Re: Bug#956216: buster-pu: package systemd/241-7~deb10u3

2020-05-03 Thread Cyril Brulebois 
Adam D. Barratt  (2020-04-27):
> On Mon, 2020-04-27 at 19:17 +0200, Michael Biebl wrote:
> > Am 25.04.20 um 21:41 schrieb Adam D. Barratt:
> > > On Wed, 2020-04-08 at 16:11 +0200, Michael Biebl wrote:
> > > I'd be OK with that, but this will need a KiBi-ack, so CCing and
> > > tagging accordingly.
> > 
> > After talking to KiBi on IRC, we decided to include the fix for
> > #958397
> > as well. I kept the changes minimal and only included 60-rules in
> > udev-udeb and the initramfs.
> > 
> For the record, I'm OK with that from the SRM side.

Tests look good, thanks.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Re: Bug#956216: buster-pu: package systemd/241-7~deb10u3

2020-05-01 Thread Adam D. Barratt 
On Mon, 2020-04-27 at 22:41 +0100, Adam D. Barratt wrote:
> On Mon, 2020-04-27 at 19:17 +0200, Michael Biebl wrote:
> > Am 25.04.20 um 21:41 schrieb Adam D. Barratt:
> > > On Wed, 2020-04-08 at 16:11 +0200, Michael Biebl wrote:
> > > I'd be OK with that, but this will need a KiBi-ack, so CCing and
> > > tagging accordingly.
> > 
> > After talking to KiBi on IRC, we decided to include the fix for
> > #958397
> > as well. I kept the changes minimal and only included 60-rules in
> > udev-udeb and the initramfs.
> > 
> For the record, I'm OK with that from the SRM side.

As we're coming up towards the processing window close for 10.4, it
might be worth uploading so the package is available in stable-new for
KiBi's reviews and testing.

Regards,

Adam

Re: Bug#956216: buster-pu: package systemd/241-7~deb10u3

2020-04-27 Thread Adam D. Barratt 
On Mon, 2020-04-27 at 19:17 +0200, Michael Biebl wrote:
> Am 25.04.20 um 21:41 schrieb Adam D. Barratt:
> > On Wed, 2020-04-08 at 16:11 +0200, Michael Biebl wrote:
> > I'd be OK with that, but this will need a KiBi-ack, so CCing and
> > tagging accordingly.
> 
> After talking to KiBi on IRC, we decided to include the fix for
> #958397
> as well. I kept the changes minimal and only included 60-rules in
> udev-udeb and the initramfs.
> 
For the record, I'm OK with that from the SRM side.

Regards,

Adam

Re: Bug#956216: buster-pu: package systemd/241-7~deb10u3

2020-04-27 Thread Michael Biebl 
Am 25.04.20 um 21:41 schrieb Adam D. Barratt:
> On Wed, 2020-04-08 at 16:11 +0200, Michael Biebl wrote:
> I'd be OK with that, but this will need a KiBi-ack, so CCing and
> tagging accordingly.

After talking to KiBi on IRC, we decided to include the fix for #958397
as well. I kept the changes minimal and only included 60-rules in
udev-udeb and the initramfs.

We might consider a different, opt-out approach for udev-rules in the
future as suggested by Steve [1] and Marco [2]. But that's probably too
invasive for a stable upload.

Updated debdiff is attached. The changes to the previous debdiff can be
found at
https://salsa.debian.org/systemd-team/systemd/-/commit/4b7f1d2b1763574cfc9ef43e728045518d440c1a


Regards,
Michael

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958397#12
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958397#22
diff --git a/debian/changelog b/debian/changelog
index 1d263f7..14ef57f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+systemd (241-7~deb10u4) buster; urgency=medium
+
+  * polkit: when authorizing via PolicyKit re-resolve callback/userdata
+instead of caching it.
+This fixes a heap use-after-free vulnerability in systemd, when
+asynchronous PolicyKit queries are performed while handling DBus messages.
+CVE-2020-1712 (Closes: #950732)
+  * Install 60-block.rules in udev-udeb and initramfs-tools.
+The block device rules were split out from 60-persistent-storage.rules
+into its own rules file in v220. Those rules ensure that change events
+are emitted and the udev db is updated after metadata changes.
+Thanks to Pascal Hambourg (Closes: #958397)
+
+ -- Michael Biebl   Mon, 27 Apr 2020 19:02:57 +0200
+
 systemd (241-7~deb10u3) buster; urgency=medium
 
