procps (2:3.3.17-6ubuntu2.1) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2023-4016: replace the use of malloc() with calloc()
in ps/parser.c to prevent the potential for an arithmetic overflow when
allocating memory.
- CVE-2023-4016
-- Ian Constantin <ian.constantin@canonical.com> Tue, 31 Oct 2023 13:36:04 +0200
procps (2:3.3.17-6ubuntu2) jammy; urgency=medium
* Add basic autopkgtest to validate sysctl-defaults (LP: #1962038)
-- Lukas Märdian <slyon@ubuntu.com> Fri, 25 Feb 2022 12:57:56 +0100
procps (2:3.3.17-6ubuntu1) jammy; urgency=low
* Merge from Debian unstable (LP: #1961805).
Remaining changes:
- debian/sysctl.d (Ubuntu-specific):
+ 10-console-messages.conf: stop low-level kernel messages on console.
+ 10-kernel-hardening.conf: add the kptr_restrict setting
+ 10-ipv6-privacy.conf: add a file to sysctl.d to apply the defaults
for IPv6 privacy extensions for interfaces. (LP: #176125, #841353)
+ 10-magic-sysrq.conf: Disable most magic sysrq by default, allowing
critical sync, remount, reboot functions. (LP: #194676, LP: #1025467)
+ 10-network-security.conf: enable rp_filter.
+ 10-ptrace.conf: describe new PTRACE setting.
+ 10-zeropage.conf: safe mmap_min_addr value for graceful fall-back.
for armhf, and arm64.
+ 10-qemu.conf.s390x for qemu.
- debian/rules: Fix cross build
- ignore_eaccess.patch: If we get eaccess when opening a sysctl file for
writing, don't error out. Otherwise package upgrades can fail,
especially in containers.
- Adjust logic due to rc no longer being propagated (LP: #1903351)
- ignore_erofs.patch: Same as ignore_eaccess but for the case where
part of /proc is read/only.
- Adjust logic due to rc no longer being propagated (LP: #1903351)
- debian/procps.maintscript: handle migration of link-protect.conf from
/etc to /usr.
Dropped changes:
- debian/README.sysctl: Debian has added this information.
- debian/procps.install: debian/protect-links.conf has been re-named to
debian/99-protect-links.conf, so it can be safely installed again
(see LP: #1938585 for background).
-- Nick Rosbrook <nick.rosbrook@canonical.com> Fri, 18 Feb 2022 16:49:15 -0500
procps (2:3.3.17-6) unstable; urgency=medium
* Add reload option for init script Closes: #991151
* Follow naming convention for systemd files debian/procps!3 Closes:
#1000908
* Fix FBTFS on Hurd Closes: #987557
-- Craig Small <csmall@debian.org> Thu, 13 Jan 2022 19:46:59 +1100
procps (2:3.3.17-5ubuntu3) impish; urgency=medium
* Remove /usr/lib/sysctl.d/protect-links.conf (LP: #1938585)
-- Dan Streetman <ddstreet@canonical.com> Fri, 30 Jul 2021 12:17:48 -0400
procps (2:3.3.17-5ubuntu2) impish; urgency=medium
* Clean up switch statement for ignore_erofs case (LP: #1903351)
-- William 'jawn-smith' Wilson <william.wilson@canonical.com> Tue, 01 Jun 2021 14:10:29 -0500
procps (2:3.3.17-5ubuntu1) impish; urgency=low
* Merge from Debian unstable.
Remaining changes:
- autopkgtest for LP: #1874824. Submitted to debian as bug 988792
- debian/sysctl.d (Ubuntu-specific):
+ 10-console-messages.conf: stop low-level kernel messages on console.
+ 10-kernel-hardening.conf: add the kptr_restrict setting
+ 10-ipv6-privacy.conf: add a file to sysctl.d to apply the defaults
for IPv6 privacy extensions for interfaces. (LP: #176125, #841353)
+ 10-magic-sysrq.conf: Disable most magic sysrq by default, allowing
critical sync, remount, reboot functions. (LP: #194676, LP: #1025467)
+ 10-network-security.conf: enable rp_filter.
+ 10-ptrace.conf: describe new PTRACE setting.
+ 10-zeropage.conf: safe mmap_min_addr value for graceful fall-back.
for armhf, and arm64.
+ 10-qemu.conf.s390x for qemu.
+ README: describe how this directory is supposed to work.
- debian/rules: Fix cross build
- ignore_eaccess.patch: If we get eaccess when opening a sysctl file for
writing, don't error out. Otherwise package upgrades can fail,
especially in containers.
- Adjust logic due to rc no longer being propagated (LP: #1903351)
- ignore_erofs.patch: Same as ignore_eaccess but for the case where
part of /proc is read/only.
- Adjust logic due to rc no longer being propagated (LP: #1903351)
- debian/procps.maintscript: handle migration of link-protect.conf from
/etc to /usr.
Justification of dropped patches
- missing_potfiles_in: Debian has now added this code in POTFILES.in
so the patch is no longer needed
- pmap_test: This patch disables some tests that are not causing
any problems. These tests are run in Debian so should be run
in Ubuntu as well
- top_config_file_bwcompat: Debian has applied this code upstream so
the patch is no longer needed
- tar-version: Debian has applied this code upstream so the patch is
no longer needed
- stack_limit: Debian has applied this code upstream so the patch is
no longer needed
-- William 'jawn-smith' Wilson <william.wilson@canonical.com> Wed, 19 May 2021 09:24:31 +0000
procps (2:3.3.17-5) unstable; urgency=medium
* Add break/replace for conflicting manpages-fr-extra Closes: #986276
-- Craig Small <csmall@debian.org> Tue, 06 Apr 2021 17:17:53 +1000
procps (2:3.3.17-4) unstable; urgency=medium
* Remove w alternative in postinst Closes: #982803
-- Craig Small <csmall@debian.org> Mon, 15 Feb 2021 20:50:26 +1100
procps (2:3.3.17-3) unstable; urgency=medium
* Install language files Closes: #982437
* Add epoch to manpages-pl Replaces/Breaks Closes: #982566
* Remove conflict with w-bassman as removed in 2010
* Remove w alternative as there is no alternative Closes: #982440
* Update to debhelper 13
* d/control: Remove conflict from non-existent pgrep package
-- Craig Small <csmall@debian.org> Sun, 14 Feb 2021 20:57:10 +1100
# For older changelog entries, run 'apt-get changelog libprocps8'
Generated by dwww version 1.14 on Thu Aug 21 21:21:18 CEST 2025.