-
lxc (1:4.0.12-0ubuntu1~20.04.1) focal; urgency=medium
* Cherry-pick upstream bugfixes (stable-4.0):
- 0002-lxc-checkconfig-Fix-bashism.patch
- 0003-doc-Fix-reverse-allowlist-denylist.patch
* New upstream bugfix release (4.0.12) (LP: #1959993):
(https://discuss.linuxcontainers.org/t/lxc-4-0-12-has-been-released/13288)
- Fixed CRIU restoration of containers with pre-created veth interfaces
- Fixed issue with kernels lacking SMT support
- Extended cgroup2 config options in lxc.mount.auto (cgroup2)
- lxc-download now relies on HTTPS for validation (avoids GPG issues)
* New upstream bugfix release (4.0.11):
(https://discuss.linuxcontainers.org/t/lxc-4-0-11-has-been-released/12427)
- Core scheduling support (lxc.sched.core)
- riscv64 support in lxc.arch
- Significantly improved bash completion profile
- Greater use of the new VFS mount API (when supported by the kernel)
- Fix containers with empty network namespaces
- Handle kernels that lack TIOCGPTPEER
- Improve CPU bitmask/id handling (handle skipped CPU numbers)
- Reworked the tests to run offline
* New upstream bugfix release (4.0.10):
(https://discuss.linuxcontainers.org/t/lxc-4-0-10-has-been-released/11618)
- Fix issues with less common architectures
- Support for additional idmap mounts
- nft support in lxc-net
- Cleaner mount entries for sys:mixed
- Switched GPG server to keyserver.ubuntu.com
* New upstream bugfix release (4.0.9):
(https://discuss.linuxcontainers.org/t/lxc-4-0-9-has-been-released/10999)
- Fix incorrect personality setting when running 32bit containers on 64bit
* New upstream bugfix release (4.0.8):
- Fix CGroup attach against older running containers
* New upstream bugfix release (4.0.7):
- Testing improvements including fixes from oss-fuzz
- Rework of the attach codepath
- Cgroup handling rework
* Bump to debhelper 12 (allows focal SRUs)
* Bump standards to 4.6.0.1
* Add lintian overrides for incorrect bashism detection
* Remove bash completion install logic (now done upstream)
-- Stéphane Graber <email address hidden> Thu, 03 Feb 2022 23:50:20 -0500
-
lxc (1:4.0.6-0ubuntu1~20.04.1) focal; urgency=medium
* Backport hirsute fixes to focal. (LP: #1923232)
-- Serge Hallyn <email address hidden> Fri, 09 Apr 2021 11:19:38 -0500
-
lxc (1:4.0.2-0ubuntu1) focal; urgency=medium
* New ypstream bugfix release (4.0.2):
- RISC-V 64bit support
- Better group handling in lxc-user-nic
- Seccomp syscall interception fix for newer kernels
- CGroup v1 limits are now automatically skipped on v2 systems
- Fix a variety of issues identified by the Coverity Scan service
-- Stéphane Graber <email address hidden> Thu, 16 Apr 2020 15:52:36 -0400
-
lxc (1:4.0.1-0ubuntu2) focal; urgency=medium
* Cherry-pick upstream fixes:
- 0001-Allocate-new-lxcbr0-subnet-at-startup-time.patch
- 0002-start-ensure-all-file-descriptors-are-closed-during-.patch
- 0003-syscall_numbers-handle-riscv.patch
- 0004-lxc_user_nic-simplify-group-retrieval.patch
- 0005-lxc_user_nic-continue-when-we-failed-to-find-a-group.patch
- 0006-cgroups-whitespace-fixes.patch
- 0007-seccomp-newer-kernels-require-the-buffer-to-be-zeroe.patch
-- Stéphane Graber <email address hidden> Wed, 08 Apr 2020 23:33:44 -0400
-
lxc (1:4.0.1-0ubuntu1) focal; urgency=medium
* New upstream bugfix release (4.0.1):
- Tweak systemd ordering (start after remote-fs.target)
- Fix various issues around attach and cgroups
- Fix shutdown timeout not working on pidfd systems
- Fix cgroup issue on 4.9 kernel
- Fix write issues in /dev/stdout
* Fix upgrade ordering (LP: #1870483)
* Update lintian overrides:
- Drop epoch bump override (no longer detecting it)
- Add /usr/libexec override (LXC only uses /usr/lib)
-- Stéphane Graber <email address hidden> Mon, 06 Apr 2020 16:24:28 -0400
-
lxc (1:4.0.0-0ubuntu2) focal; urgency=medium
* Cherry-pick upstream bugfixes:
- 0036-fix-non-root-user-cannot-write-dev-stdout.patch
- 0037-cgroups-fix-uninitialized-transient_len-warning.patch
- 0038-utils-rework-fix_stdio_permissions.patch
- 0039-utils-use-setres-u-g-id-in-lxc_switch_uid_gid.patch
- 0040-cgroups-fix-build-warning-on-GCC-7.patch
- 0041-lxccontainer-poll-takes-millisecond-not-seconds.patch
-- Stéphane Graber <email address hidden> Thu, 02 Apr 2020 12:25:20 -0400
-
lxc (1:4.0.0-0ubuntu1) focal; urgency=medium
* Bump epoch to match Debian. (LP: #1837537)
* New upstream release (4.0.0):
- Fixes (LP: #1867535, LP: #1861880, LP: #1858799, LP: #1831258)
