-
libvirt (1.2.2-0ubuntu13.1.28) trusty-security; urgency=medium
* SECURITY UPDATE: Add support for md-clear functionality
- debian/patches/md-clear.patch: Define md-clear CPUID bit in
src/cpu/cpu_map.xml.
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
-- Steve Beattie <email address hidden> Thu, 16 May 2019 12:56:28 -0700
-
libvirt (1.2.2-0ubuntu13.1.27) trusty-security; urgency=medium
* SECURITY UPDATE: QEMU monitor DoS
- debian/patches/CVE-2018-1064.patch: add size limit to
src/qemu/qemu_agent.c.
- CVE-2018-1064
* SECURITY UPDATE: Speculative Store Bypass
- debian/patches/CVE-2018-3639-1.patch: define the 'ssbd' CPUID feature
bit in src/cpu/cpu_map.xml.
- debian/patches/CVE-2018-3639-2.patch: define the 'virt-ssbd' CPUID
feature bit in src/cpu/cpu_map.xml.
- CVE-2018-3639
-- Marc Deslauriers <email address hidden> Wed, 23 May 2018 14:23:45 -0400
-
libvirt (1.2.2-0ubuntu13.1.26) trusty-security; urgency=medium
* SECURITY UPDATE: resource exhaustion resulting in DoS
- debian/patches/CVE-2018-5748.patch: avoid DoS reading from
QEMU monitor in src/qemu/qemu_monitor.c.
- CVE-2018-5748
* SECURITY UPDATE: Bypass authentication
- debian/patches/CVE-2016-5008.patch: let empty default VNC
password work as documented in src/qemu/qemu_hotplug.c.
- CVE-2016-5008
-- <email address hidden> (Leonidas S. Barbosa) Fri, 16 Feb 2018 07:51:15 -0500
-
libvirt (1.2.2-0ubuntu13.1.25) trusty-security; urgency=medium
* SECURITY UPDATE: Add support for Spectre mitigations
- debian/patches/CVE-2017-5715-ibrs*.patch: add CPU features for
indirect branch prediction protection and add new *-IBRS CPU models.
- debian/control: add Breaks to get updated qemu with new CPU models.
- CVE-2017-5715
-- Marc Deslauriers <email address hidden> Thu, 01 Feb 2018 15:00:47 -0500
-
libvirt (1.2.2-0ubuntu13.1.23) trusty; urgency=medium
* d/libvirt-bin.init, d/libvirt-bin.upstart: fix waiting for the libvirt
socket (LP: #1571209)
- avoid timing out on slow systems (only stop when service is stopped)
- fix whitespace damage formerly added to d/libvirt-bin.init
- no more long sleep without announcing to log
- check socket and service status more often for lower latency on changes
- fix check if unix_sock_dir path is set in /etc/libvirt/libvirtd.conf
- fix the upstart service name that is checked
-- Christian Ehrhardt <email address hidden> Thu, 07 Sep 2017 14:22:45 +0200
-
libvirt (1.2.2-0ubuntu13.1.22) trusty; urgency=medium
* fix guest channel support (LP: #1393842).
- d/p/virt-aa-helper-add-trusty-guest-agent-rule.patch: add apparmor rule
for channels within guest namespace.
- d/libvirt-bin.postinst: create channel directories if needed.
-- Christian Ehrhardt <email address hidden> Mon, 28 Aug 2017 12:14:08 +0200
-
libvirt (1.2.2-0ubuntu13.1.21) trusty; urgency=medium
* d/libvirt-bin.postinst: call apparmor_parser with options to
ignore the apparmor cache and rebuild it, otherwise old apparmor
rules are used and this might break upgrades (LP: #1707400)
-- Andreas Hasenack <email address hidden> Tue, 01 Aug 2017 11:58:38 -0300
-
libvirt (1.2.2-0ubuntu13.1.20) trusty; urgency=medium
[ Rafael David Tinoco ]
* d/p/reject-blockcommit-of-active-layer.patch:
Block commit code isn't ready for QEMU 2.0 and has to be blocked.
