ubuntu/+source/libvirt:ubuntu/xenial-security

Last commit made on 2019-07-08
Get this branch:
git clone -b ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/libvirt
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/xenial-security
Repository:
lp:ubuntu/+source/libvirt

Recent commits

d4465e3... by Marc Deslauriers on 2019-07-02

Import patches-unapplied version 1.3.1-1ubuntu10.27 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: d7d6c91c7e0ea56dae910b86adbe9f09779fec5e

New changelog entries:
  * SECURITY UPDATE: virDomainSaveImageGetXMLDesc does not check for
    read-only connection
    - debian/patches/CVE-2019-10161.patch: add check to
      src/libvirt-domain.c, src/qemu/qemu_driver.c,
      src/remote/remote_protocol.x.
    - CVE-2019-10161
  * SECURITY UPDATE: virConnectGetDomainCapabilities does not check for
    read-only connection
    - debian/patches/CVE-2019-10167.patch: add check to
      src/libvirt-domain.c.
    - CVE-2019-10167

d7d6c91... by Marc Deslauriers on 2019-05-14

Import patches-unapplied version 1.3.1-1ubuntu10.26 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 14b41dd724ea19df77efb931eada93cb0ac932e3

New changelog entries:
  * SECURITY UPDATE: Add support for md-clear functionality
    - debian/patches/md-clear.patch: Define md-clear CPUID bit in
      src/cpu/cpu_map.xml.
    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

14b41dd... by Marc Deslauriers on 2019-03-13

Import patches-unapplied version 1.3.1-1ubuntu10.25 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: e89b5fb75511bdc694342ab94a537ea76f0e33f5

New changelog entries:
  * SECURITY UPDATE: NULL pointer dereference in qemuAgentGetInterfaces
    - debian/patches/CVE-2019-3840.patch: require a reply in
      src/qemu/qemu_agent.c.
    - CVE-2019-3840

e89b5fb... by Marc Deslauriers on 2018-05-23

Import patches-unapplied version 1.3.1-1ubuntu10.24 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 970840886a2e2ae2188f214b328f38028cb8c25e

New changelog entries:
  * SECURITY UPDATE: QEMU monitor DoS
    - debian/patches/CVE-2018-1064.patch: add size limit to
      src/qemu/qemu_agent.c.
    - CVE-2018-1064
  * SECURITY UPDATE: Speculative Store Bypass
    - debian/patches/CVE-2018-3639-1.patch: define the 'ssbd' CPUID feature
      bit in src/cpu/cpu_map.xml.
    - debian/patches/CVE-2018-3639-2.patch: define the 'virt-ssbd' CPUID
      feature bit in src/cpu/cpu_map.xml.
    - CVE-2018-3639

9708408... by Christian Ehrhardt  on 2018-05-11

Import patches-unapplied version 1.3.1-1ubuntu10.23 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 3dec63d531037375c34cdf398a024799158d70da

New changelog entries:
  * Fix nwfilters that set CTRL_IP_LEARNING set to dhcp failing with "An error
    occurred, but the cause is unknown" due to a buffer being too small
    for pcap with TPACKET_V3 enabled (LP: #1758037)
    - debian/patches/ubuntu/lp-1758037-nwfilter-increase-pcap-buffer-size.patch

3dec63d... by Christian Ehrhardt  on 2018-04-25

Import patches-unapplied version 1.3.1-1ubuntu10.22 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: f07348780564521c867e13a5e4156eba625dcf07

New changelog entries:
  * Fix clean shut down of guests on system shutdown (LP: #1764668)
    - d/p/ubuntu/lp-1764668-do-not-report-unknown-guests.patch
    - d/p/ubuntu/lp-1764668-fix-check_guests_shutdown-loop.patch

f073487... by Christian Ehrhardt  on 2018-04-04

Import patches-unapplied version 1.3.1-1ubuntu10.21 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: b9fb5a25154d5ffb14cf031881e7ce8a3577476b

New changelog entries:
  * d/p/ubuntu/lp1688508-fix-variable-scope-in-in-check_guests_shutdown.patch:
    backport further upstream fixes that were identified on verification.
    Together with the former change this fixes (LP: #1688508)
  * d/p/ubuntu/lp1753604-nwfilter-fix-lock-order-deadlock.patch:
    fix intermittent deadlock in NWFilter handling (LP: #1753604)

b9fb5a2... by Dariusz Gadomski on 2018-02-26

Import patches-unapplied version 1.3.1-1ubuntu10.20 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 82cde88af48dd5c4242a162306696c4a381ec091

New changelog entries:
  * d/p/ubuntu/lp1688508-tools-avoid-text-spilling-into-variables.patch:
    avoid hanging on shutdown (LP: #1688508)

82cde88... by Marc Deslauriers on 2018-02-16

Import patches-unapplied version 1.3.1-1ubuntu10.19 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: f15af7004e6ce33049f02dcb2efe6b6ac0e02f63

New changelog entries:
  [ Leonidas S. Barbosa ]
  * SECURITY UPDATE: resource exhaustion resulting in DoS
    - debian/patches/CVE-2018-5748.patch: avoid DoS reading from
      QEMU monitor in src/qemu/qemu_monitor.c.
    - CVE-2018-5748
  * SECURITY UPDATE: Bypass authentication
    - debian/patches/CVE-2016-5008.patch: let empty default VNC
      password work as documented in src/qemu/qemu_hotplug.c.
    - CVE-2016-5008
  [ Marc Deslauriers ]
  * SECURITY UPDATE: code injection via libnss_dns.so
    - debian/patches/CVE-2018-6764-1.patch: determine the hostname on
      startup in src/util/virlog.c.
    - debian/patches/CVE-2018-6764-2.patch: fix syntax-check in
      src/util/virlog.c.
    - debian/patches/CVE-2018-6764-3.patch: fix deadlock obtaining hostname
      in cfg.mk, src/util/virlog.c.
    - CVE-2018-6764

f15af70... by Seyeong Kim on 2018-02-01

Import patches-unapplied version 1.3.1-1ubuntu10.18 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: b72c732f535183d599b0c7fc067fd27e10391748

New changelog entries:
  * virsh api is stuck when vm is down with NFS borken (LP: #1746630)
    - d/p/0001-qemu-driver-Remove-unnecessary-flag-in-qemuDomainGet.patch
      qemu: driver: Remove unnecessary flag in qemuDomainGetStatsBlock
    - d/p/0002-qemu-driver-Separate-bulk-stats-worker-for-block-dev.patch
      qemu: driver: Separate bulk stats worker for block devices
    - d/p/0003-qemu-bulk-stats-Don-t-access-possibly-blocked-storag.patch
      qemu: bulk stats: Don't access possibly blocked storage