postinst: create user/group swtpm if not present due to swtpm-tools (LP 1951975) - d/libvirt-clients.lintian-overrides: Add script-not-executable lintian override - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI for users via user profile (qemu:///system) + Update: Set LIBVIRT_DEFAULT_URI to "qemu:///system" in all cases. (LP #2027838) - d/control: Demote passt to Suggests (from Recommends) for libvirt-daemon-driver-qemu, because passt is in universe. - d/control: Make libvirt-daemon Suggest (instead of Recommend) libvirt-daemon-plugin-sanlock, which is in universe. * Drop changes: - d/p/ubuntu-aa/virt-aa-helper-allow-riscv64-EDK-II.patch: virt-aa-helper: allow riscv64 EDK II (LP #2091357) [ Incorporated by Debian. ] -- Sergio Durigan Junior <email address hidden> Tue, 07 Jan 2025 14:32:53 -0500
Available diffs
libvirt (10.10.0-1ubuntu2) plucky; urgency=medium
* d/control: Make libvirt-daemon Suggest (instead of Recommend)
libvirt-daemon-plugin-sanlock, which is in universe.
Available diffs
- diff from 10.6.0-1ubuntu5 to 10.10.0-1ubuntu2 (3.8 MiB)
- diff from 10.10.0-1ubuntu1 to 10.10.0-1ubuntu2 (776 bytes)
| Superseded in plucky-proposed |
libvirt (10.10.0-1ubuntu1) plucky; urgency=medium * Merge with Debian unstable (LP: #2085246). Remaining changes: - Disable libssh2 support (universe dependency) - d/control: add libzfslinux-dev to build-deps - d/control: drop libvirt-lxc, vbox and xen drivers to suggest - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI Secure Boot enabled variants of the OVMF firmware and variable store for the paths where we ship these files in Ubuntu. - Set qemu-group to kvm (for compat with older ubuntu) - Additional apport package-hook - Autostart default bridged network (As upstream does, but not Debian). In addition to just enabling it our solution provides: + do not autostart if subnet is already taken (e.g. in guests). + iterate some alternative subnets before giving up - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is the group based access to libvirt functions as it was used in Ubuntu for quite a long time. + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests due to the group access change. + d/libvirt-daemon-driver-qemu.postinst*: add users in sudo to the libvirt group. - Update README.Debian with Ubuntu changes - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx - fix autopkgtests (LP 1899180) + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making vmlinuz available and accessible (Debian bug 848314) + d/t/control: fix smoke-qemu-session by ensuring the service will run installing libvirt-daemon-system + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as long as the following undefine succeeds + d/t/smoke-lxc: use systemd instead of sysV to restart the service + d/t/control, d/t/smoke-lxc: retry service restart and skip test if failing; This was flaky on some release/architectures + d/t/smoke-lxc: retry check_domain being flaky on arm64 - dnsmasq related enhancements + run dnsmasq as libvirt-dnsmasq (LP 1743718) + d/libvirt-daemon-driver-qemu.postinst*: add libvirt-dnsmasq user and group + d/libvirt-daemon-driver-qemu.postrm*: remove libvirt-dnsmasq user and group on purge + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user libvirt-dnsmasq and adapt the self tests to expect that config + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group + Add dnsmasq configuration to work with system wide dnsmasq-base - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default machine type correctly with newer qemu/libvirt - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for (LP 1861125) fixups - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP 1887592) - d/libvirt-daemon-common.libvirt-guests.default: shut guests down in parallel - Apparmor Delta that is Ubuntu specific or yet to be upstreamed split into logical pieces. File names in debian/patches/ubuntu-aa/: + 0020-virt-aa-helper-ubuntu-storage-paths.patch: apparmor, virt-aa-helper: Allow various storage pools and image locations + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, libvirt-qemu: Add 9p support + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: virt-aa-helper: Ask for no deny rule for readonly disk + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: apparmor, libvirt-qemu: Allow reading charm-specific ceph config + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621 LP 1680384 LP 1784023) + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: apparmor, virt-aa-helper: access for snapped nova + lp-1815910-allow-vhost-hotplug.patch: avoid apparmor issues with vhost-net/vhost-vsock/vhost-scsi hotplug (LP 1815910) - libvirt should not use user/group tss for swtpm (LP 1948880) + d/libvirt-daemon-system.postinst: own swtpm logdir by user swtpm + d/p/u/swtpm-by-swtpm-user.patch: change default spawned swtpm processes to user swtpm and adapt expected self test result changes triggered by this + d/libvirt-daemon-system.postinst: create user/group swtpm if not present due to swtpm-tools (LP 1951975) - d/libvirt-clients.lintian-overrides: Add script-not-executable lintian override - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI for users via user profile (qemu:///system) + Update: Set LIBVIRT_DEFAULT_URI to "qemu:///system" in all cases. (LP #2027838) - d/control: Demote passt to Suggests (from Recommends) for libvirt-daemon-driver-qemu, because passt is in universe. * Drop changes: - Apply upstream patch to allow access to /usr/libexec/qemu/qemu-bridge-helper in apparmor profile (LP #2079806) [ Applied upstream. ] - SECURITY UPDATE: virtinterfaced null pointer DoS + debian/patches/CVE-2024-8235.patch: honour array length for zero-length NULL arrays in src/interface/interface_backend_udev.c. + CVE-2024-8235 [ Applied upstream. ] - d/p/u/lp-2083986-drop-vmx-from-migratable-cpu-when-origCPU-set.patch: Backport upstream patch to fix issues with domain migrations between two nested VMs due to mismatched check of CPU features. (LP #2083986) [ Applied upstream. ] - d/control: Use libc6-dev instead of libc-dev as a build dependency [ Not needed anymore. ] * Add changes: [ Heinrich Schuchardt ] - d/p/ubuntu-aa/virt-aa-helper-allow-riscv64-EDK-II.patch: virt-aa-helper: allow riscv64 EDK II (LP: #2091357) -- Sergio Durigan Junior <email address hidden> Mon, 16 Dec 2024 14:46:34 -0500
Available diffs
libvirt (10.0.0-2ubuntu8.5) noble; urgency=medium
- d/p/u/lp-2051754-*.patch: Refresh patches against accepted
upstream version. This should not have any visible user changes.
- d/p/u/lp-2071848-fix-migration-with-disabled-vmx-features.patch:
Refresh patch.
- d/p/u/lp-2083986-*.patch: Backport upstream patches to fix issues
with domain migrations between two nested VMs due to mismatched
check of CPU features. (LP: #2083986)
-- Sergio Durigan Junior <email address hidden> Mon, 25 Nov 2024 21:02:52 -0500
Available diffs
libvirt (10.6.0-1ubuntu3.1) oracular; urgency=medium
- d/p/u/lp-2083986-drop-vmx-from-migratable-cpu-when-origCPU-set.patch:
Backport upstream patch to fix issues with domain migrations
between two nested VMs due to mismatched check of CPU
features. (LP: #2083986)
-- Sergio Durigan Junior <email address hidden> Mon, 25 Nov 2024 21:12:03 -0500
Available diffs
libvirt (10.6.0-1ubuntu5) plucky; urgency=medium
- d/p/u/lp-2083986-drop-vmx-from-migratable-cpu-when-origCPU-set.patch:
Backport upstream patch to fix issues with domain migrations
between two nested VMs due to mismatched check of CPU
features. (LP: #2083986)
-- Sergio Durigan Junior <email address hidden> Mon, 25 Nov 2024 21:14:16 -0500
Available diffs
libvirt (10.6.0-1ubuntu4) plucky; urgency=medium * No-change rebuild for libwireshark18 -- Sudip Mukherjee <email address hidden> Sat, 02 Nov 2024 18:53:35 +0000
Available diffs
- diff from 10.6.0-1ubuntu3 to 10.6.0-1ubuntu4 (348 bytes)
| Superseded in plucky-release |
| Published in oracular-release |
| Deleted in oracular-proposed (Reason: Moved to oracular) |
libvirt (10.6.0-1ubuntu3) oracular; urgency=medium
* SECURITY UPDATE: virtinterfaced null pointer DoS
- debian/patches/CVE-2024-8235.patch: honour array length for
zero-length NULL arrays in src/interface/interface_backend_udev.c.
- CVE-2024-8235
-- Marc Deslauriers <email address hidden> Mon, 09 Sep 2024 14:30:28 -0400
Available diffs
libvirt (10.6.0-1ubuntu2) oracular; urgency=medium
* Apply upstream patch to allow access to
/usr/libexec/qemu/qemu-bridge-helper in apparmor profile (LP: #2079806)
- d/p/ubuntu-aa/allow-more-paths-for-qemu-bridge-helper.patch
-- Olivier Gayot <email address hidden> Fri, 06 Sep 2024 12:04:29 +0200
Available diffs
libvirt (10.0.0-2ubuntu8.4) noble; urgency=medium
* d/p/u/lp-2072647-log_cleaner-Detect-rotated-filenames-properly.patch:
Fix virtlogd bug "internal error: Failed to parse rotated index", this
happens when max_age_days parameter is enabled. (LP: #2072647)
-- David Negreira <email address hidden> Wed, 10 Jul 2024 13:23:06 +0000
Available diffs
libvirt (10.6.0-1ubuntu1) oracular; urgency=medium * Merge with Debian unstable (LP: #2076676). Remaining changes: - Disable libssh2 support (universe dependency) - d/control: add libzfslinux-dev to build-deps - d/control: drop libvirt-lxc, vbox and xen drivers to suggest - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI Secure Boot enabled variants of the OVMF firmware and variable store for the paths where we ship these files in Ubuntu. - Set qemu-group to kvm (for compat with older ubuntu) - Additional apport package-hook - Autostart default bridged network (As upstream does, but not Debian). In addition to just enabling it our solution provides: + do not autostart if subnet is already taken (e.g. in guests). + iterate some alternative subnets before giving up - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is the group based access to libvirt functions as it was used in Ubuntu for quite a long time. + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests due to the group access change. + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt group. - Update README.Debian with Ubuntu changes - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx - fix autopkgtests (LP 1899180) + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making vmlinuz available and accessible (Debian bug 848314) + d/t/control: fix smoke-qemu-session by ensuring the service will run installing libvirt-daemon-system + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as long as the following undefine succeeds + d/t/smoke-lxc: use systemd instead of sysV to restart the service + d/t/control, d/t/smoke-lxc: retry service restart and skip test if failing; This was flaky on some release/architectures + d/t/smoke-lxc: retry check_domain being flaky on arm64 - dnsmasq related enhancements + run dnsmasq as libvirt-dnsmasq (LP 1743718) + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group on purge + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user libvirt-dnsmasq and adapt the self tests to expect that config + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group + Add dnsmasq configuration to work with system wide dnsmasq-base - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default machine type correctly with newer qemu/libvirt - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for (LP 1861125) fixups - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP 1887592) - d/libvirt-daemon-system.libvirt-guests.default: shut guests down in parallel - Apparmor Delta that is Ubuntu specific or yet to be upstreamed split into logical pieces. File names in debian/patches/ubuntu-aa/: + 0020-virt-aa-helper-ubuntu-storage-paths.patch: apparmor, virt-aa-helper: Allow various storage pools and image locations + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, libvirt-qemu: Add 9p support + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: virt-aa-helper: Ask for no deny rule for readonly disk + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: apparmor, libvirt-qemu: Allow reading charm-specific ceph config + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621 LP 1680384 LP 1784023) + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: apparmor, virt-aa-helper: access for snapped nova + lp-1815910-allow-vhost-hotplug.patch: avoid apparmor issues with vhost-net/vhost-vsock/vhost-scsi hotplug (LP 1815910) - libvirt should not use user/group tss for swtpm (LP 1948880) + d/libvirt-daemon-system.postinst: own swtpm logdir by user swtpm + d/p/u/swtpm-by-swtpm-user.patch: change default spawned swtpm processes to user