This avoids virsh to hang forever on blackcommit jobs.
(LP: #1317491)
-- Christian Ehrhardt <email address hidden> Wed, 22 Feb 2017 09:44:02 +0100
-
libvirt (1.2.2-0ubuntu13.1.19) trusty; urgency=low
* Revert d/p/virt-aa-helper-add-nvram-store-file.patch: nvram does not
exist as a sub-element of loader. This breaks the build in 14.04/Trusty.
* d/apparmor/usr.sbin.libvirtd: Allow execution of qemu-dm from
libvirtd (LP: #1546978).
* d/p/virt-aa-helper-add-guest-agent-rule.patch: Fix qemu-guest-channel
permissions (LP: #1393842).
libvirt (1.2.2-0ubuntu13.1.18) trusty; urgency=medium
* d/p/virt-aa-helper-handle-ovmf and
d/p/virt-aa-helper-add-nvram-store-file.patch: Support OVMF images in
virt-aa-helper. (LP: #1483071)
* virt-aa-helper apparmor policy: add 'network inet6' (LP: #1511830)
-- Stefan Bader <email address hidden> Mon, 04 Apr 2016 14:40:16 +0200
-
libvirt (1.2.2-0ubuntu13.1.18) trusty; urgency=medium
* d/p/virt-aa-helper-handle-ovmf and
d/p/virt-aa-helper-add-nvram-store-file.patch: Support OVMF images in
virt-aa-helper. (LP: #1483071)
* virt-aa-helper apparmor policy: add 'network inet6' (LP: #1511830)
-- Serge Hallyn <email address hidden> Thu, 25 Feb 2016 20:30:29 -0800
-
libvirt (1.2.2-0ubuntu13.1.17) trusty; urgency=medium
* d/p/fix-util-don-t-fail-if-no-portdata-is-found.patch:
make ovs-vsctl not raise error if there's no portData available.
(LP: #1540537).
-- Jorge Niedbalski <email address hidden> Thu, 04 Feb 2016 16:58:31 +0100
-
libvirt (1.2.2-0ubuntu13.1.16) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via incorrect ACL check handling
- debian/patches/CVE-2014-8136.patch: properly unlock vm on failed ACL
check in src/qemu/qemu_driver.c.
- CVE-2014-8136
* SECURITY UPDATE: VNC password leak via snapshots and save images
- debian/patches/CVE-2015-0236.patch: check ACLs when dumping security
info in src/qemu/qemu_driver.c, src/remote/remote_protocol.x.
- CVE-2015-0236
* SECURITY UPDATE: ACL bypass using storage pool directory traversal
- debian/patches/CVE-2015-5313.patch: filter filesystem volume names in
src/storage/storage_backend_fs.c.
- CVE-2015-5313
* This package does _not_ contain the changes from 1.2.2-0ubuntu13.1.15
in trusty-proposed.
-- Marc Deslauriers <email address hidden> Fri, 08 Jan 2016 10:03:14 -0500
-
libvirt (1.2.2-0ubuntu13.1.15) trusty; urgency=medium
* 9037-virt-aa-helper-add-unix-channels-esp-for-qemu-guest-.patch: Allow
libvirt domains to start when using qemu guest agent. (LP: #1393842)
* create /var/lib/libvirt/qemu/channel/target (LP: #1393842)
- libvirt-bin.dirs: add /var/lib/libvirt/qemu/channel/target
- libvirt-bin.postinst: chown target directory to libvirt-qemu:kvm so
qemu can create the unix sockets.
* debian/apparmor/libvirt-qemu:
allow serial console backed by pts chardev (LP: #1342083)
-- Serge Hallyn <email address hidden> Thu, 27 Aug 2015 14:05:46 -0500
-
libvirt (1.2.2-0ubuntu13.1.14) trusty; urgency=medium
[ Seyeong Kim ]
* d/p/fix_libvirtd_killed_by_sigsegv.patch: fix incorrect backport
(LP: #1464175)
-- Chris J Arges <email address hidden> Wed, 08 Jul 2015 10:52:41 -0500
-
libvirt (1.2.2-0ubuntu13.1.13) trusty; urgency=medium
[ Seyeong Kim ]
* virObjectUnref() libvirtd killed by SIGSEGV (LP: #1464175)
- upstream, util: identity: Harden virIdentitySetCurrent()
- upstream, daemon: Clear fake domain def object that is used to check
ACL prior to use
- upstream, rpc: Don't unref identity object while callbacks still can
be executed
[ Edward Hope-Morley ]
* Add post-start to upstart (/etc/init/libvirt-bin.conf) and
sysv (/etc/init.d/libvirt-bin) to ensure libvirt-sock
created before up (LP: #1455608)
* Re-enable Support-incoming-migration-from-13.10-hosts.patch. (LP: #1425619)
-- Chris J Arges <email address hidden> Wed, 01 Jul 2015 09:07:08 -0500
-
libvirt (1.2.2-0ubuntu13.1.12) trusty-proposed; urgency=medium
* Drop Support-incoming-migration-from-13.10-hosts.patch as it failed
verification.
libvirt (1.2.2-0ubuntu13.1.11) trusty-proposed; urgency=medium
* Support-incoming-migration-from-13.10-hosts.patch (LP: #1425619)
* qemu-filterref-crash.patch: fix crash when removing filterref from
interfaces (LP: #1448205)
* storage_backend_rbd-correct-arg-order-to-rbd_create3: fix reversed
arguments to rbd_create3. (LP: #1447030)
-- Serge Hallyn <email address hidden> Thu, 18 Jun 2015 14:21:06 -0500
-
libvirt (1.2.2-0ubuntu13.1.11) trusty-proposed; urgency=medium
* Support-incoming-migration-from-13.10-hosts.patch (LP: #1425619)
* qemu-filterref-crash.patch: fix crash when removing filterref from
interfaces (LP: #1448205)
* storage_backend_rbd-correct-arg-order-to-rbd_create3: fix reversed
arguments to rbd_create3. (LP: #1447030)
-- Serge Hallyn <email address hidden> Wed, 13 May 2015 11:06:11 -0500
-
libvirt (1.2.2-0ubuntu13.1.10) trusty-proposed; urgency=medium
* 9035-qemu-snapshot-save-persistent-domain-config: upstream fix for a
regression where persistent domain config was not saved after an external
snapshot. (LP: #1403841)
* 9036-dont-fail-without-cpu-model.patch: fix virsh safe with cpu mode =
host-passthrough (LP: #1262641)
-- Serge Hallyn <email address hidden> Tue, 10 Feb 2015 14:34:16 -0600
-
libvirt (1.2.2-0ubuntu13.1.9) trusty-proposed; urgency=medium
* apparmor libvirt-qemu template: allow reading charm-specific ceph config
and allow reading under /tmp and /var/tmp (for SRU only) (LP: #1403648)
* numa-cgroups-fix-cpuset-mems-init.patch - cherrypicked, refreshed patch
(by Richard Laager) to fix failure to start on numa node 1 (LP: #1404388)
* libvirt-qemu: add r to sgabios.bin (LP: #1393548)
-- Serge Hallyn <email address hidden> Tue, 06 Jan 2015 10:39:15 -0600
-
libvirt (1.2.2-0ubuntu13.1.8) trusty-proposed; urgency=medium
* complete the 9p support: (LP: #1378434)
- libvirt-qemu: add fowner and fsetid
- virt-aa-helper: add 'l' to 9p file options
* libvirt-qemu apparmor template: add /sys/firmware/devicetree/** r
(LP: #1374554)
* add mising apparmor permissions for slof (LP: #1374554)
-- Serge Hallyn <email address hidden> Tue, 11 Nov 2014 16:39:22 -0600
-
libvirt (1.2.2-0ubuntu13.1.7) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via virConnectListAllDomains
- debian/patches/CVE-2014-3633.patch: fix domain deadlock in
src/conf/domain_conf.c.
