Format: 1.8
Date: Tue, 03 May 2022 04:30:16 +0000
Source: libvirt
Binary: libvirt-bin libvirt-clients libvirt-daemon libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-sheepdog libvirt-daemon-driver-storage-zfs libvirt-daemon-system libvirt0 libvirt-doc libvirt-dev libvirt-sanlock libnss-libvirt
Architecture: source
Version: 4.0.0-1ubuntu8.21~cloud0
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot@ubuntu.com>
Description:
 libnss-libvirt - nss plugin providing IP add ress resolution for virtual machines
 libvirt-bin - programs for the libvirt library
 libvirt-clients - Programs for the libvirt library
 libvirt-daemon - Virtualization daemon
 libvirt-daemon-driver-storage-gluster - Virtualization daemon glusterfs storage driver
 libvirt-daemon-driver-storage-rbd - Virtualization daemon RBD storage driver
 libvirt-daemon-driver-storage-sheepdog - Virtualization daemon Sheedog storage driver
 libvirt-daemon-driver-storage-zfs - Virtualization daemon ZFS storage driver
 libvirt-daemon-system - Libvirt daemon configuration files
 libvirt-dev - development files for the libvirt library
 libvirt-doc - documentation for the libvirt library
 libvirt-sanlock - Sanlock plugin for virtlockd
 libvirt0   - library for interfacing with different virtualization systems
Changes:
 libvirt (4.0.0-1ubuntu8.21~cloud0) xenial-queens; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 libvirt (4.0.0-1ubuntu8.21) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: crash via double-free memory issue
     - debian/patches/CVE-2020-25637-1.patch: gendispatch: handle empty
       flags in src/rpc/gendispatch.pl.
     - debian/patches/CVE-2020-25637-2.patch: add support for filtering
       @acls by uint params in src/remote/remote_protocol.x,
       src/rpc/gendispatch.pl.
     - debian/patches/CVE-2020-25637-3.patch: require write acl for guest
       agent in src/libxl/libxl_driver.c, src/qemu/qemu_driver.c,
       src/remote/remote_protocol.x.
     - debian/patches/CVE-2020-25637-4.patch: set ifname to NULL after
       freeing in src/qemu/qemu_agent.c.
     - CVE-2020-25637
   * SECURITY UPDATE: sVirt SELinux confinement flaw
     - debian/patches/CVE-2021-3631.patch: fix SELinux label generation
       logic in src/security/security_selinux.c.
     - CVE-2021-3631
   * SECURITY UPDATE: segmentation fault during VM shutdown
     - debian/patches/CVE-2021-3975.patch: add missing lock in
       qemuProcessHandleMonitorEOF in src/qemu/qemu_process.c.
     - CVE-2021-3975
   * SECURITY UPDATE: DoS via libxl driver
     - debian/patches/CVE-2021-4147-pre0.patch: handle external domain
       destroy in src/libxl/libxl_domain.c, src/libxl/libxl_domain.h.
     - debian/patches/CVE-2021-4147-pre1.patch: fix domain shutdown in
       src/libxl/libxl_domain.c.
     - debian/patches/CVE-2021-4147-1.patch: disable death events after
       receiving a shutdown event in src/libxl/libxl_domain.c,
       src/libxl/libxl_domain.h.
     - debian/patches/CVE-2021-4147-2.patch: rename libxlShutdownThreadInfo
       struct in src/libxl/libxl_domain.c.
     - debian/patches/CVE-2021-4147-3.patch: modify name of shutdown thread
       in src/libxl/libxl_domain.c.
     - debian/patches/CVE-2021-4147-4.patch: handle domain death events in a
       thread in src/libxl/libxl_domain.c.
     - debian/patches/CVE-2021-4147-5.patch: search for virDomainObj in
       event handler threads in src/libxl/libxl_domain.c.
     - debian/patches/CVE-2021-4147-6pre1.patch: avoid virHashFree by
       rearranging code in src/libxl/libxl_logger.c.
     - debian/patches/CVE-2021-4147-6.patch: protect access to libxlLogger
       files hash table in src/libxl/libxl_logger.c.
     - CVE-2021-4147
   * SECURITY UPDATE: DoS via nwfilter driver
     - debian/patches/CVE-2022-0897.patch: fix crash when counting number of
       network filters in src/nwfilter/nwfilter_driver.c.
     - CVE-2022-0897
Checksums-Sha1:
 edca11eb70b5d5719655cb3af7fb6c429ed0ca2a 4644 libvirt_4.0.0-1ubuntu8.21~cloud0.dsc
 b1c83abbba1da9eef79cc36688557ab32c6f42a7 15002248 libvirt_4.0.0.orig.tar.xz
 49d9aceb1594727735ad04a4e2e6f7a0db75d03c 200160 libvirt_4.0.0-1ubuntu8.21~cloud0.debian.tar.xz
Checksums-Sha256:
 515e889f072df433e291474e6142af55497b21fd64e18a2e43d645a29a6aeea8 4644 libvirt_4.0.0-1ubuntu8.21~cloud0.dsc
 e9e8ca1a696b70bca572f367e35807a9800a59aec5158b95fe7f4802a5fadfc8 15002248 libvirt_4.0.0.orig.tar.xz
 c41edf00d86553de0d57beb9364d6d3d69f652fc695c297111c041c255a42548 200160 libvirt_4.0.0-1ubuntu8.21~cloud0.debian.tar.xz
Files:
 6d8299bbf81466dd4434f40c6d71f3e7 4644 libs optional libvirt_4.0.0-1ubuntu8.21~cloud0.dsc
 ff0dbdd8ec4ac1277588dfe3b245d0e9 15002248 libs optional libvirt_4.0.0.orig.tar.xz
 ea01d868106f3395f1294c8b013aab64 200160 libs optional libvirt_4.0.0-1ubuntu8.21~cloud0.debian.tar.xz
Original-Maintainer: Debian Libvirt Maintainers <pkg-libvirt-maintainers@lists.alioth.debian.org>