-
libvirt (6.0.0-0ubuntu8.20) focal; urgency=medium
* d/p/u/lp2059272-2-qemu-Wait-qemuProcessReconnect-threads-in-cleanup.patch:
Remove patch. It is not possible to wait for qemuProcessReconnect()
in cleanup: it talks to QEMU monitor, which blocks on replies from
event loop, but it's already stopped at cleanup, delaying shutdown.
* d/p/u/lp2059272-2-qemu-Do-not-save-XML-in-shutdown-on-init.patch:
Instead of waiting at cleanup for threads which might be blocked
thus would _not even reach_ the function that causes the problem,
just skip that function if it is _actually reached_ while daemon
shutdown is in progress. That is in the init path and would just
run again anyway the next time libvirtd is started (LP: #2059272)
* NOTE: This package contains the changes from 6.0.0-0ubuntu8.18 and
6.0.0-0ubuntu8.17 in focal-proposed (with symbolic changelog entry)
superseded by 6.0.0-0ubuntu8.19 in focal-security.
libvirt (6.0.0-0ubuntu8.20~ubuntu8.18) focal; urgency=medium
* d/p/u/lp2059272-1-qemu-Fix-potential-crash-during-driver-cleanup.patch:
On QEMU driver cleanup, release (stop) the worker thread pool _first_,
before other data used by possibly running worker threads (LP: #2059272)
* d/p/u/lp2059272-2-qemu-Wait-qemuProcessReconnect-threads-in-cleanup.patch:
On QEMU driver cleanup, also wait for qemuProcessReconnect() threads,
as they are independent of the worker thread pool. (LP: #2059272)
Focal needs this as it has no .stateShutdownWait() callback yet.
(The wait timeout is set in LIBVIRT_QEMU_STATE_CLEANUP_WAIT_TIMEOUT:
-1 = wait indefinitely; 0 = do not wait; N = wait up to N seconds.)
libvirt (6.0.0-0ubuntu8.20~ubuntu8.17) focal; urgency=medium
* d/p/u/lp-1989078-*.patch: allow arm64 to lock its OVMF/AAVMF resources
(LP: #1989078)
-- Mauricio Faria de Oliveira <email address hidden> Tue, 16 Apr 2024 14:20:13 -0300
-
libvirt (6.0.0-0ubuntu8.19) focal-security; urgency=medium
* SECURITY UPDATE: off-by-one in udevListInterfacesByStatus()
- debian/patches/CVE-2024-1441.patch: properly check count in
src/interface/interface_backend_udev.c.
- CVE-2024-1441
* SECURITY UPDATE: crash in RPC library
- debian/patches/CVE-2024-2494.patch: check values in
src/remote/remote_daemon_dispatch.c, src/rpc/gendispatch.pl.
- CVE-2024-2494
* SECURITY UPDATE: null pointer deref in udevConnectListAllInterfaces()
- debian/patches/CVE-2024-2496.patch: fix udev_device_get_sysattr_value
return value check in src/interface/interface_backend_udev.c.
- CVE-2024-2496
* NOTE: This package does _not_ contain the changes from
6.0.0-0ubuntu8.18 in focal-proposed.
-- Marc Deslauriers <email address hidden> Fri, 12 Apr 2024 13:50:27 -0400
-
libvirt (6.0.0-0ubuntu8.18) focal; urgency=medium
* d/p/u/lp2059272-1-qemu-Fix-potential-crash-during-driver-cleanup.patch:
On QEMU driver cleanup, release (stop) the worker thread pool _first_,
before other data used by possibly running worker threads (LP: #2059272)
* d/p/u/lp2059272-2-qemu-Wait-qemuProcessReconnect-threads-in-cleanup.patch:
On QEMU driver cleanup, also wait for qemuProcessReconnect() threads,
as they are independent of the worker thread pool. (LP: #2059272)
Focal needs this as it has no .stateShutdownWait() callback yet.
