projects / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 0d1b517 7b5cd46)
systemd (240-6) unstable; urgency=high
authorMartin Pitt <mpitt@debian.org>
Mon, 18 Feb 2019 13:54:04 +0000 (13:54 +0000)
committerMartin Pitt <mpitt@debian.org>
Mon, 18 Feb 2019 13:54:04 +0000 (13:54 +0000)
commit17f657e900e02d175151287adcb78c2fc278203f
tree0575c17d7b6fe49b9c4b616f3111b3a264cf7db8tree | snapshot
parent0d1b5171c2fb93a44d3297b92b288b9d930ab844commit | diff
parent7b5cd46a0477a569cb7daba469025bc50224c9f9commit | diff
systemd (240-6) unstable; urgency=high

  * High urgency as this fixes a vulnerability.

  [ Felipe Sateler ]
  * Reenable pristine-tar in gbp.conf.
    The pristine-tar bug has been fixed, so we can use it again.
    This reverts commit 9fcfbbf6fea15eacfa3fad74240431c5f2c3300e.
  * d/watch: add version mangle to transform -rc to ~rc.
    Upstream has started releasing rcs, so let's account for that
  * Fix comment about why we disable hwclock.service.
    Systemd nowadays doesn't do it itself because the kernel does it on its
    own when necessary, and when not, it is not safe to save the hwclock (eg,
    there is no certainty the system clock
    is correct)
  * udev: Backport upstream preventing mass killings when not running under
    systemd (Closes: #918764)

  [ Dimitri John Ledkov ]
  * debian/tests/storage: improve cleanups.
    On fast ppc64el machines, cryptsetup start job may not complete by the
    time tearDown is executed. In that case stop, causes to simply cancel the
    start job without actually cleaning up the dmsetup node. This leads to
    failing subsequent test as it no longer starts with a clean device. Thus
    ensure the systemd-cryptsetup unit is started, before stopping it.
    Also rmmod scsi_debug module at the end, to allow re-running the test in a
    loop.
  * debian/tests/upstream: Mark TEST-13-NSPAWN-SMOKE as flakey.
  * debian/tests/control: add socat to upstream tests for pull #11591
  * Blacklist TEST-10-ISSUE-2467 #11706
  * debian/tests/storage: fix for LUKS2 and avoid interactive password
    prompts.

  [ Martin Pitt ]
  * udevadm: Fix segfault with subsystem-match containing '/'
    (Closes: #919206)
  * sd-bus: if we receive an invalid dbus message, ignore and proceed
  * sd-bus: enforce a size limit on D-Bus object paths.
    This avoids accessing/modifying memory outside of the allocated stack
    region by sending specially crafted D-Bus messages with very large object
    paths.
    Vulnerability discovered by Chris Coulson <chris.coulson@canonical.com>,
    patch provided by Riccardo Schirone <rschiron@redhat.com>.
    (CVE-2019-6454)

