summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Martin Pitt [Sun, 17 Feb 2019 09:17:45 +0000 (10:17 +0100)]
sd-bus: enforce a size limit on D-Bus object paths
Replace stack with heap allocation. This avoids accessing/modifying
memory outside of the allocated stack region by sending specially
crafted D-Bus messages with very large object paths.
Vulnerability discovered by Chris Coulson <chris.coulson@canonical.com>,
patch provided by Riccardo Schirone <rschiron@redhat.com>.
CVE-2019-6454
Gbp-Pq: Name sd-bus-enforce-a-size-limit-on-D-Bus-object-paths.patch
Michael Biebl [Thu, 18 Jul 2019 17:38:23 +0000 (18:38 +0100)]
systemd (241-7) unstable; urgency=medium
[ Michael Biebl ]
* network: Fix failure to bring up interface with Linux kernel 5.2.
Backport two patches from systemd master in order to fix a bug with 5.2
kernels where the network interface fails to come up with the following
error: "enp3s0: Could not bring up interface: Invalid argument"
(Closes: #931636)
* Use /usr/sbin/nologin as nologin shell.
In Debian the nologin shell is installed in /usr/sbin, not /sbin.
(Closes: #931850)
[ Mert Dirik ]
* 40-systemd: Don't fail if SysV init script uses set -u and $1 is unset
(Closes: #931719)
[dgit import unpatched systemd 241-7]
Michael Biebl [Thu, 18 Jul 2019 17:38:23 +0000 (18:38 +0100)]
Import systemd_241-7.debian.tar.xz
[dgit import tarball systemd 241-7 systemd_241-7.debian.tar.xz]
Felipe Sateler [Thu, 21 Feb 2019 23:10:15 +0000 (23:10 +0000)]
Import systemd_241.orig.tar.gz
[dgit import orig systemd_241.orig.tar.gz]
projects / systemd.git / log