- CVE-2014-3633
* SECURITY UPDATE: xml information leak with read-only connections
- debian/patches/CVE-2014-7823.patch: check for migratable flag in
src/libvirt.c, src/remote/remote_protocol.x.
- CVE-2014-3657
-- Marc Deslauriers <email address hidden> Mon, 10 Nov 2014 19:48:54 -0500
-
libvirt (1.2.2-0ubuntu13.1.6) trusty-proposed; urgency=medium
* 9029-ovs-delete-port-if-it-exists-when-adding-new-one: cherrypick commit
33445ce from upstream (LP: #1343262)
* fix migration failure with ssh password authentication (LP: #1365947)
- 9030-virsh-add-keepalive-in-new-vshconnect-fn
- 9031-cmdmigrate-move-vshconnect-before-vshwatchjob
- 9032-virsh-initialize-vsh-data-in-cmdmigrate
* libvirt-bin.postinst: check for confiles whichhave been removed rather
than fail package install (LP: #1375910)
* Support incoming migration from 12.04 hosts (LP: #1374622)
- debian/patches/support-incoming-qemu-kvm: add a flag to
/etc/libvirt/qemu.conf to specify whether pc-1.0 came from a 12.04 host
- Add a note in README.Debian.
-- Serge Hallyn <email address hidden> Tue, 30 Sep 2014 13:54:31 -0500
-
libvirt (1.2.2-0ubuntu13.1.5) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service and possible information disclosure
via crafted XML document
- debian/patches/CVE-2014-0179.patch: don't expand entities when
parsing XML in src/util/virxml.c.
- CVE-2014-0179
- CVE-2014-5177
* SECURITY UPDATE: denial of service or information disclosure via
virDomainGetBlockIoTune
- debian/patches/CVE-2014-3633.patch: use correct definition when
looking up disk in src/qemu/qemu_driver.c.
- CVE-2014-3633
-- Marc Deslauriers <email address hidden> Mon, 29 Sep 2014 15:27:53 -0400
-
libvirt (1.2.2-0ubuntu13.1.4) trusty-proposed; urgency=medium
* debian/apparmor/usr.sbin.libvirtd - add cap-sys-resource to fully
fix (LP: #1276719)
libvirt (1.2.2-0ubuntu13.1.3) trusty-proposed; urgency=medium
* 9026-fix-apparmor-profile-for-vfio-pci-passthrough - allow VFIO passthrough
(LP: #1276719)
* 9027-virt-aa-helper-allow-access-to-vhost-net - allow access to
/dev/vhost-net if domain needs it (LP: #1322568)
-- Serge Hallyn <email address hidden> Thu, 07 Aug 2014 12:46:22 -0500
-
libvirt (1.2.2-0ubuntu13.1.3) trusty-proposed; urgency=medium
* 9026-fix-apparmor-profile-for-vfio-pci-passthrough - allow VFIO passthrough
(LP: #1276719)
* 9027-virt-aa-helper-allow-access-to-vhost-net - allow access to
/dev/vhost-net if domain needs it (LP: #1322568)
-- Serge Hallyn <email address hidden> Thu, 31 Jul 2014 20:14:22 +0000
-
libvirt (1.2.2-0ubuntu13.1.2) trusty; urgency=low
* debian/apparmor/usr.sbin.libvirtd: allow libvirtd to run
libxl-save-helper (required for save restore through libxl).
