Package "lxc"
  
    
    
        | Name: | lxc | 
    
        | Description:
 | This package is just an umbrella for a group of other packages,
            it has no description.Description samples from packages in group:
 
                    Linux Containers userspace tools (common tools)Linux Containers userspace tools (development)Linux Containers userspace tools (library)Transitional package - lxc-dev -> liblxc-dev | 
    
        | Latest version: | 3.0.3-0ubuntu1~18.04.3 | 
    
        | Release: | bionic (18.04) | 
    
        | Level: | updates | 
    
        | Repository: | main | 
    
   
  
 
Links
Other versions of "lxc" in Bionic
    
Packages in group
Deleted packages are displayed in grey.
Changelog
    
    
    
        
        
    
    
        |   lxc (3.0.3-0ubuntu1~18.04.3) bionic; urgency=medium   * Fix tests issue by avoiding falling back to inexistent trusty LXC images
and using the bionic ones (LP: #1939537)
 | 
    | Source diff to previous version | 
        
        | 
                
                | 1939537 | Tests in ubuntu_lxc failed with \ |  | 
    
    
    
    
    
        
        
    
    
        |   lxc (3.0.3-0ubuntu1~18.04.1) bionic; urgency=medium   * New upstream bugfix release (LP: #1804755):
- CONTRIBUTING: Update reference to kernel coding style
 - CONTRIBUTING: Link to latest online kernel docs
 - CONTRIBUTING: Direct readers to CODING_STYLE.md
 - CODING_STYLE: Mention kernel style in introduction
 - CONTRIBUTING: Add 'be' to fix grammar
 - CODING_STLYE: Simplify explanation for use of 'extern'
 - CODING_STLYE: Remove sections implied by 'kernel style'
 - CODING_STYLE: Fix non-uniform heading level
 - CODING_STYLE: Update section header format
 - cmd: Use parenthesis around complex macro
 - cmd: Use 'void' instead of empty parameter list
 - cmd: Do not use braces for single statement block
 - cmd: Fix whitespace issues
 - cmd: Use 'const' for static string constant.
 - cmd: Remove unnecessary whitespace in string
 - cmd: Put trailing */ on a separate line
 - cmd: Remove typo'd semicolon
 - cmd: Do not use comparison to NULL
 - lxc_init: s/SYSDEBUG()/SYSERROR()/g in remove_self
 - tools: lxc-attach: add default log priority & cleanups
 - tools: lxc-cgroup: add default log priority & cleanups
 - tools: lxc-checkpoint: add default log priority & cleanups
 - tools: lxc-console: add default log priority & cleanups
 - tools: lxc-create: add default log priority & cleanups
 - tools: lxc-destroy: add default log priority & cleanups
 - tools: lxc-device: add default log priority & cleanups
 - tools: lxc-execute: add default log priority & cleanups
 - tools: lxc-start: add default log priority & cleanups
 - tools: lxc-stop: add default log priority & cleanups
 - tools: lxc-freeze: add default log priority & cleanups
 - tools: lxc-unfreeze: add default log priority & cleanups
 - storage_utils: move duplicated function from tools
 - tools: fix lxc-execute command parsing
 - lseek - integer overflow
 - cmd: lxc-user-nic: change log macro & cleanups
 - cmd: lxc-usernsexec reorder includes
 - cmd: move declarations to macro.h
 - cmd: use utils.{c,h} helpers in lxc-usernsexec
 - cmd: simplify lxc-usernsexec
 - cmd: use safe number parsers in lxc-usernsexec
 - macro: add missing headers
 - macro: add macvlan properties
 - tools: Indicate container startup failure
 - storage: exit() => _exit(). when exec is failed
 - tools: lxc-wait: add default log priority & cleanups
 - conf: fix path/lxcpath mixups in tty setup
 - cmd: use goto for cleanup in lxc-usernsexec
 - cmd: Do not reassign variable before it is used
 - cmd: Reduce scope of 'count' variable
 - cmd: Fix format issues found by clang-format
 - list: fix indent
 - utils: split into {file,string}_utils.{c,h}
 - pam_cgfs: build from the same sources as liblxc
 - conf: fix devpts mounting when fully unprivileged
 - macro: s/rexit()/_exit()/g
 - attach: move struct declaration to top
 - macro: move macros from attach.c
 - Makefile: don't allow undefined symbols
 - autotools: check if compiler is new enough
 - log: handle strerror_r() versions
 - autotools: add --{disable,enable}-thread-safety
 - log: fail build on ENFORCE_THREAD_SAFETY error
 - {file,string}_utils: remove NO_LOG
 - initutils: remove useless comment
 - string_utils: remove unnecessary include
 - string_utils: remove unused headers
 - string_utils: add remove_trailing_slashes()
 - Makefile: remove last pam_cgfs special-casing
 - conf: add missing headers
 - Fix typo
 - ifaddrs: add safe implementation of getifaddrs()
 - Makefile: conditionalize ifaddrs.h inclusion
 - execute: skip lxc-init logging when unprivileged
 - execute: pass /proc/self/fd/<nr>
 - tests: cleanup get_item.c
 - build: fix musl
 - configure: reorder header checks
 - compiler: add compiler.h header
 - commands: return -1 on lxc_cmd_get_init_pid() err
 - tests: add basic.c
 - tests: cleanup Makefile
 - commands: ensure -1 is sent on EPIPE for init pid
 - macro: add LXC_AUDS_ADDR_LEN
 - macro: move LXC_CMD_DATA_MAX from commands.h
 - macro: add PTR_TO_INT() and INT_TO_PTR()
 - macro: add INTTYPE_TO_STRLEN()
 - caps: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - cgfsng: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - confile: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - log: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - lsm: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - macro: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - lxccontainer: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - monitor: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - network: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - string_utils: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - utils: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - tools: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - conf: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - tests: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/
 - macro: final INTTYPE_TO_STRLEN() related cleanups
 - macro: coding style fixes
 - Makefile: correctly add ifaddrs to noinst_HEADERS
 - start: remove duplicate macros
 - caps: move macros to macro header
 - string_utils: use UINT64_MAX macro
 - tree-wide: use sizeof on static arrays
 - Revert "tree-wide: use sizeof on static arrays"
 - commands: pass around intmax_t
 - commands: assign before converting to pointer
 - macro: calculate buffer lengths correctly
 - Revert "Revert "tree-wide: use sizeof on static arrays""
 - macro: move MS_* macros
 - caps: fix illegal access to array bound
 - utils: defensive programming
 - nl: remove duplicated define
 - syntax error: mismatch brace
 - commands: better error message
 - file_utils: add lxc_recv_nointr()
 - commands: switch to setting errno and returning -1
 - log: do not clobber errno
 - log: save errno on strerror_r()
 - tree-wide: s/recv()
 | 
    | Source diff to previous version | 
        
