Change log for lxc package in Ubuntu
76 → 150 of 514 results | First • Previous • Next • Last |
lxc (2.1.1-0ubuntu1) bionic; urgency=medium * New upstream bugfix release (LXC 2.1.1) - apparmor: Drop useless apparmor denies - cgfsng: Check whether we have a conf - cgfsng: Fail when limits fail to apply - conf: Error out on too many mappings - conf: Ignore lxc.kmsg and lxc.pivotdir - conf: Make update warning opt-in - conf: Preserve newlines in configuration file - conf: Remove dead assignments in parse_idmaps() - conf: Remove unnecessary zeroing - conf: Use the proper type for rlim_t, fixing build failure on x32. - console: Clean tty state + return 0 on peer exit - console: Remove dead assignments - core: Introduce userns_exec_full() and port the codebase to it - criu: Use correct check initialization check - doc: Add lxc.cgroup.dir to Japanese lxc.container.conf(5) - doc: Add lxc-update-config manpage - doc: Document missing env variables - doc: Fix regex-typo in Japanese and Korean lxc-monitor(1) - doc: Fix regex-typo in lxc-monitor.sgml.in - doc: Translate lxc(7) into Japanese - doc: Translate lxc-update-config(1) into Japanese - execute: Enable console & standard /dev symlinks - init: Become session leader - log: Fix a format string build failure on x32. - log: Prevent stack smashing - monitor: Remove dead assignment - network: Add missing checks for empty links - network: Clear ifindeces - network: Non-functional changes - network: Remove dead assignments - network: Use single helper to delete networks - start: Don't close inherited namespace fds - start: Move env setup before container setup - start: Pass LXC_LOG_LEVEL to hooks - start: Remove dead variable - start: Set environment variables correctly - start: Switch ids at last possible instance - storage: Avoid segfault on missing lxc.rootfs.path - storage: Fix typo in error message - storage/lvm: Fix thinpool logical volumes - storage/overlay: Do not write to invalid memory - storage/overlay: Fix use after free() - storage/zfs: Return error directly when zfs creation fails - template/alpine: Change file check to also check file size (-f => -s) - template/archlinux: Change locale "en-US.UTF-8" to "en_US.UTF-8" - template/debian: Don't force getty@ configuration - template/plamo: Delete unnecessary process during container shutdown - tests: Avoid NULL pointer dereference - tests: Remove dead assignments - tests: Support systemd hybrid cgroups - tools: Print "-devel" when LXC_DEVEL is true - tools/lxc-unshare: Do not pass NULL pointer - tools/lxc-update-config: Remove lxc.pivotdir and lxc.kmsg entries - tools/lxc-update-config: Strip lxc.rootfs.backend and handle IPv4 addrs - tools/lxc-user-nic: Remove double initialization - tools/lxc-usernsexec: Remove dead assignments - utils: Do not write to 0 sized buffer - utils: Duplicate stderr as well in lxc_popen() - utils: Fix lxc_popen()/lxc_pclose() - utils: Remove dead assignments in lxc_popen() * Drop all patches, now upstream. * Use upstream manpage for lxc-update-config. * Refresh lintian overrides. * Bump standards to 4.1.1. -- Stéphane Graber <email address hidden> Tue, 31 Oct 2017 18:59:59 -0400
Available diffs
- diff from 2.1.0-0ubuntu1 to 2.1.1-0ubuntu1 (46.8 KiB)
Superseded in bionic-release |
Obsolete in artful-release |
Deleted in artful-proposed (Reason: moved to release) |
lxc (2.1.0-0ubuntu1) artful; urgency=medium * New upstream release (LXC 2.1): (LP: #1715278) - https://linuxcontainers.org/lxc/news - This is an intermediary release between LXC 2.0 (LTS) and LXC 3.0 (LTS). LXC 2.1 supports both the older configuration keys and the newer ones. A number of options and commands will also now issue deprecation warning before they completely go away in LXC 3.0. It is recommended that you run "lxc-update-config" for your containers and make sure that there is no leftover warnings. * Cherry-pick fixes from upstream: - 0002-Fix-typo.patch - 0003-network-add-missing-checks-for-empty-links.patch - 0004-cleanup-remove-unnecessary-zeroing.patch - 0005-console-clean-tty-state-return-0-on-peer-exit.patch - 0006-tools-fix-lxc-upate-config.patch - 0007-criu-use-correct-check-initialization-check.patch - 0008-storage-overlay-do-not-write-to-invalid-memory.patch - 0009-utils-do-not-write-to-0-sized-buffer.patch - 0010-overlay-fix-use-after-free.patch - 0011-lxc-unshare-do-not-pass-NULL-pointer.patch - 0012-lxc-user-nic-remove-double-initialization.patch - 0013-execute-enable-console-standard-dev-symlinks.patch - 0014-start-switch-ids-at-last-possible-instance.patch - 0015-storage-avoid-segfault.patch - 0016-tests-Support-systemd-hybrid-cgroups.patch * Build depend on python3-setuptools. * Bump standard to 4.0.0. * Drop upstart jobs on artful and higher. * Update lintian overrides. * Build a manpage with help2man for lxc-update-config. -- Stéphane Graber <email address hidden> Mon, 18 Sep 2017 18:32:38 -0400
Available diffs
- diff from 2.0.8-0ubuntu7.1 to 2.1.0-0ubuntu1 (430.7 KiB)
lxc (2.0.8-0ubuntu7.1) artful; urgency=medium * Cherrypick fixes for netplan to fix release-regressed autopkgtests and unblock proposed migration of reverse-dependencies. -- Dimitri John Ledkov <email address hidden> Wed, 06 Sep 2017 17:10:01 +0100
Available diffs
lxc (2.0.8-0ubuntu7) artful; urgency=medium * Cherry-pick upstream fix: - 0014-templates-ubuntu-conditionally-move-upstart-ssh-job-.patch -- Stéphane Graber <email address hidden> Tue, 29 Aug 2017 14:40:49 -0400
Available diffs
lxc (2.0.8-0ubuntu6) artful; urgency=medium * Cherry-pick upstream fix: - 0012-cgroups-handle-hybrid-cgroup-layouts.patch -- Stéphane Graber <email address hidden> Tue, 22 Aug 2017 18:43:41 -0400
Available diffs
- diff from 2.0.8-0ubuntu5 to 2.0.8-0ubuntu6 (13.0 KiB)
lxc (2.0.8-0ubuntu5) artful; urgency=medium * debian/patches/0012-gcc-7-workaround.patch: workaround for gcc-7 bug that causes lxc to FTBFS. LP: #1711449. Closes: #853531. -- Tiago Stürmer Daitx <email address hidden> Thu, 17 Aug 2017 20:29:29 +0000
Available diffs
- diff from 2.0.8-0ubuntu3 to 2.0.8-0ubuntu5 (1.4 KiB)
- diff from 2.0.8-0ubuntu4 to 2.0.8-0ubuntu5 (1.3 KiB)
Published in trusty-backports |
lxc (2.0.8-0ubuntu1~14.04.1) trusty-backports; urgency=medium * Backport to trusty * Add a versioned build-dependency on trusty-backports' libseccomp-dev. * Add a versioned dependency to liblxc1 on trusty-backports' cgroup-lite. -- Stéphane Graber <email address hidden> Mon, 14 Aug 2017 02:06:16 -0400
Available diffs
Superseded in artful-proposed |
lxc (2.0.8-0ubuntu4) artful; urgency=medium * No-change rebuild to build to drop python3.5. -- Matthias Klose <email address hidden> Sat, 05 Aug 2017 16:25:57 +0000
Available diffs
- diff from 2.0.8-0ubuntu3 to 2.0.8-0ubuntu4 (325 bytes)
lxc (1.0.10-0ubuntu1.1) trusty-security; urgency=medium * No change rebuild as a security update. -- Marc Deslauriers <email address hidden> Tue, 01 Aug 2017 11:31:21 -0400
Available diffs
lxc (2.0.8-0ubuntu1~17.04.2) zesty; urgency=medium * Cherry-pick upstream workaround for ppc64el failure: - 0011-utils-fix-ppc64le-builds.patch -- Stéphane Graber <email address hidden> Mon, 29 May 2017 14:47:05 -0400
Available diffs
lxc (2.0.8-0ubuntu1~16.10.2) yakkety; urgency=medium * Cherry-pick upstream workaround for ppc64el failure: - 0011-utils-fix-ppc64le-builds.patch -- Stéphane Graber <email address hidden> Mon, 29 May 2017 14:39:52 -0400
lxc (2.0.8-0ubuntu1~16.04.2) xenial; urgency=medium * Cherry-pick upstream workaround for ppc64el failure: - 0011-utils-fix-ppc64le-builds.patch -- Stéphane Graber <email address hidden> Mon, 29 May 2017 14:37:15 -0400
lxc (2.0.8-0ubuntu3) artful; urgency=medium * Cherry-pick upstream workaround for ppc64el failure: - 0011-utils-fix-ppc64le-builds.patch -- Stéphane Graber <email address hidden> Mon, 29 May 2017 13:15:38 -0400
Available diffs
lxc (1.0.10-0ubuntu1) trusty; urgency=medium * New upstream bugfix release. (LP: #1693002) - Security fix for CVE-2016-10124 - Security fix for CVE-2017-5985 - attach: simplify lsm_openat() - commands: improve logging - utils: add macro __LXC_NUMSTRLEN - tests; Don't cause test failures on cleanup errors - conf: clearly report to either use drop or keep - attach: close lsm label file descriptor - conf, attach: save errno across call to close - templates/lxc-debian.in: Fix typo in calling dpkg with --print-foreign-architectures option - templates/lxc-debian.in: handle ppc hostarch -> powerpc - Fix regression in errno handling cherry-pick - don't try to get stuff from /usr/lib/systemd on the host - lxc-opensuse: rm poweroff.target -> sigpwr.target copy - Add --enable-gnutls option - tests: skip unpriv tests on broken overlay module - Use AC_HEADER_MAJOR to detect major()/minor()/makedev() - Make lxc-start-ephemeral Python 3.2-compatible - systemd: enable delegate in service file - confile: clear lxc.network..ipv{4,6} when empty - seccomp: allow x32 guests on amd64 hosts. - squeeze is not a supported release anymore, drop the key - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-checkconfig: verify new[ug]idmap are setuid-root - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Increased buffer length in print_stats() - remove obsolete note about api stability - conf: less error prone pointer access - create ISSUE_TEMPLATE.md - issue template: fix typo - conf: order mount options - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference -- Stéphane Graber <email address hidden> Tue, 23 May 2017 14:44:34 -0400
Available diffs
Superseded in zesty-proposed |
