systemd (44-11+deb7u7) wheezy-security; urgency=medium

  * Non-maintainer upload.by the ELTS team.
  * CVE-2017-18078: tmpfiles: refuse to chown()/chmod() files which are
    hardlinked, unless protected_hardlinks sysctl is on.
  * CVE-2019-3842: pam-systemd: use secure_getenv() rather than getenv().

 -- Mike Gabriel <sunweaver@debian.org>  Tue, 30 Apr 2019 13:51:02 +0200

systemd (44-11+deb7u6) wheezy-security; urgency=high

  * Non-maintainer upload by the ELTS team.
  * Fix CVE-2018-15686:
    Jan Horn of Google discovered a vulnerability in unit_deserialize of
    systemd that allows a local attacker to supply arbitrary state across
    systemd re-execution via NotifyAccess. This can be use to improperly
    influence systemd execution and possibly lead to root privilege escalation.
  * Fix CVE-2018-1049:
    In systemd exists a race condition between .mount and .automount units such
    that automount requests from kernel may not be serviced by systemd
    resulting in kernel holding the mountpoint and any processes that try to
    use said mount will hang. A race condition like this may lead to denial of
    service, until mount points are unmounted.

 -- Markus Koschany <apo@debian.org>  Thu, 31 Jan 2019 20:01:04 +0100

systemd (44-11+deb7u5) wheezy-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * Fix CVE-2016-7796: don't return any error in manager_dispatch_notify_fd.

 -- Brian May <bam@debian.org>  Fri, 07 Oct 2016 17:40:21 +1100

systemd (44-11+deb7u4) stable-security; urgency=low

  * Fix CVE-2013-4327, CVE-2013-4391 and CVE-2013-4394
    (starting with +deb7u4 due to problems with debsrc3-related build
     problems, removed singÃle-debian-patch optio)

 -- Moritz Muehlenhoff <jmm@debian.org>  Mon, 07 Oct 2013 23:25:14 +0000

systemd (44-11) unstable; urgency=low

  * Team upload.
  * Run debian-enable-units.service after sysinit.target to ensure our tmp
    files aren't nuked by systemd-tmpfiles.
  * The mountoverflowtmp SysV init script no longer exists so remove that
    from remount-rootfs.service to avoid an unnecessary diff to upstream.
  * Do not fail on purge if /var/lib/systemd is empty and has been removed
    by dpkg.

 -- Michael Biebl <biebl@debian.org>  Wed, 13 Mar 2013 08:03:06 +0100

systemd (44-10) unstable; urgency=low

  * Team upload.
  * Using the return code of "systemctl is-enabled" to determine whether we
    enable a service or not is unreliable since it also returns a non-zero
    exit code for masked services. As we don't want to enable masked services,
    grep for the string "disabled" instead.

 -- Michael Biebl <biebl@debian.org>  Fri, 15 Feb 2013 17:01:24 +0100

systemd (44-9) unstable; urgency=low

  * Team upload.
  * Fix typo in systemd.socket man page.  Closes: #700038
  * Use color specification in "systemctl dot" which is actually
    understood by dot.  Closes: #643689
  * Fix mounting of remote filesystems like NFS.  Closes: #673309
  * Use a file trigger to automatically enable service and socket units. A lot
    of packages simply install systemd units but do not enable them. As a
    result they will be inactive after the next boot. This is a workaround for
    wheezy which will be removed again in jessie.  Closes: #692150

 -- Michael Biebl <biebl@debian.org>  Fri, 15 Feb 2013 13:35:39 +0100

systemd (44-8) unstable; urgency=low

  * Team upload.
  * Use comment=systemd.* syntax in systemd.mount man page. The
    mount/util-linux version in wheezy is not recent enough to support the new
    x-systemd* syntax. Closes: #697141
  * Don't enable persistent storage of journal log files. The journal in v44
    is not yet mature enough.

 -- Michael Biebl <biebl@debian.org>  Sat, 19 Jan 2013 20:05:05 +0100

systemd (44-7) unstable; urgency=low

  * Fix a regression in the init-functions hook wrt reload handling that was
    introduced when dropping the X-Interactive hack.  Closes: #696355

 -- Michael Biebl <biebl@debian.org>  Fri, 21 Dec 2012 00:00:12 +0100

systemd (44-6) unstable; urgency=low

  [ Michael Biebl ]
  * No longer ship the /sys directory in the systemd package since it is
    provided by base-files nowadays.
  * Don't run udev rules if systemd is not active.
  * Converting /var/run, /var/lock and /etc/mtab to symlinks is a one-time
    migration so don't run the debian-fixup script on every boot.

  [ Tollef Fog Heen ]
  * Prevent the systemd package from being removed if it's the active init
    system, since that doesn't work.

  [ Michael Biebl ]
  * Use a separate tmpfs for /run/lock (size 5M) and /run/user (size 100M).
    Those directories are user-writable which could lead to DoS by filling up
    /run.  Closes: #635131

 -- Michael Biebl <biebl@debian.org>  Sun, 16 Dec 2012 21:58:37 +0100

systemd (44-5) unstable; urgency=low

  * Team upload.

  [ Tollef Fog Heen ]
  * disable killing on entering START_PRE, START, thanks to Michael
    Stapelberg for patch.  This avoids killing VMs run through libvirt
    when restarting libvirtd.  Closes: #688635.
  * Avoid reloading services when shutting down, since that won't work and
    makes no sense.  Thanks to Michael Stapelberg for the patch.
    Closes: #635777.
  * Try to determine which init scripts support the reload action
    heuristically.  Closes: #686115, #650382.

  [ Michael Biebl ]
  * Update Vcs-* fields, the Git repository is hosted on alioth now. Set the
    default branch to "debian".
  * Avoid reload and (re)start requests during early boot which can lead to
    deadlocks.  Closes: #624599
  * Make systemd-cgroup work even if not all cgroup mounts are available on
    startup.  Closes: #690916
  * Fix typos in the systemd.path and systemd.unit man page.  Closes: #668344
  * Add watch file to track new upstream releases.

 -- Michael Biebl <biebl@debian.org>  Thu, 25 Oct 2012 21:41:23 +0200

systemd (44-4) unstable; urgency=low

  [ Michael Biebl ]
  * Override timestamp for man page building, thereby avoiding skew
    between architectures which caused problems for multi-arch.
    Closes: #680011

  [ Tollef Fog Heen ]
  * Move diversion removal from postinst to preinst.  Closes: #679728
  * Prevent the journal from crashing when running out of disk space.
    This is 499fb21 from upstream.  Closes: #668047.
  * Stop mounting a tmpfs on /media.  Closes: #665943

 -- Tollef Fog Heen <tfheen@debian.org>  Sun, 01 Jul 2012 08:17:50 +0200

systemd (44-3) unstable; urgency=low

  [ Michael Biebl ]
  * Bump to debhelper 9.
  * Convert to Multi-Arch: same where possible.  Closes: #676615

  [ Tollef Fog Heen ]
  * Cherry-pick d384c7 from upstream to stop journald from leaking
    memory.  Thanks to Andreas Henriksson for testing.  Closes: #677701
  * Ship lsb init script override/integration in /lib/lsb/init-functions.d
    rather than diverting /lib/lsb/init-functions itself.  Add appropriate
    Breaks to ensure upgrades happen.

 -- Tollef Fog Heen <tfheen@debian.org>  Fri, 29 Jun 2012 22:34:16 +0200

systemd (44-2) unstable; urgency=low

  [ Michael Biebl ]
  * Tighten the versions in the maintscript file
  * Ship the /sys directory in the package
  * Re-add workaround for non-interactive PAM sessions
  * Mask checkroot-bootclean (Closes: #670591)
  * Don't ignore errores in systemd-sysv postinst

  [ Tollef Fog Heen ]
  * Bring tmpfiles.d/tmp.conf in line with Debian defaults.  Closes: #675422
  * Make sure /run/sensigs.omit.d exists.
  * Add python-dbus and python-cairo to Suggests, for systemd-analyze.
    Closes: #672965

 -- Tollef Fog Heen <tfheen@debian.org>  Tue, 08 May 2012 18:04:22 +0200

systemd (44-1) unstable; urgency=low

  [ Tollef Fog Heen ]
  * New upstream version.
    - Backport 3492207: journal: PAGE_SIZE is not known on ppc and other
      archs
    - Backport 5a2a2a1: journal: react with immediate rotation to a couple
      of more errors
    - Backport 693ce21: util: never follow symlinks in rm_rf_children()
      Fixes CVE-2012-1174, closes: #664364
  * Drop output message from init-functions hook, it's pointless.
  * Only rmdir /lib/init/rw if it exists.
  * Explicitly order debian-fixup before sysinit.target to prevent a
    possible race condition with the creation of sockets.  Thanks to
    Michael Biebl for debugging this.
  * Always restart the initctl socket on upgrades, to mask sysvinit
    removing it.

  [ Michael Biebl ]
  * Remove workaround for non-interactive sessions from pam config again.
  * Create compat /dev/initctl symlink in case we are upgrading from a system
    running a newer version of sysvinit (using /run/initctl) and sysvinit is
    replaced with systemd-sysv during the upgrade. Closes: #663219
  * Install new man pages.
  * Build-Depend on valac (>= 0.12) instead of valac-0.12. Closes: #663323

 -- Tollef Fog Heen <tfheen@debian.org>  Tue, 03 Apr 2012 19:59:17 +0200

systemd (43-1) experimental; urgency=low

  [ Tollef Fog Heen ]
  * Target upload at experimental due to libkmod dependency
  * New upstream release
    - Update bash-completion for new verbs and arguments. Closes: #650739
    - Fixes local DoS (CVE-2012-1101).  Closes: #662029
    - No longer complains if the kernel lacks audit support.  Closes: #642503
  * Fix up git-to-source package conversion script which makes gitpkg
    happier.
  * Add libkmod-dev to build-depends
  * Add symlink from /bin/systemd to /lib/systemd/systemd.
  * Add --with-distro=debian to configure flags, due to no /etc/os-release
    yet.
  * Add new symbols for libsystemd-login0 to symbols file.
  * Install a tmpfiles.d file for the /dev/initctl → /run/initctl
    migration.  Closes: #657979
  * Disable coredump handling, it's not ready yet.
  * If /run is a symlink, don't try to do the /var/run → /run migration.
    Ditto for /var/lock → /run/lock.  Closes: #647495

  [ Michael Biebl ]
  * Add Build-Depends on liblzma-dev for journal log compression.
  * Add Build-Depends on libgee-dev, required to build systemadm.
  * Bump Standards-Version to 3.9.2. No further changes.
  * Add versioned Build-Depends on automake and autoconf to ensure we have
    recent enough versions. Closes: #657284
  * Add packages for libsystemd-journal and libsystemd-id128.
  * Update symbols file for libsystemd-login.
  * Update configure flags, use rootprefix instead of rootdir.
  * Copy intltool files instead of symlinking them.
  * Re-indent init-functions script.
  * Remove workarounds for services using X-Interactive. The LSB X-Interactive
    support turned out to be broken and has been removed upstream so we no
    longer need any special handling for those type of services.
  * Install new systemd-journalctl, systemd-cat and systemd-cgtop binaries.
  * Install /var/lib/systemd directory.
  * Install /var/log/journal directory where the journal files are stored
    persistently.
  * Setup systemd-journald to not read from /proc/kmsg (ImportKernel=no).
  * Avoid error messages from systemctl in postinst if systemd is not running
    by checking for /sys/fs/cgroup/systemd before executing systemctl.
    Closes: #642749
  * Stop installing lib-init-rw (auto)mount units and try to cleanup
    /lib/init/rw in postinst. Bump dependency on initscripts accordingly.
    Closes: #643699
  * Disable pam_systemd for non-interactive sessions to work around an issue
    with sudo.
  * Use new dh_installdeb maintscript facility to handle obsolete conffiles.
    Bump Build-Depends on debhelper accordingly.
  * Rename bash completion file systemctl-bash-completion.sh →
    systemd-bash-completion.sh.
  * Update /sbin/init symlink. The systemd binary was moved to $pkglibdir.

 -- Tollef Fog Heen <tfheen@debian.org>  Tue, 07 Feb 2012 21:36:34 +0100

systemd (37-1.1) unstable; urgency=low

  * Non-maintainer upload with Tollef's consent.
  * Remove --parallel to workaround a bug in automake 1.11.3 which doesn't
    generate parallel-safe build rules. Closes: #661842
  * Create a compat symlink /run/initctl → /dev/initctl to work with newer
    versions of sysvinit. Closes: #657979

 -- Michael Biebl <biebl@debian.org>  Sat, 03 Mar 2012 17:42:10 +0100

systemd (37-1) unstable; urgency=low

  [ Tollef Fog Heen ]
  * New upstream version
  * Change the type of the debian-fixup service to oneshot.
    Closes: #642961
  * Add ConditionPathIsDirectory to lib-init-rw.automount and
    lib-init-rw.mount so we only activate the unit if the directory
    exists.  Closes: #633059
  * If a sysv service exists in both rcS and rcN.d runlevels, drop the
    rcN.d ones to avoid loops.  Closes: #637037
  * Blacklist fuse init script, we do the same work already internally.
    Closes: #643700
  * Update README.Debian slightly for /run rather than /lib/init/rw

  [ Josh Triplett ]
  * Do a one-time migration of the $TMPTIME setting from /etc/default/rcS to
    /etc/tmpfiles.d/tmp.conf. If /etc/default/rcS has a TMPTIME setting of
    "infinite" or equivalent, migrate it to an /etc/tmpfiles.d/tmp.conf that
    overrides the default /usr/lib/tmpfiles.d/tmp.conf and avoids clearing
    /tmp.  Closes: #643698

 -- Tollef Fog Heen <tfheen@debian.org>  Wed, 28 Sep 2011 20:04:13 +0200

systemd (36-1) unstable; urgency=low

  [ Tollef Fog Heen ]
  * New upstream release. Closes: #634618
    - Various man page fixes. Closes: #623521
  * Add debian-fixup service that symlinks mtab to /proc/mounts and
    migrates /var/run and /var/lock to symlinks to /run

  [ Michael Biebl ]
  * Build for libnotify 0.7.
  * Bump Build-Depends on libudev to (>= 172).
  * Add Build-Depends on libacl1-dev. Required for building systemd-logind
    with ACL support.
  * Split libsystemd-login and libsystemd-daemon into separate binary
    packages.
  * As autoreconf doesn't like intltool, override dh_autoreconf and call
    intltoolize and autoreconf ourselves.
  * Add Build-Depends on intltool.
  * Do a one-time migration of the hwclock configuration. If UTC is set to
    "no" in /etc/default/rcS, create /etc/adjtime and add the "LOCAL" setting.
  * Remove /cgroup cleanup code from postinst.
  * Add Build-Depends on gperf.

 -- Tollef Fog Heen <tfheen@debian.org>  Wed, 14 Sep 2011 08:25:17 +0200

systemd (29-1) unstable; urgency=low

  [ Tollef Fog Heen ]
  * New upstream version, Closes: #630510
    - Includes typo fixes in documentation.  Closes: #623520
  * Fall back to the init script reload function if a native .service file
    doesn't know how to reload.  Closes: #628186
  * Add hard dependency on udev.  Closes: #627921

  [ Michael Biebl ]
  * hwclock-load.service is no longer installed, so we don't need to remove it
    anymore in debian/rules.
  * Install /usr/lib directory for binfmt.d, modules-load.d, tmpfiles.d and
    sysctl.d.
  * Remove obsolete conffiles from /etc/tmpfiles.d on upgrades. Those files
    are installed in /usr/lib/tmpfiles.d now.
  * Depend on util-linux (>= 2.19.1-2) which provides whole-disk locking
    support in fsck and remove our revert patch.
  * Don't choke when systemd was compiled with a different CAP_LAST_CAP then
    what it is run with. Patch cherry-picked from upstream Git.
    Closes: #628081
  * Enable dev-hugepages.automount and dev-mqueue.automount only when enabled
    in kernel. Patch cherry-picked from upstream Git.  Closes: #624522

 -- Tollef Fog Heen <tfheen@debian.org>  Wed, 08 Jun 2011 16:14:31 +0200

systemd (25-2) experimental; urgency=low

  * Handle downgrades more gracefully by removing diversion of
    /lib/lsb/init-functions on downgrades to << 25-1.
  * Cherry-pick a133bf10d09f788079b82f63faa7058a27ba310b from upstream,
    avoids assert when dumping properties.  Closes: #624094
  * Remove "local" in non-function context in init-functions wrapper.

 -- Tollef Fog Heen <tfheen@debian.org>  Wed, 27 Apr 2011 22:20:04 +0200

systemd (25-1) experimental; urgency=low

  * New upstream release, target experimental due to initscripts
    dependency.
    - Fixes where to look for locale config.  Closes: #619166
  * Depend on initscripts >= 2.88dsf-13.4 for /run transition.
  * Add Conflicts on klogd, since it doesn't work correctly with the
    kmg→/dev/log bridge.  Closes: #622555
  * Add suggests on Python for systemd-analyze.
  * Divert /lib/lsb/init-functions instead of (ab)using
    /etc/lsb-base-logging.sh for diverting calls to /etc/init.d/*
  * Remove obsolete conffile /etc/lsb-base-logging.sh.  Closes: #619093
  * Backport 3a90ae048233021833ae828c1fc6bf0eeab46197 from master:
    mkdir /run/systemd/system when starting up

 -- Tollef Fog Heen <tfheen@debian.org>  Sun, 24 Apr 2011 09:02:04 +0200

systemd (20-1) unstable; urgency=low

  * New upstream version
  * Install systemd-machine-id-setup
  * Call systemd-machine-id-setup in postinst
  * Cherry-pick b8a021c9e276adc9bed5ebfa39c3cab0077113c6 from upstream to
    prevent dbus assert error.
  * Enable TCP wrapper support.  Closes: #618409
  * Enable SELinux support.  Closes: #618412
  * Make getty start after Apache2 and OpenVPN (which are the only two
    known users of X-Interactive: yes).  Closes: #618419

 -- Tollef Fog Heen <tfheen@debian.org>  Fri, 11 Mar 2011 19:14:21 +0100

systemd (19-1) experimental; urgency=low

  * New upstream release
  * Add systemd-tmpfiles to systemd package.
  * Add ifup@.service for handling hotplugged interfaces from
    udev.  Closes: #610871
  * Mask mtab.service and udev-mtab.service as they are pointless when
    /etc/mtab is a symlink to /proc/mounts
  * Add breaks on lvm2 (<< 2.02.84-1) since older versions have udev rules
    that don't work well with systemd causing delays on bootup.

 -- Tollef Fog Heen <tfheen@debian.org>  Thu, 17 Feb 2011 07:36:22 +0100

systemd (17-1) experimental; urgency=low

  [ Tollef Fog Heen ]
  * New upstream release
  * Clarify ifupdown instructions in README.Debian somewhat.
    Closes: #613320
  * Silently skip masked services in lsb-base-logging.sh instead of
    failing.  Initial implementation by Michael Biebl.  Closes: #612551
  * Disable systemd-vconsole-setup.service for now.

  [ Michael Biebl ]
  * Bump build dependency on valac-0.10 to (>= 0.10.3).
  * Improve regex in lsb-base-logging.sh for X-Interactive scripts.
    Closes: #613325

 -- Tollef Fog Heen <tfheen@debian.org>  Wed, 16 Feb 2011 21:06:16 +0100

systemd (16-1) experimental; urgency=low

  [ Tollef Fog Heen ]
  * New upstream release.  Closes: #609611
  * Get rid of now obsolete patches that are upstream.
  * Use the built-in cryptsetup support in systemd, build-depend on
    libcryptsetup-dev (>= 2:1.2.0-1) to get a libcryptsetup in /lib.
  * Don't use systemctl redirect for init scripts with X-Interactive: true

  [ Michael Biebl ]
  * Update package description
  * Use v8 debhelper syntax
  * Make single-user mode work
  * Run hwclock-save.service on shutdown
  * Remove dependencies on legacy sysv mount scripts, as we use native
    mounting.

 -- Tollef Fog Heen <tfheen@debian.org>  Sun, 16 Jan 2011 11:04:13 +0100

systemd (15-1) UNRELEASED; urgency=low

  [ Tollef Fog Heen ]
  * New upstream version, thanks a lot to Michael Biebl for help with
    preparing this version.
    - This version handles cycle breaking better.  Closes: #609225
  * Add libaudit-dev to build-depends
  * /usr/share/systemd/session has been renamed to /usr/share/systemd/user
    upstream, adjust build system accordingly.
  * Remove -s from getty serial console invocation.
  * Add dependency on new util-linux to make sure /sbin/agetty exists
  * Don't mount /var/lock with gid=lock (Debian has no such group).
  * Document problem with ifupdown's /etc/network/run being a normal
    directory.

