subject:"\[Kernel\-packages\] \[Bug 1845637\] Re\: Drop setting fs.protected_regular and fs.protected_fifos from sysctl defaults shipped by systemd"

[Kernel-packages] [Bug 1845637] Re: Drop setting fs.protected_regular and fs.protected_fifos from sysctl defaults shipped by systemd

2019-10-04 Thread Launchpad Bug Tracker

This bug was fixed in the package systemd - 242-7ubuntu1

---
systemd (242-7ubuntu1) eoan; urgency=medium

  * Merge from unstable
  * UBUNTU: drop setting fs.protected_regular and fs.protected_fifos from
sysctl defaults shipped by systemd (LP: #1845637)
File: 
debian/patches/debian/UBUNTU-drop-kernel.-settings-from-sysctl-defaults-shipped.patch

https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6e583847b04c3f83a50f3bd6947dcae6a73d8388
  * test-execute: Filter /dev/.lxc in exec-dynamicuser-statedir.service.
It appears in nested LXC containers and broke the armhf autopkgtest.
(LP: #1845337)
File: 
debian/patches/test-execute-Filter-dev-.lxc-in-exec-dynamicuser-statedir.patch

https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=75af888d5552f706b86182a56f12ccc8e83ca04e

systemd (242-7) unstable; urgency=medium

  * sleep: properly pass verb to sleep script
  * core: factor root_directory application out of apply_working_directory.
Fixes RootDirectory not working when used in combination with User.
(Closes: #939408)
  * shared/bus-util: drop trusted annotation from
bus_open_system_watch_bind_with_description().
This ensures that access controls on systemd-resolved's D-Bus interface
are enforced properly.
(CVE-2019-15718, Closes: #939353)

 -- Balint Reczey   Wed, 02 Oct 2019 14:13:28 +0200

** Changed in: systemd (Ubuntu)
   Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-15718

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1845637

Title:
  Drop setting fs.protected_regular and fs.protected_fifos from sysctl
  defaults shipped by systemd

Status in linux package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Fix Released

Bug description:
  Those settings are typically set by the kernel in Ubuntu.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1845637/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1845637] Re: Drop setting fs.protected_regular and fs.protected_fifos from sysctl defaults shipped by systemd

2019-10-02 Thread Balint Reczey

This is not a bug where logs can be collected.

** Changed in: linux (Ubuntu)
   Status: Incomplete => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1845637

Title:
  Drop setting fs.protected_regular and fs.protected_fifos from sysctl
  defaults shipped by systemd

Status in linux package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  New

Bug description:
  Those settings are typically set by the kernel in Ubuntu.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1845637/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1845637] Re: Drop setting fs.protected_regular and fs.protected_fifos from sysctl defaults shipped by systemd

2019-10-02 Thread Balint Reczey

Those defaults should probably be set by Linux, hence marking linux package as 
affected.
With the systemd packaging dropping the new setting originating from systemd 
upstream Ubuntu's defaults become less secure in this area compared to other 
distros leaving upstream defaults applied, thus I also mark this bug as a 
public security issue.

** Also affects: linux (Ubuntu)
   Importance: Undecided
   Status: New

** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1845637

Title:
  Drop setting fs.protected_regular and fs.protected_fifos from sysctl
  defaults shipped by systemd

Status in linux package in Ubuntu:
  Incomplete
Status in systemd package in Ubuntu:
  New

Bug description:
  Those settings are typically set by the kernel in Ubuntu.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1845637/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1845637] Re: Drop setting fs.protected_regular and fs.protected_fifos from sysctl defaults shipped by systemd

[Kernel-packages] [Bug 1845637] Re: Drop setting fs.protected_regular and fs.protected_fifos from sysctl defaults shipped by systemd

[Kernel-packages] [Bug 1845637] Re: Drop setting fs.protected_regular and fs.protected_fifos from sysctl defaults shipped by systemd

3 matches

Site Navigation

Mail list logo

Footer information