lxc (2.0.8-0ubuntu1~17.04.1) zesty; urgency=medium * New upstream bugfix release (2.0.8) (LP: #1691911): - Security fix for CVE-2017-5985 (previously fixed in Ubuntu) - All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. This may affect some automated environments that were relying on our default (very much insecure) users. - Make lxc-start-ephemeral Python 3.2-compatible - Fix typo - Allow build without sys/capability.h - lxc-opensuse: fix default value for release code - util: always malloc for setproctitle - util: update setproctitle comments - confile: clear lxc.network..ipv{4,6} when empty - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Make lxc-net return non-zero on failure - seccomp: allow x32 guests on amd64 hosts. - Add HAVE_LIBCAP - c/r: only supply --ext-mount-map for bind mounts - Added 'mkdir -p' functionality in create_or_remove_cgroup - Use LXC_ROOTFS_MOUNT in clonehostname hook - squeeze is not a supported release anymore, drop the key - start: dumb down SIGCHLD from WARN() to NOTICE() - log: fix lxc_unix_epoch_to_utc() - cgfsng: make trim() safer - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-user-nic: re-order #includes - lxc-user-nic: improve + bugfix - lxc-user-nic: delete link on failure - conf: only try to delete veth when privileged - Fix lxc-containers to support multiple bridges - Fix mixed tab/spaces in previous patch - lxc-alpine: use dl-cdn.a.o as default mirror instead of random one - lxc-checkconfig: verify new[ug]idmap are setuid-root - [templates] archlinux: resolve conflicting files - [templates] archlinux: noneed default_timezone variable - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tree-wide: include directly - conf/ile: make sure buffer is large enough - tree-wide: include directly - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - do not set the root password in the debian template - do not set insecure passwords - don't set a default password for altlinux, gentoo, openmandriva and pld - tools: exit with return code of lxc_execute() - Keep veth.pair.name on network shutdown - Makefile: fix static clang init.lxc build - Avoid waiting for bridge interface if disabled in sysconfig/lxc - Increased buffer length in print_stats() - avoid assigning to a variable which is not POSIX shell proof (bug #1498) - remove obsolete note about api stability - conf: less error prone pointer access - conf: lxc_map_ids() non-functional changes - caps: add lxc_{proc,file}_cap_is_set() - conf: check for {filecaps,setuid} on new{g,u}idmap - conf: improve log when mounting rootfs - ls: simplify the judgment condition when list active containers - fix typo introduced in #1509 - attach|unshare: fix the wrong comment - caps: skip file capability checks on android - autotools: check for cap_get_file - caps: return false if caps are not supported - conf: non-functional changes to setup_pts() - conf: use bind-mount for /dev/ptmx - conf: non-functional changes - utils: use loop device helpers from LXD - create ISSUE_TEMPLATE.md - cgroups: improve cgfsng debugging - issue template: fix typo - conf: close fd in lxc_setup_devpts() - conf: non-functional changes - utils: tweak lxc_mount_proc_if_needed() - Change sshd template to work with Ubuntu 17.04 - conf: order mount options - conf: add MS_LAZYTIME to mount options - monitor: report errno on exec() error - af unix: allow for maximum socket name - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference - monitor: simplify abstract socket logic - precise is not the latest LTS, let's use xenial instead - fix the wrong exit status - conf: non-functional changes lxc_fill_autodev() - conf: remove /dev/console from lxc_fill_autodev() - conf: non-functional changes lxc_setup() - conf: non-functional changes to console functions - conf: improve lxc_setup_dev_console() - conf: lxc_setup_ttydir_console() - config: remove /dev/console bind mount - doc: document console behavior - utils: add lxc_unstack_mountpoint() - conf: unstack all mounts atop /dev/console - console: fail when we cannot allocate peer tty - start: remove umount2() - conf: non-functional changes - utils: handle > 2^31 in lxc_unstack_mountpoint() - Install systemd units for CentOS - Merge ubuntu and debiancase - start: add crucial details about lxc_spawn() * Cherry-pick some upstream fixes: - conf{,ile}: allow one to clear all config items - start: pin rootfs when privileged - conf: fix build without libcap - start: don't call lxc_map_ids() without id map - lxc-attach: allow for situations without /dev/tty - utils: fix num parsing functions - tests: lxc_safe_{u}int() add corner-case tests * Fix broken proxy detection in debian/tests/exercise * Only move lxc bash completion from /etc if we installed it there * Update tests to deal with cgroupv2 tree (recent systemd) * Drop un-needed lintian override -- Stéphane Graber <email address hidden> Thu, 18 May 2017 23:22:44 -0400
Available diffs
Superseded in yakkety-proposed |
lxc (2.0.8-0ubuntu1~16.10.1) yakkety; urgency=medium * New upstream bugfix release (2.0.8) (LP: #1691911): - Security fix for CVE-2017-5985 (previously fixed in Ubuntu) - All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. This may affect some automated environments that were relying on our default (very much insecure) users. - Make lxc-start-ephemeral Python 3.2-compatible - Fix typo - Allow build without sys/capability.h - lxc-opensuse: fix default value for release code - util: always malloc for setproctitle - util: update setproctitle comments - confile: clear lxc.network..ipv{4,6} when empty - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Make lxc-net return non-zero on failure - seccomp: allow x32 guests on amd64 hosts. - Add HAVE_LIBCAP - c/r: only supply --ext-mount-map for bind mounts - Added 'mkdir -p' functionality in create_or_remove_cgroup - Use LXC_ROOTFS_MOUNT in clonehostname hook - squeeze is not a supported release anymore, drop the key - start: dumb down SIGCHLD from WARN() to NOTICE() - log: fix lxc_unix_epoch_to_utc() - cgfsng: make trim() safer - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-user-nic: re-order #includes - lxc-user-nic: improve + bugfix - lxc-user-nic: delete link on failure - conf: only try to delete veth when privileged - Fix lxc-containers to support multiple bridges - Fix mixed tab/spaces in previous patch - lxc-alpine: use dl-cdn.a.o as default mirror instead of random one - lxc-checkconfig: verify new[ug]idmap are setuid-root - [templates] archlinux: resolve conflicting files - [templates] archlinux: noneed default_timezone variable - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tree-wide: include directly - conf/ile: make sure buffer is large enough - tree-wide: include directly - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - do not set the root password in the debian template - do not set insecure passwords - don't set a default password for altlinux, gentoo, openmandriva and pld - tools: exit with return code of lxc_execute() - Keep veth.pair.name on network shutdown - Makefile: fix static clang init.lxc build - Avoid waiting for bridge interface if disabled in sysconfig/lxc - Increased buffer length in print_stats() - avoid assigning to a variable which is not POSIX shell proof (bug #1498) - remove obsolete note about api stability - conf: less error prone pointer access - conf: lxc_map_ids() non-functional changes - caps: add lxc_{proc,file}_cap_is_set() - conf: check for {filecaps,setuid} on new{g,u}idmap - conf: improve log when mounting rootfs - ls: simplify the judgment condition when list active containers - fix typo introduced in #1509 - attach|unshare: fix the wrong comment - caps: skip file capability checks on android - autotools: check for cap_get_file - caps: return false if caps are not supported - conf: non-functional changes to setup_pts() - conf: use bind-mount for /dev/ptmx - conf: non-functional changes - utils: use loop device helpers from LXD - create ISSUE_TEMPLATE.md - cgroups: improve cgfsng debugging - issue template: fix typo - conf: close fd in lxc_setup_devpts() - conf: non-functional changes - utils: tweak lxc_mount_proc_if_needed() - Change sshd template to work with Ubuntu 17.04 - conf: order mount options - conf: add MS_LAZYTIME to mount options - monitor: report errno on exec() error - af unix: allow for maximum socket name - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference - monitor: simplify abstract socket logic - precise is not the latest LTS, let's use xenial instead - fix the wrong exit status - conf: non-functional changes lxc_fill_autodev() - conf: remove /dev/console from lxc_fill_autodev() - conf: non-functional changes lxc_setup() - conf: non-functional changes to console functions - conf: improve lxc_setup_dev_console() - conf: lxc_setup_ttydir_console() - config: remove /dev/console bind mount - doc: document console behavior - utils: add lxc_unstack_mountpoint() - conf: unstack all mounts atop /dev/console - console: fail when we cannot allocate peer tty - start: remove umount2() - conf: non-functional changes - utils: handle > 2^31 in lxc_unstack_mountpoint() - Install systemd units for CentOS - Merge ubuntu and debiancase - start: add crucial details about lxc_spawn() * Cherry-pick some upstream fixes: - conf{,ile}: allow one to clear all config items - start: pin rootfs when privileged - conf: fix build without libcap - start: don't call lxc_map_ids() without id map - lxc-attach: allow for situations without /dev/tty - utils: fix num parsing functions - tests: lxc_safe_{u}int() add corner-case tests * Fix broken proxy detection in debian/tests/exercise * Only move lxc bash completion from /etc if we installed it there * Update tests to deal with cgroupv2 tree (recent systemd) * Drop un-needed lintian override -- Stéphane Graber <email address hidden> Thu, 18 May 2017 23:18:57 -0400
Available diffs
Superseded in xenial-proposed |
lxc (2.0.8-0ubuntu1~16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.8) (LP: #1691911): - Security fix for CVE-2017-5985 (previously fixed in Ubuntu) - All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. This may affect some automated environments that were relying on our default (very much insecure) users. - Make lxc-start-ephemeral Python 3.2-compatible - Fix typo - Allow build without sys/capability.h - lxc-opensuse: fix default value for release code - util: always malloc for setproctitle - util: update setproctitle comments - confile: clear lxc.network..ipv{4,6} when empty - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Make lxc-net return non-zero on failure - seccomp: allow x32 guests on amd64 hosts. - Add HAVE_LIBCAP - c/r: only supply --ext-mount-map for bind mounts - Added 'mkdir -p' functionality in create_or_remove_cgroup - Use LXC_ROOTFS_MOUNT in clonehostname hook - squeeze is not a supported release anymore, drop the key - start: dumb down SIGCHLD from WARN() to NOTICE() - log: fix lxc_unix_epoch_to_utc() - cgfsng: make trim() safer - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-user-nic: re-order #includes - lxc-user-nic: improve + bugfix - lxc-user-nic: delete link on failure - conf: only try to delete veth when privileged - Fix lxc-containers to support multiple bridges - Fix mixed tab/spaces in previous patch - lxc-alpine: use dl-cdn.a.o as default mirror instead of random one - lxc-checkconfig: verify new[ug]idmap are setuid-root - [templates] archlinux: resolve conflicting files - [templates] archlinux: noneed default_timezone variable - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tree-wide: include directly - conf/ile: make sure buffer is large enough - tree-wide: include directly - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - do not set the root password in the debian template - do not set insecure passwords - don't set a default password for altlinux, gentoo, openmandriva and pld - tools: exit with return code of lxc_execute() - Keep veth.pair.name on network shutdown - Makefile: fix static clang init.lxc build - Avoid waiting for bridge interface if disabled in sysconfig/lxc - Increased buffer length in print_stats() - avoid assigning to a variable which is not POSIX shell proof (bug #1498) - remove obsolete note about api stability - conf: less error prone pointer access - conf: lxc_map_ids() non-functional changes - caps: add lxc_{proc,file}_cap_is_set() - conf: check for {filecaps,setuid} on new{g,u}idmap - conf: improve log when mounting rootfs - ls: simplify the judgment condition when list active containers - fix typo introduced in #1509 - attach|unshare: fix the wrong comment - caps: skip file capability checks on android - autotools: check for cap_get_file - caps: return false if caps are not supported - conf: non-functional changes to setup_pts() - conf: use bind-mount for /dev/ptmx - conf: non-functional changes - utils: use loop device helpers from LXD - create ISSUE_TEMPLATE.md - cgroups: improve cgfsng debugging - issue template: fix typo - conf: close fd in lxc_setup_devpts() - conf: non-functional changes - utils: tweak lxc_mount_proc_if_needed() - Change sshd template to work with Ubuntu 17.04 - conf: order mount options - conf: add MS_LAZYTIME to mount options - monitor: report errno on exec() error - af unix: allow for maximum socket name - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference - monitor: simplify abstract socket logic - precise is not the latest LTS, let's use xenial instead - fix the wrong exit status - conf: non-functional changes lxc_fill_autodev() - conf: remove /dev/console from lxc_fill_autodev() - conf: non-functional changes lxc_setup() - conf: non-functional changes to console functions - conf: improve lxc_setup_dev_console() - conf: lxc_setup_ttydir_console() - config: remove /dev/console bind mount - doc: document console behavior - utils: add lxc_unstack_mountpoint() - conf: unstack all mounts atop /dev/console - console: fail when we cannot allocate peer tty - start: remove umount2() - conf: non-functional changes - utils: handle > 2^31 in lxc_unstack_mountpoint() - Install systemd units for CentOS - Merge ubuntu and debiancase - start: add crucial details about lxc_spawn() * Cherry-pick some upstream fixes: - conf{,ile}: allow one to clear all config items - start: pin rootfs when privileged - conf: fix build without libcap - start: don't call lxc_map_ids() without id map - lxc-attach: allow for situations without /dev/tty - utils: fix num parsing functions - tests: lxc_safe_{u}int() add corner-case tests * Fix broken proxy detection in debian/tests/exercise * Only move lxc bash completion from /etc if we installed it there * Update tests to deal with cgroupv2 tree (recent systemd) * Drop un-needed lintian override -- Stéphane Graber <email address hidden> Thu, 18 May 2017 23:08:57 -0400
Available diffs
lxc (2.0.8-0ubuntu2) artful; urgency=medium * Cherry-pick some upstream fixes: - conf{,ile}: allow one to clear all config items - start: pin rootfs when privileged - conf: fix build without libcap - start: don't call lxc_map_ids() without id map - lxc-attach: allow for situations without /dev/tty - utils: fix num parsing functions - tests: lxc_safe_{u}int() add corner-case tests -- Stéphane Graber <email address hidden> Tue, 16 May 2017 13:35:34 -0400
Available diffs
lxc (2.0.8-0ubuntu1) artful; urgency=medium * New upstream bugfix release (2.0.8): - Security fix for CVE-2017-5985 (previously fixed in Ubuntu) - All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. This may affect some automated environments that were relying on our default (very much insecure) users. - Make lxc-start-ephemeral Python 3.2-compatible - Fix typo - Allow build without sys/capability.h - lxc-opensuse: fix default value for release code - util: always malloc for setproctitle - util: update setproctitle comments - confile: clear lxc.network..ipv{4,6} when empty - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Make lxc-net return non-zero on failure - seccomp: allow x32 guests on amd64 hosts. - Add HAVE_LIBCAP - c/r: only supply --ext-mount-map for bind mounts - Added 'mkdir -p' functionality in create_or_remove_cgroup - Use LXC_ROOTFS_MOUNT in clonehostname hook - squeeze is not a supported release anymore, drop the key - start: dumb down SIGCHLD from WARN() to NOTICE() - log: fix lxc_unix_epoch_to_utc() - cgfsng: make trim() safer - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-user-nic: re-order #includes - lxc-user-nic: improve + bugfix - lxc-user-nic: delete link on failure - conf: only try to delete veth when privileged - Fix lxc-containers to support multiple bridges - Fix mixed tab/spaces in previous patch - lxc-alpine: use dl-cdn.a.o as default mirror instead of random one - lxc-checkconfig: verify new[ug]idmap are setuid-root - [templates] archlinux: resolve conflicting files - [templates] archlinux: noneed default_timezone variable - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tree-wide: include directly - conf/ile: make sure buffer is large enough - tree-wide: include directly - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - do not set the root password in the debian template - do not set insecure passwords - don't set a default password for altlinux, gentoo, openmandriva and pld - tools: exit with return code of lxc_execute() - Keep veth.pair.name on network shutdown - Makefile: fix static clang init.lxc build - Avoid waiting for bridge interface if disabled in sysconfig/lxc - Increased buffer length in print_stats() - avoid assigning to a variable which is not POSIX shell proof (bug #1498) - remove obsolete note about api stability - conf: less error prone pointer access - conf: lxc_map_ids() non-functional changes - caps: add lxc_{proc,file}_cap_is_set() - conf: check for {filecaps,setuid} on new{g,u}idmap - conf: improve log when mounting rootfs - ls: simplify the judgment condition when list active containers - fix typo introduced in #1509 - attach|unshare: fix the wrong comment - caps: skip file capability checks on android - autotools: check for cap_get_file - caps: return false if caps are not supported - conf: non-functional changes to setup_pts() - conf: use bind-mount for /dev/ptmx - conf: non-functional changes - utils: use loop device helpers from LXD - create ISSUE_TEMPLATE.md - cgroups: improve cgfsng debugging - issue template: fix typo - conf: close fd in lxc_setup_devpts() - conf: non-functional changes - utils: tweak lxc_mount_proc_if_needed() - Change sshd template to work with Ubuntu 17.04 - conf: order mount options - conf: add MS_LAZYTIME to mount options - monitor: report errno on exec() error - af unix: allow for maximum socket name - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference - monitor: simplify abstract socket logic - precise is not the latest LTS, let's use xenial instead - fix the wrong exit status - conf: non-functional changes lxc_fill_autodev() - conf: remove /dev/console from lxc_fill_autodev() - conf: non-functional changes lxc_setup() - conf: non-functional changes to console functions - conf: improve lxc_setup_dev_console() - conf: lxc_setup_ttydir_console() - config: remove /dev/console bind mount - doc: document console behavior - utils: add lxc_unstack_mountpoint() - conf: unstack all mounts atop /dev/console - console: fail when we cannot allocate peer tty - start: remove umount2() - conf: non-functional changes - utils: handle > 2^31 in lxc_unstack_mountpoint() - Install systemd units for CentOS - Merge ubuntu and debiancase - start: add crucial details about lxc_spawn() * Fix broken proxy detection in debian/tests/exercise * Only move lxc bash completion from /etc if we installed it there -- Stéphane Graber <email address hidden> Fri, 12 May 2017 12:30:47 -0400
Available diffs
- diff from 2.0.7-0ubuntu4 to 2.0.8-0ubuntu1 (47.8 KiB)
lxc (2.0.7-0ubuntu4) artful; urgency=medium * Update test-suite to skip 'hybrid' (v1 & v2 mounted simultaniously) cgroups for now. LP: #1690125 -- Dimitri John Ledkov <email address hidden> Thu, 11 May 2017 12:01:33 +0100
Available diffs
Superseded in artful-proposed |
lxc (2.0.7-0ubuntu3) artful; urgency=medium * Update test-suite to skip 'hybrid' (v1 & v2 mounted simultaniously) cgroups for now. LP: #1690125 * No need to move bash completion, already installed into usr/share -- Dimitri John Ledkov <email address hidden> Thu, 11 May 2017 12:01:33 +0100
Available diffs
lxc (1.0.9-0ubuntu3) trusty-security; urgency=medium * SECURITY UPDATE: lxc-user-nic doesn't check netns ownership (LP: #1654676) - Ensure target netns is caller-owned - CVE-2017-5985 -- Stéphane Graber <email address hidden> Tue, 07 Mar 2017 14:39:58 -0500
Available diffs
lxc (2.0.7-0ubuntu1~16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: lxc-user-nic doesn't check netns ownership (LP: #1654676) - Ensure target netns is caller-owned - CVE-2017-5985 -- Stéphane Graber <email address hidden> Tue, 07 Mar 2017 14:37:03 -0500
Available diffs
lxc (2.0.7-0ubuntu1~16.10.2) yakkety-security; urgency=medium * SECURITY UPDATE: lxc-user-nic doesn't check netns ownership (LP: #1654676) - Ensure target netns is caller-owned - CVE-2017-5985 -- Stéphane Graber <email address hidden> Tue, 07 Mar 2017 14:36:12 -0500
Available diffs
lxc (2.0.7-0ubuntu2) zesty-security; urgency=medium * SECURITY UPDATE: lxc-user-nic doesn't check netns ownership (LP: #1654676) - Ensure target netns is caller-owned - CVE-2017-5985 -- Stéphane Graber <email address hidden> Tue, 07 Mar 2017 14:33:46 -0500
Available diffs
Superseded in trusty-backports |
lxc (2.0.7-0ubuntu1~14.04.1) trusty-backports; urgency=medium * Backport to trusty * Add a versioned build-dependency on trusty-backports' libseccomp-dev. * Add a versioned dependency to liblxc1 on trusty-backports' cgroup-lite. -- Stéphane Graber <email address hidden> Tue, 14 Feb 2017 12:11:55 -0500
Available diffs
lxc (2.0.7-0ubuntu1~16.10.1) yakkety; urgency=medium * New upstream bugfix release (2.0.7) (LP: #1660844) - attach: Close lsm label file descriptor - attach: Non-functional changes - attach: Simplify lsm_openat() - caps: Add lxc_cap_is_set() - conf: attach: Save errno across call to close - conf: Clearly report to either use drop or keep - conf: criu: Add make_anonymous_mount_file() - conf: Fix suggest_default_idmap() - configure: Add --enable-gnutls option - configure: Check for memfd_create() - configure: Check whether gettid() is declared - configure: Do not allow variable length arrays - configure: Remove -Werror=vla - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev() - conf: Non-functional changes - conf: Remove thread-unsafe strsignal + improve log - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - log: Add lxc_unix_epoch_to_utc() - log: Annotate lxc_unix_epoch_to_utc() - log: Drop all timezone conversion functions - log: Make sure that date is correctly formatted - log: Use lxc_unix_epoch_to_utc() - log: Use N/A if getpid() != gettid() when threaded - log: Use thread-safe localtime_r() - lvm: Suppress warnings about leaked files - lxccontainer: Log failure to send sig to init pid - monitor: Add more logging - monitor: Close mainloop on exit if we opened it - monitor: Improve log + set log level to DEBUG - monitor: Log which pipe fd is currently used - monitor: Make lxc-monitord async signal safe - monitor: Non-functional changes - python3-lxc: Fix api_test.py on s390x - start: Check for CAP_SETGID before setgroups() - start: Fix execute and improve setgroups() calls - state: Use async signal safe fun in lxc_wait() - templates: lxc-debian: Don't read from /usr/lib/systemd on the host - templates: lxc-debian: Fix getty service startup - templates: lxc-debian: Fix typo with dpkg --print-foreign-architectures - templates: lxc-debian: Handle ppc hostarch -> powerpc - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2 - templates: lxc-opensuse: Remove libgcc_s1 - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy - templates: lxc-opensuse: Set to be unconfined by AppArmor - templates: lxc-opensuse: Update for Leap 42.2 - tests; Don't cause test failures on cleanup errors - tests: Skip unpriv tests on broken overlay module - tools: Improve logging - tools: lxc-start: Remove c->is_defined(c) check - tools: lxc-start: Set configfile after load_config - tools: Only check for O_RDONLY - tree-wide: Random macro cleanups - tree-wide: Remove any variable length arrays - tree-wide: Sic semper assertis! - utils: Add macro __LXC_NUMSTRLEN - utils: Add uid, gid, group convenience wrappers * Cherry-pick upstream bugfix: - 0002-Make-lxc-start-ephemeral-Python-3.2-compatible.patch * Resolve lintian warnings - Drop un-needed overrides - Fix typos in debian/control -- Stéphane Graber <email address hidden> Tue, 31 Jan 2017 18:25:29 -0500
Available diffs
lxc (2.0.7-0ubuntu1~16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.7) (LP: #1660844) - attach: Close lsm label file descriptor - attach: Non-functional changes - attach: Simplify lsm_openat() - caps: Add lxc_cap_is_set() - conf: attach: Save errno across call to close - conf: Clearly report to either use drop or keep - conf: criu: Add make_anonymous_mount_file() - conf: Fix suggest_default_idmap() - configure: Add --enable-gnutls option - configure: Check for memfd_create() - configure: Check whether gettid() is declared - configure: Do not allow variable length arrays - configure: Remove -Werror=vla - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev() - conf: Non-functional changes - conf: Remove thread-unsafe strsignal + improve log - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - log: Add lxc_unix_epoch_to_utc() - log: Annotate lxc_unix_epoch_to_utc() - log: Drop all timezone conversion functions - log: Make sure that date is correctly formatted - log: Use lxc_unix_epoch_to_utc() - log: Use N/A if getpid() != gettid() when threaded - log: Use thread-safe localtime_r() - lvm: Suppress warnings about leaked files - lxccontainer: Log failure to send sig to init pid - monitor: Add more logging - monitor: Close mainloop on exit if we opened it - monitor: Improve log + set log level to DEBUG - monitor: Log which pipe fd is currently used - monitor: Make lxc-monitord async signal safe - monitor: Non-functional changes - python3-lxc: Fix api_test.py on s390x - start: Check for CAP_SETGID before setgroups() - start: Fix execute and improve setgroups() calls - state: Use async signal safe fun in lxc_wait() - templates: lxc-debian: Don't read from /usr/lib/systemd on the host - templates: lxc-debian: Fix getty service startup - templates: lxc-debian: Fix typo with dpkg --print-foreign-architectures - templates: lxc-debian: Handle ppc hostarch -> powerpc - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2 - templates: lxc-opensuse: Remove libgcc_s1 - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy - templates: lxc-opensuse: Set to be unconfined by AppArmor - templates: lxc-opensuse: Update for Leap 42.2 - tests; Don't cause test failures on cleanup errors - tests: Skip unpriv tests on broken overlay module - tools: Improve logging - tools: lxc-start: Remove c->is_defined(c) check - tools: lxc-start: Set configfile after load_config - tools: Only check for O_RDONLY - tree-wide: Random macro cleanups - tree-wide: Remove any variable length arrays - tree-wide: Sic semper assertis! - utils: Add macro __LXC_NUMSTRLEN - utils: Add uid, gid, group convenience wrappers * Cherry-pick upstream bugfix: - 0002-Make-lxc-start-ephemeral-Python-3.2-compatible.patch * Resolve lintian warnings - Drop un-needed overrides - Fix typos in debian/control -- Stéphane Graber <email address hidden> Tue, 31 Jan 2017 18:37:52 -0500
Available diffs
lxc (2.0.7-0ubuntu1) zesty; urgency=medium * New upstream bugfix release (2.0.7): - attach: Close lsm label file descriptor - attach: Non-functional changes - attach: Simplify lsm_openat() - caps: Add lxc_cap_is_set() - conf: attach: Save errno across call to close - conf: Clearly report to either use drop or keep - conf: criu: Add make_anonymous_mount_file() - conf: Fix suggest_default_idmap() - configure: Add --enable-gnutls option - configure: Check for memfd_create() - configure: Check whether gettid() is declared - configure: Do not allow variable length arrays - configure: Remove -Werror=vla - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev() - conf: Non-functional changes - conf: Remove thread-unsafe strsignal + improve log - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - log: Add lxc_unix_epoch_to_utc() - log: Annotate lxc_unix_epoch_to_utc() - log: Drop all timezone conversion functions - log: Make sure that date is correctly formatted - log: Use lxc_unix_epoch_to_utc() - log: Use N/A if getpid() != gettid() when threaded - log: Use thread-safe localtime_r() - lvm: Suppress warnings about leaked files - lxccontainer: Log failure to send sig to init pid - monitor: Add more logging - monitor: Close mainloop on exit if we opened it - monitor: Improve log + set log level to DEBUG - monitor: Log which pipe fd is currently used - monitor: Make lxc-monitord async signal safe - monitor: Non-functional changes - python3-lxc: Fix api_test.py on s390x - start: Check for CAP_SETGID before setgroups() - start: Fix execute and improve setgroups() calls - state: Use async signal safe fun in lxc_wait() - templates: lxc-debian: Don't try to read /usr/lib/systemd on the host - templates: lxc-debian: Fix getty service startup - templates: lxc-debian: Fix typo with dpkg --print-foreign-architectures - templates: lxc-debian: Handle ppc hostarch -> powerpc - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2 - templates: lxc-opensuse: Remove libgcc_s1 - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy - templates: lxc-opensuse: Set to be unconfined by AppArmor - templates: lxc-opensuse: Update for Leap 42.2 - tests; Don't cause test failures on cleanup errors - tests: Skip unpriv tests on broken overlay module - tools: Improve logging - tools: lxc-start: Remove c->is_defined(c) check - tools: lxc-start: Set configfile after load_config - tools: Only check for O_RDONLY - tree-wide: Random macro cleanups - tree-wide: Remove any variable length arrays - tree-wide: Sic semper assertis! - utils: Add macro __LXC_NUMSTRLEN - utils: Add uid, gid, group convenience wrappers * Cherry-pick upstream bugfix: - 0002-Make-lxc-start-ephemeral-Python-3.2-compatible.patch * Resolve lintian warnings - Drop un-needed overrides - Fix typos in debian/control -- Stéphane Graber <email address hidden> Fri, 27 Jan 2017 17:21:52 -0500
Available diffs
- diff from 2.0.6-0ubuntu5 to 2.0.7-0ubuntu1 (48.5 KiB)
Published in precise-backports |
lxc (1.0.9-0ubuntu2~ubuntu12.04.1) precise-backports; urgency=medium * No-change backport to precise (LP: #1647016) -- Stéphane Graber <email address hidden> Thu, 26 Jan 2017 19:50:54 -0500
Available diffs
lxc (2.0.6-0ubuntu1~ubuntu16.04.2) xenial; urgency=medium * Cherry-pick upstream bugfix: - 0003-tools-only-check-for-O_RDONLY.patch (LP: #1653725) -- Stéphane Graber <email address hidden> Wed, 04 Jan 2017 19:52:32 -0500
Available diffs
lxc (2.0.6-0ubuntu1~ubuntu16.10.2) yakkety; urgency=medium * Cherry-pick upstream bugfix: - 0003-tools-only-check-for-O_RDONLY.patch (LP: #1653725) -- Stéphane Graber <email address hidden> Wed, 04 Jan 2017 19:51:22 -0500
Available diffs
lxc (2.0.6-0ubuntu5) zesty; urgency=medium * Cherry-pick upstream bugfix: - 0003-tools-only-check-for-O_RDONLY.patch (LP: #1653725) -- Stéphane Graber <email address hidden> Wed, 04 Jan 2017 14:11:45 -0500
Available diffs
lxc (1.0.9-0ubuntu2) trusty; urgency=medium * Cherry-pick upstream bugfix (LP: #1647016): - 0001-tests-skip-unpriv-tests-on-broken-overlay-module.patch -- Stéphane Graber <email address hidden> Wed, 04 Jan 2017 12:38:37 -0500
Available diffs
Superseded in trusty-backports |
lxc (2.0.6-0ubuntu1~ubuntu14.04.1) trusty-backports; urgency=medium * Backport to trusty * Add a versioned build-dependency on trusty-backports' libseccomp-dev. * Add a versioned dependency to liblxc1 on trusty-backports' cgroup-lite. -- Stéphane Graber <email address hidden> Wed, 21 Dec 2016 22:28:05 -0500
Available diffs
Superseded in trusty-proposed |
lxc (1.0.9-0ubuntu1) trusty; urgency=medium * New upstream bugfix release. (LP: #1647016) - Security fix for CVE-2016-8649 - utils: make detect_ramfs_rootfs() return bool - tests: add test for detect_ramfs_rootfs() - add Documentation entries to lxc and lxc@ units - mark the python examples as having utf-8 encoding - log: sanity check the returned value from snprintf() - lxc-alpine: mount /dev/shm as tmpfs - archlinux: Do DHCP on eth0 - archlinux: Fix resolving - Drop leftover references to lxc_strerror() - tests: fix image download for s390x - tools: fix coding style in lxc_attach - tools: make overlay valid backend - tools: better error reporting for lxc-start - alpine: Fix installing extra packages - lxc-alpine: do not drop setfcap - s390x: Fix seccomp handling of personalities - tools: correct the argument typo in lxc_copy - Use libtool for liblxc.so - c/r: use --external instead of --veth-pair - c/r: remember to increment netnr - c/r: add checkpoint/restore support for macvlan interfaces - ubuntu: Fix package upgrades requiring proc - c/r: drop duplicate hunk from macvlan case - c/r: use snprintf to compute device name - Tweak libtool handling to work with Android - tests: add lxc_error() and lxc_debug() - container start: clone newcgroup immediately - use python3_sitearch for including the python code - fix rpm build, include all built files, but only once - cgfs: fix invalid free() - find OpenSUSE's build also as obs-build - improve help text for --fancy and --fancy-format - improve wording of the help page for lxc-ls - cgfs: add print_cgfs_init_debuginfo() - cgfs: skip empty entries under /proc/self/cgroup - cgfs: explicitly check for NULL - tools: use correct exit code for lxc-stop - c/r: explicitly emit bind mounts as criu arguments - log: bump LXC_LOG_BUFFER_SIZE to 4096 - conf: merge network namespace move & rename on shutdown - c/r: save criu's stdout during dump too - c/r: remove extra \ns from logs - c/r: fix off-by-one error - c/r: check state before doing a checkpoint/restore - start: CLONE_NEWCGROUP after we have setup cgroups - create symlink for /var/run - utils: add lxc_append_string() - cgroups: remove isolated cpus from cpuset.cpus - Update Ubuntu release name: add zesty and remove wily - templates: add squashfs support to lxc-ubuntu-cloud.in - cgroups: skip v2 hierarchy entry - also stop lxc-net in runlevels 0 and 6 - add lxc.egg-info to gitignore - install bash completion where pkg-config tells us to - conf: do not use %m format specifier - debian: Don't depend on libui-dialog-perl - cgroups: use %zu format specifier to print size_t - lxc-checkpoint: automatically detect if --external or --veth-pair - cgroups: prevent segfault in cgfsng - utils: add lxc_preserve_ns() - start: add netnsfd to lxc_handler - conf: use lxc_preserve_ns() - attach: use lxc_preserve_ns() - lxc_user_nic: use lxc_preserve_ns() - conf, start: improve log output - conf: explicitly remove veth device from host - conf, start: be smarter when deleting networks - start, utils: improve preserve_ns() - start, error: improve log + non-functional changes - start, namespace: move ns_info to namespace.{c,h} - attach, utils: bugfixes - attach: use ns_info[LXC_NS_MAX] struct - namespace: always attach to user namespace first - cgroup: improve isolcpus handling - cgroups: handle non-existent isolcpus file - utils: add lxc_safe_uint() - tests: add unit tests for lxc_safe_uint() - utils: add lxc_safe_int() - tests: add unit tests for lxc_safe_int() - conf/ile: get ip prefix via lxc_safe_uint() - confile: use lxc_safe_u/int in config_init_{u,g}id - conf/ile: use lxc_safe_uint() in config_pts() - conf/ile: use lxc_safe_u/int() in config_start() - conf/ile: use lxc_safe_uint() in config_monitor() - conf/ile: use lxc_safe_uint() in config_tty() - conf/ile: use lxc_safe_uint() in config_kmsg() - conf/ile: avoid atoi in config_lsm_aa_incomplete() - conf/ile: use lxc_safe_uint() in config_autodev() - conf/ile: avoid atoi() in config_ephemeral() - utils: use lxc_safe_int() - lxc_monitord: use lxc_safe_int() && use exit() - start: use lxc_safe_int() - conf: use lxc_safe_{u}int() - tools/lxc_execute: use lxc_safe_uint() - tools/lxc_stop: use lxc_safe_uint() - utils: add lxc_safe_long() - tests: add unit tests for lxc_safe_long() - tools/lxc_stop: use lxc_safe_long() - tools/lxc_top: use lxc_safe_int() - tools/lxc_ls: use lxc_safe_uint() - tools/lxc_autostart: use lxc_safe_{int,long}() - tools/lxc_console: use lxc_safe_uint() - tools: replace non-standard namespace identifiers - Configure a static MAC address on the LXC bridge - tests: remove overflow tests - attach: do not send procfd to attached process * Autopkgtest: - Restrict tests to run on standalone systems. -- Stéphane Graber <email address hidden> Sat, 03 Dec 2016 00:16:35 -0500
Available diffs
- diff from 1.0.8-0ubuntu0.3 to 1.0.9-0ubuntu1 (73.1 KiB)
lxc (2.0.6-0ubuntu1~ubuntu16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.6) (LP: #1647010): - Security fix for CVE-2016-8649 - utils: make detect_ramfs_rootfs() return bool - tests: add test for detect_ramfs_rootfs() - add Documentation entries to lxc and lxc@ units - mark the python examples as having utf-8 encoding - log: sanity check the returned value from snprintf() - lxc-alpine: mount /dev/shm as tmpfs - archlinux: Do DHCP on eth0 - archlinux: Fix resolving - Drop leftover references to lxc_strerror() - tests: fix image download for s390x - tools: fix coding style in lxc_attach - tools: make overlay valid backend - tools: better error reporting for lxc-start - alpine: Fix installing extra packages - lxc-alpine: do not drop setfcap - s390x: Fix seccomp handling of personalities - tools: correct the argument typo in lxc_copy - Use libtool for liblxc.so - c/r: use --external instead of --veth-pair - c/r: remember to increment netnr - c/r: add checkpoint/restore support for macvlan interfaces - ubuntu: Fix package upgrades requiring proc - c/r: drop duplicate hunk from macvlan case - c/r: use snprintf to compute device name - Tweak libtool handling to work with Android - tests: add lxc_error() and lxc_debug() - container start: clone newcgroup immediately - use python3_sitearch for including the python code - fix rpm build, include all built files, but only once - cgfs: fix invalid free() - find OpenSUSE's build also as obs-build - improve help text for --fancy and --fancy-format - improve wording of the help page for lxc-ls - cgfs: add print_cgfs_init_debuginfo() - cgfs: skip empty entries under /proc/self/cgroup - cgfs: explicitly check for NULL - tools: use correct exit code for lxc-stop - c/r: explicitly emit bind mounts as criu arguments - log: bump LXC_LOG_BUFFER_SIZE to 4096 - conf: merge network namespace move & rename on shutdown - c/r: save criu's stdout during dump too - c/r: remove extra \ns from logs - c/r: fix off-by-one error - c/r: check state before doing a checkpoint/restore - start: CLONE_NEWCGROUP after we have setup cgroups - create symlink for /var/run - utils: add lxc_append_string() - cgroups: remove isolated cpus from cpuset.cpus - Update Ubuntu release name: add zesty and remove wily - templates: add squashfs support to lxc-ubuntu-cloud.in - cgroups: skip v2 hierarchy entry - also stop lxc-net in runlevels 0 and 6 - add lxc.egg-info to gitignore - install bash completion where pkg-config tells us to - conf: do not use %m format specifier - debian: Don't depend on libui-dialog-perl - cgroups: use %zu format specifier to print size_t - lxc-checkpoint: automatically detect if --external or --veth-pair - cgroups: prevent segfault in cgfsng - utils: add lxc_preserve_ns() - start: add netnsfd to lxc_handler - conf: use lxc_preserve_ns() - attach: use lxc_preserve_ns() - lxc_user_nic: use lxc_preserve_ns() - conf, start: improve log output - conf: explicitly remove veth device from host - conf, start: be smarter when deleting networks - start, utils: improve preserve_ns() - start, error: improve log + non-functional changes - start, namespace: move ns_info to namespace.{c,h} - attach, utils: bugfixes - attach: use ns_info[LXC_NS_MAX] struct - namespace: always attach to user namespace first - cgroup: improve isolcpus handling - cgroups: handle non-existent isolcpus file - utils: add lxc_safe_uint() - tests: add unit tests for lxc_safe_uint() - utils: add lxc_safe_int() - tests: add unit tests for lxc_safe_int() - conf/ile: get ip prefix via lxc_safe_uint() - confile: use lxc_safe_u/int in config_init_{u,g}id - conf/ile: use lxc_safe_uint() in config_pts() - conf/ile: use lxc_safe_u/int() in config_start() - conf/ile: use lxc_safe_uint() in config_monitor() - conf/ile: use lxc_safe_uint() in config_tty() - conf/ile: use lxc_safe_uint() in config_kmsg() - conf/ile: avoid atoi in config_lsm_aa_incomplete() - conf/ile: use lxc_safe_uint() in config_autodev() - conf/ile: avoid atoi() in config_ephemeral() - utils: use lxc_safe_int() - lxc_monitord: use lxc_safe_int() && use exit() - start: use lxc_safe_int() - conf: use lxc_safe_{u}int() - tools/lxc_execute: use lxc_safe_uint() - tools/lxc_stop: use lxc_safe_uint() - utils: add lxc_safe_long() - tests: add unit tests for lxc_safe_long() - tools/lxc_stop: use lxc_safe_long() - tools/lxc_top: use lxc_safe_int() - tools/lxc_ls: use lxc_safe_uint() - tools/lxc_autostart: use lxc_safe_{int,long}() - tools/lxc_console: use lxc_safe_uint() - tools: replace non-standard namespace identifiers - Configure a static MAC address on the LXC bridge - tests: remove overflow tests - attach: do not send procfd to attached process * Remaining patches: - 0001-Allocate-new-lxcbr0-subnet-at-startup-time.patch * Cherry-pick bugfix from upstream: - tests: Don't cause test failures on-cleanup errors * Autopkgtest: - Re-enable lxc-test-ubuntu on yakkety/zesty (template was fixed). - Workaround autopkgtest failures when using gpg2 with dirmngr. - Restrict tests to run on standalone systems. -- Stéphane Graber <email address hidden> Fri, 02 Dec 2016 23:15:21 -0500
lxc (2.0.6-0ubuntu1~ubuntu16.10.1) yakkety; urgency=medium * New upstream bugfix release (2.0.6) (LP: #1647010): - Security fix for CVE-2016-8649 - utils: make detect_ramfs_rootfs() return bool - tests: add test for detect_ramfs_rootfs() - add Documentation entries to lxc and lxc@ units - mark the python examples as having utf-8 encoding - log: sanity check the returned value from snprintf() - lxc-alpine: mount /dev/shm as tmpfs - archlinux: Do DHCP on eth0 - archlinux: Fix resolving - Drop leftover references to lxc_strerror() - tests: fix image download for s390x - tools: fix coding style in lxc_attach - tools: make overlay valid backend - tools: better error reporting for lxc-start - alpine: Fix installing extra packages - lxc-alpine: do not drop setfcap - s390x: Fix seccomp handling of personalities - tools: correct the argument typo in lxc_copy - Use libtool for liblxc.so - c/r: use --external instead of --veth-pair - c/r: remember to increment netnr - c/r: add checkpoint/restore support for macvlan interfaces - ubuntu: Fix package upgrades requiring proc - c/r: drop duplicate hunk from macvlan case - c/r: use snprintf to compute device name - Tweak libtool handling to work with Android - tests: add lxc_error() and lxc_debug() - container start: clone newcgroup immediately - use python3_sitearch for including the python code - fix rpm build, include all built files, but only once - cgfs: fix invalid free() - find OpenSUSE's build also as obs-build - improve help text for --fancy and --fancy-format - improve wording of the help page for lxc-ls - cgfs: add print_cgfs_init_debuginfo() - cgfs: skip empty entries under /proc/self/cgroup - cgfs: explicitly check for NULL - tools: use correct exit code for lxc-stop - c/r: explicitly emit bind mounts as criu arguments - log: bump LXC_LOG_BUFFER_SIZE to 4096 - conf: merge network namespace move & rename on shutdown - c/r: save criu's stdout during dump too - c/r: remove extra \ns from logs - c/r: fix off-by-one error - c/r: check state before doing a checkpoint/restore - start: CLONE_NEWCGROUP after we have setup cgroups - create symlink for /var/run - utils: add lxc_append_string() - cgroups: remove isolated cpus from cpuset.cpus - Update Ubuntu release name: add zesty and remove wily - templates: add squashfs support to lxc-ubuntu-cloud.in - cgroups: skip v2 hierarchy entry - also stop lxc-net in runlevels 0 and 6 - add lxc.egg-info to gitignore - install bash completion where pkg-config tells us to - conf: do not use %m format specifier - debian: Don't depend on libui-dialog-perl - cgroups: use %zu format specifier to print size_t - lxc-checkpoint: automatically detect if --external or --veth-pair - cgroups: prevent segfault in cgfsng - utils: add lxc_preserve_ns() - start: add netnsfd to lxc_handler - conf: use lxc_preserve_ns() - attach: use lxc_preserve_ns() - lxc_user_nic: use lxc_preserve_ns() - conf, start: improve log output - conf: explicitly remove veth device from host - conf, start: be smarter when deleting networks - start, utils: improve preserve_ns() - start, error: improve log + non-functional changes - start, namespace: move ns_info to namespace.{c,h} - attach, utils: bugfixes - attach: use ns_info[LXC_NS_MAX] struct - namespace: always attach to user namespace first - cgroup: improve isolcpus handling - cgroups: handle non-existent isolcpus file - utils: add lxc_safe_uint() - tests: add unit tests for lxc_safe_uint() - utils: add lxc_safe_int() - tests: add unit tests for lxc_safe_int() - conf/ile: get ip prefix via lxc_safe_uint() - confile: use lxc_safe_u/int in config_init_{u,g}id - conf/ile: use lxc_safe_uint() in config_pts() - conf/ile: use lxc_safe_u/int() in config_start() - conf/ile: use lxc_safe_uint() in config_monitor() - conf/ile: use lxc_safe_uint() in config_tty() - conf/ile: use lxc_safe_uint() in config_kmsg() - conf/ile: avoid atoi in config_lsm_aa_incomplete() - conf/ile: use lxc_safe_uint() in config_autodev() - conf/ile: avoid atoi() in config_ephemeral() - utils: use lxc_safe_int() - lxc_monitord: use lxc_safe_int() && use exit() - start: use lxc_safe_int() - conf: use lxc_safe_{u}int() - tools/lxc_execute: use lxc_safe_uint() - tools/lxc_stop: use lxc_safe_uint() - utils: add lxc_safe_long() - tests: add unit tests for lxc_safe_long() - tools/lxc_stop: use lxc_safe_long() - tools/lxc_top: use lxc_safe_int() - tools/lxc_ls: use lxc_safe_uint() - tools/lxc_autostart: use lxc_safe_{int,long}() - tools/lxc_console: use lxc_safe_uint() - tools: replace non-standard namespace identifiers - Configure a static MAC address on the LXC bridge - tests: remove overflow tests - attach: do not send procfd to attached process * Remaining patches: - 0001-Allocate-new-lxcbr0-subnet-at-startup-time.patch * Cherry-pick bugfix from upstream: - tests: Don't cause test failures on-cleanup errors * Autopkgtest: - Re-enable lxc-test-ubuntu on yakkety/zesty (template was fixed). - Workaround autopkgtest failures when using gpg2 with dirmngr. - Restrict tests to run on standalone systems. -- Stéphane Graber <email address hidden> Fri, 02 Dec 2016 23:15:21 -0500
