[ubuntu/jammy-security] systemd 249.11-0ubuntu3.16 (Accepted)
Octavio Galland
octavio.galland at canonical.com
Mon Jun 9 12:39:10 UTC 2025
systemd (249.11-0ubuntu3.16) jammy-security; urgency=medium
* SECURITY UPDATE: race condition in systemd-coredump
- debian/patches/CVE_2025_4598_1.patch: coredump: get rid of
_META_MANDATORY_MAX.
- debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core
pattern.
- debian/patches/CVE_2025_4598_3.patch: coredump: get rid of a bogus
assertion.
- CVE-2025-4598
systemd (249.11-0ubuntu3.15) jammy; urgency=medium
* d/systemd.prerm: call d-s-h update-state for resolved on upgrades
(LP: #2078555)
systemd (249.11-0ubuntu3.14) jammy; urgency=medium
[ Ioanna Alifieraki ]
* network: skip to reassign master ifindex if already set
(LP: #2003250)
[ Nick Rosbrook ]
* network: do not bring down a bonding port interface when it is already joined
(This is a follow-up commit required for LP: 2003250)
* networkd-test: skip test_resolved_domain_restricted_dns
(LP: #2009859)
systemd (249.11-0ubuntu3.13) jammy; urgency=medium
[ Lukas Märdian ]
* Fixing GRE6 and VTI6 on newer kernels (LP: #2037667)
[ Nick Rosbrook ]
* debian/tests/tests-in-lxd: update workaround patch (LP: #2055200)
[ Chengen Du ]
* udev: Handle PTP device symlink properly on udev action 'change'
(LP: #2077779)
systemd (249.11-0ubuntu3.12) jammy; urgency=medium
* core/device: ignore DEVICE_FOUND_UDEV bit on switching root (LP: #2037281)
File: debian/patches/lp2037281-core-device-ignore-DEVICE_FOUND_UDEV-bit-on-switching-roo.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=00f86f0b20f794f30aabe7181912d2ec2207e292
* use read-only /etc hack in more places (LP: #2035122)
File: debian/patches/debian/UBUNTU-Support-system-image-read-only-etc.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c57406e850396a5d446aefe5e70a3aeaad080d72
* autopkgtest: do not allow qemu to be used on ppc64el.
Almost every run on ppc64el takes 12 to 24 hours, so do this as a last
resort to relieve pressure on autopkgtest infrastructure.
File: debian/tests/upstream
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d125a1ed3f01e59dba2f370c13801bfb76c16f5d
systemd (249.11-0ubuntu3.11) jammy; urgency=medium
* wait-online: exit early if all links are ignored (LP: #2036358)
File: debian/patches/lp2036358-wait-online-exit-early-if-all-links-are-ignored.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fcf9af1efaa904b9e587a3bfa76814d2601d05f3
systemd (249.11-0ubuntu3.10) jammy; urgency=medium
[ Nick Rosbrook ]
* debian/tests/tests-in-lxd: use --reuse flag in lxc publish (LP: #2023229)
File: debian/tests/tests-in-lxd
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=85b2ceddff1a6cc1ddbca8a1b7e5381d146e6313
* pstore: only try to load efi_pstore module (LP: #2023462)
File: debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7600bbfb1e8a399e5aeb1010a20deda3e5a06c89
* shutdown: get only active md arrays. (LP: #2025563)
File: debian/patches/lp2025563-shutdown-get-only-active-md-arrays.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=416a9245c8f0efbedcc4395cada23cb09c685ec3
* udev-rules: fix nvme symlink creation on namespace changes (LP: #2028180)
File: debian/patches/lp2028180-udev-rules-fix-nvme-symlink-creation-on-namespace-changes.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=26e85b944da9098e66fc0c39f64ee40254c0c278
* core: reorder systemd arguments on reexec (LP: #2013543)
File: debian/patches/lp2013543-core-reorder-systemd-arguments-on-reexec.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=19ba0f20d311642596dc65fa5d6eb96a2d4be280
* network/dhcp4: do not ignore the gateway even if the destination is in same network (LP: #2009743)
