libvirt: CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode

Debian Bug report logs - #926418
libvirt: CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: libvirt: CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode

Date: Thu, 04 Apr 2019 22:30:14 +0200

Source: libvirt
Version: 5.0.0-1
Severity: important
Tags: security upstream
Forwarded: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html

Hi,

The following vulnerability was published for libvirt.

CVE-2019-3886[0]:
| An incorrect permissions check was discovered in libvirt 4.8.0 and
| above. The readonly permission was allowed to invoke APIs depending on
| the guest agent, which could lead to potentially disclosing unintended
| information or denial of service by causing libvirt to block.

I'm filling it here as well for ruther investigation. Is this only
affecting versions >= 4.8.0?

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-3886
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3886
[1] https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1694880

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #10 received at 926418@bugs.debian.org (full text, mbox, reply):

From: Guido Günther <agx@sigxcpu.org>

To: Salvatore Bonaccorso <carnil@debian.org>, 926418@bugs.debian.org

Subject: Re: [Pkg-libvirt-maintainers] Bug#926418: libvirt: CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode

Date: Fri, 5 Apr 2019 19:10:25 +0200

Hi,
On Thu, Apr 04, 2019 at 10:30:14PM +0200, Salvatore Bonaccorso wrote:
> Source: libvirt
> Version: 5.0.0-1
> Severity: important
> Tags: security upstream
> Forwarded: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html
> 
> Hi,
> 
> The following vulnerability was published for libvirt.
> 
> CVE-2019-3886[0]:
> | An incorrect permissions check was discovered in libvirt 4.8.0 and
> | above. The readonly permission was allowed to invoke APIs depending on
> | the guest agent, which could lead to potentially disclosing unintended
> | information or denial of service by causing libvirt to block.
> 
> I'm filling it here as well for ruther investigation. Is this only
> affecting versions >= 4.8.0?

I'd assume this to affect older version as well (looking at the
fix). I'll prepare an upload once upstream has this in git.
 -- Guido

Message #15 received at 926418@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Guido Günther <agx@sigxcpu.org>

Cc: 926418@bugs.debian.org

Subject: Re: [Pkg-libvirt-maintainers] Bug#926418: libvirt: CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode

Date: Fri, 5 Apr 2019 21:54:30 +0200

Hi Guido,

On Fri, Apr 05, 2019 at 07:10:25PM +0200, Guido Günther wrote:
> Hi,
> On Thu, Apr 04, 2019 at 10:30:14PM +0200, Salvatore Bonaccorso wrote:
> > Source: libvirt
> > Version: 5.0.0-1
> > Severity: important
> > Tags: security upstream
> > Forwarded: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html
> > 
> > Hi,
> > 
> > The following vulnerability was published for libvirt.
> > 
> > CVE-2019-3886[0]:
> > | An incorrect permissions check was discovered in libvirt 4.8.0 and
> > | above. The readonly permission was allowed to invoke APIs depending on
> > | the guest agent, which could lead to potentially disclosing unintended
> > | information or denial of service by causing libvirt to block.
> > 
> > I'm filling it here as well for ruther investigation. Is this only
> > affecting versions >= 4.8.0?
> 
> I'd assume this to affect older version as well (looking at the
> fix). I'll prepare an upload once upstream has this in git.

Thanks. Yes I'm confused that it's claimed to be 4.8.0 onwards, but
the submitted fix would in theory apply.

Regards,
Salvatore

Message #18 received at 926418-submitter@bugs.debian.org (full text, mbox, reply):

From: Guido Günther <noreply@salsa.debian.org>

To: 926418-submitter@bugs.debian.org

Subject: Bug #926418 in libvirt marked as pending

Date: Sun, 07 Apr 2019 11:05:26 +0000

Control: tag -1 pending

Hello,

Bug #926418 in libvirt reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/libvirt-team/libvirt/commit/790365e49d56a24aa1ab04b169636de8b04e0062

------------------------------------------------------------------------
CVE-2019-3886: Don't allow unprivileged users to use the guest agent

Apply upstream patches
remote-enforce-ACL-write-permission-for-getting-guest-tim.patch
api-disallow-virDomainGetHostname-for-read-only-connectio.patch

Closes: #926418
------------------------------------------------------------------------

(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/926418

Message #25 received at 926418-close@bugs.debian.org (full text, mbox, reply):

