[PATCH 0/3] NEWS updates for 7.6
Peter Krempa (3): NEWS: Use 'code' style for constant names in entry for recent migration fix NEWS: Mention security bug in storage pool object lookup (CVE-2021-3667) NEWS: Mention change to VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD NEWS.rst | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) -- 2.31.1
Signed-off-by: Peter Krempa <pkrempa@redhat.com> --- NEWS.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/NEWS.rst b/NEWS.rst index a7a7022f8d..37f3c48d88 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -23,12 +23,12 @@ v7.6.0 (unreleased) * **Bug fixes** - * qemu: Fix migration with VIR_MIGRATE_NON_SHARED_INC + * qemu: Fix migration with ``VIR_MIGRATE_NON_SHARED_INC`` - libvirt 7.3.0 introduced a bug where VIR_MIGRATE_NON_SHARED_INC would not - actually migrate the contents of the disk due to broken logic and at the - same time could trigger migration of storage when VIR_MIGRATE_TUNNELLED is - requested. This release fixes the bug. + libvirt 7.3.0 introduced a bug where ``VIR_MIGRATE_NON_SHARED_INC`` would + not actually migrate the contents of the disk due to broken logic and at + the same time could trigger migration of storage when + ``VIR_MIGRATE_TUNNELLED`` is requested. This release fixes the bug. v7.5.0 (2021-07-01) -- 2.31.1
Signed-off-by: Peter Krempa <pkrempa@redhat.com> --- NEWS.rst | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 37f3c48d88..d791b34efb 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -11,6 +11,15 @@ For a more fine-grained view, use the `git log`_. v7.6.0 (unreleased) =================== +* **Security** + + * storage: Unlock pool objects on ACL check failures in ``storagePoolLookupByTargetPath`` (CVE-2021-3667) + + A logic bug in ``storagePoolLookupByTargetPath`` where the storage pool + object was left locked after a failure of the ACL check could potentially + deprive legitimate users access to a storage pool object by users who don't + have access. + * **New features** * qemu: Incremental backup support via ``virDomainBackupBegin`` -- 2.31.1
Signed-off-by: Peter Krempa <pkrempa@redhat.com> --- NEWS.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index d791b34efb..618f478b81 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -39,6 +39,13 @@ v7.6.0 (unreleased) the same time could trigger migration of storage when ``VIR_MIGRATE_TUNNELLED`` is requested. This release fixes the bug. + * qemu: Don't emit ``VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD`` twice when registered with index + + When registering the threshold event with the index notation (e.g. + ``vda[3]``) libvirt would emit the event also for ``vda`` if the image is + in the top layer. The intention was to emit two events only when the + original registration was done without the index. + v7.5.0 (2021-07-01) =================== -- 2.31.1
On Tue, Jul 27, 2021 at 02:48:39PM +0200, Peter Krempa wrote:
Peter Krempa (3): NEWS: Use 'code' style for constant names in entry for recent migration fix NEWS: Mention security bug in storage pool object lookup (CVE-2021-3667) NEWS: Mention change to VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD
NEWS.rst | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-)
-- 2.31.1
Reviewed-by: Erik Skultety <eskultet@redhat>
participants (2)
-
Erik Skultety -
Peter Krempa