The 7.6.0 release of both libvirt and libvirt-python is tagged and signed tarballs and source RPMs are available at https://libvirt.org/sources/ https://libvirt.org/sources/python/ Thanks everybody who helped with this release by sending patches, reviewing, testing, or providing any other feedback. Your work is greatly appreciated. * Security * storage: Unlock pool objects on ACL check failures in ``storagePoolLookupByTargetPath`` (CVE-2021-3667) A logic bug in ``storagePoolLookupByTargetPath`` where the storage pool object was left locked after a failure of the ACL check could potentially deprive legitimate users access to a storage pool object by users who don't have access. * New features * qemu: Incremental backup support via ``virDomainBackupBegin`` libvirt-7.6 along with the unreleased qemu-6.1 will fully support the change block tracking features (block-dirty-bitmaps) to be able to do incremental backups and management of the checkpoint states via the appropriate APIs. * qemu: Add support for launch security type s390-pv Specifying s390-pv as launch security type in an s390 domain prepares for running the guest in protected virtualization secure mode, also known as IBM Secure Execution. This simplifies the definition and reduces the risk of an incorrect definition, e.g. by forgetting to specify ``iommu=on`` on all virtio devices. * domstats: Add haltpolling time statistic interface Domstats now provide the data of cpu haltpolling time. This feature relies on statistics available after kernel version 5.8. This will allow the user to get more accurate CPU usage information if needed. * Bug fixes * qemu: Fix migration with ``VIR_MIGRATE_NON_SHARED_INC`` libvirt 7.3.0 introduced a bug where ``VIR_MIGRATE_NON_SHARED_INC`` would not actually migrate the contents of the disk due to broken logic and at the same time could trigger migration of storage when ``VIR_MIGRATE_TUNNELLED`` is requested. This release fixes the bug. * qemu: Don't emit ``VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD`` twice when registered with index When registering the threshold event with the index notation (e.g. ``vda[3]``) libvirt would emit the event also for ``vda`` if the image is in the top layer. The intention was to emit two events only when the original registration was done without the index. * qemu: Pass discard requests for disks with ``copy_on_read='on'`` When a disk using the ``copy_on_read='on'`` option is configured also with ``discard='unmap'`` the discard requests will now be passed to the underlying image freeing up the space. Enjoy. Jirka