Accepted systemd 240-6 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 18 Feb 2019 13:54:04 +0000
Source: systemd
Architecture: source
Version: 240-6
Distribution: unstable
Urgency: high
Maintainer: Debian systemd Maintainers <pkg-systemd-maintainers@lists.alioth.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Closes: 918764 919206
Changes:
systemd (240-6) unstable; urgency=high
.
* High urgency as this fixes a vulnerability.
.
[ Felipe Sateler ]
* Reenable pristine-tar in gbp.conf.
The pristine-tar bug has been fixed, so we can use it again.
This reverts commit 9fcfbbf6fea15eacfa3fad74240431c5f2c3300e.
* d/watch: add version mangle to transform -rc to ~rc.
Upstream has started releasing rcs, so let's account for that
* Fix comment about why we disable hwclock.service.
Systemd nowadays doesn't do it itself because the kernel does it on its
own when necessary, and when not, it is not safe to save the hwclock (eg,
there is no certainty the system clock
is correct)
* udev: Backport upstream preventing mass killings when not running under
systemd (Closes: #918764)
.
[ Dimitri John Ledkov ]
* debian/tests/storage: improve cleanups.
On fast ppc64el machines, cryptsetup start job may not complete by the
time tearDown is executed. In that case stop, causes to simply cancel the
start job without actually cleaning up the dmsetup node. This leads to
failing subsequent test as it no longer starts with a clean device. Thus
ensure the systemd-cryptsetup unit is started, before stopping it.
Also rmmod scsi_debug module at the end, to allow re-running the test in a
loop.
* debian/tests/upstream: Mark TEST-13-NSPAWN-SMOKE as flakey.
* debian/tests/control: add socat to upstream tests for pull #11591
* Blacklist TEST-10-ISSUE-2467 #11706
* debian/tests/storage: fix for LUKS2 and avoid interactive password
prompts.
.
[ Martin Pitt ]
* udevadm: Fix segfault with subsystem-match containing '/'
(Closes: #919206)
* sd-bus: if we receive an invalid dbus message, ignore and proceed
* sd-bus: enforce a size limit on D-Bus object paths.
This avoids accessing/modifying memory outside of the allocated stack
region by sending specially crafted D-Bus messages with very large object
paths.
Vulnerability discovered by Chris Coulson <chris.coulson@canonical.com>,
patch provided by Riccardo Schirone <rschiron@redhat.com>.
(CVE-2019-6454)
Checksums-Sha1:
86c0b21f84eb8490004410bcf9708c2255c59231 4905 systemd_240-6.dsc
ddab7c658e15040d8c554d0baa947f1b7c64a607 168956 systemd_240-6.debian.tar.xz
8ed31274aeeec9e2fe6f91b1aeaed9597c5ef68a 5769 systemd_240-6_source.buildinfo
Checksums-Sha256:
f4d2ef03d999b654cc2a9798a7b675f016d9990bd4f68cde99e39a45396dce86 4905 systemd_240-6.dsc
459efe149e0c5d222b21031b22304ff2cb28b0f86a46b925c6f8de1b9ceb0823 168956 systemd_240-6.debian.tar.xz
573532f2b6e866bd59567e856e9e53ec088f18f9647a599bce01f43969b1dd43 5769 systemd_240-6_source.buildinfo
Files:
a9d6e1ff7c61d8ba7544fbc8597bd71b 4905 admin optional systemd_240-6.dsc
97857fc608cfcc095336d08e940eff29 168956 admin optional systemd_240-6.debian.tar.xz
8f8eee60185e885f249c26a55517f338 5769 admin optional systemd_240-6_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEExkOAo1eT0DvBz+1oxrkYDUvYt64FAlxqvIYACgkQxrkYDUvY
t64Ypw/9HbOuBjnKCV4vRsS1tWD29dvXWl3kUFiHac44sLKHg7OamVk4qgCnYrTj
8JG7JsrrqV5wUl6xDmFdoDSCnuCnx6i+65fxMDoUdeaIzhM0zykF4DWwF4M6/gvk
GF/clNO48suxzmSOaI6J4+YBxLx9Nbknl9RMItEZmVxibN5RDfyJgSneOzS4oZ/l
4a5aNQ7cjcTWd7PIIqFnw41dBmgODafeOy5JxEaZejwXc1zUPXLFY2kmdgZAdXvE
unrZK6p4nzwiJ6OjoLqYPAtXmbtNW0gtNroKPCffePjNv/Gd9x/IAZZ6N/HR6sBp
mZCvz16wecWKBrb4z5r56+bivDf04c+SHTPovjVOmvo+WZQV0dN6cAoPoYH6J57e
Q7jcSdt8RuzBZ05Clz9eqZQZlyh7LRi361i6y4mzUzvivzvZznRxspxug1mMhOZB
lNCjis6layGRHf/f6vnmwHpiXXOuScz00XrWGTcktCfLSyP8/dLnHLXLT8sUn9Ss
dlW8Yfz1ll8EgzlXcKGt52N2RWiqRl0JGMegRjI7lj5sl88Z55lAxhIX2CNDZjGt
InoTKxmE0XuybJOxLqUKNeRFM0yHv8OvNdjbOD5AnNfMTwW66ttBSf3MI4S01/6a
bMmXFm4O2GUiE0KrqNNfE2FGf1xllBQtE82kOX+W7ZtWj6IyQKQ=
=WYri
-----END PGP SIGNATURE-----