New changelog entries:
* d/t/logind: skip if nonexistent /sys/power/state (LP: #1862657)
* d/p/lp1839290-Change-job-mode-of-manager-triggered-restarts-to-JOB.patch:
- when restarting service after failure, replace existing queued jobs
(LP: #1839290)
* d/t/storage:
- fix buggy test (LP: #1831459)
- without scsi_debug, skip test (LP: #1847816)
* d/p/lp1867421-70-mouse.hwdb-Set-DPI-for-MS-Classic-IntelliMouse.patch:
- fix resolution of IntelliMouse (LP: #1867421)
* d/p/lp1858412-journalctl-allow-running-vacuum-on-remote-journals-t.patch:
- allow vacuuming journal 'root' dir (LP: #1858412)
* d/p/lp1862232-network-DHCP-ignore-error-in-setting-hostname-when-i.patch:
- do not let invalid hostname break dhcpv4 (LP: #1862232)
* d/t/systemd-fsckd: Skip test on arm64 (LP: #1870194)
* d/p/lp1837914-journal-do-not-trigger-assertion-when-journal_file_c.patch:
- do not crash if NULL passted to journal destructor (LP: #1837914)
* d/e/initramfs-tools/hooks/udev:
- Follow symlinks when finding link files to copy into initramfs
(LP: #1868892)
New changelog entries:
* SECURITY UPDATE: incorrect PIDFile verification
- debian/patches/CVE-2018-16888.patch: be stricter when handling PID
files and MAINPID sd_notify() messages in man/systemd.service.xml,
src/core/manager.c, src/core/service.c, src/core/unit.h,
test/TEST-20-MAINPIDGAMES/Makefile,
test/TEST-20-MAINPIDGAMES/test.sh,
test/TEST-20-MAINPIDGAMES/testsuite.sh, test/test-functions.
- debian/patches/CVE-2018-16888-2.patch: relax PID file symlink chain
checks a bit in src/core/service.c.
- CVE-2018-16888
* SECURITY UPDATE: memory leak in button_open
- debian/patches/CVE-2019-20386.patch: fix event in
src/login/logind-button.c.
- CVE-2019-20386
* SECURITY UPDATE: heap use-after-free with async polkit queries
- debian/patches/CVE-2020-1712-1.patch: on async pk requests,
re-validate action/details in src/shared/bus-util.c.
- debian/patches/CVE-2020-1712-2.patch: introduce API for re-enqueuing
incoming messages in src/libsystemd/libsystemd.sym,
src/libsystemd/sd-bus/sd-bus.c, src/systemd/sd-bus.h.
- debian/patches/CVE-2020-1712-3.patch: when authorizing via PK
re-resolve callback/userdata instead of caching it in
src/shared/bus-util.c.
- debian/patches/CVE-2020-1712-4.patch: fix typo in function name in
src/libsystemd/libsystemd.sym, src/libsystemd/sd-bus/sd-bus.c,
src/systemd/sd-bus.h, src/shared/bus-util.c.
- debian/libsystemd0.symbols: added new symbols.
- CVE-2020-1712
New changelog entries:
[ Dan Streetman ]
* d/t/systemd-fsckd, d/t/cmdline-upstart-boot:
- skip on s390x; requires grub (LP: #1830477)
* d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
- prevent buffer overflow when reading keyring (LP: #1814373)
[ Dimitri John Ledkov ]
* Specify Ubuntu's Vcs-Git
[ Balint Reczey ]
* Append /snap/bin to default PATH.
Snapd ships snapd-env-generator, but systemd does not not support
environment generators. Hard-coding /snap/bin is less risky than
backporting environment generator support and since snaps are considered
to be first class packages on Ubuntu /snap/bin can safely added to
the default PATH. (LP: #1771858)
[ Ioanna Alifieraki ]
* d/p/systemctl-Replace-check_one_unit-by-get_state_one_un.patch
- Backport upstream PR#2768 needed for next patch
* d/p/systemctl-load-unit-if-needed-in-systemctl-is-active.patch
- Backport upstream PR#7997 to fix alias service reports inactive while
aliased is active (LP: #1828892)
New changelog entries:
* SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
incorrect Policykit authorization
- debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
getenv() in pam_systemd.c
- CVE-2019-3842
New changelog entries:
[ Michael Vogt ]
* d/p/fix-race-daemon-reload-11121.patch:
- backport systemd upstream PR#8803 and PR#11121 to fix race
when doing systemctl and systemctl daemon-reload at the
same time LP: #1819728
[ Balint Reczey ]
* d/p/virt-detect-WSL-environment-as-a-container.patch:
- virt: detect WSL environment as a container (LP: #1816753)
New changelog entries:
* d/p/fix-race-daemon-reload-8803.patch:
- backport systemd upstream PR#8803 to fix race when doing
systemctl and systemctl daemon-reload at the same time
LP: #1819728
New changelog entries:
[ Victor Tapia ]
* d/p/stop-mount-error-propagation.patch:
keep mount errors local to the failing mount point instead of blocking
the processing of all mounts (LP: #1755863)
[ Eric Desrochers ]
* d/p/fix-egde-case-when-processing-proc-self-mountinfo.patch:
Mounting any file system to a mount point in a directory
that is bind mounted to itself will create an inactive
mount unit. (LP: #1795764)