libvirt - Debian Package Tracker

general

source: libvirt (main)
version: 8.5.0-1
maintainer: Debian Libvirt Maintainers (archive) (DMD)
uploaders: Guido Günther [DMD] – Andrea Bolognani [DMD] [DM]
arch: all any
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.0.0-4+deb9u4
o-o-sec: 3.0.0-4+deb9u5
oldstable: 5.0.0-4+deb10u1
stable: 7.0.0-3
stable-bpo: 8.0.0-1~bpo11+1
testing: 8.5.0-1
unstable: 8.5.0-1
exp: 8.5.0-2

versioned links

3.0.0-4+deb9u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.0-4+deb9u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.0.0-4+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.0.0-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
8.0.0-1~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
8.5.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
8.5.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libnss-libvirt (1 bugs: 0, 1, 0, 0)
libvirt-clients (12 bugs: 0, 8, 4, 0)
libvirt-daemon (52 bugs: 0, 44, 8, 0)
libvirt-daemon-config-network
libvirt-daemon-config-nwfilter
libvirt-daemon-driver-lxc
libvirt-daemon-driver-qemu (1 bugs: 0, 1, 0, 0)
libvirt-daemon-driver-storage-gluster
libvirt-daemon-driver-storage-iscsi-direct (1 bugs: 0, 1, 0, 0)
libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-zfs
libvirt-daemon-driver-vbox
libvirt-daemon-driver-xen
libvirt-daemon-system (35 bugs: 0, 27, 8, 0)
libvirt-daemon-system-systemd (1 bugs: 0, 1, 0, 0)
libvirt-daemon-system-sysv
libvirt-dev
libvirt-doc
libvirt-login-shell
libvirt-sanlock
libvirt-wireshark
libvirt0 (13 bugs: 0, 13, 0, 0)

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:00:15
Last run: 2022-10-03T02:51:42.000Z
Previous status: tmpfail

testing: pass (log)
The tests ran in 0:01:19
Last run: 2022-09-17T01:01:42.000Z
Previous status: pass

stable: pass (log)
The tests ran in 0:01:19
Last run: 2022-09-24T12:20:34.000Z
Previous status: pass

Created: 2022-10-03 Last update: 2022-10-05 14:38

A new upstream version is available: 8.8.0 high

A new upstream version 8.8.0 is available, you should consider packaging it.

Created: 2022-07-29 Last update: 2022-10-05 14:32

lintian reports 1 error and 21 warnings high

Lintian reports 1 error and 21 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-09-06 Last update: 2022-09-27 01:04

11 bugs tagged patch in the BTS normal

The BTS contains patches fixing 11 bugs, consider including or untagging them.

Created: 2022-07-27 Last update: 2022-10-05 15:32

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2019-11-17 Last update: 2022-10-05 12:01

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 8.6.0-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 6a6d018937f8024743cc642508c9d4b1fa58288f
Author: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Date:   Thu Aug 11 10:28:54 2022 +0200

    changelog: Create entry for 8.6.0-1
    
    Gbp-Dch: Ignore

commit f35cf09c5a875da061fa930692185c897163e3d1
Author: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Date:   Thu Aug 11 11:27:49 2022 +0200

    d/rules: update path of ci-dashboard removal
    
    This changed upstream due to:
     983cf8c03b docs: Move the CI dashboard to its own RST module

commit 3570b80631b8792995326777043fd45e4248ba40
Author: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Date:   Thu Aug 11 10:26:21 2022 +0200

    patches: Refresh patches for 8.6.0
    
    Gbp-Dch: Ignore

commit eae1c8574ff06c565d3f4fcf765f1d3256fd1b18
Author: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Date:   Thu Aug 11 10:24:00 2022 +0200

    symbols: Bump symbol versions for 8.6.0
    
    - libvirt0 got no new external symbols
    - libvirt-admin got virAdmConnectSetDaemonTimeout
    
    Gbp-Dch: Ignore

commit 5dee1d2f8a474d165c18137d20bbbc101310f05e
Merge: 14a80ba74 a54d9040b
Author: Andrea Bolognani <eof@kiyuko.org>
Date:   Sun Aug 14 17:11:41 2022 +0200

    Update upstream source from tag 'upstream/8.6.0'
    
    Update to upstream version '8.6.0'
    with Debian dir ae20ec1fa5c1fc477768ab2ab34fbdd277ebfb1a

commit a54d9040b436079cbcc31371c71ceaa030d42f18
Author: Andrea Bolognani <eof@kiyuko.org>
Date:   Sun Aug 14 17:11:15 2022 +0200

    New upstream version 8.6.0

Created: 2022-08-14 Last update: 2022-09-29 19:07

5 low-priority security issues in bullseye low

There are 5 open security issues in bullseye.

5 issues left for the package maintainer to handle:

CVE-2021-3631: (needs triaging) A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.
CVE-2021-3667: (needs triaging) An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.
CVE-2021-3975: (needs triaging) A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
CVE-2021-4147: (needs triaging) A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.
CVE-2022-0897: (needs triaging) A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2022-09-11 06:04

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2022-05-23 Last update: 2022-05-23 01:05

news

[rss feed]

[2022-07-21] Accepted libvirt 8.5.0-2 (source) into experimental (Andrea Bolognani)
[2022-07-20] libvirt 8.5.0-1 MIGRATED to testing (Debian testing watch)
[2022-07-17] Accepted libvirt 8.5.0-1 (source) into unstable (Andrea Bolognani)
[2022-06-11] libvirt 8.4.0-1 MIGRATED to testing (Debian testing watch)
[2022-06-11] libvirt 8.4.0-1 MIGRATED to testing (Debian testing watch)
[2022-06-03] Accepted libvirt 8.4.0-1 (source) into unstable (Andrea Bolognani)
[2022-05-22] libvirt 8.3.0-1 MIGRATED to testing (Debian testing watch)
[2022-05-20] Accepted libvirt 8.3.0-1 (source) into unstable (Andrea Bolognani)
[2022-04-25] libvirt 8.2.0-1 MIGRATED to testing (Debian testing watch)
[2022-04-20] Accepted libvirt 8.2.0-1 (source) into unstable (Andrea Bolognani)
[2022-04-20] libvirt 8.1.0-2 MIGRATED to testing (Debian testing watch)
[2022-03-19] Accepted libvirt 8.1.0-2 (source) into unstable (Andrea Bolognani)
[2022-03-16] Accepted libvirt 8.1.0-1 (source) into experimental (Andrea Bolognani)
[2022-02-01] Accepted libvirt 8.0.0-1~bpo11+1 (source amd64 all) into bullseye-backports, bullseye-backports (Debian FTP Masters) (signed by: Michael Tokarev)
[2022-01-25] libvirt 8.0.0-1 MIGRATED to testing (Debian testing watch)
[2022-01-22] Accepted libvirt 8.0.0-1 (source) into unstable (Andrea Bolognani)
[2022-01-14] libvirt 7.10.0-3 MIGRATED to testing (Debian testing watch)
[2022-01-09] Accepted libvirt 7.10.0-3 (source) into unstable (Andrea Bolognani)
[2021-12-29] Accepted libvirt 7.10.0-2 (source) into unstable (Andrea Bolognani)
[2021-12-11] libvirt 7.10.0-1 MIGRATED to testing (Debian testing watch)
[2021-12-09] Accepted libvirt 7.10.0-1 (source) into unstable (Andrea Bolognani)
[2021-12-09] libvirt 7.9.0-1 MIGRATED to testing (Debian testing watch)
[2021-12-06] Accepted libvirt 7.9.0-1 (source) into unstable (Andrea Bolognani)
[2021-08-28] libvirt 7.6.0-1 MIGRATED to testing (Debian testing watch)
[2021-08-20] Accepted libvirt 7.6.0-1 (source) into unstable (Andrea Bolognani)
[2021-03-09] libvirt 7.0.0-3 MIGRATED to testing (Debian testing watch)
[2021-02-26] Accepted libvirt 7.0.0-3 (source) into unstable (Andrea Bolognani)
[2021-02-21] libvirt 7.0.0-2 MIGRATED to testing (Debian testing watch)
[2021-02-10] Accepted libvirt 7.0.0-2 (source) into unstable (Andrea Bolognani)
[2021-02-01] libvirt 7.0.0-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 195 198
RC: 0
I&N: 144 147
M&W: 50
F&P: 1
patch: 11

links

homepage
lintian (1, 21)
buildd: logs, exp, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
l10n (100, 30)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 8.6.0-0ubuntu2
125 bugs (4 patches)