        | 
                
                | 1804755 | SRU of LXC 3.0.3 (upstream bugfix release) |  | 
    
    
    
    
    
        
        
    
    
        |   lxc (3.0.2-0ubuntu1~18.04.1) bionic; urgency=medium   * New upstream bugfix release (LP: #1788457):
- CVE 2018-6556: verify netns fd in lxc-user-nic
 - fixed a range of bugs found by Coverity
 - lxc-usernsexec: cleanup and bugfixes
 - log: add CMD_SYSINFO()
 - log: add CMD_SYSERROR()
 - state: s/sleep()/nanosleep()/
 - lxclock: improve file locking
 - lxccontainer: improve file locking
 - lxccontainer: fix F_OFD_GETLK checks
 - netlink: add __netlink_{send,recv,transaction}
 - netns: allocate network namespace id
 - MAINTAINERS: add Wolfgang Bumiller
 - pam_cgfs: cleanups
 - log: add default log priority
 - tree-wide: pass unsigned long to prctl()
 - macro: add new macro header
 - conf: mount devpts without “max” on EINVAL
 - tree-wide: handle EINTR in read() and write()
 - tree-wide: replace pipe() with pipe2()
 - confile: split mount options into flags and data
 - conf: improve rootfs setup
 - autotools: default to -Wvla -std=gnu11
 - tree-wide: remove VLAs
 - tree-wide: replace strtok_r() with lxc_iterate_parts()
 - utils: add lxc_iterate_parts()
 - apparmor: allow start-container to change to lxc-**
 - apparmor: update current profiles
 - apparmor: Allow /usr/lib* paths for mount and pivot_root
 - conf: the atime flags are locked in userns
 - conf: handle partially functional device nodes
 - conf: create /dev directory
 - autotools: build both a shared and static liblxc
 - namespace: add api to convert namespaces to standard identifiers
 - tree-wide: set MSG_NOSIGNAL
 - tree-wide: use mknod() to create dummy files
 - cgfsng: respect lxc.cgroup.use
 - cgroups: remove is_crucial_cgroup_subsystem()
 - tree-wide: remove unneeded log prefixes
 - tests: cleanup all tests
 - terminal: set FD_CLOEXEC on pty file descriptors
 - conf: simplify lxc_setup_dev_console()
 - tools: rework tools
 - autodev: adapt to changes in Linux 4.18
 - log: change DEBUG, INFO, TRACE, NOTICE macro using strerror to SYS* macro
 - log: add lxc_log_strerror_r macro
 - network: unpriv lxc will run lxc.net.[i].script.up now
 - conf: only use newuidmap and newgidmap when necessary
 - autotools: support tls in cross-compile
   * Cherry-pick upstream fixes:
- 0002-tools-fix-lxc-execute-command-parsing.patch
 - 0003-lseek-integer-overflow.patch
 - 0004-cmd-lxc-usernsexec-reorder-includes.patch
 - 0005-cmd-move-declarations-to-macro.h.patch
 - 0006-cmd-use-utils.-c-h-helpers-in-lxc-usernsexec.patch
 - 0007-cmd-simplify-lxc-usernsexec.patch
 - 0008-cmd-use-safe-number-parsers-in-lxc-usernsexec.patch
 - 0009-tools-Indicate-container-startup-failure.patch
 - 0010-conf-fix-path-lxcpath-mixups-in-tty-setup.patch
 - 0011-cmd-use-goto-for-cleanup-in-lxc-usernsexec.patch
 - 0012-utils-split-into-file-string-_utils.-c-h.patch
 - 0013-pam_cgfs-build-from-the-same-sources-as-liblxc.patch
 - 0014-conf-fix-devpts-mounting-when-fully-unprivileged.patch
 - 0015-macro-s-rexit-_exit-g.patch
 - 0016-Makefile-don-t-allow-undefined-symbols.patch
 - 0017-autotools-check-if-compiler-is-new-enough.patch
 - 0018-log-handle-strerror_r-versions.patch
 - 0019-autotools-add-disable-enable-thread-safety.patch
 - 0020-log-fail-build-on-ENFORCE_THREAD_SAFETY-error.patch
 - 0021-macro-add-missing-headers.patch
 - 0022-execute-skip-lxc-init-logging-when-unprivileged.patch
 - 0023-execute-pass-proc-self-fd-nr.patch
 - 0024-commands-return-1-on-lxc_cmd_get_init_pid-err.patch
   * Bump standards to 4.2.0
- Update lintian overrides
 * Include new .a file into liblxc-dev
 * Override GPG keyserver in autopkgtest
 * Run autoreconf during autopkgtest
  -- Stéphane Graber <email address hidden>  Mon, 10 Sep 2018 14:43:52 -0400 | 
    | Source diff to previous version | 
        
