ubuntu/+source/libvirt:applied/debian/stretch

Last commit made on 2019-09-07
Get this branch:
git clone -b applied/debian/stretch https://git.launchpad.net/ubuntu/+source/libvirt
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/debian/stretch
Repository:
lp:ubuntu/+source/libvirt

Recent commits

fbbcaec... by Guido Günther on 2019-06-12

Import patches-applied version 3.0.0-4+deb9u4 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: deea180f2a31ccb272cd64a0f2b838267779d26f
Unapplied parent: 5cc463a1a87f5b8745db8d5e6ed098dd4d66fa0b

New changelog entries:
  * Fix CVEs related to privilege escalations on R/O connections.
    - CVE-2019-10161:
      CVE-2019-10161-api-disallow-virDomainSaveImageGetXMLDesc-.patch
    - CVE-2019-10167:
      api-disallow-virConnectGetDomainCapabilities-on-read-only.patch
  * cpu_map: Define md-clear CPUID bit.
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * Add spec-ctrl and ibpb CPU features and ibrs CPU models.
    CVE-2017-5753, CVE-2017-5715
  * Add ssbd CPU feature.
    CVE-2018-3639

5cc463a... by Guido Günther on 2019-06-12

api: disallow virConnectGetDomainCapabilities on read-only

Gbp-Pq: security/api-disallow-virConnectGetDomainCapabilities-on-read-only.patch.

8c85c38... by Guido Günther on 2019-06-12

CVE-2019-10161: api: disallow virDomainSaveImageGetXMLDesc on

Gbp-Pq: security/CVE-2019-10161-api-disallow-virDomainSaveImageGetXMLDesc-.patch.

15ca034... by Guido Günther on 2019-06-12

cpu: add 'amd-ssbd' and 'amd-no-ssb' CPU features (CVE-2018-3639)

Gbp-Pq: cpu-add-amd-ssbd-and-amd-no-ssb-CPU-features-CVE-2018-363.patch.

c825e11... by Guido Günther on 2019-06-12

cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)

Gbp-Pq: cpu-define-the-virt-ssbd-CPUID-feature-bit-CVE-2018-3639.patch.

3788f13... by Guido Günther on 2019-06-12

cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)

Gbp-Pq: cpu-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch.

1284e7f... by Guido Günther on 2019-06-12

cpu: Add Skylake-Client-IBRS CPU model

Gbp-Pq: security/cpu-Add-Skylake-Client-IBRS-CPU-model.patch.

027ae4f... by Guido Günther on 2019-06-12

cpu: Add Broadwell-IBRS CPU model

Gbp-Pq: security/cpu-Add-Broadwell-IBRS-CPU-model.patch.

711ca13... by Guido Günther on 2019-06-12

cpu: Add Broadwell-noTSX-IBRS CPU model

Gbp-Pq: security/cpu-Add-Broadwell-noTSX-IBRS-CPU-model.patch.

87549b2... by Guido Günther on 2019-06-12

cpu: Add Haswell-IBRS CPU model

Gbp-Pq: security/cpu-Add-Haswell-IBRS-CPU-model.patch.