diff --git a/libvirt-10.0.0.tar.xz b/libvirt-10.0.0.tar.xz deleted file mode 100644 index 8eb42cd..0000000 --- a/libvirt-10.0.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1ada18574e9aef360b29e3b127ff76302fc1ce1136a74ffb4b292fd6f4a40be2 -size 9744956 diff --git a/libvirt-10.1.0.tar.xz b/libvirt-10.1.0.tar.xz new file mode 100644 index 0000000..7114ea9 --- /dev/null +++ b/libvirt-10.1.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ade801b96ee8a791c82304146fbb5716df701054649c940054a110cbe418f8e1 +size 9787492 diff --git a/libvirt.changes b/libvirt.changes index 73abe45..117f37e 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Mar 5 21:20:53 UTC 2024 - James Fehlig + +- Update to libvirt 10.1.0 + - CVE-2024-1441 + - Many incremental improvements and bug fixes, see + https://libvirt.org/news.html#v10-1-0-2024-03-01 + ------------------------------------------------------------------- Thu Feb 22 22:11:36 UTC 2024 - James Fehlig diff --git a/libvirt.spec b/libvirt.spec index 948f76e..14f0337 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -47,6 +47,7 @@ %define with_libssh2 0%{!?_without_libssh2:1} %define with_numactl 0%{!?_without_numactl:1} %define with_modular_daemons 0%{!?_without_modular_daemons:1} +%define with_userfaultfd_sysctl 0%{!?_without_userfaultfd_sysctl:1} # A few optional bits off by default, we enable later %define with_numad 0%{!?_without_numad:0} @@ -67,6 +68,12 @@ %define with_numactl 0 %endif +# Tumbleweeed is new enough to support /dev/userfaultfd, which +# does not require enabling vm.unprivileged_userfaultfd sysct +%if 0%{?suse_version} > 1500 + %define with_userfaultfd_sysctl 0 +%endif + # vbox is available only on i386 x86_64 %ifnarch %{ix86} x86_64 %define with_vbox 0 @@ -128,7 +135,7 @@ Name: libvirt URL: https://libvirt.org/ -Version: 10.0.0 +Version: 10.1.0 Release: 0 Summary: Library providing a virtualization API License: LGPL-2.1-or-later @@ -900,6 +907,11 @@ libvirt plugin for NSS for translating domain names into IP addresses. %else %define arg_numad -Dnumad=disabled %endif +%if %{with_userfaultfd_sysctl} + %define arg_userfaultfd_sysctl -Duserfaultfd_sysctl=enabled +%else + %define arg_userfaultfd_sysctl -Duserfaultfd_sysctl=disabled +%endif %if %{with_nbdkit} %define arg_nbdkit -Dnbdkit=enabled %else @@ -1020,8 +1032,10 @@ libvirt plugin for NSS for translating domain names into IP addresses. -Dstorage_vstorage=disabled \ %{?arg_numactl} \ %{?arg_numad} \ + %{?arg_userfaultfd_sysctl} \ %{?arg_nbdkit} \ %{?arg_nbdkit_config_default} \ + -Dsysctl_config=enabled \ -Dcapng=enabled \ -Dfuse=enabled \ -Dnetcf=disabled \ @@ -1111,6 +1125,7 @@ rm -f %{buildroot}/%{_datadir}/augeas/lenses/libvirt_sanlock.aug rm -f %{buildroot}/%{_datadir}/augeas/lenses/tests/test_libvirt_sanlock.aug %endif +rm -f %{buildroot}/%{_sysusersdir}/libvirt-qemu.conf rm -f %{buildroot}/usr/lib/sysctl.d/60-libvirtd.conf # Provide rc symlink backward compatibility ln -s %{_sbindir}/service %{buildroot}/%{_sbindir}/rclibvirtd @@ -1696,7 +1711,9 @@ fi %if %{with_apparmor} %config(noreplace) %{_sysconfdir}/apparmor.d/usr.sbin.virtqemud %endif +%if %{with_userfaultfd_sysctl} %config(noreplace) %{_prefix}/lib/sysctl.d/60-qemu-postcopy-migration.conf +%endif %{_datadir}/augeas/lenses/virtqemud.aug %{_datadir}/augeas/lenses/tests/test_virtqemud.aug %{_unitdir}/virtqemud.service