Change log for systemd package in Ubuntu

175 of 449 results
Published in eoan-proposed on 2019-08-22
systemd (240-6ubuntu12) eoan; urgency=medium

  * Depends on g++-8 as well
    Files:
    - debian/control
    - debian/rules
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5594b4f2ba2a4f68911ecebb5fab4f3cf99a5f30

 -- Dimitri John Ledkov <email address hidden>  Thu, 22 Aug 2019 16:41:11 +0100
Superseded in eoan-proposed on 2019-08-22
systemd (240-6ubuntu11) eoan; urgency=medium

  [ Dan Streetman ]
  * d/p/lp1835581-src-network-networkd-dhcp4.c-set-prefsrc-for-classle.patch:
    - Set src address for dhcp 'classless' routes (LP: #1835581)

  [ Jorge Niedbalski ]
  * d/p/lp1668771-resolved-switch-cache-option-to-a-tri-state-option-s.patch:
    Allows cache=no-negative option to be set, ignoring negative
    answers to be cached (LP: #1668771).

  [ Jeremy Soller ]
  * random-util: eat up bad RDRAND values seen on AMD CPUs.
    This fixes AMD Ryzen 3000 series failing to boot (LP: #1835809)

  [ You-Sheng Yang ]
  * d/p/d/Revert-udev-network-device-renaming-immediately-give.patch:
    - udev: drop Revert-udev-network-device-renaming-immediately-give.patch.
      The removing patch was for the already deprecated
      "75-persistent-net-generator.rules" based interface renaming mechanism,
      and it's causing unnecessary problem when a system happends to NICs with
      same MAC address, e.g. Dell's MAC address pass-thru. (LP: #1837700)

  [ Dimitri John Ledkov ]
  * Cherrypick seccomp fixes for new kernel and glibc.
    Files:
    - debian/patches/seccomp-add-new-5.1-syscall-pidfd_send_signal-to-filter-s.patch
    - debian/patches/seccomp-add-rseq-to-default-list-of-syscalls-to-whitelist.patch
    - debian/patches/seccomp-allow-shmat-to-be-a-separate-syscall-on-architect.patch
    - debian/patches/seccomp-drop-mincore-from-system-service-syscall-filter-g.patch
    - debian/patches/seccomp-shm-get-at-dt-now-have-their-own-numbers-everywhe.patch
    - debian/patches/shared-seccomp-add-sync_file_range2.patch
    - debian/patches/src-shared-seccomp-util.c-Add-mmap-definitions-for-s390.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=627919b0cbcc7e094995f167f8c5eb899f801fd3

  * Build with gcc-8, otherwise tests segfault.
    Files:
    - debian/control
    - debian/rules
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1ca0100244e46b00a97dfa10a5d980de7bdc6735

 -- Dimitri John Ledkov <email address hidden>  Thu, 22 Aug 2019 15:03:45 +0100
Published in disco-proposed on 2019-08-23
systemd (240-6ubuntu5.4) disco; urgency=medium

  [ You-Sheng Yang ]
  * d/p/d/Revert-udev-network-device-renaming-immediately-give.patch:
    - udev: drop Revert-udev-network-device-renaming-immediately-give.patch.
      The removing patch was for the already deprecated
      "75-persistent-net-generator.rules" based interface renaming mechanism,
      and it's causing unnecessary problem when a system happends to NICs with
      same MAC address, e.g. Dell's MAC address pass-thru. (LP: #1837700)

 -- Shih-Yuan Lee (FourDollars) <email address hidden>  Wed, 21 Aug 2019 16:15:23 +0800

Available diffs

Published in bionic-proposed on 2019-08-23
systemd (237-3ubuntu10.26) bionic; urgency=medium

  [ You-Sheng Yang ]
  * d/p/d/Revert-udev-network-device-renaming-immediately-give.patch:
    - udev: drop Revert-udev-network-device-renaming-immediately-give.patch
      The removing patch was for the already deprecated
      "75-persistent-net-generator.rules" based interface renaming mechanism,
      and it's causing unnecessary problem when a system happends to NICs with
      same MAC address, e.g. Dell's MAC address pass-thru. (LP: #1837700)

  [ Shih-Yuan Lee (FourDollars) ]
  * d/p/hwdb-revert-airplane-mode-keys-handling-on-Dell.patch:
    - hwdb: revert airplane mode keys handling on Dell
      That reverts some commits those created double key events issues on some
      Dell laptops. (LP: #1740894)

 -- Shih-Yuan Lee (FourDollars) <email address hidden>  Wed, 07 Aug 2019 17:56:02 +0800
Deleted in eoan-proposed on 2019-08-14 (Reason: per rbalint and xnox, 243 is not targeted for 19.10)
systemd (243~rc1-0ubuntu2) eoan; urgency=medium

  * Revert unit cache rework to fix regressions
    Files:
    - d/p/Revert-analyze-add-unit-files-to-dump-the-unit-fragment-m.patch
    - d/p/Revert-pid1-drop-unit-caches-only-based-on-mtime.patch
    - d/p/Revert-pid1-use-a-cache-for-all-unit-aliases.patch
    - d/p/Revert-test-unit-file-allow-printing-of-information-about.patch
  * Set the previous default, -Ddefault-hierarchy=hybrid at build-time.
    This prevents breaking container managers

Superseded in eoan-proposed on 2019-08-08
systemd (243~rc1-0ubuntu1) eoan; urgency=medium

  [ Dan Streetman ]
  * d/t/boot-and-services: fix test_failing() (LP: #1831296)
  * d/t/boot-and-services: check for any kernel message, not just first kernel
    message (LP: #1830479, Closes: #929730)
  * d/t/upstream: add TEST-30, TEST-34 to blacklist
  * d/t/timedated: replace systemctl is-active with systemctl show
  * d/t/control: root-unittests can break networking, add breaks-testbed
  * d/t/control: mark udev test skippable
  * d/t/upstream: always cleanup after (and before) each test
  * d/t/control: upstream test requires dmeventd.
  * d/e/checkout-upstream: don't remove .git
  * d/e/checkout-upstream: move change to debian/ files above other changes
  * d/e/checkout-upstream: add UPSTREAM_KEEP_CHANGELOG param
  * d/e/checkout-upstream: create git commits for each change
  * d/e/checkout-upstream: switch from 'quilt' to 'native' format
  * d/e/checkout-upstream: set user.name, user.email if unset

  [ Balint Reczey ]
  * New upstream version 243~rc1
  * Refresh patches:
    - Dropped changes:
      * d/p/lp1835581-src-network-networkd-dhcp4.c-set-prefsrc-for-classle.patch:
        - Set src address for dhcp 'classless' routes (LP: #1835581)
      * d/p/lp1668771-resolved-switch-cache-option-to-a-tri-state-option-s.patch:
        Allows cache=no-negative option to be set, ignoring negative
        answers to be cached (LP: #1668771).
        * Fix networking with Linux 5.2
          Files:
          - debian/patches/network-do-not-send-ipv6-token-to-kernel.patch
          - debian/patches/networkd-fix-link_up-12505.patch
          https://github.com/systemd/systemd/commit/4eb086a38712ea98faf41e075b84555b11b54362
          https://github.com/systemd/systemd/commit/9f6e82e6eb3b6e73d66d00d1d6eee60691fb702f
      * Cherrypick ask-password: prevent buffer overrow when reading from keyring.
        File: debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6d6e9cbd4fc6e018031a4762e88f2c3aa19e24e8
      * random-util: eat up bad RDRAND values seen on AMD CPUs.
        File: debian/patches/+rdrand-workaround-on-amd.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?h=ubuntu-eoan&id=6ab88231efca4b04b26de6cfb5d671be154aabe0
  * Merge changes from Debian Salsa's experimental branch
  * analyze: declare dump_exit_status outside of HAVE_SECCOMP block
    This fixes the udeb build.
  * Update symbols

Available diffs

Superseded in eoan-proposed on 2019-08-05
systemd (242-2ubuntu2) eoan; urgency=medium

  [ Dan Streetman ]
  * d/p/lp1835581-src-network-networkd-dhcp4.c-set-prefsrc-for-classle.patch:
    - Set src address for dhcp 'classless' routes (LP: #1835581)

  [ Jorge Niedbalski ]
  * d/p/lp1668771-resolved-switch-cache-option-to-a-tri-state-option-s.patch:
    Allows cache=no-negative option to be set, ignoring negative
    answers to be cached (LP: #1668771).

 -- Dan Streetman <email address hidden>  Fri, 02 Aug 2019 18:35:02 -0400

Available diffs

Superseded in eoan-proposed on 2019-08-02
systemd (242-2ubuntu1) eoan; urgency=medium

