This bug was fixed in the package libvirt - 0.9.1-1ubuntu1 --------------- libvirt (0.9.1-1ubuntu1) oneiric; urgency=low
* Resynchronize and merge from Debian unstable (LP: #794378). Remaining changes: - debian/control: * set X-Python-Version to 2.7, as 2.6 is not in oneiric. * set ubuntu maintainer * Build-Depends: - remove [linux-any] from all dependencies - remove [!linux-any] deps - swap libxen to libxen3, qemu to qemu-kvm, and open-iscsi to open-iscsi-utils in Build-Depends - remove virtualbox-ose Build-Depends - add parted and libapparmor-dev Build-Depends * convert Vcs-Git to Xs-Debian-Vcs-Git * libvirt-bin Depends: move netcat-openbsd, bridge-utils, dnsmasq-base (>= 2.46-1), and iptables from Recommends to Depends * libvirt-bin Recommends: move qemu to Suggests * libvirt-bin Suggests: add apparmor * libvirt0 Recommands: move lvm2 to Suggests - keep debian/libvirt-bin.apport - keep debian/libvirt-bin.cron.daily - debian/libvirt-bin.dirs: * add apparmor, cron.daily, and apport dirs - debian/libvirt-bin.examples: * add debian/libvirt-suspendonreboot - debian/libvirt-bin.install: * add /etc/apparmor.d files * add apport hook - debian/libvirt-bin.manpages: * add debian/libvirt-migrate-qemu-disks.1 - debian/libvirt-bin.postinst: * replace libvirt groupname with libvirtd * add each admin user to libvirtd group * call apparmor_parser on usr.sbin.libvirtd and usr.lib.libvirt.virt-aa-helper * call 'libvirt-migrate-qemu-disks -a' after libvirt-bin has started if migrating from older than 0.8.3-1ubuntu1 - debian/libvirt-bin.postrm: * replace libvirt groupname with libvirtd * remove usr.sbin.libvirtd and usr.lib.libvirt.virt-aa-helper - keep added files under debian/: * libvirt-bin.upstart * libvirt-migrate-qemu-disks * libvirt-migrate-qemu-disks.1 * libvirt-suspendonreboot * apparmor profiles - debian/README.Debian: * add 'Apparmor Profile' section * add 'Disk migration' section - debian/rules: * move include of debhelper.mk to top of file so DEB_HOST_ARCH_OS is defined. * don't build with vbox since virtualbox-ose is in universe - remove WITH_VBOX, add explicit --without-vbox * add --with-apparmor to DEB_CONFIGURE_EXTRA_FLAGS * set DEB_DH_INSTALLINIT_ARGS to '--upstart-only' * remove unneeded binary-install/libvirt-bin:: and clean:: sections (they only deal with sysvinit stuff) * add build/libvirt-bin:: section to install - apparmor files - apport hooks - libvirt-migrate-qemu-disks * debian/patches/series: - don't apply Disable-CHECKSUM-rule.patch: our iptables can do this - don't apply Debian-specific Debianize-libvirt-guests.patch (sysvinit only) - don't apply Disable qemu-disable-network.diff.patch * debian/patches: - drop 9007-fix-daemon-conf-ftbfs.patch (looks like it may be fixed) - drop patches applied upstream: * 9022-drop-booton-when-kernel-specified.patch * 9023-fix-lxc-console-hangup.patch * 9024-fix-broken-commandtest.patch * 9025-Pass-virSecurityManagerPtr-to-virSecurityDAC-Set-Res.patch * 9026-security-avoid-memory-leak.patch * 9027-CVE-2011-1146.patch - keep patches: * 9000-delayed_iff_up_bridge.patch * 9001-dont_clobber_existing_bridges.patch * 9002-better_default_uri_virsh.patch * 9003-better-default-arch.patch * 9004-libvirtd-group-name.patch * 9005-increase-unix-socket-timeout.patch * 9006-default-config-test-case.patch * 9011-move-ebtables-script.patch (refreshed) * 9014-skip-nodeinfotest.patch (modified to make it apply) * 9020-lp545795.patch (modified to make it still apply) * 9021-fix-uint64_t.patch * 