[dgit import unpatched systemd 240-6]
194 files changed:
debian/README.Debian | | blob
debian/README.source | | blob
debian/changelog | | blob
debian/compat | | blob
debian/control | | blob
debian/copyright | | blob
debian/extra/checkout-upstream | | blob
debian/extra/dhclient-exit-hooks.d/timesyncd | | blob
debian/extra/fbdev-blacklist.conf | | blob
debian/extra/init-functions.d/40-systemd | | blob
debian/extra/initramfs-tools/hooks/udev | | blob
debian/extra/initramfs-tools/scripts/init-bottom/udev | | blob
debian/extra/initramfs-tools/scripts/init-top/udev | | blob
debian/extra/kernel-install.d/85-initrd.install | | blob
debian/extra/make-fbdev-blacklist | | blob
debian/extra/make-sysusers-basic | | blob
debian/extra/pam-configs/systemd | | blob
debian/extra/pam.d/systemd-user | | blob
debian/extra/rules-ubuntu/40-vm-hotadd.rules | | blob
debian/extra/rules-ubuntu/61-persistent-storage-android.rules | | blob
debian/extra/rules-ubuntu/71-power-switch-proliant.rules | | blob
debian/extra/rules-ubuntu/78-graphics-card.rules | | blob
debian/extra/rules/50-firmware.rules | | blob
debian/extra/rules/73-special-net-names.rules | | blob
debian/extra/rules/73-usb-net-by-mac.rules | | blob
debian/extra/rules/80-debian-compat.rules | | blob
debian/extra/set-cpufreq | | blob
debian/extra/start-udev | | blob
debian/extra/systemd-sysv-install | | blob
debian/extra/systemd.py | | blob
debian/extra/tmpfiles.d/debian.conf | | blob
debian/extra/udev.py | | blob
debian/extra/units-ubuntu/ondemand.service | | blob
debian/extra/units-ubuntu/user@.service.d/timeout.conf | | blob
debian/extra/units/getty-static.service | | blob
debian/extra/units/rc-local.service.d/debian.conf | | blob
debian/extra/units/systemd-resolved.service.d/resolvconf.conf | | blob
debian/gbp.conf | | blob
debian/git-cherry-pick | | blob
debian/libnss-myhostname.install | | blob
debian/libnss-myhostname.lintian-overrides | | blob
debian/libnss-myhostname.postinst | | blob
debian/libnss-myhostname.postrm | | blob
debian/libnss-mymachines.install | | blob
debian/libnss-mymachines.lintian-overrides | | blob
debian/libnss-mymachines.postinst | | blob
debian/libnss-mymachines.postrm | | blob
debian/libnss-resolve.install | | blob
debian/libnss-resolve.lintian-overrides | | blob
debian/libnss-resolve.postinst | | blob
debian/libnss-resolve.postrm | | blob
debian/libnss-systemd.install | | blob
debian/libnss-systemd.lintian-overrides | | blob
debian/libnss-systemd.postinst | | blob
debian/libnss-systemd.postrm | | blob
debian/libpam-systemd.install | | blob
debian/libpam-systemd.postinst | | blob
debian/libpam-systemd.prerm | | blob
debian/libsystemd-dev.install | | blob
debian/libsystemd0.install | | blob
debian/libsystemd0.symbols | | blob
debian/libudev-dev.install | | blob
debian/libudev-dev.maintscript | | blob
debian/libudev1-udeb.install | | blob
debian/libudev1.install | | blob
debian/libudev1.symbols | | blob
debian/patches/Do-not-start-server-if-it-is-already-runnning-11245.patch | | blob
debian/patches/Docs-Add-Missing-Space-Between-Words.patch | | blob
debian/patches/Pass-separate-dev_t-var-to-device_path_parse_major_minor.patch | | blob
debian/patches/Revert-Always-rename-an-interface-to-its-name-specified-i.patch | | blob
debian/patches/Revert-logind-become-the-controlling-terminal-process-bef.patch | | blob
debian/patches/Revert-pam_systemd-drop-setting-DBUS_SESSION_BUS_ADDRESS.patch | | blob
debian/patches/Revert-sd-device-ignore-bind-unbind-events-for-now.patch | | blob
debian/patches/Revert-udevd-configure-a-child-process-name-for-worker-pr.patch | | blob
debian/patches/ask-password-api-do-not-call-ask_password_keyring-if-keyn.patch | | blob
debian/patches/basic-process-util-limit-command-line-lengths-to-_SC_ARG_.patch | | blob
debian/patches/core-free-lines-after-reading-them.patch | | blob
debian/patches/core-mount-make-mount_setup_existing_unit-not-drop-MOUNT_.patch | | blob
debian/patches/coredump-fix-message-when-we-fail-to-save-a-journald-core.patch | | blob
debian/patches/coredump-remove-duplicate-MESSAGE-prefix-from-message.patch | | blob
debian/patches/debian/Add-env-variable-for-machine-ID-path.patch | | blob
debian/patches/debian/Add-support-for-TuxOnIce-hibernation.patch | | blob
debian/patches/debian/Bring-tmpfiles.d-tmp.conf-in-line-with-Debian-defaul.patch | | blob
debian/patches/debian/Don-t-enable-audit-by-default.patch | | blob
debian/patches/debian/Drop-seccomp-system-call-filter-for-udev.patch | | blob
debian/patches/debian/Let-graphical-session-pre.target-be-manually-started.patch | | blob
debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch | | blob
debian/patches/debian/Only-start-logind-if-dbus-is-installed.patch | | blob
debian/patches/debian/Re-enable-journal-forwarding-to-syslog.patch | | blob
debian/patches/debian/Revert-core-enable-TasksMax-for-all-services-by-default-a.patch | | blob
debian/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch | | blob
debian/patches/debian/Revert-core-set-RLIMIT_CORE-to-unlimited-by-default.patch | | blob
debian/patches/debian/Revert-udev-network-device-renaming-immediately-give.patch | | blob
debian/patches/debian/Revert-udev-rules-Permission-changes-for-dev-dri-renderD.patch | | blob