  * Merge to Ubuntu from experimental
    - Dropped changes:
      * Skip starting systemd-remount-fs.service in containers
        even when /etc/fstab is present.
        File: debian/patches/debian/Skip-starting-systemd-remount-fs.service-in-containers.patch
      * debian/tests: Switch to gdm
        Files:
        - debian/tests/boot-and-services
        - debian/tests/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f350b43ccc1aa31c745b4ccebbb4084d5cea41ff
      * Cherrypick proposed patch to fix LinkLocalAddressing post-unify-MTU settings.
        File: debian/patches/networkd-honour-LinkLocalAddressing.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=cd9ba0d0f47634c9e5d862b8208cdc3178f25496
      * Import patches to support PPC64LE qemu based testing.
        Files:
        - debian/tests/control
        - debian/patches/test-test-functions-on-PP64-use-vmlinux.patch
        - debian/patches/test-test-functions-on-PPC64-use-hvc0-console.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=483a4daba07f809883883e8e8b9c365cfbf7256e
      * resolved: add support for pipelined requests
        Files:
        - debian/patches/llmnr-add-comment-why-we-install-no-complete-handler-on-s.patch
        - debian/patches/resolved-add-comment-to-dns_stream_complete-about-its-err.patch
        - debian/patches/resolved-keep-stub-stream-connections-up-for-as-long-as-c.patch
        - debian/patches/resolved-only-call-complete-with-zero-argument-in-LLMNR-c.patch
        - debian/patches/resolved-restart-stream-timeout-whenever-we-managed-to-re.patch
        - debian/patches/stream-follow-coding-style-don-t-use-degrade-to-bool-for-.patch
        - debian/patches/stream-track-type-of-DnsStream-object.patch
        - debian/patches/transaction-simplify-handling-if-we-get-an-unexpected-DNS.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8ad1db08c2135af098a33957ce7cffbe21fb683f
      * networkd: [Route] PreferredSource not working in *.network files.
        Files:
        - debian/patches/Install-routes-after-addresses-are-ready.patch
        - debian/patches/Move-link_check_ready-to-later-in-the-file.patch
        - debian/patches/tests-Add-test-for-IPv6-source-routing.patch
        - debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4e2ee0b2ac1be2ae78952890a56a2d5398df518
      * udevadm: Fix segfault with subsystem-match containing '/' (Closes: #919206)
        File: debian/patches/udevadm-fix-segfault.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=736973d38676301f276716f22a746aed2489baac
      * Blacklist TEST-10-ISSUE-2467 #11706
        File: debian/tests/upstream
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f93b9e46b54388370da7b0cd7f858031be3a2578
      * Blacklist TEST-10-ISSUE-2467 #11706
        File: debian/tests/upstream
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f93b9e46b54388370da7b0cd7f858031be3a2578
      * Fix comment about why we disable hwclock.service.
        File: debian/systemd.links
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8473f88fffdb9db1f5ba547bb692a911997f2569
      * debian/tests/storage: fix for LUKS2 and avoid interactive password prompts.
        File: debian/tests/storage
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5594ebf325816e76a8c58043c56fc94f2d52b2a6
      * d/p/network-remove-routing-policy-rule-from-foreign-rule.patch
      * d/p/network-do-not-remove-rule-when-it-is-requested-by-e.patch
        - Fix RoutingPolicyRule does not apply correctly
      * virt: detect WSL environment as a container
      * pam-systemd: use secure_getenv() rather than getenv()
        File: debian/patches/pam-systemd-use-secure_getenv-rather-than-getenv.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3291e9e8c3eafd0c8921cb26a0d5ee0fd563b3c
      * core: queue jobs on uninstall to generate PropertiesChanged signal.
        File: debian/patches/core-when-we-uninstall-a-job-add-unit-to-dbus-queue.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=241deca98fb9a0f1ba9a6ba781f738fb31a3bd80
      * systemd-stable: cherrypick many bugfixes from the v240-stable branch.
        Files:
        - debian/patches/Add-missing-dash-to-all-option-in-the-timedatectl-man-pag.patch
        - debian/patches/Add-note-about-transactions-being-genereated-independentl.patch
        - debian/patches/Change-job-mode-of-manager-triggered-restarts-to-JOB_REPL.patch
        - debian/patches/Fix-omission-in-docs.patch
        - debian/patches/Log-the-job-being-merged.patch
        - debian/patches/NEWS-document-deprecation-of-PermissionsStartOnly-in-v240.patch
        - debian/patches/NEWS-retroactively-describe-.include-deprecation.patch
        - debian/patches/Update-systemd-system.conf.xml.patch
        - debian/patches/basic-prioq-add-prioq_peek_item.patch
        - debian/patches/core-Fix-EOPNOTSUPP-emergency-action-error-string.patch
        - debian/patches/core-Fix-return-argument-check-for-parse_emergency_action.patch
        - debian/patches/core-mount-do-not-add-Before-local-fs.target-or-remote-fs.patch
        - debian/patches/core-mount-move-static-function-earlier-in-file.patch
        - debian/patches/curl-util-fix-use-after-free.patch
        - debian/patches/ethtool-Make-sure-advertise-is-actually-set-when-autonego.patch
        - debian/patches/journal-avoid-buffer-overread-when-locale-name-is-too-lon.patch
        - debian/patches/journal-limit-the-number-of-entries-in-the-cache-based-on.patch
        - debian/patches/journald-periodically-drop-cache-for-all-dead-PIDs.patch
        - debian/patches/machinectl-fix-argument-index-in-error-log.patch
        - debian/patches/man-Fix-a-typo-in-systemd.exec.xml.patch
        - debian/patches/man-fix-reference.patch
        - debian/patches/man-fix-volume-num-of-journalctl.patch
        - debian/patches/man-update-DefaultDependency-in-systemd.mount-5.patch
        - debian/patches/netlink-set-maximum-size-of-WGDEVICE_A_IFNAME.patch
        - debian/patches/network-make-Link-and-NetDev-always-have-the-valid-poiter.patch
        - debian/patches/network-unset-Network-manager-when-loading-.network-file-.patch
        - debian/patches/network-wireguard-rename-and-split-set_wireguard_interfac.patch
        - debian/patches/networkd-wait-for-kernel-to-reply-ipv6-peer-address.patch
        - debian/patches/nspawn-ignore-SIGPIPE-for-nspawn-itself.patch
        - debian/patches/pager-improve-english-a-bit.patch
        - debian/patches/pid1-fix-cleanup-of-stale-implicit-deps-based-on-proc-sel.patch
        - debian/patches/procfs-util-expose-functionality-to-query-total-memory.patch
        - debian/patches/pull-fix-invalid-error-check.patch
        - debian/patches/shared-Revert-commit-49fe5c099-in-parts-for-function-pars.patch
        - debian/patches/shared-dissect-image-make-sure-that-we-don-t-truncate-dev.patch
        - debian/patches/test-execute-unset-HOME-before-testing.patch
        - debian/patches/udev-do-logging-before-setting-variables-to-NULL.patch
        - debian/patches/udev-val-may-be-NULL-use-strempty.patch
        - debian/patches/udevadm-info-a-should-enumerate-sysfs-attributes-not-envs.patch
        - debian/patches/udevd-use-worker_free-on-failure-in-worker_new.patch
        - debian/patches/units-make-sure-initrd-cleanup.service-terminates-before-.patch
        - debian/patches/wait-online-do-not-fail-if-we-receive-invalid-messages.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2b3db732ba7e5418d45ca42884e8d075189f2724
      * Cherrypick missing systemd-stable patches to unbreak wireguard peer endpoints.
        Files:
        - debian/patches/network-wireguard-fixes-sending-wireguard-peer-setti.patch
        - debian/patches/network-wireguard-use-sd_netlink_message_append_sock.patch
        - debian/patches/sd-netlink-introduce-sd_netlink_message_append_socka.patch
        - debian/patches/test-network-add-more-checks-in-NetworkdNetDevTests..patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=4046f515e40c4dc80d18d2303466737f1f451f11
      * Cherry-pick patches to fix FTBFS with GCC 9:
        - d/p/strv-rework-FOREACH_STRING-macro.patch
        - d/p/test-systemctl-nspawn-use-const-char-instead-of-char-as-i.patch
    - Remaining changes:
      * Set UseDomains to true, by default, on Ubuntu.
        File: debian/patches/debian/Ubuntu-UseDomains-by-default.patch
      * Enable systemd-resolved by default
        File: debian/systemd.postinst
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=05adfa0902115f51c1196ad623165a75bb8b4313
      * Create /etc/resolv.conf at postinst, pointing at the stub resolver.
        File: debian/systemd.postinst
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ef4adf46bbbe2d22508b70b889d23da53b85039d
      * libnss-resolve: do not disable and stop systemd-resolved
        File: debian/libnss-resolve.postrm
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=95577d14e84e19b614b83b2e24985d89e8c2dac0
      * Ignore failures to set Nice priority on services in containers.
        File: debian/patches/debian/Ubuntu-core-in-execute-soft-fail-setting-Nice-priority-when.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5b8e457f8d883fc6f55d33d46b3474926a495d29
      * units: set ConditionVirtualization=!private-users on journald audit socket.
        File: debian/patches/debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=03ed18a9940731bbf794ad320fabf337488835c6
      * debian/tests: Enforce udev upgrade.
        Files:
        - debian/tests/boot-and-services
        - debian/tests/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f350b43ccc1aa31c745b4ccebbb4084d5cea41ff
      * Always setup /etc/resolv.conf on new installations.
        File: debian/systemd.postinst
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=20bc8a37fa3c9620bed21a56a4eabd71db71d861
      * Ubuntu/extra: ship dhclient-enter hook.
        Files:
        - debian/extra/dhclient-enter-resolved-hook
        - debian/rules
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3398a213f80b02bf3db0c1ce9e22d69f6d56764
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=258893bae8cbb12670e4807636fe8f7e9fb5407a
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0725c1169ddde4f41cacba7af3e546704e2206be
      * Disable systemd-networkd-wait-online by default.
        File: debian/systemd.postinst
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=694473d812b50d2fefd6494d494ca02b91bc8785
      * postinst: drop empty/stock /etc/rc.local
        File: debian/systemd.postinst
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e7d071a26a79558771303b0b87f007e650eaebbe
      * Ship systemd sysctl settings.
        Files:
        - debian/patches/debian/UBUNTU-drop-kernel.-settings-from-sysctl-defaults-shipped.patch
        - debian/rules
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7cd041a6d0ef459e4b2a82d8ea5fa1ce05184dfb
      * systemd.postinst: enable persistent journal
        File: debian/systemd.postinst
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f94f18d9dbc085b6a9ff33c141a6e542142f85b5
      * Disable LLMNR and MulticastDNS by default
        Files:
        - debian/patches/debian/UBUNTU-resolved-disable-global-LLMNR-and-MulticastDNS.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4ec428e83696a5cd0405b677a35e97681867629
      * Add "AssumedApparmorLabel=unconfined" to timedate1 dbus service file
        File: debian/patches/debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5ad0879e10bbe3d641f940260b93c7eb2cf4624c
      * debian/tests/systemd-fsckd: update assertions expectations for v237
        File: debian/tests/systemd-fsckd
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d5becd9a416b55dcdb7b9a7aba60c4e3d304e6a6
      * test/test-functions: launch qemu-system with -vga none.
        File: debian/patches/debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=90af1fa893cce5ed49999d16da0b793da6523394
      * tests/boot-smoke: ignore udevd connection timeouts resolving colord group.
        File: debian/tests/boot-smoke
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e1477b764fa9ef23f5181ef3d31a1332191c3e0b
      * Drop systemd.prerm safety check.
        File: debian/systemd.prerm
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0244c4d56556317f14eecc2f51871969ef02ba7b
      * wait-online: do not wait, if no links are managed (neither configured, or failed).
        File: debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=31f04c3fc769dacb3cf2a78240a1710a99a865b8
      * journald.service: set Nice=-1 to dodge watchdog on soft lockups.
        File: debian/patches/debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e0a9aeffac556492bf517ce2d23313ff7a277926
      * Workaround captive portals not responding to EDNS0 queries (DVE-2018-0001).
        File: debian/patches/resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=87d3fe81b7281687ecf3c0b9a8356e90cc714d0b
      * Recommend networkd-dispatcher
        File: debian/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1e3b2c7e4757119da0d550b0b3c0a6626a176dc
      * networkd: if RA was implicit, do not await ndisc_configured.
        File: debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2f749ff528d1b788aa4ca778e954c16b213ee629
      * udev-udeb: ship modprobe.d snippet to force scsi_mod.scan=sync in d-i.
        Files:
        - debian/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf
        - debian/udev-udeb.install
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=eb6d8a2b9504917abb7aa2c4035fdbb7b98227f7
      * Disable dh_installinit generation of tmpfiles for the systemd package.
        Files:
        - debian/rules
        - debian/systemd.postinst
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fd144cbe31cc7a9383cc76f21f4b84c22a9dd1b
      * Enable EFI/bootctl on armhf.
        File: debian/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=043122f7d8a1487bfd357e815a6ece1ceea6e7d1
      * boot-and-services: stderr is ok, for status command on the c1 container.
        File: debian/tests/boot-and-services
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=da14d34e7cc33c44ad67e64c9fd092f8cc1675f9
      * Skip systemd-fsckd on arm64, because of broken/lack of clean shutdown.
        File: debian/tests/systemd-fsckd
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=bf5b501ac934497dbef5f64908ff37643dc7288e
      * adt: boot-and-services: assert any kernel syslog messages.
        File: debian/tests/boot-and-services
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=29dc34f7a6e5dc505f6212c17c42e4420b47ed16
      * debian/extra/start-udev: Set scsi_mod scan=sync even if it's builtin to the kernel (we previously only set it in modprobe.d)
        Files:
        - debian/extra/start-udev
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6b72628f8de991e2c67ac4289fc74daf3abe7d14
      * units: conditionalize more units to not start in containers.
        Files:
        - debian/patches/debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3689afa1a782de8c19a757459b6360de1195ad55
      * test-sleep: skip test_fiemap upon inapproriate ioctl for device.
        File: debian/patches/debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6ebb5b9f6b77760a5470e8a780d69875b1db76f7
      * Re-add support for /etc/writable for core18
        File: debian/patches/debian/UBUNTU-Support-system-image-read-only-etc.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a5b5fca66c1127068e4ce0cc9ab497814211f4f7
      * debian/control: strengthen dependencies.
        File: debian/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1ecf0c372f5212129c85ae60fddf26b2271a1fe
      * Improve autopkgtest success rate, by bumping up timeouts
        File: debian/patches/debian/UBUNTU-bump-selftest-timeouts.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c05586d9da033bbfd6b6a74e10b87520843c7c48
      * units: Disable journald Watchdog
        File: debian/patches/debian/UBUNTU-units-disable-journald-watchdog.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=64d2b4f1d0d057073fba585f19823332e2a6eed5
      * Add conflicts with upstart and systemd-shim
        File: debian/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=83ed7496afc7c27be026014d109855f7d0ad1176
      * Specify Ubuntu's Vcs-Git
        File: debian/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fd832930ef280c9a4a9dda2440d5a46a6fdb6232
      * debian/systemd.postinst: Skip daemon-reexec and try-restarts during shutdown
        File: debian/systemd.postinst
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=51daab96ae79483b5e5fb62e1e0477c87ee11fd1
      * Switch gbp.conf to disco.
        File: debian/gbp.conf
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fea585b259e3e766d8d3dbc9690e879c054ddc87
      * core: set /run size to 10%, like initramfs-tools does.
        File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fac2568fe716dc1a41bada78293dc6327a6df0d
      * support PPC64LE qemu based testing.
        Files:
        - debian/tests/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=483a4daba07f809883883e8e8b9c365cfbf7256e
      * core: Revert strict mount namespacing/sandboxing, until LXD allows the needed mounts.
        File: debian/patches/Revert-namespace-be-more-careful-when-handling-namespacin.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=030919ba5e4931d6ee576d0259fae67fe4ed9770
      * networkd: [Route] PreferredSource not working in *.network files.
        Files:
        - debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4e2ee0b2ac1be2ae78952890a56a2d5398df518
      * debian/tests: blacklist upstream test-24-unit-tests on ppc64le.
        File: debian/tests/upstream
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8062b9a2712c390010d2948eaf764a1b52e68715
      * debian/control: Update Vcs-{Browser|Git} to Ubuntu's packaging repository
      * debian/gbp.conf: Set tag format to ubuntu/*
      * Only test that gdm3 comes up on amd64. Stalls on other arches.
        File: debian/tests/control
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=97cb13685dfb353045c449ec5d6d1df60f661079
      * tests/storage: make the test more resilient.
        File: debian/tests/storage
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c08dcb1ffe372acd3a21496758a1984ff78dcdd4
      * Fix false negative checking for running jobs after boot.
        File: debian/tests/boot-smoke
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=aeb01631efbaf3fe851dee15d496e0b66b5c347f
      * Cherrypick ask-password: prevent buffer overrow when reading from keyring.
        File: debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6d6e9cbd4fc6e018031a4762e88f2c3aa19e24e8
      * Wait for cryptsetup unit to start, before stopping.
        File: debian/tests/storage
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b65aa350be7e61c65927fbc0921a750fcfaa51cd
      * Wait for systemctl is-system-running state.
        File: debian/tests/boot-smoke
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=776998f1f55c445b6e385cab69a4219c42d00838
      * Fix typpo in storage test.
        File: debian/tests/storage
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f28aa5fe4ab175b99b6ea702559c59ca473b4ca8
      * random-util: eat up bad RDRAND values seen on AMD CPUs.
        File: debian/patches/+rdrand-workaround-on-amd.patch
        https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?h=ubuntu-eoan&id=6ab88231efca4b04b26de6cfb5d671be154aabe0
  * Refresh patches
  * debian/gbp.conf: Change debian-branch to ubuntu-eoan
  * Fix networking with Linux 5.2
    Files:
    - debian/patches/network-do-not-send-ipv6-token-to-kernel.patch
    - debian/patches/networkd-fix-link_up-12505.patch
    https://github.com/systemd/systemd/commit/4eb086a38712ea98faf41e075b84555b11b54362
    https://github.com/systemd/systemd/commit/9f6e82e6eb3b6e73d66d00d1d6eee60691fb702f

Available diffs

Published in bionic-updates on 2019-08-06
Deleted in bionic-proposed (Reason: moved to -updates)
systemd (237-3ubuntu10.25) bionic; urgency=medium

  [ Dan Streetman ]
  * d/p/lp1835581-src-network-networkd-dhcp4.c-set-prefsrc-for-classle.patch:
    - set src address for dhcp 'classless' routes (LP: #1835581)
  * d/p/lp1833671-networkd-keep-bond-slave-up-if-already-attached.patch:
    - keep bond slave up if already attached (LP: #1833671)

  [ Jorge Niedbalski ]
  * d/p/lp1668771-resolved-switch-cache-option-to-a-tri-state-option-s.patch:
    Allows cache=no-negative option to be set, ignoring negative
    answers to be cached (LP: #1668771).

 -- Dan Streetman <email address hidden>  Mon, 22 Jul 2019 12:45:02 -0400
Published in disco-updates on 2019-08-07
Deleted in disco-proposed (Reason: moved to -updates)
systemd (240-6ubuntu5.3) disco; urgency=medium

  [ Dan Streetman ]
  * d/p/lp1835581-src-network-networkd-dhcp4.c-set-prefsrc-for-classle.patch:
    - Set src address for dhcp 'classless' routes (LP: #1835581)

  [ Jorge Niedbalski ]
  * d/p/lp1668771-resolved-switch-cache-option-to-a-tri-state-option-s.patch:
    Allows cache=no-negative option to be set, ignoring negative
    answers to be cached (LP: #1668771).

 -- Dan Streetman <email address hidden>  Mon, 22 Jul 2019 12:45:02 -0400

Available diffs

Superseded in eoan-proposed on 2019-07-26
systemd (240-6ubuntu10) eoan; urgency=medium

  [ Jeremy Soller ]
  * random-util: eat up bad RDRAND values seen on AMD CPUs.
    This fixes AMD Ryzen 3000 series failing to boot (LP: #1835809)

  [ Balint Reczey]
  * Cherry-pick patches to fix FTBFS with GCC 9:
    - d/p/strv-rework-FOREACH_STRING-macro.patch
    - d/p/test-systemctl-nspawn-use-const-char-instead-of-char-as-i.patch

 -- Balint Reczey <email address hidden>  Thu, 11 Jul 2019 10:35:01 +0200

Available diffs

Superseded in disco-updates on 2019-08-07
Deleted in disco-proposed on 2019-08-09 (Reason: moved to -updates)
systemd (240-6ubuntu5.2) disco; urgency=medium

  [ Jeremy Soller ]
  * random-util: eat up bad RDRAND values seen on AMD CPUs.
    This fixes AMD Ryzen 3000 series failing to boot (LP: #1835809)

 -- Balint Reczey <email address hidden>  Tue, 09 Jul 2019 11:52:55 +0200

Available diffs

Published in xenial-updates on 2019-07-04
Deleted in xenial-proposed (Reason: moved to -updates)
systemd (229-4ubuntu21.22) xenial; urgency=medium

  [ Dan Streetman ]
  * d/t/systemd-fsckd, d/t/cmdline-upstart-boot:
    - skip on s390x; requires grub (LP: #1830477)
  * d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
    - prevent buffer overflow when reading keyring (LP: #1814373)

  [ Dimitri John Ledkov ]
  * Specify Ubuntu's Vcs-Git

  [ Balint Reczey ]
  * Append /snap/bin to default PATH.
    Snapd ships snapd-env-generator, but systemd does not not support
    environment generators. Hard-coding /snap/bin is less risky than
    backporting environment generator support and since snaps are considered
    to be first class packages on Ubuntu /snap/bin can safely added to
    the default PATH. (LP: #1771858)

  [ Ioanna Alifieraki ]
  * d/p/systemctl-Replace-check_one_unit-by-get_state_one_un.patch
    - Backport upstream PR#2768 needed for next patch
  * d/p/systemctl-load-unit-if-needed-in-systemctl-is-active.patch
    - Backport upstream PR#7997 to fix alias service reports inactive while
      aliased is active (LP: #1828892)

 -- Dan Streetman <email address hidden>  Wed, 24 Apr 2019 17:15:36 -0400
Superseded in bionic-updates on 2019-08-06
Deleted in bionic-proposed on 2019-08-08 (Reason: moved to -updates)
systemd (237-3ubuntu10.24) bionic; urgency=medium

  [Dimitri John Ledkov 🌈]
  * core: export environment when running generators.
    Ensure that manager's environment (including e.g. PATH) is exported when
    running generators. Otherwise, one is at a mercy of running without PATH which
    can lead to buggy generator behaviour. (LP: #1771858)

 -- Balint Reczey <email address hidden>  Mon, 24 Jun 2019 14:50:38 +0200
Superseded in bionic-updates on 2019-07-04
Deleted in bionic-proposed on 2019-07-05 (Reason: moved to -updates)
systemd (237-3ubuntu10.23) bionic; urgency=medium

  * d/p/resolved-do-not-hit-CNAME-in-NODATA.patch:
    - fix stub resolver cache (LP: #1818527)

 -- Heitor Alves de Siqueira <email address hidden>  Tue, 04 Jun 2019 15:54:24 -0300
Published in eoan-release on 2019-06-05
Deleted in eoan-proposed (Reason: moved to release)
systemd (240-6ubuntu9) eoan; urgency=medium

  * Fix typpo in storage test.
    File: debian/tests/storage
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f28aa5fe4ab175b99b6ea702559c59ca473b4ca8

  * Fix bashism
    File: debian/extra/dhclient-enter-resolved-hook
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0725c1169ddde4f41cacba7af3e546704e2206be

Superseded in eoan-proposed on 2019-05-30
systemd (240-6ubuntu8) eoan; urgency=medium

  * Only restart resolved on changes in dhclient enter hook.
    This prevents spurious restarts of resolved on rebounds when
    the addresses did not change. (LP: #1805183)
    Author: Julian Andres Klode
    File: debian/extra/dhclient-enter-resolved-hook
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=258893bae8cbb12670e4807636fe8f7e9fb5407a

  * Wait for cryptsetup unit to start, before stopping.
    Patch from cascardo. Plus small refactor for readability. (LP: #1814373)
    File: debian/tests/storage
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b65aa350be7e61c65927fbc0921a750fcfaa51cd

  * Wait for systemctl is-system-running state.
    File: debian/tests/boot-smoke
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=776998f1f55c445b6e385cab69a4219c42d00838

 -- Dimitri John Ledkov <email address hidden>  Thu, 30 May 2019 14:59:04 +0100

Available diffs

Superseded in bionic-updates on 2019-06-20
Deleted in bionic-proposed on 2019-06-22 (Reason: moved to -updates)
systemd (237-3ubuntu10.22) bionic; urgency=medium

  * d/p/resolved-rework-how-we-determine-which-scope-to-send.patch
    - fix DNS leakage (LP: 1754671)
  * d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
    - prevent buffer overflow when reading keyring (LP: #1814373)
  * d/t/boot-smoke:
    - Fix false negative checking for running jobs after boot
      (LP: #1825997)

 -- Dan Streetman <email address hidden>  Wed, 24 Apr 2019 17:15:36 -0400
Published in cosmic-updates on 2019-06-10
Deleted in cosmic-proposed (Reason: moved to -updates)
systemd (239-7ubuntu10.14) cosmic; urgency=medium

  * d/p/resolved-rework-how-we-determine-which-scope-to-send.patch
    - fix DNS leakage (LP: 1754671)
  * d/t/boot-and-services:
    - skip test_no_failed if gdm failed to start (LP: #1830484)
  * d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
    - prevent buffer overflow when reading keyring (LP: #1814373)
  * d/t/boot-smoke:
    - Fix false negative checking for running jobs after boot
      (LP: #1825997)

 -- Dan Streetman <email address hidden>  Wed, 24 Apr 2019 17:08:26 -0400
Superseded in disco-updates on 2019-07-15
Deleted in disco-proposed on 2019-07-16 (Reason: moved to -updates)
systemd (240-6ubuntu5.1) disco; urgency=medium

  * d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
    - prevent buffer overflow when reading keyring (LP: #1814373)
  * d/p/network-wireguard-fixes-sending-wireguard-peer-setti.patch,
    d/p/test-network-add-more-checks-in-NetworkdNetDevTests..patch,
    d/p/sd-netlink-introduce-sd_netlink_message_append_socka.patch,
    d/p/network-wireguard-use-sd_netlink_message_append_sock.patch:
    - systemd doesn't set wireguard peer endpoint (LP: #1825378)
  * d/t/boot-smoke:
    - Fix false negative checking for running jobs after boot
      (LP: #1825997)

 -- Dan Streetman <email address hidden>  Thu, 16 May 2019 06:07:49 -0400

Available diffs

Superseded in eoan-proposed on 2019-05-30
systemd (240-6ubuntu7) eoan; urgency=medium

  * Revert "Add check to switch VTs only between K_XLATE or K_UNICODE"
    This reverts commit 60407728a1a453104e3975ecfdf25a254dd7cc44.
    Files:
    - debian/patches/Add-check-to-switch-VTs-only-between-K_XLATE-or-K_UNICODE.patch
    - debian/patches/Move-verify_vc_kbmode-to-terminal-util.c-as-vt_verify_kbm.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=18029ab5ff436bfb3b401f24cd1e3a4cf2a1579c

  * Cherrypick missing systemd-stable patches to unbreak wireguard peer endpoints.
    Signed-off-by: Dimitri John Ledkov <email address hidden> (LP: #1825378)
    Author: Dan Streetman
    Files:
    - debian/patches/network-wireguard-fixes-sending-wireguard-peer-setti.patch
    - debian/patches/network-wireguard-use-sd_netlink_message_append_sock.patch
    - debian/patches/sd-netlink-introduce-sd_netlink_message_append_socka.patch
    - debian/patches/test-network-add-more-checks-in-NetworkdNetDevTests..patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=4046f515e40c4dc80d18d2303466737f1f451f11

  * Remove expected failure from passing test.
    Signed-off-by: Dimitri John Ledkov <email address hidden> (LP: #1829450)
    Author: Dan Streetman
    File: debian/tests/systemd-fsckd
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c43b12037d08555dc1d26593307726d7c7992df0

