libvirt (0.7.5-5ubuntu27.5) lucid-security; urgency=low
* SECURITY UPDATE: fix multiple issues with disk format for backing stores
which could allow a privileged guest user to access arbitrary files on
the host.
- debian/patches/9900-CVE-2010-2237-2238-2239.patch:
+ update security drivers to honor the user defined disk format when
looking up disk backing stores
+ update security drivers to honor the defined backing store disk format
when recursing into disk image backing stores
+ explicitly set the user defined backing store format when creating a
new image
- migrate virtual machine definitions with non-raw disks and previously
unspecified disk format with a one time probe on upgrades:
+ add debian/libvirt-migrate-qemu-disks
+ add debian/libvirt-migrate-qemu-disks.1
+ debian/libvirt-bin.postinst: updated to run
'libvirt-migrate-qemu-disks -a' on upgrades
+ debian/rules: cp debian/libvirt-migrate-qemu-disks into place
+ debian/libvirt-bin.manpages: install libvirt-migrate-qemu-disks.1
+ debian/README.Debian: updated for libvirt-migrate-qemu-disks
- CVE-2010-2237
- CVE-2010-2238
- CVE-2010-2239
* SECURITY UPDATE: fix to disallow privileged users in guests from accessing
privileged resources, such as NFS
- debian/patches/9901-CVE-2010-2242.patch: set iptables masqerading rules
to use ports 1024-65535
- CVE-2010-2242
Date: Wed, 01 Sep 2010 10:22:04 -0500
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/libvirt/0.7.5-5ubuntu27.5
Format: 1.8
Date: Wed, 01 Sep 2010 10:22:04 -0500
Source: libvirt
Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev python-libvirt
Architecture: source
Version: 0.7.5-5ubuntu27.5
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Description:
libvirt-bin - the programs for the libvirt library
libvirt-dev - development files for the libvirt library
libvirt-doc - documentation for the libvirt library
libvirt0 - library for interfacing with different virtualization systems
libvirt0-dbg - library for interfacing with different virtualization systems
python-libvirt - libvirt Python bindings
Changes:
libvirt (0.7.5-5ubuntu27.5) lucid-security; urgency=low
.
* SECURITY UPDATE: fix multiple issues with disk format for backing stores
which could allow a privileged guest user to access arbitrary files on
the host.
- debian/patches/9900-CVE-2010-2237-2238-2239.patch:
+ update security drivers to honor the user defined disk format when
looking up disk backing stores
+ update security drivers to honor the defined backing store disk format
when recursing into disk image backing stores
+ explicitly set the user defined backing store format when creating a
new image
- migrate virtual machine definitions with non-raw disks and previously
unspecified disk format with a one time probe on upgrades:
+ add debian/libvirt-migrate-qemu-disks
+ add debian/libvirt-migrate-qemu-disks.1
+ debian/libvirt-bin.postinst: updated to run
'libvirt-migrate-qemu-disks -a' on upgrades
+ debian/rules: cp debian/libvirt-migrate-qemu-disks into place
+ debian/libvirt-bin.manpages: install libvirt-migrate-qemu-disks.1
+ debian/README.Debian: updated for libvirt-migrate-qemu-disks
- CVE-2010-2237
- CVE-2010-2238
- CVE-2010-2239
* SECURITY UPDATE: fix to disallow privileged users in guests from accessing
privileged resources, such as NFS
- debian/patches/9901-CVE-2010-2242.patch: set iptables masqerading rules
to use ports 1024-65535
- CVE-2010-2242
Checksums-Sha1:
b5f2f9a0f9e09b93e8a985ad36eca8529b229b44 1996 libvirt_0.7.5-5ubuntu27.5.dsc
4057eef0188da3409d93019d94dfed30b4a1437e 77212
libvirt_0.7.5-5ubuntu27.5.diff.gz
Checksums-Sha256:
ded790c98f747d7dbccede1bbddedad3c37ac3e96e49fb23603ac3818d0e86df 1996
libvirt_0.7.5-5ubuntu27.5.dsc
a930fe1433ddcab48179d4027c4ba4cc2bd1eecff91e3a66f8a405aa5431bb74 77212
libvirt_0.7.5-5ubuntu27.5.diff.gz
Files:
ee13002bfba6799f6c19de6e6f9be91f 1996 libs optional
libvirt_0.7.5-5ubuntu27.5.dsc
fa5e47e0019f1433b96f8bd43609fbfa 77212 libs optional
libvirt_0.7.5-5ubuntu27.5.diff.gz
Original-Maintainer: Debian Libvirt Maintainers
<pkg-libvirt-maintain...@lists.alioth.debian.org>
--
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/lucid-changes
