UbuntuUpdates.org

Package "systemd-coredump"

Name: systemd-coredump

Description:

tools for storing and retrieving coredumps

Latest version: 239-7ubuntu10.10
Release: cosmic (18.10)
Level: updates
Repository: universe
Head package: systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links

Save this URL for the latest version of "systemd-coredump": https://www.ubuntuupdates.org/systemd-coredump


Download "systemd-coredump"


Other versions of "systemd-coredump" in Cosmic

Repository Area Version
base universe 239-7ubuntu10
security universe 239-7ubuntu10.8

Changelog

Version: 239-7ubuntu10.10 2019-03-11 20:06:59 UTC

  systemd (239-7ubuntu10.10) cosmic; urgency=medium

  [ Victor Tapia ]
  * d/p/stop-mount-error-propagation.patch:
    keep mount errors local to the failing mount point instead of
    blocking the processing of all mounts (LP: #1755863)

 -- Dan Streetman <email address hidden> Thu, 28 Feb 2019 14:29:48 -0500

Source diff to previous version
1755863 netbooting the bionic live CD over NFS goes straight to maintenance mode :

Version: 239-7ubuntu10.8 2019-02-18 17:07:13 UTC

  systemd (239-7ubuntu10.8) cosmic-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted dbus message
    - debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
      dbus paths, and don't allocate them on the stack
    - debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
      sd-bus: if we receive an invalid dbus message, ignore and proceeed
    - CVE-2019-6454

  * Do not remove multiple spaces after identifier in syslog message
    - add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch

 -- Chris Coulson <email address hidden> Tue, 12 Feb 2019 00:41:18 +0000

Source diff to previous version
CVE-2019-6454 systemd (PID1) crash with specially crafted D-Bus message

Version: 239-7ubuntu10.7 2019-02-06 00:06:53 UTC

  systemd (239-7ubuntu10.7) cosmic; urgency=medium

  * d/p/resolve-enable-EDNS0-towards-the-127.0.0.53-stub-res.patch
    getaddrinfo() failures when fallback to dns tcp queries, so enable
    edns0 in resolv.conf (LP: #1811471)

  [ Victor Tapia ]
  * d/p/resolved-Increase-size-of-TCP-stub-replies.patch
    dns failures with edns0 disabled and truncated response (LP: #1804487)

 -- Dan Streetman <email address hidden> Tue, 29 Jan 2019 14:19:39 -0500

Source diff to previous version
1811471 local resolver stub fails to handle multiple TCP dns queries
1804487 systemd-resolved has issues when the answer is over 512 bytes with EDNS disabled

Version: 239-7ubuntu10.6 2019-01-11 04:10:09 UTC

  systemd (239-7ubuntu10.6) cosmic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden> Wed, 09 Jan 2019 14:37:15 +0000

Source diff to previous version
1804603 systemd-tmpfiles-setup.service fails on btrfs
1804864 autopkgtest regression TEST-22-TMPFILES are not executable
CVE-2018-16864 memory corruption
CVE-2018-16865 memory corruption
CVE-2018-16866 information leak, out-of-bounds read

Version: 239-7ubuntu10.4 2018-11-19 18:07:27 UTC

  systemd (239-7ubuntu10.4) cosmic-security; urgency=medium

  [ Chris Coulson ]
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954_2.patch: backport the remaining patches to
      resolve this completely
    - CVE-2018-6954

  [ Balint Reczey ]
  * Fix LP: #1803391 - Skip daemon-reexec and try-restarts during shutdown
    - update debian/systemd.postinst

 -- Chris Coulson <email address hidden> Thu, 15 Nov 2018 20:42:32 +0000

1803391 Systemd update installation hangs in unattended-upgrades InstallOnShutdown mode
CVE-2018-6954 systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of



About   -   Send Feedback to @ubuntu_updates