9022-allows-lxc-containers-with-lxcguest.patch (renamed, modified to make it still apply, and added DEP-3 tags). - new patches: * 9023-disable-test-poll.patch - don't run broken test-poll libvirt (0.9.1-1) unstable; urgency=low * [1546b8c] New upstream version 0.9.1 * [2418ebf] Rediff patches * [d4e2b71] Drop Make-sure-DNSMASQ_STATE_DIR-exists.patch: applied upstream * [0fef693] libvirt0: Update symbols * [b4ff149] Bump standards version to 3.9.2 libvirt (0.9.0-2) unstable; urgency=low * [3a8e07f] New patch Make-sure-DNSMASQ_STATE_DIR-exists.patch (Closes: #623536) libvirt (0.9.0-1) unstable; urgency=low * [a91c8f6] New upstream version 0.9.0 * [1608a8c] Drop patch Make-macros-work-as-rvalues.patch, fixed upstream * [85c3f78] Fix test failure caused by our libvirtd.conf changes * [0defeee] Fix crashes due to missing initialization of the error system * [0a63618] Disable daemon start test for now * [1c29d34] Enable testsuite * [cf3a26f] Build for Python 2.6 only libvirt (0.9.0~rc2-2) experimental; urgency=low * [7da1fd9] New patch Make-macros-work-as-rvalues.patch fixes kFreeBSD build * [08c4915] Add support for kFreeBSD (Closes: #612238) libvirt (0.9.0~rc2-1) experimental; urgency=low * [77fc1c5] New upstream version 0.9.0~rc2 * [30ceba5] Drop superflous build-dep on dpkg-dev. The affected versions are neither in Lenny, Squeeze nor Sid. * [5845bed] Switch to dh_python2 (Closes: #616874) libvirt (0.9.0~rc1-1) experimental; urgency=low * [02daf0b] New upstream version 0.9.0~rc1 * [b4a05a1] Update patches. Drop patches applied upstream: Do-not-add-drive-boot-on-param-when-a-kernel-is-spec.patch Don-t-pass-empty-arguments-to-dnsmasq.patch Make-sure-the-rundir-is-accessible-by-the-user.patch upstream/Add-missing-checks-for-read-only-connections.patch * [7ff8e58] Update symbols for 0.9.0~rc1 libvirt (0.8.8-3) unstable; urgency=low * [28df435] Don't create the rundir in the init script. The daemon does this now. * [7302aff] New patch Make-sure-the-rundir-is-accessible-by-the-user.patch. Make sure the rundir is accessible by the user (Closes: #614210) * [6dde59d] Recommend dmidecode used by the qemu driver * [235f893] Add missing checks for read only connections. As pointed on CVE-2011-1146, some API forgot to check the read-only status of the connection for entry point which modify the state of the system or may lead to a remote execution using user data. The entry points concerned are: - virConnectDomainXMLToNative - virNodeDeviceDettach - virNodeDeviceReAttach - virNodeDeviceReset - virDomainRevertToSnapshot - virDomainSnapshotDelete src/libvirt.c: fix the above set of entry points to error on read-only connections (Closes: #617773) libvirt (0.8.8-2) unstable; urgency=low * [f5fa0d3] initscript: depend on $local_fs (Closes: #616162) * [f503698] README.Debian: Mention netcat.openbsd. Thanks to Luca Capello for the patch. * [9d1ceb0] New patch: Do-not-add-drive-boot-on-param-when-a-kernel-is-spec.patch. Do not add drive 'boot=on' param when a kernel is specified Thanks to Jim Fehlig and Wolfgang Frisch (Closes: #615013) -- Serge Hallyn <serge.hal...@ubuntu.com> Wed, 11 May 2011 12:29:51 -0500 ** Changed in: libvirt (Ubuntu) Status: In Progress => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1146 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in Ubuntu. https://bugs.launchpad.net/bugs/794378 Title: sync to newer version on libvirt for Ubuntu 11.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/794378/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs