Format: 1.8 Date: Tue, 04 Feb 2020 20:07:56 -0500 Source: systemd Binary: systemd systemd-sysv systemd-container systemd-journal-remote systemd-coredump systemd-tests libpam-systemd libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd libsystemd0 libsystemd-dev udev libudev1 libudev-dev udev-udeb libudev1-udeb Architecture: ppc64el ppc64el_translations Version: 237-3ubuntu10.38 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libnss-myhostname - nss module providing fallback resolution for the current hostname libnss-mymachines - nss module to resolve hostnames for local container instances libnss-resolve - nss module to resolve names via systemd-resolved libnss-systemd - nss module providing dynamic user and group name resolution libpam-systemd - system and service manager - PAM module libsystemd-dev - systemd utility library - development files libsystemd0 - systemd utility library libudev-dev - libudev development files libudev1 - libudev shared library libudev1-udeb - libudev shared library (udeb) systemd - system and service manager systemd-container - systemd container/nspawn tools systemd-coredump - tools for storing and retrieving coredumps systemd-journal-remote - tools for sending and receiving remote journal logs systemd-sysv - system and service manager - SysV links systemd-tests - tests for systemd udev - /dev/ and hotplug management daemon udev-udeb - /dev/ and hotplug management daemon (udeb) Changes: systemd (237-3ubuntu10.38) bionic-security; urgency=medium . * SECURITY UPDATE: local privilege escalation via DynamicUser - debian/patches/CVE-2019-384x-1.patch: introduce seccomp_restrict_suid_sgid() for blocking chmod() for suid/sgid files in src/shared/seccomp-util.c, src/shared/seccomp-util.h. - debian/patches/CVE-2019-384x-2.patch: add test case for restrict_suid_sgid() in src/test/test-seccomp.c. - debian/patches/CVE-2019-384x-3.patch: expose SUID/SGID restriction as new unit setting RestrictSUIDSGID= in src/core/dbus-execute.c, src/core/execute.c, src/core/execute.h, src/core/load-fragment-gperf.gperf.m4, src/shared/bus-unit-util.c. - debian/patches/CVE-2019-384x-4.patch: document the new RestrictSUIDSGID= setting in man/systemd.exec.xml. - debian/patches/CVE-2019-384x-5.patch: turn on RestrictSUIDSGID= in most of our long-running daemons in units/systemd-*.service.in. - debian/patches/CVE-2019-384x-6.patch: imply NNP and SUID/SGID restriction for DynamicUser=yes service in man/systemd.exec.xml, src/core/unit.c. - debian/patches/CVE-2019-384x-7.patch: fix compilation on arm64 in src/test/test-seccomp.c. - CVE-2019-3843 - CVE-2019-3844 * SECURITY UPDATE: memory leak in button_open - debian/patches/CVE-2019-20386.patch: fix event in src/login/logind-button.c. - CVE-2019-20386 * SECURITY UPDATE: heap use-after-free with async polkit queries - debian/patches/CVE-2020-1712-1.patch: on async pk requests, re-validate action/details in src/shared/bus-util.c. - debian/patches/CVE-2020-1712-2.patch: introduce API for re-enqueuing incoming messages in src/libsystemd/libsystemd.sym, src/libsystemd/sd-bus/sd-bus.c, src/systemd/sd-bus.h. - debian/patches/CVE-2020-1712-3.patch: when authorizing via PK re-resolve callback/userdata instead of caching it in src/shared/bus-util.c. - debian/patches/CVE-2020-1712-4.patch: fix typo in function name in src/libsystemd/libsystemd.sym, src/libsystemd/sd-bus/sd-bus.c, src/systemd/sd-bus.h, src/shared/bus-util.c. - debian/libsystemd0.symbols: added new symbols. - CVE-2020-1712 * This package does _not_ contain the changes from 237-3ubuntu10.34 in bionic-proposed. Checksums-Sha1: 4e8c90f535e24a39b17fadc1aaddcb695595f05d 89844 libnss-myhostname-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 645290436130e9b7dd69f69540f893219effc2dd 37100 libnss-myhostname_237-3ubuntu10.38_ppc64el.deb 06c40da59eea0d12b5c13e9e3337199e5c3c437d 385208 libnss-mymachines-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 314e37cb52afa19476df8bb2c8e46a978b4f5b3f 118964 libnss-mymachines_237-3ubuntu10.38_ppc64el.deb 726f859f39a5b47e4db3521c3a9645de529eb010 388732 libnss-resolve-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 82a410d1466182632aa5d336ad661b78f955857e 118396 libnss-resolve_237-3ubuntu10.38_ppc64el.deb 86f57c726accb73583785b7c5d134c7af69ec5ec 379848 libnss-systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 92b37bade8874ac1c5bbf6df27bc47143d20e933 116840 libnss-systemd_237-3ubuntu10.38_ppc64el.deb ccf1489b5f758fadfc2c8e83cd7f0f2a71fdd744 382020 libpam-systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 61bda0d2e46f97c38365be8d4dc971b51648bba3 119840 libpam-systemd_237-3ubuntu10.38_ppc64el.deb 92b81839fc4e239ce063df30745eb903b706cd0e 183776 libsystemd-dev_237-3ubuntu10.38_ppc64el.deb 5a9a48fc662df7c22350a395746cab3e991e37c0 731584 libsystemd0-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 61b826bd86e97ef3c3c221a50816e296bab83107 224144 libsystemd0_237-3ubuntu10.38_ppc64el.deb 2d61439d24dd914cbfdaf6936183808cb6784d29 19076 libudev-dev_237-3ubuntu10.38_ppc64el.deb 601b24488239855d659492e288344768dba64ed6 186696 libudev1-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 97a77a317bd67390e0c36afe78790d42e6d1c5e2 54000 libudev1-udeb_237-3ubuntu10.38_ppc64el.udeb 754f15e32565cd9321fd2ac7913dbdf6838984d6 61420 libudev1_237-3ubuntu10.38_ppc64el.deb e558e88d668f25d777a2f8d23d78c897428c0fd9 497144 systemd-container-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 4dd8ab6e65b165cb60d0bf687b7a89abe64e485b 214740 systemd-container_237-3ubuntu10.38_ppc64el.deb 95ab86914d07d9fb0037392938ea617c85df5956 75372 systemd-coredump-dbgsym_237-3ubuntu10.38_ppc64el.ddeb a3a6cc51f1a300783ca130fe2232660af8d322f7 41012 systemd-coredump_237-3ubuntu10.38_ppc64el.deb 5042aeb877b99c755b7a26eae874e73b9f5df351 9580308 systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 9a97b696bf12cf92c3c1febf60259e11f31c8768 116484 systemd-journal-remote-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 61e37b1462bd5e60bbf4bf57a52ad74459390d13 55244 systemd-journal-remote_237-3ubuntu10.38_ppc64el.deb 3e34ea7b680e66077949f1735eb27217a7c3f24a 13080 systemd-sysv_237-3ubuntu10.38_ppc64el.deb 1fabbcabd6923df427b996f0db373faa7d80d284 23558424 systemd-tests-dbgsym_237-3ubuntu10.38_ppc64el.ddeb c3ea316714fe7fc375b251588747e89bd546e09f 4335728 systemd-tests_237-3ubuntu10.38_ppc64el.deb 853ea13c53ecb068a7aedea6fe8eca27757c0ee8 19485 systemd_237-3ubuntu10.38_ppc64el.buildinfo 91cdaf63bcb258ce9df8e049ba791dd28ca4f21e 3112608 systemd_237-3ubuntu10.38_ppc64el.deb 8ff412cc2b93601450f442c1287140bfa44bfea5 135126 systemd_237-3ubuntu10.38_ppc64el_translations.tar.gz 9be5a74e4fd2ee8f4cb35c32828495ea1809770c 1714028 udev-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 581e0df28f000d50e4fe604cdcbec67c10c044c3 351548 udev-udeb_237-3ubuntu10.38_ppc64el.udeb da422893099b0dedbfd646dbe7f545f88a220da7 1152840 udev_237-3ubuntu10.38_ppc64el.deb Checksums-Sha256: 53eb3b368645cba353b2fd96a1b3e53784b2b10fcd9a5277ddde0059ef65b339 89844 libnss-myhostname-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 2c2a910ddfdfdaa679341bd2a163f51a5c98742984a7d45625ca1ff954fdcc6d 37100 libnss-myhostname_237-3ubuntu10.38_ppc64el.deb 1370e47e73ecc2bb206f52ae7dac85219642e76fcb75ac23fc3567bb0107bd94 385208 