[SECURITY] Fedora 13 Update: lvm2-2.02.73-2.fc13

updates at fedoraproject.org updates at fedoraproject.org
Sat Sep 11 09:01:07 UTC 2010 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-13708
2010-08-30 17:44:14
--------------------------------------------------------------------------------

Name        : lvm2
Product     : Fedora 13
Version     : 2.02.73
Release     : 2.fc13
URL         : http://sources.redhat.com/lvm2
Summary     : Userland logical volume management tools
Description :
LVM2 includes all of the support for handling read/write operations on
physical volumes (hard disks, RAID-Systems, magneto optical, etc.,
multiple devices (MD), see mdadd(8) or even loop devices, see
losetup(8)), creating volume groups (kind of virtual disks) from one
or more physical volumes and creating one or more logical volumes
(kind of logical partitions) in volume groups.

--------------------------------------------------------------------------------
Update Information:

    This update addresses a security problem when using the clustered LVM daemon
clvmd from the package lvm2-cluster on systems where you have non-root users.
The lvm2 package on its own is not vulnerable to this problem but if you are
using lvm2-cluster you must update both together.        Further details are
given in the Red Hat Bugzilla: https://bugzilla.redhat.com/CVE-2010-2526
After updating the packages, make sure that clvmd restarted itself.        This
update also includes several other important bug fixes and enhancements - see
the detailed changelog.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 25 2010 Peter Rajnoha <prajnoha at redhat.com> - 2.02.73-2
- Add configure --with-default-data-alignment.
- Update heuristic used for default and detected data alignment.
- Add "devices/default_data_alignment" to lvm.conf.
* Wed Aug 18 2010 Alasdair Kergon <agk at redhat.com> - 2.02.73-1
- Change default alignment of data extents to 1MB.
- Add --norestorefile option to pvcreate.
- Require --restorefile when using pvcreate --uuid.
- Fix potential for corruption during cluster mirror device failure.
- Ignore snapshots when performing mirror recovery beneath an origin.
- Monitor origin -real device below snapshot instead of overlay device.
- Don't really change monitoring status when in test mode.
- Fix some exit statuses when starting/stopping monitoring fails.
- Enable snapshot monitoring by default when dmeventd is enabled.
- Fix 'lvconvert --splitmirrors' in cluster operation.
- Fix clvmd init script exit code to return 4 when executed as non-root user.
- Recognise and give preference to md device partitions (blkext major).
- Never scan internal LVM devices.
- Don't ignore user-specified PVs in split-mirror operations. (2.02.71)
- Fix data corruption bug in cluster mirrors.
- Require logical volume(s) to be explicitly named for lvconvert --merge.
- Avoid changing aligned pe_start as a side-effect of a log message.
- Use built-in rule for device aliases: block/ < dm- < disk/ < mapper/ < other.
- Handle failure of all mirrored log devices and all but one mirror leg. 
- Disallow 'mirrored' log type for cluster mirrors.
- Fix configure to supply DEFAULT_RUN_DIR to Makefiles.
- Fix allocation of wrong number of mirror logs with 'remove' fault policy.
- Add dmeventd/executable to lvm.conf to test alternative dmeventd.
- Fix udev rules to support udev database content generated by older rules.
- Reinstate detection of inappropriate uevent with DISK_RO set and suppress it.
- Fix regex ttree off-by-one error.
- Fix segfault in regex matcher with characters of ordinal value > 127.
- Wait for node creation before displaying debug info in dmsetup.
- Fix return status 0 for "dmsetup info -c -o help".
* Mon Aug  2 2010 Alasdair Kergon <agk at redhat.com> - 2.02.72-5
- Make udev configurable and merge with f12.
* Mon Aug  2 2010 Alasdair Kergon <agk at redhat.com> - 2.02.72-4
- Merge f13, f14 and rawhide spec files.
* Sat Jul 31 2010 Alasdair Kergon <agk at redhat.com> - 2.02.72-3
- Address lvm2-cluster security flaw CVE-2010-2526.
    https://bugzilla.redhat.com/CVE-2010-2526
- Change clvmd to communicate with lvm2 via a socket in /var/run/lvm.
- Return controlled error if clvmd is run by non-root user.
- Never use clvmd singlenode unless explicitly requested with -Isinglenode.
- Fix exported_symbols generation to use standard compiler arguments.
- Use #include <> not "" in lvm2app.h which gets installed on the system.
- Make liblvm.device-mapper wait for include file generation.
