lxc 3.0.2-0ubuntu1~18.04.1 source package in Ubuntu

Changelog

lxc (3.0.2-0ubuntu1~18.04.1) bionic; urgency=medium

  * New upstream bugfix release (LP: #1788457):
    - CVE 2018-6556: verify netns fd in lxc-user-nic
    - fixed a range of bugs found by Coverity
    - lxc-usernsexec: cleanup and bugfixes
    - log: add CMD_SYSINFO()
    - log: add CMD_SYSERROR()
    - state: s/sleep()/nanosleep()/
    - lxclock: improve file locking
    - lxccontainer: improve file locking
    - lxccontainer: fix F_OFD_GETLK checks
    - netlink: add __netlink_{send,recv,transaction}
    - netns: allocate network namespace id
    - MAINTAINERS: add Wolfgang Bumiller
    - pam_cgfs: cleanups
    - log: add default log priority
    - tree-wide: pass unsigned long to prctl()
    - macro: add new macro header
    - conf: mount devpts without “max” on EINVAL
    - tree-wide: handle EINTR in read() and write()
    - tree-wide: replace pipe() with pipe2()
    - confile: split mount options into flags and data
    - conf: improve rootfs setup
    - autotools: default to -Wvla -std=gnu11
    - tree-wide: remove VLAs
    - tree-wide: replace strtok_r() with lxc_iterate_parts()
    - utils: add lxc_iterate_parts()
    - apparmor: allow start-container to change to lxc-**
    - apparmor: update current profiles
    - apparmor: Allow /usr/lib* paths for mount and pivot_root
    - conf: the atime flags are locked in userns
    - conf: handle partially functional device nodes
    - conf: create /dev directory
    - autotools: build both a shared and static liblxc
    - namespace: add api to convert namespaces to standard identifiers
    - tree-wide: set MSG_NOSIGNAL
    - tree-wide: use mknod() to create dummy files
    - cgfsng: respect lxc.cgroup.use
    - cgroups: remove is_crucial_cgroup_subsystem()
    - tree-wide: remove unneeded log prefixes
    - tests: cleanup all tests
    - terminal: set FD_CLOEXEC on pty file descriptors
    - conf: simplify lxc_setup_dev_console()
    - tools: rework tools
    - autodev: adapt to changes in Linux 4.18
    - log: change DEBUG, INFO, TRACE, NOTICE macro using strerror to SYS* macro
    - log: add lxc_log_strerror_r macro
    - network: unpriv lxc will run lxc.net.[i].script.up now
    - conf: only use newuidmap and newgidmap when necessary
    - autotools: support tls in cross-compile

  * Cherry-pick upstream fixes:
    - 0002-tools-fix-lxc-execute-command-parsing.patch
    - 0003-lseek-integer-overflow.patch
    - 0004-cmd-lxc-usernsexec-reorder-includes.patch
    - 0005-cmd-move-declarations-to-macro.h.patch
    - 0006-cmd-use-utils.-c-h-helpers-in-lxc-usernsexec.patch
    - 0007-cmd-simplify-lxc-usernsexec.patch
    - 0008-cmd-use-safe-number-parsers-in-lxc-usernsexec.patch
    - 0009-tools-Indicate-container-startup-failure.patch
    - 0010-conf-fix-path-lxcpath-mixups-in-tty-setup.patch
    - 0011-cmd-use-goto-for-cleanup-in-lxc-usernsexec.patch
    - 0012-utils-split-into-file-string-_utils.-c-h.patch
    - 0013-pam_cgfs-build-from-the-same-sources-as-liblxc.patch
    - 0014-conf-fix-devpts-mounting-when-fully-unprivileged.patch
    - 0015-macro-s-rexit-_exit-g.patch
    - 0016-Makefile-don-t-allow-undefined-symbols.patch
    - 0017-autotools-check-if-compiler-is-new-enough.patch
    - 0018-log-handle-strerror_r-versions.patch
    - 0019-autotools-add-disable-enable-thread-safety.patch
    - 0020-log-fail-build-on-ENFORCE_THREAD_SAFETY-error.patch
    - 0021-macro-add-missing-headers.patch
    - 0022-execute-skip-lxc-init-logging-when-unprivileged.patch
    - 0023-execute-pass-proc-self-fd-nr.patch
    - 0024-commands-return-1-on-lxc_cmd_get_init_pid-err.patch

  * Bump standards to 4.2.0
    - Update lintian overrides
  * Include new .a file into liblxc-dev
  * Override GPG keyserver in autopkgtest
  * Run autoreconf during autopkgtest

 -- Stéphane Graber <email address hidden>  Mon, 10 Sep 2018 14:43:52 -0400

Upload details

Uploaded by:
Stéphane Graber on 2018-09-10
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
linux-any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates 17 hours ago main admin
Bionic proposed on 2018-09-27 main admin

Downloads

File Size SHA-256 Checksum
lxc_3.0.2.orig.tar.gz 1.2 MiB 6ab7117b17066220da450c55ed77953998cf2336d415143b879554364af12f5c
lxc_3.0.2.orig.tar.gz.asc 833 bytes b0aa63e61b2403ed8835f65ed7d255cf654d5f5cbad00399e36ed90bce0c19b9
lxc_3.0.2-0ubuntu1~18.04.1.debian.tar.xz 131.5 KiB 5dd9184874aae82c0b029a44fdbef0f205ad2d299af1bee40ef23e654afb0509
lxc_3.0.2-0ubuntu1~18.04.1.dsc 2.8 KiB be017d1741dad5f106f7c26cf97969deb11e9e99f678174de84f9dd95f106abf

View changes file

Binary packages built by this source

liblxc-common: Linux Containers userspace tools (common tools)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains a few binaries and security profiles required by
 all liblxc users.

liblxc-common-dbgsym: debug symbols for liblxc-common
liblxc-dev: Linux Containers userspace tools (development)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the development files.

liblxc1: Linux Containers userspace tools (library)

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package contains the libraries.

liblxc1-dbgsym: debug symbols for liblxc1
libpam-cgfs: PAM module for managing cgroups for LXC

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This provides a Pluggable Authentication Module (PAM) to provide
 logged-in users with a set of cgroups which they can administer.
 This allows for instance unprivileged containers, and session
 management using cgroup process tracking.

libpam-cgfs-dbgsym: debug symbols for libpam-cgfs
lxc: Transitional package - lxc -> lxc-utils

 This is a transitional dummy package. It can safely be removed.
 .
 lxc is now replaced by lxc-utils.

lxc-dev: Transitional package - lxc-dev -> liblxc-dev

 This is a transitional dummy package. It can safely be removed.
 .
 lxc-dev is now replaced by liblxc-dev.

lxc-utils: Linux Containers userspace tools

 Containers are insulated areas inside a system, which have their own namespace
 for filesystem, network, PID, IPC, CPU and memory allocation and which can be
 created using the Control Group and Namespace features included in the Linux
 kernel.
 .
 This package provides the lxc-* tools, which can be used to start a single
 daemon in a container, or to boot an entire "containerized" system, and to
 manage and debug your containers.

lxc-utils-dbgsym: debug symbols for lxc-utils
lxc1: Transitional package - lxc1 -> lxc-utils

 This is a transitional dummy package. It can safely be removed.
 .
 lxc1 is now replaced by lxc-utils.