[Touch-packages] [Bug 1647016] Re: SRU of LXC 1.0.9 (upstream bugfix release)

[Stéphane Graber]

** Changed in: lxc (Ubuntu Precise)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1647016

Title:
  SRU of LXC 1.0.9 (upstream bugfix release)

Status in lxc package in Ubuntu:
  Invalid
Status in lxc source package in Precise:
  Fix Released
Status in lxc source package in Trusty:
  Fix Released

Bug description:
  LXC upstream released LXC 1.0.9 as a bugfix release with following
  changelog:

   - Security fix for CVE-2016-8649
   - utils: make detect_ramfs_rootfs() return bool
   - tests: add test for detect_ramfs_rootfs()
   - add Documentation entries to lxc and lxc@ units
   - mark the python examples as having utf-8 encoding
   - log: sanity check the returned value from snprintf()
   - lxc-alpine: mount /dev/shm as tmpfs
   - archlinux: Do DHCP on eth0
   - archlinux: Fix resolving
   - Drop leftover references to lxc_strerror()
   - tests: fix image download for s390x
   - tools: fix coding style in lxc_attach
   - tools: make overlay valid backend
   - tools: better error reporting for lxc-start
   - alpine: Fix installing extra packages
   - lxc-alpine: do not drop setfcap
   - s390x: Fix seccomp handling of personalities
   - tools: correct the argument typo in lxc_copy
   - Use libtool for liblxc.so
   - c/r: use --external instead of --veth-pair
   - c/r: remember to increment netnr
   - c/r: add checkpoint/restore support for macvlan interfaces
   - ubuntu: Fix package upgrades requiring proc
   - c/r: drop duplicate hunk from macvlan case
   - c/r: use snprintf to compute device name
   - Tweak libtool handling to work with Android
   - tests: add lxc_error() and lxc_debug()
   - container start: clone newcgroup immediately
   - use python3_sitearch for including the python code
   - fix rpm build, include all built files, but only once
   - cgfs: fix invalid free()
   - find OpenSUSE's build also as obs-build
   - improve help text for --fancy and --fancy-format
   - improve wording of the help page for lxc-ls
   - cgfs: add print_cgfs_init_debuginfo()
   - cgfs: skip empty entries under /proc/self/cgroup
   - cgfs: explicitly check for NULL
   - tools: use correct exit code for lxc-stop
   - c/r: explicitly emit bind mounts as criu arguments
   - log: bump LXC_LOG_BUFFER_SIZE to 4096
   - conf: merge network namespace move & rename on shutdown
   - c/r: save criu's stdout during dump too
   - c/r: remove extra \ns from logs
   - c/r: fix off-by-one error
   - c/r: check state before doing a checkpoint/restore
   - start: CLONE_NEWCGROUP after we have setup cgroups
   - create symlink for /var/run
   - utils: add lxc_append_string()
   - cgroups: remove isolated cpus from cpuset.cpus
   - Update Ubuntu release name: add zesty and remove wily
   - templates: add squashfs support to lxc-ubuntu-cloud.in
   - cgroups: skip v2 hierarchy entry
   - also stop lxc-net in runlevels 0 and 6
   - add lxc.egg-info to gitignore
   - install bash completion where pkg-config tells us to
   - conf: do not use %m format specifier
   - debian: Don't depend on libui-dialog-perl
   - cgroups: use %zu format specifier to print size_t
   - lxc-checkpoint: automatically detect if --external or --veth-pair
   - cgroups: prevent segfault in cgfsng
   - utils: add lxc_preserve_ns()
   - start: add netnsfd to lxc_handler
   - conf: use lxc_preserve_ns()
   - attach: use lxc_preserve_ns()
   - lxc_user_nic: use lxc_preserve_ns()
   - conf, start: improve log output
   - conf: explicitly remove veth device from host
   - conf, start: be smarter when deleting networks
   - start, utils: improve preserve_ns()
   - start, error: improve log + non-functional changes
   - start, namespace: move ns_info to namespace.{c,h}
   - attach, utils: bugfixes
   - attach: use ns_info[LXC_NS_MAX] struct
   - namespace: always attach to user namespace first
   - cgroup: improve isolcpus handling
   - cgroups: handle non-existent isolcpus file
   - utils: add lxc_safe_uint()
   - tests: add unit tests for lxc_safe_uint()
   - utils: add lxc_safe_int()
   - tests: add unit tests for lxc_safe_int()
   - conf/ile: get ip prefix via lxc_safe_uint()
   - confile: use lxc_safe_u/int in config_init_{u,g}id
   - conf/ile: use lxc_safe_uint() in config_pts()
   - conf/ile: use lxc_safe_u/int() in config_start()
   - conf/ile: use lxc_safe_uint() in config_monitor()
   - conf/ile: use lxc_safe_uint() in config_tty()
   - conf/ile: use lxc_safe_uint() in config_kmsg()
   - conf/ile: avoid atoi in config_lsm_aa_incomplete()
   - conf/ile: use lxc_safe_uint() in config_autodev()
   - conf/ile: avoid atoi() in config_ephemeral()
   - utils: use lxc_safe_int()
   - lxc_monitord: use lxc_safe_int() && use exit()
   - start: use lxc_safe_int()
   - conf: use lxc_safe_{u}int()
   - tools/lxc_execute: use lxc_safe_uint()
   - tools/lxc_stop: use lxc_safe_uint()
   - utils: add 

