UbuntuUpdates.org

Package "libnss-mymachines"

Name: libnss-mymachines

Description:

nss module to resolve hostnames for local container instances
Latest version: 237-3ubuntu10.44
Release: bionic (18.04)
Level: updates
Repository: universe
Head package: systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libnss-mymachines"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libnss-mymachines" in Bionic

Repository Area Version
base universe 237-3ubuntu10
security universe 237-3ubuntu10.38
proposed universe 237-3ubuntu10.44

Changelog

Version: 237-3ubuntu10.39 2020-02-17 11:07:08 UTC

  systemd (237-3ubuntu10.39) bionic; urgency=medium

  [ Dariusz Gadomski ]
  * d/p/lp1762391/0001-Call-getgroups-to-know-size-of-supplementary-groups-.patch,
    d/p/lp1762391/0002-user-util-tweak-to-in_gid.patch,
    d/p/lp1762391/0003-user-util-Add-helper-functions-for-gid-lists-operati.patch,
    d/p/lp1762391/0004-execute-Restore-call-to-pam_setcred.patch,
    d/p/lp1762391/0005-execute-Detect-groups-added-by-PAM-and-merge-them-wi.patch,
    d/p/lp1762391/0006-test-Add-tests-for-gid-list-ops.patch,
    d/p/lp1762391/0007-execute-add-const-to-array-parameters-where-possible.patch,
    d/p/lp1762391/0008-execute-allow-pam_setcred-to-fail-ignore-errors.patch:
    - Restore call to pam_setcred (LP: #1762391)

  [ Ioanna Alifieraki ]
  * d/p/lp1860548/0001-Revert-Replace-use-of-snprintf-with-xsprintf.patch,
    d/p/lp1860548/0002-job-truncate-unit-description.patch:
    - use snprintf instead of xsprintf (LP: #1860548)

  [ Dan Streetman ]
  * d/p/lp1833193-network-update-address-when-static-address-was-alrea.patch:
    - Update lft when static addr was cfg by dhcp (LP: #1833193)
  * d/p/lp1849261/0001-core-when-we-can-t-enqueue-OnFailure-job-show-full-e.patch,
    d/p/lp1849261/0002-core-don-t-trigger-OnFailure-deps-when-a-unit-is-goi.patch:
    - Only trigger OnFailure= if Restart= is not in effect (LP: #1849261)
  * d/p/lp1671951-network-set-ipv6-mtu-after-link-up-or-device-mtu-cha.patch:
    - set ipv6 mtu at correct time (LP: #1671951)
  * d/p/lp1845909/0001-networkd-honour-LinkLocalAddressing.patch,
    d/p/lp1845909/0002-networkd-fix-link_up-12505.patch,
    d/p/lp1845909/0003-network-do-not-send-ipv6-token-to-kernel.patch,
    d/p/lp1845909/0004-network-rename-linux_configure_after_setting_mtu-to-linux.patch,
    d/p/lp1845909/0005-network-add-link-setting_genmode-flag.patch,
    d/p/lp1845909/0006-network-if-ipv6ll-is-disabled-enumerate-tentative-ipv6-ad.patch,
    d/p/lp1845909/0007-network-drop-foreign-config-after-addr_gen_mode-has-been-.patch,
    d/p/lp1845909/0008-network-drop-IPv6LL-address-when-LinkLocalAddressing.patch:
    - if LinkLocalAddressing=no prevent creation of ipv6ll (LP: #1845909)
  * d/p/lp1859862-network-Do-not-disable-IPv6-by-writing-to-sysctl.patch:
    - enable ipv6 when needed (LP: #1859862)
  * d/p/lp1836695-networkd-Add-back-static-routes-after-DHCPv4-lease-e.patch:
    - (re)add static routes after getting dhcp4 addr (LP: #1836695)
  * d/t/storage:
    - fix buggy test (LP: #1831459)
    - without scsi_debug, skip test (LP: #1847816)

 -- Dan Streetman <email address hidden> Thu, 06 Feb 2020 10:00:49 -0500
Source diff to previous version
1762391 pam_group.so is not evaluated by gnome-terminal
1860548 systemd crashes when logging long message
1833193 systemd-networkd fails to apply static IPv4 when the static IP is the same as previously configured by DHCP
1849261 Update systemd for ubuntu 18.04 with fix for interaction between OnFailure= and Restart=
1671951 networkd should allow configuring IPV6 MTU
1845909 [SRU] IPv6 link local address is assigned even when LinkLocalAddressing=no|ipv4
1859862 networkd doesn't re-enable ipv6 unless mtu is set
1836695 systemd fails to setup static routes at boot when using DHCP
1831459 'storage' test needs to wait for systemd-cryptsetup to be active before stopping it

