[Touch-packages] [Bug 1691911] Re: SRU of LXC 2.0.8
** Changed in: lxc (Ubuntu Zesty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1691911
Title:
SRU of LXC 2.0.8
Status in lxc package in Ubuntu:
Fix Released
Status in lxc source package in Trusty:
New
Status in lxc source package in Xenial:
Fix Released
Status in lxc source package in Yakkety:
Fix Released
Status in lxc source package in Zesty:
Fix Released
Status in lxc source package in Artful:
Fix Released
Bug description:
LXC upstream released LXC 2.0.8 as a bugfix release with following changelog:
- Security fix for CVE-2017-5985 (previously fixed in Ubuntu)
- All templates have been updated to not set default passwords anymore,
instead requiring lxc-attach be used to configure users.
This may affect some automated environments that were relying on our
default (very much insecure) users.
- Make lxc-start-ephemeral Python 3.2-compatible
- Fix typo
- Allow build without sys/capability.h
- lxc-opensuse: fix default value for release code
- util: always malloc for setproctitle
- util: update setproctitle comments
- confile: clear lxc.network..ipv{4,6} when empty
- lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals
- Make lxc-net return non-zero on failure
- seccomp: allow x32 guests on amd64 hosts.
- Add HAVE_LIBCAP
- c/r: only supply --ext-mount-map for bind mounts
- Added 'mkdir -p' functionality in create_or_remove_cgroup
- Use LXC_ROOTFS_MOUNT in clonehostname hook
- squeeze is not a supported release anymore, drop the key
- start: dumb down SIGCHLD from WARN() to NOTICE()
- log: fix lxc_unix_epoch_to_utc()
- cgfsng: make trim() safer
- seccomp: set SCMP_FLTATR_ATL_TSKIP if available
- lxc-user-nic: re-order #includes
- lxc-user-nic: improve + bugfix
- lxc-user-nic: delete link on failure
- conf: only try to delete veth when privileged
- Fix lxc-containers to support multiple bridges
- Fix mixed tab/spaces in previous patch
- lxc-alpine: use dl-cdn.a.o as default mirror instead of random one
- lxc-checkconfig: verify new[ug]idmap are setuid-root
- [templates] archlinux: resolve conflicting files
- [templates] archlinux: noneed default_timezone variable
- python3: Deal with potential NULL char*
- lxc-download.in / allow setting keyserver from env
- lxc-download.in / Document keyserver change in help
- Change variable check to match existing style
- tree-wide: include directly
- conf/ile: make sure buffer is large enough
- tree-wide: include directly
- tests: Support running on IPv6 networks
- tests: Kill containers (don't wait for shutdown)
- Fix opening wrong file in suggest_default_idmap
- do not set the root password in the debian template
- do not set insecure passwords
- don't set a default password for altlinux, gentoo, openmandriva and pld
- tools: exit with return code of lxc_execute()
- Keep veth.pair.name on network shutdown
- Makefile: fix static clang init.lxc build
- Avoid waiting for bridge interface if disabled in sysconfig/lxc
- Increased buffer length in print_stats()
- avoid assigning to a variable which is not POSIX shell proof (bug #1498)
- remove obsolete note about api stability
- conf: less error prone pointer access
- conf: lxc_map_ids() non-functional changes
- caps: add lxc_{proc,file}_cap_is_set()
- conf: check for {filecaps,setuid} on new{g,u}idmap
- conf: improve log when mounting rootfs
- ls: simplify the judgment condition when list active containers
- fix typo introduced in #1509
- attach|unshare: fix the wrong comment
- caps: skip file capability checks on android
- autotools: check for cap_get_file
- caps: return false if caps are not supported
- conf: non-functional changes to setup_pts()
- conf: use bind-mount for /dev/ptmx
- conf: non-functional changes
- utils: use loop device helpers from LXD
- create ISSUE_TEMPLATE.md
- cgroups: improve cgfsng debugging
- issue template: fix typo
- conf: close fd in lxc_setup_devpts()
- conf: non-functional changes
- utils: tweak lxc_mount_proc_if_needed()
- Change sshd template to work with Ubuntu 17.04
- conf: order mount options
- conf: add MS_LAZYTIME to mount options
- monitor: report errno on exec() error
- af unix: allow for maximum socket name
- commands: avoid NULL pointer dereference
- commands: non-functional changes
- lxccontainer: avoid NULL pointer dereference
- monitor: simplify abstract socket logic
- precise is not the
[Touch-packages] [Bug 1691911] Re: SRU of LXC 2.0.8
This has been in the development release and our PPA for a while now
without any report of regressions. Releasing.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1691911
Title:
SRU of LXC 2.0.8
Status in lxc package in Ubuntu:
Fix Released
Status in lxc source package in Trusty:
New
Status in lxc source package in Xenial:
Fix Released
Status in lxc source package in Yakkety:
Fix Released
Status in lxc source package in Zesty:
Fix Released
Status in lxc source package in Artful:
Fix Released
Bug description:
LXC upstream released LXC 2.0.8 as a bugfix release with following changelog:
- Security fix for CVE-2017-5985 (previously fixed in Ubuntu)
- All templates have been updated to not set default passwords anymore,
instead requiring lxc-attach be used to configure users.
