[Bug 1925827] Re: [v247] backport routing policy rule fix

Launchpad Bug Tracker 1925827 at bugs.launchpad.net
Tue Jul 20 16:58:41 UTC 2021 

This bug was fixed in the package systemd - 247.3-3ubuntu3.4

---------------
systemd (247.3-3ubuntu3.4) hirsute-security; urgency=medium

  * SECURITY UPDATE: DoS via DHCP FORCERENEW
    - debian/patches/CVE-2020-13529.patch: tentatively ignore FORCERENEW
      command in src/libsystemd-network/sd-dhcp-client.c.
    - CVE-2020-13529
  * SECURITY UPDATE: denial of service via stack exhaustion
    - debian/patches/CVE-2021-33910.patch: do not use strdupa() on a path
      in src/basic/unit-name.c.
    - CVE-2021-33910

 -- Marc Deslauriers <marc.deslauriers at ubuntu.com>  Tue, 20 Jul 2021
07:38:18 -0400

** Changed in: systemd (Ubuntu Hirsute)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-13529

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-33910

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1925827

Title:
  [v247] backport routing policy rule fix

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Hirsute:
  Fix Released

Bug description:
  [impact]

  routing policy rules not correctly configured

  [test case]

  more detail in upstream bug linked from original description.

  configure interface with:

  [Match]
  Name = ens3

  [Network]
  Address = 10.0.0.1/32

  [RoutingPolicyRule]
  Family = both
  IncomingInterface = ens3
  Table = 42
  Priority = 42

  
  then networkctl reload. then update the network file with:

  [Route]
  Table = 42
  Destination = 10.0.0.0/24
  Gateway = 0.0.0.0

  and run networkctl reload again, checking systemd-networkd for error.

  [regression potential]

  failure to properly configure networking in general, or policy routes.

  [scope]

  this is needed only for h.

  this is fixed already in i, and this is not reproducable in g.

  see original descrption for link to specific upstream issue and pr.

  [original description]

  The original issue can be found at https://github.com/systemd/systemd/issues/18107.
  I filed a backport PR (https://github.com/systemd/systemd-stable/pull/96) against v247-stable branch, which got merged and released in v247.4.
  However due to the freezing state of Debian bullseye, upstream systemd package is frozen at v247.3.
  Please apply this patchset for Ubuntu if possible.
  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1925827/+subscriptions

More information about the foundations-bugs mailing list