systemd - Debian Package Tracker

general

source: systemd (main)
version: 252.6-1
maintainer: Debian systemd Maintainers (archive) (DMD)
uploaders: Martin Pitt [DMD] – Luca Boccassi [DMD] – Sjoerd Simons [DMD] – Michael Biebl [DMD] – Marco d'Itri [DMD] – Felipe Sateler [DMD]
std-ver: 4.6.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 232-25+deb9u12
o-o-sec: 232-25+deb9u14
o-o-bpo: 241-5~bpo9+1
oldstable: 241-7~deb10u8
old-sec: 241-7~deb10u8
old-bpo: 247.3-6~bpo10+1
stable: 247.3-7+deb11u1
stable-bpo: 252.5-2~bpo11+1
testing: 252.6-1
unstable: 252.6-1
exp: 253-1

versioned links

232-25+deb9u12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
232-25+deb9u14: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
241-5~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
241-7~deb10u8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
247.3-6~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
247.3-7+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
252.5-2~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
252.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
253-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libnss-myhostname
libnss-mymachines (3 bugs: 0, 3, 0, 0)
libnss-resolve (1 bugs: 0, 1, 0, 0)
libnss-systemd (1 bugs: 0, 1, 0, 0)
libpam-systemd
libsystemd-dev
libsystemd-shared
libsystemd0
libudev-dev
libudev1
libudev1-udeb
systemd (102 bugs: 0, 68, 34, 0)
systemd-boot (3 bugs: 0, 3, 0, 0)
systemd-boot-efi (1 bugs: 0, 1, 0, 0)
systemd-container (1 bugs: 0, 1, 0, 0)
systemd-coredump
systemd-homed
systemd-journal-remote
systemd-oomd
systemd-resolved (2 bugs: 0, 1, 1, 0)
systemd-standalone-sysusers
systemd-standalone-tmpfiles
systemd-sysv (2 bugs: 0, 1, 1, 0)
systemd-tests
systemd-timesyncd
systemd-userdbd
udev (11 bugs: 0, 8, 3, 0)
udev-udeb

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:11:26
Last run: 2023-03-02T02:27:39.000Z
Previous status: pass

testing: pass (log)
The tests ran in 0:09:37
Last run: 2023-03-14T08:27:21.000Z
Previous status: pass

stable: fail (log)
The tests ran in 0:09:20
Last run: 2023-03-23T19:28:28.000Z
Previous status: fail

Created: 2022-04-04 Last update: 2023-03-28 03:03

A new upstream version is available: 252.7 high

A new upstream version 252.7 is available, you should consider packaging it.

Created: 2023-03-05 Last update: 2023-03-27 22:39

6 security issues in buster high

There are 6 open security issues in buster.

1 important issue:

CVE-2023-26604: systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.

1 issue postponed or untriaged:

CVE-2022-3821: (postponed; to be fixed through a stable update) An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.

4 ignored issues:

CVE-2019-3843: It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.
CVE-2019-3844: It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.
CVE-2021-3997: A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.
CVE-2022-4415: A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

Created: 2023-03-03 Last update: 2023-03-27 11:07

The VCS repository is not up to date, push the missing commits. high

vcswatch reports that the current version of the package is not in its VCS.
Either you need to push your commits and/or your tags, or the information about the package's VCS are out of date. A common cause of the latter issue when using the Git VCS is not specifying the correct branch when the packaging is not in the default one (remote HEAD branch), which is usually "master" but can be modified in salsa.debian.org in the project's general settings with the "Default Branch" field). Alternatively the Vcs-Git field in debian/control can contain a "-b <branch-name>" suffix to indicate what branch is used for the Debian packaging.

Created: 2023-01-30 Last update: 2023-03-27 03:10

2 bugs tagged help in the BTS normal

The BTS contains 2 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2019-03-21 Last update: 2023-03-28 03:34

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs, consider including or untagging them.

Created: 2022-07-27 Last update: 2023-03-28 03:34

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2023-03-11 Last update: 2023-03-28 00:46

lintian reports 25 warnings normal

Lintian reports 25 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2023-01-30 Last update: 2023-03-01 23:06

debian/patches: 16 patches to forward upstream low

Among the 20 debian patches available in version 252.6-1 of the package, we noticed the following issues:

16 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-03-01 18:42

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2020-07-17 Last update: 2020-07-17 08:00

news

[rss feed]

[2023-03-11] systemd 252.6-1 MIGRATED to testing (Debian testing watch)
[2023-03-01] Accepted systemd 252.6-1 (source) into unstable (Luca Boccassi)
[2023-02-15] Accepted systemd 253-1 (source) into experimental (Luca Boccassi)
[2023-02-10] Accepted systemd 253~rc3-1 (source) into experimental (Luca Boccassi)
[2023-02-09] Accepted systemd 253~rc2-1 (source) into experimental (Luca Boccassi)
[2023-02-08] Accepted systemd 252.5-2~bpo11+1 (source) into bullseye-backports (Michael Biebl)
[2023-02-04] systemd 252.5-2 MIGRATED to testing (Debian testing watch)
[2023-01-30] Accepted systemd 252.5-2 (source) into unstable (Luca Boccassi)
[2023-01-29] Accepted systemd 252.5-1 (source) into unstable (Luca Boccassi)
[2023-01-29] systemd 252.4-2 MIGRATED to testing (Debian testing watch)
[2023-01-25] Accepted systemd 252.4-2 (source) into unstable (Michael Biebl)
[2023-01-24] Accepted systemd 252.4-1~bpo11+1 (source amd64) into bullseye-backports (Debian FTP Masters) (signed by: Michael Biebl)
[2022-12-25] systemd 252.4-1 MIGRATED to testing (Debian testing watch)
[2022-12-22] Accepted systemd 252.4-1 (source) into unstable (Luca Boccassi)
[2022-12-13] Accepted systemd 252.3-2 (source) into unstable (Michael Biebl)
[2022-12-11] systemd 252.2-2 MIGRATED to testing (Debian testing watch)
[2022-12-10] Accepted systemd 252.3-1 (source) into unstable (Michael Biebl)
[2022-12-06] Accepted systemd 252.2-2 (source) into unstable (Michael Biebl)
[2022-12-02] systemd 252.2-1 MIGRATED to testing (Debian testing watch)
[2022-11-29] Accepted systemd 252.2-1 (source) into unstable (Luca Boccassi)
[2022-11-11] systemd 252.1-1 MIGRATED to testing (Debian testing watch)
[2022-11-08] Accepted systemd 252.1-1 (source) into unstable (Luca Boccassi)
[2022-11-07] Accepted systemd 252-3 (source) into unstable (Luca Boccassi)
[2022-11-04] systemd 252-2 MIGRATED to testing (Debian testing watch)
[2022-11-01] Accepted systemd 252-2 (source) into unstable (Luca Boccassi)
[2022-10-31] Accepted systemd 252-1 (source) into unstable (Luca Boccassi)
[2022-10-27] Accepted systemd 252~rc3-2 (source) into unstable (Luca Boccassi)
[2022-10-25] Accepted systemd 252~rc3-1 (source) into experimental (Luca Boccassi)
[2022-10-24] Accepted systemd 252~rc2-1 (source) into experimental (Luca Boccassi)
[2022-10-18] systemd 251.6-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 122 132
RC: 0
I&N: 85 92
M&W: 37 40
F&P: 0
patch: 3
help: 2

links

homepage
lintian (0, 25)
buildd: logs, exp, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (-, 81)
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 252.5-2ubuntu3
185 bugs (9 patches)
patches for 252.5-2ubuntu3