UbuntuUpdates.org

Package "systemd-standalone-sysusers"

Name: systemd-standalone-sysusers

Description:

Standalone sysusers binary for use in non-systemd systems
Latest version: 249.11-0ubuntu3.21
Release: jammy (22.04)
Level: security
Repository: universe
Head package: systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "systemd-standalone-sysusers"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "systemd-standalone-sysusers" in Jammy

Repository Area Version
updates universe 249.11-0ubuntu3.21

Changelog

Version: 249.11-0ubuntu3.21 2026-06-08 16:07:46 UTC

  systemd (249.11-0ubuntu3.21) jammy-security; urgency=medium

  * SECURITY UPDATE: MITM via DNSSEC-signed domains with no signature
    - debian/patches/CVE-2023-7008.patch: resolved: actually check authenticated
      flag of SOA transaction in src/resolve/resolved-dns-transaction.c.
    - CVE-2023-7008
  * SECURITY UPDATE: escape-to-host via malformed optional config file
    - debian/patches/CVE-2026-40226-1.patch: nspawn: apply BindUser/Ephemeral
      from settings file only if trusted in src/nspawn/nspawn.c.
    - debian/patches/CVE-2026-40226-2.patch: nspawn: normalize pivot_root paths
      in src/nspawn/nspawn-mount.c.
    - CVE-2026-40226

 -- Marc Deslauriers <email address hidden> Fri, 05 Jun 2026 11:40:28 -0400
Source diff to previous version
CVE-2023-7008 A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have n
CVE-2026-40226 In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.

Version: 249.11-0ubuntu3.19 2026-03-24 02:08:01 UTC

  systemd (249.11-0ubuntu3.19) jammy-security; urgency=medium

  * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd
    - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full
    - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()
    - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently
  * SECURITY UPDATE: Local root execution via malicious hardware devices
    - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch
    - d/p/udev-fix-review-mixup.patch
    - No CVE number

 -- Nick Rosbrook <email address hidden> Fri, 13 Mar 2026 12:47:41 -0400
Source diff to previous version

Version: 249.11-0ubuntu3.16 2025-06-09 16:07:25 UTC

  systemd (249.11-0ubuntu3.16) jammy-security; urgency=medium

  * SECURITY UPDATE: race condition in systemd-coredump
    - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of
      _META_MANDATORY_MAX.
    - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core
      pattern.
    - debian/patches/CVE_2025_4598_3.patch: coredump: get rid of a bogus
      assertion.
    - CVE-2025-4598

 -- Octavio Galland <email address hidden> Wed, 04 Jun 2025 11:17:43 -0300
Source diff to previous version
CVE-2025-4598 A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to

Version: 249.11-0ubuntu3.7 2023-03-07 19:07:13 UTC

  systemd (249.11-0ubuntu3.7) jammy-security; urgency=medium

  * SECURITY UPDATE: buffer overrun vulnerability in format_timespan()
    - debian/patches/CVE-2022-3821.patch: time-util: fix buffer-over-run
    - CVE-2022-3821
  * SECURITY UPDATE: information leak vulnerability in systemd-coredump
    - debian/patches/CVE-2022-4415.patch: do not allow user to access
      coredumps with changed uid/gid/capabilities
    - CVE-2022-4415

 -- Nishit Majithia <email address hidden> Thu, 02 Mar 2023 18:28:02 +0530
CVE-2022-3821 An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time a
CVE-2022-4415 A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpab


About   -   Send Feedback to @ubuntu_updates