Hello community,
here is the log from the commit of package libvirt for openSUSE:Factory checked in at 2013-10-15 10:42:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libvirt (Old)
and /work/SRC/openSUSE:Factory/.libvirt.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvirt"
Changes:
--------
--- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes 2013-10-11 08:55:03.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.libvirt.new/libvirt.changes 2013-10-15 10:42:30.000000000 +0200
@@ -1,0 +2,47 @@
+Mon Oct 14 22:20:41 MDT 2013 - jfehlig@suse.com
+
+- Move virt-login-shell to new subpackage libvirt-login-shell,
+ requiring users to opt-in for this setuid binary. Note: For now,
+ virt-login-shell will not have setuid permissions, pending
+ resolution of bnc#837609
+
+-------------------------------------------------------------------
+Mon Oct 14 21:25:49 MDT 2013 - jfehlig@suse.com
+
+- qemu: Fix seamless SPICE migration
+ 484cc321-fix-spice-migration.patch
+ bnc#842301
+
+-------------------------------------------------------------------
+Mon Oct 14 20:33:43 MDT 2013 - jfehlig@suse.com
+
+- CVE-2013-4399: Fix crash in libvirtd when events are registered
+ and ACLs active
+ 8294aa0c-CVE-2013-4399.patch
+ bnc#844052, bnc#842300
+
+-------------------------------------------------------------------
+Mon Oct 14 16:40:25 MDT 2013 - jfehlig@suse.com
+
+- Update the stale gettext BuildRequires and Requires dependencies
+ in the spec file
+ bnc#841325
+
+-------------------------------------------------------------------
+Mon Oct 14 16:01:46 MDT 2013 - jfehlig@suse.com
+
+- virt-aa-helper apparmor profile was denying read access to
+ /proc/$PID/*. Give read accesss to these files.
+ Updated install-apparmor-profiles.patch
+ bnc#841720
+
+-------------------------------------------------------------------
+Mon Oct 14 13:46:14 MDT 2013 - jfehlig@suse.com
+
+- libvirtd apparmor profile was denying access to
+ /usr/lib/xen/bin/qemu-system-i386, which is now the default
+ emulator used with Xen guests
+ Updated install-apparmor-profiles.patch
+ bnc#845648
+
+-------------------------------------------------------------------
New:
----
484cc321-fix-spice-migration.patch
8294aa0c-CVE-2013-4399.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libvirt.spec ++++++
--- /var/tmp/diff_new_pack.9PUfai/_old 2013-10-15 10:42:31.000000000 +0200
+++ /var/tmp/diff_new_pack.9PUfai/_new 2013-10-15 10:42:31.000000000 +0200
@@ -273,7 +273,7 @@
# listed against each sub-RPM
BuildRequires: autoconf
BuildRequires: automake
-BuildRequires: gettext-devel
+BuildRequires: gettext-tools
BuildRequires: libtool
%if %{with_systemd}
BuildRequires: systemd
@@ -282,7 +282,6 @@
BuildRequires: xen-devel
%endif
BuildRequires: fdupes
-BuildRequires: gettext
BuildRequires: libattr-devel
BuildRequires: libgcrypt-devel
BuildRequires: libgnutls-devel
@@ -410,6 +409,8 @@
Patch3: e65667c0-CVE-2013-4311.patch
Patch4: 922b7fda-CVE-2013-4311.patch
Patch5: e4697b92-CVE-2013-4311.patch
+Patch6: 8294aa0c-CVE-2013-4399.patch
+Patch7: 484cc321-fix-spice-migration.patch
# Need to go upstream
Patch100: xen-name-for-devid.patch
Patch101: clone.patch
@@ -849,7 +850,7 @@
# (client invokes 'nc' against the UNIX socket on the server)
Requires: netcat-openbsd
# Needed by libvirt-guests init script.
-Requires: gettext
+Requires: gettext-runtime
# Needed by virt-pki-validate script.
Requires: gnutls
# Needed for probing the power management features of the host.
@@ -891,6 +892,15 @@
Includes the Sanlock lock manager plugin for the QEMU driver
%endif
+%package login-shell
+Summary: Login shell for containers
+Group: Development/Libraries/C and C++
+Requires: %{name}-client = %{version}-%{release}
+
+%description login-shell
+Povides virt-login-shell, a tool to execute a shell within a container
+matching the users name
+
%if %{with_python}
%package python
@@ -914,6 +924,8 @@
%patch3 -p1
%patch4 -p1
%patch5 -p1
+%patch6 -p1
+%patch7 -p1
%patch100 -p1
%patch101
%patch102 -p1
@@ -1594,17 +1606,11 @@
%doc %{_mandir}/man1/virt-xml-validate.1*
%doc %{_mandir}/man1/virt-pki-validate.1*
%doc %{_mandir}/man1/virt-host-validate.1*
-%doc %{_mandir}/man1/virt-login-shell.1*
%config(noreplace) %{_sysconfdir}/%{name}/libvirt.conf
-%config(noreplace) %{_sysconfdir}/libvirt/virt-login-shell.conf
%{_bindir}/virsh
%{_bindir}/virt-xml-validate
%{_bindir}/virt-pki-validate
%{_bindir}/virt-host-validate
-# setuid binary that needs security audit - bnc#837609
-# In the meantime, don't install setuid
-#%attr(4755, root, root) %{_bindir}/virt-login-shell
-%{_bindir}/virt-login-shell
%dir %{_libdir}/%{name}
%{_libdir}/lib*.so.*
%attr(0755, root, root) %{_libdir}/%{name}/libvirt-guests.sh
@@ -1684,6 +1690,15 @@
%attr(0755, root, root) %{_libdir}/%{name}/libvirt_sanlock_helper
%endif
+%files login-shell
+%defattr(-, root, root)
+%config(noreplace) %{_sysconfdir}/libvirt/virt-login-shell.conf
+%doc %{_mandir}/man1/virt-login-shell.1*
+# setuid binary that needs security audit - bnc#837609
+# In the meantime, don't install setuid
+#%attr(4755, root, root) %{_bindir}/virt-login-shell
+%{_bindir}/virt-login-shell
+
%if %{with_python}
%files python
++++++ 484cc321-fix-spice-migration.patch ++++++
commit 484cc3217b73b865f00bf42a9c12187b37200699
Author: Martin Kletzander