[ubuntu/disco-proposed] systemd 240-6ubuntu1 (Accepted)

Dimitri John Ledkov xnox at ubuntu.com
Wed Feb 20 20:49:12 UTC 2019


systemd (240-6ubuntu1) disco; urgency=medium

  * Release to ubuntu.

systemd (240-6) unstable; urgency=high

  * High urgency as this fixes a vulnerability.

  [ Felipe Sateler ]
  * Reenable pristine-tar in gbp.conf.
    The pristine-tar bug has been fixed, so we can use it again.
    This reverts commit 9fcfbbf6fea15eacfa3fad74240431c5f2c3300e.
  * d/watch: add version mangle to transform -rc to ~rc.
    Upstream has started releasing rcs, so let's account for that
  * Fix comment about why we disable hwclock.service.
    Systemd nowadays doesn't do it itself because the kernel does it on its
    own when necessary, and when not, it is not safe to save the hwclock (eg,
    there is no certainty the system clock
    is correct)
  * udev: Backport upstream preventing mass killings when not running under
    systemd (Closes: #918764)

  [ Dimitri John Ledkov ]
  * debian/tests/storage: improve cleanups.
    On fast ppc64el machines, cryptsetup start job may not complete by the
    time tearDown is executed. In that case stop, causes to simply cancel the
    start job without actually cleaning up the dmsetup node. This leads to
    failing subsequent test as it no longer starts with a clean device. Thus
    ensure the systemd-cryptsetup unit is started, before stopping it.
    Also rmmod scsi_debug module at the end, to allow re-running the test in a
    loop.
  * debian/tests/upstream: Mark TEST-13-NSPAWN-SMOKE as flakey.
  * debian/tests/control: add socat to upstream tests for pull #11591
  * Blacklist TEST-10-ISSUE-2467 #11706
  * debian/tests/storage: fix for LUKS2 and avoid interactive password
    prompts.

  [ Martin Pitt ]
  * udevadm: Fix segfault with subsystem-match containing '/'
    (Closes: #919206)
  * sd-bus: if we receive an invalid dbus message, ignore and proceed
  * sd-bus: enforce a size limit on D-Bus object paths.
    This avoids accessing/modifying memory outside of the allocated stack
    region by sending specially crafted D-Bus messages with very large object
    paths.
    Vulnerability discovered by Chris Coulson <chris.coulson at canonical.com>,
    patch provided by Riccardo Schirone <rschiron at redhat.com>.
    (CVE-2019-6454)