lxc (2.0.6-0ubuntu4) zesty; urgency=medium * Cherry-pick upstream bugfix: - tests: Don't cause test failures on-cleanup errors -- Stéphane Graber <email address hidden> Thu, 01 Dec 2016 18:37:52 -0500
Available diffs
- diff from 2.0.6-0ubuntu1 to 2.0.6-0ubuntu4 (1.6 KiB)
- diff from 2.0.6-0ubuntu3 to 2.0.6-0ubuntu4 (1.1 KiB)
Superseded in zesty-proposed |
lxc (2.0.6-0ubuntu3) zesty; urgency=medium * Properly escape the dirmngr command so it doesn't end up being an empty string... -- Stéphane Graber <email address hidden> Thu, 01 Dec 2016 16:08:30 -0500
Available diffs
- diff from 2.0.6-0ubuntu2 to 2.0.6-0ubuntu3 (488 bytes)
Superseded in zesty-proposed |
lxc (2.0.6-0ubuntu2) zesty; urgency=medium * Workaround autopkgtest failure when using gpg2 with dirmngr. * Restrict tests to run on standalone systems. -- Stéphane Graber <email address hidden> Thu, 01 Dec 2016 12:27:51 -0500
Available diffs
- diff from 2.0.6-0ubuntu1 to 2.0.6-0ubuntu2 (795 bytes)
lxc (2.0.6-0ubuntu1) zesty; urgency=medium * New upstream bugfix release (2.0.6): - Security fix for CVE-2016-8649 - utils: make detect_ramfs_rootfs() return bool - tests: add test for detect_ramfs_rootfs() - add Documentation entries to lxc and lxc@ units - mark the python examples as having utf-8 encoding - log: sanity check the returned value from snprintf() - lxc-alpine: mount /dev/shm as tmpfs - archlinux: Do DHCP on eth0 - archlinux: Fix resolving - Drop leftover references to lxc_strerror() - tests: fix image download for s390x - tools: fix coding style in lxc_attach - tools: make overlay valid backend - tools: better error reporting for lxc-start - alpine: Fix installing extra packages - lxc-alpine: do not drop setfcap - s390x: Fix seccomp handling of personalities - tools: correct the argument typo in lxc_copy - Use libtool for liblxc.so - c/r: use --external instead of --veth-pair - c/r: remember to increment netnr - c/r: add checkpoint/restore support for macvlan interfaces - ubuntu: Fix package upgrades requiring proc - c/r: drop duplicate hunk from macvlan case - c/r: use snprintf to compute device name - Tweak libtool handling to work with Android - tests: add lxc_error() and lxc_debug() - container start: clone newcgroup immediately - use python3_sitearch for including the python code - fix rpm build, include all built files, but only once - cgfs: fix invalid free() - find OpenSUSE's build also as obs-build - improve help text for --fancy and --fancy-format - improve wording of the help page for lxc-ls - cgfs: add print_cgfs_init_debuginfo() - cgfs: skip empty entries under /proc/self/cgroup - cgfs: explicitly check for NULL - tools: use correct exit code for lxc-stop - c/r: explicitly emit bind mounts as criu arguments - log: bump LXC_LOG_BUFFER_SIZE to 4096 - conf: merge network namespace move & rename on shutdown - c/r: save criu's stdout during dump too - c/r: remove extra \ns from logs - c/r: fix off-by-one error - c/r: check state before doing a checkpoint/restore - start: CLONE_NEWCGROUP after we have setup cgroups - create symlink for /var/run - utils: add lxc_append_string() - cgroups: remove isolated cpus from cpuset.cpus - Update Ubuntu release name: add zesty and remove wily - templates: add squashfs support to lxc-ubuntu-cloud.in - cgroups: skip v2 hierarchy entry - also stop lxc-net in runlevels 0 and 6 - add lxc.egg-info to gitignore - install bash completion where pkg-config tells us to - conf: do not use %m format specifier - debian: Don't depend on libui-dialog-perl - cgroups: use %zu format specifier to print size_t - lxc-checkpoint: automatically detect if --external or --veth-pair - cgroups: prevent segfault in cgfsng - utils: add lxc_preserve_ns() - start: add netnsfd to lxc_handler - conf: use lxc_preserve_ns() - attach: use lxc_preserve_ns() - lxc_user_nic: use lxc_preserve_ns() - conf, start: improve log output - conf: explicitly remove veth device from host - conf, start: be smarter when deleting networks - start, utils: improve preserve_ns() - start, error: improve log + non-functional changes - start, namespace: move ns_info to namespace.{c,h} - attach, utils: bugfixes - attach: use ns_info[LXC_NS_MAX] struct - namespace: always attach to user namespace first - cgroup: improve isolcpus handling - cgroups: handle non-existent isolcpus file - utils: add lxc_safe_uint() - tests: add unit tests for lxc_safe_uint() - utils: add lxc_safe_int() - tests: add unit tests for lxc_safe_int() - conf/ile: get ip prefix via lxc_safe_uint() - confile: use lxc_safe_u/int in config_init_{u,g}id - conf/ile: use lxc_safe_uint() in config_pts() - conf/ile: use lxc_safe_u/int() in config_start() - conf/ile: use lxc_safe_uint() in config_monitor() - conf/ile: use lxc_safe_uint() in config_tty() - conf/ile: use lxc_safe_uint() in config_kmsg() - conf/ile: avoid atoi in config_lsm_aa_incomplete() - conf/ile: use lxc_safe_uint() in config_autodev() - conf/ile: avoid atoi() in config_ephemeral() - utils: use lxc_safe_int() - lxc_monitord: use lxc_safe_int() && use exit() - start: use lxc_safe_int() - conf: use lxc_safe_{u}int() - tools/lxc_execute: use lxc_safe_uint() - tools/lxc_stop: use lxc_safe_uint() - utils: add lxc_safe_long() - tests: add unit tests for lxc_safe_long() - tools/lxc_stop: use lxc_safe_long() - tools/lxc_top: use lxc_safe_int() - tools/lxc_ls: use lxc_safe_uint() - tools/lxc_autostart: use lxc_safe_{int,long}() - tools/lxc_console: use lxc_safe_uint() - tools: replace non-standard namespace identifiers - Configure a static MAC address on the LXC bridge - tests: remove overflow tests - attach: do not send procfd to attached process * Remaining patches: - 0001-Allocate-new-lxcbr0-subnet-at-startup-time.patch * Re-enable lxc-test-ubuntu on yakkety/zesty (template was fixed). -- Stéphane Graber <email address hidden> Wed, 23 Nov 2016 23:56:02 -0500
Available diffs
lxc (1.1.5-0ubuntu0.15.04.4) vivid-security; urgency=medium * SECURITY UPDATE: Escape through ptrace and inherited fd (LP: #1639345) - attach: Do not send procfd to attached process - CVE-2016-8649 -- Stéphane Graber <email address hidden> Tue, 22 Nov 2016 00:49:00 -0500
Superseded in zesty-release |
lxc (2.0.5-0ubuntu4) zesty-security; urgency=medium * SECURITY UPDATE: Escape through ptrace and inherited fd (LP: #1639345) - attach: Do not send procfd to attached process - CVE-2016-8649 -- Stéphane Graber <email address hidden> Tue, 22 Nov 2016 00:49:00 -0500
Available diffs
lxc (2.0.5-0ubuntu1~ubuntu16.04.3) xenial-security; urgency=medium * SECURITY UPDATE: Escape through ptrace and inherited fd (LP: #1639345) - attach: Do not send procfd to attached process - CVE-2016-8649 -- Stéphane Graber <email address hidden> Tue, 22 Nov 2016 00:49:00 -0500
Available diffs
lxc (1.0.8-0ubuntu0.4) trusty-security; urgency=medium * SECURITY UPDATE: Escape through ptrace and inherited fd (LP: #1639345) - attach: Do not send procfd to attached process - CVE-2016-8649 -- Stéphane Graber <email address hidden> Tue, 22 Nov 2016 00:49:00 -0500
Available diffs
lxc (2.0.5-0ubuntu1.2) yakkety-security; urgency=medium * SECURITY UPDATE: Escape through ptrace and inherited fd (LP: #1639345) - attach: Do not send procfd to attached process - CVE-2016-8649 -- Stéphane Graber <email address hidden> Tue, 22 Nov 2016 00:49:00 -0500
Available diffs
Superseded in trusty-backports |
lxc (2.0.5-0ubuntu1~ubuntu14.04.1) trusty-backports; urgency=medium * Backport to trusty * Add a versioned build-dependency on trusty-backports' libseccomp-dev. * Add a versioned dependency to liblxc1 on trusty-backports' cgroup-lite. -- Stéphane Graber <email address hidden> Tue, 25 Oct 2016 14:10:11 -0400
Available diffs
lxc (2.0.5-0ubuntu3) zesty; urgency=medium * Also skip lxc-test-ubuntu on zesty (LXC still doesn't support squashfs cloud images) -- Stéphane Graber <email address hidden> Fri, 21 Oct 2016 22:40:14 -0400
Available diffs
- diff from 2.0.5-0ubuntu1 to 2.0.5-0ubuntu3 (4.8 KiB)
- diff from 2.0.5-0ubuntu2 to 2.0.5-0ubuntu3 (573 bytes)
Superseded in zesty-proposed |
lxc (2.0.5-0ubuntu2) zesty; urgency=medium * Cherry-pick bugfix from upstream: - s390x: Fix seccomp handling of personalities (LP: #1635639) - Setup libtool (LP: #1620313) * Build-depend on dpkg-dev (>= 1.16.1~) | hardening-wrapper. LP: #1620313. -- Stéphane Graber <email address hidden> Fri, 21 Oct 2016 13:44:19 -0400
Available diffs
lxc (2.0.5-0ubuntu1~ubuntu16.04.2) xenial; urgency=medium * Cherry-pick bugfix from upstream: - s390x: Fix seccomp handling of personalities (LP: #1635639) -- Stéphane Graber <email address hidden> Fri, 21 Oct 2016 12:39:18 -0400
Available diffs
lxc (2.0.5-0ubuntu1.1) yakkety; urgency=medium * Cherry-pick bugfix from upstream: - s390x: Fix seccomp handling of personalities (LP: #1635639) -- Stéphane Graber <email address hidden> Fri, 21 Oct 2016 12:40:08 -0400
Available diffs
