[buildd-tools-devel] schroot 1.4.16 released
Roger Leigh
rleigh at codelibre.net
Tue Dec 7 17:15:56 UTC 2010
I have released schroot version 1.4.16. This release contains bugfixes
only. The most significant change is the relaxation of overly strict
chroot naming rules which break some lenny→squeeze upgrades.
* Major changes in 1.4.16:
1) Chroot naming restrictions introduced in 1.4.0 have been relaxed
following a code audit to evaluate the security implications.
The name may not contain a leading period (‘.’). Any characters
are permitted, with the following restrictions. The characters
‘:’ (colon), ‘,’ (comma) and ‘/’ (forward slash) are not
permitted anywhere in the name. The name may also not contain a
trailing tilde ('~'). See schroot.conf(5) for more information.
schroot (1.4.16-1) unstable; urgency=low
* New upstream stable release.
* Document schroot -- option delimiter in schroot(1)
(Closes: #599380).
* Document security implications of bind-mounting /dev and other
filesystems in schroot.conf(5) (Closes: #587758).
* Relax chroot naming restrictions (Closes: #601043, #605939). The
name may not contain a leading period (‘.’). The characters ‘:’
(colon), ‘,’ (comma) and ‘/’ (forward slash) are not permitted
anywhere in the name. The name may also not contain a trailing
tilde ('~'). Otherwise any characters are permitted.
* 10mount: Respect mount options from configuration for all mountable
chroot types (Closes: #605950). Thanks to Nelson Elhage for this
patch.
* 15killprocs: Improve performance by omitting a readlink call for
each process running on the system, leading to a significant
reduction in overhead on busy systems (Closes: #606162). Thanks
to Anders Kaseorg for this patch.
Regards,
Roger
Anders Kaseorg (1):
setup.d: 15killprocs: Don’t run /bin/readlink for every process
Nelson Elhage (1):
setup.d: 10mount: Make all mountable chroots respect mount options from configur
Roger Leigh (20):
NEWS: Bump version to 1.4.16
debian: Bump version to 1.4.16-1
man: Document -- option delimiter
debian: Close #599380
debian: Close #605950
man: Document security implications of profiles in schroot.conf(5)
debian: Close #587758
sbuild::chroot: Validate set_aliases as for set_name
sbuild::util: Relax session name restrictions in is_valid_sessionname
man: Document chroot naming restrictions
debian: Close #601043 and #605939
debian: Document new chroot naming rules
sbuild: is_valid_sessionname: Ignore editor backups
man: Fully document chroot naming restrictions
NEWS: Document chroot name restriction relaxation
debian: Update chroot naming restriction relaxation documentation
sbuild::chroot: Make invalid name reason generic
debian: Close #606162
debian: Reorder changelog
po: Update
NEWS | 12 +++++++-
debian/changelog | 22 ++++++++++++++
debian/schroot.NEWS | 24 +++++++++------
etc/setup.d/10mount | 10 ++----
etc/setup.d/15killprocs | 3 +-
man/schroot.1.in | 10 ++++++-
man/schroot.conf.5.in | 72 +++++++++++++++++++++++++++++++++++++++++++++-
po/cs.po | 4 +-
po/da.po | 9 ++++--
po/de.po | 9 ++++--
po/en.po | 9 ++++--
po/eu.po | 4 +-
po/fr.po | 11 ++++--
po/it.po | 11 ++++--
po/pt.po | 10 ++++--
po/schroot.pot | 4 +-
po/sv.po | 4 +-
po/vi.po | 11 ++++--
po/zh_CN.po | 9 ++++--
sbuild/sbuild-chroot.cc | 9 +++++-
sbuild/sbuild-util.cc | 8 ++++-
21 files changed, 205 insertions(+), 60 deletions(-)
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20101207/b0f00b75/attachment.pgp>
More information about the Buildd-tools-devel
mailing list