(The wait timeout is set in LIBVIRT_QEMU_STATE_CLEANUP_WAIT_TIMEOUT:
-1 = wait indefinitely; 0 = do not wait; N = wait up to N seconds.)
libvirt (6.0.0-0ubuntu8.17) focal; urgency=medium
* d/p/u/lp-1989078-*.patch: allow arm64 to lock its OVMF/AAVMF resources
(LP: #1989078)
-- Mauricio Faria de Oliveira <email address hidden> Sat, 30 Mar 2024 17:05:56 -0300
-
libvirt (6.0.0-0ubuntu8.17) focal; urgency=medium
* d/p/u/lp-1989078-*.patch: allow arm64 to lock its OVMF/AAVMF resources
(LP: #1989078)
-- Christian Ehrhardt <email address hidden> Mon, 09 Jan 2023 08:48:16 +0100
-
libvirt (6.0.0-0ubuntu8.16) focal-security; urgency=medium
* SECURITY UPDATE: crash via double-free memory issue
- debian/patches/CVE-2020-25637-1.patch: gendispatch: handle empty
flags in src/rpc/gendispatch.pl.
- debian/patches/CVE-2020-25637-2.patch: add support for filtering
@acls by uint params in src/remote/remote_protocol.x,
src/rpc/gendispatch.pl.
- debian/patches/CVE-2020-25637-3.patch: require write acl for guest
agent in src/libxl/libxl_driver.c, src/qemu/qemu_driver.c,
src/remote/remote_protocol.x.
- debian/patches/CVE-2020-25637-4.patch: set ifname to NULL after
freeing in src/qemu/qemu_agent.c.
- CVE-2020-25637
* SECURITY UPDATE: sVirt SELinux confinement flaw
- debian/patches/CVE-2021-3631.patch: fix SELinux label generation
logic in src/security/security_selinux.c.
- CVE-2021-3631
* SECURITY UPDATE: improper locking issue
- debian/patches/CVE-2021-3667.patch: unlock object on ACL fail in
src/storage/storage_driver.c.
- CVE-2021-3667
* SECURITY UPDATE: segmentation fault during VM shutdown
- debian/patches/CVE-2021-3975.patch: add missing lock in
qemuProcessHandleMonitorEOF in src/qemu/qemu_process.c.
- CVE-2021-3975
* SECURITY UPDATE: DoS via libxl driver
- debian/patches/CVE-2021-4147-pre1.patch: fix domain shutdown in
src/libxl/libxl_domain.c.
- debian/patches/CVE-2021-4147-1.patch: disable death events after
receiving a shutdown event in src/libxl/libxl_domain.c,
src/libxl/libxl_domain.h.
- debian/patches/CVE-2021-4147-2.patch: rename libxlShutdownThreadInfo
struct in src/libxl/libxl_domain.c.
- debian/patches/CVE-2021-4147-3.patch: modify name of shutdown thread
in src/libxl/libxl_domain.c.
- debian/patches/CVE-2021-4147-4.patch: handle domain death events in a
thread in src/libxl/libxl_domain.c.
- debian/patches/CVE-2021-4147-5.patch: search for virDomainObj in
event handler threads in src/libxl/libxl_domain.c.
- debian/patches/CVE-2021-4147-6pre1.patch: avoid virHashFree by
rearranging code in src/libxl/libxl_logger.c.
- debian/patches/CVE-2021-4147-6.patch: protect access to libxlLogger
files hash table in src/libxl/libxl_logger.c.
- CVE-2021-4147
* SECURITY UPDATE: DoS via nwfilter driver
- debian/patches/CVE-2022-0897.patch: fix crash when counting number of
network filters in src/nwfilter/nwfilter_driver.c.