lxc (2.0.5-0ubuntu1~ubuntu16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.5) (LP: #1632144) - Fix .gitignore after /tools/ split - Add lxc-test-utils to .gitignore - bdev: use correct overlay module name - cleanup: tools: remove --name from lxc-top usage message - cleanup: whitespaces in option alignment for lxc-execute - Use full GPG fingerprint instead of long IDs. - tools: move --rcfile to the common options list - tools: set configfile after load_config - doc: add --rcfile to common opts - doc: Update Korean lxc-attach(1) - doc: Add --rcfile to Korean common opts - doc: Add --rcfile to Japanese common opts - tools: use exit(EXIT_*) everywhere - tools: unify exit() calls outside of main() - utils: Add mips signalfd syscall numbers - seccomp: Implement MIPS seccomp handling - seccomp: Add mips and mips64 entries to lxc_config_parse_arch - seccomp: fix strerror() - confile: add more archs to lxc_config_parse_arch() - seccomp: add support for s390x - seccomp: remove double include and order includes - seccomp: non functional changes - templates: use fd 9 instead of 200 - templates: fedora requires openssl binary - tools: use boolean for ret in lxc_device.c - c/r: use /proc/self/tid/children instead of pidfile - c/r: Fix pid_t on some arches - templates: Add mips hostarch detection to debian - cleanup: replace tabs wth spaces in usage strings - remove extra 'ret' - c/r: write status only after trying to parse the pid - set FULL_PATH_NAMES=NO in doc/api/Doxyfile - templates: rm halt.target -> sigpwr.target symlink - templates: remove creation of bogus directory - console: use correct log name - configure: add --disable-werror - tests: fix get_item tests - templates: use correct cron version in alpine template - c/r: zero a smaller than known migrate_opts struct - lxczfs: small fixes - c/r: free valid_opts if necessary - make rsync deal with sparse files efficiently - lxc-create -t debian fails on ppc64el arch - c/r: fix typo in comment - cgroup: add new functions for interacting with hierachies - utils: add lxc_deslashify - c/r: pass --cgroup-roots on checkpoint - cgroup: get rid of weird hack in cgfsng_escape - cgroup: drop cgroup_canonical_path - c/r: check that cgroup_num_hierarchies > 0 - tools: do not add trailing spaces on lxc-ls -1 - conf: retrieve mtu from netdev->link - conf: try to retrieve mtu from veth - c/r: detatch from controlling tty on restore - Fix null derefence if attach is called without access to any tty - utils: fix lxc_string_split() - tools: lxc_deslashify() handle special cases - tests: add unit tests for lxc_deslashify() - Fix for ALTLinux container creation in all branches - utils: lxc_deslashify() free memory - Fix spelling of CentOS in the templates - Define LXC_DEVEL to detect development releases - tools: lxc-checkconfig conditionalize devpts check * Drop all cherry-pick patches, now upstream. * Update to newer standards. Drop un-needed debian/control field. * Address all lintian messages. * Sync packaging with Yakkety's. -- Stéphane Graber <email address hidden> Mon, 10 Oct 2016 19:11:02 -0400
Available diffs
Superseded in zesty-release |
Obsolete in yakkety-release |
Deleted in yakkety-proposed (Reason: moved to release) |
lxc (2.0.5-0ubuntu1) yakkety; urgency=medium * New upstream bugfix release (2.0.5): - Fix .gitignore after /tools/ split - Add lxc-test-utils to .gitignore - bdev: use correct overlay module name - cleanup: tools: remove --name from lxc-top usage message - cleanup: whitespaces in option alignment for lxc-execute - Use full GPG fingerprint instead of long IDs. - tools: move --rcfile to the common options list - tools: set configfile after load_config - doc: add --rcfile to common opts - doc: Update Korean lxc-attach(1) - doc: Add --rcfile to Korean common opts - doc: Add --rcfile to Japanese common opts - tools: use exit(EXIT_*) everywhere - tools: unify exit() calls outside of main() - utils: Add mips signalfd syscall numbers - seccomp: Implement MIPS seccomp handling - seccomp: Add mips and mips64 entries to lxc_config_parse_arch - seccomp: fix strerror() - confile: add more archs to lxc_config_parse_arch() - seccomp: add support for s390x - seccomp: remove double include and order includes - seccomp: non functional changes - templates: use fd 9 instead of 200 - templates: fedora requires openssl binary - tools: use boolean for ret in lxc_device.c - c/r: use /proc/self/tid/children instead of pidfile - c/r: Fix pid_t on some arches - templates: Add mips hostarch detection to debian - cleanup: replace tabs wth spaces in usage strings - remove extra 'ret' - c/r: write status only after trying to parse the pid - set FULL_PATH_NAMES=NO in doc/api/Doxyfile - templates: rm halt.target -> sigpwr.target symlink - templates: remove creation of bogus directory - console: use correct log name - configure: add --disable-werror - tests: fix get_item tests - templates: use correct cron version in alpine template - c/r: zero a smaller than known migrate_opts struct - lxczfs: small fixes - c/r: free valid_opts if necessary - make rsync deal with sparse files efficiently - lxc-create -t debian fails on ppc64el arch - c/r: fix typo in comment - cgroup: add new functions for interacting with hierachies - utils: add lxc_deslashify - c/r: pass --cgroup-roots on checkpoint - cgroup: get rid of weird hack in cgfsng_escape - cgroup: drop cgroup_canonical_path - c/r: check that cgroup_num_hierarchies > 0 - tools: do not add trailing spaces on lxc-ls -1 - conf: retrieve mtu from netdev->link - conf: try to retrieve mtu from veth - c/r: detatch from controlling tty on restore - Fix null derefence if attach is called without access to any tty - utils: fix lxc_string_split() - tools: lxc_deslashify() handle special cases - tests: add unit tests for lxc_deslashify() - Fix for ALTLinux container creation in all branches - utils: lxc_deslashify() free memory - Fix spelling of CentOS in the templates - Define LXC_DEVEL to detect development releases - tools: lxc-checkconfig conditionalize devpts check * Drop all cherry-pick patches, now upstream. * Update to newer standards. Drop un-needed debian/control field. * Address all lintian messages. * Revert the previous upload as it caused FTBFS. -- Stéphane Graber <email address hidden> Wed, 05 Oct 2016 13:56:58 +0200
Available diffs
- diff from 2.0.4-0ubuntu4 to 2.0.5-0ubuntu1 (40.8 KiB)
- diff from 2.0.4-0ubuntu5 to 2.0.5-0ubuntu1 (41.3 KiB)
Superseded in trusty-backports |
lxc (2.0.4-0ubuntu1~ubuntu14.04.1) trusty-backports; urgency=medium * Backport to trusty * Add a versioned build-dependency on trusty-backports' libseccomp-dev. * Add a versioned dependency to liblxc1 on trusty-backports' cgroup-lite. -- Stéphane Graber <email address hidden> Mon, 03 Oct 2016 13:02:24 -0400
Available diffs
Superseded in yakkety-proposed |
lxc (2.0.4-0ubuntu5) yakkety; urgency=medium * Build-depend on dpkg-dev (>= 1.16.1~) | hardening-wrapper. LP: #1620313. -- Matthias Klose <email address hidden> Thu, 29 Sep 2016 21:59:35 +0200
Available diffs
- diff from 2.0.4-0ubuntu4 to 2.0.4-0ubuntu5 (589 bytes)
lxc (2.0.4-0ubuntu4) yakkety; urgency=medium * tests: Depend on dirmngr (LP: #1623424) -- Stéphane Graber <email address hidden> Mon, 19 Sep 2016 12:30:44 -0400
Available diffs
- diff from 2.0.4-0ubuntu3 to 2.0.4-0ubuntu4 (460 bytes)
lxc (2.0.4-0ubuntu1~ubuntu16.04.2) xenial; urgency=medium * Cherry-pick from upstream (fixes checkpoint/restore regression): - 0003-c-r-use-proc-self-tid-children-instead-of-pidfile.patch - 0004-c-r-Fix-pid_t-on-some-arches.patch
Available diffs
lxc (2.0.4-0ubuntu3) yakkety; urgency=medium * Cherry-pick from upstream (fixes checkpoint/restore): - 0003-c-r-use-proc-self-tid-children-instead-of-pidfile.patch - 0004-c-r-Fix-pid_t-on-some-arches.patch -- Stéphane Graber <email address hidden> Fri, 26 Aug 2016 16:27:18 -0400
Available diffs
Superseded in xenial-proposed |
lxc (2.0.4-0ubuntu1~ubuntu16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.4) (LP: #1615099): - core: Add a prefix to the lxc.pc - core: Add flag in mount_entry to skip NODEV in case of a persistent dev entry - core: Add missing cgroup namespace to ns_info struct - core: attach: setns instead of unshare in lxc-attach - core: bdev: Add subdirectories to search path - core: bdev: Be smarter about btrfs subvolume detection - core: cgfsng: Don't pre-calculate path - core: cgfsng: Fix is_lxcfs() and is_cgroupfs() - core: cgroups: Move cgroup files to common subfolder - core: conf: Set pty_info to NULL after free - core: Detect if we should send SIGRTMIN+3 - core: Replace readdir_r() with readdir() - core: Set up MTU for vlan-type interfaces. - core: tools, tests: Reorganize repo - c/r: Add support for CRIU's --action-script - c/r: Add support for ghost-limit in CRIU - c/r: Drop in-flight connections during CRIU dump - c/r: Initialize migrate_opts properly - c/r: Make local function static - c/r: Replace tmpnam() with mkstemp() - c/r: Store criu version - c/r: Use PRIu64 format specifier - doc: Fix typo found by lintian - doc: Update Japanese lxc-attach(1) - doc: Update lxc-attach(1) - lxc-attach: Add -f option (rcfile) - lxc-attach: Cleanup whitespaces - lxc-create: Add missing newline in output - lxc-ls: Use correct runtime path - templates: alpine: Add support for new arch - templates: alpine: Mount tmpfs under /run - templates: debian: Add more quotes to variables (at least $rootfs should now be covered) - templates: debian: Avoid noisy perl warnings caused by missing locales - templates: debian: fix regression when creating wheezy containers - templates: debian: Make shellcheck (Ubuntu: 0.3.7-5 amd64) most possible happy - tests: Add unit tests for lxc_string_in_array() - tests: Add unit tests for lxc_string_replace() * Cherry-pick from upstream (for 4.6 kernel): - 0002-bdev-use-correct-overlay-module-name * Sync packaging with yakkety: - Tweak debian/tests/exercise to skip lxc-test-ubuntu on yakkety - Build-depend on libgnutls28-dev rather than libgnutls-dev -- Stéphane Graber <email address hidden> Fri, 19 Aug 2016 15:32:14 -0400
Available diffs
lxc (2.0.4-0ubuntu2) yakkety; urgency=medium * Cherry-pick from upstream (for 4.6 kernel): - 0002-bdev-use-correct-overlay-module-name -- Stéphane Graber <email address hidden> Tue, 16 Aug 2016 19:28:50 -0400
Available diffs
- diff from 2.0.3-0ubuntu3 to 2.0.4-0ubuntu2 (209.1 KiB)
- diff from 2.0.4-0ubuntu1 to 2.0.4-0ubuntu2 (2.0 KiB)
Superseded in yakkety-proposed |
lxc (2.0.4-0ubuntu1) yakkety; urgency=medium * New upstream bugfix release (2.0.4): - core: Add a prefix to the lxc.pc - core: Add flag in mount_entry to skip NODEV in case of a persistent dev entry - core: Add missing cgroup namespace to ns_info struct - core: attach: setns instead of unshare in lxc-attach - core: bdev: Add subdirectories to search path - core: bdev: Be smarter about btrfs subvolume detection - core: cgfsng: Don't pre-calculate path - core: cgfsng: Fix is_lxcfs() and is_cgroupfs() - core: cgroups: Move cgroup files to common subfolder - core: conf: Set pty_info to NULL after free - core: Detect if we should send SIGRTMIN+3 - core: Replace readdir_r() with readdir() - core: Set up MTU for vlan-type interfaces. - core: tools, tests: Reorganize repo - c/r: Add support for CRIU's --action-script - c/r: Add support for ghost-limit in CRIU - c/r: Drop in-flight connections during CRIU dump - c/r: Initialize migrate_opts properly - c/r: Make local function static - c/r: Replace tmpnam() with mkstemp() - c/r: Store criu version - c/r: Use PRIu64 format specifier - doc: Fix typo found by lintian - doc: Update Japanese lxc-attach(1) - doc: Update lxc-attach(1) - lxc-attach: Add -f option (rcfile) - lxc-attach: Cleanup whitespaces - lxc-create: Add missing newline in output - lxc-ls: Use correct runtime path - templates: alpine: Add support for new arch - templates: alpine: Mount tmpfs under /run - templates: debian: Add more quotes to variables (at least $rootfs should now be covered) - templates: debian: Avoid noisy perl warnings caused by missing locales - templates: debian: fix regression when creating wheezy containers - templates: debian: Make shellcheck (Ubuntu: 0.3.7-5 amd64) most possible happy - tests: Add unit tests for lxc_string_in_array() - tests: Add unit tests for lxc_string_replace() -- Stéphane Graber <email address hidden> Mon, 15 Aug 2016 23:59:44 -0400