[Touch-packages] [Bug 1647016] Re: SRU of LXC 1.0.9 (upstream bugfix release)

[Launchpad Bug Tracker]

This bug was fixed in the package lxc - 1.0.9-0ubuntu2

---
lxc (1.0.9-0ubuntu2) trusty; urgency=medium

  * Cherry-pick upstream bugfix (LP: #1647016):
- 0001-tests-skip-unpriv-tests-on-broken-overlay-module.patch

 -- Stéphane Graber   Wed, 04 Jan 2017 12:38:37
-0500

** Changed in: lxc (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1647016

Title:
  SRU of LXC 1.0.9 (upstream bugfix release)

Status in lxc package in Ubuntu:
  Invalid
Status in lxc source package in Precise:
  In Progress
Status in lxc source package in Trusty:
  Fix Released

Bug description:
  LXC upstream released LXC 1.0.9 as a bugfix release with following
  changelog:

   - Security fix for CVE-2016-8649
   - utils: make detect_ramfs_rootfs() return bool
   - tests: add test for detect_ramfs_rootfs()
   - add Documentation entries to lxc and lxc@ units
   - mark the python examples as having utf-8 encoding
   - log: sanity check the returned value from snprintf()
   - lxc-alpine: mount /dev/shm as tmpfs
   - archlinux: Do DHCP on eth0
   - archlinux: Fix resolving
   - Drop leftover references to lxc_strerror()
   - tests: fix image download for s390x
   - tools: fix coding style in lxc_attach
   - tools: make overlay valid backend
   - tools: better error reporting for lxc-start
   - alpine: Fix installing extra packages
   - lxc-alpine: do not drop setfcap
   - s390x: Fix seccomp handling of personalities
   - tools: correct the argument typo in lxc_copy
   - Use libtool for liblxc.so
   - c/r: use --external instead of --veth-pair
   - c/r: remember to increment netnr
   - c/r: add checkpoint/restore support for macvlan interfaces
   - ubuntu: Fix package upgrades requiring proc
   - c/r: drop duplicate hunk from macvlan case
   - c/r: use snprintf to compute device name
   - Tweak libtool handling to work with Android
   - tests: add lxc_error() and lxc_debug()
   - container start: clone newcgroup immediately
   - use python3_sitearch for including the python code
   - fix rpm build, include all built files, but only once
   - cgfs: fix invalid free()
   - find OpenSUSE's build also as obs-build
   - improve help text for --fancy and --fancy-format
   - improve wording of the help page for lxc-ls
   - cgfs: add print_cgfs_init_debuginfo()
   - cgfs: skip empty entries under /proc/self/cgroup
   - cgfs: explicitly check for NULL
   - tools: use correct exit code for lxc-stop
   - c/r: explicitly emit bind mounts as criu arguments
   - log: bump LXC_LOG_BUFFER_SIZE to 4096
   - conf: merge network namespace move & rename on shutdown
   - c/r: save criu's stdout during dump too
   - c/r: remove extra \ns from logs
   - c/r: fix off-by-one error
   - c/r: check state before doing a checkpoint/restore
   - start: CLONE_NEWCGROUP after we have setup cgroups
   - create symlink for /var/run
   - utils: add lxc_append_string()
   - cgroups: remove isolated cpus from cpuset.cpus
   - Update Ubuntu release name: add zesty and remove wily
   - templates: add squashfs support to lxc-ubuntu-cloud.in
   - cgroups: skip v2 hierarchy entry
   - also stop lxc-net in runlevels 0 and 6
   - add lxc.egg-info to gitignore
   - install bash completion where pkg-config tells us to
   - conf: do not use %m format specifier
   - debian: Don't depend on libui-dialog-perl
   - cgroups: use %zu format specifier to print size_t
   - lxc-checkpoint: automatically detect if --external or --veth-pair
   - cgroups: prevent segfault in cgfsng
   - utils: add lxc_preserve_ns()
   - start: add netnsfd to lxc_handler
   - conf: use lxc_preserve_ns()
   - attach: use lxc_preserve_ns()
   - lxc_user_nic: use lxc_preserve_ns()
   - conf, start: improve log output
   - conf: explicitly remove veth device from host
   - conf, start: be smarter when deleting networks
   - start, utils: improve preserve_ns()
   - start, error: improve log + non-functional changes
   - start, namespace: move ns_info to namespace.{c,h}
   - attach, utils: bugfixes
   - attach: use ns_info[LXC_NS_MAX] struct
   - namespace: always attach to user namespace first
   - cgroup: improve isolcpus handling
   - cgroups: handle non-existent isolcpus file
   - utils: add lxc_safe_uint()
   - tests: add unit tests for lxc_safe_uint()
   - utils: add lxc_safe_int()
   - tests: add unit tests for lxc_safe_int()
   - conf/ile: get ip prefix via lxc_safe_uint()
   - confile: use lxc_safe_u/int in config_init_{u,g}id
   - conf/ile: use lxc_safe_uint() in config_pts()
   - conf/ile: use lxc_safe_u/int() in config_start()
   - conf/ile: use lxc_safe_uint() in config_monitor()
   - conf/ile: use lxc_safe_uint() in config_tty()
   - conf/ile: use lxc_safe_uint() in config_kmsg()
   - conf/ile: avoid atoi in config_lsm_aa_incomplete()
   - conf/ile: use lxc_safe_uint() in config_autodev()
   

