1. 09 Apr, 2019 1 commit
    • Chris Coulson's avatar
      Import Debian changes 237-3ubuntu10.19 · 1b7798f0
      Chris Coulson authored
      systemd (237-3ubuntu10.19) bionic-security; urgency=medium
      
        * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
          incorrect Policykit authorization
          - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
            getenv() in pam_systemd.c
          - CVE-2019-3842
      1b7798f0
  2. 04 Apr, 2019 2 commits
    • Dimitri John Ledkov's avatar
      Specify Ubuntu's Vcs-Git · 77727b7f
      Dimitri John Ledkov authored
      77727b7f
    • Michael Vogt's avatar
      Import Debian changes 237-3ubuntu10.17 · e902db27
      Michael Vogt authored
      systemd (237-3ubuntu10.17) bionic; urgency=medium
      
        [ Michael Vogt ]
        * d/p/Support-system-image-read-only-etc.patch:
          - re-add support for /etc/writable for core18 (LP: #1778936)
        * d/p/fix-race-daemon-reload-8803.patch:
          - backport systemd upstream PR#8803 and PR#11121 to fix race
            when doing systemctl and systemctl daemon-reload at the
            same time LP: #1819728
      
        [ Balint Reczey ]
         * d/p/virt-detect-WSL-environment-as-a-container.patch:
           - virt: detect WSL environment as a container (LP: #1816753)
      e902db27
  3. 25 Mar, 2019 7 commits
    • Dimitri John Ledkov's avatar
      Specify Ubuntu's Vcs-Git · a9923b00
      Dimitri John Ledkov authored
      a9923b00
    • Michael Vogt's avatar
      Import Debian changes 237-3ubuntu10.16 · 24412cfc
      Michael Vogt authored
      systemd (237-3ubuntu10.16) bionic; urgency=medium
      
        * d/p/Support-system-image-read-only-etc.patch:
          - re-add support for /etc/writable for core18 (LP: #1778936)
        * d/p/fix-race-daemon-reload-8803.patch:
          - backport systemd upstream PR#8803 to fix race when doing
            systemctl and systemctl daemon-reload at the same time
            LP: #1819728
      24412cfc
    • Dan Streetman's avatar
      Import Debian changes 237-3ubuntu10.15 · 282faf45
      Dan Streetman authored
      systemd (237-3ubuntu10.15) bionic; urgency=medium
      
        [ Victor Tapia ]
        * d/p/stop-mount-error-propagation.patch:
          keep mount errors local to the failing mount point instead of blocking
          the processing of all mounts (LP: #1755863)
      282faf45
    • Dan Streetman's avatar
      Import Debian changes 237-3ubuntu10.14 · 45bfa444
      Dan Streetman authored
      systemd (237-3ubuntu10.14) bionic; urgency=medium
      
        [ Victor Tapia ]
        * d/p/stop-mount-error-propagation.patch:
          keep mount errors local to the failing mount point instead of blocking
          the processing of all mounts (LP: #1755863)
      
        [ Daniel Axtens ]
        * Fix an issue where IPv6 routes that specified PreferredSource
          would not be added - upstream bug #5882. (LP: #1812760)
          - debian/patches/networkd-don-t-remove-ip-address.patch,
            debian/patches/networkd-don-t-remove-route.patch: don't clear out all
            IP addresses and routes when starting, only ones not in the config.
            Required for the remaining patches to fully cover the field.
          - debian/patches/Move-link_check_ready-to-later-in-the-file.patch,
            debian/patches/Install-routes-after-addresses-are-ready.patch: wait
            until addresses are ready (not tentative) before installing routes,
            allowing routes with IPv6 source addresses to work.
      45bfa444
    • Chris Coulson's avatar
      Import Debian changes 237-3ubuntu10.13 · d5d67759
      Chris Coulson authored
      systemd (237-3ubuntu10.13) bionic-security; urgency=medium
      
        * SECURITY UPDATE: denial of service via crafted dbus message
          - debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
            dbus paths, and don't allocate them on the stack
          - debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
            sd-bus: if we receive an invalid dbus message, ignore and proceeed
          - CVE-2019-6454
      
        * Do not remove multiple spaces after identifier in syslog message
          - add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch
      d5d67759
    • Dan Streetman's avatar
      Import Debian changes 237-3ubuntu10.12 · 16f2537b
      Dan Streetman authored
      systemd (237-3ubuntu10.12) bionic; urgency=medium
      
        * d/p/resolve-enable-EDNS0-towards-the-127.0.0.53-stub-res.patch
          getaddrinfo() failures when fallback to dns tcp queries, so enable
          edns0 in resolv.conf (LP: #1811471)
      
        [ Victor Tapia ]
        * d/p/resolved-Increase-size-of-TCP-stub-replies.patch
          dns failures with edns0 disabled and truncated response (LP: #1804487)
      16f2537b
    • Chris Coulson's avatar
      Import Debian changes 237-3ubuntu10.11 · ea24e25d
      Chris Coulson authored
      systemd (237-3ubuntu10.11) bionic-security; urgency=medium
      
        * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
          - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
            entry for process commandline on the stack
          - CVE-2018-16864
        * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
          - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
            number of fields (1k)
          - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
            number of fields in a message
          - CVE-2018-16865
        * SECURITY UPDATE: out-of-bounds read in journald
          - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
          - CVE-2018-16866
      
        * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
          - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
          - update debian/patches/series
        * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
          - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
          - update debian/patches/series
      ea24e25d
  4. 19 Nov, 2018 12 commits
  5. 30 Jul, 2018 1 commit
  6. 27 Jun, 2018 1 commit
  7. 22 Jun, 2018 2 commits
    • Dimitri John Ledkov's avatar
      Disable dh_installinit generation of tmpfiles for the systemd package. · 8069182b
      Dimitri John Ledkov authored
      Replace with a manual safe call to systemd-tmpfiles which will process any
      updates to the tmpfiles shipped by systemd package, taking into account any
      overrides shipped by other packages, sysadmin, or specified in the runtime
      directories.
      
      LP: #1748147
      (cherry picked from commit 1fd144cbe31cc7a9383cc76f21f4b84c22a9dd1b)
      8069182b
    • Dimitri John Ledkov's avatar
      logind: backport v238/v239 fixes for handling DRM devices · f52659a7
      Dimitri John Ledkov authored
      These chages introduce all the fixes that correct handling of open fd's
      realated to the DRM devices, as used by for example NVIDIA GPUs. This backport
      includes some refactorings, corrections, and comment updates. This to insure
      that correct history is preserved, code comments match reality, and to easy
      backporting logind fixes in the future SRUs.
      
      LP: #1777099
      f52659a7
  8. 22 May, 2018 1 commit
  9. 18 May, 2018 4 commits
  10. 14 May, 2018 2 commits
  11. 20 Apr, 2018 3 commits
  12. 12 Apr, 2018 2 commits
  13. 11 Apr, 2018 1 commit
  14. 06 Apr, 2018 1 commit