UbuntuUpdates.org

Package "systemd"

Name: systemd

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • nss module to resolve hostnames for local container instances
  • nss module to resolve names via systemd-resolved
  • systemd container/nspawn tools
  • tools for storing and retrieving coredumps

Latest version: 237-3ubuntu10.57
Release: bionic (18.04)
Level: security
Repository: universe

Links



Other versions of "systemd" in Bionic

Repository Area Version
base main 237-3ubuntu10
base universe 237-3ubuntu10
security main 237-3ubuntu10.57
updates universe 237-3ubuntu10.57
updates main 237-3ubuntu10.57

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 237-3ubuntu10.57 2023-03-07 19:07:00 UTC

  systemd (237-3ubuntu10.57) bionic-security; urgency=medium

  * SECURITY UPDATE: buffer overrun vulnerability in format_timespan()
    - debian/patches/CVE-2022-3821.patch: time-util: fix buffer-over-run
    - CVE-2022-3821

 -- Nishit Majithia <email address hidden> Thu, 02 Mar 2023 18:28:02 +0530

Source diff to previous version
CVE-2022-3821 An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time a

Version: 237-3ubuntu10.56 2022-09-13 19:07:10 UTC

  systemd (237-3ubuntu10.56) bionic-security; urgency=medium

  * debian/udev.preinst:
    Add check_ID_NET_DRIVER() to ensure that on upgrade or install
    from an earlier version ID_NET_DRIVER is present on network
    interfaces. (LP: #1988119)

 -- Matthew Ruffell <email address hidden> Tue, 06 Sep 2022 15:18:05 +1200

Source diff to previous version
1988119 systemd-udevd: Run net_setup_link on 'change' uevents to prevent DNS outages on Azure

Version: 237-3ubuntu10.54 2022-08-29 11:06:20 UTC

  systemd (237-3ubuntu10.54) bionic-security; urgency=medium

  * SECURITY UPDATE: Use-after-free vulnerability in systemd.
    - debian/patches/CVE-2022-2526.patch: pin stream while calling callbacks
      for it in src/resolve/resolved-dns-stream.c
    - CVE-2022-2526

 -- Nishit Majithia <email address hidden> Mon, 29 Aug 2022 10:28:49 +0530

Source diff to previous version
CVE-2022-2526 use-after-free when dealing with DnsStream in resolved-dns-stream.c

Version: 237-3ubuntu10.50 2021-07-22 02:06:23 UTC

  systemd (237-3ubuntu10.50) bionic-security; urgency=medium

  * d/p/lp1937117-revert-lp1929560-network-move-set-MAC-and-set-nomaster-operations-out.patch:
    Revert patch due to users expecting previous buggy behavior
    (LP: #1937117)

 -- Dan Streetman <email address hidden> Wed, 21 Jul 2021 14:51:38 -0400

Source diff to previous version
1937117 misconfigured networkd may break after networkd restart

Version: 237-3ubuntu10.49 2021-07-20 17:06:29 UTC

  systemd (237-3ubuntu10.49) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS via DHCP FORCERENEW
    - debian/patches/CVE-2020-13529.patch: tentatively ignore FORCERENEW
      command in src/libsystemd-network/sd-dhcp-client.c.
    - CVE-2020-13529
  * SECURITY UPDATE: denial of service via stack exhaustion
    - debian/patches/CVE-2021-33910.patch: do not use strdupa() on a path
      in src/basic/unit-name.c.
    - CVE-2021-33910

 -- Marc Deslauriers <email address hidden> Fri, 09 Jul 2021 11:12:13 -0400

CVE-2020-13529 An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP



About   -   Send Feedback to @ubuntu_updates