- CVE-2022-0897
-- Marc Deslauriers <email address hidden> Wed, 20 Apr 2022 11:31:12 -0400
-
libvirt (6.0.0-0ubuntu8.15) focal; urgency=medium
* d/p/u/lp-1927519-virt-aa-helper-Purge-profile-if-corrupted.patch:
avoid issues due to corrupted apparmor profiles (LP: #1927519)
-- Christian Ehrhardt <email address hidden> Thu, 18 Nov 2021 10:23:11 +0100
-
libvirt (6.0.0-0ubuntu8.14) focal; urgency=medium
* Fixup backport of "util: Add phys_port_name support on virPCIGetNetName"
to include the incorrectly removed "firstEntryName = NULL;" line, which
caused a regression bringing up network pools. (LP: #1943481)
- d/p/u/lp-1892132-Add-phys_port_name-support-on-virPCIGetNetName.patch
-- Matthew Ruffell <email address hidden> Tue, 14 Sep 2021 14:00:49 +1200
-
libvirt (6.0.0-0ubuntu8.13) focal; urgency=medium
* Add support for switchdev NICs that link representor ports to parent PCI
device. (LP: #1892132)
- d/p/u/lp-1892132-Add-phys_port_name-support-on-virPCIGetNetName.patch
- d/p/u/lp-1892132-add-virNetDevGetPhysPortName.patch
-- Frode Nordahl <email address hidden> Fri, 16 Jul 2021 05:16:36 +0000
-
libvirt (6.0.0-0ubuntu8.12) focal; urgency=medium
* d/p/u/lp-1929202-*: fix pre-creation of images during migration
(LP: #1929202)
-- Christian Ehrhardt <email address hidden> Tue, 20 Jul 2021 14:13:56 +0200
-
libvirt (6.0.0-0ubuntu8.11) focal; urgency=medium
* d/p/ubuntu/lp-1906266-virStorageFileGetMetadataRecurse-Allow-format-probin:
relax restrictions on format probing for compat with older images
(LP: #1906266)
-- Christian Ehrhardt <email address hidden> Tue, 05 Jan 2021 13:48:48 +0100
-
libvirt (6.0.0-0ubuntu8.10) focal; urgency=medium
* d/p/ubuntu-aa/lp-1890858-unix-socket.patch: avoid issues of some users
to connect to libvirtd (LP: #1890858)
-- Christian Ehrhardt <email address hidden> Mon, 14 Jun 2021 14:36:04 +0200
-
libvirt (6.0.0-0ubuntu8.9) focal; urgency=medium
* d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
on some HW/Guest combinations e.g. Windows 10 on Threadripper
(LP: #1921754)
* d/p/u/lp-1921880*: add EPYC-Milan features and named cpu type support
(LP: #1921880)
* d/p/u/lp-1922907: add ability to parse cpu stepping and thereby correctly
differentiate skylake and cascadelake chips (LP: #1922907)
-- Christian Ehrhardt <email address hidden> Wed, 07 Apr 2021 13:33:46 +0200
-
libvirt (6.0.0-0ubuntu8.8) focal; urgency=medium
* d/p/lp1915811-*: Fix NUMA topology population for machines with high number
of CPUs (LP: #1915811)
-- Victor Manuel Tapia King <email address hidden> Fri, 19 Feb 2021 17:15:56 +0100
-
libvirt (6.0.0-0ubuntu8.7) focal; urgency=medium
* d/p/u/lp-1913266-qemu-Add-virtio-related-options-to-vsock.patch: allow
vsock to work in secure execution environments. (LP: #1913266)
libvirt (6.0.0-0ubuntu8.6) focal; urgency=medium
* Improve flaky smoke-lxc test (LP: #1899180)
- d/t/control, d/t/smoke-lxc: retry service restart and skip test if
failing; This was flaky on some release/architectures
- d/t/smoke-lxc: retry check_domain being flaky on arm64
-- Christian Ehrhardt <email address hidden> Tue, 09 Feb 2021 16:09:39 +0100
-
libvirt (6.0.0-0ubuntu8.6) focal; urgency=medium
* Improve flaky smoke-lxc test (LP: #1899180)
- d/t/control, d/t/smoke-lxc: retry service restart and skip test if
failing; This was flaky on some release/architectures
- d/t/smoke-lxc: retry check_domain being flaky on arm64
-- Christian Ehrhardt <email address hidden> Tue, 08 Dec 2020 15:09:17 +0100
-
libvirt (6.0.0-0ubuntu8.5) focal; urgency=medium
* d/p/ubuntu/lp-1887490-*: add named types and definitions for EPYC-Rome
chips (LP: #1887490)
-- Christian Ehrhardt <email address hidden> Thu, 08 Oct 2020 07:36:06 +0200
-
libvirt (6.0.0-0ubuntu8.4) focal; urgency=medium
* avoid stale libvirt capability cache (LP: #1874647)
- when host cpu changes (e.g. nested with different configuration)
- when s390x protvirt or AMD SEV changes
- d/p/ubuntu/lp-1874647-*
-- Christian Ehrhardt <email address hidden> Mon, 31 Aug 2020 08:41:25 +0200
-
libvirt (6.0.0-0ubuntu8.3) focal-security; urgency=medium
* SECURITY UPDATE: privilege escalation via incorrect socket permissions
- debian/patches/ubuntu/set-proper-socket-permissions.patch: set
appropriate permissions on socket created by systemd.