        | 
                
                | 1788457 | SRU of LXC 3.0.2 (upstream bugfix release) |  | 
    
    
    
    
    
        
        
    
    
        |   lxc (3.0.1-0ubuntu1~18.04.2) bionic-security; urgency=medium   * SECURITY UPDATE: lxc-user-nic allows for open() of arbitrary paths
(LP: #1783591)
 - Ensure that the provided path is a netns reference
 - CVE-2018-6556
  -- Stéphane Graber <email address hidden>  Wed, 01 Aug 2018 00:03:10 -0400 | 
    | Source diff to previous version | 
        
        | 
                
                | 1783591 | lxc-user-nic allows unprivileged users to open arbitrary files |  
                | CVE-2018-6556 | lxc-user-nic allows unprivileged users to open arbitrary files |  | 
    
    
    
    
    
        
        
    
    
        |   lxc (3.0.1-0ubuntu1~18.04.1) bionic; urgency=medium   * New upstream bugfix release (LP: #1775283):
- tools: fix unitialized variable
 - storage: fix lvm fs uuid generation
 - lxc-oci: fix Cmd/Entrypoint parsing
 - lxc-oci: make umoci less verbose
 - lxclock: use thread-safe OFD fcntl() locks
 - locktests: fix test suite
 - conf: ensure umounts don’t propagate to host
 - doc: Tweak Japanese translation in lxc.container.conf(5)
 - fix signal sending in lxc.init
 - rootfs pinning: On NFS, make file hidden but don’t delete it
 - conf: fix temporary file creation
 - ringbuf: fix temporary file creation
 - Fix compilation with static libcap and shared gnutls
 - attach: always drop supplementary groups
 - lxc init: remove dead code
 - storage/rsync: free memory on error
 - tools/utils: free memory on error
 - lxc init: coding style
 - utils: define __NR_setns if missing on old glibcs
 - attach: try to always drop supplementary groups
 - conf: ret-try devpts mount without gid=5 on error
 - execute: fix app containers without root mapping
 - conf: fix net type checks in run_script_argv()
 - seccomp: handle arch inversion
 - seccomp: handle all errors
 - seccomp: cleanup compat architecture handling
 - seccomp: improve logging
 - tools: document -d/–daemonize for lxc-execute
 - seccomp: non-functional changes
 - seccomp: handle arch inversion II
 - lxc-oci: mkdir the download directory
 - do_lxcapi_create: set umask
 - lxc/tools/lxc_monitor: include missing <stddef.h>
 - pam-cgfs: ignore the system umask when creating the cgroup hierarchy
 - Also pass action scripts to CRIU on checkpointing
 - Fix the memory leak in cgfsng_attach
 - Fix memory leak in list_active_containers
 - Fix tool_utils.c build when HAVE_SETNS is unset
 - coverity: #1435210
 - coverity: #1435208
 - coverity: #1435207
 - coverity: #1435206
 - coverity: #1435205
 - coverity: #1435203
 - coverity: #1435200
 - coverity: #1435198
 - coverity: #1426734
 - lxccontainer: non-functional changes
 - lxccontainer: use thread-safe OFD locks
 - lxccontainer: non-functional changes
 - lxccontainer: do_lxcapi_is_running()
 - lxccontainer: do_lxcapi_freeze()
 - lxccontainer: do_lxcapi_unfreeze()
 - lxccontainer: non-functional changes
 - lxccontainer: use thread-safe open() + write()
 - lxccontainer: non-functional changes
 - lxccontainer: non-functional changes
 - lxccontainer: non-functional changes
 - coverity: #1435263
 - fix logic for execute log file
 - utils: add LXC_PROC_PID_FD_LEN