[Touch-packages] [Bug 1647016] Re: SRU of LXC 1.0.9 (upstream bugfix release)

[Stéphane Graber]

Looks like this version passes all our tests just fine and we haven't
heard anything bad from users of -proposed or other distros that are
already including 1.0.9.

** Tags removed: verification-needed
** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1647016

Title:
  SRU of LXC 1.0.9 (upstream bugfix release)

Status in lxc package in Ubuntu:
  Invalid
Status in lxc source package in Precise:
  In Progress
Status in lxc source package in Trusty:
  Fix Released

Bug description:
  LXC upstream released LXC 1.0.9 as a bugfix release with following
  changelog:

   - Security fix for CVE-2016-8649
   - utils: make detect_ramfs_rootfs() return bool
   - tests: add test for detect_ramfs_rootfs()
   - add Documentation entries to lxc and lxc@ units
   - mark the python examples as having utf-8 encoding
   - log: sanity check the returned value from snprintf()
   - lxc-alpine: mount /dev/shm as tmpfs
   - archlinux: Do DHCP on eth0
   - archlinux: Fix resolving
   - Drop leftover references to lxc_strerror()
   - tests: fix image download for s390x
   - tools: fix coding style in lxc_attach
   - tools: make overlay valid backend
   - tools: better error reporting for lxc-start
   - alpine: Fix installing extra packages
   - lxc-alpine: do not drop setfcap
   - s390x: Fix seccomp handling of personalities
   - tools: correct the argument typo in lxc_copy
   - Use libtool for liblxc.so
   - c/r: use --external instead of --veth-pair
   - c/r: remember to increment netnr
   - c/r: add checkpoint/restore support for macvlan interfaces
   - ubuntu: Fix package upgrades requiring proc
   - c/r: drop duplicate hunk from macvlan case
   - c/r: use snprintf to compute device name
   - Tweak libtool handling to work with Android
   - tests: add lxc_error() and lxc_debug()
   - container start: clone newcgroup immediately
   - use python3_sitearch for including the python code
   - fix rpm build, include all built files, but only once
   - cgfs: fix invalid free()
   - find OpenSUSE's build also as obs-build
   - improve help text for --fancy and --fancy-format
   - improve wording of the help page for lxc-ls
   - cgfs: add print_cgfs_init_debuginfo()
   - cgfs: skip empty entries under /proc/self/cgroup
   - cgfs: explicitly check for NULL
   - tools: use correct exit code for lxc-stop
   - c/r: explicitly emit bind mounts as criu arguments
   - log: bump LXC_LOG_BUFFER_SIZE to 4096
   - conf: merge network namespace move & rename on shutdown
   - c/r: save criu's stdout during dump too
   - c/r: remove extra \ns from logs
   - c/r: fix off-by-one error
   - c/r: check state before doing a checkpoint/restore
   - start: CLONE_NEWCGROUP after we have setup cgroups
   - create symlink for /var/run
