Re: Please unblock libvirt 0.8.3-2
On Wed, Oct 06, 2010 at 06:59:47PM +0200, Julien Cristau wrote:
> On Tue, Oct 5, 2010 at 09:16:07 +0200, Guido Günther wrote:
>
> > diff -Nru libvirt-0.8.3/debian/libvirt-bin.NEWS libvirt-0.8.3/debian/libvirt-bin.NEWS
> > --- libvirt-0.8.3/debian/libvirt-bin.NEWS 2010-08-06 23:06:40.000000000 +0200
> > +++ libvirt-0.8.3/debian/libvirt-bin.NEWS 2010-09-29 13:29:13.000000000 +0200
> > @@ -7,3 +7,19 @@
> > anything.
> >
> > -- Guido Günther <agx@sigxcpu.org> Mon, 12 Jul 2010 19:58:35 +0200
> > +
> > +libvirt (0.8.3-2) unstable; urgency=low
> > +
> > + Disk format probing is disabled now by default for security reasons
> > + (CVE-2010-2237). You need to explicitly add a driver type element to your
> > + disk devices in the domain XML:
> > +
> > + <disk ...>
> > + <driver name='qemu' type='qcow2'/>
> > + ...
> > + </disk>
> > +
> > + Alternatively you can reenable probing by setting allow_disk_format_probing=1
> > + in /etc/libvirt/qemu.conf but this is insecure.
> > +
> > + -- Guido Günther <agx@sigxcpu.org> Wed, 29 Sep 2010 13:10:02 +0200
>
> That seems backwards, I'd expect the new entry to go at the top? Does
> apt-listchanges handle that correctly?
You're right, that's backward. I've uploaded a new version (0.8.3-3)
that also fixes two more bugs:
libvirt (0.8.3-3) unstable; urgency=low
* [178670a] Add $syslog to the list of Required-{Start,Stop} services also
drop $local_fs since we already have $remote_fs
* [4db7451] Don't hardcode netcat's -q option. (Closes: #573172) - thanks to
Marc Deslauriers for the patch
* [d4c46ee] Disable CHECKSUM rules not supported by Squeeze's iptables
(Closes: #598330)
* [dbc2609] Move new NEWS items to the top
-- Guido Günther <agx@sigxcpu.org> Wed, 06 Oct 2010 19:47:46 +0200
#573172 really is a blocker for people connectiong to non Debian
machines and #598330 confuses users thinking that might be the source of
a problem they're seeing. I'd be great if this could go into Squeeze.
Cheers,
-- Guido
Reply to: