9:33 a.m.
Hopefully I've done a decent enough job at summarizing, especially
with the security stuff: if not, please let me know!
Andrea Bolognani (2):
news: Reformat overgrown line
news: Update for 5.4.0 release
docs/news.xml | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 60 insertions(+), 1 deletion(-)
--
2.21.0
9:33 a.m.
New subject: [libvirt] [PATCH 1/2] news: Reformat overgrown line
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
docs/news.xml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/docs/news.xml b/docs/news.xml
index 9922cd4de0..23bd831563 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -54,7 +54,8 @@
to start up other threads was misleading as it would affect other
threads (vCPU and I/O) as well. In some particular situations this
could also lead to an error when the thread for vCPU #0 was being
- moved to its cpu,cpuacct cgroup. This was fixed so that the scheduler for the
main thread is set after QEMU starts.
+ moved to its cpu,cpuacct cgroup. This was fixed so that the
+ scheduler for the main thread is set after QEMU starts.
</description>
</change>
</section>
--
2.21.0
9:33 a.m.
New subject: [libvirt] [PATCH 2/2] news: Update for 5.4.0 release
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
docs/news.xml | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 58 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index 23bd831563..06ab3c0cef 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -42,7 +42,60 @@
<release version="v5.4.0" date="unreleased">
<section title="New features">
</section>
+ <section title="Security">
+ <change>
+ <summary>
+ cpu: Introduce support for the md-clear CPUID bit
+ </summary>
+ <description>
+ This bit is set when microcode provides the mechanism to invoke a
+ flush of various exploitable CPU buffers by invoking the x86
+ <code>VERW</code> instruction. CVE-2018-12126, CVE-2018-12127,
+ CVE-2018-12130, CVE-2019-11091.
+ </description>
+ </change>
+ <change>
+ <summary>
+ Restrict user access to virt-admin, virtlogd and virtlockd
+ </summary>
+ <description>
+ The intended users for these facilities are the <code>root</code>
+ user and the <code>libvirtd</code> service respectively, but these
+ restrictions were not enforced correctly. CVE-2019-10132.
+ </description>
+ </change>
+ </section>
<section title="Improvements">
+ <change>
+ <summary>
+ test driver: Expand API coverage
+ </summary>
+ <description>
+ Several APIs that were missing from the test driver have now been
+ implemented.
+ </description>
+ </change>
+ <change>
+ <summary>
+ Avoid unnecessary static linking
+ </summary>
+ <description>
+ Most binaries shipped as part of libvirt, for example
+ <code>virtlogd</code> and
<code>libvirt_iohelper</code>, were
+ embedding parts of the library even though they also linked against
+ the <code>libvirt.so</code> dynamic library. This is no longer the
+ case, which results in both the disk and memory footprint being
+ reduced.
+ </description>
+ </change>
+ <change>
+ <summary>
+ qemu: Report stat-htlb-pgalloc and stat-htlb-pgfail balloon stats
+ </summary>
+ <description>
+ These stats have been introduced in QEMU 3.0.
+ </description>
+ </change>
</section>
<section title="Bug fixes">
<change>
@@ -58,6 +111,11 @@
scheduler for the main thread is set after QEMU starts.
</description>
</change>
+ <change>
+ <summary>
+ apparmor: Allow hotplug of vhost-scsi devices
+ </summary>
+ </change>
</section>
</release>
<release version="v5.3.0" date="2019-05-04">
--
2.21.0
4:05 a.m.
On 5/30/19 4:33 PM, Andrea Bolognani wrote:
Hopefully I've done a decent enough job at summarizing,
especially
with the security stuff: if not, please let me know!
Andrea Bolognani (2):
news: Reformat overgrown line
news: Update for 5.4.0 release
docs/news.xml | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 60 insertions(+), 1 deletion(-)
ACK and safe for freeze.
Michal
2002
days inactive
2003
days old
3 comments
2 participants
participants (2)
-
Andrea Bolognani -
Michal Privoznik