   * core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX.
diff --git a/debian/extra/initramfs-tools/hooks/udev 
b/debian/extra/initramfs-tools/hooks/udev
index 6305d09..bbbd351 100755
--- a/debian/extra/initramfs-tools/hooks/udev
+++ b/debian/extra/initramfs-tools/hooks/udev
@@ -28,7 +28,8 @@ if [ -d /etc/systemd/network ]; then
 fi
 
 mkdir -p "$DESTDIR/lib/udev/rules.d/"
-for rules in 50-firmware.rules 50-udev-default.rules 
60-persistent-storage.rules \
+for rules in 50-firmware.rules 50-udev-default.rules \
+60-block.rules 60-persistent-storage.rules \
 61-persistent-storage-android.rules 71-seat.rules 
73-special-net-names.rules \
 73-usb-net-by-mac.rules 75-net-description.rules \
 80-net-setup-link.rules 80-drivers.rules; do
diff --git a/debian/patches/Fix-typo-in-function-name.patch 
b/debian/patches/Fix-typo-in-function-name.patch
new file mode 100644
index 000..4f3c521
--- /dev/null
+++ b/debian/patches/Fix-typo-in-function-name.patch
@@ -0,0 +1,77 @@
+From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= 
+Date: Tue, 4 Feb 2020 18:39:04 +0100
+Subject: Fix typo in function name
+
+(cherry picked from commit bc130b6858327b382b07b3985cf48e2aa9016b2d)
+(cherry picked from commit b4eb8848240c3540180e4768216a0b884a5ed783)
+(cherry picked from commit f14fa558ae9e139c94ee3af4a1ef1df313b2ff66)
+(cherry picked from commit dd8aa0871d9cafa60a916d4ec01dd82d64edf7ed)
+---
+ TODO| 2 +-
+ src/libsystemd/sd-bus/bus-message.h | 2 +-
+ src/libsystemd/sd-bus/sd-bus.c  | 8 
+ src/shared/bus-polkit.c | 2 +-
+ 4 files changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/TODO b/TODO
+index 462db57..327fead 100644
+--- a/TODO
 b/TODO
+@@ -138,7 +138,7 @@ Features:
+ 
+ * the a-posteriori stopping of units bound to units that disappeared logic
+   should be reworked: there should be a queue of units, and we should only
+-  enqeue stop jobs from a defer event that processes queue instead of
++  enqueue stop jobs from a defer event that processes queue instead of
+   right-away when we find a unit that is bound to one that doesn't exist
+   anymore. (similar to how the stop-unneeded queue has been reworked the same
+   way)
+diff --git a/src/libsystemd/sd-bus/bus-message.h 
b/src/libsystemd/sd-bus/bus-message.h
+index 7fd3f11..849d638 100644
+--- a/src/libsystemd/sd-bus/bus-message.h
 b/src/libsystemd/sd-bus/bus-message.h
+@@ -211,4 +211,4 @@ int bus_message_remarshal(sd_bus *bus, sd_bus_message **m);
+ 
+ void bus_message_set_sender_driver(sd_bus *bus, sd_bus_message *m);
+ void bus_message_set_sender_local(sd_bus *bus, sd_bus_message *m);
+-int sd_bus_enqeue_for_read(sd_bus *bus, sd_bus_message *m);
++int sd_bus_enqueue_for_read(sd_bus *bus, sd_bus_message *m);
+diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
+index 94380af..c20adcf 100644
+--- a/src/libsystemd/sd-bus/sd-bus.c
 b/src/libsystemd/sd-bus/sd-bus.c
+@@ -4145,7 +4145,7 @@ _public_ int sd_bus_get_close_on_exit(sd_bus *bus) {
+ return bus->close_on_exit;
+ }
+ 
+-int sd_bus_enqeue_for_read(sd_bus *bus, sd_bus_message *m) {
++int sd_bus_enqueue_for_read(sd_bus *bus, sd

Re: Bug#956216: buster-pu: package systemd/241-7~deb10u3

2020-04-25 Thread Adam D. Barratt 
Control: tags -1 + confirmed d-i

On Wed, 2020-04-08 at 16:11 +0200, Michael Biebl wrote:
> I'd like to make a stable/buster upload for systemd fixing CVE-2020-
> 1712
> https://security-tracker.debian.org/tracker/CVE-2020-1712
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950732
> 
> After talking to the security team (namely Salvatore), we decided to
> fix this issue via a stable upload.
> 
> The debdiff is a bit on the larger side, unfortunately.
> Salvatore made a smaller backport avoiding some of the refactorings
> that were done upstream
> https://salsa.debian.org/systemd-team/systemd/-/merge_requests/69
> 
> I decided to go with the backport provided by upstream that was done
> for the v241-stable branch mainly for two reasons:
> - It makes potential future cherry-picks easier
> - Doing our own backport has the potential to introduce Debian
> specific bugs
> 

I'd be OK with that, but this will need a KiBi-ack, so CCing and
tagging accordingly.

Regards,

Adam

Bug#956216: buster-pu: package systemd/241-7~deb10u3

2020-04-08 Thread Michael Biebl 
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu

Hi,

I'd like to make a stable/buster upload for systemd fixing CVE-2020-1712
https://security-tracker.debian.org/tracker/CVE-2020-1712
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950732

After talking to the security team (namely Salvatore), we decided to fix
this issue via a stable upload.