- Fix configure to supply DEFAULT_RUN_DIR to Makefiles.
- Fix wrong number of mirror log at allocate policy
* Wed Jul 28 2010 Alasdair Kergon <agk at redhat.com> - 2.02.71-1
- Make vgck warn about missing PVs.
- Revert failed table load preparation after "create, load and resume".
- Check if cluster log daemon is running before allowing cmirror create.
- Add dm_create_lockfile to libdm and use for pidfiles for all daemons.
- Correct LV list order used by lvconvert when splitting a mirror.
- Check if LV with specified name already exists when splitting a mirror.
- Fix suspend/resume logic for LVs resulting from splitting a mirror.
- Fix possible hang when all mirror images of a mirrored log fail.
- Adjust auto-metadata repair and caching logic to try to cope with empty mdas.
- Update pvcreate, {pv|vg}change, and lvm.conf man pages about metadataignore.
- Prompt if metadataignore with vgextend or pvchange would adjust vg_mda_copies.
- Adjust vg_mda_copies if metadataignore given with vgextend or pvchange.
- Speed up the regex matcher.
- Use "nowatch" udev rule for inappropriate devices.
- Document LVM fault handling in lvm_fault_handling.txt.
- Clarify help text for vg_mda_count.
- Add more verbose messages while checking volume_list and hosttags settings.
- Add log_error when strdup fails in {vg|lv}_change_tag().
- Do not log backtrace in valid _lv_resume() code path.
* Wed Jul  7 2010 Alasdair Kergon <agk at redhat.com> - 2.02.70-1
- Remove log directly if all mirror images of a mirrored log fail.
- Randomly select which mdas to use or ignore.
- Add printf format attributes to yes_no_prompt and fix a caller.
- Always pass unsuspended dm devices through persistent filter to other filters.
- Move test for suspended dm devices ahead of other filters.
- Fix another segfault in clvmd -R if no response from daemon received. (2.02.68)
- Remove superfluous suspended device counter from clvmd.
- Fix lvm shell crash when input is entirely whitespace.
- Update partial mode warning message.
- Preserve memlock balance in clvmd when activation triggers a resume.
- Restore the removemissing behaviour of lvconvert --repair --use-policies.
* Wed Jun 30 2010 Alasdair Kergon <agk at redhat.com> - 2.02.69-1
- Fix vgremove to allow removal of VG with missing PVs. (2.02.52)
- Add metadata/vgmetadatacopies to lvm.conf.
- Add --metadataignore to pvcreate and vgextend.
- Add vg_mda_copies, pv_mda_used_count and vg_mda_used_count to reports.
- Describe --vgmetadatacopies in lvm.conf and other man pages.
- Add --[vg]metadatacopies to select number of mdas to use in a VG.
- Make the metadata ignore bit control read/write metadata areas in a PV.
- Add pvchange --metadataignore to set or clear a metadata ignore bit.
- Refactor metadata code to prepare for --metadataignore / --vgmetadatacopies.
- Ensure region_size of mirrored log does not exceed its full size.
- Preload libc locale messages to prevent reading it in memory locked state.
- Fix handling of simultaneous mirror image and mirrored log image failure.
* Thu Jun 24 2010 Peter Rajnoha <prajnoha at redhat.com> - 2.02.68-2
- Fix udev rules to handle spurious events properly.
- Add Requires: udev >= 158-1 (needed for the change in udev rules).
* Wed Jun 23 2010 Alasdair Kergon <agk at redhat.com> - 2.02.68-1
- Have device-mapper-libs require device-mapper (circular) for udev rules.
- Clear exec_prefix.
- Use early udev synchronisation and update of dev nodes for clustered mirrors.
- Add lv_path to reports to offer full /dev pathname.
- Avoid abort when generating cmirror status.
- Fix clvmd initscript status to print only active clustered LVs.
- Fix segfault in clvmd -R if no response from daemon received.
- Honour log argument when down-converting stacked mirror.
- Sleep to workaround clvmd -S race: socket closed early and server drops cmd.
- Exit successfully when using -o help (but not -o +help) with LVM reports.
- Add man pages for lvmconf, dmeventd and non-existent lvmsadc and lvmsar tools.
- Add --force, --nofsck and --resizefs to lvresize/extend/reduce man pages.
- Fix lvm2cmd example in documentation.
- Fix typo in warning message about missing device with allocated data areas.
- Add device name and offset to raw_read_mda_header error messages.
- Allow use of lvm2app and lvm2cmd headers in C++ code.
* Fri Jun  4 2010 Alasdair Kergon <agk at redhat.com> - 2.02.67-1
- Require partial option in lvchange --refresh for partial LVs.
- Don't merge unchanged persistent cache file before dumping if tool scanned.
- Avoid selecting names under /dev/block if there is an alternative.
- Fix semctl parameter (union) to avoid misaligned parameter on some arches.
- Fix clvmd initscript restart command to start clvmd if not yet running.
- Handle failed restart of clvmd using -S switch properly.
- Use built-in absolute paths in clvmd (clvmd restart and PV and LV queries).
- Consistently return ECMD_FAILED if interrupted processing multiple LVs.
- Add --type parameter description to the lvcreate man page.
- Document 'clear' in dmsetup man page.
- Replace strncmp kernel version number checks with proper ones.
- Update clustered log kernel module name to log-userspace for 2.6.31 onwards.
- Support autoloading of dm-mod module for kernels from 2.6.35.
- Add dm_tree_node_set_presuspend_node() to presuspend child when deactivating.
- Do not fail lvm_init() if init_logging() or _init_rand() generates an errno.
- Fix incorrect memory pool deallocation while using vg_read for files.
* Thu May 20 2010 Alasdair Kergon <agk at redhat.com> - 2.02.66-2
- Simplify and fix Requires package headers.
- If unable to obtain snapshot percentage leave value blank on reports.
- Use new install_system_dirs and install_initscripts makefile targets.
- Add lvm2app functions to lookup a vgname from a pvid and pvname.
- Change internal processing of PVs in pvchange.
- Validate internal lock ordering of orphan and VG_GLOBAL locks.
* Mon May 17 2010 Alasdair Kergon <agk at redhat.com> - 2.02.65-1
- Disallow vgchange --clustered if there are active mirrors or snapshots.
- Fix truncated total size displayed by pvscan.
- Skip internal lvm devices in scan if ignore_suspended_devices is set.
- Do not merge old device cache after we run full scan. (2.02.56)
- Add new --sysinit compound option to vgchange and lvchange.
- Fix clvmd init script never to deactivate non-clustered volume groups.
- Drop duplicate errors for read failures and missing devices to verbose level.
- Do not print encryption key in message debug output (cryptsetup luksResume).
- Use -d to control level of messages sent to syslog by dmeventd.
- Change -d to -f to run dmeventd in foreground.
- Fix udev flags on remove in create_and_load error path.
- Add dm_list_splice() function to join two lists together.
- Use /bin/bash for scripts with bashisms.
- Switch Libs.private to Requires.private in devmapper.pc and lvm2app.pc.
- Use pkgconfig Requires.private for devmapper-event.pc.
* Fri Apr 30 2010 Alasdair Kergon <agk at redhat.com> - 2.02.64-1
- Avoid pointless initialisation when the 'version' command is run directly.
- Fix memory leak for invalid regex pattern input.
- Display invalid regex pattern for filter configuration in case of error.
- Fix -M and --type to use strings, not pointers that change on config refresh.
- Fix lvconvert error message when existing mirrored LV is not found.
- Set appropriate udev flags for reserved LVs.
- Disallow the direct removal of a merging snapshot.
- Don't preload the origin when removing a snapshot whose merge is pending.
- Disallow the addition of mirror images while a conversion is happening.
- Disallow primary mirror image removal when mirror is not in-sync.
- Remove obsolete --name parameter from vgcfgrestore.
- Add -S command to clvmd to restart the daemon preserving exclusive locks.
- Increment lvm2app version from 1 to 2 (memory allocation changes).
- Change lvm2app memory alloc/free for pv/vg/lv properties.
- Change daemon lock filename from lvm2_monitor to lvm2-monitor for consistency.
- Add support for new IMPORT{db} udev rule.
- Add DM_UDEV_PRIMARY_SOURCE_FLAG udev flag to recognize proper DM events.
- Also include udev libs in libdevmapper.pc.
- Cache bitset locations to speed up _calc_states.
- Add a regex optimisation pass for shared prefixes and suffixes.
- Add dm_bit_and and dm_bitset_equal to libdevmapper.
- Speed up dm_bit_get_next with ffs().
* Thu Apr 15 2010 Alasdair Kergon <agk at redhat.com> - 2.02.63-2
- Remove 'lvmconf --lockinglibdir' from cluster post: locking is now built-in.
- Move libdevmapper-event-lvm2.so to devel package.
- Explicitly specify libdevmapper-event.so* attributes.
- Drop support for upgrades from very old versions that used lvm not lvm2.
- Move libdevmapper-event plug-in libraries into new device-mapper subdirectory.
- Don't verify lvm.conf contents when using rpm --verify.
* Wed Apr 14 2010 Alasdair Kergon <agk at redhat.com> - 2.02.63-1
- Move development links to shared objects to /usr (hard-coded temporarily).
- Change libdevmapper deactivation to fail if device is open.
- Wipe memory buffers for libdevmapper dm-ioctl parameters before releasing.
- Strictly require libudev if udev_sync is used.
- Add support for ioctl's DM_UEVENT_GENERATED_FLAG.
- Allow incomplete mirror restore in lvconvert --repair upon insufficient space.
- Do not reset position in metadata ring buffer on vgrename and vgcfgrestore.
- Allow VGs with active LVs to be renamed.
- Only pass visible LVs to tools in cmdline VG name/tag expansions without -a.
- Use C locale and mlockall in clvmd and dmeventd.
- Mask LCK_HOLD in cluster VG locks for upgrade compatibility with older clvmd.
- Add activation/polling_interval to lvm.conf as --interval default.
- Don't ignore error if resuming any LV fails when resuming groups of LVs.
- Skip closing persistent filter cache file if open failed.
- Permit mimage LVs to be striped in lvcreate, lvresize and lvconvert.
- Fix pvmove allocation to take existing parallel stripes into account.
- Fix incorrect removal of symlinks after LV deactivation fails.
- Fix is_partitioned_dev not to attempt to reopen device.
- Fix another thread race in clvmd.
- Improve vg_validate to detect some loops in lists.
- Change most remaining log_error WARNING messages to log_warn.
- Always use blocking lock for VGs and orphan locks.
- Allocate all memory for segments from private VG mempool.
- Optimise searching PV segments for seeking the most recently-added.
- Remove duplicated vg_validate checks when parsing cached metadata.
- Use hash table of LVs to speed up parsing of text metadata with many LVs.
- Fix two vg_validate messages, adding whitespace and parentheses.
- When dmeventd is not forking because of -d flag, don't kill parent process.
- Fix dso resource leak in error path of dmeventd.
- Fix --alloc contiguous policy only to allocate one set of parallel areas.
- Do not allow {vg|lv}change --ignoremonitoring if on clustered VG.
- Add ability to create mirrored logs for mirror LVs.
- Fix clvmd cluster propagation of dmeventd monitoring mode.
- Allow ALLOC_ANYWHERE to split contiguous areas.
- Add some assertions to allocation code.
- Introduce pv_area_used into allocation algorithm and add debug messages.
- Add activation/monitoring to lvm.conf.
- Add --monitor and --ignoremonitoring to lvcreate.
- Don't allow resizing of internal logical volumes.
- Fix libdevmapper-event pkgconfig version string to match libdevmapper.
- Avoid scanning all pvs in the system if operating on a device with mdas.
- Disable long living process flag in lvm2app library.
- Fix pvcreate device md filter check.
- Suppress repeated errors about the same missing PV uuids.
- Bypass full device scans when using internally-cached VG metadata.
- Only do one full device scan during each read of text format metadata.
- Look up missing PVs by uuid not dev_name in pvs to avoid invalid stat.
* Tue Mar  9 2010 Alasdair Kergon <agk at redhat.com> - 2.02.62-1
- Rewrite clvmd init script.
- Add default alternative to mlockall using mlock to reduce pinned memory size.
- Add use_mlockall and mlock_filter to activation section of lvm.conf.
- Handle misaligned devices that report alignment_offset of -1.
- Extend core allocation code in preparation for mirrored log areas.
- No longer fall back to looking up active devices by name if uuid not found.
- Don't touch /dev in vgmknodes if activation is disabled.
- Add --showkeys parameter description to dmsetup man page.
- Add --help option as synonym for help command.
- Add lvm2app functions lvm_{vg|lv}_{get|add|remove}_tag() functions.
- Refactor snapshot-merge deptree and device removal to support info-by-uuid.
* Fri Mar  5 2010 Peter Rajnoha <prajnoha at redhat.com> - 2.02.61-2
- Change spec file to support excluding cluster components from the build.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #614248 - CVE-2010-2526 lvm2-cluster: insecurity when communicating between lvm2 and clvmd
        https://bugzilla.redhat.com/show_bug.cgi?id=614248
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update lvm2' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list