From 65b1d6ac7318cd6b871406f119d7980507712fc3 Mon Sep 17 00:00:00 2001 From: Jason Mehring Date: Tue, 10 Feb 2015 11:10:12 -0500 Subject: [PATCH] debian: Updated changelog to reflect 3.0.1 version change --- debian/changelog | 75 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 74 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 527d957..d35750d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,77 @@ +qubes-utils (3.0.1) jessie; urgency=medium + + [ Wojciech Zygmunt Porczyk ] + * v3.0.1 + * This has to be versioned because of dependency in core-agent-linux. + + [ Marek Marczykowski-Górecki ] + * Update for new vchan API, remove code not needed anymore + * filecopy: fix handling ENOENT error + * Do not fail when file was successfully created. + * I will test before commit. I will test before commit. I will... + + [ Marek Marczykowski-Górecki ] + * filecopy: really do not use O_TMPFILE when use_tmpfile==0 + * When file opened with O_TMPFILE but use_tmpfile==0, the file will not be + linked to the directory (the code at the end of process_one_file_reg). + Additionally it is waste of time trying using O_TMPFILE when it's + already known it shouldn't be. + Also use_tmpfile==0 can mean we don't have access to /proc + (set_procfs_fd wasn't called), so even if linking the file to its + directory would be attempted, it would fail. This is the case for + dom0-updates copy. + + [ Marek Marczykowski-Górecki ] + * filecopy: create new file unaccessible to the user until fully written + Otherwise source domain can modify (append) the file while the user + already is accessing it. While incoming files should be treated as + untrusted, this problem could allow file modification after the user + makes some sanity checks. + + [ Marek Marczykowski-Górecki ] + * udev: update hotplug block scripts for QubesDB + * Some initial work was done, but apparently not complete and buggy. + + [ Marek Marczykowski-Górecki ] + * version 3.0.0 + + [ Marek Marczykowski-Górecki ] + * Fix compile warnings + + [ Marek Marczykowski-Górecki ] + * qrexec-utils: add read_vchan_all and write_vchan_all + * Similar to read_all and write_all. + + [ Marek Marczykowski-Górecki ] + * qrexec: update protocol + - add new messages + - uniform packet header + - organize #defines + + [ Marek Marczykowski-Górecki ] + * code style: change tabs to spaces + + [ Marek Marczykowski-Górecki ] + * qrexec-utils: disable write-stdin (buffered writes) compilation + * Not compatible with new qrexec protocol yet. To be done. + + [ Marek Marczykowski-Górecki ] + * New qrexec protocol + * Use separate vchan to pass I/O for each process, which greatly simplify + protocol implementation (eg. no flow control needed). + + [ Marek Marczykowski-Górecki ] + * udev: setup permissions on xen device nodes + + [ Marek Marczykowski ] + * qrexec-lib: prevent deadlock on vchan + It can happen that we already cleared libvchan_fd pending state via + libvchan_wait, but data arrived later. This is especially true just + after connection, when client send unsolicited notification to server, + which can confuse it with some requested notification. + + -- Marek Marczykowski-Górecki Tue, 10 Feb 2015 00:00:00 +0100 + qubes-utils (3.0.0) jessie; urgency=medium [ HW42 ] @@ -17,7 +91,6 @@ qubes-utils (3.0.0) jessie; urgency=medium * qrexec-utils: add read_vchan_all and write_vchan_all -- Marek Marczykowski-Górecki Sat, 22 Nov 2014 16:24:11 +0100 - qubes-utils (2.0.14) jessie; urgency=medium [ Marek Marczykowski-Górecki ]