Register | Log in

lxd

Choose email to subscribe with

general

source: lxd (main)
version: 5.0.2+git20231211.1364ae4-9+deb13u1
maintainer: Debian Go Packaging Team (DMD)
uploaders: Mathias Gibbens [DMD]
arch: all any
std-ver: 4.7.2
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 5.0.2-5
old-sec: 5.0.2-5+deb12u1
old-p-u: 5.0.2-5+deb12u1
stable: 5.0.2+git20231211.1364ae4-9
stable-sec: 5.0.2+git20231211.1364ae4-9+deb13u1
stable-p-u: 5.0.2+git20231211.1364ae4-9+deb13u1

versioned links

5.0.2-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.0.2-5+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.0.2+git20231211.1364ae4-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.0.2+git20231211.1364ae4-9+deb13u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

golang-github-canonical-lxd-dev
lxd
lxd-agent
lxd-client
lxd-migrate
lxd-tools

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:00:22
Last run: 2025-08-27T01:32:05.000Z
Previous status: unknown

testing: pass (log)
The tests ran in 0:03:03
Last run: 2025-08-01T01:31:38.000Z
Previous status: unknown

stable: pass (log)
The tests ran in 0:03:12
Last run: 2025-08-20T12:53:40.000Z
Previous status: unknown

Created: 2025-08-27 Last update: 2025-10-25 15:02

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2024-6156: Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.

Created: 2025-08-09 Last update: 2025-08-13 17:04

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2024-6156: Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.

Created: 2024-12-06 Last update: 2025-08-10 06:32

4 low-priority security issues in trixie low

There are 4 open security issues in trixie.

3 issues left for the package maintainer to handle:

CVE-2025-54289: (needs triaging) Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format
CVE-2025-54290: (needs triaging) Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
CVE-2025-54291: (needs triaging) Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.

You can find information about how to handle these issues in the security team's documentation.

1 ignored issue:

CVE-2024-6156: Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.

Created: 2025-08-09 Last update: 2025-10-17 19:30

4 low-priority security issues in bookworm low

There are 4 open security issues in bookworm.

3 issues left for the package maintainer to handle:

CVE-2025-54289: (needs triaging) Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format
CVE-2025-54290: (needs triaging) Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints.
CVE-2025-54291: (needs triaging) Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses.

You can find information about how to handle these issues in the security team's documentation.

1 ignored issue:

CVE-2024-6156: Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.

Created: 2024-12-06 Last update: 2025-10-17 19:30

news

[2025-10-19] Accepted lxd 5.0.2-5+deb12u1 (source amd64) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Mathias Gibbens)
[2025-10-19] Accepted lxd 5.0.2+git20231211.1364ae4-9+deb13u1 (source all amd64) into proposed-updates (Debian FTP Masters) (signed by: Mathias Gibbens)
[2025-10-17] Accepted lxd 5.0.2-5+deb12u1 (source amd64) into oldstable-security (Debian FTP Masters) (signed by: Mathias Gibbens)
[2025-10-17] Accepted lxd 5.0.2+git20231211.1364ae4-9+deb13u1 (source all amd64) into stable-security (Debian FTP Masters) (signed by: Mathias Gibbens)
[2025-08-14] lxd REMOVED from testing (Debian testing watch)
[2025-05-08] lxd 5.0.2+git20231211.1364ae4-9 MIGRATED to testing (Debian testing watch)
[2025-04-27] Accepted lxd 5.0.2+git20231211.1364ae4-9 (source) into unstable (Mathias Gibbens)
[2025-03-01] lxd 5.0.2+git20231211.1364ae4-8 MIGRATED to testing (Debian testing watch)
[2025-02-23] Accepted lxd 5.0.2+git20231211.1364ae4-8 (source) into unstable (Mathias Gibbens)
[2024-08-20] lxd 5.0.2+git20231211.1364ae4-7 MIGRATED to testing (Debian testing watch)
[2024-08-17] Accepted lxd 5.0.2+git20231211.1364ae4-7 (source) into unstable (Reinhard Tartler)
[2024-08-09] Accepted lxd 5.0.2+git20231211.1364ae4-6 (source) into experimental (Reinhard Tartler)
[2024-06-15] lxd 5.0.2+git20231211.1364ae4-5 MIGRATED to testing (Debian testing watch)
[2024-06-12] Accepted lxd 5.0.2+git20231211.1364ae4-5 (source) into unstable (Mathias Gibbens)
[2024-05-01] lxd 5.0.2+git20231211.1364ae4-4 MIGRATED to testing (Debian testing watch)
[2024-04-11] Accepted lxd 5.0.2+git20231211.1364ae4-4 (source) into unstable (Mathias Gibbens)
[2024-01-24] lxd 5.0.2+git20231211.1364ae4-3 MIGRATED to testing (Debian testing watch)
[2024-01-21] Accepted lxd 5.0.2+git20231211.1364ae4-3 (source) into unstable (Mathias Gibbens)
[2024-01-17] lxd 5.0.2+git20231211.1364ae4-2 MIGRATED to testing (Debian testing watch)
[2024-01-09] Accepted lxd 5.0.2+git20231211.1364ae4-2 (source) into unstable (Mathias Gibbens)
[2024-01-08] Accepted lxd 5.0.2+git20231211.1364ae4-1 (source all amd64) into unstable (Debian FTP Masters) (signed by: Mathias Gibbens)
[2023-11-26] lxd 5.0.2-6 MIGRATED to testing (Debian testing watch)
[2023-11-23] Accepted lxd 5.0.2-6 (source) into unstable (Mathias Gibbens)
[2023-05-12] lxd 5.0.2-5 MIGRATED to testing (Debian testing watch)
[2023-05-05] Accepted lxd 5.0.2-5 (source) into unstable (Mathias Gibbens)
[2023-04-23] Accepted lxd 5.0.2-4 (source) into unstable (Mathias Gibbens)
[2023-03-28] lxd 5.0.2-3 MIGRATED to testing (Debian testing watch)
[2023-03-08] Accepted lxd 5.0.2-3 (source) into unstable (Mathias Gibbens)
[2023-01-24] lxd 5.0.2-2 MIGRATED to testing (Debian testing watch)
[2023-01-18] Accepted lxd 5.0.2-2 (source) into unstable (Mathias Gibbens)

1
2

bugs [bug history graph]

all: 0

links

homepage
buildd: logs, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing