~ddstreet/ubuntu/+source/systemd:lp1871787-b

Last commit made on 2020-05-14
Get this branch:
git clone -b lp1871787-b https://git.launchpad.net/~ddstreet/ubuntu/+source/systemd
Only Dan Streetman can upload to this branch. If you are Dan Streetman please log in for upload directions.

Branch merges

Branch information

Name:
lp1871787-b
Repository:
lp:~ddstreet/ubuntu/+source/systemd

Recent commits

90aeb1b... by Dan Streetman on 2020-04-24

update changelog

d35e1d4... by Dan Streetman on 2020-05-09

LP: #1529152

33b40cc... by Dan Streetman on 2020-05-08

LP: #1831787

9b0b986... by Dan Streetman on 2020-05-07

LP: #1876600

e664b60... by Dan Streetman on 2020-05-07

LP: #1873607

c4f0da7... by Dan Streetman on 2020-04-22

LP: #1867375

193053c... by Dan Streetman on 2020-04-20

Import patches-unapplied version 237-3ubuntu10.40 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 9d132111c1aac841261431c8d9f7fd5bda6438de

New changelog entries:
  * d/t/logind: skip if nonexistent /sys/power/state (LP: #1862657)
  * d/p/lp1839290-Change-job-mode-of-manager-triggered-restarts-to-JOB.patch:
    - when restarting service after failure, replace existing queued jobs
      (LP: #1839290)
  * d/p/lp1867421-70-mouse.hwdb-Set-DPI-for-MS-Classic-IntelliMouse.patch:
    - fix resolution of IntelliMouse (LP: #1867421)
  * d/p/lp1858412-journalctl-allow-running-vacuum-on-remote-journals-t.patch:
    - allow vacuuming journal 'root' dir (LP: #1858412)
  * d/p/lp1862232/0001-network-add-more-log-messages-in-configuring-DHCP4-c.patch,
    d/p/lp1862232/0002-network-add-more-log-messages-in-configuring-DHCP6-c.patch,
    d/p/lp1862232/0003-network-also-check-that-Hostname-is-a-valid-DNS-doma.patch,
    d/p/lp1862232/0004-network-use-free_and_replace.patch,
    d/p/lp1862232/0005-network-DHCP-ignore-error-in-setting-hostname-when-i.patch,
    d/p/lp1862232/0006-man-mention-that-Hostname-for-DHCP-must-be-a-valid-D.patch,
    d/p/lp1862232/0007-resolve-fix-error-handling-of-dns_name_is_valid.patch:
    - do not fail network setup if hostname is not valid (LP: #1862232)
  * d/t/systemd-fsckd: Skip test on arm64 (LP: #1870194)
  * d/p/lp1870589-seccomp-rework-how-the-S-UG-ID-filter-is-installed.patch:
    - fix test-seccomp failure (LP: #1870589)
  * d/rules: use meson --print-errorlogs instead of cat testlog
    - (LP: #1870811)
  * d/p/lp1776654-test-Synchronize-journal-before-reading-from-it.patch:
    - sync journal before reading from it (LP: #1776654)
  * d/p/lp1837914-journal-do-not-trigger-assertion-when-journal_file_c.patch:
    - do not crash if NULL passted to journal destructor (LP: #1837914)
  * d/e/initramfs-tools/hooks/udev:
    - Follow symlinks when finding link files to copy into initramfs
      (LP: #1868892)

9d13211... by Dan Streetman on 2020-02-06

Import patches-unapplied version 237-3ubuntu10.39 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 869f3912260152be11974c6824c43ced332cffce

New changelog entries:
  [ Dariusz Gadomski ]
  * d/p/lp1762391/0001-Call-getgroups-to-know-size-of-supplementary-groups-.patch,
    d/p/lp1762391/0002-user-util-tweak-to-in_gid.patch,
    d/p/lp1762391/0003-user-util-Add-helper-functions-for-gid-lists-operati.patch,
    d/p/lp1762391/0004-execute-Restore-call-to-pam_setcred.patch,
    d/p/lp1762391/0005-execute-Detect-groups-added-by-PAM-and-merge-them-wi.patch,
    d/p/lp1762391/0006-test-Add-tests-for-gid-list-ops.patch,
    d/p/lp1762391/0007-execute-add-const-to-array-parameters-where-possible.patch,
    d/p/lp1762391/0008-execute-allow-pam_setcred-to-fail-ignore-errors.patch:
    - Restore call to pam_setcred (LP: #1762391)
  [ Ioanna Alifieraki ]
  * d/p/lp1860548/0001-Revert-Replace-use-of-snprintf-with-xsprintf.patch,
    d/p/lp1860548/0002-job-truncate-unit-description.patch:
    - use snprintf instead of xsprintf (LP: #1860548)
  [ Dan Streetman ]
  * d/p/lp1833193-network-update-address-when-static-address-was-alrea.patch:
    - Update lft when static addr was cfg by dhcp (LP: #1833193)
  * d/p/lp1849261/0001-core-when-we-can-t-enqueue-OnFailure-job-show-full-e.patch,
    d/p/lp1849261/0002-core-don-t-trigger-OnFailure-deps-when-a-unit-is-goi.patch:
    - Only trigger OnFailure= if Restart= is not in effect (LP: #1849261)
  * d/p/lp1671951-network-set-ipv6-mtu-after-link-up-or-device-mtu-cha.patch:
    - set ipv6 mtu at correct time (LP: #1671951)
  * d/p/lp1845909/0001-networkd-honour-LinkLocalAddressing.patch,
    d/p/lp1845909/0002-networkd-fix-link_up-12505.patch,
    d/p/lp1845909/0003-network-do-not-send-ipv6-token-to-kernel.patch,
    d/p/lp1845909/0004-network-rename-linux_configure_after_setting_mtu-to-linux.patch,
    d/p/lp1845909/0005-network-add-link-setting_genmode-flag.patch,
    d/p/lp1845909/0006-network-if-ipv6ll-is-disabled-enumerate-tentative-ipv6-ad.patch,
    d/p/lp1845909/0007-network-drop-foreign-config-after-addr_gen_mode-has-been-.patch,
    d/p/lp1845909/0008-network-drop-IPv6LL-address-when-LinkLocalAddressing.patch:
    - if LinkLocalAddressing=no prevent creation of ipv6ll (LP: #1845909)
  * d/p/lp1859862-network-Do-not-disable-IPv6-by-writing-to-sysctl.patch:
    - enable ipv6 when needed (LP: #1859862)
  * d/p/lp1836695-networkd-Add-back-static-routes-after-DHCPv4-lease-e.patch:
    - (re)add static routes after getting dhcp4 addr (LP: #1836695)
  * d/t/storage:
    - fix buggy test (LP: #1831459)
    - without scsi_debug, skip test (LP: #1847816)

869f391... by Marc Deslauriers on 2020-02-04

Import patches-unapplied version 237-3ubuntu10.38 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 785cac75569b3b5bb5c2b5064ac8b5691b863f85

New changelog entries:
  * SECURITY UPDATE: local privilege escalation via DynamicUser
    - debian/patches/CVE-2019-384x-1.patch: introduce
      seccomp_restrict_suid_sgid() for blocking chmod() for suid/sgid files
      in src/shared/seccomp-util.c, src/shared/seccomp-util.h.
    - debian/patches/CVE-2019-384x-2.patch: add test case for
      restrict_suid_sgid() in src/test/test-seccomp.c.
    - debian/patches/CVE-2019-384x-3.patch: expose SUID/SGID restriction as
      new unit setting RestrictSUIDSGID= in src/core/dbus-execute.c,
      src/core/execute.c, src/core/execute.h,
      src/core/load-fragment-gperf.gperf.m4, src/shared/bus-unit-util.c.
    - debian/patches/CVE-2019-384x-4.patch: document the new
      RestrictSUIDSGID= setting in man/systemd.exec.xml.
    - debian/patches/CVE-2019-384x-5.patch: turn on RestrictSUIDSGID= in
      most of our long-running daemons in units/systemd-*.service.in.
    - debian/patches/CVE-2019-384x-6.patch: imply NNP and SUID/SGID
      restriction for DynamicUser=yes service in man/systemd.exec.xml,
      src/core/unit.c.
    - debian/patches/CVE-2019-384x-7.patch: fix compilation on arm64 in
      src/test/test-seccomp.c.
    - CVE-2019-3843
    - CVE-2019-3844
  * SECURITY UPDATE: memory leak in button_open
    - debian/patches/CVE-2019-20386.patch: fix event in
      src/login/logind-button.c.
    - CVE-2019-20386
  * SECURITY UPDATE: heap use-after-free with async polkit queries
    - debian/patches/CVE-2020-1712-1.patch: on async pk requests,
      re-validate action/details in src/shared/bus-util.c.
    - debian/patches/CVE-2020-1712-2.patch: introduce API for re-enqueuing
      incoming messages in src/libsystemd/libsystemd.sym,
      src/libsystemd/sd-bus/sd-bus.c, src/systemd/sd-bus.h.
    - debian/patches/CVE-2020-1712-3.patch: when authorizing via PK
      re-resolve callback/userdata instead of caching it in
      src/shared/bus-util.c.
    - debian/patches/CVE-2020-1712-4.patch: fix typo in function name in
      src/libsystemd/libsystemd.sym, src/libsystemd/sd-bus/sd-bus.c,
      src/systemd/sd-bus.h, src/shared/bus-util.c.
    - debian/libsystemd0.symbols: added new symbols.
    - CVE-2020-1712
  * This package does _not_ contain the changes from 237-3ubuntu10.34 in
    bionic-proposed.

785cac7... by Dan Streetman on 2019-11-15

Import patches-unapplied version 237-3ubuntu10.33 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: c7f151f14afc1eaa31d5a25114404201df8b51e3

New changelog entries:
  * d/p/lp1852754/0001-network-do-not-re-set-MTU-when-current-and-requested.patch,
    d/p/lp1852754/0002-network-call-link_acquire_conf-and-link_enter_join_n.patch,
    d/p/lp1852754/0003-network-prohibit-to-set-MTUBytes-and-UseMTU-simultan.patch:
    - Complete link setup after setting mtu (LP: #1852754)