From: Guido Günther <agx@sigxcpu.org>

To: 926418-close@bugs.debian.org

Subject: Bug#926418: fixed in libvirt 5.0.0-2

Date: Sun, 07 Apr 2019 11:34:22 +0000

Source: libvirt
Source-Version: 5.0.0-2

We believe that the bug you reported is fixed in the latest version of
libvirt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 926418@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guido Günther <agx@sigxcpu.org> (supplier of updated libvirt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 07 Apr 2019 12:36:21 +0200
Source: libvirt
Architecture: source
Version: 5.0.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Libvirt Maintainers <pkg-libvirt-maintainers@lists.alioth.debian.org>
Changed-By: Guido Günther <agx@sigxcpu.org>
Closes: 916587 918472 920574 921713 926418
Changes:
 libvirt (5.0.0-2) unstable; urgency=medium
 .
   [ Laurent Bigonville ]
   * [76e2cb7] Don't recommend ebtables.  It's part of the iptables package now.
     (Closes: #918472)
 .
   [ intrigeri ]
   * [d7a7218] Fix virtio-gpu + virgl support by cherry-picking upstream
     commits virt-manager in current sid still creates new VMs with QXL
     graphics by default, so this bug only affects users who opt in for
     virtio-gpu 3D acceleration.  Still, the option for virtio-gpu + 3D
     acceleration is offered in the virt-manager GUI, so having it broken by
     default is an important problem.
     (Closes: #916587)
 .
   [ Christian Ehrhardt ]
   * [3997186] d/libvirt-daemon-system.maintscript: remove obsolete conffile
     /etc/logrotate.d/libvirtd.uml became obsolete since UML was dropped in
     libvirt 5.0 (Closes: #920574)
   * [c64d020] d/libvirt-daemon-system.libvirtd.default: clarify libvirtd_opts
     example (Closes: #921713)
 .
   [ Guido Günther ]
   * [790365e] CVE-2019-3886: Don't allow unprivileged users to use the guest
     agent. Apply upstream patches
     remote-enforce-ACL-write-permission-for-getting-guest-tim.patch
     api-disallow-virDomainGetHostname-for-read-only-connectio.patch
     (Closes: #926418)
Checksums-Sha1:
 3b07abe8fd54fbd776fa10f81bc5730b05c0d298 4355 libvirt_5.0.0-2.dsc
 3612a72cebea12401103d38fe8acaabef2255600 71500 libvirt_5.0.0-2.debian.tar.xz
 d54d0bde508ba6a8c43a555f1f5a41786d518a43 19603 libvirt_5.0.0-2_amd64.buildinfo
Checksums-Sha256:
 649114cc422b445dd7ea6fc622a10162c79b85a2d02544b0f27b119b591b8f0c 4355 libvirt_5.0.0-2.dsc
 385cb7cb2413b80f511f930a70fe34b57f7ce45c1d5b61f0d29b18f875392fed 71500 libvirt_5.0.0-2.debian.tar.xz
 fadc8abf6ea10dc47e343d93e54a39a3980c536704011b7f798442a314807646 19603 libvirt_5.0.0-2_amd64.buildinfo
Files:
 73bcb058bb561b53b2bd042536db3f5e 4355 libs optional libvirt_5.0.0-2.dsc
 428d976a55d1e9e70afef5cf1efca139 71500 libs optional libvirt_5.0.0-2.debian.tar.xz
 38b8fe0426a7a0c773e3be757c842861 19603 libs optional libvirt_5.0.0-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEvHzQcjh4660F3xzZB7i3sOqYEgsFAlyp2UkACgkQB7i3sOqY
Egud9w//flfABpgobXKh4YCIM9hrbYp3HHTYDRhwmBQt4j8mSPb7Y7P+FYki2LSh
Zd39Ha6tXkYGlPbWDrBz9MRWLLqHcrzY4xdOLcXGonLTX931F0fFr6e8CPuJkv5i
WDhKWWnNGEUQMuxOabri2nUgUNTuBXZr8EK8D0ZuyQoQGAQBp2TtfrF3VST2XTGh
W6nDVNmD7mj2mEsH9bf6fGWJo8egAddgr7WNPZi6a3RHobMznLX5guyc2H1FgH1F
BKiNUU6HXajVs14+s5GaCsC9E4NTYXLIZVTDaPtd4hLZHodfVvuGlpHmxIEntSRX
ngF0BCd9NO9rk+nb03Qh9OMQkWChFvmiNZ0NKRAGUox4ZT5fHRLYQ2MbH1fEaVLF
muf9Q7nm77lxMvNyEmqAWf1lj1KkLMDBOadjVouhCDqaWZobKWL7cV+0pmNEF8u+
mQoVe++HfBj8UtP0Mc8iEAiTdDR3xLFlSAeQiOtVfi/VTmg3ixqfmLfIl9VtvhYd
PlcDKHCwlzAbCPZym4Pp4zgDFDPf1w5tTTvaT0JmjHHzjjcXrwt5L/52eCNVHcNy
h5y5KqEtTGiDgspvfk3rE2lNdPi4Kihex1Jo1mNNwv0gaLvUa14ulbLpmXUoV1KZ
9eFvNym7One7ax+40tZuAi7xRAs5u4JYmDxsj2q324Gsn/4Cw9g=
=3R0t
-----END PGP SIGNATURE-----