   - utils: add lxc_append_string()
   - cgroups: remove isolated cpus from cpuset.cpus
   - Update Ubuntu release name: add zesty and remove wily
   - templates: add squashfs support to lxc-ubuntu-cloud.in
   - cgroups: skip v2 hierarchy entry
   - also stop lxc-net in runlevels 0 and 6
   - add lxc.egg-info to gitignore
   - install bash completion where pkg-config tells us to
   - conf: do not use %m format specifier
   - debian: Don't depend on libui-dialog-perl
   - cgroups: use %zu format specifier to print size_t
   - lxc-checkpoint: automatically detect if --external or --veth-pair
   - cgroups: prevent segfault in cgfsng
   - utils: add lxc_preserve_ns()
   - start: add netnsfd to lxc_handler
   - conf: use lxc_preserve_ns()
   - attach: use lxc_preserve_ns()
   - lxc_user_nic: use lxc_preserve_ns()
   - conf, start: improve log output
   - conf: explicitly remove veth device from host
   - conf, start: be smarter when deleting networks
   - start, utils: improve preserve_ns()
   - start, error: improve log + non-functional changes
   - start, namespace: move ns_info to namespace.{c,h}
   - attach, utils: bugfixes
   - attach: use ns_info[LXC_NS_MAX] struct
   - namespace: always attach to user namespace first
   - cgroup: improve isolcpus handling
   - cgroups: handle non-existent isolcpus file
   - utils: add lxc_safe_uint()
   - tests: add unit tests for lxc_safe_uint()
   - utils: add lxc_safe_int()
   - tests: add unit tests for lxc_safe_int()
   - conf/ile: get ip prefix via lxc_safe_uint()
   - confile: use lxc_safe_u/int in config_init_{u,g}id
   - conf/ile: use lxc_safe_uint() in config_pts()
   - conf/ile: use lxc_safe_u/int() in config_start()
   - conf/ile: use lxc_safe_uint() in config_monitor()
   - conf/ile: use lxc_safe_uint() in config_tty()
   - conf/ile: use lxc_safe_uint() in config_kmsg()
   - conf/ile: avoid atoi in config_lsm_aa_incomplete()
   - conf/ile: use lxc_safe_uint() in config_autodev()
   - conf/ile: avoid atoi() in config_ephemeral()
   - utils: use lxc_safe_int()
   - lxc_monitord: use lxc_safe_int() && use exit()
   - start: use 

[Touch-packages] [Bug 1647016] Re: SRU of LXC 1.0.9 (upstream bugfix release)

[Adam Conrad]

Hello Stéphane, or anyone else affected,

Accepted lxc into trusty-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/lxc/1.0.9-0ubuntu2 in
a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Tags removed: verification-failed

** Tags added: verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1647016

Title:
  SRU of LXC 1.0.9 (upstream bugfix release)

Status in lxc package in Ubuntu:
  Invalid
Status in lxc source package in Precise:
  In Progress
Status in lxc source package in Trusty:
  Fix Committed

Bug description:
  LXC upstream released LXC 1.0.9 as a bugfix release with following
  changelog:

   - Security fix for CVE-2016-8649
   - utils: make detect_ramfs_rootfs() return bool
   - tests: add test for detect_ramfs_rootfs()
   - add Documentation entries to lxc and lxc@ units
   - mark the python examples as having utf-8 encoding
   - log: sanity check the returned value from snprintf()
   - lxc-alpine: mount /dev/shm as tmpfs
   - archlinux: Do DHCP on eth0
   - archlinux: Fix resolving
   - Drop leftover references to lxc_strerror()
   - tests: fix image download for s390x
   - tools: fix coding style in lxc_attach
   - tools: make overlay valid backend
   - tools: better error reporting for lxc-start
   - alpine: Fix installing extra packages
   - lxc-alpine: do not drop setfcap
   - s390x: Fix seccomp handling of personalities
   - tools: correct the argument typo in lxc_copy
   - Use libtool for liblxc.so
   - c/r: use --external instead of --veth-pair
   - c/r: remember to increment netnr
   - c/r: add checkpoint/restore support for macvlan interfaces
   - ubuntu: Fix package upgrades requiring proc
   - c/r: drop duplicate hunk from macvlan case
   - c/r: use snprintf to compute device name
   - Tweak libtool handling to work with Android
   - tests: add lxc_error() and lxc_debug()
   - container start: clone newcgroup immediately
   - use python3_sitearch for including the python code
   - fix rpm build, include all built files, but only once
   - cgfs: fix invalid free()
   - find OpenSUSE's build also as obs-build
   - improve help text for --fancy and --fancy-format
   - improve wording of the help page for lxc-ls
   - cgfs: add print_cgfs_init_debuginfo()
   - cgfs: skip empty entries under /proc/self/cgroup
   - cgfs: explicitly check for NULL
   - tools: use correct exit code for lxc-stop
   - c/r: explicitly emit bind mounts as criu arguments
   - log: bump LXC_LOG_BUFFER_SIZE to 4096
   - conf: merge network namespace move & rename on shutdown
   - c/r: save criu's stdout during dump too
   - c/r: remove extra \ns from logs
   - c/r: fix off-by-one error
   - c/r: check state before doing a checkpoint/restore
   - start: CLONE_NEWCGROUP after we have setup cgroups
   - create symlink for /var/run
   - utils: add lxc_append_string()
   - cgroups: remove isolated cpus from cpuset.cpus
   - Update Ubuntu release name: add zesty and remove wily
   - templates: add squashfs support to lxc-ubuntu-cloud.in
   - cgroups: skip v2 hierarchy entry
   - also stop lxc-net in runlevels 0 and 6
   - add lxc.egg-info to gitignore
   - install bash completion where pkg-config tells us to
   - conf: do not use %m format specifier
   - debian: Don't depend on libui-dialog-perl
   - cgroups: use %zu format specifier to print size_t
   - lxc-checkpoint: automatically detect if --external or --veth-pair
   - cgroups: prevent segfault in cgfsng
   - utils: add lxc_preserve_ns()
   - start: add netnsfd to lxc_handler
   - conf: use lxc_preserve_ns()
   - attach: use lxc_preserve_ns()
   - lxc_user_nic: use lxc_preserve_ns()
   - conf, start: improve log output
   - conf: explicitly remove veth device from host
   - conf, start: be smarter when deleting networks
   - start, utils: improve preserve_ns()
   - start, error: improve log + non-functional changes
   - start, namespace: move ns_info to namespace.{c,h}
   - attach, utils: bugfixes
   - attach: use ns_info[LXC_NS_MAX] struct
   - namespace: always attach to user namespace first
   - cgroup: improve isolcpus handling
   - 

[Touch-packages] [Bug 1647016] Re: SRU of LXC 1.0.9 (upstream bugfix release)

[Stéphane Graber]

Autopkgtest found a regression related to unprivileged container
execution when combined with overlayfs and the trusty kernel (3.13).

Marking this as verification-failed and will be tracking this done,
fixing upstream and cherry-picking a fix (once we know exactly what's
going on).


This failure didn't occur upstream when testing on a 4.4 kernel, so it suggests 
it's only happening when going down the old overlayfs codepath which the 3.13 
kernel uses.

http://paste.ubuntu.com/23639928/

** Tags removed: verification-needed
** Tags added: verification-failed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1647016

Title:
  SRU of LXC 1.0.9 (upstream bugfix release)

Status in lxc package in Ubuntu:
  Invalid
Status in lxc source package in Precise:
  In Progress
Status in lxc source package in Trusty:
  Fix Committed

Bug description:
  LXC upstream released LXC 1.0.9 as a bugfix release with following
  changelog:

   - Security fix for CVE-2016-8649
   - utils: make detect_ramfs_rootfs() return bool
   - tests: add test for detect_ramfs_rootfs()
   - add Documentation entries to lxc and lxc@ units
   - mark the python examples as having utf-8 encoding
   - log: sanity check the returned value from snprintf()
   - lxc-alpine: mount /dev/shm as tmpfs
   - archlinux: Do DHCP on eth0
   - archlinux: Fix resolving
   - Drop leftover references to lxc_strerror()
   - tests: fix image download for s390x
   - tools: fix coding style in lxc_attach
   - tools: make overlay valid backend
   - tools: better error reporting for lxc-start
   - alpine: Fix installing extra packages
   - lxc-alpine: do not drop setfcap
   - s390x: Fix seccomp handling of personalities
   - tools: correct the argument typo in lxc_copy
   - Use libtool for liblxc.so
   - c/r: use --external instead of --veth-pair
   - c/r: remember to increment netnr
   - c/r: add checkpoint/restore support for macvlan interfaces
   - ubuntu: Fix package upgrades requiring proc
   - c/r: drop duplicate hunk from macvlan case
   - c/r: use snprintf to compute device name
   - Tweak libtool handling to work with Android
   - tests: add lxc_error() and lxc_debug()
   - container start: clone newcgroup immediately
   - use python3_sitearch for including the python code
   - fix rpm build, include all built files, but only once
   - cgfs: fix invalid free()
   - find OpenSUSE's build also as obs-build
   - improve help text for --fancy and --fancy-format
   - improve wording of the help page for lxc-ls
   - cgfs: add print_cgfs_init_debuginfo()
   - cgfs: skip empty entries under /proc/self/cgroup
   - cgfs: explicitly check for NULL
   - tools: use correct exit code for lxc-stop
   - c/r: explicitly emit bind mounts as criu arguments
   - log: bump LXC_LOG_BUFFER_SIZE to 4096
   - conf: merge network namespace move & rename on shutdown
   - c/r: save criu's stdout during dump too
   - c/r: remove extra \ns from logs
   - c/r: fix off-by-one error
   - c/r: check state before doing a checkpoint/restore
   - start: CLONE_NEWCGROUP after we have setup cgroups
   - create symlink for /var/run
   - utils: add lxc_append_string()
   - cgroups: remove isolated cpus from cpuset.cpus
   - Update Ubuntu release name: add zesty and remove wily
   - templates: add squashfs support to lxc-ubuntu-cloud.in
   - cgroups: skip v2 hierarchy entry
   - also stop lxc-net in runlevels 0 and 6
   - add lxc.egg-info to gitignore
   - install bash completion where pkg-config tells us to
   - conf: do not use %m format specifier
   - debian: Don't depend on libui-dialog-perl
   - cgroups: use %zu format specifier to print size_t
   - lxc-checkpoint: automatically detect if --external or --veth-pair
   - cgroups: prevent segfault in cgfsng
   - utils: add lxc_preserve_ns()
   - start: add netnsfd to lxc_handler
   - conf: use lxc_preserve_ns()
   - attach: use lxc_preserve_ns()
   - lxc_user_nic: use lxc_preserve_ns()
   - conf, start: improve log output
   - conf: explicitly remove veth device from host
   - conf, start: be smarter when deleting networks
   - start, utils: improve preserve_ns()
   - start, error: improve log + non-functional changes
   - start, namespace: move ns_info to namespace.{c,h}
   - attach, utils: bugfixes
   - attach: use ns_info[LXC_NS_MAX] struct
   - namespace: always attach to user namespace first
   - cgroup: improve isolcpus handling
   - cgroups: handle non-existent isolcpus file
   - utils: add lxc_safe_uint()
   - tests: add unit tests for lxc_safe_uint()
   - utils: add lxc_safe_int()
   - tests: add unit tests for lxc_safe_int()
   - conf/ile: get ip prefix via lxc_safe_uint()
   - confile: use lxc_safe_u/int in config_init_{u,g}id
   - conf/ile: use lxc_safe_uint() in config_pts()
   - conf/ile: use lxc_safe_u/int() in config_start()
   - conf/ile: use lxc_safe_uint() in config_monitor()
   - conf/ile: use lxc_safe_uint() in 