(LP: #1334195)
* debian/apparmor/usr.sbin.libvirtd: allow pygrub to be run
(LP: #1326003)
* debian/patches/libxl-Support-PV-consoles.patch
Enable console support for PV guests (LP: #1334738)
-- Stefan Bader <email address hidden> Thu, 26 Jun 2014 16:03:42 +0200
-
libvirt (1.2.2-0ubuntu13.1.1) trusty-proposed; urgency=medium
* debian/apparmor/libvirt-qemu: add device-tree access for ppc
(LP: #1321365)
-- Serge Hallyn <email address hidden> Thu, 05 Jun 2014 11:26:22 -0500
-
libvirt (1.2.2-0ubuntu13.1) trusty-proposed; urgency=medium
* debian/control: change apparmor dependency into an inverse conflicts,
so that libvirt can continue to be used without apparmor. (LP: #1304167)
-- Serge Hallyn <email address hidden> Thu, 17 Apr 2014 10:42:08 -0500
-
libvirt (1.2.2-0ubuntu13) trusty; urgency=medium
* Add a dependency on the new apparmor to make sure we have the new
parser around before we attempt to load a profile requiring the new
stanza support. (LP: #1304167)
-- Serge Hallyn <email address hidden> Mon, 14 Apr 2014 11:03:37 -0500
-
libvirt (1.2.2-0ubuntu12) trusty; urgency=low
* d/p/libxl-support-sexpr-in-native-to-XML-conversion.patch:
Allow to use libvirt to convert xend guest configurations into
xml format.
* Add libvirt-migrate-xend-managed-domains migration script.
(LP: #1303886)
* Added breaks for xen-utils-4.(1|3) to ensure postinst order.
-- Stefan Bader <email address hidden> Tue, 08 Apr 2014 19:55:29 +0200
-
libvirt (1.2.2-0ubuntu11) trusty; urgency=medium
* debian/patches/recognize-trusty-machine-type.patch: Revert patch
since it was causing issues with virtio deivces. (LP: #1304107)
-- Chuck Short <email address hidden> Tue, 08 Apr 2014 12:51:55 -0400
-
libvirt (1.2.2-0ubuntu10) trusty; urgency=medium
* d/p/recognize-trusty-machine-type.patch: handle "trusty" qemu machine type
(LP: #1294823)
-- Serge Hallyn <email address hidden> Fri, 04 Apr 2014 09:29:22 -0500
-
libvirt (1.2.2-0ubuntu9) trusty; urgency=medium
[ Jamie Strandboge ]
* updates for AppArmor signals and ptrace mediation (LP: #1298611)
- debian/apparmor/libvirt-qemu: allow guests to receive signals from and
be tracedby libvirtd (additional signal and ptrace rules come from the
AppArmor base abstraction)
- debian/apparmor/usr.sbin.libvirtd:
+ grant bare signal and ptrace rule
+ grant dbus on the system bus (should have been added in 13.10)
-- Tyler Hicks <email address hidden> Thu, 03 Apr 2014 02:09:53 -0500
-
libvirt (1.2.2-0ubuntu8) trusty; urgency=medium
* debian/apparmor/libvirt-qemu: Allow qemu-system-aarch64 to be used.
(LP: #1301516)
-- Chuck Short <email address hidden> Wed, 02 Apr 2014 14:20:39 -0400
-
libvirt (1.2.2-0ubuntu7) trusty; urgency=low
* d/p/libxl-Create-log-directory-earlier.patch:
Move creation of log directory inside function that tries to create
a log file inside of it. Fixes startup when the libxl log directory
has not been created, yet.
* d/p/libxl-do-not-use-virdomain-id.patch:
Replace usage of dom->id with vm->def-id inside the driver (as that
is not getting stale). Fixes guest creation and reboot through
virt-manager (apart from possibly other things).
* d/p/libxl-set-disk-format-for-cdrom.patch:
Set disk format, otherwise an empty virtual CDROM makes the guest
unstartable.
* d/p/libxl-set-vfb0-data-in-build-config.patch:
Actually set video and display data in the domain build info. Beside
of preventing disagreement about VNC ports, this allows to select
standard VGA graphics and more VRAM trhough libvirt.
-- Stefan Bader <email address hidden> Thu, 27 Mar 2014 16:46:31 +0100
-
libvirt (1.2.2-0ubuntu6) trusty; urgency=medium
* debian/libvirt-bin.dirs: Add /var/log/libvirt/libxl.
