Your message dated Sun, 24 Dec 2023 00:21:04 +0000 with message-id <e1rhceq-005lfw...@fasolo.debian.org> and subject line Bug#1059278: fixed in systemd 255.1-2 has caused the Debian Bug report #1059278, regarding systemd: CVE-2023-7008 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1059278: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059278 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: systemd X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for systemd. CVE-2023-7008[0]: Unsigned name response in signed zone is not refused when DNSSEC=yes https://bugzilla.redhat.com/show_bug.cgi?id=2222672 https://github.com/systemd/systemd/issues/25676 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-7008 https://www.cve.org/CVERecord?id=CVE-2023-7008 Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---Source: systemd Source-Version: 255.1-2 Done: Michael Biebl <bi...@debian.org> We believe that the bug you reported is fixed in the latest version of systemd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1059...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Biebl <bi...@debian.org> (supplier of updated systemd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 24 Dec 2023 00:52:15 +0100 Source: systemd Architecture: source Version: 255.1-2 Distribution: experimental Urgency: medium Maintainer: Debian systemd Maintainers <pkg-systemd-maintain...@lists.alioth.debian.org> Changed-By: Michael Biebl <bi...@debian.org> Closes: 1057220 1057953 1059278 Changes: systemd (255.1-2) experimental; urgency=medium . [ Michael Biebl ] * Upgrade the Breaks to Conflicts for the systemd-ukify package split. This avoids potential loss of the /usr/lib/systemd/ukify compat symlink for upgrades from bookworm-backports. * Update package description of libnss-myhostname to use the correct IPv4 address (Closes: #1057953) * resolved: actually check authenticated flag of SOA transaction. Patch cherry-picked from upstream Git. CVE-2023-7008 (Closes: #1059278) * Explicitly disable ukify for stage1 builds * Enable dh-exec for systemd.manpages and udev.install. This enables files to be installed specific to certain architectures or build profiles. Unfortunately for systemd.manpages this requires to add a debian/tmp/ prefix to all files. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053834#46 * Restrict pcr/tpm2 related files to UEFI architectures. Mirrors the python3-pyelftools [amd64 i386 arm64 armhf riscv64] Build-Depends. * Install dmi_memory_id and its udev rules file only on dmi architectures. * Fix stage1 profile build . [ Helmut Grohne ] * Restore diverted symlinks in systemd-sysv.postinst that may have been lost due to /usr-merge (Closes: #1057220) Checksums-Sha1: 6c001336a543b351314f71953b8e829ca7ce0544 6958 systemd_255.1-2.dsc 62411f6e1bba32ae12e3ad53bbf7a09e911fc565 169788 systemd_255.1-2.debian.tar.xz 922c3d05489c25289b89068f90c5b015feb81333 11546 systemd_255.1-2_source.buildinfo Checksums-Sha256: e8e7323c18f95e752adf56c6cf0d1a3dd10cd2de5fcef325aabb09485595e0d8 6958 systemd_255.1-2.dsc f5dd2274d9d1aeff0f7338c18d07affaef4f58c6a769e5ab2d260afb0212f154 169788 systemd_255.1-2.debian.tar.xz 6b23525d951184314c387b2866df2fd7a7df766469c94f9f45180d0f29db9be1 11546 systemd_255.1-2_source.buildinfo Files: 77552ecf7cd0fe9926c77bdd77f21eee 6958 admin optional systemd_255.1-2.dsc 2988d076267bcada1afbbfc74efd46df 169788 admin optional systemd_255.1-2.debian.tar.xz ccc4e33955e4b7f3b91d01bae2a75b31 11546 admin optional systemd_255.1-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmWHdnMACgkQauHfDWCP ItzWhQ/9E104fkjOXFE9YOmg+wqYDK9KKw49ZHoady4Oj9iHv1QPH7Yc+plEhmae Ee06DO64oUmUQy89aN5asxN9dhqhgQzkNvSW9hBGJYzWJU8mzBHapudc73IH79ph SLaDA/NJTpxG3B7Bxuk02VzuxpZSSGtTTdzMGF5mDTL5iY40Whnd86Tqfxv+HxT0 5uMRyJgKOwpFuFqePfrtyjCqDCISiCHzzeyB0xy3ttl8W02LTkQqM/YSPV1THtWg m5QzjiLE1WsPUJULtEpvKVkN5ioyjF6pN+PLsUZu9M8mrHzs8mHAbgIufsJsRtUF pjW+0WVruII+IWbG1uNh1jSlPriq5dyMSK2WVNKdzBPcBN4Zif0GhlS8wPSaLHNl w0M/cKm/OPlmTuOIKr19kFM9OfjfvKqlbBrrJQBxutfLBfwYUqJu36rlUZ/wbpB7 n5aa7YkKHT/JgxXw+MGCpjYJmaI4c5k6iaAPhpwTJ5nGWNTgZzziPF6D53O3DgA5 2g/MvEU3psUfxBgdcg5cO453S+0JKsV3ruGwVaJYWbeBeKINtocigN+AkHAzPD+O JpbFjQdjaCSzilS0hSNYNqGnCy5xFM6Mc/tjIE/LZ3lLCO++2Bc9t+L3868GnKIm FiEHwyqNYP50GXkIwd/de00HJlFplnWVB6F6rjBVWz4GaVl0TjQ= =6vPL -----END PGP SIGNATURE-----
--- End Message ---
