* Merge from debian unstable. Remaining changes:
- debian/control:
* set X-Python-Version to 2.7, as 2.6 is not in oneiric.
* set ubuntu maintainer
* Build-Depends:
- remove [linux-any] from all dependencies
- remove [!linux-any] deps
- swap qemu to qemu-kvm and open-iscsi to open-iscsi-utils in Build-Depends
- remove virtualbox-ose Build-Depends
- add parted and libapparmor-dev Build-Depends
* convert Vcs-Git to Xs-Debian-Vcs-Git
* libvirt-bin Depends: move netcat-openbsd, bridge-utils, dnsmasq-base
(>= 2.46-1), and iptables from Recommends to Depends
* libvirt-bin Recommends: move qemu to Suggests
* libvirt-bin Suggests: add apparmor
* libvirt0 Recommands: move lvm2 to Suggests
- keep debian/libvirt-bin.apport
- keep debian/libvirt-bin.cron.daily
- debian/libvirt-bin.dirs:
* add apparmor, cron.daily, and apport dirs
- debian/libvirt-bin.examples:
* add debian/libvirt-suspendonreboot
- debian/libvirt-bin.install:
* add /etc/apparmor.d files
* add apport hook
- debian/libvirt-bin.manpages:
* add debian/libvirt-migrate-qemu-disks.1
- debian/libvirt-bin.postinst:
* replace libvirt groupname with libvirtd
* add each admin user to libvirtd group
* call apparmor_parser on usr.sbin.libvirtd and usr.lib.libvirt.virt-aa-helper
* call 'libvirt-migrate-qemu-disks -a' after
libvirt-bin has started if migrating from
older than 0.8.3-1ubuntu1
- debian/libvirt-bin.postrm:
* replace libvirt groupname with libvirtd
* remove usr.sbin.libvirtd and usr.lib.libvirt.virt-aa-helper
- keep added files under debian/:
* libvirt-bin.upstart
* libvirt-migrate-qemu-disks
* libvirt-migrate-qemu-disks.1
* libvirt-suspendonreboot
* apparmor profiles
- debian/README.Debian:
* add 'Apparmor Profile' section
* add 'Disk migration' section
- debian/rules:
* move include of debhelper.mk to top of file so DEB_HOST_ARCH_OS
is defined.
* don't build with vbox since virtualbox-ose is in universe
- remove WITH_VBOX, add explicit --without-vbox
* add --with-apparmor to DEB_CONFIGURE_EXTRA_FLAGS
* set DEB_DH_INSTALLINIT_ARGS to '--upstart-only'
* remove unneeded binary-install/libvirt-bin:: and clean::
sections (they only deal with sysvinit stuff)
* add build/libvirt-bin:: section to install
- apparmor files
- apport hooks
- libvirt-migrate-qemu-disks
* debian/patches/series:
- don't apply Debian-specific Debianize-libvirt-guests.patch (sysvinit only)
- don't apply Disable qemu-disable-network.diff.patch
* debian/patches:
- dropped patches:
* 9022-allows-lxc-containers-with-lxcguest.patch (applied upstream)
* 9023-disable-test-poll.patch
* 9024-ftbfs-with-arm.patch (doesnt really fix arm just yet)
* 9025-CVE-2011-2178.patch (applied upstream)
- keep patches:
* 9000-delayed_iff_up_bridge.patch
* 9001-dont_clobber_existing_bridges.patch
* 9002-better_default_uri_virsh.patch
* 9003-better-default-arch.patch
* 9004-libvirtd-group-name.patch
* 9005-increase-unix-socket-timeout.patch
* 9006-default-config-test-case.patch
* 9011-move-ebtables-script.patch
* 9014-skip-nodeinfotest.patch
* 9020-lp545795.patch
* 9021-fix-uint64_t.patch
* 9026-lp795800.patch
[ Jamie Strandboge ]
* 9027-move-apparmor-load-to-genlabel.patch: 0.9.2 introduced a change that
caused aa_change_profile() to be called before the profile was loaded into
the kernel. Adjust AppArmorGenSecurityLabel() in
src/security/security_apparmor.c to load the profile itself, and adjust
AppArmorSetSecurityAllLabel() to reload the profile when stdin_fn is
specified. This patch can be removed in 0.9.3. (LP: #801569)
libvirt (0.9.2-4) unstable; urgency=low
* [398a4dd] New patch Split-out-dlopen-detection.patch. Explicitly pass
-ldl since the lock manager needs it.
