- Add support for AArch64 architecture
- Various improvements on test code and test driver
- Don't link virt-login-shell against libvirt.so
- Close all non-stdio FDs in virt-login-shell
- Only allow 'stderr' log output when running setuid
- Fix perms for virConnectDomainXML{To,From}Native
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: e7f400a1-CVE-2013-4296.patch,
2dba0323-CVE-2013-4297.patch, db7a5688-CVE-2013-4311.patch,
e65667c0-CVE-2013-4311.patch, 922b7fda-CVE-2013-4311.patch,
e4697b92-CVE-2013-4311.patch, 8294aa0c-CVE-2013-4399.patch,
484cc321-fix-spice-migration.patch,
79552754-libvirtd-chardev-crash.patch,
57687fd6-CVE-2013-4401.patch, ae53e5d1-CVE-2013-4400.patch,
8c3586ea-CVE-2013-4400.patch, b7fcc799a-CVE-2013-4400.patch,
3e2f27e1-CVE-2013-4400.patch, 5a0ea4b7-CVE-2013-4400.patch,
843bdb2f-CVE-2013-4400.patch,
bd773e74-lxc-terminate-machine.patch,
e350826c-python-fix-fd-passing.patch
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=329
Sorry for the delay. Quite some work to get libvirt in shape for RC2.
Lots of bug fixes, and most importantly fixes for CVE-2013-{4400,4401}.
Pretty please copy to 13.1 :)
- libxl driver: fix initialization of VNC and SDL info for
HVM domains
libxl-hvm-vnc.patch
bnc#847566
- Allow libvirtd apparmor profile to access /etc/xen/scripts/*
- Fix file descriptor passing in python bindings
e350826c-python-fix-fd-passing.patch
rhb#1021434
- Have systemd terminate the machine as a workaround of fdo#68370
bd773e74-lxc-terminate-machine.patch
bnc#842834
- Spec file fixes to only package libvirt-login-shell when
building the LXC driver
- CVE-2013-4400: Unsantized use of env variables allows privilege
escalation via virt-login-shell
ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch,
b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch,
5a0ea4b7-CVE-2013-4400.patch, 843bdb2f-CVE-2013-4400.patch
bnc#837609
- CVE-2013-4401: Fix perms for virConnectDomainXML{To,From}Native
57687fd6-CVE-2013-4401.patch
bnc#845704
- Move hypervisor-specific files out of libvirt-daemon package
and into libvirt-daemon-<hypervisor> subpackage
bnc#845851
OBS-URL: https://build.opensuse.org/request/show/204842
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=133
Updated libvirt package for Factory/13.1 fixing various bugs
and security issues. Please copy to 13.1 or let me know if
an explicit SR is needed for 13.1. Thanks!
- Move virt-login-shell to new subpackage libvirt-login-shell,
requiring users to opt-in for this setuid binary. Note: For now,
virt-login-shell will not have setuid permissions, pending
resolution of bnc#837609
- qemu: Fix seamless SPICE migration
484cc321-fix-spice-migration.patch
bnc#842301
- CVE-2013-4399: Fix crash in libvirtd when events are registered
and ACLs active
8294aa0c-CVE-2013-4399.patch
bnc#844052, bnc#842300
- Update the stale gettext BuildRequires and Requires dependencies
in the spec file
bnc#841325
- virt-aa-helper apparmor profile was denying read access to
/proc/$PID/*. Give read accesss to these files.
Updated install-apparmor-profiles.patch
bnc#841720
- libvirtd apparmor profile was denying access to
/usr/lib/xen/bin/qemu-system-i386, which is now the default
emulator used with Xen guests
Updated install-apparmor-profiles.patch
bnc#845648
OBS-URL: https://build.opensuse.org/request/show/203343
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=132
Updated libvirt package for Factory/13.1 that fixes several
CVEs. Please copy to 13.1 as well, or let me know if I need
an explicit SR for that. Thanks!
- CVE-2013-4311: Add support for using 3-arg pkcheck syntax for
process
db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch,
922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch
bnc#836931
- CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats
e7f400a1-CVE-2013-4296.patch
bnc#838638
- CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate
2dba0323-CVE-2013-4297.patch
bnc#838642
OBS-URL: https://build.opensuse.org/request/show/201962
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=130
- Update to libvirt 1.1.2
- various improvements to libxl driver
- systemd integration improvements
- Add flag to BaselineCPU API to return detailed CPU features
- Introduce a virt-login-shell binary
- conf: add startupPolicy attribute for harddisk
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: bcef0f01-libxl-console.patch,
9d0557b9-legacy-xen-double-free.patch,
d7a45bf2-legacy-xen-dumpxml.patch, 0e671a16-CVE-2013-4239.patch
- Includes fixes for bnc#837530, bnc#837531, bnc#837999
Note: above bug fixes are CVE-2013-4291, CVE-2013-4292, and
CVE-2013-5651 respectively.
OBS-URL: https://build.opensuse.org/request/show/197361
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=128
- various improvements to libxl driver
- systemd integration improvements
- Add flag to BaselineCPU API to return detailed CPU features
- Introduce a virt-login-shell binary
- conf: add startupPolicy attribute for harddisk
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: bcef0f01-libxl-console.patch,
9d0557b9-legacy-xen-double-free.patch,
d7a45bf2-legacy-xen-dumpxml.patch, 0e671a16-CVE-2013-4239.patch
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=296
New libvirt package for Factory...
- Backport upstream patch implementing domainOpenConsole in the
libxl driver. Allows 'virsh console dom-name' to work with
Xen libxl toolstack.
bcef0f01-libxl-console.patch
- Update to libvirt 1.1.1
- Adding device removal or deletion events
- Introduce new domain create APIs to pass pre-opened FDs to LXC
- Add interface versions for Xen 4.3
- Add new public API virDomainSetMemoryStatsPeriod
- Various LXC improvements
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: f38c8185-CVE-2013-2230.patch,
fd2e3c4c-xen-sysctl-domctl.patch, dfc69235-CVE-2013-4153.patch,
96518d43-CVE-2013-4154.patch, fe89fd3b-storage-pool-deadlock.patch
- Drop relax-qemu-usergroup-check.patch - no longer needed
after hypervisor-specific daemon package split
OBS-URL: https://build.opensuse.org/request/show/185687
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=126
- Adding device removal or deletion events
- Introduce new domain create APIs to pass pre-opened FDs to LXC
- Add interface versions for Xen 4.3
- Add new public API virDomainSetMemoryStatsPeriod
- Various LXC improvements
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: f38c8185-CVE-2013-2230.patch,
fd2e3c4c-xen-sysctl-domctl.patch, dfc69235-CVE-2013-4153.patch,
96518d43-CVE-2013-4154.patch, fe89fd3b-storage-pool-deadlock.patch
- Drop relax-qemu-usergroup-check.patch - no longer needed
after hypervisor-specific daemon package split
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=290
