UbuntuUpdates.org

Package "systemd"

Name: systemd

Description:

system and service manager

Latest version: 237-3ubuntu10.29
Release: bionic (18.04)
Level: security
Repository: main
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links

Save this URL for the latest version of "systemd": https://www.ubuntuupdates.org/systemd


Download "systemd"


Other versions of "systemd" in Bionic

Repository Area Version
base main 237-3ubuntu10
base universe 237-3ubuntu10
security universe 237-3ubuntu10.29
updates universe 237-3ubuntu10.31
updates main 237-3ubuntu10.31
PPA: Mint upstream 204-5ubuntu20.15linuxmint1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 237-3ubuntu10.29 2019-09-10 14:06:19 UTC
No changelog available yet.
Source diff to previous version

Version: 237-3ubuntu10.28 2019-09-03 19:07:44 UTC

  systemd (237-3ubuntu10.28) bionic-security; urgency=medium

  * SECURITY UPDATE: Unprivileged users are granted access to privileged
    systemd-resolved D-Bus methods
    - d/p/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch:
      drop trusted annotation from bus_open_system_watch_bind()
    - CVE-2019-15718

 -- Chris Coulson <email address hidden> Thu, 29 Aug 2019 23:30:33 +0100

Source diff to previous version
CVE-2019-15718 RESERVED

Version: 237-3ubuntu10.19 2019-04-08 12:07:08 UTC

  systemd (237-3ubuntu10.19) bionic-security; urgency=medium

  * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
    incorrect Policykit authorization
    - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
      getenv() in pam_systemd.c
    - CVE-2019-3842

 -- Chris Coulson <email address hidden> Fri, 29 Mar 2019 16:40:26 +0000

Source diff to previous version
CVE-2019-3842 RESERVED

Version: 237-3ubuntu10.13 2019-02-18 17:07:07 UTC

  systemd (237-3ubuntu10.13) bionic-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted dbus message
    - debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
      dbus paths, and don't allocate them on the stack
    - debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
      sd-bus: if we receive an invalid dbus message, ignore and proceeed
    - CVE-2019-6454

  * Do not remove multiple spaces after identifier in syslog message
    - add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch

 -- Chris Coulson <email address hidden> Wed, 13 Feb 2019 21:32:34 +0000

Source diff to previous version
CVE-2019-6454 systemd (PID1) crash with specially crafted D-Bus message

Version: 237-3ubuntu10.11 2019-01-11 04:10:06 UTC

  systemd (237-3ubuntu10.11) bionic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden> Wed, 09 Jan 2019 15:11:53 +0000

1804603 systemd-tmpfiles-setup.service fails on btrfs
1804864 autopkgtest regression TEST-22-TMPFILES are not executable
CVE-2018-16864 memory corruption
CVE-2018-16865 memory corruption
CVE-2018-16866 information leak, out-of-bounds read



About   -   Send Feedback to @ubuntu_updates