lxc (2.0.11-0ubuntu1~16.04.3) xenial; urgency=medium * Cherry-pick upstream bugfix (fixes regression on attach with uid/gid): - attach: improve id switching - utils: make id switching functions return bool -- Stéphane Graber Tue, 09 Apr 2019 13:58:10 -0400 lxc (2.0.11-0ubuntu1~16.04.2) xenial; urgency=medium * Use clean LDFLAGS when building the static init.lxc, otherwise we end up with broken binaries on some architectures. -- Stéphane Graber Tue, 09 Apr 2019 12:36:36 -0400 lxc (2.0.11-0ubuntu1~16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.11) (LP: #1816642) - Security fix for CVE-2018-6556 (affecting 2.0.9+) - Mitigation for CVE-2019-5736 - Full changelog available at: https://discuss.linuxcontainers.org/t/lxc-2-0-11-has-been-released/4238 -- Stéphane Graber Mon, 04 Mar 2019 15:07:19 -0500 lxc (2.0.8-0ubuntu1~16.04.2) xenial; urgency=medium * Cherry-pick upstream workaround for ppc64el failure: - 0011-utils-fix-ppc64le-builds.patch -- Stéphane Graber Mon, 29 May 2017 14:37:15 -0400 lxc (2.0.8-0ubuntu1~16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.8) (LP: #1691911): - Security fix for CVE-2017-5985 (previously fixed in Ubuntu) - All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. This may affect some automated environments that were relying on our default (very much insecure) users. - Make lxc-start-ephemeral Python 3.2-compatible - Fix typo - Allow build without sys/capability.h - lxc-opensuse: fix default value for release code - util: always malloc for setproctitle - util: update setproctitle comments - confile: clear lxc.network..ipv{4,6} when empty - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Make lxc-net return non-zero on failure - seccomp: allow x32 guests on amd64 hosts. - Add HAVE_LIBCAP - c/r: only supply --ext-mount-map for bind mounts - Added 'mkdir -p' functionality in create_or_remove_cgroup - Use LXC_ROOTFS_MOUNT in clonehostname hook - squeeze is not a supported release anymore, drop the key - start: dumb down SIGCHLD from WARN() to NOTICE() - log: fix lxc_unix_epoch_to_utc() - cgfsng: make trim() safer - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-user-nic: re-order #includes - lxc-user-nic: improve + bugfix - lxc-user-nic: delete link on failure - conf: only try to delete veth when privileged - Fix lxc-containers to support multiple bridges - Fix mixed tab/spaces in previous patch - lxc-alpine: use dl-cdn.a.o as default mirror instead of random one - lxc-checkconfig: verify new[ug]idmap are setuid-root - [templates] archlinux: resolve conflicting files - [templates] archlinux: noneed default_timezone variable - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tree-wide: include directly - conf/ile: make sure buffer is large enough - tree-wide: include directly - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - do not set the root password in the debian template - do not set insecure passwords - don't set a default password for altlinux, gentoo, openmandriva and pld - tools: exit with return code of lxc_execute() - Keep veth.pair.name on network shutdown - Makefile: fix static clang init.lxc build - Avoid waiting for bridge interface if disabled in sysconfig/lxc - Increased buffer length in print_stats() - avoid assigning to a variable which is not POSIX shell proof (bug #1498) - remove obsolete note about api stability - conf: less error prone pointer access - conf: lxc_map_ids() non-functional changes - caps: add lxc_{proc,file}_cap_is_set() - conf: check for {filecaps,setuid} on new{g,u}idmap - conf: improve log when mounting rootfs - ls: simplify the judgment condition when list active containers - fix typo introduced in #1509 - attach|unshare: fix the wrong comment - caps: skip file capability checks on android - autotools: check for cap_get_file - caps: return false if caps are not supported - conf: non-functional changes to setup_pts() - conf: use bind-mount for /dev/ptmx - conf: non-functional changes - utils: use loop device helpers from LXD - create ISSUE_TEMPLATE.md - cgroups: improve cgfsng debugging - issue template: fix typo - conf: close fd in lxc_setup_devpts() - conf: non-functional changes - utils: tweak lxc_mount_proc_if_needed() - Change sshd template to work with Ubuntu 17.04 - conf: order mount options - conf: add MS_LAZYTIME to mount options - monitor: report errno on exec() error - af unix: allow for maximum socket name - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference - monitor: simplify abstract socket logic - precise is not the latest LTS, let's use xenial instead - fix the wrong exit status - conf: non-functional changes lxc_fill_autodev() - conf: remove /dev/console from lxc_fill_autodev() - conf: non-functional changes lxc_setup() - conf: non-functional changes to console functions - conf: improve lxc_setup_dev_console() - conf: lxc_setup_ttydir_console() - config: remove /dev/console bind mount - doc: document console behavior - utils: add lxc_unstack_mountpoint() - conf: unstack all mounts atop /dev/console - console: fail when we cannot allocate peer tty - start: remove umount2() - conf: non-functional changes - utils: handle > 2^31 in lxc_unstack_mountpoint() - Install systemd units for CentOS - Merge ubuntu and debiancase - start: add crucial details about lxc_spawn() * Cherry-pick some upstream fixes: - conf{,ile}: allow one to clear all config items - start: pin rootfs when privileged - conf: fix build without libcap - start: don't call lxc_map_ids() without id map - lxc-attach: allow for situations without /dev/tty - utils: fix num parsing functions - tests: lxc_safe_{u}int() add corner-case tests * Fix broken proxy detection in debian/tests/exercise * Only move lxc bash completion from /etc if we installed it there * Update tests to deal with cgroupv2 tree (recent systemd) * Drop un-needed lintian override -- Stéphane Graber Thu, 18 May 2017 23:08:57 -0400 lxc (2.0.7-0ubuntu1~16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: lxc-user-nic doesn't check netns ownership (LP: #1654676) - Ensure target netns is caller-owned - CVE-2017-5985 -- Stéphane Graber Tue, 07 Mar 2017 14:37:03 -0500 lxc (2.0.7-0ubuntu1~16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.7) (LP: #1660844) - attach: Close lsm label file descriptor - attach: Non-functional changes - attach: Simplify lsm_openat() - caps: Add lxc_cap_is_set() - conf: attach: Save errno across call to close - conf: Clearly report to either use drop or keep - conf: criu: Add make_anonymous_mount_file() - conf: Fix suggest_default_idmap() - configure: Add --enable-gnutls option - configure: Check for memfd_create() - configure: Check whether gettid() is declared - configure: Do not allow variable length arrays - configure: Remove -Werror=vla - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev() - conf: Non-functional changes - conf: Remove thread-unsafe strsignal + improve log - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - log: Add lxc_unix_epoch_to_utc() - log: Annotate lxc_unix_epoch_to_utc() - log: Drop all timezone conversion functions - log: Make sure that date is correctly formatted - log: Use lxc_unix_epoch_to_utc() - log: Use N/A if getpid() != gettid() when threaded - log: Use thread-safe localtime_r() - lvm: Suppress warnings about leaked files - lxccontainer: Log failure to send sig to init pid - monitor: Add more logging - monitor: Close mainloop on exit if we opened it - monitor: Improve log + set log level to DEBUG - monitor: Log which pipe fd is currently used - monitor: Make lxc-monitord async signal safe - monitor: Non-functional changes - python3-lxc: Fix api_test.py on s390x - start: Check for CAP_SETGID before setgroups() - start: Fix execute and improve setgroups() calls - state: Use async signal safe fun in lxc_wait() - templates: lxc-debian: Don't read from /usr/lib/systemd on the host - templates: lxc-debian: Fix getty service startup - templates: lxc-debian: Fix typo with dpkg --print-foreign-architectures - templates: lxc-debian: Handle ppc hostarch -> powerpc - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2 - templates: lxc-opensuse: Remove libgcc_s1 - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy - templates: lxc-opensuse: Set to be unconfined by AppArmor - templates: lxc-opensuse: Update for Leap 42.2 - tests; Don't cause test failures on cleanup errors - tests: Skip unpriv tests on broken overlay module - tools: Improve logging - tools: lxc-start: Remove c->is_defined(c) check - tools: lxc-start: Set configfile after load_config - tools: Only check for O_RDONLY - tree-wide: Random macro cleanups - tree-wide: Remove any variable length arrays - tree-wide: Sic semper assertis! - utils: Add macro __LXC_NUMSTRLEN - utils: Add uid, gid, group convenience wrappers * Cherry-pick upstream bugfix: - 0002-Make-lxc-start-ephemeral-Python-3.2-compatible.patch * Resolve lintian warnings - Drop un-needed overrides - Fix typos in debian/control -- Stéphane Graber Tue, 31 Jan 2017 18:37:52 -0500 lxc (2.0.6-0ubuntu1~ubuntu16.04.2) xenial; urgency=medium * Cherry-pick upstream bugfix: - 0003-tools-only-check-for-O_RDONLY.patch (LP: #1653725) -- Stéphane Graber Wed, 04 Jan 2017 19:52:32 -0500 lxc (2.0.6-0ubuntu1~ubuntu16.04.1) xenial; urgency=medium * New upstream bugfix release (2.0.6) (LP: #1647010): - Security fix for CVE-2016-8649 - utils: make detect_ramfs_rootfs() return bool - tests: add test for detect_ramfs_rootfs() - add Documentation entries to lxc and lxc@ units - mark the python examples as having utf-8 encoding - log: sanity check the returned value from snprintf() - lxc-alpine: mount /dev/shm as tmpfs - archlinux: Do DHCP on eth0 - archlinux: Fix resolving - Drop leftover references to lxc_strerror() - tests: fix image download for s390x - tools: fix coding style in lxc_attach - tools: make overlay valid backend - tools: better error reporting for lxc-start - alpine: Fix installing extra packages - lxc-alpine: do not drop setfcap - s390x: Fix seccomp handling of personalities - tools: correct the argument typo in lxc_copy - Use libtool for liblxc.so - c/r: use --external instead of --veth-pair - c/r: remember to increment netnr - c/r: add checkpoint/restore support for macvlan interfaces - ubuntu: Fix package upgrades requiring proc - c/r: drop duplicate hunk from macvlan case - c/r: use snprintf to compute device name - Tweak libtool handling to work with Android - tests: add lxc_error() and lxc_debug() - container start: clone newcgroup immediately - use python3_sitearch for including the python code - fix rpm build, include all built files, but only once - cgfs: fix invalid free() - find OpenSUSE's build also as obs-build - improve help text for --fancy and --fancy-format - improve wording of the help page for lxc-ls - cgfs: add print_cgfs_init_debuginfo() - cgfs: skip empty entries under /proc/self/cgroup - cgfs: explicitly check for NULL - tools: use correct exit code for lxc-stop - c/r: explicitly emit bind mounts as criu arguments - log: bump LXC_LOG_BUFFER_SIZE to 4096 - conf: merge network namespace move & rename on shutdown - c/r: save criu's stdout during dump too - c/r: remove extra ns from logs - c/r: fix off-by-one error - c/r: check state before doing a checkpoint/restore - start: CLONE_NEWCGROUP after we have setup cgroups - create symlink for /var/run - utils: add lxc_append_string() - cgroups: remove isolated cpus from cpuset.cpus - Update Ubuntu release name: add zesty and remove wily - templates: add squashfs support to lxc-ubuntu-cloud.in - cgroups: skip v2 hierarchy entry - also stop lxc-net in runlevels 0 and 6 - add lxc.egg-info to gitignore - install bash completion where pkg-config tells us to - conf: do not use %m format specifier - debian: Don't depend on libui-dialog-perl - cgroups: use %zu format specifier to print size_t - lxc-checkpoint: automatically detect if --external or --veth-pair - cgroups: prevent segfault in cgfsng - utils: add lxc_preserve_ns() - start: add netnsfd to lxc_handler - conf: use lxc_preserve_ns() - attach: use lxc_preserve_ns() - lxc_user_nic: use lxc_preserve_ns() - conf, start: improve log output - conf: explicitly remove veth device from host - conf, start: be smarter when deleting networks - start, utils: improve preserve_ns() - start, error: improve log + non-functional changes - start, namespace: move ns_info to namespace.{c,h} - attach, utils: bugfixes - attach: use ns_info[LXC_NS_MAX] struct - namespace: always attach to user namespace first - cgroup: improve isolcpus handling - cgroups: handle non-existent isolcpus file - utils: add lxc_safe_uint() - tests: add unit tests for lxc_safe_uint() - utils: add lxc_safe_int() - tests: add unit tests for lxc_safe_int() - conf/ile: get ip prefix via lxc_safe_uint() - confile: use lxc_safe_u/int in config_init_{u,g}id - conf/ile: use lxc_safe_uint() in config_pts() - conf/ile: use lxc_safe_u/int() in config_start() - conf/ile: use lxc_safe_uint() in config_monitor() - conf/ile: use lxc_safe_uint() in config_tty() - conf/ile: use lxc_safe_uint() in config_kmsg() - conf/ile: avoid atoi in config_lsm_aa_incomplete() - conf/ile: use lxc_safe_uint() in config_autodev() - conf/ile: avoid atoi() in config_ephemeral() - utils: use lxc_safe_int() - lxc_monitord: use lxc_safe_int() && use exit() - start: use lxc_safe_int() - conf: use lxc_safe_{u}int() - tools/lxc_execute: use lxc_safe_uint() - tools/lxc_stop: use lxc_safe_uint() - utils: add lxc_safe_long() - tests: add unit tests for lxc_safe_long() - tools/lxc_stop: use lxc_safe_long() - tools/lxc_top: use lxc_safe_int() - tools/lxc_ls: use lxc_safe_uint() - tools/lxc_autostart: use lxc_safe_{int,long}() - tools/lxc_console: use lxc_safe_uint() - tools: replace non-standard namespace identifiers - Configure a static MAC address on the LXC bridge - tests: remove overflow tests - attach: do not send procfd to attached process * Remaining patches: - 0001-Allocate-new-lxcbr0-subnet-at-startup-time.patch * Cherry-pick bugfix from upstream: - tests: Don't cause test failures on-cleanup errors * Autopkgtest: - Re-enable lxc-test-ubuntu on yakkety/zesty (template was fixed). - Workaround autopkgtest failures when using gpg2 with dirmngr. - Restrict tests to run on standalone systems. -- Stéphane Graber Fri, 02 Dec 2016 23:15:21 -0500 lxc (2.0.5-0ubuntu1~ubuntu16.04.2) xenial; urgency=medium * Cherry-pick bugfix from upstream: - s390x: Fix seccomp handling of personalities (LP: #1635639) -- Stéphane Graber Fri, 21 Oct 2016 12:39:18 -0400 # For older changelog entries, run 'apt-get changelog liblxc1'