Package: systemd Version: 256.4-2 Severity: grave Tags: security Justification: user security hole X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
The /etc/sysctl.conf file is no longer read, while I have security settings there. I suspect that the cause is * Drop /etc/sysctl.d/99-sysctl.conf symlink procps no longer ships /etc/sysctl.conf (Closes: #1076190) which is wrong! cventin:~> dpkg -S /etc/sysctl.conf procps: /etc/sysctl.conf with procps 2:4.0.4-5. Perhaps procps no longer ships /etc/sysctl.conf *by default*, but existing installations still have it (a machine I installed in January still has this file). -- Package-specific info: -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.9.10-amd64 (SMP w/12 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages systemd depends on: ii libacl1 2.3.2-2 ii libapparmor1 3.1.7-1+b1 ii libaudit1 1:3.1.2-4+b1 ii libblkid1 2.40.2-1 ii libc6 2.39-6 ii libcap2 1:2.66-5 ii libmount1 2.40.2-1 ii libpam0g 1.5.3-7 ii libseccomp2 2.5.5-1+b1 ii libselinux1 3.5-2+b3 ii libssl3t64 3.2.2-1 ii libsystemd-shared 256.4-2 ii libsystemd0 256.4-2 ii mount 2.40.2-1 Versions of packages systemd recommends: ii dbus [default-dbus-system-bus] 1.14.10-4+b1 ii libzstd1 1.5.6+dfsg-1 ii linux-sysctl-defaults 4.10.1 ii systemd-cryptsetup 256.4-2 ii systemd-timesyncd [time-daemon] 256.4-2 Versions of packages systemd suggests: ii libcryptsetup12 2:2.7.2-2 ii libgcrypt20 1.11.0-2 ii libidn2-0 2.3.7-2 ii liblz4-1 1.9.4-3 ii liblzma5 5.6.2-2 pn libtss2-rc0t64 <none> pn libtss2-tcti-device0 <none> ii polkitd 124-3 pn systemd-boot <none> pn systemd-container <none> pn systemd-homed <none> pn systemd-repart <none> pn systemd-resolved <none> pn systemd-userdbd <none> Versions of packages systemd is related to: ii dbus-user-session 1.14.10-4+b1 pn dracut <none> ii initramfs-tools 0.142 ii libnss-systemd 256.4-2 ii libpam-systemd 256.4-2 ii udev 256.4-2 -- no debconf information -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)