This may affect some automated environments that were relying on our
default (very much insecure) users.
- Make lxc-start-ephemeral Python 3.2-compatible
- Fix typo
- Allow build without sys/capability.h
- lxc-opensuse: fix default value for release code
- util: always malloc for setproctitle
- util: update setproctitle comments
- confile: clear lxc.network..ipv{4,6} when empty
- lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals
- Make lxc-net return non-zero on failure
- seccomp: allow x32 guests on amd64 hosts.
- Add HAVE_LIBCAP
- c/r: only supply --ext-mount-map for bind mounts
- Added 'mkdir -p' functionality in create_or_remove_cgroup
- Use LXC_ROOTFS_MOUNT in clonehostname hook
- squeeze is not a supported release anymore, drop the key
- start: dumb down SIGCHLD from WARN() to NOTICE()
- log: fix lxc_unix_epoch_to_utc()
- cgfsng: make trim() safer
- seccomp: set SCMP_FLTATR_ATL_TSKIP if available
- lxc-user-nic: re-order #includes
- lxc-user-nic: improve + bugfix
- lxc-user-nic: delete link on failure
- conf: only try to delete veth when privileged
- Fix lxc-containers to support multiple bridges
- Fix mixed tab/spaces in previous patch
- lxc-alpine: use dl-cdn.a.o as default mirror instead of random one
- lxc-checkconfig: verify new[ug]idmap are setuid-root
- [templates] archlinux: resolve conflicting files
- [templates] archlinux: noneed default_timezone variable
- python3: Deal with potential NULL char*
- lxc-download.in / allow setting keyserver from env
- lxc-download.in / Document keyserver change in help
- Change variable check to match existing style
- tree-wide: include directly
- conf/ile: make sure buffer is large enough
- tree-wide: include directly
- tests: Support running on IPv6 networks
- tests: Kill containers (don't wait for shutdown)
- Fix opening wrong file in suggest_default_idmap
- do not set the root password in the debian template
- do not set insecure passwords
- don't set a default password for altlinux, gentoo, openmandriva and pld
- tools: exit with return code of lxc_execute()
- Keep veth.pair.name on network shutdown
- Makefile: fix static clang init.lxc build
- Avoid waiting for bridge interface if disabled in sysconfig/lxc
- Increased buffer length in print_stats()
- avoid assigning to a variable which is not POSIX shell proof (bug #1498)
- remove obsolete note about api stability
- conf: less error prone pointer access
- conf: lxc_map_ids() non-functional changes
- caps: add lxc_{proc,file}_cap_is_set()
- conf: check for {filecaps,setuid} on new{g,u}idmap
- conf: improve log when mounting rootfs
- ls: simplify the judgment condition when list active containers
- fix typo introduced in #1509
- attach|unshare: fix the wrong comment
- caps: skip file capability checks on android
- autotools: check for cap_get_file
- caps: return false if caps are not supported
- conf: non-functional changes to setup_pts()
- conf: use bind-mount for /dev/ptmx
- conf: non-functional changes
- utils: use loop device helpers from LXD
- create ISSUE_TEMPLATE.md
- cgroups: improve cgfsng debugging
- issue template: fix typo
- conf: close fd in lxc_setup_devpts()
- conf: non-functional changes
- utils: tweak lxc_mount_proc_if_needed()
- Change sshd template to work with Ubuntu 17.04
- conf: order mount options
- conf: add MS_LAZYTIME to mount options
- monitor: report errno on exec() error
- af unix: allow for maximum socket name
- commands: avoid NULL pointer dereference
- commands: non-functional changes
- lxccontainer: avoid NULL pointer dereference
- monitor: simplify abstract soc
[Touch-packages] [Bug 1691911] Re: SRU of LXC 2.0.8
This bug was fixed in the package lxc - 2.0.8-0ubuntu1~16.10.2
---
lxc (2.0.8-0ubuntu1~16.10.2) yakkety; urgency=medium
* Cherry-pick upstream workaround for ppc64el failure:
- 0011-utils-fix-ppc64le-builds.patch
-- Stéphane Graber Mon, 29 May 2017 14:39:52
-0400
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1691911
Title:
SRU of LXC 2.0.8
Status in lxc package in Ubuntu:
Fix Released
Status in lxc source package in Trusty:
New
Status in lxc source package in Xenial:
Fix Released
Status in lxc source package in Yakkety:
Fix Released
Status in lxc source package in Zesty:
Fix Released
Status in lxc source package in Artful:
Fix Released
Bug description:
LXC upstream released LXC 2.0.8 as a bugfix release with following changelog:
- Security fix for CVE-2017-5985 (previously fixed in Ubuntu)
- All templates have been updated to not set default passwords anymore,
instead requiring lxc-attach be used to configure users.