debian/patches/debian/Skip-filesystem-check-if-already-done-by-the-initram.patch | | blob
debian/patches/debian/Use-Debian-specific-config-files.patch | | blob
debian/patches/debian/fsckd-daemon-for-inter-fsckd-communication.patch | | blob
debian/patches/httpd-use-a-cleanup-function-to-call-MHD_destroy_response.patch | | blob
debian/patches/journal-rely-on-_cleanup_free_-to-free-a-temporary-string.patch | | blob
debian/patches/journal-remote-set-a-limit-on-the-number-of-fields-in-a-m.patch | | blob
debian/patches/journal-remote-verify-entry-length-from-header.patch | | blob
debian/patches/journald-do-not-store-the-iovec-entry-for-process-command.patch | | blob
debian/patches/journald-lower-the-maximum-entry-size-limit-to-for-non-se.patch | | blob
debian/patches/journald-remove-unnecessary.patch | | blob
debian/patches/journald-set-a-limit-on-the-number-of-fields-1k.patch | | blob
debian/patches/journald-when-processing-a-native-message-bail-more-quick.patch | | blob
debian/patches/json-handle-NULL-explicitly-in-json_variant_has_type.patch | | blob
debian/patches/libudev-util-make-util_replace_whitespace-read-only-len-c.patch | | blob
debian/patches/logind-do-not-pass-negative-number-to-strerror.patch | | blob
debian/patches/man-update-color-of-journal-logs-in-DEBUG-level.patch | | blob
debian/patches/meson-stop-setting-fPIE-globally.patch | | blob
debian/patches/network-do-not-ignore-errors-on-link_request_set_neighbor.patch | | blob
debian/patches/network-rename-link_set_routing_policy_rule-to-link_reque.patch | | blob
debian/patches/network-set-_configured-flags-to-false-before-requesting-.patch | | blob
debian/patches/process-util-don-t-use-overly-large-buffer-to-store-proce.patch | | blob
debian/patches/sd-bus-enforce-a-size-limit-on-D-Bus-object-paths.patch | | blob
debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-and-p.patch | | blob
debian/patches/sd-device-fix-segfault-when-error-occurs-in-device_new_fr.patch | | blob
debian/patches/sd-device-monitor-fix-ordering-of-setting-buffer-size.patch | | blob
debian/patches/series | | blob
debian/patches/switch-root-fix-error-message.patch | | blob
debian/patches/test-add-test-for-sending-receiving-an-invalid-device.patch | | blob
debian/patches/test-json-check-absolute-and-relative-difference-in-float.patch | | blob
debian/patches/udev-check-whether-systemd-is-running-and-do-not-use-cg_k.patch | | blob
debian/patches/udev-event-do-not-read-stdout-or-stderr-if-the-pipefd-is-.patch | | blob
debian/patches/udev-node-make-link_find_prioritized-return-negative-valu.patch | | blob
debian/patches/udev-open-control-and-netlink-sockets-before-daemonizatio.patch | | blob
debian/patches/udev-rework-how-we-handle-the-return-value-from-spawned-p.patch | | blob
debian/patches/udevadm-fix-segfault.patch | | blob
debian/patches/udevadm-refuse-to-run-trigger-control-settle-and-monitor-.patch | | blob
debian/patches/udevd-drop-redundant-call-to-sd_event_get_exit_code.patch | | blob
debian/rules | | blob
debian/shlibs.local.in | | blob
debian/source/format | | blob
debian/systemd-container.install | | blob
debian/systemd-container.maintscript | | blob
debian/systemd-container.postinst | | blob
debian/systemd-container.postrm | | blob
debian/systemd-coredump.install | | blob
debian/systemd-coredump.postinst | | blob
debian/systemd-coredump.prerm | | blob
debian/systemd-journal-remote.install | | blob
debian/systemd-journal-remote.postinst | | blob
debian/systemd-sysv.install | | blob
debian/systemd-sysv.postinst | | blob
debian/systemd-tests.install | | blob
debian/systemd-tests.lintian-overrides | | blob
debian/systemd.NEWS | | blob
debian/systemd.bug-control | | blob
debian/systemd.bug-script | | blob
debian/systemd.dirs | | blob
debian/systemd.install | | blob
debian/systemd.links | | blob
debian/systemd.lintian-overrides | | blob
debian/systemd.maintscript | | blob
debian/systemd.postinst | | blob
debian/systemd.postrm | | blob
debian/systemd.prerm | | blob
debian/systemd.triggers | | blob
debian/tests/assert.sh | | blob
debian/tests/boot-and-services | | blob
debian/tests/boot-smoke | | blob
debian/tests/build-login | | blob
debian/tests/control | | blob
debian/tests/fsck | | blob
debian/tests/hostnamed | | blob
debian/tests/lidswitch.evemu | | blob
debian/tests/localed-locale | | blob
debian/tests/localed-x11-keymap | | blob
debian/tests/logind | | blob
debian/tests/process-killer | | blob
debian/tests/root-unittests | | blob
debian/tests/storage | | blob
debian/tests/systemd-fsckd | | blob
debian/tests/timedated | | blob
debian/tests/udev | | blob
debian/tests/unit-config | | blob
debian/tests/upstream | | blob
debian/udev-udeb.dirs | | blob
debian/udev-udeb.install | | blob
debian/udev.NEWS | | blob
debian/udev.README.Debian | | blob
debian/udev.bug-control | | blob
debian/udev.bug-script | | blob
debian/udev.init | | blob
debian/udev.install | | blob
debian/udev.links | | blob
debian/udev.maintscript | | blob
debian/udev.postinst | | blob
debian/udev.postrm | | blob
debian/udev.preinst | | blob
debian/udev.prerm | | blob
debian/udev.triggers | | blob
debian/watch | | blob
Unnamed repository; edit this file 'description' to name the repository.