- Tue Jun 27 2023 tmb <tmb> 246.16-4.mga8
+ Revision: 1963213
- coredump: do not allow user to access coredumps with changed
uid/gid/capabilities (CVE-4415-2022, mga#31305)
- time-util: fix buffer-over-run (CVE-2022-3821, mga #31138)
- Bump the max number of inodes for /dev to 128k
- add fixes for CVE-2021-3997 (mga#29864, from Ubuntu)
- basic/linux: Sync if_arp.h with Linux 5.14
- update to v246.16
- timesync: fix wrong type for receiving timestamp in nanoseconds
- icmp6: drop unnecessary assertion
- socket-util: introduce CMSG_SPACE_TIMEVAL/TIMESPEC macro to support
additional 64bit timeval or timespec
- timesync: check cmsg length
- journal,network,timesync: fix segfault on 32bit timeval/timespec systems
- update to v246.15
- basic/unit-name: do not use strdupa() on a path (CVE-2021-33910, mga#29270)
- update to v246.14
* drop merged patches
- selinux: do not crash if policy becomes unavailable after reload
- rfkill: add some casts to silence -Werror=sign-compare
- core: allow services stuck in reloading state to exit
- systemd-coredump: Add conflict with shutdown.target
- systemd-networkd.socket: Add conflict with shutdown.target (#19348)
- update to v246.13
- update to v246.11
- update to v246.10
- resolved: gracefully handle with packets with too large RR count
+ ghibo
- Execute 50-systemd-user.sh as "sourced" in X11 xinit(s) to avoid zombie creation (as of bug #27362).