  * Fix false negative checking for running jobs after boot.
    Signed-off-by: Dimitri John Ledkov <email address hidden> (LP: #1825997)
    Author: Dan Streetman
    File: debian/tests/boot-smoke
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=aeb01631efbaf3fe851dee15d496e0b66b5c347f

  * Cherrypick ask-password: prevent buffer overrow when reading from keyring.
    Signed-off-by: Dimitri John Ledkov <email address hidden> (LP: #1814373)
    Author: Dan Streetman
    File: debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6d6e9cbd4fc6e018031a4762e88f2c3aa19e24e8

 -- Dimitri John Ledkov <email address hidden>  Wed, 29 May 2019 19:54:37 +0100

Available diffs

Superseded in eoan-proposed on 2019-05-29
systemd (240-6ubuntu6) eoan; urgency=medium

  * Add check to switch VTs only between K_XLATE or K_UNICODE.
    Switching to K_UNICODE from other than L_XLATE can make the keyboard
    unusable and possibly leak keypresses from X. (LP: #1803993)

 -- Balint Reczey <email address hidden>  Thu, 16 May 2019 23:22:15 +0200

Available diffs

Superseded in bionic-updates on 2019-06-10
Deleted in bionic-proposed on 2019-06-11 (Reason: moved to -updates)
systemd (237-3ubuntu10.21) bionic; urgency=medium

  * d/p/networkd-fix-dhcp4-link-without-routes-not-being-con.patch:
    - fix dhcp4 link without routes not being considered ready
    - (LP: #1804478)

 -- Dan Streetman <email address hidden>  Mon, 15 Apr 2019 08:29:50 -0400
Superseded in eoan-release on 2019-06-05
Published in disco-release on 2019-04-13
Deleted in disco-proposed (Reason: moved to release)
systemd (240-6ubuntu5) disco; urgency=medium

  * systemd-stable: cherrypick many bugfixes from the v240-stable branch.
    Includes many documentation fixes, memory safety (use after free, read
    overruns, etc), networkd wireguard fixes, POSIX ACL fix which is preventing adm
    group from reading journals (LP: #1824342), journal dropping caches
    improvement, fixes regressions in udevadm / machinectl command line parsing.
    Files:
    - debian/patches/Add-missing-dash-to-all-option-in-the-timedatectl-man-pag.patch
    - debian/patches/Add-note-about-transactions-being-genereated-independentl.patch
    - debian/patches/Change-job-mode-of-manager-triggered-restarts-to-JOB_REPL.patch
    - debian/patches/Fix-omission-in-docs.patch
    - debian/patches/Log-the-job-being-merged.patch
    - debian/patches/NEWS-document-deprecation-of-PermissionsStartOnly-in-v240.patch
    - debian/patches/NEWS-retroactively-describe-.include-deprecation.patch
    - debian/patches/Update-systemd-system.conf.xml.patch
    - debian/patches/basic-prioq-add-prioq_peek_item.patch
    - debian/patches/core-Fix-EOPNOTSUPP-emergency-action-error-string.patch
    - debian/patches/core-Fix-return-argument-check-for-parse_emergency_action.patch
    - debian/patches/core-mount-do-not-add-Before-local-fs.target-or-remote-fs.patch
    - debian/patches/core-mount-move-static-function-earlier-in-file.patch
    - debian/patches/curl-util-fix-use-after-free.patch
    - debian/patches/ethtool-Make-sure-advertise-is-actually-set-when-autonego.patch
    - debian/patches/journal-avoid-buffer-overread-when-locale-name-is-too-lon.patch
    - debian/patches/journal-limit-the-number-of-entries-in-the-cache-based-on.patch
    - debian/patches/journald-periodically-drop-cache-for-all-dead-PIDs.patch
    - debian/patches/machinectl-fix-argument-index-in-error-log.patch
    - debian/patches/man-Fix-a-typo-in-systemd.exec.xml.patch
    - debian/patches/man-fix-reference.patch
    - debian/patches/man-fix-volume-num-of-journalctl.patch
    - debian/patches/man-update-DefaultDependency-in-systemd.mount-5.patch
    - debian/patches/netlink-set-maximum-size-of-WGDEVICE_A_IFNAME.patch
    - debian/patches/network-make-Link-and-NetDev-always-have-the-valid-poiter.patch
    - debian/patches/network-unset-Network-manager-when-loading-.network-file-.patch
    - debian/patches/network-wireguard-rename-and-split-set_wireguard_interfac.patch
    - debian/patches/networkd-wait-for-kernel-to-reply-ipv6-peer-address.patch
    - debian/patches/nspawn-ignore-SIGPIPE-for-nspawn-itself.patch
    - debian/patches/pager-improve-english-a-bit.patch
    - debian/patches/pid1-fix-cleanup-of-stale-implicit-deps-based-on-proc-sel.patch
    - debian/patches/procfs-util-expose-functionality-to-query-total-memory.patch
    - debian/patches/pull-fix-invalid-error-check.patch
    - debian/patches/shared-Revert-commit-49fe5c099-in-parts-for-function-pars.patch
    - debian/patches/shared-dissect-image-make-sure-that-we-don-t-truncate-dev.patch
    - debian/patches/test-execute-unset-HOME-before-testing.patch
    - debian/patches/udev-do-logging-before-setting-variables-to-NULL.patch
    - debian/patches/udev-val-may-be-NULL-use-strempty.patch
    - debian/patches/udevadm-info-a-should-enumerate-sysfs-attributes-not-envs.patch
    - debian/patches/udevd-use-worker_free-on-failure-in-worker_new.patch
    - debian/patches/units-make-sure-initrd-cleanup.service-terminates-before-.patch
    - debian/patches/wait-online-do-not-fail-if-we-receive-invalid-messages.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2b3db732ba7e5418d45ca42884e8d075189f2724

  * Only test that gdm3 comes up on amd64. Stalls on other arches.
    File: debian/tests/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=97cb13685dfb353045c449ec5d6d1df60f661079

  * tests/storage: make the test more resilient.
    Skip if the scsi_debug module is not available (like on custom kernels). Do not
    fail the tests if removing the module fail, at the end of the test run.
    File: debian/tests/storage
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c08dcb1ffe372acd3a21496758a1984ff78dcdd4

 -- Dimitri John Ledkov <email address hidden>  Thu, 11 Apr 2019 14:44:08 +0100

Available diffs

Superseded in disco-release on 2019-04-13
Deleted in disco-proposed on 2019-04-14 (Reason: moved to release)
systemd (240-6ubuntu4) disco; urgency=medium

  * pam-systemd: use secure_getenv() rather than getenv()
    CVE-2019-3842
    File: debian/patches/pam-systemd-use-secure_getenv-rather-than-getenv.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3291e9e8c3eafd0c8921cb26a0d5ee0fd563b3c

  * core: queue jobs on uninstall to generate PropertiesChanged signal.
    (LP: #1816812)
    File: debian/patches/core-when-we-uninstall-a-job-add-unit-to-dbus-queue.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=241deca98fb9a0f1ba9a6ba781f738fb31a3bd80

 -- Dimitri John Ledkov <email address hidden>  Wed, 10 Apr 2019 01:06:03 +0100

Available diffs

Superseded in bionic-updates on 2019-04-23
Deleted in bionic-proposed on 2019-04-24 (Reason: moved to -updates)
systemd (237-3ubuntu10.20) bionic; urgency=medium

  [ Ioanna Alifieraki ]
  * d/p/backport_network-fix-return-value-of-routing_policy_rule_get.patch,
    d/p/backport_network-remove-routing-policy-rule-from-foreign.patch,
    d/p/backport_network-do-not-remove-rule-when-requested-by-existing-links.patch:
    - Fix RoutingPolicyRule does not apply correctly (LP: #1818282)

  [ Dan Streetman ]
  * d/p/fix-test-22.patch
    - fix TEST-22 failures
  * d/p/networkd-Track-address-configuration.patch,
    d/p/networkd-Use-only-a-generic-CONFIGURING-state.patch,
    d/p/networkd-don-t-remove-route.patch,
    d/p/networkd-don-t-remove-ip-address.patch,
    d/p/Move-link_check_ready-to-later-in-the-file.patch,
    d/p/network-set-_configured-flags-to-false-before-reques.patch,
    d/p/Install-routes-after-addresses-are-ready.patch:
    - PreferredSource not working in *.network files (LP: #1812760)

  [ Dimitri John Ledkov ]
  * Specify Ubuntu's Vcs-Git

 -- Dan Streetman <email address hidden>  Thu, 04 Apr 2019 07:29:38 -0400
Superseded in cosmic-updates on 2019-06-10
Deleted in cosmic-proposed on 2019-06-11 (Reason: moved to -updates)
systemd (239-7ubuntu10.13) cosmic; urgency=medium

  [ Ioanna Alifieraki ]
  * d/p/backport_network-fix-return-value-of-routing_policy_rule_get.patch,
    d/p/backport_network-remove-routing-policy-rule-from-foreign.patch,
    d/p/backport_network-do-not-remove-rule-when-requested-by-existing-links.patch:
      - Fix RoutingPolicyRule does not apply correctly (LP: #1818282)

  [ Dan Streetman ]
  * d/p/networkd-Track-address-configuration.patch,
    d/p/networkd-Use-only-a-generic-CONFIGURING-state.patch,
    d/p/networkd-don-t-remove-route.patch,
    d/p/networkd-don-t-remove-ip-address.patch,
    d/p/Move-link_check_ready-to-later-in-the-file.patch,
    d/p/network-set-_configured-flags-to-false-before-reques.patch,
    d/p/Install-routes-after-addresses-are-ready.patch:
      - PreferredSource not working in *.network files (LP: #1812760)
  * Specify Ubuntu's Vcs-Git

 -- Dan Streetman <email address hidden>  Thu, 04 Apr 2019 07:29:38 -0400
Published in trusty-updates on 2019-04-08
Published in trusty-security on 2019-04-08
systemd (204-5ubuntu20.31) trusty-security; urgency=medium

  * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
    incorrect Policykit authorization
    - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
      getenv() in pam_systemd.c
    - CVE-2019-3842

 -- Chris Coulson <email address hidden>  Thu, 07 Mar 2019 16:30:13 +0000
Superseded in xenial-updates on 2019-07-04
Published in xenial-security on 2019-04-08
systemd (229-4ubuntu21.21) xenial-security; urgency=medium

  * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
    incorrect Policykit authorization
    - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
      getenv() in pam_systemd.c
    - CVE-2019-3842

 -- Chris Coulson <email address hidden>  Fri, 29 Mar 2019 16:43:00 +0000
Superseded in bionic-updates on 2019-04-15
Published in bionic-security on 2019-04-08
systemd (237-3ubuntu10.19) bionic-security; urgency=medium

  * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
    incorrect Policykit authorization
    - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
      getenv() in pam_systemd.c
    - CVE-2019-3842

 -- Chris Coulson <email address hidden>  Fri, 29 Mar 2019 16:40:26 +0000
Superseded in cosmic-updates on 2019-04-15
Published in cosmic-security on 2019-04-08
systemd (239-7ubuntu10.12) cosmic-security; urgency=medium

  * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
    incorrect Policykit authorization
    - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
      getenv() in pam_systemd.c
    - CVE-2019-3842

 -- Chris Coulson <email address hidden>  Wed, 03 Apr 2019 11:52:48 +0100
Superseded in xenial-updates on 2019-04-08
Deleted in xenial-proposed on 2019-04-09 (Reason: moved to -updates)
systemd (229-4ubuntu21.19) xenial; urgency=medium

  [ Michael Vogt ]
  * d/p/fix-race-daemon-reload-11121.patch:
    - backport systemd upstream PR#8803 and PR#11121 to fix race
      when doing systemctl and systemctl daemon-reload at the
      same time LP: #1819728

  [ Balint Reczey ]
  * d/p/virt-detect-WSL-environment-as-a-container.patch:
    - virt: detect WSL environment as a container (LP: #1816753)

 -- Michael Vogt <email address hidden>  Mon, 25 Mar 2019 16:04:56 +0100
Superseded in bionic-updates on 2019-04-08
Deleted in bionic-proposed on 2019-04-09 (Reason: moved to -updates)
systemd (237-3ubuntu10.17) bionic; urgency=medium

  [ Michael Vogt ]
  * d/p/Support-system-image-read-only-etc.patch:
    - re-add support for /etc/writable for core18 (LP: #1778936)
  * d/p/fix-race-daemon-reload-8803.patch:
    - backport systemd upstream PR#8803 and PR#11121 to fix race
      when doing systemctl and systemctl daemon-reload at the
      same time LP: #1819728

  [ Balint Reczey ]
   * d/p/virt-detect-WSL-environment-as-a-container.patch:
     - virt: detect WSL environment as a container (LP: #1816753)

 -- Michael Vogt <email address hidden>  Mon, 18 Mar 2019 08:40:44 +0100
Superseded in cosmic-updates on 2019-04-08
Deleted in cosmic-proposed on 2019-04-09 (Reason: moved to -updates)
systemd (239-7ubuntu10.11) cosmic; urgency=medium

  * virt: detect WSL environment as a container (LP: #1816753)

 -- Balint Reczey <email address hidden>  Mon, 25 Mar 2019 11:30:22 +0100
Superseded in disco-release on 2019-04-10
Deleted in disco-proposed on 2019-04-11 (Reason: moved to release)
systemd (240-6ubuntu3) disco; urgency=medium

  * virt: detect WSL environment as a container (LP: #1816753)
  * debian/control: Update Vcs-{Browser|Git} to Ubuntu's packaging repository
  * debian/gbp.conf: Set tag format to ubuntu/*

 -- Balint Reczey <email address hidden>  Fri, 22 Mar 2019 18:39:48 +0100

Available diffs

Deleted in xenial-proposed on 2019-03-15 (Reason: SRU possibly introduces regressions (verification-failed ...)
systemd (229-4ubuntu21.18) xenial; urgency=medium

  * d/p/fix-race-daemon-reload-8803.patch:
    - backport systemd upstream PR#8803 to fix race when doing
      systemctl and systemctl daemon-reload at the same time
      LP: #1819728

 -- Michael Vogt <email address hidden>  Wed, 13 Mar 2019 16:17:45 +0100
Superseded in bionic-proposed on 2019-03-25
systemd (237-3ubuntu10.16) bionic; urgency=medium

  * d/p/Support-system-image-read-only-etc.patch:
    - re-add support for /etc/writable for core18 (LP: #1778936)
  * d/p/fix-race-daemon-reload-8803.patch:
    - backport systemd upstream PR#8803 to fix race when doing
      systemctl and systemctl daemon-reload at the same time
      LP: #1819728

 -- Michael Vogt <email address hidden>  Wed, 13 Mar 2019 07:42:11 +0100
Superseded in disco-release on 2019-03-25
Deleted in disco-proposed on 2019-03-26 (Reason: moved to release)
systemd (240-6ubuntu2) disco; urgency=medium

  * d/p/network-remove-routing-policy-rule-from-foreign-rule.patch
  * d/p/network-do-not-remove-rule-when-it-is-requested-by-e.patch
    - Fix RoutingPolicyRule does not apply correctly (LP: #1818282)

 -- Ioanna Alifieraki <email address hidden>  Mon, 04 Mar 2019 10:32:19 +0000

Available diffs

Superseded in bionic-updates on 2019-04-04
Deleted in bionic-proposed on 2019-04-05 (Reason: moved to -updates)
systemd (237-3ubuntu10.15) bionic; urgency=medium

  [ Victor Tapia ]
  * d/p/stop-mount-error-propagation.patch:
    keep mount errors local to the failing mount point instead of blocking
    the processing of all mounts (LP: #1755863)

 -- Dan Streetman <email address hidden>  Thu, 28 Feb 2019 16:03:40 -0500
Superseded in cosmic-updates on 2019-04-04
Deleted in cosmic-proposed on 2019-04-05 (Reason: moved to -updates)
systemd (239-7ubuntu10.10) cosmic; urgency=medium

  [ Victor Tapia ]
  * d/p/stop-mount-error-propagation.patch:
    keep mount errors local to the failing mount point instead of
    blocking the processing of all mounts (LP: #1755863)

 -- Dan Streetman <email address hidden>  Thu, 28 Feb 2019 14:29:48 -0500
Superseded in xenial-updates on 2019-04-04
Deleted in xenial-proposed on 2019-04-05 (Reason: moved to -updates)
systemd (229-4ubuntu21.17) xenial; urgency=medium

  [ Victor Tapia ]
  * d/p/stop-mount-error-propagation.patch:
    keep mount errors local to the failing mount point instead of blocking
    the processing of all mounts (LP: #1755863)

  [ Eric Desrochers ]
  * d/p/fix-egde-case-when-processing-proc-self-mountinfo.patch:
    Mounting any file system to a mount point in a directory
    that is bind mounted to itself will create an inactive
    mount unit. (LP: #1795764)

 -- Dan Streetman <email address hidden>  Thu, 28 Feb 2019 17:50:50 -0500
Superseded in bionic-proposed on 2019-03-05
systemd (237-3ubuntu10.14) bionic; urgency=medium

  [ Victor Tapia ]
  * d/p/stop-mount-error-propagation.patch:
    keep mount errors local to the failing mount point instead of blocking
    the processing of all mounts (LP: #1755863)

  [ Daniel Axtens ]
  * Fix an issue where IPv6 routes that specified PreferredSource
    would not be added - upstream bug #5882. (LP: #1812760)
    - debian/patches/networkd-don-t-remove-ip-address.patch,
      debian/patches/networkd-don-t-remove-route.patch: don't clear out all
      IP addresses and routes when starting, only ones not in the config.
      Required for the remaining patches to fully cover the field.
    - debian/patches/Move-link_check_ready-to-later-in-the-file.patch,
      debian/patches/Install-routes-after-addresses-are-ready.patch: wait
      until addresses are ready (not tentative) before installing routes,
      allowing routes with IPv6 source addresses to work.

 -- Dan Streetman <email address hidden>  Thu, 28 Feb 2019 16:03:40 -0500

Available diffs

  • diff from 237-3ubuntu10.12 to 237-3ubuntu10.14 (pending)
Superseded in cosmic-proposed on 2019-03-05
systemd (239-7ubuntu10.9) cosmic; urgency=medium

  [ Victor Tapia ]
  * d/p/stop-mount-error-propagation.patch:
    keep mount errors local to the failing mount point instead of
    blocking the processing of all mounts (LP: #1755863)

  [ Daniel Axtens ]
  * Fix a bug where IPv6 routes that specified PreferredSource
    would not be added - upstream bug #5882. (LP: #1812760)
    - debian/patches/networkd-don-t-remove-ip-address.patch,
      debian/patches/networkd-don-t-remove-route.patch: don't clear out all
      IP addresses and routes when starting, only ones not in the config.
      Required for the remaining patches to fully cover the field.
    - debian/patches/Move-link_check_ready-to-later-in-the-file.patch,
      debian/patches/Install-routes-after-addresses-are-ready.patch: wait
      until addresses are ready (not tentative) before installing routes,
      allowing routes with IPv6 source addresses to work.

 -- Dan Streetman <email address hidden>  Thu, 28 Feb 2019 14:29:48 -0500

Available diffs

  • diff from 239-7ubuntu10.7 to 239-7ubuntu10.9 (pending)
Superseded in disco-release on 2019-03-18
Deleted in disco-proposed on 2019-03-19 (Reason: moved to release)
systemd (240-6ubuntu1) disco; urgency=medium

  * Release to ubuntu.

Available diffs

Superseded in disco-release on 2019-02-26
Deleted in disco-proposed on 2019-02-27 (Reason: moved to release)
systemd (240-5ubuntu4) disco; urgency=medium

  * debian/tests/control: add socat to upstream tests for pull #11591
    File: debian/tests/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7dff5196e23f50d15c0e0c4cb6742a1cc1cc704a

  * udevadm: Fix segfault with subsystem-match containing '/' (Closes: #919206)
    Author: Martin Pitt
    File: debian/patches/udevadm-fix-segfault.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=736973d38676301f276716f22a746aed2489baac

  * Blacklist TEST-10-ISSUE-2467 #11706
    File: debian/tests/upstream
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f93b9e46b54388370da7b0cd7f858031be3a2578

  * Fix comment about why we disable hwclock.service.
    Systemd nowadays doesn't do it itself because the kernel does it on its own when necessary,
    and when not, it is not safe to save the hwclock (eg, there is no certainty the system clock
    is correct)
    Author: Felipe Sateler
    File: debian/systemd.links
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8473f88fffdb9db1f5ba547bb692a911997f2569

  * udev: Backport upstream preventing mass killings when not running under systemd
    (Closes: #918764)
    Author: Felipe Sateler
    File: debian/patches/udev-check-whether-systemd-is-running-and-do-not-use-cg_k.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=617ee70c31c45ea5d5c6c7b30766d47f0b89446c

  * debian/tests/storage: fix for LUKS2 and avoid interactive password prompts.
    File: debian/tests/storage
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5594ebf325816e76a8c58043c56fc94f2d52b2a6

 -- Dimitri John Ledkov <email address hidden>  Thu, 14 Feb 2019 14:51:37 +0000

Available diffs

Superseded in bionic-updates on 2019-03-11
Superseded in bionic-security on 2019-04-08
systemd (237-3ubuntu10.13) bionic-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted dbus message
    - debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
      dbus paths, and don't allocate them on the stack
    - debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
      sd-bus: if we receive an invalid dbus message, ignore and proceeed
    - CVE-2019-6454

  * Do not remove multiple spaces after identifier in syslog message
    - add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch

 -- Chris Coulson <email address hidden>  Wed, 13 Feb 2019 21:32:34 +0000
Superseded in xenial-updates on 2019-03-11
Superseded in xenial-security on 2019-04-08
systemd (229-4ubuntu21.16) xenial-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted dbus message
    - debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
      dbus paths, and don't allocate them on the stack
    - debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
      sd-bus: if we receive an invalid dbus message, ignore and proceeed
    - CVE-2019-6454

  * Do not remove multiple spaces after identifier in syslog message
    - add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch

 -- Chris Coulson <email address hidden>  Wed, 13 Feb 2019 22:03:22 +0000
Superseded in cosmic-updates on 2019-03-11
Superseded in cosmic-security on 2019-04-08
systemd (239-7ubuntu10.8) cosmic-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted dbus message
    - debian/patches/CVE-2019-6454.patch: sd-bus: enforce a size limit for
      dbus paths, and don't allocate them on the stack
    - debian/patches/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch:
      sd-bus: if we receive an invalid dbus message, ignore and proceeed
    - CVE-2019-6454

  * Do not remove multiple spaces after identifier in syslog message
    - add debian/patches/journal-do-not-remove-multiple-spaces-after-identifi.patch

 -- Chris Coulson <email address hidden>  Tue, 12 Feb 2019 00:41:18 +0000
Superseded in disco-release on 2019-02-18
Deleted in disco-proposed on 2019-02-20 (Reason: moved to release)
systemd (240-5ubuntu3) disco; urgency=medium

  * debian/tests: blacklist upstream test-24-unit-tests on ppc64le.
    Fails, not a regression as it's a new test case, which was never before
    executed on ppc64le.
    File: debian/tests/upstream
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8062b9a2712c390010d2948eaf764a1b52e68715

 -- Dimitri John Ledkov <email address hidden>  Sat, 02 Feb 2019 11:05:12 +0100
Superseded in disco-proposed on 2019-02-02
systemd (240-5ubuntu2) disco; urgency=medium

  * core: Revert strict mount namespacing/sandboxing, until LXD allows the needed mounts.
    (LP: #1813622)
    File: debian/patches/Revert-namespace-be-more-careful-when-handling-namespacin.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=030919ba5e4931d6ee576d0259fae67fe4ed9770

  * resolved: add support for pipelined requests. (LP: #1811471)
    Files:
    - debian/patches/llmnr-add-comment-why-we-install-no-complete-handler-on-s.patch
    - debian/patches/resolved-add-comment-to-dns_stream_complete-about-its-err.patch
    - debian/patches/resolved-keep-stub-stream-connections-up-for-as-long-as-c.patch
    - debian/patches/resolved-only-call-complete-with-zero-argument-in-LLMNR-c.patch
    - debian/patches/resolved-restart-stream-timeout-whenever-we-managed-to-re.patch
    - debian/patches/stream-follow-coding-style-don-t-use-degrade-to-bool-for-.patch
    - debian/patches/stream-track-type-of-DnsStream-object.patch
    - debian/patches/transaction-simplify-handling-if-we-get-an-unexpected-DNS.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8ad1db08c2135af098a33957ce7cffbe21fb683f

  * networkd: [Route] PreferredSource not working in *.network files.
    (LP: #1812760)
    Files:
    - debian/patches/Install-routes-after-addresses-are-ready.patch
    - debian/patches/Move-link_check_ready-to-later-in-the-file.patch
    - debian/patches/tests-Add-test-for-IPv6-source-routing.patch
    - debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4e2ee0b2ac1be2ae78952890a56a2d5398df518

 -- Dimitri John Ledkov <email address hidden>  Wed, 30 Jan 2019 11:46:53 +0000

Available diffs

Superseded in bionic-updates on 2019-02-18
Deleted in bionic-proposed on 2019-02-19 (Reason: moved to -updates)
systemd (237-3ubuntu10.12) bionic; urgency=medium

  * d/p/resolve-enable-EDNS0-towards-the-127.0.0.53-stub-res.patch
    getaddrinfo() failures when fallback to dns tcp queries, so enable
    edns0 in resolv.conf (LP: #1811471)

  [ Victor Tapia ]
  * d/p/resolved-Increase-size-of-TCP-stub-replies.patch
    dns failures with edns0 disabled and truncated response (LP: #1804487)

 -- Dan Streetman <email address hidden>  Tue, 29 Jan 2019 14:26:48 -0500
Superseded in cosmic-updates on 2019-02-18
Deleted in cosmic-proposed on 2019-02-19 (Reason: moved to -updates)
systemd (239-7ubuntu10.7) cosmic; urgency=medium

  * d/p/resolve-enable-EDNS0-towards-the-127.0.0.53-stub-res.patch
    getaddrinfo() failures when fallback to dns tcp queries, so enable
    edns0 in resolv.conf (LP: #1811471)

  [ Victor Tapia ]
  * d/p/resolved-Increase-size-of-TCP-stub-replies.patch
    dns failures with edns0 disabled and truncated response (LP: #1804487)

 -- Dan Streetman <email address hidden>  Tue, 29 Jan 2019 14:19:39 -0500
Deleted in disco-proposed on 2019-01-29 (Reason: removed per uploader)
systemd (240-5ubuntu1) disco; urgency=medium

  * Reenable pristine-tar in gbp.conf.
    The pristine-tar bug has been fixed, so we can use it again.
    This reverts commit 9fcfbbf6fea15eacfa3fad74240431c5f2c3300e.
    Author: Felipe Sateler
    File: debian/gbp.conf
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=045998b2a974f9322535fef6018b3c5fff6da342

  * debian/tests/storage: improve cleanups.
    On fast ppc64el machines, cryptsetup start job may not complete by the time
    tearDown is executed. In that case stop, causes to simply cancel the start job
    without actually cleaning up the dmsetup node. This leads to failing subsequent
    test as it no longer starts with a clean device. Thus ensure the
    systemd-cryptsetup unit is started, before stopping it.
    Also rmmod scsi_debug module at the end, to allow re-running the test in a
    loop.
    File: debian/tests/storage
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=bfafb0924a59f2a93bcde00fc9eeea5c4d058977

  * d/watch: add version mangle to transform -rc to ~rc.
    Upstream has started releasing rcs, so let's account for that
    Author: Felipe Sateler
    File: debian/watch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=db2dbed693ac75c88ea6ed923537d18d30fc1cdf

  * debian/tests/upstream: Mark TEST-13-NSPAWN-SMOKE as flakey.
    File: debian/tests/upstream
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a106d9c60b7b9fc3e16e423ca6a4d376560927cc

Available diffs

Superseded in disco-proposed on 2019-01-28
systemd (240-4ubuntu2) disco; urgency=medium

  * Import patches to support PPC64LE qemu based testing.
    Files:
    - debian/tests/control
    - debian/patches/test-test-functions-on-PP64-use-vmlinux.patch
    - debian/patches/test-test-functions-on-PPC64-use-hvc0-console.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=483a4daba07f809883883e8e8b9c365cfbf7256e

 -- Dimitri John Ledkov <email address hidden>  Thu, 24 Jan 2019 16:55:01 +0000

Available diffs

Superseded in disco-proposed on 2019-01-24
systemd (240-4ubuntu1) disco; urgency=medium

  * Skip starting systemd-remount-fs.service in containers
    even when /etc/fstab is present.
    This allows entering fully running state even when /etc/fstab
    lists / to be mounted from a device which is not present in the
    container. (LP: #1576341)
    Author: Balint Reczey
    File: debian/patches/debian/Skip-starting-systemd-remount-fs.service-in-containers.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3bde262e129a9d2c60eeff37e63d3da7d58ce5dd

  * Set UseDomains to true, by default, on Ubuntu.
    On Ubuntu, fallback DNS servers are disabled, therefore we do not leak queries
    to a preset 3rd party by default. In resolved, dnssec is also disabled by
    default, as too much of the internet is broken and using Ubuntu users to debug
    the internet is not very productive - most of the time the end-user cannot fix
    or know how to notify the site owners about the dnssec mistakes. Inherintally
    the DHCP acquired DNS servers are therefore trusted, and are free to spoof
    records. Not trusting DNS search domains, in such scenario, provides limited
    security or privacy benefits. From user point of view, this also appears to be
    a regression from previous Ubuntu releases which do trust DHCP acquired search
    domains by default.
    Therefore we are enabling UseDomains by default on Ubuntu.
    Users may override this setting in the .network files by specifying
    [DHCP|IPv6AcceptRA] UseDomains=no|route options.
    File: debian/patches/debian/Ubuntu-UseDomains-by-default.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1e5b00cdfd6b9317704e1383d26365a68c041c56

  * Enable systemd-resolved by default
    File: debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=05adfa0902115f51c1196ad623165a75bb8b4313

  * Create /etc/resolv.conf at postinst, pointing at the stub resolver.
    The stub resolver file is dynamically managed by systemd-resolved. It points at
    the stub resolver as the nameserver, however it also dynamically updates the
    search stanza, thus non-nss dns tools work correctly with unqualified names and
    correctly use the DHCP acquired search domains.
    File: debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ef4adf46bbbe2d22508b70b889d23da53b85039d

  * libnss-resolve: do not disable and stop systemd-resolved
    resolved is always used by default on ubuntu via stub resolver, therefore it
    should continue to operate without libnss-resolve module installed.
    File: debian/libnss-resolve.postrm
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=95577d14e84e19b614b83b2e24985d89e8c2dac0

  * Ignore failures to set Nice priority on services in containers.
    File: debian/patches/debian/Ubuntu-core-in-execute-soft-fail-setting-Nice-priority-when.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5b8e457f8d883fc6f55d33d46b3474926a495d29

  * units: set ConditionVirtualization=!private-users on journald audit socket.
    It fails to start in unprivileged containers.
    File: debian/patches/debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=03ed18a9940731bbf794ad320fabf337488835c6

  * debian/tests: Switch to gdm, enforce udev upgrade.
    Files:
    - debian/tests/boot-and-services
    - debian/tests/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f350b43ccc1aa31c745b4ccebbb4084d5cea41ff

  * Always setup /etc/resolv.conf on new installations.
    On new installations, /etc/resolv.conf will always exist. Move it to /run
    and replace it with the desired final symlink. (LP: #1712283)
    File: debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=20bc8a37fa3c9620bed21a56a4eabd71db71d861

  * Enable systemd-networkd by default.
    File: debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e5ff45174306b17077b907bc25cfd763ac6934f1

  * boot-and-services: skip gdm3 tests when absent, as it is on s390x.
    Files:
    - debian/tests/boot-and-services
    - debian/tests/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=cf05ba013979f53ad69fd2c548ec01c7a5339f64

  * initramfs-tools: trigger udevadm add actions with subsystems first.
    This updates the initramfs-tools init-top udev script to trigger udevadm
    actions with type specified. This mimicks the
    systemd-udev-trigger.service. Without type specified only devices are
    triggered, but triggering subsystems may also be required and should happen
    before triggering the devices. This is the case for example on s390x with zdev
    generated udev rules. (LP: #1713536)
    File: debian/extra/initramfs-tools/scripts/init-top/udev
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=4016ca5629b6c56b41a4f654e7a808c82e290cac

  * Ubuntu/extra: ship dhclient-enter hook.
    This allows isc-dhcp dhclient to set search domains and nameservers via
    resolved.
    Files:
    - debian/extra/dhclient-enter-resolved-hook
    - debian/rules
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3398a213f80b02bf3db0c1ce9e22d69f6d56764

  * Disable systemd-networkd-wait-online by default.
    Currently it is not fit for purpose, as it leads to long boot times when
    networking is unplugged or not yet configured on boot. (LP: #1714301)
    File: debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=694473d812b50d2fefd6494d494ca02b91bc8785

  * networkd: change UseMTU default to true.
    Cherry-pick upstream change. (LP: #1717471)
    File: debian/patches/networkd-change-UseMTU-default-to-true.-6837.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=44aa315dd6d9054a5cabd413ec8657b6bfdfc029

  * postinst: drop empty/stock /etc/rc.local (LP: #1716979)
    File: debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e7d071a26a79558771303b0b87f007e650eaebbe

  * Improve resolvconf integration.
    Make the .path|.service unit that feed resolved data into resolvconf not
    generate failures if resolvconf is not installed.
    Add a check to make sure that resolved does not read /etc/resolv.conf when that
    is symlinked to stub-resolv.conf. (LP: #1717995)
    File: debian/patches/debian/Ubuntu-resolved-resolvconf-integration.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d9f0f89985a141c1588d67e4868ad68cff6956fb

  * Ship systemd sysctl settings.
    Patch systemd's default sysctl settings to drop things that are set elsewhere
    already.
    The promote secondary IP addresses is required for networkd to successfully
    renew DHCP leases with a change of an IP address.
    Set default package scheduler to Fair Queue CoDel. (LP: #1721223)
    Files:
    - debian/patches/debian/UBUNTU-drop-kernel.-settings-from-sysctl-defaults-shipped.patch
    - debian/rules
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7cd041a6d0ef459e4b2a82d8ea5fa1ce05184dfb

  * resolved.service: set DefaultDependencies=no (LP: #1734167)
    File: debian/patches/resolved.service-set-DefaultDependencies-no.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a6ced6331ff7f99704213547a0b94dc06935d508

  * systemd.postinst: enable persistent journal. (LP: #1618188)
    File: debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f94f18d9dbc085b6a9ff33c141a6e542142f85b5

  * Disable LLMNR and MulticastDNS by default LP: #1739672
    Files:
    - debian/changelog
    - debian/patches/debian/UBUNTU-resolved-disable-global-LLMNR-and-MulticastDNS.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4ec428e83696a5cd0405b677a35e97681867629

  * Enable qemu tests on all architectures LP: #1749540
    Files:
    - debian/changelog
    - debian/tests/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b416d1bdfb4f5e33565178e01ba4c4e3939b6176

  * Add "AssumedApparmorLabel=unconfined" to timedate1 dbus service file
    (LP: #1749000)
    Author: Michael Vogt
    File: debian/patches/debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5ad0879e10bbe3d641f940260b93c7eb2cf4624c

  * debian/tests/systemd-fsckd: update assertions expectations for v237
    fsck got rewritten to use "safe_fork" and whilst previously it would ignore the
    error, when fsck is terminated by signal PIPE, it no longer does so. Thus one
    should expect systemd-fsck-root.service to have failed in certain test cases.
    File: debian/tests/systemd-fsckd
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d5becd9a416b55dcdb7b9a7aba60c4e3d304e6a6

  * test/test-functions: launch qemu-system with -vga none.
    Should resolve booting qemu-system-ppc64 without seabios.
    File: debian/patches/debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=90af1fa893cce5ed49999d16da0b793da6523394

  * tests/boot-smoke: ignore udevd connection timeouts resolving colord group.
    File: debian/tests/boot-smoke
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e1477b764fa9ef23f5181ef3d31a1332191c3e0b

  * tests/systemd-fsckd: ignore systemd_fsck_with_plymouth_failure.
    File: debian/tests/systemd-fsckd
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c392e1ca3da67dbf8a7dfe0dcad470f7636f7405

  * tests/control: ensure boot-smoke uses latest systemd & udev.
    File: debian/tests/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b7b66380641755bc21fd7dcbc307760b1d18b8af

  * Drop systemd.prerm safety check.
    On Ubuntu, systemd is the only choice, and is essential, via init ->
    systemd-sysv -> systemd dependency chain, thus removing systemd is already
    quite hard, and appropriate warnings are emitted by dpkg. (LP: #1758438)
    File: debian/systemd.prerm
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0244c4d56556317f14eecc2f51871969ef02ba7b

  * wait-online: do not wait, if no links are managed (neither configured, or failed).
    (LP: #1728181)
    File: debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=31f04c3fc769dacb3cf2a78240a1710a99a865b8

  * journald.service: set Nice=-1 to dodge watchdog on soft lockups.
    (LP: #1696970)
    File: debian/patches/debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e0a9aeffac556492bf517ce2d23313ff7a277926

  * Workaround captive portals not responding to EDNS0 queries (DVE-2018-0001).
    (LP: #1727237)
    File: debian/patches/resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=87d3fe81b7281687ecf3c0b9a8356e90cc714d0b

  * Recommend networkd-dispatcher (LP: #1762386)
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1e3b2c7e4757119da0d550b0b3c0a6626a176dc

  * networkd: if RA was implicit, do not await ndisc_configured.
    If RA was iplicit, meaning not otherwise requested, and a kernel default was in
    use. Do not prevent link entering configured state, whilst ndisc configuration
    is pending. Implicit kernel RA, is expected to be asynchronous and
    non-blocking. (LP: #1765173)
    File: debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2f749ff528d1b788aa4ca778e954c16b213ee629

  * udev-udeb: ship modprobe.d snippet to force scsi_mod.scan=sync in d-i.
    This ensures that all scans are completed, before installer reaches
    partitioning stage. (LP: #1751813)
    Files:
    - debian/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf
    - debian/udev-udeb.install
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=eb6d8a2b9504917abb7aa2c4035fdbb7b98227f7

  * Disable dh_installinit generation of tmpfiles for the systemd package.
    Replace with a manual safe call to systemd-tmpfiles which will process any
    updates to the tmpfiles shipped by systemd package, taking into account any
    overrides shipped by other packages, sysadmin, or specified in the runtime
    directories. (LP: #1748147)
    Files:
    - debian/rules
    - debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fd144cbe31cc7a9383cc76f21f4b84c22a9dd1b

  * Enable EFI/bootctl on armhf.
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=043122f7d8a1487bfd357e815a6ece1ceea6e7d1

  * boot-and-services: stderr is ok, for status command on the c1 container.
    systemctl may print warnings on the stderr when checking the status of
    completed units. This should not, overall fail the autopkgtest run.
    File: debian/tests/boot-and-services
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=da14d34e7cc33c44ad67e64c9fd092f8cc1675f9

  * Skip systemd-fsckd on arm64, because of broken/lack of clean shutdown.
    File: debian/tests/systemd-fsckd
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=bf5b501ac934497dbef5f64908ff37643dc7288e

  * adt: boot-and-services: assert any kernel syslog messages.
    It appears that on arm64 the syslog is truncated and is missing early kernel
    messages. Print full one, and check for any kernel messages instead.
    File: debian/tests/boot-and-services
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=29dc34f7a6e5dc505f6212c17c42e4420b47ed16

  * debian/extra/start-udev: Set scsi_mod scan=sync even if it's builtin to the kernel (we previously only set it in modprobe.d) LP: #1779815
    Files:
    - debian/changelog
    - debian/extra/start-udev
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6b72628f8de991e2c67ac4289fc74daf3abe7d14

  * units: conditionalize more units to not start in containers.
    Files:
    - debian/changelog
    - debian/patches/debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3689afa1a782de8c19a757459b6360de1195ad55

  * test-sleep: skip test_fiemap upon inapproriate ioctl for device.
    On v4.4 kernels, on top of btrfs ephemeral lxd v3.0 containers generate this
    other error code, instead of not supported. Skip the test for both error codes.
    File: debian/patches/debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6ebb5b9f6b77760a5470e8a780d69875b1db76f7

  * Re-add support for /etc/writable for core18. (LP: #1778936)
    Author: Michael Vogt
    File: debian/patches/debian/UBUNTU-Support-system-image-read-only-etc.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a5b5fca66c1127068e4ce0cc9ab497814211f4f7

  * debian/control: strengthen dependencies.
    Make systemd-sysv depend on matching version of systemd. Autopkgtests at times
    upgrade systemd-sysv without upgrading systemd. However, upgrading systemd-sysv
    alone makes little sense.
    Make systemd conflict, rather than just break, systemd-shim. As there are
    upgrade failures cause by systemd-shim presence whilst upgrading to new
    systemd.
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1ecf0c372f5212129c85ae60fddf26b2271a1fe

  * Improve autopkgtest success rate, by bumping up timeouts. (LP: #1789841)
    Author: Christian Ehrhardt
    File: debian/patches/debian/UBUNTU-bump-selftest-timeouts.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c05586d9da033bbfd6b6a74e10b87520843c7c48

  * units: Disable journald Watchdog (LP: #1773148)
    File: debian/patches/debian/UBUNTU-units-disable-journald-watchdog.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=64d2b4f1d0d057073fba585f19823332e2a6eed5

  * Add conflicts with upstart and systemd-shim. (LP: #1793092)
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=83ed7496afc7c27be026014d109855f7d0ad1176

  * Specify Ubuntu's Vcs-Git
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fd832930ef280c9a4a9dda2440d5a46a6fdb6232

  * debian/systemd.postinst: Skip daemon-reexec and try-restarts during shutdown
    (LP: #1803391)
    Author: Balint Reczey
    File: debian/systemd.postinst
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=51daab96ae79483b5e5fb62e1e0477c87ee11fd1

  * Switch gbp.conf to disco.
    File: debian/gbp.conf
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fea585b259e3e766d8d3dbc9690e879c054ddc87

  * core: set /run size to 10%, like initramfs-tools does.
    Currently there is a difference between initrd and initrd-less boots,
    w.r.t. size= mount option of /run. This yields different runtime journald caps
    (1% vs 10%), and on dense deployments of containers may result in OOM kills.
    (LP: #1799251)
    File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fac2568fe716dc1a41bada78293dc6327a6df0d

  * Cherrypick proposed patch to fix LinkLocalAddressing post-unify-MTU settings.
    File: debian/patches/networkd-honour-LinkLocalAddressing.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=cd9ba0d0f47634c9e5d862b8208cdc3178f25496

Available diffs

Superseded in xenial-updates on 2019-02-18
Superseded in xenial-security on 2019-02-18
systemd (229-4ubuntu21.15) xenial-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954.patch: don't resolve pathnames when traversing
      recursively through directory trees
    - debian/patches/CVE-2018-6954_2.patch: backport the remaining patches to
      resolve this completely
    - CVE-2018-6954

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden>  Thu, 10 Jan 2019 00:15:47 +0000
Superseded in bionic-updates on 2019-02-05
Superseded in bionic-security on 2019-02-18
systemd (237-3ubuntu10.11) bionic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden>  Wed, 09 Jan 2019 15:11:53 +0000
Superseded in cosmic-updates on 2019-02-05
Superseded in cosmic-security on 2019-02-18
systemd (239-7ubuntu10.6) cosmic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden>  Wed, 09 Jan 2019 14:37:15 +0000
Deleted in xenial-proposed on 2019-01-13 (Reason: moved to -updates)
systemd (229-4ubuntu21.11) xenial; urgency=medium

  * d/p/fix-egde-case-when-processing-proc-self-mountinfo.patch:
    Mounting any file system to a mount point in a directory
    that is bind mounted to itself will create an inactive
    mount unit. (LP: #1795764)

 -- Eric Desrochers <email address hidden>  Tue, 11 Dec 2018 20:05:39 +0000
Deleted in cosmic-proposed on 2019-01-13 (Reason: moved to -updates)
systemd (239-7ubuntu10.5) cosmic; urgency=medium

  * hwdb: Revert wlan keycode changes, rely on xkeyboard-config fixes instead.
    (LP: #1799364)
    Author: seb128
    Files:
    - debian/patches/hwdb-Fix-wlan-keycode-for-all-Dell-Latitude-and-Precision.patch
    - debian/patches/hwdb-revert-airplane-mode-keys-handling-on-Dell.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=733d60b7506bfede3d1c228450dc37d442d91bfe

  * hwdb: Update PNP IDs of Goldstar (now: LG Electronics) (LP: #1804584)
    File: debian/patches/hwdb-Update-PNP-IDs-of-Goldstar-now-LG-Electronics-.-1005.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8afd6cde7d389dcc8c376a3c25532485206eb8fa

  * btrfs-util: unbreak tmpfiles' subvol creation (LP: #1804603)
    File: debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8e797663fc6260596a163a9496b6c3d17289258a

  * test: Set executable bits on TEST-22-TMPFILES shell scripts. (LP: #1804864)
    File: debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fb79b16ec0d6e24603bad6a52be793dc34ae77e1

  * Stop testing that gdm3 is up.
    Ubuntu Desktop is only supported on amd64, and on real hardware. Testing that
    gdm3 fails to start (yet continues to be running, with a half broken logind
    session) is not useful on dummy xorg video cards in nested VMs.
    (LP: #1805358)
    File: debian/tests/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=969183a983e22c7f923cc21b6bb1789e2af30746

  * core: set /run size to 10%, like initramfs-tools does.
    Currently there is a difference between initrd and initrd-less boots,
    w.r.t. size= mount option of /run. This yields different runtime journald caps
    (1% vs 10%), and on dense deployments of containers may result in OOM kills.
    (LP: #1799251)
    File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=78445beff750e38b87cee0ca41883a09d613ce51

  * resolved: Increase size of TCP stub replies.
    DNS_PACKET_PAYLOAD_SIZE_MAX is limiting the size of the stub replies to
    512 with EDNS off or 4096 with EDNS on, without checking the protocol
    used. This makes TCP replies for clients without EDNS support to be
    limited to 512, making the truncate flag useless if the query result is
    bigger than 512 bytes.
    This commit increases the size of TCP replies to DNS_PACKET_SIZE_MAX
    Fixes: #10816
    (cherry picked from commit e6eed9445956cfa496e1db933bfd3530db23bfce)
    (LP: #1804487)
    Author: Victor Tapia
    File: debian/patches/resolved-Increase-size-of-TCP-stub-replies.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5c939591ebc128be9920e6c05dc72277fdce935e

 -- Dimitri John Ledkov <email address hidden>  Tue, 04 Dec 2018 10:18:46 +0000

Available diffs

Superseded in disco-release on 2019-02-03
Deleted in disco-proposed on 2019-02-05 (Reason: moved to release)
systemd (239-7ubuntu15) disco; urgency=medium

  * core: set /run size to 10%, like initramfs-tools does.
    Currently there is a difference between initrd and initrd-less boots,
    w.r.t. size= mount option of /run. This yields different runtime journald caps
    (1% vs 10%), and on dense deployments of containers may result in OOM kills.
    (LP: #1799251)
    File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fac2568fe716dc1a41bada78293dc6327a6df0d

  * resolved: Increase size of TCP stub replies.
    DNS_PACKET_PAYLOAD_SIZE_MAX is limiting the size of the stub replies to
    512 with EDNS off or 4096 with EDNS on, without checking the protocol
    used. This makes TCP replies for clients without EDNS support to be
    limited to 512, making the truncate flag useless if the query result is
    bigger than 512 bytes.
    This commit increases the size of TCP replies to DNS_PACKET_SIZE_MAX
    Fixes: #10816
    (cherry picked from commit e6eed9445956cfa496e1db933bfd3530db23bfce)
    (LP: #1804487)
    Author: Victor Tapia
    File: debian/patches/resolved-Increase-size-of-TCP-stub-replies.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=702a4566174c4d2bd84b70805107cfc1a7c128cc

 -- Dimitri John Ledkov <email address hidden>  Mon, 03 Dec 2018 13:49:24 +0000

Available diffs

Superseded in disco-release on 2018-12-05
Deleted in disco-proposed on 2018-12-06 (Reason: moved to release)
systemd (239-7ubuntu14) disco; urgency=medium

  * Fix compat with new meson.
    File: debian/patches/meson-rename-Ddebug-to-Ddebug-extra.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3b764ec1b76768a8c40635019fa5a8acb81b223e

 -- Dimitri John Ledkov <email address hidden>  Thu, 29 Nov 2018 16:53:00 +0000
Superseded in disco-proposed on 2018-11-29
systemd (239-7ubuntu13) disco; urgency=medium

  * Stop testing that gdm3 is up.
    Ubuntu Desktop is only supported on amd64, and on real hardware. Testing that
    gdm3 fails to start (yet continues to be running, with a half broken logind
    session) is not useful on dummy xorg video cards in nested VMs.
    (LP: #1805358)
    File: debian/tests/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3006fedda1d1ca3f04c5f593e8018bb6d1196025

