Hello community, here is the log from the commit of package libvirt for openSUSE:11.1 checked in at Wed Dec 17 16:56:57 CET 2008. -------- --- old-versions/11.1/all/libvirt/libvirt.changes 2008-12-02 18:44:44.000000000 +0100 +++ /mounts/work_src_done/11.1/libvirt/libvirt.changes 2008-12-15 20:42:37.000000000 +0100 @@ -1,0 +2,12 @@ +Mon Dec 15 12:40:41 MST 2008 - jfehlig@novell.com + +- Patch for CVE-2008-5086 + bnc#459009 + +------------------------------------------------------------------- +Fri Dec 5 13:52:31 MST 2008 - jfehlig@novell.com + +- Fix migration of Xen domains + bnc#456946 + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.1/all/libvirt Destination is old-versions/11.1/UPDATES/all/libvirt calling whatdependson for 11.1-i586 New: ---- cve-2008-5086.patch migrate-params.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libvirt.spec ++++++ --- /var/tmp/diff_new_pack.j17138/_old 2008-12-17 16:56:45.000000000 +0100 +++ /var/tmp/diff_new_pack.j17138/_new 2008-12-17 16:56:45.000000000 +0100 @@ -49,7 +49,7 @@ Group: Development/Libraries/C and C++ AutoReqProv: yes Version: 0.4.6 -Release: 11 +Release: 11.1.1 Summary: A C toolkit to interract with the virtualization capabilities of Linux Requires: readline Requires: ncurses @@ -84,6 +84,8 @@ Patch15: suse-network.patch Patch16: xen-pv-cdrom.patch Patch17: detach-disk.patch +Patch18: migrate-params.patch +Patch19: cve-2008-5086.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -192,6 +194,8 @@ %patch15 -p1 %patch16 -p1 %patch17 -p1 +%patch18 -p1 +%patch19 -p1 rm po/no.* %build @@ -324,6 +328,12 @@ %{py_sitedir}/libvirtmod* %changelog +* Mon Dec 15 2008 jfehlig@novell.com +- Patch for CVE-2008-5086 + bnc#459009 +* Fri Dec 05 2008 jfehlig@novell.com +- Fix migration of Xen domains + bnc#456946 * Tue Dec 02 2008 jfehlig@novell.com - Refresh xen-maxmem.patch to match upstream bnc#431766 ++++++ cve-2008-5086.patch ++++++ Index: libvirt-0.4.6/src/libvirt.c =================================================================== --- libvirt-0.4.6.orig/src/libvirt.c +++ libvirt-0.4.6/src/libvirt.c @@ -2342,6 +2342,16 @@ virDomainMigrate (virDomainPtr domain, return NULL; } + if (domain->conn->flags & VIR_CONNECT_RO) { + virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return NULL; + } + if (dconn->flags & VIR_CONNECT_RO) { + /* NB, delibrately report error against source object, not dest here */ + virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return NULL; + } + /* Check that migration is supported by both drivers. */ if (!VIR_DRV_SUPPORTS_FEATURE (conn->driver, conn, VIR_DRV_FEATURE_MIGRATION_V1) || @@ -2419,6 +2429,11 @@ __virDomainMigratePrepare (virConnectPtr return -1; } + if (dconn->flags & VIR_CONNECT_RO) { + virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return -1; + } + if (dconn->driver->domainMigratePrepare) return dconn->driver->domainMigratePrepare (dconn, cookie, cookielen, uri_in, uri_out, @@ -2449,6 +2464,11 @@ __virDomainMigratePerform (virDomainPtr } conn = domain->conn; + if (domain->conn->flags & VIR_CONNECT_RO) { + virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return -1; + } + if (conn->driver->domainMigratePerform) return conn->driver->domainMigratePerform (domain, cookie, cookielen, uri, @@ -2476,6 +2496,11 @@ __virDomainMigrateFinish (virConnectPtr return NULL; } + if (dconn->flags & VIR_CONNECT_RO) { + virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return NULL; + } + if (dconn->driver->domainMigrateFinish) return dconn->driver->domainMigrateFinish (dconn, dname, cookie, cookielen, @@ -2833,6 +2858,11 @@ virDomainBlockPeek (virDomainPtr dom, } conn = dom->conn; + if (dom->conn->flags & VIR_CONNECT_RO) { + virLibDomainError(dom, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return (-1); + } + if (!path) { virLibDomainError (dom, VIR_ERR_INVALID_ARG, _("path is NULL")); @@ -2908,6 +2938,11 @@ virDomainMemoryPeek (virDomainPtr dom, } conn = dom->conn; + if (dom->conn->flags & VIR_CONNECT_RO) { + virLibDomainError(dom, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return (-1); + } + /* Flags must be VIR_MEMORY_VIRTUAL at the moment. * * Note on access to physical memory: A VIR_MEMORY_PHYSICAL flag is @@ -3175,6 +3210,11 @@ virDomainSetAutostart(virDomainPtr domai conn = domain->conn; + if (domain->conn->flags & VIR_CONNECT_RO) { + virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return (-1); + } + if (conn->driver->domainSetAutostart) return conn->driver->domainSetAutostart (domain, autostart); @@ -4125,6 +4165,11 @@ virNetworkSetAutostart(virNetworkPtr net return (-1); } + if (network->conn->flags & VIR_CONNECT_RO) { + virLibNetworkError(network, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return (-1); + } + conn = network->conn; if (conn->networkDriver && conn->networkDriver->networkSetAutostart) @@ -4323,6 +4368,11 @@ virConnectFindStoragePoolSources(virConn return NULL; } + if (conn->flags & VIR_CONNECT_RO) { + virLibConnError(conn, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return NULL; + } + if (conn->storageDriver && conn->storageDriver->findPoolSources) return conn->storageDriver->findPoolSources(conn, type, srcSpec, flags); @@ -4996,6 +5046,11 @@ virStoragePoolSetAutostart(virStoragePoo return (-1); } + if (pool->conn->flags & VIR_CONNECT_RO) { + virLibStoragePoolError(pool, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return (-1); + } + conn = pool->conn; if (conn->storageDriver && conn->storageDriver->poolSetAutostart) ++++++ migrate-params.patch ++++++ Index: libvirt-0.4.6/src/xend_internal.c =================================================================== --- libvirt-0.4.6.orig/src/xend_internal.c +++ libvirt-0.4.6/src/xend_internal.c @@ -4355,6 +4355,8 @@ xenDaemonDomainMigratePerform (virDomain "live", live, "port", port, "resource", "0", /* required, xend ignores it */ + "node", "-1", /* numa node, xen c/s 17753 */ + "ssl", "0", /* ssl migration, xen c/s 17709 */ NULL); VIR_FREE (hostname); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org