  [ Michael Biebl ]
  * Revert upstream change which requires libnotify 0.7 (not yet available in
    Debian).
  * Use dh-autoreconf for updating the build system.
  * Revert upstream commit which uses fsck -l (needs a newer version of
    util-linux).
  * Explicitly disable cryptsetup support to not accidentally pick up a
    libcryptsetup dependency in a tainted build environment, as the library
    is currently installed in /usr/lib.
  * Remove autogenerated man pages and vala C sources, so they are rebuilt.
  * Use native systemd mount support:
    - Use MountAuto=yes and SwapAuto=yes (default) in system.conf
    - Mask SysV init mount, check and cleanup scripts.
    - Create an alias (symlink) for checkroot (→ remount-rootfs.service) as
      synchronization point for SysV init scripts.
  * Mask x11-common, rmnologin, hostname, bootmisc and bootlogd.
  * Create an alias for procps (→ systemd-sysctl.service) and
    urandom (→ systemd-random-seed-load.service).
  * Create an alias for module-init-tools (→ systemd-modules-load.service) and
    a symlink from /etc/modules-load.d/modules.conf → /etc/modules.
  * Install lsb-base hook which redirects calls to SysV init scripts to
    systemctl: /etc/init.d/<foo> <action> → systemctl <action> <foo.service>
  * Install a (auto)mount unit to mount /lib/init/rw early during boot.

 -- Tollef Fog Heen <tfheen@debian.org>  Sat, 20 Nov 2010 09:28:01 +0100

systemd (11-2) UNRELEASED; urgency=low

  * Tighten depends from systemd-* on systemd to ensure they're upgraded
    in lockstep.  Thanks to Michael Biebl for the patch.
  * Add missing #DEBHELPER# token to libpam-systemd
  * Stop messing with runlevel5/multi-user.target symlink, this is handled
    correctly upstream.
  * Stop shipping /cgroup in the package.
  * Remove tmpwatch services, Debian doesn't have or use tmpwatch.
  * Make sure to enable GTK bits.
  * Ship password agent
  * Clean up cgroups properly on upgrades, thanks to Michael Biebl for the
    patch.  Closes: #599577

 -- Tollef Fog Heen <tfheen@debian.org>  Tue, 02 Nov 2010 21:47:10 +0100

systemd (11-1) experimental; urgency=low

  * New upstream version.  Closes: #597284
  * Add pam-auth-update calls to libpam-systemd's postinst and prerm
  * Make systemd-sysv depend on systemd
  * Now mounts the cgroup fs in /sys/fs/cgroup.  Closes: #595966
  * Add libnotify-dev to build-depends (needed for systemadm)

 -- Tollef Fog Heen <tfheen@debian.org>  Thu, 07 Oct 2010 22:01:19 +0200

systemd (8-2) experimental; urgency=low

  * Hardcode udev rules dir in configure call.
  * Remove README.source as it's no longer accurate.

 -- Tollef Fog Heen <tfheen@debian.org>  Mon, 30 Aug 2010 21:10:26 +0200

systemd (8-1) experimental; urgency=low

  * New upstream release
  * Only ship the top /cgroup
  * Pass --with-rootdir= to configure, to make it think / is / rather
    than //
  * Add PAM module package
  * Fix up dependencies in local-fs.target.  Closes: #594420
  * Move systemadm to its own package.  Closes: #588451
  * Update standards-version (no changes needed)
  * Update README.Debian to explain how to use systemd.
  * Add systemd-sysv package that provides /sbin/init and friends.

 -- Tollef Fog Heen <tfheen@debian.org>  Sat, 07 Aug 2010 07:31:38 +0200

systemd (0~git+20100605+dfd8ee-1) experimental; urgency=low

  * Initial release, upload to experimental.  Closes: #580814

 -- Tollef Fog Heen <tfheen@debian.org>  Fri, 30 Apr 2010 21:02:25 +0200