[Touch-packages] [Bug 1647016] Re: SRU of LXC 1.0.9 (upstream bugfix release)

[Brian Murray]

Hello Stéphane, or anyone else affected,

Accepted lxc into trusty-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/lxc/1.0.9-0ubuntu1 in
a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: lxc (Ubuntu Trusty)
   Status: In Progress => Fix Committed

** Tags added: verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1647016

Title:
  SRU of LXC 1.0.9 (upstream bugfix release)

Status in lxc package in Ubuntu:
  Invalid
Status in lxc source package in Precise:
  In Progress
Status in lxc source package in Trusty:
  Fix Committed

Bug description:
  LXC upstream released LXC 1.0.9 as a bugfix release with following
  changelog:

   - Security fix for CVE-2016-8649
   - utils: make detect_ramfs_rootfs() return bool
   - tests: add test for detect_ramfs_rootfs()
   - add Documentation entries to lxc and lxc@ units
   - mark the python examples as having utf-8 encoding
   - log: sanity check the returned value from snprintf()
   - lxc-alpine: mount /dev/shm as tmpfs
   - archlinux: Do DHCP on eth0
   - archlinux: Fix resolving
   - Drop leftover references to lxc_strerror()
   - tests: fix image download for s390x
   - tools: fix coding style in lxc_attach
   - tools: make overlay valid backend
   - tools: better error reporting for lxc-start
   - alpine: Fix installing extra packages
   - lxc-alpine: do not drop setfcap
   - s390x: Fix seccomp handling of personalities
   - tools: correct the argument typo in lxc_copy
   - Use libtool for liblxc.so
   - c/r: use --external instead of --veth-pair
   - c/r: remember to increment netnr
   - c/r: add checkpoint/restore support for macvlan interfaces
   - ubuntu: Fix package upgrades requiring proc
   - c/r: drop duplicate hunk from macvlan case
   - c/r: use snprintf to compute device name
   - Tweak libtool handling to work with Android
   - tests: add lxc_error() and lxc_debug()
   - container start: clone newcgroup immediately
   - use python3_sitearch for including the python code
   - fix rpm build, include all built files, but only once
   - cgfs: fix invalid free()
   - find OpenSUSE's build also as obs-build
   - improve help text for --fancy and --fancy-format
   - improve wording of the help page for lxc-ls
   - cgfs: add print_cgfs_init_debuginfo()
   - cgfs: skip empty entries under /proc/self/cgroup
   - cgfs: explicitly check for NULL
   - tools: use correct exit code for lxc-stop
   - c/r: explicitly emit bind mounts as criu arguments
   - log: bump LXC_LOG_BUFFER_SIZE to 4096
   - conf: merge network namespace move & rename on shutdown
   - c/r: save criu's stdout during dump too
   - c/r: remove extra \ns from logs
   - c/r: fix off-by-one error
   - c/r: check state before doing a checkpoint/restore
   - start: CLONE_NEWCGROUP after we have setup cgroups
   - create symlink for /var/run
   - utils: add lxc_append_string()
   - cgroups: remove isolated cpus from cpuset.cpus
   - Update Ubuntu release name: add zesty and remove wily
   - templates: add squashfs support to lxc-ubuntu-cloud.in
   - cgroups: skip v2 hierarchy entry
   - also stop lxc-net in runlevels 0 and 6
   - add lxc.egg-info to gitignore
   - install bash completion where pkg-config tells us to
   - conf: do not use %m format specifier
   - debian: Don't depend on libui-dialog-perl
   - cgroups: use %zu format specifier to print size_t
   - lxc-checkpoint: automatically detect if --external or --veth-pair
   - cgroups: prevent segfault in cgfsng
   - utils: add lxc_preserve_ns()
   - start: add netnsfd to lxc_handler
   - conf: use lxc_preserve_ns()
   - attach: use lxc_preserve_ns()
   - lxc_user_nic: use lxc_preserve_ns()
   - conf, start: improve log output
   - conf: explicitly remove veth device from host
   - conf, start: be smarter when deleting networks
   - start, utils: improve preserve_ns()
   - start, error: improve log + non-functional changes
   - start, namespace: move ns_info to namespace.{c,h}
   - attach, utils: bugfixes
   - attach: use ns_info[LXC_NS_MAX] struct
   - namespace: always attach to user namespace first