* [3be22be] New patch Update-generated-autoconf-files.patch. Update
generated autoconf files
libvirt (0.9.2-3) unstable; urgency=low
* [008e65d] New patch Skip-nodeinfo-test-on-non-intel-architectures.patch:
Skip nodeinfo test on non intel architectures since the testfiles assume a
/proc/cpuinfo specific to this architecture.
libvirt (0.9.2-2) unstable; urgency=low
* [17570fc] Enable OpenVZ on Linux only (Closes: #630099)
* [31a35bc] New patch nodeinfo-remove-superfluous-braces.patch
nodeinfo: remove superfluous braces to fix compilation on non intel
architectures
libvirt (0.9.2-1) unstable; urgency=low
* [c6187ec] New upstream version 0.9.2
* [368375a] Update netcat detection to new code
* [e3319ee] Drop security-plug-regression-introduced-in-disk-probe-lo.patch
applied upstream
* [a1428a7] Refresh patches
* [77590ee] Update symbols
* [0626972] Depend on iproute
* [a1b211d] Version dependency on iptables and drop
Disable-CHECKSUM-rule.patch (Closes: #627595)
libvirt (0.9.1-2) unstable; urgency=high
* [4fbc990] New patch security-plug-regression-introduced-in-disk-probe-lo.
patch (Closes: #629128)
- Fixes: CVE-2011-2178
-- Chuck Short <email address hidden> Wed, 22 Jun 2011 11:09:15 -0400
This bug was fixed in the package libvirt - 0.9.2-4ubuntu1
---------------
libvirt (0.9.2-4ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes:
open- iscsi-utils in Build-Depends libvirt- bin.apport libvirt- bin.cron. daily libvirt- bin.dirs: libvirt- bin.examples: libvirt- suspendonreboot libvirt- bin.install: libvirt- bin.manpages: libvirt- migrate- qemu-disks. 1 libvirt- bin.postinst:
usr.lib. libvirt. virt-aa- helper migrate- qemu-disks -a' after libvirt- bin.postrm:
usr.lib. libvirt. virt-aa- helper migrate- qemu-disks migrate- qemu-disks. 1 suspendonreboot README. Debian: EXTRA_FLAGS INSTALLINIT_ ARGS to '--upstart-only' install/ libvirt- bin:: and clean:: migrate- qemu-disks patches/ series: libvirt- guests. patch (sysvinit only) network. diff.patch lxc-containers- with-lxcguest. patch (applied upstream) test-poll. patch with-arm. patch (doesnt really fix arm just yet) 2011-2178. patch (applied upstream) iff_up_ bridge. patch clobber_ existing_ bridges. patch default_ uri_virsh. patch default- arch.patch group-name. patch unix-socket- timeout. patch config- test-case. patch ebtables- script. patch nodeinfotest. patch uint64_ t.patch
- debian/control:
* set X-Python-Version to 2.7, as 2.6 is not in oneiric.
