Sorry for the delay. Quite some work to get libvirt in shape for RC2.
Lots of bug fixes, and most importantly fixes for CVE-2013-{4400,4401}.
Pretty please copy to 13.1 :)
- libxl driver: fix initialization of VNC and SDL info for
HVM domains
libxl-hvm-vnc.patch
bnc#847566
- Allow libvirtd apparmor profile to access /etc/xen/scripts/*
- Fix file descriptor passing in python bindings
e350826c-python-fix-fd-passing.patch
rhb#1021434
- Have systemd terminate the machine as a workaround of fdo#68370
bd773e74-lxc-terminate-machine.patch
bnc#842834
- Spec file fixes to only package libvirt-login-shell when
building the LXC driver
- CVE-2013-4400: Unsantized use of env variables allows privilege
escalation via virt-login-shell
ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch,
b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch,
5a0ea4b7-CVE-2013-4400.patch, 843bdb2f-CVE-2013-4400.patch
bnc#837609
- CVE-2013-4401: Fix perms for virConnectDomainXML{To,From}Native
57687fd6-CVE-2013-4401.patch
bnc#845704
- Move hypervisor-specific files out of libvirt-daemon package
and into libvirt-daemon-<hypervisor> subpackage
bnc#845851
OBS-URL: https://build.opensuse.org/request/show/204842
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=133
Updated libvirt package for Factory/13.1 fixing various bugs
and security issues. Please copy to 13.1 or let me know if
an explicit SR is needed for 13.1. Thanks!
- Move virt-login-shell to new subpackage libvirt-login-shell,
requiring users to opt-in for this setuid binary. Note: For now,
virt-login-shell will not have setuid permissions, pending
resolution of bnc#837609
- qemu: Fix seamless SPICE migration
484cc321-fix-spice-migration.patch
bnc#842301
- CVE-2013-4399: Fix crash in libvirtd when events are registered
and ACLs active
8294aa0c-CVE-2013-4399.patch
bnc#844052, bnc#842300
- Update the stale gettext BuildRequires and Requires dependencies
in the spec file
bnc#841325
- virt-aa-helper apparmor profile was denying read access to
/proc/$PID/*. Give read accesss to these files.
Updated install-apparmor-profiles.patch
bnc#841720
- libvirtd apparmor profile was denying access to
/usr/lib/xen/bin/qemu-system-i386, which is now the default
emulator used with Xen guests
Updated install-apparmor-profiles.patch
bnc#845648
OBS-URL: https://build.opensuse.org/request/show/203343
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=132
Updated libvirt package for Factory/13.1 that fixes several
CVEs. Please copy to 13.1 as well, or let me know if I need
an explicit SR for that. Thanks!
- CVE-2013-4311: Add support for using 3-arg pkcheck syntax for
process
db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch,
922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch
bnc#836931
- CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats
e7f400a1-CVE-2013-4296.patch
bnc#838638
- CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate
2dba0323-CVE-2013-4297.patch
bnc#838642
OBS-URL: https://build.opensuse.org/request/show/201962
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=130
- Update to libvirt 1.1.2
- various improvements to libxl driver
- systemd integration improvements
- Add flag to BaselineCPU API to return detailed CPU features
- Introduce a virt-login-shell binary
- conf: add startupPolicy attribute for harddisk
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: bcef0f01-libxl-console.patch,
9d0557b9-legacy-xen-double-free.patch,
d7a45bf2-legacy-xen-dumpxml.patch, 0e671a16-CVE-2013-4239.patch
- Includes fixes for bnc#837530, bnc#837531, bnc#837999
Note: above bug fixes are CVE-2013-4291, CVE-2013-4292, and
CVE-2013-5651 respectively.
OBS-URL: https://build.opensuse.org/request/show/197361
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=128
- various improvements to libxl driver
- systemd integration improvements
- Add flag to BaselineCPU API to return detailed CPU features
- Introduce a virt-login-shell binary
- conf: add startupPolicy attribute for harddisk
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: bcef0f01-libxl-console.patch,
9d0557b9-legacy-xen-double-free.patch,
d7a45bf2-legacy-xen-dumpxml.patch, 0e671a16-CVE-2013-4239.patch
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=296
New libvirt package for Factory...
- Backport upstream patch implementing domainOpenConsole in the
libxl driver. Allows 'virsh console dom-name' to work with
Xen libxl toolstack.
bcef0f01-libxl-console.patch
- Update to libvirt 1.1.1
- Adding device removal or deletion events
- Introduce new domain create APIs to pass pre-opened FDs to LXC
- Add interface versions for Xen 4.3
- Add new public API virDomainSetMemoryStatsPeriod
- Various LXC improvements
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: f38c8185-CVE-2013-2230.patch,
fd2e3c4c-xen-sysctl-domctl.patch, dfc69235-CVE-2013-4153.patch,
96518d43-CVE-2013-4154.patch, fe89fd3b-storage-pool-deadlock.patch
- Drop relax-qemu-usergroup-check.patch - no longer needed
after hypervisor-specific daemon package split
OBS-URL: https://build.opensuse.org/request/show/185687
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=126
- Adding device removal or deletion events
- Introduce new domain create APIs to pass pre-opened FDs to LXC
- Add interface versions for Xen 4.3
- Add new public API virDomainSetMemoryStatsPeriod
- Various LXC improvements
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: f38c8185-CVE-2013-2230.patch,
fd2e3c4c-xen-sysctl-domctl.patch, dfc69235-CVE-2013-4153.patch,
96518d43-CVE-2013-4154.patch, fe89fd3b-storage-pool-deadlock.patch
- Drop relax-qemu-usergroup-check.patch - no longer needed
after hypervisor-specific daemon package split
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=290
New libvirt package for Factory.
- CVE-2013-2230: Fix crash when multiple event callbacks were
registered
f38c8185-CVE-2013-2230.patch
bnc#827801
- Update to libvirt 1.1.0
- Extensible migration APIs
- Add a policy kit access control driver
- various improvements in the Xen and libxl drivers
- improve networking support on BSD
- agent based vCPU hotplug support
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: 244e0b8c-CVE-2013-2218.patch
- Only require lzop if suse_version > 1210
- Fix typo in spec file
- Enable support for netcontrol by default
- Only require libvirt-daemon-driver-interface when building the
interface driver
OBS-URL: https://build.opensuse.org/request/show/182939
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=122
Superseds SR#178013
V3: Remove rpmlintrc lameness and fix build for SLE11 SP2
V2: fix devel subpackage
Along with an update to version 1.0.6, this SR includes a
significant change in the package structure. The libvirt
daemon is decomposed into virtualizer-specific subpackages,
which e.g. alleviates the need for xen-libs to be installed
on a KVM host. Please review and provide any feedback. I'd
like to get this accepted for the next 13.1 milestone to
get greater test exposure. Thanks!
- Fix build for SLE11 SP2
- Add a README to the empty packages. Provides some info about
their purpose and satisfies suse-filelist-empty check.
Drop rpmlintrc
- Fix typo in spec file: devel package requires doc package, not
docs
- Add rpmlintrc to get around suse-filelist-empty error on
older distros.
- Refactor libvirt spec file to create subpackages for the various
libvirtd components. This allows installing a libvirtd tailored
for the underlying virtualizer. E.g. on a KVM/QEMU virtualizer
only the libvirt-daemon-qemu package needs installed.
Similarly, only libvirt-daemon-xen on a Xen virtualizer and
libvirt-daemon-lxc on LXC.
- Update to libvirt 1.0.6
- Move VirtualBox driver into libvirtd
- Support for static routes on a virtual bridge
- Various improvement for hostdev SCSI support
- Switch to VIR_STRDUP and VIR_STRNDUP
- Various cleanups and improvement in Xen and LXC drivers
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Drop upstream patches: f493d83f-cgroup-swap-control.patch,
486a86eb-cgroups-docs.patch, 0ced83dc-cgroup-escape-dot.patch,
bbe97ae9-no-cgroups.patch, c2cf5f1c-no-cgroups-fix.patch,
OBS-URL: https://build.opensuse.org/request/show/178413
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=119
