UbuntuUpdates.org

Package "lxc"


Moved to trusty:main:updates


Name: lxc

Description:

Linux Containers userspace tools

Latest version: *DELETED*
Release: trusty (14.04)
Level: proposed
Repository: main
Homepage: http://linuxcontainers.org

Links


Download "lxc"


Other versions of "lxc" in Trusty

Repository Area Version
base main 1.0.3-0ubuntu3
security main 1.0.10-0ubuntu1.1
updates main 1.0.10-0ubuntu1.1
backports main 2.0.8-0ubuntu1~14.04.1
PPA: Ubuntu SDK Release 2.0.5-0ubuntu3~ubuntu14.04.1~ppa1
PPA: Lxd 2.1.1-0ubuntu1~ubuntu14.04.1~ppa1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: *DELETED* 2017-06-23 08:06:44 UTC
Moved to trusty:main:updates
No changelog for deleted or moved packages.

Version: 1.0.10-0ubuntu1 2017-05-29 15:06:38 UTC

  lxc (1.0.10-0ubuntu1) trusty; urgency=medium

  * New upstream bugfix release. (LP: #1693002)
    - Security fix for CVE-2016-10124
    - Security fix for CVE-2017-5985

    - attach: simplify lsm_openat()
    - commands: improve logging
    - utils: add macro __LXC_NUMSTRLEN
    - tests; Don't cause test failures on cleanup errors
    - conf: clearly report to either use drop or keep
    - attach: close lsm label file descriptor
    - conf, attach: save errno across call to close
    - templates/lxc-debian.in: Fix typo in calling dpkg with
      --print-foreign-architectures option
    - templates/lxc-debian.in: handle ppc hostarch -> powerpc
    - Fix regression in errno handling cherry-pick
    - don't try to get stuff from /usr/lib/systemd on the host
    - lxc-opensuse: rm poweroff.target -> sigpwr.target copy
    - Add --enable-gnutls option
    - tests: skip unpriv tests on broken overlay module
    - Use AC_HEADER_MAJOR to detect major()/minor()/makedev()
    - Make lxc-start-ephemeral Python 3.2-compatible
    - systemd: enable delegate in service file
    - confile: clear lxc.network..ipv{4,6} when empty
    - seccomp: allow x32 guests on amd64 hosts.
    - squeeze is not a supported release anymore, drop the key
    - seccomp: set SCMP_FLTATR_ATL_TSKIP if available
    - lxc-checkconfig: verify new[ug]idmap are setuid-root
    - python3: Deal with potential NULL char*
    - lxc-download.in / allow setting keyserver from env
    - lxc-download.in / Document keyserver change in help
    - Change variable check to match existing style
    - tests: Support running on IPv6 networks
    - tests: Kill containers (don't wait for shutdown)
    - Fix opening wrong file in suggest_default_idmap
    - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals
    - Increased buffer length in print_stats()
    - remove obsolete note about api stability
    - conf: less error prone pointer access
    - create ISSUE_TEMPLATE.md
    - issue template: fix typo
    - conf: order mount options
    - commands: avoid NULL pointer dereference
    - commands: non-functional changes
    - lxccontainer: avoid NULL pointer dereference

 -- Stéphane Graber <email address hidden> Tue, 23 May 2017 14:44:34 -0400

1693002 SRU of LXC 1.0.10 (upstream bugfix release)
CVE-2016-1012 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to
CVE-2017-5985 RESERVED

Version: *DELETED* 2017-01-19 02:06:37 UTC
Moved to trusty:main:updates
No changelog for deleted or moved packages.

Version: 1.0.9-0ubuntu2 2017-01-04 19:06:39 UTC

  lxc (1.0.9-0ubuntu2) trusty; urgency=medium

  * Cherry-pick upstream bugfix (LP: #1647016):
    - 0001-tests-skip-unpriv-tests-on-broken-overlay-module.patch

 -- Stéphane Graber <email address hidden> Wed, 04 Jan 2017 12:38:37 -0500

Source diff to previous version
1647016 SRU of LXC 1.0.9 (upstream bugfix release)

