UbuntuUpdates.org

Package "systemd"

Name: systemd

Description:

system and service manager

Latest version: 237-3ubuntu10.15
Release: bionic (18.04)
Level: updates
Repository: main
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links

Save this URL for the latest version of "systemd": https://www.ubuntuupdates.org/systemd


Download "systemd"


Other versions of "systemd" in Bionic

Repository Area Version
base main 237-3ubuntu10
base universe 237-3ubuntu10
security main 237-3ubuntu10.13
security universe 237-3ubuntu10.13
updates universe 237-3ubuntu10.15
proposed main 237-3ubuntu10.16
proposed universe 237-3ubuntu10.16
PPA: Mint upstream 204-5ubuntu20.15linuxmint1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 237-3ubuntu10.6 2018-11-12 16:06:28 UTC

  systemd (237-3ubuntu10.6) bionic-security; urgency=medium

  * SECURITY UPDATE: reexec state injection
    - debian/patches/CVE-2018-15686.patch: when deserializing state always use
      read_line(…, LONG_LINE_MAX, …) rather than fgets()
    - CVE-2018-15686
  * SECURITY UPDATE: chown_one() can dereference symlinks
    - debian/patches/CVE-2018-15687.patch: rework recursive logic to use O_PATH
    - CVE-2018-15687
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954.patch: don't resolve pathnames when traversing
      recursively through directory trees
    - CVE-2018-6954

 -- Chris Coulson <email address hidden> Tue, 06 Nov 2018 22:32:27 +0000

Source diff to previous version
CVE-2018-15686 A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be
CVE-2018-15687 A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are
CVE-2018-6954 systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of

Version: 237-3ubuntu10.4 2018-11-05 16:06:57 UTC

  systemd (237-3ubuntu10.4) bionic-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in dhcp6 client
    - debian/patches/CVE-2018-15688.patch: make sure we have enough space
      for the DHCP6 option header in src/libsystemd-network/dhcp6-option.c.
    - CVE-2018-15688

 -- Marc Deslauriers <email address hidden> Wed, 31 Oct 2018 11:38:31 -0400

Source diff to previous version
CVE-2018-15688 A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected

Version: 237-3ubuntu10.3 2018-07-23 19:06:40 UTC

  systemd (237-3ubuntu10.3) bionic; urgency=medium

  * debian/extra/start-udev: Set scsi_mod scan=sync even if it's builtin
    to the kernel (we previously only set it in modprobe.d) LP: #1779815

 -- Adam Conrad <email address hidden> Fri, 20 Jul 2018 11:13:58 -0600

Source diff to previous version
1779815 [Ubuntu 18.04.01][BostonLC][mpt3sas] installer does not detect any LSI based SAS/md raid device

Version: 237-3ubuntu10.2 2018-07-19 13:07:15 UTC

  systemd (237-3ubuntu10.2) bionic; urgency=medium

  * logind: backport v238/v239 fixes for handling DRM devices.
    These changes introduce all the fixes that correct handling of open fd's
    related to the DRM devices, as used by for example NVIDIA GPUs. This backport
    includes some refactoring, corrections, and comment updates. This to insure
    that correct history is preserved, code comments match reality, and to ease
    backporting logind fixes in the future SRUs. (LP: #1777099)
  * Disable dh_installinit generation of tmpfiles for the systemd package.
    Replace with a manual safe call to systemd-tmpfiles which will process any
    updates to the tmpfiles shipped by systemd package, taking into account any
    overrides shipped by other packages, sysadmin, or specified in the runtime
    directories. (LP: #1748147)

1777099 [backport] DRM devices opened by logind stay referenced indefinitely by PID 1



About   -   Send Feedback to @ubuntu_updates