This may affect some automated environments that were relying on our
default (very much insecure) users.
- Make lxc-start-ephemeral Python 3.2-compatible
- Fix typo
- Allow build without sys/capability.h
- lxc-opensuse: fix default value for release code
- util: always malloc for setproctitle
- util: update setproctitle comments
- confile: clear lxc.network..ipv{4,6} when empty
- lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals
- Make lxc-net return non-zero on failure
- seccomp: allow x32 guests on amd64 hosts.
- Add HAVE_LIBCAP
- c/r: only supply --ext-mount-map for bind mounts
- Added 'mkdir -p' functionality in create_or_remove_cgroup
- Use LXC_ROOTFS_MOUNT in clonehostname hook
- squeeze is not a supported release anymore, drop the key
- start: dumb down SIGCHLD from WARN() to NOTICE()
- log: fix lxc_unix_epoch_to_utc()
- cgfsng: make trim() safer
- seccomp: set SCMP_FLTATR_ATL_TSKIP if available
- lxc-user-nic: re-order #includes
- lxc-user-nic: improve + bugfix
- lxc-user-nic: delete link on failure
- conf: only try to delete veth when privileged
- Fix lxc-containers to support multiple bridges
- Fix mixed tab/spaces in previous patch
- lxc-alpine: use dl-cdn.a.o as default mirror instead of random one
- lxc-checkconfig: verify new[ug]idmap are setuid-root
- [templates] archlinux: resolve conflicting files
- [templates] archlinux: noneed default_timezone variable
- python3: Deal with potential NULL char*
- lxc-download.in / allow setting keyserver from env
- lxc-download.in / Document keyserver change in help
- Change variable check to match existing style
- tree-wide: include directly
- conf/ile: make sure buffer is large enough
- tree-wide: include directly
- tests: Support running on IPv6 networks
- tests: Kill containers (don't wait for shutdown)
- Fix opening wrong file in suggest_default_idmap
- do not set the root password in the debian template
- do not set insecure passwords
- don't set a default password for altlinux, gentoo, openmandriva and pld
- tools: exit with return code of lxc_execute()
- Keep veth.pair.name on network shutdown
- Makefile: fix static clang init.lxc build
- Avoid waiting for bridge interface if disabled in sysconfig/lxc
- Increased buffer length in print_stats()
- avoid assigning to a variable which is not POSIX shell proof (bug #1498)
- remove obsolete note about api stability
- conf: less error prone pointer access
- conf: lxc_map_ids() non-functional changes
- caps: add lxc_{proc,file}_cap_is_set()
- conf: check for {filecaps,setuid} on new{g,u}idmap
- conf: improve log when mounting rootfs
- ls: simplify the judgment condition when list active containers
- fix typo introduced in #1509
- attach|unshare: fix the wrong comment
- caps: skip file capability checks on android
- autotools: check for cap_get_file
- caps: return false if caps are not supported
- conf: non-functional changes to setup_pts()
- conf: use bind-mount for /dev/ptmx
- conf: non-functional changes
- utils: use loop device helpers from LXD
- create ISSUE_TEMPLATE.md
- cgroups: improve cgfsng debugging
- issue template: fix typo
- conf: close fd in lxc_setup_devpts()
- conf: non-functional changes
- utils: tweak lxc_mount_proc_if_needed()
- Change sshd template to work with Ubuntu 17.04
- conf: order mount options
- conf: add MS_LAZYTIME to mount options
- monitor: report errno on exec() error
- af unix: allow for maximum socket name
-
[Touch-packages] [Bug 1691911] Re: SRU of LXC 2.0.8
This bug was fixed in the package lxc - 2.0.8-0ubuntu1~16.04.2
---
lxc (2.0.8-0ubuntu1~16.04.2) xenial; urgency=medium
* Cherry-pick upstream workaround for ppc64el failure:
- 0011-utils-fix-ppc64le-builds.patch
-- Stéphane Graber Mon, 29 May 2017 14:37:15
-0400
** Changed in: lxc (Ubuntu Xenial)
Status: Fix Committed => Fix Released
** Changed in: lxc (Ubuntu Yakkety)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1691911
Title:
SRU of LXC 2.0.8
Status in lxc package in Ubuntu:
Fix Released
Status in lxc source package in Trusty:
New
Status in lxc source package in Xenial:
Fix Released