-- Chuck Short <email address hidden> Mon, 24 Mar 2014 14:32:54 -0400
-
libvirt (1.2.2-0ubuntu5) trusty; urgency=low
* Refreshed d/p/libxl-Check-for-control_d-string-to-decide-about-dom.patch
to avoid logging an error when file is not present.
-- Stefan Bader <email address hidden> Fri, 21 Mar 2014 09:49:36 +0100
-
libvirt (1.2.2-0ubuntu4) trusty; urgency=medium
* debian/patches/arm-cpu-baseline.patch: Implement a stub cpuArchDriver.baseline()
handler for arm.
-- Chuck Short <email address hidden> Mon, 17 Mar 2014 10:59:49 -0400
-
libvirt (1.2.2-0ubuntu3) trusty; urgency=low
* d/p/libxl-Check-for-control_d-string-to-decide-about-dom.patch: Prevent
using the libxl driver when not running in dom0 but having xenfs mounted.
(LP: #1248025)
-- Stefan Bader <email address hidden> Wed, 12 Mar 2014 14:16:14 +0100
-
libvirt (1.2.2-0ubuntu2) trusty; urgency=medium
* d/p/add-a-mutex-to-serialize-updates-to-fw.patch: fix another deadlock
when starting a large number of VMs. (LP: #1228977)
-- Serge Hallyn <email address hidden> Tue, 11 Mar 2014 14:08:02 -0500
-
libvirt (1.2.2-0ubuntu1) trusty; urgency=medium
* New upstream release:
- Rediffed patches:
- debian/patches/Allow-libvirt-group-to-access-the-socket.patch
- debian/patches/9004-libvirtd-group-name.patch
- debian/patches/dnsmasq-as-priv-user
- Dropped patches:
- debian/patches/9005-increase-unix-socket-timeout.patch: No longer
needed.
- debian/patches/rbd-storage-format.patch: No longer needed.
- debian/patches/9022-qemu-enable-host-passthrough-mode-for-aarch64:
No longer needed.
- debian/patches/9023-xen-fix-parsing-xend-http-response.patch:
No longer needed.
- debian/patches/
-- Chuck Short <email address hidden> Mon, 03 Mar 2014 13:30:36 -0500
-
libvirt (1.2.1-0ubuntu10) trusty; urgency=medium
* Pull patch from mailing list (merged with separate patch posted to the
bug) to fix 9p mounts. (LP: #1285995)
-- Serge Hallyn <email address hidden> Fri, 28 Feb 2014 09:34:54 -0600
-
libvirt (1.2.1-0ubuntu9) trusty; urgency=medium
* Cherrypick 9024-qemu-implement-a-stub-baseline-handler-for-aarch64 from
upstream git.
-- Serge Hallyn <email address hidden> Fri, 14 Feb 2014 18:20:03 -0600
-
libvirt (1.2.1-0ubuntu8) trusty; urgency=medium
* Add uvtool image path to virt-aa-helper AppArmor profile.
-- Robie Basak <email address hidden> Fri, 14 Feb 2014 17:54:58 +0000
-
libvirt (1.2.1-0ubuntu7) trusty; urgency=low
* debian/patches/nwfilter-locking.patch: Dropped causes ftbfs.
-- Chuck Short <email address hidden> Thu, 13 Feb 2014 10:07:56 -0700
-
libvirt (1.2.1-0ubuntu6) trusty; urgency=medium
* debian/control: Move pm-utils from suggests to Recommends.
(LP: #1274772)
* debian/patches/patches/nwfilter-locking.patch: Fix nwfilter locking
causing libvirt to crash. (LP: #1228977)
-- Chuck Short <email address hidden> Thu, 06 Feb 2014 14:27:40 -0500
-
libvirt (1.2.1-0ubuntu5) trusty; urgency=low
* cherry-pick "xen: fix parsing xend http response" from upstream
git to fix connecting to xex in xm/xend mode (LP: #915954)
-- Stefan Bader <email address hidden> Thu, 30 Jan 2014 10:05:31 +0000
-
libvirt (1.2.1-0ubuntu4) trusty; urgency=medium
* cherrypick d/p/9022-qemu-enable-host-passthrough-mode-for-aarch64 from
upstream git.
