[ubuntu/questing-updates] systemd 257.9-0ubuntu2.5 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Jun 8 16:01:57 UTC 2026
systemd (257.9-0ubuntu2.5) questing-security; urgency=medium
* SECURITY UPDATE: escape-to-host via malformed optional config file
- debian/patches/CVE-2026-40226-1.patch: nspawn: apply BindUser/Ephemeral
from settings file only if trusted in src/nspawn/nspawn.c.
- debian/patches/CVE-2026-40226-2.patch: nspawn: normalize pivot_root paths
in src/nspawn/nspawn-mount.c.
- CVE-2026-40226
* d/p/lp2155132-*: trim null bytes padding from verity.sig files
(LP: #2155132)
Date: 2026-06-05 17:44:11.755028+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/systemd/257.9-0ubuntu2.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list