libnss-mymachines-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 270b7a4d92f4442867fa24bc11b76ffa76c2005c89023a0a65d9f03e638a25d4 118964 libnss-mymachines_237-3ubuntu10.38_ppc64el.deb 389f9b71183c92589b35ce04711d72cc87e99e3ad51d5aa600f141fa82a2fe0b 388732 libnss-resolve-dbgsym_237-3ubuntu10.38_ppc64el.ddeb eed9cd2f15d92edb3ee4f0ecd57e18cf46ba81d0ab0d744ddf6cd74be54fe0b9 118396 libnss-resolve_237-3ubuntu10.38_ppc64el.deb 59dd29851413898e092e157332ee108ab30daf26a0dd01e0b638ada38c634a15 379848 libnss-systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 8dc66f20d1eece071c9a41134c8930fbb2efcc739929410b3e9d5a34b54e3e20 116840 libnss-systemd_237-3ubuntu10.38_ppc64el.deb 8755fc784d5651a704662bd852f16260e841246de5cfe8edcf8f4f8e016f266b 382020 libpam-systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb b3df6d4e233baca396c8dfde6538559aeacdd0dece5951cf367a8b468226616b 119840 libpam-systemd_237-3ubuntu10.38_ppc64el.deb 4c25f09e463349ebd36ac9c3cab69349fe06c7e55a84b95afe3dcd0d046029b1 183776 libsystemd-dev_237-3ubuntu10.38_ppc64el.deb cf9c35cecb90092c865ebb1847cd543fa31ac4f6123dd85f263700252c27c1cd 731584 libsystemd0-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 76d6aace5dbdbe106b6ceab19f80216da30a5cbfaf17bc5f53aaa56e0b5398b0 224144 libsystemd0_237-3ubuntu10.38_ppc64el.deb 761027365bb81cc5de06bd27b7ece0ecfa89a6d7573af3e94608847881b51f5c 19076 libudev-dev_237-3ubuntu10.38_ppc64el.deb 608142c6a308ce00f4702586e7860be03e9fe7aa954a571ebfc148d61f6fb157 186696 libudev1-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 790ffdd68c910841d01f61a3cf9aea02da31ca9326236bf9edcd850798dd91d9 54000 libudev1-udeb_237-3ubuntu10.38_ppc64el.udeb b25e3a93a251b1c11fa40392bfd95adba76bc22e957a9e91055dfd9979638ebd 61420 libudev1_237-3ubuntu10.38_ppc64el.deb 109781365ddf8e81d772813fa323cd54c53e89be73399bc22182af3b5675795f 497144 systemd-container-dbgsym_237-3ubuntu10.38_ppc64el.ddeb ed9eca4e5a8adf62ffa1657076d836c23d4ff8212209ba1698eedcec329410fa 214740 systemd-container_237-3ubuntu10.38_ppc64el.deb b21ae0a646ce35a43ecb6044ac28c5c4fdf7030a2b2f2b45490e85fd1a0a096a 75372 systemd-coredump-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 571bdb6b4ee2b883f54c6443a3aaaa6a933855e6a38908de9675a9386a75b613 41012 systemd-coredump_237-3ubuntu10.38_ppc64el.deb 619188e10ec31c56f7f60ebf4d3901759d4aac67c36152089039e9edd40627c6 9580308 systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb f800bc3fec7c0985a74452c333454d439f5a142693a831439ee78a18fdec94be 116484 systemd-journal-remote-dbgsym_237-3ubuntu10.38_ppc64el.ddeb b499a10df95007768f4cf4f8c5aa955a696bd40db1f17e019772e64f604dfa2a 55244 systemd-journal-remote_237-3ubuntu10.38_ppc64el.deb 417c86329dd5f2369d798cca648971dfb7c6088b25e62d5fab9ecd6de488e005 13080 systemd-sysv_237-3ubuntu10.38_ppc64el.deb 8234e1726fdb689ce9d45387928838a2bc31531a434cca66cf8159ffccf4e06c 23558424 systemd-tests-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 37e19388d761863583fe065620338feaeecb35d65d28af643eed35e07c32ed8b 4335728 systemd-tests_237-3ubuntu10.38_ppc64el.deb 2f4bdc22346a70608e0c622981179df2299cdbf56a79eaebd8e7fdffb9ce2d50 19485 systemd_237-3ubuntu10.38_ppc64el.buildinfo b6b267f902e681ed5f2acdb415c4b63b08edba7a18b03eb2bd85ff44586acf3c 3112608 systemd_237-3ubuntu10.38_ppc64el.deb f03319b2ec81857b8aa51a4869306f22450bb67c6b83c3837caad16a8ba98cf4 135126 systemd_237-3ubuntu10.38_ppc64el_translations.tar.gz f55f07fcab238ed3b0588b991ac72166890ea3f3c36dce25532e80686a38678e 1714028 udev-dbgsym_237-3ubuntu10.38_ppc64el.ddeb fe0f896276a649ce506eef47b6f6f6ff6df1d5dab6e0b7db76da11a738620264 351548 udev-udeb_237-3ubuntu10.38_ppc64el.udeb