Version: 237-3ubuntu10.38 2020-02-05 18:06:56 UTC

  systemd (237-3ubuntu10.38) bionic-security; urgency=medium

  * SECURITY UPDATE: local privilege escalation via DynamicUser
    - debian/patches/CVE-2019-384x-1.patch: introduce
      seccomp_restrict_suid_sgid() for blocking chmod() for suid/sgid files
      in src/shared/seccomp-util.c, src/shared/seccomp-util.h.
    - debian/patches/CVE-2019-384x-2.patch: add test case for
      restrict_suid_sgid() in src/test/test-seccomp.c.
    - debian/patches/CVE-2019-384x-3.patch: expose SUID/SGID restriction as
      new unit setting RestrictSUIDSGID= in src/core/dbus-execute.c,
      src/core/execute.c, src/core/execute.h,
      src/core/load-fragment-gperf.gperf.m4, src/shared/bus-unit-util.c.
    - debian/patches/CVE-2019-384x-4.patch: document the new
      RestrictSUIDSGID= setting in man/systemd.exec.xml.
    - debian/patches/CVE-2019-384x-5.patch: turn on RestrictSUIDSGID= in
      most of our long-running daemons in units/systemd-*.service.in.
    - debian/patches/CVE-2019-384x-6.patch: imply NNP and SUID/SGID
      restriction for DynamicUser=yes service in man/systemd.exec.xml,
      src/core/unit.c.
    - debian/patches/CVE-2019-384x-7.patch: fix compilation on arm64 in
      src/test/test-seccomp.c.
    - CVE-2019-3843
    - CVE-2019-3844
  * SECURITY UPDATE: memory leak in button_open
    - debian/patches/CVE-2019-20386.patch: fix event in
      src/login/logind-button.c.
    - CVE-2019-20386
  * SECURITY UPDATE: heap use-after-free with async polkit queries
    - debian/patches/CVE-2020-1712-1.patch: on async pk requests,
      re-validate action/details in src/shared/bus-util.c.
    - debian/patches/CVE-2020-1712-2.patch: introduce API for re-enqueuing
      incoming messages in src/libsystemd/libsystemd.sym,
      src/libsystemd/sd-bus/sd-bus.c, src/systemd/sd-bus.h.
    - debian/patches/CVE-2020-1712-3.patch: when authorizing via PK
      re-resolve callback/userdata instead of caching it in
      src/shared/bus-util.c.
    - debian/patches/CVE-2020-1712-4.patch: fix typo in function name in
      src/libsystemd/libsystemd.sym, src/libsystemd/sd-bus/sd-bus.c,
      src/systemd/sd-bus.h, src/shared/bus-util.c.
    - debian/libsystemd0.symbols: added new symbols.
    - CVE-2020-1712
  * This package does _not_ contain the changes from 237-3ubuntu10.34 in
    bionic-proposed.

 -- Marc Deslauriers <email address hidden> Tue, 04 Feb 2020 20:07:56 -0500
Source diff to previous version
CVE-2019-3843 It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient s
CVE-2019-3844 It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would al
CVE-2019-20386 An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may
CVE-2020-1712 heap use-after-free vulnerability

Version: 237-3ubuntu10.33 2019-11-26 19:07:33 UTC

  systemd (237-3ubuntu10.33) bionic; urgency=medium

  * d/p/lp1852754/0001-network-do-not-re-set-MTU-when-current-and-requested.patch,
    d/p/lp1852754/0002-network-call-link_acquire_conf-and-link_enter_join_n.patch,
    d/p/lp1852754/0003-network-prohibit-to-set-MTUBytes-and-UseMTU-simultan.patch:
    - Complete link setup after setting mtu (LP: #1852754)
Source diff to previous version
1852754 networkd does not complete interface configuration if Link MTUBytes is set

Version: 237-3ubuntu10.31 2019-10-10 04:07:10 UTC

  systemd (237-3ubuntu10.31) bionic; urgency=medium

  [ Dimitri John Ledkov ]
  * Add conflicts with upstart and systemd-shim. (LP: #1773859)
  * d/p/debian/UBUNTU-units-disable-journald-watchdog.patch
    - units: Disable journald Watchdog (LP: #1773148)
  * d/p/cryptsetup-add-support-for-sector-size-option-8881.patch
    - cryptsetup: add support for sector-size= option (LP: #1776626)
  * d/p/systemctl-correctly-proceed-to-immediate-shutdown-if-sche.patch
    - systemctl: correctly proceed to immediate shutdown if scheduling fails
      (LP: #1670291)
  * d/p/networkd-add-support-to-configure-IPv6-MTU-8664.patch
    - networkd: add support to set IPv6MTUBytes (LP: #1671951)

 -- Balint Reczey <email address hidden> Mon, 30 Sep 2019 17:23:17 +0200
Source diff to previous version
1773859 upgrades to 18.04 fail
1773148 /lib/systemd/systemd-journald:6:fsync:fsync_directory_of_file:journal_file_rotate:do_rotate:server_rotate
1776626 [18.10 FEAT] Support 4k sectors for fast clear key dm-crypt - crypttab part
1670291 Landscape: Upgrade 14.04.5 to 16.04.2 fails unable to reboot
1671951 networkd should allow configuring IPV6 MTU

Version: 237-3ubuntu10.29 2019-09-10 14:06:23 UTC
No changelog available yet.


About   -   Send Feedback to @ubuntu_updates