UbuntuUpdates.org

Package "systemd-sysv"

Name: systemd-sysv

Description:

system and service manager - SysV links

Latest version: 237-3ubuntu10.57
Release: bionic (18.04)
Level: security
Repository: main
Head package: systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links


Download "systemd-sysv"


Other versions of "systemd-sysv" in Bionic

Repository Area Version
base main 237-3ubuntu10
updates main 237-3ubuntu10.57

Changelog

Version: 237-3ubuntu10.38 2020-02-05 17:07:10 UTC

  systemd (237-3ubuntu10.38) bionic-security; urgency=medium

  * SECURITY UPDATE: local privilege escalation via DynamicUser
    - debian/patches/CVE-2019-384x-1.patch: introduce
      seccomp_restrict_suid_sgid() for blocking chmod() for suid/sgid files
      in src/shared/seccomp-util.c, src/shared/seccomp-util.h.
    - debian/patches/CVE-2019-384x-2.patch: add test case for
      restrict_suid_sgid() in src/test/test-seccomp.c.
    - debian/patches/CVE-2019-384x-3.patch: expose SUID/SGID restriction as
      new unit setting RestrictSUIDSGID= in src/core/dbus-execute.c,
      src/core/execute.c, src/core/execute.h,
      src/core/load-fragment-gperf.gperf.m4, src/shared/bus-unit-util.c.
    - debian/patches/CVE-2019-384x-4.patch: document the new
      RestrictSUIDSGID= setting in man/systemd.exec.xml.
    - debian/patches/CVE-2019-384x-5.patch: turn on RestrictSUIDSGID= in
      most of our long-running daemons in units/systemd-*.service.in.
    - debian/patches/CVE-2019-384x-6.patch: imply NNP and SUID/SGID
      restriction for DynamicUser=yes service in man/systemd.exec.xml,
      src/core/unit.c.
    - debian/patches/CVE-2019-384x-7.patch: fix compilation on arm64 in
      src/test/test-seccomp.c.
    - CVE-2019-3843
    - CVE-2019-3844
  * SECURITY UPDATE: memory leak in button_open
    - debian/patches/CVE-2019-20386.patch: fix event in
      src/login/logind-button.c.
    - CVE-2019-20386
  * SECURITY UPDATE: heap use-after-free with async polkit queries
    - debian/patches/CVE-2020-1712-1.patch: on async pk requests,
      re-validate action/details in src/shared/bus-util.c.
    - debian/patches/CVE-2020-1712-2.patch: introduce API for re-enqueuing
      incoming messages in src/libsystemd/libsystemd.sym,
      src/libsystemd/sd-bus/sd-bus.c, src/systemd/sd-bus.h.
    - debian/patches/CVE-2020-1712-3.patch: when authorizing via PK
      re-resolve callback/userdata instead of caching it in
      src/shared/bus-util.c.
    - debian/patches/CVE-2020-1712-4.patch: fix typo in function name in
      src/libsystemd/libsystemd.sym, src/libsystemd/sd-bus/sd-bus.c,
      src/systemd/sd-bus.h, src/shared/bus-util.c.
    - debian/libsystemd0.symbols: added new symbols.
    - CVE-2020-1712
  * This package does _not_ contain the changes from 237-3ubuntu10.34 in
    bionic-proposed.

 -- Marc Deslauriers <email address hidden> Tue, 04 Feb 2020 20:07:56 -0500

Source diff to previous version
CVE-2019-3843 It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient s
CVE-2019-3844 It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would al
CVE-2019-20386 An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may
CVE-2020-1712 heap use-after-free vulnerability

Version: 237-3ubuntu10.29 2019-09-10 14:06:19 UTC
No changelog available yet.
Source diff to previous version

Version: 237-3ubuntu10.28 2019-09-03 19:07:44 UTC

  systemd (237-3ubuntu10.28) bionic-security; urgency=medium

  * SECURITY UPDATE: Unprivileged users are granted access to privileged
    systemd-resolved D-Bus methods
    - d/p/0001-shared-but-util-drop-trusted-annotation-from-bus_ope.patch:
      drop trusted annotation from bus_open_system_watch_bind()
    - CVE-2019-15718

 -- Chris Coulson <email address hidden> Thu, 29 Aug 2019 23:30:33 +0100

Source diff to previous version
CVE-2019-15718 RESERVED

Version: 237-3ubuntu10.19 2019-04-08 12:07:08 UTC

  systemd (237-3ubuntu10.19) bionic-security; urgency=medium

  * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
    incorrect Policykit authorization
    - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
      getenv() in pam_systemd.c
    - CVE-2019-3842

 -- Chris Coulson <email address hidden> Fri, 29 Mar 2019 16:40:26 +0000

Source diff to previous version
CVE-2019-3842 RESERVED

Version: 237-3ubuntu10.13 2019-02-18 17:07:07 UTC

  systemd (237-3ubuntu10.13) bionic-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted dbus message
    - debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
      dbus paths, and don't allocate them on the stack
    - debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
      sd-bus: if we receive an invalid dbus message, ignore and proceeed
    - CVE-2019-6454

  * Do not remove multiple spaces after identifier in syslog message
    - add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch

 -- Chris Coulson <email address hidden> Wed, 13 Feb 2019 21:32:34 +0000

CVE-2019-6454 systemd (PID1) crash with specially crafted D-Bus message



About   -   Send Feedback to @ubuntu_updates