[Bug 1804864] Re: autopkgtest regression TEST-22-TMPFILES are not executable

Launchpad Bug Tracker 1804864 at bugs.launchpad.net
Fri Jan 11 02:34:05 UTC 2019 

This bug was fixed in the package systemd - 237-3ubuntu10.11

---------------
systemd (237-3ubuntu10.11) bionic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <chris.coulson at canonical.com>  Wed, 09 Jan 2019
15:11:53 +0000

** Changed in: systemd (Ubuntu Bionic)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16864

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16865

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16866

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1804864

Title:
  autopkgtest regression TEST-22-TMPFILES are not executable

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  Fix Released
Status in systemd source package in Cosmic:
  Fix Committed

Bug description:
  [Impact]

   * Newly added testcase in a security upload used a traditional GNU
  patch format, instead of using extended git patch format, as supported
  by GNU patch. Therefore, executable bits on shells scripts were lost,
  resulting in autopkgtest failures.

  [Test Case]

   * `upstream` test/TEST-22-TMPFILES autopkgtest case should pass.

  
  [Regression Potential] 

   * This is testcode change only.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1804864/+subscriptions

More information about the foundations-bugs mailing list