Status in lxc source package in Yakkety:
Fix Released
Status in lxc source package in Zesty:
Fix Released
Status in lxc source package in Artful:
Fix Released
Bug description:
LXC upstream released LXC 2.0.8 as a bugfix release with following changelog:
- Security fix for CVE-2017-5985 (previously fixed in Ubuntu)
- All templates have been updated to not set default passwords anymore,
instead requiring lxc-attach be used to configure users.
This may affect some automated environments that were relying on our
default (very much insecure) users.
- Make lxc-start-ephemeral Python 3.2-compatible
- Fix typo
- Allow build without sys/capability.h
- lxc-opensuse: fix default value for release code
- util: always malloc for setproctitle
- util: update setproctitle comments
- confile: clear lxc.network..ipv{4,6} when empty
- lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals
- Make lxc-net return non-zero on failure
- seccomp: allow x32 guests on amd64 hosts.
- Add HAVE_LIBCAP
- c/r: only supply --ext-mount-map for bind mounts
- Added 'mkdir -p' functionality in create_or_remove_cgroup
- Use LXC_ROOTFS_MOUNT in clonehostname hook
- squeeze is not a supported release anymore, drop the key
- start: dumb down SIGCHLD from WARN() to NOTICE()
- log: fix lxc_unix_epoch_to_utc()
- cgfsng: make trim() safer
- seccomp: set SCMP_FLTATR_ATL_TSKIP if available
- lxc-user-nic: re-order #includes
- lxc-user-nic: improve + bugfix
- lxc-user-nic: delete link on failure
- conf: only try to delete veth when privileged
- Fix lxc-containers to support multiple bridges
- Fix mixed tab/spaces in previous patch
- lxc-alpine: use dl-cdn.a.o as default mirror instead of random one
- lxc-checkconfig: verify new[ug]idmap are setuid-root
- [templates] archlinux: resolve conflicting files
- [templates] archlinux: noneed default_timezone variable
- python3: Deal with potential NULL char*
- lxc-download.in / allow setting keyserver from env
- lxc-download.in / Document keyserver change in help
- Change variable check to match existing style
- tree-wide: include directly
- conf/ile: make sure buffer is large enough
- tree-wide: include directly
- tests: Support running on IPv6 networks
- tests: Kill containers (don't wait for shutdown)
- Fix opening wrong file in suggest_default_idmap
- do not set the root password in the debian template
- do not set insecure passwords
- don't set a default password for altlinux, gentoo, openmandriva and pld
- tools: exit with return code of lxc_execute()
- Keep veth.pair.name on network shutdown
- Makefile: fix static clang init.lxc build
- Avoid waiting for bridge interface if disabled in sysconfig/lxc
- Increased buffer length in print_stats()
- avoid assigning to a variable which is not POSIX shell proof (bug #1498)
- remove obsolete note about api stability
- conf: less error prone pointer access
- conf: lxc_map_ids() non-functional changes
- caps: add lxc_{proc,file}_cap_is_set()
- conf: check for {filecaps,setuid} on new{g,u}idmap
- conf: improve log when mounting rootfs
- ls: simplify the judgment condition when list active containers
- fix typo introduced in #1509
- attach|unshare: fix the wrong comment
- caps: skip file capability checks on android
- autotools: check for cap_get_file
- caps: return false if caps are not supported
- conf: non-functional changes to setup_pts()
- conf: use bind-mount for /dev/ptmx
- conf: non-functional changes
- utils: use loop device helpers from LXD
- create ISSUE_TEMPLATE.md
- cgroups: improve cgfsng debugging
- issue template: fix typo
- conf: close fd in lxc_setup_devpts()
- conf: non-functional changes
- utils: tweak lxc_mount_proc_if_needed()
- Change sshd template to work with Ubuntu 17.04
- conf: order
[Touch-packages] [Bug 1691911] Re: SRU of LXC 2.0.8
Hello Stéphane, or anyone else affected,
Accepted lxc into zesty-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/lxc/2.0.8-0ubuntu1~17.04.1 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed. In either case, details of your testing will help
us make a better decision.
Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance!
** Changed in: lxc (Ubuntu Zesty)
Status: In Progress => Fix Committed
** Tags added: verification-needed
** Changed in: lxc (Ubuntu Yakkety)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1691911
Title:
SRU of LXC 2.0.8
Status in lxc package in Ubuntu:
Fix Released
Status in lxc source package in Trusty:
New
Status in lxc source package in Xenial:
Fix Committed
Status in lxc source package in Yakkety:
Fix Committed
Status in lxc source package in Zesty:
Fix Committed
Status in lxc source package in Artful:
Fix Released
Bug description:
LXC upstream released LXC 2.0.8 as a bugfix release with following changelog:
- Security fix for CVE-2017-5985 (previously fixed in Ubuntu)
- All templates have been updated to not set default passwords anymore,
instead requiring lxc-attach be used to configure users.
This may affect some automated environments that were relying on our
default (very much insecure) users.
- Make lxc-start-ephemeral Python 3.2-compatible
- Fix typo
- Allow build without sys/capability.h
- lxc-opensuse: fix default value for release code
- util: always malloc for setproctitle
- util: update setproctitle comments
- confile: clear lxc.network..ipv{4,6} when empty
- lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals
- Make lxc-net return non-zero on failure
- seccomp: allow x32 guests on amd64 hosts.
- Add HAVE_LIBCAP
- c/r: only supply --ext-mount-map for bind mounts
- Added 'mkdir -p' functionality in create_or_remove_cgroup
- Use LXC_ROOTFS_MOUNT in clonehostname hook
- squeeze is not a supported release anymore, drop the key
- start: dumb down SIGCHLD from WARN() to NOTICE()
- log: fix lxc_unix_epoch_to_utc()
- cgfsng: make trim() safer
- seccomp: set SCMP_FLTATR_ATL_TSKIP if available
- lxc-user-nic: re-order #includes
- lxc-user-nic: improve + bugfix
- lxc-user-nic: delete link on failure
- conf: only try to delete veth when privileged
- Fix lxc-containers to support multiple bridges
- Fix mixed tab/spaces in previous patch
- lxc-alpine: use dl-cdn.a.o as default mirror instead of random one
- lxc-checkconfig: verify new[ug]idmap are setuid-root
- [templates] archlinux: resolve conflicting files
- [templates] archlinux: noneed default_timezone variable
- python3: Deal with potential NULL char*
- lxc-download.in / allow setting keyserver from env
- lxc-download.in / Document keyserver change in help
- Change variable check to match existing style
- tree-wide: include directly
- conf/ile: make sure buffer is large enough
- tree-wide: include directly
- tests: Support running on IPv6 networks
- tests: Kill containers (don't wait for shutdown)
- Fix opening wrong file in suggest_default_idmap
- do not set the root password in the debian template
- do not set insecure passwords
- don't set a default password for altlinux, gentoo, openmandriva and pld
- tools: exit with return code of lxc_execute()
- Keep veth.pair.name on network shutdown
- Makefile: fix static clang init.lxc build
- Avoid waiting for bridge interface if disabled in sysconfig/lxc
- Increased buffer length in print_stats()
- avoid assigning to a variable which is not POSIX shell proof (bug #1498)
- remove obsolete note about api stability
- conf: less error prone pointer access
- conf: lxc_map_ids() non-functional changes
- caps: add lxc_{proc,file}_cap_is_set()
- conf: check for {filecaps,setuid} on new{g,u}idmap
- conf: improve log when mounting rootfs
- ls: simplify the judgment condition whe
