Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian....@packages.debian.org
Usertags: pu

Hi,

I'd like to make a stable upload for systemd, fixing 5 separate issues.
Two of them have a CVE.

The changelog is

systemd (232-25+deb9u10) stretch; urgency=medium

  * journald: fix assertion failure on journal_file_link_data (Closes: #916880)

https://salsa.debian.org/systemd-team/systemd/commit/67a3135d9c9b66b64544dd96a6741a86058ba7a8

  * tmpfiles: fix "e" to support shell style globs (Closes: #918400)

https://salsa.debian.org/systemd-team/systemd/commit/a1f9aa01624edc01bbbf50203fd35dd261d7480f

  * mount-util: accept that name_to_handle_at() might fail with EPERM.
    Container managers frequently block name_to_handle_at(), returning
    EACCES or EPERM when this is issued. Accept that, and simply fall back
    to fdinfo-based checks. (Closes: #917122)

https://salsa.debian.org/systemd-team/systemd/commit/169eb2b486b832ef88746e9d25c4b181cabac5c2

  * automount: ack automount requests even when already mounted.
    Fixes a race condition in systemd which could result in automount requests
    not being serviced and processes using them to hang, causing denial of
    service. (CVE-2018-1049)

https://salsa.debian.org/systemd-team/systemd/commit/2cae426a3e753f74ec8e829217dc9090abcfcf4d

  * core: when deserializing state always use read_line(…, LONG_LINE_MAX, …)
    Fixes improper serialization on upgrade which can influence systemd
    execution environment and lead to root privilege escalation.
    (CVE-2018-15686, Closes: #912005)

https://salsa.debian.org/systemd-team/systemd/commit/82a114295a4ef123925d02081255fe88bec4867c


The fix for CVE-2018-15686/#912005 is the most invasive one. I based it
partially on what was uploaded to old-stable by the debian-lts team.
With this patch applied, the demo exploit from [1] no longer causes
systemctl stop to hang.
That said, I would appreciate a second pair of eyes to look over the
patch.

As usual, KiBi is in CC as we build a udeb. Though the code changes
above should not affect udev.

Regards,
Michael


[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1687


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Reply via email to