libvirt (0.7.5-5ubuntu27.5) lucid-security; urgency=low * SECURITY UPDATE: fix multiple issues with disk format for backing stores which could allow a privileged guest user to access arbitrary files on the host. - debian/patches/9900-CVE-2010-2237-2238-2239.patch: + update security drivers to honor the user defined disk format when looking up disk backing stores + update security drivers to honor the defined backing store disk format when recursing into disk image backing stores + explicitly set the user defined backing store format when creating a new image - migrate virtual machine definitions with non-raw disks and previously unspecified disk format with a one time probe on upgrades: + add debian/libvirt-migrate-qemu-disks + add debian/libvirt-migrate-qemu-disks.1 + debian/libvirt-bin.postinst: updated to run 'libvirt-migrate-qemu-disks -a' on upgrades + debian/rules: cp debian/libvirt-migrate-qemu-disks into place + debian/libvirt-bin.manpages: install libvirt-migrate-qemu-disks.1 + debian/README.Debian: updated for libvirt-migrate-qemu-disks - CVE-2010-2237 - CVE-2010-2238 - CVE-2010-2239 * SECURITY UPDATE: fix to disallow privileged users in guests from accessing privileged resources, such as NFS - debian/patches/9901-CVE-2010-2242.patch: set iptables masqerading rules to use ports 1024-65535 - CVE-2010-2242
Date: Wed, 01 Sep 2010 10:22:04 -0500 Changed-By: Jamie Strandboge <ja...@ubuntu.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/lucid/+source/libvirt/0.7.5-5ubuntu27.5
Format: 1.8 Date: Wed, 01 Sep 2010 10:22:04 -0500 Source: libvirt Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev python-libvirt Architecture: source Version: 0.7.5-5ubuntu27.5 Distribution: lucid-security Urgency: low Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Jamie Strandboge <ja...@ubuntu.com> Description: libvirt-bin - the programs for the libvirt library libvirt-dev - development files for the libvirt library libvirt-doc - documentation for the libvirt library libvirt0 - library for interfacing with different virtualization systems libvirt0-dbg - library for interfacing with different virtualization systems python-libvirt - libvirt Python bindings Changes: libvirt (0.7.5-5ubuntu27.5) lucid-security; urgency=low . * SECURITY UPDATE: fix multiple issues with disk format for backing stores which could allow a privileged guest user to access arbitrary files on the host. - debian/patches/9900-CVE-2010-2237-2238-2239.patch: + update security drivers to honor the user defined disk format when looking up disk backing stores + update security drivers to honor the defined backing store disk format when recursing into disk image backing stores + explicitly set the user defined backing store format when creating a new image - migrate virtual machine definitions with non-raw disks and previously unspecified disk format with a one time probe on upgrades: + add debian/libvirt-migrate-qemu-disks + add debian/libvirt-migrate-qemu-disks.1 + debian/libvirt-bin.postinst: updated to run 'libvirt-migrate-qemu-disks -a' on upgrades + debian/rules: cp debian/libvirt-migrate-qemu-disks into place + debian/libvirt-bin.manpages: install libvirt-migrate-qemu-disks.1 + debian/README.Debian: updated for libvirt-migrate-qemu-disks - CVE-2010-2237 - CVE-2010-2238 - CVE-2010-2239 * SECURITY UPDATE: fix to disallow privileged users in guests from accessing privileged resources, such as NFS - debian/patches/9901-CVE-2010-2242.patch: set iptables masqerading rules to use ports 1024-65535 - CVE-2010-2242 Checksums-Sha1: b5f2f9a0f9e09b93e8a985ad36eca8529b229b44 1996 libvirt_0.7.5-5ubuntu27.5.dsc 4057eef0188da3409d93019d94dfed30b4a1437e 77212 libvirt_0.7.5-5ubuntu27.5.diff.gz Checksums-Sha256: ded790c98f747d7dbccede1bbddedad3c37ac3e96e49fb23603ac3818d0e86df 1996 libvirt_0.7.5-5ubuntu27.5.dsc a930fe1433ddcab48179d4027c4ba4cc2bd1eecff91e3a66f8a405aa5431bb74 77212 libvirt_0.7.5-5ubuntu27.5.diff.gz Files: ee13002bfba6799f6c19de6e6f9be91f 1996 libs optional libvirt_0.7.5-5ubuntu27.5.dsc fa5e47e0019f1433b96f8bd43609fbfa 77212 libs optional libvirt_0.7.5-5ubuntu27.5.diff.gz Original-Maintainer: Debian Libvirt Maintainers <pkg-libvirt-maintain...@lists.alioth.debian.org>
-- Lucid-changes mailing list Lucid-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/lucid-changes