swtpm and adapt expected self test result changes triggered by this + d/libvirt-daemon-system.postinst: create user/group swtpm if not present due to swtpm-tools (LP 1951975) - d/control: Use libc6-dev instead of libc-dev as a build dependency - d/libvirt-clients.lintian-overrides: Add script-not-executable lintian override - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI for users via user profile (xen URI on dom0, qemu:///system otherwise) + Update: Set LIBVIRT_DEFAULT_URI to "qemu:///system" in all cases, do not set to "xen:///" (LP #2027838) - d/control: Demote passt to Suggests (from Recommends) for libvirt-daemon-driver-qemu, because passt is in universe. -- Sergio Durigan Junior <email address hidden> Mon, 12 Aug 2024 15:14:48 -0400
Available diffs
- diff from 10.5.0-1ubuntu1 to 10.6.0-1ubuntu1 (667.6 KiB)
libvirt (10.5.0-1ubuntu1) oracular; urgency=medium * Merge with Debian unstable (LP: #2064422). Remaining changes: - Disable libssh2 support (universe dependency) - d/control: add libzfslinux-dev to build-deps - d/control: drop libvirt-lxc, vbox and xen drivers to suggest - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI Secure Boot enabled variants of the OVMF firmware and variable store for the paths where we ship these files in Ubuntu. - Set qemu-group to kvm (for compat with older ubuntu) - Additional apport package-hook - Autostart default bridged network (As upstream does, but not Debian). In addition to just enabling it our solution provides: + do not autostart if subnet is already taken (e.g. in guests). + iterate some alternative subnets before giving up - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is the group based access to libvirt functions as it was used in Ubuntu for quite a long time. + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests due to the group access change. + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt group. - Update README.Debian with Ubuntu changes - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx - fix autopkgtests (LP 1899180) + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making vmlinuz available and accessible (Debian bug 848314) + d/t/control: fix smoke-qemu-session by ensuring the service will run installing libvirt-daemon-system + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as long as the following undefine succeeds + d/t/smoke-lxc: use systemd instead of sysV to restart the service + d/t/control, d/t/smoke-lxc: retry service restart and skip test if failing; This was flaky on some release/architectures + d/t/smoke-lxc: retry check_domain being flaky on arm64 - dnsmasq related enhancements + run dnsmasq as libvirt-dnsmasq (LP 1743718) + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group on purge + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user libvirt-dnsmasq and adapt the self tests to expect that config + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group + Add dnsmasq configuration to work with system wide dnsmasq-base - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default machine type correctly with newer qemu/libvirt - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for (LP 1861125) fixups - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP 1887592) - d/libvirt-daemon-system.libvirt-guests.default: shut guests down in parallel - Apparmor Delta that is Ubuntu specific or yet to be upstreamed split into logical pieces. File names in debian/patches/ubuntu-aa/: + 0020-virt-aa-helper-ubuntu-storage-paths.patch: apparmor, virt-aa-helper: Allow various storage pools and image locations + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, libvirt-qemu: Add 9p support + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: virt-aa-helper: Ask for no deny rule for readonly disk + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: apparmor, libvirt-qemu: Allow reading charm-specific ceph config + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621 LP 1680384 LP 1784023) + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: apparmor, virt-aa-helper: access for snapped nova + lp-1815910-allow-vhost-hotplug.patch: avoid apparmor issues with vhost-net/vhost-vsock/vhost-scsi hotplug (LP 1815910) - libvirt should not use user/group tss for swtpm (LP 1948880) + d/libvirt-daemon-system.postinst: own swtpm logdir by user swtpm + d/p/u/swtpm-by-swtpm-user.patch: change default spawned swtpm processes to user swtpm and adapt expected self test result changes triggered by this + d/libvirt-daemon-system.postinst: create user/group swtpm if not present due to swtpm-tools (LP 1951975) - d/control: Use libc6-dev instead of libc-dev as a build dependency - d/libvirt-clients.lintian-overrides: Add script-not-executable lintian override - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI for users via user profile (xen URI on dom0, qemu:///system otherwise) + Update: Set LIBVIRT_DEFAULT_URI to "qemu:///system" in all cases, do not set to "xen:///" (LP #2027838) - d/control: Demote passt to Suggests (from Recommends) for libvirt-daemon-driver-qemu, because passt is in universe. * Drop changes (present in the new upstream version): - d/p/u/lp-2051754-*.patch: Backport upstream fix for LP: #2051754. - SECURITY UPDATE: off-by-one in udevListInterfacesByStatus() + debian/patches/CVE-2024-1441.patch: properly check count in src/interface/interface_backend_udev.c. + CVE-2024-1441 - SECURITY UPDATE: crash in RPC library + debian/patches/CVE-2024-2494.patch: check values in src/remote/remote_daemon_dispatch.c, src/rpc/gendispatch.pl. + CVE-2024-2494 - SECURITY UPDATE: stack use-after-free in virNetClientIOEventLoop() + debian/patches/CVE-2024-4418.patch: ensure temporary GSource is removed from client event loop in src/rpc/virnetclient.c. + CVE-2024-4418 - d/p/u/lp-2071848-fix-migration-with-disabled-vmx-features.patch: Fix migration issues with disabled vmx-* CPU features. (LP #2071848) -- Sergio Durigan Junior <email address hidden> Tue, 23 Jul 2024 18:42:08 -0400
Available diffs
libvirt (10.0.0-2ubuntu8.3) noble; urgency=medium
* d/p/u/lp-2071848-fix-migration-with-disabled-vmx-features.patch:
Fix migration issues with disabled vmx-* CPU features. (LP: #2071848)
-- Sergio Durigan Junior <email address hidden> Fri, 05 Jul 2024 14:48:04 -0400
Available diffs
libvirt (10.0.0-2ubuntu9) oracular; urgency=medium
* d/p/u/lp-2071848-fix-migration-with-disabled-vmx-features.patch:
Fix migration issues with disabled vmx-* CPU features. (LP: #2071848)
-- Sergio Durigan Junior <email address hidden> Thu, 04 Jul 2024 16:06:28 -0400
Available diffs
| Superseded in oracular-release |
| Deleted in oracular-proposed (Reason: Moved to oracular) |
| Superseded in noble-updates |
| Published in noble-security |
libvirt (10.0.0-2ubuntu8.2) noble-security; urgency=medium
* SECURITY UPDATE: stack use-after-free in virNetClientIOEventLoop()
- debian/patches/CVE-2024-4418.patch: ensure temporary GSource is
removed from client event loop in src/rpc/virnetclient.c.
- CVE-2024-4418
-- Marc Deslauriers <email address hidden> Mon, 06 May 2024 09:12:37 -0400
Available diffs
| Superseded in oracular-proposed |
| Superseded in oracular-proposed |
| Superseded in noble-updates |
| Superseded in noble-security |
libvirt (10.0.0-2ubuntu8.1) noble-security; urgency=medium
* SECURITY UPDATE: off-by-one in udevListInterfacesByStatus()
- debian/patches/CVE-2024-1441.patch: properly check count in
src/interface/interface_backend_udev.c.
- CVE-2024-1441
* SECURITY UPDATE: crash in RPC library
- debian/patches/CVE-2024-2494.patch: check values in
src/remote/remote_daemon_dispatch.c, src/rpc/gendispatch.pl.
- CVE-2024-2494
-- Marc Deslauriers <email address hidden> Thu, 18 Apr 2024 11:42:32 -0400
Available diffs
libvirt (6.0.0-0ubuntu8.20) focal; urgency=medium
* d/p/u/lp2059272-2-qemu-Wait-qemuProcessReconnect-threads-in-cleanup.patch:
Remove patch. It is not possible to wait for qemuProcessReconnect()
in cleanup: it talks to QEMU monitor, which blocks on replies from
event loop, but it's already stopped at cleanup, delaying shutdown.
* d/p/u/lp2059272-2-qemu-Do-not-save-XML-in-shutdown-on-init.patch:
Instead of waiting at cleanup for threads which might be blocked
thus would _not even reach_ the function that causes the problem,
just skip that function if it is _actually reached_ while daemon
shutdown is in progress. That is in the init path and would just
run again anyway the next time libvirtd is started (LP: #2059272)
* NOTE: This package contains the changes from 6.0.0-0ubuntu8.18 and
6.0.0-0ubuntu8.17 in focal-proposed (with symbolic changelog entry)
superseded by 6.0.0-0ubuntu8.19 in focal-security.
Available diffs
| 1 → 50 of 797 results | First • Previous • Next • Last |