- CVE-2020-15708
-- Marc Deslauriers <email address hidden> Thu, 30 Jul 2020 06:40:28 -0400
-
libvirt (6.0.0-0ubuntu8.2) focal; urgency=medium
* enable attr support to store XATTR labels. Among other things
this allows to properly restore file ownership (LP: #691590)
- d/control: build depend to libattr1-dev
- d/rules: configure --with-attr
-- Christian Ehrhardt <email address hidden> Mon, 22 Jun 2020 21:30:50 +0200
-
libvirt (6.0.0-0ubuntu8.1) focal; urgency=medium
* d/p/ubuntu/lp-1879325-*: avoid issues with apparmor metadata labeling
(LP: #1879325)
-- Christian Ehrhardt <email address hidden> Wed, 20 May 2020 06:59:57 +0200
-
libvirt (6.0.0-0ubuntu8) focal; urgency=medium
* d/control, d/rules: Disable rbd and zfs on riscv64 where they are
unavailable (LP: #1872952)
-- William Grant <email address hidden> Sat, 18 Apr 2020 13:59:21 +1000
-
libvirt (6.0.0-0ubuntu7) focal; urgency=medium
* d/p/ubuntu-aa/lp-1871354*: fix apparmor denials on libpmem init
(LP: #1871354)
* d/p/ubuntu/CVE-CVE-2020-10701-api-disallow-virDomainAgentSetResponseTimeout
-on-rea.patch: avoid DOS through read only connections
CVE-2020-10701
-- Christian Ehrhardt <email address hidden> Wed, 15 Apr 2020 12:29:12 +0200
-
libvirt (6.0.0-0ubuntu6) focal; urgency=medium
* d/p/ubuntu/lp-1867460-*: fix domcapabilities before capabilities
and binary autodetection in general (LP: #1867460)
* d/p/stable/lp-1868539-*: stabilize libvirt by backporting upstream
fixes (LP: #1868539)
* d/p/ubuntu/lp-1853200*: add cpu models without hle/rtm features to have
modern types on kernels with recent security fixes (LP: #1853200)
* d/p/ubuntu/lp-1868528-*: Fail when fetching CPU Status for invalid CPU
(LP: #1868528)
-- Christian Ehrhardt <email address hidden> Fri, 20 Mar 2020 10:34:19 +0100
-
libvirt (6.0.0-0ubuntu5) focal; urgency=medium
* d/p/ubuntu-aa/lp-1847361-load-versioned-module.patch: allow loading
versioned modules after qemu package upgrades (LP: #1847361)
-- Christian Ehrhardt <email address hidden> Tue, 10 Mar 2020 08:58:04 +0100
-
libvirt (6.0.0-0ubuntu4) focal; urgency=medium
* d/p/ubuntu/lp-1865425-*: avoid killing the monitor job in
qemuDomainSetTimeAgent (LP: #1865425)
-- Christian Ehrhardt <email address hidden> Mon, 02 Mar 2020 10:44:22 +0100
-
libvirt (6.0.0-0ubuntu3) focal; urgency=medium
* rebuild against libxen-dev 4.11.3 (no change needed)
* d/p/ubuntu-aa/virt-aa-helper-Add-support-for-smartcard-host-certif.patch:
allow emulation of smartcard via host certificates
* d/p/ubuntu/lp-1861125-*: fix non host-model migrations from old machine
types (LP: #1861125)
* d/p/ubuntu-aa/apparmor-allow-to-call-vhost-user-gpu.patch: do not apparmor
block vhost-user-gpu usage
-- Christian Ehrhardt <email address hidden> Wed, 12 Feb 2020 14:20:08 +0100
-
libvirt (6.0.0-0ubuntu2) focal; urgency=medium
[ Christian Ehrhardt ]
* Bring back the ubuntu default URI handling. While no more needed for xen
its removal made libvirt fallback further to the upstream default
qemu:///session while Ubuntu forever had and for now wants to keep
qemu:///system (LP: #1861693)
- revert 'd/libvirt-clients.maintscript: rm_conffile libvirt-uri.sh that
was optional for use on xen hosts'
- libvirt-uri.sh: Automatically switch default libvirt URI for users on
Xen dom0 via user profile
[added back former delta]
[ Andrea Bolognani ]
* Merge further fixes from debian/experimental
- Install virt-login-shell-helper
- Install augeas lenses for all drivers
- Remove all mentions of Devhelp
- not-installed: Remove obsolete entries
- not-installed: List all split daemons files
-- Christian Ehrhardt <email address hidden> Tue, 04 Feb 2020 13:08:49 +0100
-
libvirt (6.0.0-0ubuntu1) focal; urgency=medium
* Merged with Debian 5.6.0-4 from experimental and v6.0.0 from upstream
Among many other new features and fixes this includes fixes for:
- LP: #1859253 - rbd driver fails to create a new volume
- LP: #1858341 - rbd driver does not list all volumes in pool
- LP: #1845506 - Libvirt snapshot doesn't update apparmor profile
- LP: #1854653 - slow libvirt-guests.sh during shutdown if service is off