-- Serge Hallyn <email address hidden> Tue, 28 Jan 2014 10:28:09 +0000
-
libvirt (1.2.1-0ubuntu3) trusty; urgency=medium
* d/control: add nfs-common to build-deps (LP: #1264955)
-- Serge Hallyn <email address hidden> Wed, 22 Jan 2014 08:56:01 -0600
-
libvirt (1.2.1-0ubuntu2) trusty; urgency=medium
* debian/patches/rbd-storage-format.patch: Make image format 2 the default
for RBD.
-- Chuck Short <email address hidden> Fri, 17 Jan 2014 10:31:37 -0500
-
libvirt (1.2.1-0ubuntu1) trusty; urgency=medium
* New upstream release:
- Dropped patches:
+ debian/patches/0001-libxl-Fix-devid-init-in-libxlMakeNicList.patch:
No longer needed
+ debian/patches/0001-libxl-Fix-initialization-of-nictype-in-libxl_device_.patch:
No longer needed.
-- Chuck Short <email address hidden> Thu, 16 Jan 2014 09:17:20 -0500
-
libvirt (1.2.0-0ubuntu3) trusty; urgency=medium
* debian/apparmor/usr.lib.libvirt.virt-aa-helper: add
/var/lib/nova/instances/snapshots/** r to allow virt-aa-helper to read
the snapshot directory to find images which VMs should be granted access
to. (LP: #1244694)
-- Serge Hallyn <email address hidden> Thu, 09 Jan 2014 16:39:13 -0600
-
libvirt (1.2.0-0ubuntu2) trusty; urgency=low
* Refresh/fix detection of xm/xl toolstack in use. The previous port
had two glitches, one of them causing the daemon to segfault.
* Cherry-pick "libxl: Fix initialization of nictype in libxl_device_nic"
from upstream to have the same default NIC choice with the libxl driver
as we had with the xen(d) driver (HVM guest uses a emulated rtl8139).
* Cherry-pick "libxl: Fix devid init in libxlMakeNicList" from upstream
to allow HVM guests to be brought up from the libxl driver.
-- Stefan Bader <email address hidden> Thu, 09 Jan 2014 11:19:07 +0100
-
libvirt (1.2.0-0ubuntu1) trusty; urgency=low
* New upstream release:
- Refreshed patches:
+ debian/patches/storage-default-permission-mode-to-0711
- Dropped patches:
+ debian/patches/util_use_w_flag_when_calling_iptables.patch
* debian/control, debian/rules, debian/python.mk,
debian/python-libvirt.install: python libvirt bindings have been
split out into its own source called libvirt-python.
* debian/libvirt-dev.install: Install API files into dev package
-- Chuck Short <email address hidden> Mon, 02 Dec 2013 09:56:17 -0500
-
libvirt (1.1.4-0ubuntu5) trusty; urgency=medium
* Build using dh-autoreconf.
* Enable numa support on ppc64 and ppc64el.
-- Matthias Klose <email address hidden> Sun, 22 Dec 2013 15:55:04 +0100
-
libvirt (1.1.4-0ubuntu4) trusty; urgency=low
* debian/libvirt-dev.install: Add missing libvirt-lxc.so.
-- Chuck Short <email address hidden> Thu, 21 Nov 2013 13:10:58 -0500
-
libvirt (1.1.4-0ubuntu3) trusty; urgency=low
* d/p/accomodate-new-qemu-migration-status-setup.patch: work around
libvirt's not yet knowing of qemu's new migration state, 'setup'.
This can be removed when upstream libvirt has a proper patch. QRT
fails without this.