e7a5984fa9f32be581f4ce4b35fe266d85ae6c6038d33a827813412a4a6217e0 1152840 udev_237-3ubuntu10.38_ppc64el.deb Files: 6d95efd83790c262d9a4c7e084fa5984 89844 debug optional libnss-myhostname-dbgsym_237-3ubuntu10.38_ppc64el.ddeb d6ed3c7bb55a93616131a40465d74f2c 37100 admin optional libnss-myhostname_237-3ubuntu10.38_ppc64el.deb ef8f321a0aa4ece2d1a7a1350eda6403 385208 debug optional libnss-mymachines-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 7c5c23f9bde1e7b6f82da5088271549d 118964 admin optional libnss-mymachines_237-3ubuntu10.38_ppc64el.deb 1e25ef3f9ff4b3a9ad81bb52a337aee6 388732 debug optional libnss-resolve-dbgsym_237-3ubuntu10.38_ppc64el.ddeb f136fd6d8795141b860a7d69cbb465b4 118396 admin optional libnss-resolve_237-3ubuntu10.38_ppc64el.deb a5051ee6b08dc30f62093ffbbd98ca25 379848 debug optional libnss-systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 17b436b7a3bcd5b093ff2d87453179e3 116840 admin optional libnss-systemd_237-3ubuntu10.38_ppc64el.deb 142a08633aa3e4d7c12cabc03cc2a1f1 382020 debug optional libpam-systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 2893e2018643c86d27bac115d10d5bf9 119840 admin standard libpam-systemd_237-3ubuntu10.38_ppc64el.deb e9f4228507b9a3cf4ed7eecfb982fc60 183776 libdevel optional libsystemd-dev_237-3ubuntu10.38_ppc64el.deb 7ef13b3a443e60f67012ebd9a5375bd6 731584 debug optional libsystemd0-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 01a07b1eddfd6fc0aa0d72fa1d514b4d 224144 libs optional libsystemd0_237-3ubuntu10.38_ppc64el.deb a96614d3e1d8d9c80c5c853de17254fc 19076 libdevel optional libudev-dev_237-3ubuntu10.38_ppc64el.deb 5e9194347eb69cd7bd66549ae42a11b8 186696 debug optional libudev1-dbgsym_237-3ubuntu10.38_ppc64el.ddeb a13c47c9e4230ad798a8459a6d288af6 54000 debian-installer optional libudev1-udeb_237-3ubuntu10.38_ppc64el.udeb 1e9cde38b62271b0dda749b472be832b 61420 libs optional libudev1_237-3ubuntu10.38_ppc64el.deb 8e0b3c12b01e6934c7be778248ed62c8 497144 debug optional systemd-container-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 9c704277117e3680142ae7ba250c0cc2 214740 admin optional systemd-container_237-3ubuntu10.38_ppc64el.deb 5f82f6a033f313985b9e458e6afde13c 75372 debug optional systemd-coredump-dbgsym_237-3ubuntu10.38_ppc64el.ddeb bba1d5d6a8bd12ff6ec14a30687fa6a3 41012 admin optional systemd-coredump_237-3ubuntu10.38_ppc64el.deb 37ea8c807cc3c4598ed71e1707a82b2a 9580308 debug optional systemd-dbgsym_237-3ubuntu10.38_ppc64el.ddeb f444d7ad3312b6b74e55d3a42c6e1875 116484 debug optional systemd-journal-remote-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 4087d6da45af0ffee706e0b155f9b236 55244 admin optional systemd-journal-remote_237-3ubuntu10.38_ppc64el.deb 567dea607a445577efe2ce027980a63c 13080 admin important systemd-sysv_237-3ubuntu10.38_ppc64el.deb fcb7eb0ab24a186c2b412e04ac7dc8fa 23558424 debug optional systemd-tests-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 22fe861b0f6ca93bd1484fa9a43983d7 4335728 admin optional systemd-tests_237-3ubuntu10.38_ppc64el.deb 58b05630653d748d016b5bf82c295dc5 19485 admin optional systemd_237-3ubuntu10.38_ppc64el.buildinfo dcf8c7bfb1f006ede459c0099c3c0096 3112608 admin important systemd_237-3ubuntu10.38_ppc64el.deb 68e4ee17cbd488eb7793e5e35164e33c 135126 raw-translations - systemd_237-3ubuntu10.38_ppc64el_translations.tar.gz ef75068571aed7819eca2d3f1973272a 1714028 debug optional udev-dbgsym_237-3ubuntu10.38_ppc64el.ddeb 19037b3fb96294dc2a257d3b720d7b68 351548 debian-installer optional udev-udeb_237-3ubuntu10.38_ppc64el.udeb d82edd67b588ca701fe55f7af1b7cae1 1152840 admin important udev_237-3ubuntu10.38_ppc64el.deb Original-Maintainer: Debian systemd Maintainers