 - execute: use static buffer
 - execute: do not check inherited fds again
 - add some TRACE/ERROR reporting
 - execute: account for -o path option count
 - execute: set init_path when existing init is found
 - genl: remove
 - coverity: #1248104
 - coverity: #1248105
 - coverity: #1425744
 - utils: account for terminating \0 byte
 - confile: satisfy gcc-8
 - network: silence gcc-8
 - network: adhere to IFNAMSIZ limit
 - support case ignored suffix for sizes
 - utils: fix parse_byte_size_string() coding style
 - strlcpy: add strlcpy() implementation
 - tree-wide: s/strncpy()/strlcpy()/g
 - CODING_STYLE: add section about using strlcpy()
 - tools: s/strncpy()/strlcpy()/g
 - Revert “tools: s/strncpy()/strlcpy()/g”
 - tools: s/strncpy()/memcpy()/
 - doc: Add “-d/–daemon” option to Japanese lxc-execute(1)
 - doc: Fix size unit style in Japanese lxc.container.conf(5)
 - coverity: #1435604
 - coverity: #1435603
 - coverity: #1435602
 - coverity: #1425844
 - config: allow read-write /sys in user namespace
 - coverity: #1425836
 - coverity: #1248106
 - capabilities: raise ambient capabilities
 - coverity: #1425802
 - cgroups: refactor cgroup handling
 - cgroups: remove freezer_state()
 - seccomp: #ifdef SCMP_ARCH_AARCH64
 - conf: simplify write_id_mapping()
 - log: enable per-thread container name prefix
 - lxc-init: skip signals that can’t be caught
 - execute: use execveat() syscall if supported
 - tools: only create log file when requested
 - seccomp: fix off-by-one error in array allocation for sscanf
 - seccomp: remove confusing comment line
 - seccomp: remove unnecessary memset
 - seccomp: fix type mismatch when parsing syscall arguments filters
 - lxcseccomp: cleanup header
 - seccomp: parse_config_v1()
 - utils: add remove_trailing_newlines()
 - seccomp: get_v2_default_action()
 - seccomp: get_action_name()
 - seccomp: get_v2_action()
 - seccomp: fix get_seccomp_arg_value()
 - seccomp: parse_v2_rules()
 - seccomp: move #ifdefines
 - seccomp: get_hostarch()
 - seccomp: scmp_filter_ctx get_new_ctx()
 - seccomp: do_resolve_add_rule()
 - seccomp: parse_config_v2()
 - seccomp: parse_config()
 - seccomp: lxc_read_seccomp_config()
 - tree-wide: s/sigprocmask/pthread_sigmask()/g
 - utils: fix task_blocking_signal()
 - lxccontainer: fix fd leaks when sending signals
 - confile: order architectures
 - start: log setns() failure
 - seccomp: leak fixup
 - seccomp: re-add action parse error handling
 - seccomp: refactor line handling of parse_config
 - seccomp: error on unrecognized actions
 - seccomp: lxc_read_seccomp_config()
 - seccomp: parse_v2_rules()
 - seccomp: make do_resolve_add_rule() more strict
 - tools: fix lxc-create with global config value
 - tools: fix lxc-create with global config value II
 - coverity: #1435806
 - coverity: #1435805
 - coverity: #1435803
 - coverity: #1435747
 - conf: non-functional changes
 - conf: make is_execute a boolean
 - conf: non-functional changes
 - conf: make close_all_fds a boolean
 - conf: reshuffle mount members
 - conf: simplify tty handling
 - conf: pts -> pty_max
 - conf: non-
 | 
    
        
        | 
                
                | 1775283 | SRU of LXC 3.0.1 (upstream bugfix release) |  | 
    
    
        
        
        
            About
              -  
            Send Feedback to @ubuntu_updates