The debdiff is a bit on the larger side, unfortunately.
Salvatore made a smaller backport avoiding some of the refactorings
that were done upstream
https://salsa.debian.org/systemd-team/systemd/-/merge_requests/69

I decided to go with the backport provided by upstream that was done for
the v241-stable branch mainly for two reasons:
- It makes potential future cherry-picks easier
- Doing our own backport has the potential to introduce Debian specific
  bugs

That said, if you prefer the more minimal backport from Salvatore,
please let me know and I'll redo the upload accordingly.

The changes are available at
https://salsa.debian.org/systemd-team/systemd/-/commits/debian/buster-proposed/

The debdiff is attached.

udev should not be affected (I've CCed kibi for his review/ACK)

Regards,
Michael


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff --git a/debian/changelog b/debian/changelog
index 1d263f7..f8b017d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+systemd (241-7~deb10u4) buster; urgency=medium
+
+  * polkit: when authorizing via PolicyKit re-resolve callback/userdata
+instead of caching it.
+This fixes a heap use-after-free vulnerability in systemd, when
+asynchronous PolicyKit queries are performed while handling DBus messages.
+(CVE-2020-1712, Closes: #950732)
+
+ -- Michael Biebl   Wed, 08 Apr 2020 15:58:24 +0200
+
 systemd (241-7~deb10u3) buster; urgency=medium
 
   * core: set fs.file-max sysctl to LONG_MAX rather than ULONG_MAX.
diff --git a/debian/patches/Fix-typo-in-function-name.patch 
b/debian/patches/Fix-typo-in-function-name.patch
new file mode 100644
index 000..4f3c521
--- /dev/null
+++ b/debian/patches/Fix-typo-in-function-name.patch
@@ -0,0 +1,77 @@
+From: =?utf-8?q?Zbigniew_J=C4=99drzejewski-Szmek?= 
+Date: Tue, 4 Feb 2020 18:39:04 +0100
+Subject: Fix typo in function name
+
+(cherry picked from commit bc130b6858327b382b07b3985cf48e2aa9016b2d)
+(cherry picked from commit b4eb8848240c3540180e4768216a0b884a5ed783)
+(cherry picked from commit f14fa558ae9e139c94ee3af4a1ef1df313b2ff66)
+(cherry picked from commit dd8aa0871d9cafa60a916d4ec01dd82d64edf7ed)
+---
+ TODO| 2 +-
+ src/libsystemd/sd-bus/bus-message.h | 2 +-
+ src/libsystemd/sd-bus/sd-bus.c  | 8 
+ src/shared/bus-polkit.c | 2 +-
+ 4 files changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/TODO b/TODO
+index 462db57..327fead 100644
+--- a/TODO
 b/TODO
+@@ -138,7 +138,7 @@ Features:
+ 
+ * the a-posteriori stopping of units bound to units that disappeared logic
+   should be reworked: there should be a queue of units, and we should only
+-  enqeue stop jobs from a defer event that processes queue instead of
++  enqueue stop jobs from a defer event that processes queue instead of
+   right-away when we find a unit that is bound to one that doesn't exist
+   anymore. (similar to how the stop-unneeded queue has been reworked the same
+   way)
+diff --git a/src/libsystemd/sd-bus/bus-message.h 
b/src/libsystemd/sd-bus/bus-message.h
+index 7fd3f11..849d638 100644
+--- a/src/libsystemd/sd-bus/bus-message.h
 b/src/libsystemd/sd-bus/bus-message.h
+@@ -211,4 +211,4 @@ int bus_message_remarshal(sd_bus *bus, sd_bus_message **m);
+ 
+ void bus_message_set_sender_driver(sd_bus *bus, sd_bus_message *m);
+ void bus_message_set_sender_local(sd_bus *bus, sd_bus_message *m);
+-int sd_bus_enqeue_for_read(sd_bus *bus, sd_bus_message *m);
++int sd_bus_enqueue_for_read(sd_bus *bus, sd_bus_message *m);
+diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
+index 94380af..c20adcf 100644
+--- a/src/libsystemd/sd-bus/sd-bus.c
 b/src/libsystemd/sd-bus/sd-bus.c
+@@ -4145,7 +4145,7 @@ _public_ int sd_bus_get_close_on_exit(sd_bus *bus) {
+ return bus->close_on_exit;
+ }
+ 
+-int sd_bus_enqeue_for_read(sd_bus *bus, sd_bus_message *m) {
++int sd_bus_enqueue_for_read(sd_bus *bus, sd_bus_message *m) {
+ int r;
+ 
+ assert_return(bus, -EINVAL);
+@@ -4157,9 +4157,9 @@ int sd_bus_enqeue_for_read(sd_bus *bus, sd_bus_message 
*m) {
+ if (!BUS_IS_OPEN(bus->state))
+ return -ENOTCONN;
+ 
+-