Univention Bugzilla – Bug 53602
systemd: Multiple issues (4.4)
Last modified: 2021-07-28 18:37:58 CEST
New Debian systemd 232-25+deb9u13A~4.4.8.202107221144 fixes: This update addresses the following issue: * uncontrolled allocation on the stack in function unit_name_path_escape leads to crash (CVE-2021-33910)
--- mirror/ftp/4.4/unmaintained/4.4-2/source/systemd_232-25+deb9u12A~4.4.0.201909191546.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/systemd_232-25+deb9u13A~4.4.8.202107221144.dsc @@ -1,8 +1,14 @@ -232-25+deb9u12A~4.4.0.201909191546 [Thu, 19 Sep 2019 15:46:28 +0200] Univention builddaemon <buildd@univention.de>: +232-25+deb9u13A~4.4.8.202107221144 [Thu, 22 Jul 2021 11:51:20 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 01-fix-ftbfs 10-ignore-ucs-divered + +232-25+deb9u13 [Thu, 08 Jul 2021 15:07:45 +0200] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * string-util: add delete_trailing_chars() and skip_leading_chars() helpers + * basic/unit-name: do not use strdupa() on a path (CVE-2021-33910) 232-25+deb9u12 [Sun, 21 Jul 2019 20:43:29 +0200] Michael Biebl <biebl@debian.org>: <http://piuparts.knut.univention.de/4.4-8/#4190506869020197883>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] 3377ccb71a Bug #53602: systemd 232-25+deb9u13A~4.4.8.202107221144 doc/errata/staging/systemd.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1016>