* set ubuntu maintainer
* Build-Depends:
- remove [linux-any] from all dependencies
- remove [!linux-any] deps
- swap qemu to qemu-kvm and open-iscsi to
- remove virtualbox-ose Build-Depends
- add parted and libapparmor-dev Build-Depends
* convert Vcs-Git to Xs-Debian-Vcs-Git
* libvirt-bin Depends: move netcat-openbsd, bridge-utils, dnsmasq-base
(>= 2.46-1), and iptables from Recommends to Depends
* libvirt-bin Recommends: move qemu to Suggests
* libvirt-bin Suggests: add apparmor
* libvirt0 Recommands: move lvm2 to Suggests
- keep debian/
- keep debian/
- debian/
* add apparmor, cron.daily, and apport dirs
- debian/
* add debian/
- debian/
* add /etc/apparmor.d files
* add apport hook
- debian/
* add debian/
- debian/
* replace libvirt groupname with libvirtd
* add each admin user to libvirtd group
* call apparmor_parser on usr.sbin.libvirtd and
* call 'libvirt-
libvirt-bin has started if migrating from
older than 0.8.3-1ubuntu1
- debian/
* replace libvirt groupname with libvirtd
* remove usr.sbin.libvirtd and
- keep added files under debian/:
* libvirt-bin.upstart
* libvirt-
* libvirt-
* libvirt-
* apparmor profiles
- debian/
* add 'Apparmor Profile' section
* add 'Disk migration' section
- debian/rules:
* move include of debhelper.mk to top of file so DEB_HOST_ARCH_OS
is defined.
* don't build with vbox since virtualbox-ose is in universe
- remove WITH_VBOX, add explicit --without-vbox
* add --with-apparmor to DEB_CONFIGURE_
* set DEB_DH_
* remove unneeded binary-
sections (they only deal with sysvinit stuff)
* add build/libvirt-bin:: section to install
- apparmor files
- apport hooks
- libvirt-
* debian/
- don't apply Debian-specific Debianize-
- don't apply Disable qemu-disable-
* debian/patches:
- dropped patches:
* 9022-allows-
* 9023-disable-
* 9024-ftbfs-
* 9025-CVE-
- keep patches:
* 9000-delayed_
* 9001-dont_
* 9002-better_
* 9003-better-
* 9004-libvirtd-
* 9005-increase-
* 9006-default-
* 9011-move-
* 9014-skip-
* 9020-lp545795.patch
* 9021-fix-
* 9026-lp795800.patch
[ Jamie Strandboge ] apparmor- load-to- genlabel. patch: 0.9.2 introduced a change that rityLabel( ) in security/ security_ apparmor. c to load the profile itself, and adjust SecurityAllLabe l() to reload the profile when stdin_fn is
* 9027-move-
caused aa_change_profile() to be called before the profile was loaded into
the kernel. Adjust AppArmorGenSecu
src/
AppArmorSet
specified. This patch can be removed in 0.9.3. (LP: #801569)
libvirt (0.9.2-4) unstable; urgency=low
* [398a4dd] New patch Split-out- dlopen- detection. patch. Explicitly pass generated- autoconf- files.patch. Update
-ldl since the lock manager needs it.
* [3be22be] New patch Update-
generated autoconf files
libvirt (0.9.2-3) unstable; urgency=low
* [008e65d] New patch Skip-nodeinfo- test-on- non-intel- architectures. patch:
Skip nodeinfo test on non intel architectures since the testfiles assume a
/proc/cpuinfo specific to this architecture.
libvirt (0.9.2-2) unstable; urgency=low
* [17570fc] Enable OpenVZ on Linux only (Closes: #630099) remove- superfluous- braces. patch
* [31a35bc] New patch nodeinfo-
nodeinfo: remove superfluous braces to fix compilation on non intel
architectures
libvirt (0.9.2-1) unstable; urgency=low
* [c6187ec] New upstream version 0.9.2 plug-regression -introduced- in-disk- probe-lo. patch CHECKSUM- rule.patch (Closes: #627595)
* [368375a] Update netcat detection to new code
* [e3319ee] Drop security-
applied upstream
* [a1428a7] Refresh patches
* [77590ee] Update symbols
* [0626972] Depend on iproute
* [a1b211d] Version dependency on iptables and drop
Disable-
libvirt (0.9.1-2) unstable; urgency=high
* [4fbc990] New patch security- plug-regression -introduced- in-disk- probe-lo.
patch (Closes: #629128)
- Fixes: CVE-2011-2178
-- Chuck Short <email address hidden> Wed, 22 Jun 2011 11:09:15 -0400