- LP: #1848229 - enable ppc64el to use ccf-assist feature
- LP: #1853315 - Enable CPU Model Comparison and Baselining on s390x
- LP: #1853317 - CCW IPL support to boot from ECKD DASDs
- LP: #1859506 - security: AppArmor profile fixes for swtpm
Remaining changes:
- Disable libssh2 support (universe dependency)
- Disable firewalld support (universe dependency)
- Set qemu-group to kvm (for compat with older ubuntu)
- Additional apport package-hook
- Autostart default bridged network (As upstream does, but not Debian).
In addition to just enabling it our solution provides:
+ do not autostart if subnet is already taken (e.g. in guests).
+ iterate some alternative subnets before giving up
- d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is
the group based access to libvirt functions as it was used in Ubuntu
for quite long.
+ d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests
due to the group access change.
+ d/libvirt-daemon-system.postinst: add users in sudo to the libvirt
group.
- ubuntu/parallel-shutdown.patch: set parallel shutdown by default.
- Update Vcs-Git and Vcs-Browser fields to point to launchpad
- Update README.Debian with Ubuntu changes
- Enable some additional features on ppc64el and s390x (for arch parity)
+ systemtap, zfs, numa and numad on s390x.
+ systemtap on ppc64el.
- d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx
- Further upstreamed apparmor Delta, especially any new one
Our former delta is split into logical pieces and is either Ubuntu only
or is part of a continuous upstreaming effort.
Listing related remaining changes in debian/patches/ubuntu-aa/:
- fix autopkgtests
+ d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making
vmlinuz available and accessible (Debian bug 848314)
+ d/t/control: fix smoke-qemu-session by ensuring the service will run
installing libvirt-daemon-system
+ d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as
long as the following undefine succeeds
+ d/t/smoke-lxc: use systemd instead of sysV to restart the service
- dnsmasq related enhancements
+ run dnsmasq as libvirt-dnsmasq (LP: 1743718)
+ d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group
+ d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group
on purge
+ d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user
libvirt-dnsmasq and adapt the self tests to expect that config
+ d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group
+ Add dnsmasq configuration to work with system wide dnsmasq-base
- debian/rules: disable the netcf backend. (LP: 1764314)
- debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI
Secure Boot enabled variants of the OVMF firmware and variable store for
the paths where we ship these files in Ubuntu.
- d/rules: install virtlockd correctly with defaults file (LP: 1729516)
- d/rules: also check build time self test results on all architectures
- d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default
machine type correctly with newer qemu/libvirt
- d/rules: add --no-restart-after-upgrade to services that are supposed to
stay up through upgrades - this also applies to related sockets.
- Apparmor Delta that is Ubuntu specific or yet to be upstreamed
split into logical pieces. File names in debian/patches/ubuntu-aa/:
+ 0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch:
apparmor, libvirt-qemu: Allow read access to overcommit_memory
+ 0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch:
apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv
+ 0017-apparmor-virt-aa-helper-Allow-access-to-tmp-director.patch:
apparmor, virt-aa-helper: Allow access to tmp directories
+ 0020-virt-aa-helper-ubuntu-storage-paths.patch:
apparmor, virt-aa-helper: Allow various storage pools and image
locations
+ 0021-apparmor-virt-aa-helper-Add-openvswitch-support.patch:
apparmor, virt-aa-helper: Add openvswitch support
+ 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor,
libvirt-qemu: Add 9p support
+ 0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper:
add l to 9p file options.