- cgroups: Full cgroup2 support
- cgroups: Freezer support in CGroup2
- cgroups: eBPF device controller support in CGroup2
- config: Add lxc.autodev.tmpfs.size configuration key
- config: Add lxc.selinux.context.keyring key
- config: Add lxc.keyring.session
- file utils: Add fopen_cached() and fdopen_cached
- api: Add new init_pidfd() member
- memory utils: Add new cleanup api
- lxc-usernsexec: Make it easy to map own uid
- seccomp: Add s390 support
- syscalls: Improve manual syscall implementations
- network: Improved network device creation and removal
- network: Allow moving wireless devices
* Cherry-pick upstream bugfixes:
- 0002-lxc_init-move-main-down.patch
- 0003-lxc_init-add-missing-O_CLOEXEC.patch
- 0004-lxc.service-Starts-after-remote-fs.target-to-allow-c.patch
- 0005-tree-wide-harden-mount-option-parsing.patch
- 0006-dir-use-cleanup-macro-in-dir_mount.patch
- 0007-dir-improve-dir-backend.patch
- 0008-cgroups-fix-attaching-to-the-unified-cgroup.patch
- 0009-conf-rework-and-fix-leak-in-userns_exec_1.patch
- 0010-commands-log-actual-errno-when-lxc_cmd_get_cgroup2_f.patch
- 0011-cgroups-move-pointer-dereference-after-check.patch
- 0012-cgroups-rework-__cg_unified_attach.patch
- 0013-attach-use-close_prot_errno_disarm.patch
- 0014-cgroups-remove-unused-variable.patch
- 0015-cgroups-fix-unified-cgroup-attach.patch
- 0016-fixup-i-o-handler-return-values.patch
- 0017-Revert-cgroups-fix-unified-cgroup-attach.patch
- 0018-conf-introduce-and-use-userns_exec_minimal.patch
- 0019-conf-simplify-userns_exec_minimal.patch
- 0020-cgroups-use-hidden-directory-for-attaching-cgroup.patch
- 0021-cgroups-please-compilers.patch
- 0022-monitor-process-exited-by-signal-SIGKILL-clean-cgrou.patch
- 0023-cgroups-move-check-for-valid-monitor-process-up.patch
- 0024-cgroups-better-helper-naming.patch
- 0025-tree-wide-s-recursive_destroy-lxc_rm_rf-g.patch
- 0026-verify-cgroup-controller-name.patch
- 0027-cgroups-handle-older-kernels-e.g.-v4.9.patch
- 0028-start-log-error-when-failing-to-create-cgroup.patch
- 0029-cgroups-send-two-attach-fds.patch
- 0030-cgroups-send-two-fds-to-attach-to-unified-cgroup.patch
- 0031-start-remove-unnecessary-check-for-valid-cgroup_ops.patch
- 0032-init-add-ExecReload-to-lxc.service-to-only-reload-pr.patch
- 0033-apparmor-generate-ro-bind-remount-rule-list.patch
- 0034-autotools-don-t-install-run-coccinelle.sh.patch
- 0035-systemd-Add-Documentation-key.patch
* Bump to new standards (4.5.0)
* Move manpages to the correct packages (libpam-cgfs, libpam-common)
* Refresh lintian overrides (lxc-utils)
-- Stéphane Graber <email address hidden> Wed, 01 Apr 2020 17:35:58 -0400
-
lxc (3.0.4-0ubuntu3) focal; urgency=medium
* No-change rebuild for libgcc-s1 package name change.
-- Matthias Klose <email address hidden> Sun, 22 Mar 2020 16:48:35 +0100
-
lxc (3.0.4-0ubuntu2) focal; urgency=medium
* Cherry-pick upstream bugfixes (LP: #1848587):
- tests: use /dev/loop-control instead of /dev/network_latency
-- Stéphane Graber <email address hidden> Tue, 26 Nov 2019 12:22:37 -0500
-
lxc (3.0.4-0ubuntu1) eoan; urgency=medium
* New upstream bugfix release (3.0.4).
* Cherry-pick upstream bugfixes:
- cgfsng: fix memory leak in lxc_cpumask_to_cpulist
- cgroups: use __do_free
- cgroups: move variables into tighter scope
- cgroups: simplify cgfsng_setup_limits()
- cgroups: use __do_free in cgfsng_attach()
- cgroups: move variable into tighter scope
- cgroups: move variable into tighter scope
- cgroups: simplify cgfsng_nrtasks()
- cgroups: move variable into tighter scope
- cgroups: correctly order variables
- cgroups: move variable into tighter scope
- fix memory leak in do_storage_create
- Move code/variable in smaller scope
- start: expose LXC_PID to network hooks too
- cgroups: hande cpuset initialization race
- pidf_send_signal: fix return value
- cgroup: check for non-empty conf
- typo fix
- Suppress hardcoded table sizes
- lxc/log: add error_log_errno macro
- pidfds: don't print a scary warning on ENOSYS
- cgroups: initialize cpuset properly
- lxccontainer: fix detaching wlan devices
- utils: fix wrong integer of a function parameter
- lxc.pc: Fix invalid @DLOG_LIBS@
* debian/control: Set Rules-Requires-Root to no
* debian/control: Bump standards to 4.4.0
* debian/upstream: Reduce size of GPG key
* debian/source: Remove unused lintian override
-- Stéphane Graber <email address hidden> Mon, 07 Oct 2019 19:24:07 -0400
