Bug 47509 – systemd: Multiple issues (4.3)

Bug 47509 - systemd: Multiple issues (4.3)


Summary:	systemd: Multiple issues (4.3)

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 4.3
Hardware:	All Linux

Importance:	P3 normal (vote)
Target Milestone:	UCS 4.3-1-errata
Assigned To:	Quality Assurance
QA Contact:	Philipp Hahn

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2018-08-08 13:29 CEST by Quality Assurance
Modified:	2018-08-15 13:14 CEST (History)
CC List:	0 users

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:	7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Quality Assurance

2018-08-08 13:29:23 CEST

New Debian systemd 232-25+deb9u4A~4.3.1.201808081329 fixes:
This update addresses the following issue(s):
* 
CVE_2013-4392 is open
* In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. (CVE-2017-15908)
CVE_2017-18078 is open
CVE_2017-1000082 is open
CVE_2018-1049 is open
CVE_2018-6954 is open

232-25+deb9u4 (Wed, 13 Jun 2018 22:20:36 +0200) * core/load-fragment: Add RemoveIPC= Allow RemoveIPC= to be set in the unit file not only via D-Bus. * nspawn: Add missing -E to getopt_long. The -E alias for --setenv in systemd-nspawn was not working as documented. This commit fixes that by adding -E to getopt_long. * login: Respect --no-wall when cancelling a shutdown request

232-25+deb9u3 (Fri, 23 Mar 2018 13:55:43 +0100) [ Cyril Brulebois ] * networkd-ndisc: Handle missing mtu gracefully. The previous upload made networkd respect the MTU field in IPv6 RA but unfortunately broke setups where there's no such field.

232-25+deb9u2 (Sun, 03 Dec 2017 15:03:50 +0100) * networkd: Handle MTU field in IPv6 RA * shared: Add a linker script so that all functions are tagged @SD_SHARED instead of @Base. This helps prevent symbol collisions with other programs and libraries. In particular, because PAM modules are loaded into the process that is creating the session, and systemd creates PAM sessions, the potential for collisions is high. * resolved: Fix loop on packets with pseudo dns types. CVE-2017-15908 * machinectl: Don't output "No machines." with --no-legend option
* CVE-2017-15908 systemd: Infinite loop in the dns_packet_read_type_window() function (CVE-2017-15908)

Comment 1 Quality Assurance

2018-08-08 19:08:15 CEST

--- mirror/ftp/4.3/unmaintained/4.3-0/source/systemd_232-25+deb9u1A~4.3.0.201711221833.dsc
+++ apt/ucs_4.3-0-errata4.3-1/source/systemd_232-25+deb9u4A~4.3.1.201808081329.dsc
@@ -1,8 +1,41 @@
-232-25+deb9u1A~4.3.0.201711221833 [Wed, 22 Nov 2017 19:02:08 +0100] Univention builddaemon <buildd@univention.de>:
+232-25+deb9u4A~4.3.1.201808081329 [Wed, 08 Aug 2018 13:29:29 +0200] Univention builddaemon <buildd@univention.de>:
 
   * UCS auto build. The following patches have been applied to the original source package
     01-fix-ftbfs
     10-ignore-ucs-divered
+
+232-25+deb9u4 [Wed, 13 Jun 2018 22:20:36 +0200] Michael Biebl <biebl@debian.org>:
+
+  * core/load-fragment: Add RemoveIPC=
+    Allow RemoveIPC= to be set in the unit file not only via D-Bus.
+    (Closes: #892829)
+  * nspawn: Add missing -E to getopt_long.
+    The -E alias for --setenv in systemd-nspawn was not working as
+    documented. This commit fixes that by adding -E to getopt_long.
+    (Closes: #895798)
+  * login: Respect --no-wall when cancelling a shutdown request
+    (Closes: #897938)
+
+232-25+deb9u3 [Fri, 23 Mar 2018 13:55:43 +0100] Michael Biebl <biebl@debian.org>:
+
+  [ Cyril Brulebois ]
+  * networkd-ndisc: Handle missing mtu gracefully.
+    The previous upload made networkd respect the MTU field in IPv6 RA but
+    unfortunately broke setups where there's no such field. (Closes: #892794)
+
+232-25+deb9u2 [Sun, 03 Dec 2017 15:03:50 +0100] Michael Biebl <biebl@debian.org>:
+
+  * networkd: Handle MTU field in IPv6 RA (Closes: #878162)
+  * shared: Add a linker script so that all functions are tagged @SD_SHARED
+    instead of @Base.
+    This helps prevent symbol collisions with other programs and libraries.
+    In particular, because PAM modules are loaded into the process that is
+    creating the session, and systemd creates PAM sessions, the potential
+    for collisions is high. (Closes: #873708)
+  * resolved: Fix loop on packets with pseudo dns types.
+    CVE-2017-15908 (Closes: #880026)
+  * machinectl: Don't output "No machines." with --no-legend option
+    (Closes: #880158)
 
 232-25+deb9u1 [Wed, 05 Jul 2017 22:31:25 +0200] Michael Biebl <biebl@debian.org>:
 

<http://10.200.17.11/4.3-1/#72240414498169436>

Comment 2 Philipp Hahn

2018-08-09 09:38:42 CEST

OK: patches
OK: piuparts
OK: yaml
OK: errata-announce systemd.yaml

[4.3-1] dfc12640fd Bug #47509: systemd 232-25+deb9u4A~4.3.1.201808081329
 doc/errata/staging/systemd.yaml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

Comment 3 Arvid Requate

2018-08-15 13:14:51 CEST

<http://errata.software-univention.de/ucs/4.3/197.html>