Files:
- debian/patches/lp2009743/network-dhcp4-do-not-ignore-the-gateway-even-if-the-desti.patch
- debian/patches/lp2009743/test-network-add-one-more-testcase-for-DHCPv4-classless-r.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=73e774a2fb99c82df6d0edd770bb84ab735ec2f0
* Drop debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch (LP: #1982218)
File: debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=cf82f08feea456e1c65895b34bffa8c33d421588
* debian/systemd.postint: do not daemon re-exec if we could hit LP: #2013543
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=be484dab06d590b1792a8f016f4292373d0174b7
* binfmt: fix systemd-binfmt in LXD containers (LP: #1999275)
Files:
- debian/patches/lp1999275/binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch
- debian/patches/lp1999275/binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch
- debian/patches/lp1999275/binfmt-util-split-out-binfmt_mounted.patch
- debian/patches/lp1999275/unit-check-more-specific-path-to-be-written-by-systemd-bi.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0b9eadf05ee6db0e009dacbc71521480095880b3
[ Dan Streetman ]
* Fix machinectl pull-tar and import-tar (LP: #1977630)
Author: Dan Streetman
File: debian/patches/lp1977630-fix_machinectl_pull_tar.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1e7d3febe1600c6eb03bd71a17be6a6af52988c7
* make machinectl read-only work (LP: #1991829)
Author: Dan Streetman
File: debian/patches/lp1991829-add-CAP_LINUX_IMMUTABLE-to-systemd-machined-so-it-ca.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7a7c47569e0a2d175915eb0b79c60f2611848731
systemd (249.11-0ubuntu3.9) jammy; urgency=medium
* udev: gracefully handle rename failures (LP: #2002445)
Files:
- debian/patches/lp2002445/core-device-ignore-failed-uevents.patch
- debian/patches/lp2002445/sd-device-introduce-device_get_property_int.patch
- debian/patches/lp2002445/sd-device-make-device_set_syspath-clear-sysname-and-sysnu.patch
- debian/patches/lp2002445/udev-restore-syspath-and-properties-on-failure.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a7ad4a9fc708500c61e3b8127f112d8c90049b2c
systemd (249.11-0ubuntu3.8) jammy; urgency=medium
* network/dhcp4: accept local subnet routes from DHCP (LP: #2004478)
File: debian/patches/lp2004478-network-dhcp4-accept-local-subnet-routes-from-DHCP.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=96928d5f45ebbfe682b47e842d63506fa0ac9583
* udev: avoid NIC renaming race with kernel (LP: #2002445)
Files:
- debian/patches/lp2002445/sd-netlink-add-a-test-for-rtnl_set_link_name.patch
- debian/patches/lp2002445/sd-netlink-do-not-swap-old-name-and-alternative-name.patch
- debian/patches/lp2002445/sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
- debian/patches/lp2002445/udev-attempt-device-rename-even-if-interface-is-up.patch
- debian/patches/lp2002445/udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=20dc4d51a340669c26c446c23b5a84516e82ea74
* network: create stacked netdevs after the underlying link is (LP: #2000880)
File: debian/patches/lp2000880-network-create-stacked-netdevs-after-the-underlying-link-.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ab620e709f3f62eda86af26fd66c00d6e5165a25
* Enable /dev/sgx_vepc access for the group 'sgx' (LP: #2009502)
File: debian/patches/lp2009502-Enable-dev-sgx_vepc-access-for-the-group-sgx.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=434480ae4059a16ccbde9613be0c26ff1983cc3a
Date: 2025-06-06 12:34:56.560365+00:00
Changed-By: Octavio Galland <octavio.galland at canonical.com>
https://launchpad.net/ubuntu/+source/systemd/249.11-0ubuntu3.16
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list