This bug was fixed in the package systemd - 245.4-4ubuntu3.10
---------------
systemd (245.4-4ubuntu3.10) focal-security; urgency=medium
* SECURITY UPDATE: DoS via DHCP FORCERENEW
- debian/patches/CVE-2020-13529.patch: tentatively ignore FORCERENEW
command in src/libsystemd-network/sd-dhcp-client.c.
- CVE-2020-13529
* SECURITY UPDATE: denial of service via stack exhaustion
- debian/patches/CVE-2021-33910.patch: do not use strdupa() on a path
in src/basic/unit-name.c.
- CVE-2021-33910
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Tue, 20 Jul 2021
07:39:51 -0400
** Changed in: systemd (Ubuntu Focal)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-13529
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-33910
** Changed in: systemd (Ubuntu Hirsute)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1931578
Title:
ActivationPolicy=down causes delay at boot
Status in systemd package in Ubuntu:
Fix Released
Status in systemd source package in Bionic:
Won't Fix
Status in systemd source package in Focal:
Fix Released
Status in systemd source package in Groovy:
Fix Released
Status in systemd source package in Hirsute:
Fix Released
Status in systemd source package in Impish:
Fix Released
Bug description:
[impact]
The ActivationPolicy= parameter was backported in bug 1664844, but
when this is set to down (or always-down or manual) without also
specifying RequiredForOnline=no, then there is a hang at boot waiting
for the network to finish coming online.
[test case]
With the latest systemd, which includes support for ActivationPolicy=,
configure an interface with ActivationPolicy=down and reboot. The boot
will be delayed waiting for that interface.
[regression potential]
any regression would likely cause the system to encounter delay at
boot, or to boot before configured interface(s) are fully online at
boot, or to fail to correctly/fully configure interface(s).
[scope]
this is needed for all releases
this is proposed upstream in:
https://github.com/systemd/systemd/pull/19883
[other info]
this is only needed for convenience, as any configuration using
ActivationPolicy=down can also easily add RequiredForOnline=no
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1931578/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