+ 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch:
virt-aa-helper: Ask for no deny rule for readonly disk (renamed and
reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch)
+ 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch:
apparmor, libvirt-qemu: Allow reading charm-specific ceph config
+ 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow
commands executed by ubuntu only kvm wrapper on ppc64el
(LP 1686621 LP 1680384 LP 1784023)
+ 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch:
apparmor, virt-aa-helper: access for snapped nova
+ 0050-local-include-for-libvirt-qemu.patch,
d/libvirt-daemon-system.postinst: provide a local apparmor include
for abstraction/libvirt-qemu (LP: 1786019)
+ lp-1815910-allow-vhost-net.patch: avoid apparmor issues
with vhost-net/vhost-vsock/vhost-scsi hotplug (LP: 1815910)
* Dropped changes (in Debian)
- d/libvirt0.symbols: bump symbol versions for 5.4.0
- avoid service dependency issues on upgrade (LP: 1786179)
This will in the long term be resolved in dh_* tools, but to let an
upgrade work for now we need to drop the sysV scripts (which we don't
use anyway) and slightly modify the systemd service to work with todays
dh_systemd_start properly. Can be dropped once Debian bug 905772 is
resolved in dh_* tools and libvirt uses those new code.
+ d/libvirt-daemon-system.virtlogd.init: removed sysV init file
+ d/libvirt-daemon-system.libvirtd.init: removed sysV init file
+ debian/libvirt-daemon-system.maintscript: rm_conffile for virtlogd
and lbivirtd sysV init file
+ d/p/ubuntu/avoid-restarting-virtlog-socket.patch: drop Also references
to virtlogd/virtlockd sockets as they would imply a restart of
virtlogd breaking it.
[ we now have split packages for sysv and systemd support ]
- d/t/control, d/t/smoke-lxc: fix up lxc smoke test isolation
- Refreshed to match new upstream
+ d/p/Reduce-udevadm-settle-timeout-to-10-seconds.patch
* Dropped changes (now upstream)
- d/p/ubuntu/lp-1828495-*: make libvirt able to handle arch_capabilities
cpu features for the Host. (LP: 1828495 - not closing yet as guest caps
are still need fixups to work well LP: 1841066)
- SECURITY UPDATEs: CVE-2019-10161, CVE-2019-10166,
CVE-2019-10167 and CVE-2019-10168
- d/p/ubuntu-aa/lp-1833040-Add-openGraphicsFD-rule-for-named-profile.patch:
avoid issues with remote screen connections like virt-manager due to
apparmor changes in libvirt 5.1 (LP 1833040)
- 0001-apparmor-Allow-pygrub-to-run-on-Debian-Ubuntu.patch: apparmor:
Allow pygrub to run on Debian/Ubuntu
- update to v5.4.0
* Dropped changes (Xen demoted to universe)
- d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The
section that adapts the path of the emulator to the Debian/Ubuntu
packaging is kept.
- d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto
set VRAM to minimum requirements
- d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts
- Add libxl log directory
- libvirt-uri.sh: Automatically switch default libvirt URI for users on
Xen dom0 via user profile (was missing on changelogs before)
* Dropped changes (no more needed)
- d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from
included_files to avoid build failures due to duplicate definitions.
[ finally works in v6.0.0 ]
- d/control: Revert iptables/ebtables dependency as Eoan still is on 1.6.x
[ focal has iptables 1.8.3 ]
- d/rules: adapt iptables binary paths present in Eoan (LP 1832297)
[ focal has iptables 1.8.3 ]
* Added Changes:
- refreshed patches for libvirt v6.0.0
- d/control: bump build dep to python3
- d/control: VCS links to use generic Ubuntu launchpad git URLs
- d/control: add python3-docutils as build dependency
- d/control: add libzfslinux-dev to build-deps
- d/rules: set enable-dependency-tracking to avoid FTBFS
- d/rules: drop the no more existing phyp option
- d/rules: drop the no more existing xen configure option
- d/libvirt-clients.maintscript: rm_conffile libvirt-uri.sh that was
optional for use on xen hosts
- d/control: drop libvirt-lxc, vbox and xen drivers to suggest
- minimize patches generated by autoreconf
- fix build on Debian/Ubuntu in qemuhotplugtest
- d/libvirt-doc.doc: install rendered docs
- d/libvirt-daemon-system.examples: drop old examples that are now active
- d/libvirt-doc.doc-base.libvirt-doc: adapt doc base to new file placement
- d/libvirt-daemon-system-sysv.lintian-overrides: not shipiing systemd files
- d/libnss-libvirt.lintian-overrides: accept having two nss so files
- d/rules: don't ship split daemons just yet
- d/rules: install /etc/default/* files that are shared between sysv and
systemd packages
- d/rules: add libvirt-guests.default to libvirt-daemon-system instead of
libvirt-daemon-system-sysv
- d/p/ubuntu/lp-1655111*: fix qemu_bridge_helper to work with named
profiles (LP: #1655111)
libvirt (5.6.0-4) experimental; urgency=medium
* [d88536d] Introduce libvirt-daemon-system-{systemd,sysv} Move init scripts
to separate package that allows people to experiment with alternative init
systems while avoiding the problems that mixed init scripts and systemd
units have in the current packaging.