Available diffs
- diff from 2.0.3-0ubuntu3 to 2.0.4-0ubuntu1 (207.8 KiB)
lxc (2.0.3-0ubuntu3) yakkety; urgency=medium * lxccontainer: Detect if we should send SIGRTMIN+3. Fixes shutdown with current systemd that dropped the SIGPWR downstream unit. Patch cherry-picked from upstream master. -- Martin Pitt <email address hidden> Mon, 01 Aug 2016 08:08:44 +0200
Available diffs
lxc (2.0.3-0ubuntu2) yakkety; urgency=medium * Build-depend on libgnutls28-dev, not libgnutls-dev which was never renamed in Debian. -- Steve Langasek <email address hidden> Thu, 14 Jul 2016 22:56:04 -0700
Available diffs
- diff from 2.0.3-0ubuntu1 to 2.0.3-0ubuntu2 (454 bytes)
lxc (2.0.3-0ubuntu1~ubuntu16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.3) (LP: #1597523): - apparmor: Refresh generated file * New upstream bugfix release (2.0.2): - apparmor: add make-rslave to usr.bin.lxc-start - apparmor: Allow bind-mounts - apparmor: Allow mount move - apparmor: Update mount states handling - core: Drop lxc-devsetup as unneeded by current autodev - core: Fix redefinition of struct in6_addr - core: Include all lxcmntent.h function declarations on Bionic - c/r: c/r: use criu's "full" mode for cgroups - systemd: start containers in foreground when using the lxc@.service - templates: debian: Make sure init is installed - templates: oracle: Fix console login - templates: plamo: Fix various issues - templates: ubuntu: Install apt-transport-https by default - travis: ensure 'make install' doesn't fail - travis: test VPATH builds - upstart: Force lxc-instance to behave like a good Upstart client * Tighten versioned dependencies between the various binary packages. * Drop lxc-devsetup as it was removed upstream (unneeded with LXC 2.0). -- Stéphane Graber <email address hidden> Wed, 29 Jun 2016 17:31:18 -0400
Available diffs
Superseded in trusty-backports |
lxc (2.0.3-0ubuntu1~ubuntu14.04.1) trusty-backports; urgency=medium * Backport to trusty (LP: #1597523) * Add a versioned build-dependency on trusty-backports' libseccomp-dev. * Add a versioned dependency to liblxc1 on trusty-backports' cgroup-lite. -- Stéphane Graber <email address hidden> Wed, 29 Jun 2016 17:23:18 -0400
Available diffs
lxc (2.0.3-0ubuntu1) yakkety; urgency=medium * New upstream bugfix release (2.0.3): - apparmor: Refresh generated file * New upstream bugfix release (2.0.2): - apparmor: add make-rslave to usr.bin.lxc-start - apparmor: Allow bind-mounts - apparmor: Allow mount move - apparmor: Update mount states handling - core: Drop lxc-devsetup as unneeded by current autodev - core: Fix redefinition of struct in6_addr - core: Include all lxcmntent.h function declarations on Bionic - c/r: c/r: use criu's "full" mode for cgroups - systemd: start containers in foreground when using the lxc@.service - templates: debian: Make sure init is installed - templates: oracle: Fix console login - templates: plamo: Fix various issues - templates: ubuntu: Install apt-transport-https by default - travis: ensure 'make install' doesn't fail - travis: test VPATH builds - upstart: Force lxc-instance to behave like a good Upstart client * Tighten versioned dependencies between the various binary packages. * Drop lxc-devsetup as it was removed upstream (unneeded with LXC 2.0). -- Stéphane Graber <email address hidden> Wed, 29 Jun 2016 16:39:06 -0400
Available diffs
lxc (2.0.1-0ubuntu2) yakkety; urgency=medium * On yakkety, skip the lxc-test-ubuntu test as it requires root.tar.xz images to be available over simplestreams which don't exist anymore. -- Stéphane Graber <email address hidden> Thu, 23 Jun 2016 15:41:40 -0400
Available diffs
- diff from 2.0.1-0ubuntu1 to 2.0.1-0ubuntu2 (827 bytes)
Superseded in trusty-backports |
lxc (2.0.1-0ubuntu1~ubuntu14.04.1) trusty-backports; urgency=medium * Backport to trusty * Add a versioned build-dependency on trusty-backports' libseccomp-dev. -- Stéphane Graber <email address hidden> Mon, 06 Jun 2016 23:53:12 -0400
Available diffs
lxc (2.0.1-0ubuntu1~16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.1) (LP: #1582887) - apparmor: Also allow fstype=fuse for fuse filesystems - attach: adapt lxc-attach tests & add test for pty logging - attach: don't fail attach on failure to setup a SIGWINCH handler. - attach: fix a variety of lxc-attach pts handling issues - attach: switch console pty to raw mode (fixes ncurses-based programs) - attach: use raw settings of ssh for pty - bindings: fixed python-lxc reference to var before assignment in create() - bindings: set PyErr when Container.init fails - cgfsng: defer to cgfs if needed subsystems are not available - cgfsng: don't require that systemd subsystem be mounted - core: Added missing type to keys in lxc_list_nicconfigs - core: Allow configuration file values to be quoted - core: log: remove duplicate definitons and bump buffer size - core: sync: properly fail on unexpected message sizes - core: Unshare netns after setting the userns mappings (fixes ownership of /proc/net) - core: various fixes as reported by static analysis - c/r: add an option to use faster inotify support in CRIU - c/r: rearrange things to pass struct migrate_opts all the way down - doc: ignore temporary files generated by doxygen - doc: tweak manpage generation date to be compatible with reproducible builds - doc: update MAINTAINERS - doc: update to translated manpages - init: add missing lsb headers to sysvinit scripts - init: don't make sysv init scripts dependant on distribution specifics - init: drop obsolete syslog.target from lxc.service.in - lxc-attach: add logging option to manpage - lxc-checkconfig: better render when stdout isn't a terminal - lxc-create: fix -B best option - lxc-destroy: avoid double print - lxc-ls: use fewer syscalls when doing ipc - templates: Add apt-transport-https to minbase variant of Ubuntu template - templates: fix a typo in the capabilities name for Gentoo (sys_resource) - templates: logic fix in the Centos template for RHEL7+ support - templates: tweak Alpine DHCP configuration to send its hostname - templates: tweak to network configuration of the Oracle template -- Stéphane Graber <email address hidden> Tue, 17 May 2016 17:19:58 -0400
Available diffs
lxc (2.0.1-0ubuntu1) yakkety; urgency=medium * New upstream bugfix release (2.0.1) - apparmor: Also allow fstype=fuse for fuse filesystems - attach: adapt lxc-attach tests & add test for pty logging - attach: don't fail attach on failure to setup a SIGWINCH handler. - attach: fix a variety of lxc-attach pts handling issues - attach: switch console pty to raw mode (fixes ncurses-based programs) - attach: use raw settings of ssh for pty - bindings: fixed python-lxc reference to var before assignment in create() - bindings: set PyErr when Container.init fails - cgfsng: defer to cgfs if needed subsystems are not available - cgfsng: don't require that systemd subsystem be mounted - core: Added missing type to keys in lxc_list_nicconfigs - core: Allow configuration file values to be quoted - core: log: remove duplicate definitons and bump buffer size - core: sync: properly fail on unexpected message sizes - core: Unshare netns after setting the userns mappings (fixes ownership of /proc/net) - core: various fixes as reported by static analysis - c/r: add an option to use faster inotify support in CRIU - c/r: rearrange things to pass struct migrate_opts all the way down - doc: ignore temporary files generated by doxygen - doc: tweak manpage generation date to be compatible with reproducible builds - doc: update MAINTAINERS - doc: update to translated manpages - init: add missing lsb headers to sysvinit scripts - init: don't make sysv init scripts dependant on distribution specifics - init: drop obsolete syslog.target from lxc.service.in - lxc-attach: add logging option to manpage - lxc-checkconfig: better render when stdout isn't a terminal - lxc-create: fix -B best option - lxc-destroy: avoid double print - lxc-ls: use fewer syscalls when doing ipc - templates: Add apt-transport-https to minbase variant of Ubuntu template - templates: fix a typo in the capabilities name for Gentoo (sys_resource) - templates: logic fix in the Centos template for RHEL7+ support - templates: tweak Alpine DHCP configuration to send its hostname - templates: tweak to network configuration of the Oracle template -- Stéphane Graber <email address hidden> Mon, 16 May 2016 17:39:23 -0400
Available diffs
- diff from 2.0.0-0ubuntu2 to 2.0.1-0ubuntu1 (25.2 KiB)
Superseded in yakkety-release |
Published in xenial-release |
Deleted in xenial-proposed (Reason: moved to release) |
lxc (2.0.0-0ubuntu2) xenial; urgency=medium * Add a distro-info test dependency as it's needed to get information about new Ubuntu releases. (LP: #1572188) This is needed to fix the current autopkgtest failures. -- Stéphane Graber <email address hidden> Tue, 19 Apr 2016 16:06:32 +0100
Available diffs
- diff from 2.0.0-0ubuntu1 to 2.0.0-0ubuntu2 (519 bytes)
lxc (2.0.0-0ubuntu1) xenial; urgency=medium * New upstream release (2.0.0 final) - Upstream announcement: https://linuxcontainers.org/lxc/news - Change from last rc: + Allow bypassing bdev auto detection by setting lxc.rootfs.backend This fixes a longstanding performance issue caused by LXC having to run through all its backends and forking sub-processes to perform the detection. * Make new lintian happy: - Bump to 3.9.7 standards - Update git URL to https - Override systemd Documentation field warning (upstream units) -- Stéphane Graber <email address hidden> Wed, 06 Apr 2016 14:42:39 -0400
Available diffs
lxc (2.0.0~rc15-0ubuntu1) xenial; urgency=medium * New upstream release (2.0.0~rc15) - lxc-debian: Update supported release names - lxc-ubuntu: Fix building on secondary architectures - Update .gitignore for *.so.* - Use smarter error handling for lxc_strmmap() - Use common lxc ordering for included headers - Fix possible buffer overflow strncat only returns its first argument and not the end of the written string. Thus "buf-pos" is always 0 and consquently no range check is performed. - Use snprintf instead of strncat - CRIU: Support using the CRIU page server for faster migrations. This optimization isn't used by default, it requires a custom liblxc1 client. - Fix buffer overflow in do_start() - Fixed indentation and comments * Drop previously cherry-picked change, now upstream. -- Stéphane Graber <email address hidden> Thu, 31 Mar 2016 18:14:44 -0400
Available diffs
lxc (2.0.0~rc14-0ubuntu2) xenial; urgency=medium * Cherry-pick tentative upstream fix: - lxc-ubuntu: Fix building on secondary architectures -- Stéphane Graber <email address hidden> Wed, 30 Mar 2016 01:29:09 -0400
Available diffs
76 → 150 of 514 results | First • Previous • Next • Last |