Version: 1.0.9-0ubuntu1 2016-12-15 20:07:18 UTC

  lxc (1.0.9-0ubuntu1) trusty; urgency=medium

  * New upstream bugfix release. (LP: #1647016)
    - Security fix for CVE-2016-8649
    - utils: make detect_ramfs_rootfs() return bool
    - tests: add test for detect_ramfs_rootfs()
    - add Documentation entries to lxc and lxc@ units
    - mark the python examples as having utf-8 encoding
    - log: sanity check the returned value from snprintf()
    - lxc-alpine: mount /dev/shm as tmpfs
    - archlinux: Do DHCP on eth0
    - archlinux: Fix resolving
    - Drop leftover references to lxc_strerror()
    - tests: fix image download for s390x
    - tools: fix coding style in lxc_attach
    - tools: make overlay valid backend
    - tools: better error reporting for lxc-start
    - alpine: Fix installing extra packages
    - lxc-alpine: do not drop setfcap
    - s390x: Fix seccomp handling of personalities
    - tools: correct the argument typo in lxc_copy
    - Use libtool for liblxc.so
    - c/r: use --external instead of --veth-pair
    - c/r: remember to increment netnr
    - c/r: add checkpoint/restore support for macvlan interfaces
    - ubuntu: Fix package upgrades requiring proc
    - c/r: drop duplicate hunk from macvlan case
    - c/r: use snprintf to compute device name
    - Tweak libtool handling to work with Android
    - tests: add lxc_error() and lxc_debug()
    - container start: clone newcgroup immediately
    - use python3_sitearch for including the python code
    - fix rpm build, include all built files, but only once
    - cgfs: fix invalid free()
    - find OpenSUSE's build also as obs-build
    - improve help text for --fancy and --fancy-format
    - improve wording of the help page for lxc-ls
    - cgfs: add print_cgfs_init_debuginfo()
    - cgfs: skip empty entries under /proc/self/cgroup
    - cgfs: explicitly check for NULL
    - tools: use correct exit code for lxc-stop
    - c/r: explicitly emit bind mounts as criu arguments
    - log: bump LXC_LOG_BUFFER_SIZE to 4096
    - conf: merge network namespace move & rename on shutdown
    - c/r: save criu's stdout during dump too
    - c/r: remove extra \ns from logs
    - c/r: fix off-by-one error
    - c/r: check state before doing a checkpoint/restore
    - start: CLONE_NEWCGROUP after we have setup cgroups
    - create symlink for /var/run
    - utils: add lxc_append_string()
    - cgroups: remove isolated cpus from cpuset.cpus
    - Update Ubuntu release name: add zesty and remove wily
    - templates: add squashfs support to lxc-ubuntu-cloud.in
    - cgroups: skip v2 hierarchy entry
    - also stop lxc-net in runlevels 0 and 6
    - add lxc.egg-info to gitignore
    - install bash completion where pkg-config tells us to
    - conf: do not use %m format specifier
    - debian: Don't depend on libui-dialog-perl
    - cgroups: use %zu format specifier to print size_t
    - lxc-checkpoint: automatically detect if --external or --veth-pair
    - cgroups: prevent segfault in cgfsng
    - utils: add lxc_preserve_ns()
    - start: add netnsfd to lxc_handler
    - conf: use lxc_preserve_ns()
    - attach: use lxc_preserve_ns()
    - lxc_user_nic: use lxc_preserve_ns()
    - conf, start: improve log output
    - conf: explicitly remove veth device from host
    - conf, start: be smarter when deleting networks
    - start, utils: improve preserve_ns()
    - start, error: improve log + non-functional changes
    - start, namespace: move ns_info to namespace.{c,h}
    - attach, utils: bugfixes
    - attach: use ns_info[LXC_NS_MAX] struct
    - namespace: always attach to user namespace first
    - cgroup: improve isolcpus handling
    - cgroups: handle non-existent isolcpus file
    - utils: add lxc_safe_uint()
    - tests: add unit tests for lxc_safe_uint()
    - utils: add lxc_safe_int()
    - tests: add unit tests for lxc_safe_int()
    - conf/ile: get ip prefix via lxc_safe_uint()
    - confile: use lxc_safe_u/int in config_init_{u,g}id
    - conf/ile: use lxc_safe_uint() in config_pts()
    - conf/ile: use lxc_safe_u/int() in config_start()
    - conf/ile: use lxc_safe_uint() in config_monitor()
    - conf/ile: use lxc_safe_uint() in config_tty()
    - conf/ile: use lxc_safe_uint() in config_kmsg()
    - conf/ile: avoid atoi in config_lsm_aa_incomplete()
    - conf/ile: use lxc_safe_uint() in config_autodev()
    - conf/ile: avoid atoi() in config_ephemeral()
    - utils: use lxc_safe_int()
    - lxc_monitord: use lxc_safe_int() && use exit()
    - start: use lxc_safe_int()
    - conf: use lxc_safe_{u}int()
    - tools/lxc_execute: use lxc_safe_uint()
    - tools/lxc_stop: use lxc_safe_uint()
    - utils: add lxc_safe_long()
    - tests: add unit tests for lxc_safe_long()
    - tools/lxc_stop: use lxc_safe_long()
    - tools/lxc_top: use lxc_safe_int()
    - tools/lxc_ls: use lxc_safe_uint()
    - tools/lxc_autostart: use lxc_safe_{int,long}()
    - tools/lxc_console: use lxc_safe_uint()
    - tools: replace non-standard namespace identifiers
    - Configure a static MAC address on the LXC bridge
    - tests: remove overflow tests
    - attach: do not send procfd to attached process
  * Autopkgtest:
    - Restrict tests to run on standalone systems.

 -- Stéphane Graber <email address hidden> Sat, 03 Dec 2016 00:16:35 -0500

1647016 SRU of LXC 1.0.9 (upstream bugfix release)
CVE-2016-8649 lxc-attach to malicious container allows access to host



About   -   Send Feedback to @ubuntu_updates