Message #30 received at 926418@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: 926418@bugs.debian.org

Cc: Guido Günther <agx@sigxcpu.org>

Subject: Re: Bug#926418: [Pkg-libvirt-maintainers] Bug#926418: libvirt: CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode

Date: Sun, 7 Apr 2019 15:33:53 +0200

Hi Guido,

On Fri, Apr 05, 2019 at 09:54:30PM +0200, Salvatore Bonaccorso wrote:
> Hi Guido,
> 
> On Fri, Apr 05, 2019 at 07:10:25PM +0200, Guido Günther wrote:
> > Hi,
> > On Thu, Apr 04, 2019 at 10:30:14PM +0200, Salvatore Bonaccorso wrote:
> > > Source: libvirt
> > > Version: 5.0.0-1
> > > Severity: important
> > > Tags: security upstream
> > > Forwarded: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html
> > > 
> > > Hi,
> > > 
> > > The following vulnerability was published for libvirt.
> > > 
> > > CVE-2019-3886[0]:
> > > | An incorrect permissions check was discovered in libvirt 4.8.0 and
> > > | above. The readonly permission was allowed to invoke APIs depending on
> > > | the guest agent, which could lead to potentially disclosing unintended
> > > | information or denial of service by causing libvirt to block.
> > > 
> > > I'm filling it here as well for ruther investigation. Is this only
> > > affecting versions >= 4.8.0?
> > 
> > I'd assume this to affect older version as well (looking at the
> > fix). I'll prepare an upload once upstream has this in git.
> 
> Thanks. Yes I'm confused that it's claimed to be 4.8.0 onwards, but
> the submitted fix would in theory apply.

And https://bugzilla.novell.com/show_bug.cgi?id=1131595#c3 confirms
somehow that >= 4.8.0 only looks strange. So let's assume it's
affecting as well the older version were the commit applies.

Regards,
Salvatore

Message #35 received at 926418@bugs.debian.org (full text, mbox, reply):

From: Guido Günther <agx@sigxcpu.org>

To: Salvatore Bonaccorso <carnil@debian.org>, 926418@bugs.debian.org

Subject: Re: Bug#926418: [Pkg-libvirt-maintainers] Bug#926418: libvirt: CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode

Date: Mon, 8 Apr 2019 11:26:58 +0200

Hi,
On Sun, Apr 07, 2019 at 03:33:53PM +0200, Salvatore Bonaccorso wrote:
> Hi Guido,
> 
> On Fri, Apr 05, 2019 at 09:54:30PM +0200, Salvatore Bonaccorso wrote:
> > Hi Guido,
> > 
> > On Fri, Apr 05, 2019 at 07:10:25PM +0200, Guido Günther wrote:
> > > Hi,
> > > On Thu, Apr 04, 2019 at 10:30:14PM +0200, Salvatore Bonaccorso wrote:
> > > > Source: libvirt
> > > > Version: 5.0.0-1
> > > > Severity: important
> > > > Tags: security upstream
> > > > Forwarded: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html
> > > > 
> > > > Hi,
> > > > 
> > > > The following vulnerability was published for libvirt.
> > > > 
> > > > CVE-2019-3886[0]:
> > > > | An incorrect permissions check was discovered in libvirt 4.8.0 and
> > > > | above. The readonly permission was allowed to invoke APIs depending on
> > > > | the guest agent, which could lead to potentially disclosing unintended
> > > > | information or denial of service by causing libvirt to block.
> > > > 
> > > > I'm filling it here as well for ruther investigation. Is this only
> > > > affecting versions >= 4.8.0?
> > > 
> > > I'd assume this to affect older version as well (looking at the
> > > fix). I'll prepare an upload once upstream has this in git.
> > 
> > Thanks. Yes I'm confused that it's claimed to be 4.8.0 onwards, but
> > the submitted fix would in theory apply.
> 
> And https://bugzilla.novell.com/show_bug.cgi?id=1131595#c3 confirms
> somehow that >= 4.8.0 only looks strange. So let's assume it's
> affecting as well the older version were the commit applies.

The problematic part is that virDomainGetHostname calls out to

qemuAgentGetHostname() which uses the untrusted agent:

   https://libvirt.org/git/?p=libvirt.git;a=commit;h=25736a4c7ed50c101b4f87935f350f1a39a89f6e

So this really only affects libvirt > 4.8.0. The other existing
implementation is in the OpenVZ driver which a) is not used often and b)
looks safe. So I think the information in the BTS is correct.

Cheers,
 -- Guido

Message #40 received at 926418@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Guido Günther <agx@sigxcpu.org>

Cc: 926418@bugs.debian.org

Subject: Re: Bug#926418: [Pkg-libvirt-maintainers] Bug#926418: libvirt: CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode

Date: Mon, 8 Apr 2019 12:21:31 +0200

Hi Guido,

On Mon, Apr 08, 2019 at 11:26:58AM +0200, Guido Günther wrote:
> Hi,
> On Sun, Apr 07, 2019 at 03:33:53PM +0200, Salvatore Bonaccorso wrote:
> > Hi Guido,
> > 
> > On Fri, Apr 05, 2019 at 09:54:30PM +0200, Salvatore Bonaccorso wrote:
> > > Hi Guido,
> > > 
> > > On Fri, Apr 05, 2019 at 07:10:25PM +0200, Guido Günther wrote:
> > > > Hi,
> > > > On Thu, Apr 04, 2019 at 10:30:14PM +0200, Salvatore Bonaccorso wrote:
> > > > > Source: libvirt
> > > > > Version: 5.0.0-1
> > > > > Severity: important
> > > > > Tags: security upstream
> > > > > Forwarded: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html
> > > > > 
> > > > > Hi,
> > > > > 
> > > > > The following vulnerability was published for libvirt.
> > > > > 
> > > > > CVE-2019-3886[0]:
> > > > > | An incorrect permissions check was discovered in libvirt 4.8.0 and
> > > > > | above. The readonly permission was allowed to invoke APIs depending on
> > > > > | the guest agent, which could lead to potentially disclosing unintended
> > > > > | information or denial of service by causing libvirt to block.
> > > > > 
> > > > > I'm filling it here as well for ruther investigation. Is this only
> > > > > affecting versions >= 4.8.0?
> > > > 
> > > > I'd assume this to affect older version as well (looking at the
> > > > fix). I'll prepare an upload once upstream has this in git.
> > > 
> > > Thanks. Yes I'm confused that it's claimed to be 4.8.0 onwards, but
> > > the submitted fix would in theory apply.
> > 
> > And https://bugzilla.novell.com/show_bug.cgi?id=1131595#c3 confirms
> > somehow that >= 4.8.0 only looks strange. So let's assume it's
> > affecting as well the older version were the commit applies.
> 
> The problematic part is that virDomainGetHostname calls out to
> 
> qemuAgentGetHostname() which uses the untrusted agent:
> 
>    https://libvirt.org/git/?p=libvirt.git;a=commit;h=25736a4c7ed50c101b4f87935f350f1a39a89f6e
> 
> So this really only affects libvirt > 4.8.0. The other existing
> implementation is in the OpenVZ driver which a) is not used often and b)
> looks safe. So I think the information in the BTS is correct.

Thanks for verifying!

Regards,
Salvatore

Message #45 received at 926418-close@bugs.debian.org (full text, mbox, reply):

From: Andrea Bolognani <eof@kiyuko.org>

To: 926418-close@bugs.debian.org

Subject: Bug#926418: fixed in libvirt 5.2.0-1

Date: Wed, 10 Apr 2019 08:50:48 +0000

Source: libvirt
Source-Version: 5.2.0-1

We believe that the bug you reported is fixed in the latest version of
libvirt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 926418@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andrea Bolognani <eof@kiyuko.org> (supplier of updated libvirt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 07 Apr 2019 18:39:49 +0200
Source: libvirt
Binary: libnss-libvirt libnss-libvirt-dbgsym libvirt-clients libvirt-clients-dbgsym libvirt-daemon libvirt-daemon-dbgsym libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-gluster-dbgsym libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-rbd-dbgsym libvirt-daemon-driver-storage-zfs libvirt-daemon-driver-storage-zfs-dbgsym libvirt-daemon-system libvirt-daemon-system-dbgsym libvirt-dev libvirt-doc libvirt-sanlock libvirt-sanlock-dbgsym libvirt-wireshark libvirt-wireshark-dbgsym libvirt0 libvirt0-dbgsym
Architecture: source amd64 all
Version: 5.2.0-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Libvirt Maintainers <pkg-libvirt-maintainers@lists.alioth.debian.org>
Changed-By: Andrea Bolognani <eof@kiyuko.org>
Description:
 libnss-libvirt - nss plugin providing IP address resolution for virtual machines
 libvirt-clients - Programs for the libvirt library
 libvirt-daemon - Virtualization daemon
 libvirt-daemon-driver-storage-gluster - Virtualization daemon glusterfs storage driver
 libvirt-daemon-driver-storage-rbd - Virtualization daemon RBD storage driver
 libvirt-daemon-driver-storage-zfs - Virtualization daemon ZFS storage driver
 libvirt-daemon-system - Libvirt daemon configuration files
 libvirt-dev - development files for the libvirt library
 libvirt-doc - documentation for the libvirt library
 libvirt-sanlock - Sanlock plugin for virtlockd
 libvirt-wireshark - Wireshark dissector for the libvirt protocol
 libvirt0   - library for interfacing with different virtualization systems
Closes: 920574 921713 926418
Changes:
 libvirt (5.2.0-1) experimental; urgency=medium
 .
   * Team upload.
 .
   [ Christian Ehrhardt ]
   * [3997186] d/libvirt-daemon-system.maintscript: remove obsolete conffile
     /etc/logrotate.d/libvirtd.uml became obsolete since UML was dropped in
     libvirt 5.0 (Closes: #920574)
   * [c64d020] d/libvirt-daemon-system.libvirtd.default: clarify libvirtd_opts
     example (Closes: #921713)
 .
   [ Guido Günther ]
   * [dd9d74f] New upstream version 5.2.0
   * [790365e] CVE-2019-3886: Don't allow unprivileged users to use the guest
     agent. Apply upstream patches
     remote-enforce-ACL-write-permission-for-getting-guest-tim.patch
     api-disallow-virDomainGetHostname-for-read-only-connectio.patch
     (Closes: #926418)
 .
   [ Andrea Bolognani ]
   * [453f85d] Rediff patches. The patches
     security-aa-helper-allow-virt-aa-helper-to-read-dev-dri.patch
     security-aa-helper-generate-more-rules-for-gl-devices.patch
     security-aa-helper-gl-devices-in-sysfs-at-arbitrary-depth.patch
     security-aa-helper-nvidia-rules-for-gl-devices.patch
     virt-aa-helper-generate-rules-for-gl-enabled-graphics-dev.patch
     are included in libvirt 5.2.0 and have thus been dropped.
   * [a4294ef] Bump symbol versions.
   * [68394f6] Add tests-Avoid-writing-into-HOME-during-virsh-snapshot.patch
Checksums-Sha1:
 34b5948ec547cb74ba5fb7adc4caf860912f6dd8 4355 libvirt_5.2.0-1.dsc
 9cb7988e2f436b25b73842fb53e43b801e01b8b9 14992888 libvirt_5.2.0.orig.tar.xz
 37bd8d02f3d24174fcc5bbe30de8e32742213451 70292 libvirt_5.2.0-1.debian.tar.xz
 8fac173b9fd9c96545286740901267c3db290f1a 528620 libnss-libvirt-dbgsym_5.2.0-1_amd64.deb
 634811cd6ba1d4cb0704227646b4822814442520 199048 libnss-libvirt_5.2.0-1_amd64.deb
 af7eb870f3f62e8879dfb37b4094d1044f969960 2195704 libvirt-clients-dbgsym_5.2.0-1_amd64.deb
 05545e3830529b309273ccf13556fcf610d1a4f2 709840 libvirt-clients_5.2.0-1_amd64.deb
 5ca7a644403425c5ec4fe50a2d2be29fc951a950 13208692 libvirt-daemon-dbgsym_5.2.0-1_amd64.deb
 3ac8f00f11513f2eaf965aa9523b08932b0991d9 422524 libvirt-daemon-driver-storage-gluster-dbgsym_5.2.0-1_amd64.deb
 7902d235179f967f0be596ea8ad12cd32bf422d1 115584 libvirt-daemon-driver-storage-gluster_5.2.0-1_amd64.deb
 ee70419278a647b6cbf5d40539ebbc695a95b6cf 252104 libvirt-daemon-driver-storage-rbd-dbgsym_5.2.0-1_amd64.deb
 9cc8c44505c4dee1086e80020c31557ca3dad17e 113172 libvirt-daemon-driver-storage-rbd_5.2.0-1_amd64.deb
 7977e73e5c262ec1a46cbc2e906b32b3c1779638 217932 libvirt-daemon-driver-storage-zfs-dbgsym_5.2.0-1_amd64.deb
 218f0f0ff7317fd433efc212f0cf9e394a7f3b2a 105636 libvirt-daemon-driver-storage-zfs_5.2.0-1_amd64.deb
 7a35d3c3cb79272c9b29acf648a71e00c67854dc 104072 libvirt-daemon-system-dbgsym_5.2.0-1_amd64.deb
 6f32a03ed9c7f1156094bd6acde08228a9dfbde2 118684 libvirt-daemon-system_5.2.0-1_amd64.deb
 13f089b581b850676318d2ec6a95a649d3c5fdc9 1829608 libvirt-daemon_5.2.0-1_amd64.deb
 b6f652dd715c9bb021f6fafd706916a5b46349e3 193500 libvirt-dev_5.2.0-1_amd64.deb
 230c41ede559d2a0b6448263ed5b34d5cb55edc3 1303480 libvirt-doc_5.2.0-1_all.deb
 6d76617da9a41425143449d3859606145247f0e3 221984 libvirt-sanlock-dbgsym_5.2.0-1_amd64.deb
 d75a2c48e8496b899792215ac73c9eb6ca8a6852 110760 libvirt-sanlock_5.2.0-1_amd64.deb
 8da900371a14f86f43eb0be2d80518365bb59dce 333548 libvirt-wireshark-dbgsym_5.2.0-1_amd64.deb
 3c22482e5ebcc50955b90e6d63dfb1b14a025794 129572 libvirt-wireshark_5.2.0-1_amd64.deb
 e8fe7c6dabeb61acbccd628a07a44cb31255c604 6273968 libvirt0-dbgsym_5.2.0-1_amd64.deb
 88b380dde58a146012da763504b351a8ef15aa1d 5247360 libvirt0_5.2.0-1_amd64.deb
 dab6802c4f7a99ca8924b0d26dc86d63f4bbe114 19453 libvirt_5.2.0-1_amd64.buildinfo
Checksums-Sha256:
 007bcc0d9dc9df84833f475ec7e631f4c065731578e573047dc1b7c007a79093 4355 libvirt_5.2.0-1.dsc
 e51cfb41afe629ce0d46fb93182a4f4ae0c151490db97c49f722756e1154e63f 14992888 libvirt_5.2.0.orig.tar.xz
 83d334899eab8088b0ee4a53e4cce54bd56a10551f81e06f185042b38349ddd5 70292 libvirt_5.2.0-1.debian.tar.xz
 78ff60504b61a2eda915fcaf7d8d309fb3a973e330012352a4851a7e1917e7c2 528620 libnss-libvirt-dbgsym_5.2.0-1_amd64.deb
 c9674a616a3a830d02dcc3d081fae0a9c9fe171db0eea0f3c623fe5d1103a628 199048 libnss-libvirt_5.2.0-1_amd64.deb
 a818f565ae3a1161451eded92923ed58384c9029a9457f29c0679b37ea6909b4 2195704 libvirt-clients-dbgsym_5.2.0-1_amd64.deb
 95b95b62dfd17d32b3cee70b99e2f6809332e072312445f0113b2ee620c9d18b 709840 libvirt-clients_5.2.0-1_amd64.deb
 5512c78bd7a3dce00454f924679864d00befa4c9ca98a8527d8a36e4298d6fc2 13208692 libvirt-daemon-dbgsym_5.2.0-1_amd64.deb
 aa3b41e152afa287791f3f88d6bbf6c6e8b47c81b8d733226a4b0fd8b3a78fb2 422524 libvirt-daemon-driver-storage-gluster-dbgsym_5.2.0-1_amd64.deb
 85eec0d52722e8419169c00dd20c16bea22c667384f80234e3437d3b24089d91 115584 libvirt-daemon-driver-storage-gluster_5.2.0-1_amd64.deb
 bb5ea5ef410f5bdba2c881b95dad6f1e8e1116173bd276f516f0a65d7457483b 252104 libvirt-daemon-driver-storage-rbd-dbgsym_5.2.0-1_amd64.deb
 31d041f1520923be14c64c3828fcd392500acbc25418b36565a2dc7a8299447a 113172 libvirt-daemon-driver-storage-rbd_5.2.0-1_amd64.deb
 c303f12a674177ae6fe9a88055f2545344e02b9952afa26050e84354c0d17342 217932 libvirt-daemon-driver-storage-zfs-dbgsym_5.2.0-1_amd64.deb
 475f5595b4e112e2270ea96aecd1426bf63812cd1244366b815774a74528e7d7 105636 libvirt-daemon-driver-storage-zfs_5.2.0-1_amd64.deb
 99237912cf8edd2dc18ebf196d2032129665284f1741fc88af0a0206dbcf3c2b 104072 libvirt-daemon-system-dbgsym_5.2.0-1_amd64.deb
 3083b1fa5a7f6c97ed0fcb08047b6d5e4e322d9e7dc0b7162b04b085d66af43a 118684 libvirt-daemon-system_5.2.0-1_amd64.deb
 dbdf03ec3ab130f6025754ce1c03c403f97c11a28fb38825335e2cd7cdb07854 1829608 libvirt-daemon_5.2.0-1_amd64.deb
 c998f66a4da992f46167f05cca145d83d9f2dfe6559e3b8e4ed02f11e799b52d 193500 libvirt-dev_5.2.0-1_amd64.deb
 a7ae89e0384f54ca316a48ae50a3fa1d15c5a31b6c4b9146baceb373c854490b 1303480 libvirt-doc_5.2.0-1_all.deb
 65acb5b74392174f7b14d0baa3e393fd5a074a8888ce017308f24ef7e49d16c1 221984 libvirt-sanlock-dbgsym_5.2.0-1_amd64.deb
 2cf0e85f9eb0fbd50508986e16c2279363121ba2a52ca70338664bd1dd5122d0 110760 libvirt-sanlock_5.2.0-1_amd64.deb
 a5663fe817da01621fecd14e2701acbaf11ff4eab87bccb11bd0a9ae9364da76 333548 libvirt-wireshark-dbgsym_5.2.0-1_amd64.deb
 c2042744539f790d4904b34188989f561dd69d8e2e0fdb4bc267033c47f4e779 129572 libvirt-wireshark_5.2.0-1_amd64.deb
 ee1aaebbf933dbf141f0f1afe3ff4e0f16417973fa9f31353ab21e6cbe943959 6273968 libvirt0-dbgsym_5.2.0-1_amd64.deb
 6ce85a1cad417d9332da613bff1f375ca1a950b6e1cb82329b046151d1d441b5 5247360 libvirt0_5.2.0-1_amd64.deb
 5d4234c06cc1ea8470af2649d0ced7e1b36195b2fb395ef07ec25b9f9fa4db6f 19453 libvirt_5.2.0-1_amd64.buildinfo
Files:
 31246ebe12abcfa0df2c86059cbedd47 4355 libs optional libvirt_5.2.0-1.dsc
 1e54f5b829482d977bc5353c861407d3 14992888 libs optional libvirt_5.2.0.orig.tar.xz
 90a7f2c7832295a2729659301c309a44 70292 libs optional libvirt_5.2.0-1.debian.tar.xz
 5a04c9cccff9e2d094178c010de211f5 528620 debug optional libnss-libvirt-dbgsym_5.2.0-1_amd64.deb
 41fac6ef44c359feacab57c06b1989e8 199048 libs optional libnss-libvirt_5.2.0-1_amd64.deb
 337380d417287b746e8a8b057d60f8ec 2195704 debug optional libvirt-clients-dbgsym_5.2.0-1_amd64.deb
 c3b672350ecb3eb48ec2b044a9249174 709840 admin optional libvirt-clients_5.2.0-1_amd64.deb
 29b74a69a3f9623fdad676aa6d211c7f 13208692 debug optional libvirt-daemon-dbgsym_5.2.0-1_amd64.deb
 c245a858eccb084b0d72b9899fe2ac29 422524 debug optional libvirt-daemon-driver-storage-gluster-dbgsym_5.2.0-1_amd64.deb
 dfa0d89a1352580866de4049bcfad7e6 115584 admin optional libvirt-daemon-driver-storage-gluster_5.2.0-1_amd64.deb
 ab9fd3cc0f8f00988b251b34090e7516 252104 debug optional libvirt-daemon-driver-storage-rbd-dbgsym_5.2.0-1_amd64.deb
 b3f2bc16b6d45f06b517c0af8c6bef2a 113172 admin optional libvirt-daemon-driver-storage-rbd_5.2.0-1_amd64.deb
 75b1837145d6dc7bd49815040f2f1a9a 217932 debug optional libvirt-daemon-driver-storage-zfs-dbgsym_5.2.0-1_amd64.deb
 c5a7c6f0a80e60d520ffe459f12091e8 105636 admin optional libvirt-daemon-driver-storage-zfs_5.2.0-1_amd64.deb
 7ebc72b49904766a646daf00634256c8 104072 debug optional libvirt-daemon-system-dbgsym_5.2.0-1_amd64.deb
 baa32e82ea1261675e6c3a9d75990806 118684 admin optional libvirt-daemon-system_5.2.0-1_amd64.deb
 a48075ab1521024de2b94aa1ba28ccde 1829608 admin optional libvirt-daemon_5.2.0-1_amd64.deb
 4b06dccbd21a803d96a8b5ce655ad21f 193500 libdevel optional libvirt-dev_5.2.0-1_amd64.deb
 0a5933f965e0b838b4b72850210ffca5 1303480 doc optional libvirt-doc_5.2.0-1_all.deb
 5f88e0a8c1efc4277bb89c1a37070085 221984 debug optional libvirt-sanlock-dbgsym_5.2.0-1_amd64.deb
 4b6438e8c3eb087565cd4bf67602462a 110760 libs optional libvirt-sanlock_5.2.0-1_amd64.deb
 a4f4cf4bd4eb2611835e6f063eb30696 333548 debug optional libvirt-wireshark-dbgsym_5.2.0-1_amd64.deb
 6e40ada0d701b7a149fb814e1bb70db6 129572 libs optional libvirt-wireshark_5.2.0-1_amd64.deb
 bdd92529de610ee5d5d2ca76cb347433 6273968 debug optional libvirt0-dbgsym_5.2.0-1_amd64.deb
 637976878c4e3f69f76fd5b648f96b27 5247360 libs optional libvirt0_5.2.0-1_amd64.deb
 33e5cba4672733bacfc149c996ed661f 19453 libs optional libvirt_5.2.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEvHzQcjh4660F3xzZB7i3sOqYEgsFAlytn0UACgkQB7i3sOqY
EgvqLhAAv0HwZxQ579nhP2mPgRZ+c6l6qceSK1Pd+R8GfN6iZa/Uyh4Cb9jqewvZ
PjkFr3wxwUYpzi7wmbF2U3L30lkoI24SNMfkKRgSwL8mfpdhVynPldCsEbdc6JKX
PJ3lEfO0Ep8sGxZTZH6g0ymfejTTg0oi0d7qVAW0UhpqKBHdMq+jO74OxwYQxPdA
4t/xp9TcPC9Q1OXVQZbNJFImu0aVRdey93ncjz3CCtCywARcYbfPoxZwGb2edc8G
98EmPd4SjBnk5cU4tKE689YMKIf6/k6UCYCTbJcJJ3N3b61GV6VGXNYxyuk/wcgY
hr12AgbAdakyBsByohEHA57gokuQkWS6V0zDbTMKQpD3C8sLWtKPEKRlzn/lyFm0
MDgjmhv8mhVXIlmwFpCpoLvN3BoHIwYTNbiGLrvmD5pjUo6kV+cpcqIUMMtwSHAS
poaBDfSJvYyjx7kpc9bcdeR2sjAVRg68GWRR9muT+wWF98G7q+M67i1BpVzhzY5z
USfi4FiVQSNSi8rQEM1yOHnh4zmmNYYmpN0dAwQKE2X4ADQEXDtPzqUbhU1t0oPd
OW6cOAcnJHUcqL/COJ0eH4uIetx0/rG5JIAFl0Z6nTYu7ROcc5500coQ8FQAb2hr
pe4QFZJ1Rbu1Eptm6qfO2QRoTXKJQL6w2a3wOHXZnlZ8Xlff890=
=6y5Y
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.