Thanks to Christian Ehrhardt for all the input regarding upgrade
problems seen in Ubuntu and possible solutions.
(Closes: #887911, #905772)
* [c19d230] autopkg tests: Use isolation-machine.
This avoids running under debian ci since libvirt-lxc in lxc
doesn't work there. (Closes: #947006)
libvirt (5.6.0-3) unstable; urgency=medium
* Team upload.
[ Christian Ehrhardt ]
* Move qemu, lxc, uml, vbox and xen connection drivers into separate
packages. This reduces the dependencies pulled into default installations.
(Closes: #901940)
* d/copyright: Update
[ Guido Günther ]
* [362bec6] autopkgtest: Adjust to new path
libvirt (5.6.0-2) unstable; urgency=medium
* Team upload.
* [4dcbe93] Revert "Disable libvirtd socket activation" (Closes: #935883)
* [b464de1] Add libvirtd sockets handling
libvirt (5.6.0-1) unstable; urgency=medium
* Team upload.
[ Guido Günther ]
* [fb43676] d/control: Drop dh-autoreconf build-dep
* [81d21d5] d/not-installed: Use multi-arch dirs
* [07d5669] New upstream version 5.6.0
Fixes CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091,
CVE-2019-10132
(Closes: #915107, #931243, #929334)
* [9f38a9e] apparmor: Allow run pygrub
(Closes: #931768)
* Acknowledge NMU. Thanks Jonathan Wiltshire
[ Christian Ehrhardt ]
* [c28c3b3] d/libvirt0.install: install translations
* [c3c4cd4] d/libvirt-daemon-system.install: drop in helper for firewalld
* [3e8b43c] d/not-installed: ignore default files /etc/sysconfig
* [c223d7f] d/libvirt-daemon-system.examples: ship sysctl config as example
* [f19acf6] d/libvirt-daemon-system.install: ship libxl-sanlock.conf
(Closes: #919484)
* [483e44a] d/libvirt-doc.docs: fix whitespace issue
* [4f4751f] d/libvirt-doc.docs: install new doc elements
* [781e22e] d/not-installed: ignore documentation already being installed
* [eda89b2] d/no-installed, d/libvirt-doc.docs: do not install fonts
* [ab67a28] d/copyright: add license for docs/fonts/
* [2e222a2] d/rules: strip symbolic-functions linker option
* [39b658c] Revert "d/libvirt-daemon-system.install: ship
libxl-sanlock.conf"
* [ce46360] d/rules: install libxl-sanlock.conf dependent on xen being
enabled
[ Andrea Bolognani ]
* [6a2eae3] Simplify and improve watch file
* [82a1edc] Bump symbol versions
* [73fccd9] Specify --doc-main-package for dh_installdocs
* [d48fdf6] Rediff patches
* [3b16c86] Bump symbol versions
* [48c9b75] Drop Avahi support
* [a49de91] Fix AppArmor profile for virt-aa-helper
* [b8e92da] Disable libvirtd socket activation
* [73d1e8c] Install kbase articles
-- Christian Ehrhardt <email address hidden> Mon, 13 Jan 2020 13:14:14 +0100
-
libvirt (5.4.0-0ubuntu5) eoan; urgency=medium
* No-change upload with strops.h and sys/strops.h removed in glibc.
-- Matthias Klose <email address hidden> Thu, 05 Sep 2019 11:00:53 +0000