 -- Dimitri John Ledkov <email address hidden>  Wed, 28 Nov 2018 16:02:25 +0000

Available diffs

Superseded in xenial-updates on 2019-01-11
Superseded in xenial-security on 2019-01-11
systemd (229-4ubuntu21.10) xenial-security; urgency=medium

  [ Chris Coulson ]
  * Revert the fixes for CVE-2018-6954 for causing a regression when running
    in a container on old kernels (LP: #1804847)
    - update debian/patches/series

  [ Balint Reczey ]
  * Fix LP: #1803391 - Don't always trigger systemctl stop of udev service
    and sockets
    - update debian/udev.postinst

 -- Chris Coulson <email address hidden>  Tue, 27 Nov 2018 11:10:48 +0000

Available diffs

Superseded in disco-proposed on 2018-11-28
systemd (239-7ubuntu12) disco; urgency=medium

  * hwdb: Revert wlan keycode changes, rely on xkeyboard-config fixes instead.
    (LP: #1799364)
    Author: seb128
    File: debian/patches/hwdb-revert-airplane-mode-keys-handling-on-Dell.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=cabc076fdd67ced21fc789e44e0366a2f561a5bc

  * test: Set executable bits on TEST-22-TMPFILES shell scripts. (LP: #1804864)
    File: debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0e5b6e44a962f299565949e1006a4ba86d171dc3

  * Switch gbp.conf to disco.
    File: debian/gbp.conf
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fea585b259e3e766d8d3dbc9690e879c054ddc87

 -- Dimitri John Ledkov <email address hidden>  Fri, 23 Nov 2018 18:38:43 +0000

Available diffs

Superseded in disco-proposed on 2018-11-23
systemd (239-7ubuntu11) disco; urgency=medium

  * hwdb: Fix wlan keycode for all Dell Latitude and Precision systems
    (LP: #1799364)
    Author: Shih-Yuan Lee (FourDollars)
    File: debian/patches/hwdb-Fix-wlan-keycode-for-all-Dell-Latitude-and-Precision.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d8ac9a5640be39ede9cebcd8c4cc44e8811e0e49

  * hwdb: Update PNP IDs of Goldstar (now: LG Electronics) (LP: #1804584)
    File: debian/patches/hwdb-Update-PNP-IDs-of-Goldstar-now-LG-Electronics-.-1005.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=10204fb5761c759be6ddf27dc43c851ef24c96cb

  * btrfs-util: unbreak tmpfiles' subvol creation
    File: debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=4ab5b8275a0487e301553fb6de6a905abb7ea833

 -- Dimitri John Ledkov <email address hidden>  Thu, 22 Nov 2018 16:30:28 +0000
Deleted in bionic-proposed on 2019-01-13 (Reason: moved to -updates)
systemd (237-3ubuntu10.10) bionic; urgency=medium

  * debian/extra/start-udev: ignore failure to set sync parameter.
    On old kernels (e.g. v4.4) the file is available but appears to be
    non-writable. Hide error messages and ignore failure to write out sync into the
    parameters file. This does not regress https://pad.lv/1779815 since older
    kernel did synchronous scan anyway. But it does resolve failure to start the
    installer on old kernels. (LP: #1784454)
    File: debian/extra/start-udev
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=98862745cf9cbbb74ea6b30ecd29e45a17feff95

  * Add conflicts with upstart and systemd-shim. (LP: #1773859)
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5ca89133e790fd0942e0ad81fa0c6998032d8882

  * units: Disable journald Watchdog (LP: #1773148)
    File: debian/patches/debian/UBUNTU-units-disable-journald-watchdog.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=779d89090e81ec832417146f4a858626febfb595

  * cryptsetup: add support for sector-size= option (LP: #1776626)
    File: debian/patches/cryptsetup-add-support-for-sector-size-option-8881.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2de081e8901f1780c3c1ffe586e40d2d8e8df1ed

  * Re-add support for /etc/writable for core18. (LP: #1778936)
    Author: Michael Vogt
    File: debian/patches/debian/UBUNTU-Support-system-image-read-only-etc.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b2c03bbc5ae7d3e9bf3c9dde9aa6c247c3f6573b

  * systemctl: correctly proceed to immediate shutdown if scheduling fails
    (LP: #1670291)
    File: debian/patches/systemctl-correctly-proceed-to-immediate-shutdown-if-sche.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e69ab6c34b9bb7cd1b42a6ad7d24d7ce0ca103f5

  * core: export environment when running generators.
    Ensure that manager's environment (including e.g. PATH) is exported when
    running generators. Otherwise, one is at a mercy of running without PATH which
    can lead to buggy generator behaviour. (LP: #1771858)
    Files:
    - debian/patches/core-execute-environment_generators-with-manager-s-enviro.patch
    - debian/patches/core-execute-generators-with-manager-s-environmnet.patch
    - debian/patches/exec-util-in-execute_directories-support-initial-exec-env.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=76b0ec80fdff83b8a14596fe001e2e9fccd83bf2

  * networkd: add support to set IPv6MTUBytes (LP: #1671951)
    File: debian/patches/networkd-add-support-to-configure-IPv6-MTU-8664.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b700a36f3d272e740460619ad7a5f489dadd010f

  * Specify Ubuntu's Vcs-Git
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a69e9713d513fb1cdf547e1cc7f21d283cdd9a74

 -- Dimitri John Ledkov <email address hidden>  Mon, 19 Nov 2018 17:48:47 +0000
Superseded in bionic-updates on 2019-01-11
Superseded in bionic-security on 2019-01-11
systemd (237-3ubuntu10.9) bionic-security; urgency=medium

  [ Chris Coulson ]
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954_2.patch: backport the remaining patches to
      resolve this completely
    - CVE-2018-6954

  [ Balint Reczey ]
  * Fix LP: #1803391 - Skip daemon-reexec and try-restarts during shutdown
    - update debian/systemd.postinst

 -- Chris Coulson <email address hidden>  Thu, 15 Nov 2018 20:45:11 +0000
Deleted in bionic-proposed on 2018-11-19 (Reason: The package was removed due to its SRU bug(s) not being v...)
systemd (237-3ubuntu10.8) bionic; urgency=medium

  * debian/extra/start-udev: ignore failure to set sync parameter.
    On old kernels (e.g. v4.4) the file is available but appears to be
    non-writable. Hide error messages and ignore failure to write out sync into the
    parameters file. This does not regress https://pad.lv/1779815 since older
    kernel did synchronous scan anyway. But it does resolve failure to start the
    installer on old kernels. (LP: #1784454)
    File: debian/extra/start-udev
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=62edd5c6e963dbf1df4f4bb7556a6d3477559083

  * Add conflicts with upstart and systemd-shim. (LP: #1773859)
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=33385a01dbe44765dc24eead52d677147b2b06c9

  * units: Disable journald Watchdog (LP: #1773148)
    File: debian/patches/debian/UBUNTU-units-disable-journald-watchdog.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=622407bc2aa723a3bdf10e1de946d0d6e88fbeb6

  * cryptsetup: add support for sector-size= option (LP: #1776626)
    File: debian/patches/cryptsetup-add-support-for-sector-size-option-8881.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=89899133e977eb34dac4c3e9f83c59853eda66ab

  * Re-add support for /etc/writable for core18. (LP: #1778936)
    Author: Michael Vogt
    File: debian/patches/debian/UBUNTU-Support-system-image-read-only-etc.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fdc87994ab8f7036d07c8c208ad1fbac32cbd639

  * systemctl: correctly proceed to immediate shutdown if scheduling fails
    (LP: #1670291)
    File: debian/patches/systemctl-correctly-proceed-to-immediate-shutdown-if-sche.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=cdd3a0bb5f568a2500dbdff4bfcf97e3ba996fe3

  * core: export environment when running generators.
    Ensure that manager's environment (including e.g. PATH) is exported when
    running generators. Otherwise, one is at a mercy of running without PATH which
    can lead to buggy generator behaviour. (LP: #1771858)
    Files:
    - debian/patches/core-execute-environment_generators-with-manager-s-enviro.patch
    - debian/patches/core-execute-generators-with-manager-s-environmnet.patch
    - debian/patches/exec-util-in-execute_directories-support-initial-exec-env.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d494ef816ca950c9a7c2bfb07620b3df8e46ed35

  * networkd: add support to set IPv6MTUBytes (LP: #1671951)
    File: debian/patches/networkd-add-support-to-configure-IPv6-MTU-8664.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f4a308ea8f3f9187c97f81868a0408f9cefc96a7

  * Specify Ubuntu's Vcs-Git
    File: debian/control
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b739661356fe0e47223ae28c79b4b7f7740bea3a

Superseded in xenial-updates on 2018-11-27
Superseded in xenial-security on 2018-11-27
systemd (229-4ubuntu21.9) xenial-security; urgency=medium

  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954_2.patch: backport the remaining patches to
      resolve this completely
    - CVE-2018-6954

 -- Chris Coulson <email address hidden>  Thu, 15 Nov 2018 21:02:00 +0000
Superseded in disco-proposed on 2018-11-22
Superseded in cosmic-updates on 2019-01-11
Superseded in cosmic-security on 2019-01-11
systemd (239-7ubuntu10.4) cosmic-security; urgency=medium

  [ Chris Coulson ]
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954_2.patch: backport the remaining patches to
      resolve this completely
    - CVE-2018-6954

  [ Balint Reczey ]
  * Fix LP: #1803391 - Skip daemon-reexec and try-restarts during shutdown
    - update debian/systemd.postinst

 -- Chris Coulson <email address hidden>  Thu, 15 Nov 2018 20:42:32 +0000
Superseded in trusty-updates on 2019-04-08
Deleted in trusty-proposed on 2019-04-09 (Reason: moved to -updates)
systemd (204-5ubuntu20.29) trusty; urgency=medium

  * d/p/0001-udev-build-by-path-identifiers-for-ATA-devices.patch
    create /dev/disk/by-path/ symlinks for (s)ata disks
    (LP: #1802525)

 -- Dan Streetman <email address hidden>  Fri, 09 Nov 2018 10:16:27 -0500
Superseded in xenial-updates on 2018-11-19
Superseded in xenial-security on 2018-11-19
systemd (229-4ubuntu21.8) xenial-security; urgency=medium

  * SECURITY UPDATE: reexec state injection
    - debian/patches/CVE-2018-15686.patch: when deserializing state always use
      read_line(…, LONG_LINE_MAX, …) rather than fgets()
    - CVE-2018-15686
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954.patch: don't resolve pathnames when traversing
      recursively through directory trees
    - CVE-2018-6954

 -- Chris Coulson <email address hidden>  Thu, 08 Nov 2018 00:01:30 +0000
Superseded in bionic-updates on 2018-11-19
Superseded in bionic-security on 2018-11-19
systemd (237-3ubuntu10.6) bionic-security; urgency=medium

  * SECURITY UPDATE: reexec state injection
    - debian/patches/CVE-2018-15686.patch: when deserializing state always use
      read_line(…, LONG_LINE_MAX, …) rather than fgets()
    - CVE-2018-15686
  * SECURITY UPDATE: chown_one() can dereference symlinks
    - debian/patches/CVE-2018-15687.patch: rework recursive logic to use O_PATH
    - CVE-2018-15687
  * SECURITY UPDATE: symlink mishandling in systemd-tmpfiles
    - debian/patches/CVE-2018-6954.patch: don't resolve pathnames when traversing
      recursively through directory trees
    - CVE-2018-6954

 -- Chris Coulson <email address hidden>  Tue, 06 Nov 2018 22:32:27 +0000
Superseded in disco-proposed on 2018-11-22
Superseded in cosmic-updates on 2018-11-19
Superseded in cosmic-security on 2018-11-19
systemd (239-7ubuntu10.3) cosmic-security; urgency=medium

  * SECURITY UPDATE: reexec state injection
    - debian/patches/CVE-2018-15686.patch: when deserializing state always use
      read_line(…, LONG_LINE_MAX, …) rather than fgets()
    - CVE-2018-15686
  * SECURITY UPDATE: chown_one() can dereference symlinks
    - debian/patches/CVE-2018-15687.patch: rework recursive logic to use O_PATH
    - CVE-2018-15687

 -- Chris Coulson <email address hidden>  Tue, 06 Nov 2018 20:52:41 +0000
175 of 449 results