-- Serge Hallyn <email address hidden> Thu, 14 Nov 2013 08:41:07 -0600
-
libvirt (1.1.4-0ubuntu2) trusty; urgency=low
* debian/patches/9002-better_default_uri_virsh.patch: Update to fix the
FTBFS.
-- Chuck Short <email address hidden> Wed, 13 Nov 2013 11:04:29 -0500
-
libvirt (1.1.4-0ubuntu1) trusty; urgency=low
[ Chuck Short ]
* New upstream version:
- Rediffed patches:
+ d/p/Don-t-enable-default-network-on-boot.patch
+ d/p/ubuntu-xend-probe.patch
+ d/p/Don-t-fail-if-we-can-t-setup-avahi.patch
+ d/p/Disable-failing-virnetsockettest.patch
+ d/p/Don-t-enable-default-network-on-boot.patch
- Dropped patches:
+ d/p/v1.1.1-maint/0001-xen-fix-memory-corruption-in-legacy-driver.patch
+ d/p/v1.1.1-maint/0002-qemu_migration-Don-t-error-on-tunelled-migration-wit.patch
+ d/p/v1.1.1-maint/0003-build-fix-configure-detection-of-if_bridge.h-on-RHEL.patch
+ d/p/v1.1.1-maint/0004-remote-Fix-a-segfault-in-remoteDomainCreateWithFlags.patch
+ d/p/v1.1.1-maint/0005-Revert-build-fix-configure-detection-of-if_bridge.h-.patch
+ d/p/v1.1.1-maint/0006-build-more-workarounds-for-if_bridge.h.patch
+ d/p/v1.1.1-maint/0007-Fix-qemuProcessReadLog-with-non-zero-offset.patch
+ d/p/v1.1.1-maint/0008-Reverse-logic-allowing-partial-DHCP-host-XML.patch
+ d/p/v1.1.1-maint/0009-virsh-domain-Fix-memleak-in-cmdUndefine-with-storage.patch
+ d/p/v1.1.1-maint/0010-virsh-domain-Fix-memleak-in-cmdCPUBaseline.patch
+ d/p/v1.1.1-maint/0011-virbitmap-Refactor-virBitmapParse-to-avoid-access-be.patch
+ d/p/CVE-2013-4296.patch
+ d/p/CVE-2013-4311.patch
+ d/p/CVE-2013-4297.patch
+ d/p/fix-crash-in-libvirtd-when-events
+ d/p/security-provide-supplemental-groups
+ d/p/add-bounds-checking-on-virdomainmigrate
+ d/p/xen-use-internal-interfaces-in-xendomainusedcpus
+ d/p/fix-remote-client-segfault.patch
+ d/p/ubuntu-xend-xmlcreate-double-free.patch
+ d/p/9002-better_default_uri_virsh.patch
[ Serge Hallyn ]
* update and re-add d/p/9002-better_default_uri_virsh.patch. Also patch
new uri-precedence test, as we break it with this patch.
* add d/p/util_use_w_flag_when_calling_iptables.patch (LP: #1245322)
* debian/apparmor/libvirt-qemu: allow access to hugepages mounts
(LP: #1250216)
* debian/apparmor/libvirt-qemu: allow access to usb info (LP: #1245251)
-- Chuck Short <email address hidden> Mon, 11 Nov 2013 11:03:06 -0500
-
libvirt (1.1.1-0ubuntu9) trusty; urgency=low
* debian/apparmor/usr.sbin.libvirtd: add audit_write capability
(LP: #1204616)
-- Serge Hallyn <email address hidden> Wed, 23 Oct 2013 14:09:04 -0500
-
libvirt (1.1.1-0ubuntu8) saucy; urgency=low
* SECURITY UPDATE: denial of service via invalid free in
virFileNBDDeviceAssociate.
- debian/patches/CVE-2013-4297.patch: properly initialize qemunbd in
src/util/virfile.c.
- CVE-2013-4297
-- Marc Deslauriers <email address hidden> Wed, 02 Oct 2013 13:35:14 -0400