Date: Wed, 20 Feb 2019 21:41:03 +0100
Changed-By: Dimitri John Ledkov <xnox at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/systemd/240-6ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 20 Feb 2019 21:41:03 +0100
Source: systemd
Binary: systemd systemd-sysv systemd-container systemd-journal-remote systemd-coredump systemd-tests libpam-systemd libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd libsystemd0 libsystemd-dev udev libudev1 libudev-dev udev-udeb libudev1-udeb
Architecture: source
Version: 240-6ubuntu1
Distribution: disco
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Dimitri John Ledkov <xnox at ubuntu.com>
Description:
 libnss-myhostname - nss module providing fallback resolution for the current hostname
 libnss-mymachines - nss module to resolve hostnames for local container instances
 libnss-resolve - nss module to resolve names via systemd-resolved
 libnss-systemd - nss module providing dynamic user and group name resolution
 libpam-systemd - system and service manager - PAM module
 libsystemd-dev - systemd utility library - development files
 libsystemd0 - systemd utility library
 libudev-dev - libudev development files
 libudev1   - libudev shared library
 libudev1-udeb - libudev shared library (udeb)
 systemd    - system and service manager
 systemd-container - systemd container/nspawn tools
 systemd-coredump - tools for storing and retrieving coredumps
 systemd-journal-remote - tools for sending and receiving remote journal logs
 systemd-sysv - system and service manager - SysV links
 systemd-tests - tests for systemd
 udev       - /dev/ and hotplug management daemon
 udev-udeb  - /dev/ and hotplug management daemon (udeb)
Closes: 918764 919206
Changes:
 systemd (240-6ubuntu1) disco; urgency=medium
 .
   * Release to ubuntu.
 .
 systemd (240-6) unstable; urgency=high
 .
   * High urgency as this fixes a vulnerability.
 .
   [ Felipe Sateler ]
   * Reenable pristine-tar in gbp.conf.
     The pristine-tar bug has been fixed, so we can use it again.
     This reverts commit 9fcfbbf6fea15eacfa3fad74240431c5f2c3300e.
   * d/watch: add version mangle to transform -rc to ~rc.
     Upstream has started releasing rcs, so let's account for that
   * Fix comment about why we disable hwclock.service.
     Systemd nowadays doesn't do it itself because the kernel does it on its
     own when necessary, and when not, it is not safe to save the hwclock (eg,
     there is no certainty the system clock
     is correct)
   * udev: Backport upstream preventing mass killings when not running under
     systemd (Closes: #918764)
 .
   [ Dimitri John Ledkov ]
   * debian/tests/storage: improve cleanups.
     On fast ppc64el machines, cryptsetup start job may not complete by the
     time tearDown is executed. In that case stop, causes to simply cancel the
     start job without actually cleaning up the dmsetup node. This leads to
     failing subsequent test as it no longer starts with a clean device. Thus
     ensure the systemd-cryptsetup unit is started, before stopping it.
     Also rmmod scsi_debug module at the end, to allow re-running the test in a
     loop.
   * debian/tests/upstream: Mark TEST-13-NSPAWN-SMOKE as flakey.
   * debian/tests/control: add socat to upstream tests for pull #11591
   * Blacklist TEST-10-ISSUE-2467 #11706
   * debian/tests/storage: fix for LUKS2 and avoid interactive password
     prompts.
 .
   [ Martin Pitt ]
   * udevadm: Fix segfault with subsystem-match containing '/'
     (Closes: #919206)
   * sd-bus: if we receive an invalid dbus message, ignore and proceed
   * sd-bus: enforce a size limit on D-Bus object paths.
     This avoids accessing/modifying memory outside of the allocated stack
     region by sending specially crafted D-Bus messages with very large object
     paths.
     Vulnerability discovered by Chris Coulson <chris.coulson at canonical.com>,
     patch provided by Riccardo Schirone <rschiron at redhat.com>.
     (CVE-2019-6454)
Checksums-Sha1:
 c01ef1af608d1cba4c359bcf72a43aae66023050 5060 systemd_240-6ubuntu1.dsc
 32c2fff7a4f1104aa3ae95c85813b0ff638e1cd0 197240 systemd_240-6ubuntu1.debian.tar.xz
 345a8529af221ead240671cdc4ec7dfb5456551b 11086 systemd_240-6ubuntu1_source.buildinfo
Checksums-Sha256:
 0a36ada817101df3c7961a8991af33e99b0c55a89702f9a7bc31d2967b0d4591 5060 systemd_240-6ubuntu1.dsc
 880a5a917ed46f2864833b52cb80374053a14d2e93923bdd05b1829a7380d3f4 197240 systemd_240-6ubuntu1.debian.tar.xz
 d4d2764d9998d44a13acc984cc8f609c9fa11dd3a9e8d92bd59383b0098cf343 11086 systemd_240-6ubuntu1_source.buildinfo
Files:
 21df7166e0b5faf0b3c96edc07bd1bea 5060 admin optional systemd_240-6ubuntu1.dsc
 63c53ce6abe1a2bafdc671b54fc9e3c1 197240 admin optional systemd_240-6ubuntu1.debian.tar.xz
 039fa8b5e1eee3cb8acc38395a105916 11086 admin optional systemd_240-6ubuntu1_source.buildinfo
Original-Maintainer: Debian systemd Maintainers <pkg-systemd-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCgAuFiEE4cdIyvfCPLE8LKqG6OhJCPkDr7UFAlxtu+QQHHhub3hAdWJ1
bnR1LmNvbQAKCRDo6EkI+QOvtT62D/98Rzko240raG07JzC6UC0AaAxBWig+/jT/
NQpcK1NgePCpb9wCfb+rnpvz3xgHXoyrXCKzmEyFP3Du99B7sbBDExfFLsxVyuHa
B7AsdXg4x6OHey6ggcotkZzDSw6BK2LOhmDwEeJ1ELQcJJu/ZyCziAGkI8mLSdMh
1LCMY+b3IqQ9Wnt9C4GqdRCoqNGidm6Hy4135+QwfMK+Lm83qzhVbCea1hglmnUa
5f0kePXm4AnXRoqC8S8ClauQxfANu+GQfPZ8CUjGBecayVirg85bU8IIIGSkuYVe
gEuPPpAsyTqfkdfrp7ChR+AyhvfBsTvls5ns+HAvCL98K7s82gZI62WKaSYgW4xN
Ew1Tt6nr3pWnoDiwBQrvVkJoGH9oIb/wo4ZPR4wUYatir3DqN1b9qMFpk753xycQ
D7CVkoaglVoPQUK2OKfNKQe4aVr7nVztFrUfJwd6tYyjEw4erBf8potEw9g5yj30
sdYwdHSz+PGt4EmfVg5kHMjIZfUYc2PaH4fcD9LkmJgIRcJG5pP3C84rlUXHPpTc
p+yBkgT4kIisGyQ0o7G7mlW03718nkmHFcqwEZWTt1tj3Wqq/89QYGqFaHayU87K
xDhMCgl+OTViM26WHEUL+FXAkUQNeEWom1+A5T74qGBVRrgTOPv+HbJFZl/YnJhG
5dQikMd5EQ==
=GO3o
-----END PGP SIGNATURE-----


More information about the Disco-changes mailing list