UbuntuUpdates.org

Package "libnss-resolve"

Name: libnss-resolve

Description:

nss module to resolve names via systemd-resolved

Latest version: 242-7ubuntu3.11
Release: eoan (19.10)
Level: security
Repository: universe
Head package: systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links


Download "libnss-resolve"


Other versions of "libnss-resolve" in Eoan

Repository Area Version
base universe 242-7ubuntu3
updates universe 242-7ubuntu3.11

Changelog

Version: 242-7ubuntu3.11 2020-06-29 13:07:10 UTC

  systemd (242-7ubuntu3.11) eoan; urgency=medium

  * fix arm64 ftbfs with libseccomp 2.4.3 (LP: #1876055)
    - d/p/fix-arm64-ftbfs-after-seccomp-upgrade.patch: backport from upstream

Source diff to previous version
1876055 SRU: Backport 2.4.3-1ubuntu3 from groovy to focal/eoan/bionic/xenial for newer syscalls for core20 base and test suite robustness

Version: 242-7ubuntu3.6 2020-02-05 17:07:14 UTC

  systemd (242-7ubuntu3.6) eoan-security; urgency=medium

  * SECURITY UPDATE: memory leak in button_open
    - debian/patches/CVE-2019-20386.patch: fix event in
      src/login/logind-button.c.
    - CVE-2019-20386
  * SECURITY UPDATE: heap use-after-free with async polkit queries
    - debian/patches/CVE-2020-1712-1.patch: on async pk requests,
      re-validate action/details in src/shared/bus-util.c.
    - debian/patches/CVE-2020-1712-2.patch: introduce API for re-enqueuing
      incoming messages in src/libsystemd/libsystemd.sym,
      src/libsystemd/sd-bus/sd-bus.c, src/systemd/sd-bus.h.
    - debian/patches/CVE-2020-1712-3.patch: when authorizing via PK
      re-resolve callback/userdata instead of caching it in
      src/shared/bus-util.c.
    - debian/patches/CVE-2020-1712-4.patch: fix typo in function name in
      src/libsystemd/libsystemd.sym, src/libsystemd/sd-bus/sd-bus.c,
      src/systemd/sd-bus.h, src/shared/bus-util.c.
    - debian/libsystemd0.symbols: added new symbols.
    - CVE-2020-1712
  * This package does _not_ contain the changes from 242-7ubuntu3.3 in
    eoan-proposed.

 -- Marc Deslauriers <email address hidden> Tue, 04 Feb 2020 20:04:45 -0500

CVE-2019-20386 An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may
CVE-2020-1712 heap use-after-free vulnerability



About   -   Send Feedback to @ubuntu_updates