ubuntu/+source/systemd:ubuntu/xenial-devel

Last commit made on 2019-06-27
Get this branch:
git clone -b ubuntu/xenial-devel https://git.launchpad.net/ubuntu/+source/systemd
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/xenial-devel
Repository:
lp:ubuntu/+source/systemd

Recent commits

5013344... by Dan Streetman on 2019-04-24

Import patches-unapplied version 229-4ubuntu21.22 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 5f3bdd14a699874136e47a40a11a97b8bbdf6916

New changelog entries:
  [ Dan Streetman ]
  * d/t/systemd-fsckd, d/t/cmdline-upstart-boot:
    - skip on s390x; requires grub (LP: #1830477)
  * d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
    - prevent buffer overflow when reading keyring (LP: #1814373)
  [ Dimitri John Ledkov ]
  * Specify Ubuntu's Vcs-Git
  [ Balint Reczey ]
  * Append /snap/bin to default PATH.
    Snapd ships snapd-env-generator, but systemd does not not support
    environment generators. Hard-coding /snap/bin is less risky than
    backporting environment generator support and since snaps are considered
    to be first class packages on Ubuntu /snap/bin can safely added to
    the default PATH. (LP: #1771858)
  [ Ioanna Alifieraki ]
  * d/p/systemctl-Replace-check_one_unit-by-get_state_one_un.patch
    - Backport upstream PR#2768 needed for next patch
  * d/p/systemctl-load-unit-if-needed-in-systemctl-is-active.patch
    - Backport upstream PR#7997 to fix alias service reports inactive while
      aliased is active (LP: #1828892)

5f3bdd1... by Chris Coulson on 2019-03-29

Import patches-unapplied version 229-4ubuntu21.21 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 383721c2eb82cc811fece13266f5a8167e022441

New changelog entries:
  * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
    incorrect Policykit authorization
    - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
      getenv() in pam_systemd.c
    - CVE-2019-3842

383721c... by Michael Vogt on 2019-03-25

Import patches-unapplied version 229-4ubuntu21.19 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: f9563868e937e2417cafc3338d8020f07009c827

New changelog entries:
  [ Michael Vogt ]
  * d/p/fix-race-daemon-reload-11121.patch:
    - backport systemd upstream PR#8803 and PR#11121 to fix race
      when doing systemctl and systemctl daemon-reload at the
      same time LP: #1819728
  [ Balint Reczey ]
  * d/p/virt-detect-WSL-environment-as-a-container.patch:
    - virt: detect WSL environment as a container (LP: #1816753)

f956386... by Michael Vogt on 2019-03-13

Import patches-unapplied version 229-4ubuntu21.18 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 3a318b024df96498c00dcfa0a26f78be7472fabf

New changelog entries:
  * d/p/fix-race-daemon-reload-8803.patch:
    - backport systemd upstream PR#8803 to fix race when doing
      systemctl and systemctl daemon-reload at the same time
      LP: #1819728

3a318b0... by Dan Streetman on 2019-02-28

Import patches-unapplied version 229-4ubuntu21.17 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 8ab24848a3836b66bb6323fdf70f765496d6e4cb

New changelog entries:
  [ Victor Tapia ]
  * d/p/stop-mount-error-propagation.patch:
    keep mount errors local to the failing mount point instead of blocking
    the processing of all mounts (LP: #1755863)
  [ Eric Desrochers ]
  * d/p/fix-egde-case-when-processing-proc-self-mountinfo.patch:
    Mounting any file system to a mount point in a directory
    that is bind mounted to itself will create an inactive
    mount unit. (LP: #1795764)

8ab2484... by Chris Coulson on 2019-02-13

Import patches-unapplied version 229-4ubuntu21.16 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: ed73151cb69c4c430fe814edc39ce124ddb652fa

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted dbus message
    - debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
      dbus paths, and don't allocate them on the stack
    - debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
      sd-bus: if we receive an invalid dbus message, ignore and proceeed
    - CVE-2019-6454
  * Do not remove multiple spaces after identifier in syslog message
    - add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch

ed73151... by Chris Coulson on 2019-01-10

Import patches-unapplied version 229-4ubuntu21.15 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 538dcadebe30f5d456d8bcaf2ea0a31db0ee359e

New changelog entries:
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954.patch: don't resolve pathnames when traversing
      recursively through directory trees
    - debian/patches/CVE-2018-6954_2.patch: backport the remaining patches to
      resolve this completely
    - CVE-2018-6954
  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

538dcad... by Chris Coulson on 2018-11-27

Import patches-unapplied version 229-4ubuntu21.10 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: c754cf217e6a0d2a308db3f6c0220dd54ad2dac6

New changelog entries:
  [ Chris Coulson ]
  * Revert the fixes for CVE-2018-6954 for causing a regression when running
    in a container on old kernels (LP: #1804847)
    - update debian/patches/series
  [ Balint Reczey ]
  * Fix LP: #1803391 - Don't always trigger systemctl stop of udev service
    and sockets
    - update debian/udev.postinst

c754cf2... by Chris Coulson on 2018-11-15

Import patches-unapplied version 229-4ubuntu21.9 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 5c9c78a67560f59a1a6b3c58e239f608c77c1ec5

New changelog entries:
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954_2.patch: backport the remaining patches to
      resolve this completely
    - CVE-2018-6954

5c9c78a... by Chris Coulson on 2018-11-08

Import patches-unapplied version 229-4ubuntu21.8 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9718687b242583cad4123351d6c776d3ddcb50eb

New changelog entries:
  * SECURITY UPDATE: reexec state injection
    - debian/patches/CVE-2018-15686.patch: when deserializing state always use
      read_line(…, LONG_LINE_MAX, …) rather than fgets()
    - CVE-2018-15686
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954.patch: don't resolve pathnames when traversing
      recursively through directory trees
    - CVE-2018-6954