systemd - Debian Package Tracker
Choose email to subscribe with
general
source:
systemd
main
version:
260.1-1
maintainer:
Debian systemd Maintainers
archive
DMD
uploaders:
Martin Pitt
DMD
Sjoerd Simons
DMD
Marco d'Itri
DMD
Felipe Sateler
DMD
Luca Boccassi
DMD
Nick Rosbrook
DMD
arch:
all
std-ver:
4.7.2
VCS:
Git
Browse
QA
versions
[more versions can be listed by madison]
[old versions available from snapshot.debian.org]
[pool directory]
o-o-stable:
247.
3-
7+
deb11u5
o-o-sec:
247.
3-
7+
deb11u8
o-o-upd:
247.
3-
7+
deb11u4
oldstable:
252.
39-
1~
deb12u1
old-sec:
252.
38-
1~
deb12u1
old-bpo:
254.
26-
1~
bpo12+
stable:
257.
9-
1~
deb13u1
stable-upd:
257.
8-
1~
deb13u2
testing:
260.1-1
unstable:
260.1-1
versioned links
247.
3-
7+
deb11u4:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
247.
3-
7+
deb11u5:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
247.
3-
7+
deb11u8:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
252.
38-
1~
deb12u1:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
252.
39-
1~
deb12u1:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
254.
26-
1~
bpo12+
1:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
257.
8-
1~
deb13u2:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
257.
9-
1~
deb13u1:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
260.1-1:
[.dsc, use dget on this link to retrieve source package]
[changelog]
[copyright]
[rules]
[control]
binaries
libnss-myhostname
1 bugs
libnss-mymachines
libnss-resolve
2 bugs
libnss-systemd
1 bugs
libpam-systemd
libsystemd-dev
libsystemd-shared
libsystemd0
libudev-dev
libudev1
systemd
51 bugs
38
13
systemd-boot
12 bugs
11
systemd-boot-efi
systemd-boot-efi-amd64-signed-template
systemd-boot-efi-arm64-signed-template
systemd-boot-tools
systemd-container
1 bugs
systemd-coredump
systemd-cryptsetup
systemd-dev
systemd-homed
4 bugs
systemd-journal-remote
systemd-oomd
1 bugs
systemd-repart
1 bugs
systemd-resolved
8 bugs
systemd-standalone-shutdown
systemd-standalone-sysusers
1 bugs
systemd-standalone-tmpfiles
systemd-sysv
1 bugs
systemd-tests
systemd-timesyncd
1 bugs
systemd-ukify
1 bugs
systemd-userdbd
udev
10 bugs
action needed
1 security issue
in sid
high
There is
1 open security issue
in sid.
1 important issue:
CVE-2026-40228
In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set.
Created: 2026-04-10
Last update: 2026-04-17
12:31
1 security issue
in forky
high
There is
1 open security issue
in forky.
1 important issue:
CVE-2026-40228
In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set.
Created: 2026-04-10
Last update: 2026-04-17
12:31
Depends on packages which need a new maintainer
normal
The packages that systemd depends on which need a new maintainer are:
docbook-xml
#802368
Build-Depends:
docbook-xml
docbook-xsl
#802370
Build-Depends:
docbook-xsl
Created: 2023-09-01
Last update: 2026-04-24
12:32
5 bugs
tagged help in the
BTS
normal
The
BTS
contains
5 bugs
tagged
help
, please consider helping the maintainer in dealing with
them.
Created: 2019-03-21
Last update: 2026-04-24
12:30
2 bugs
tagged patch in the
BTS
normal
The
BTS
contains
patches fixing 2 bugs
, consider including or untagging them.
Created: 2026-04-06
Last update: 2026-04-24
12:30
8 new commits
since last upload, is it time to release?
normal
vcswatch
reports that
this package seems to have new commits in its VCS but has
not yet updated debian/changelog. You should consider updating
the Debian changelog and uploading this new version into the archive.
Here are the relevant commit logs:
commit 94af257c72ac3e9bf20e324ff31c3bd5d8197f0e
Author: Luca Boccassi
Date: Mon Apr 20 22:20:38 2026 +0100
d/t/control: pull libmicrohttpd-dev for unit-tests suite
It will be a dlopen library soon
commit 08263f18a44e9ebf96b7fbf720bb88f47ecaca30
Author: Luca Boccassi
Date: Mon Apr 20 19:11:21 2026 +0100
d/t/control: pull libfdisk-dev for test suites
It will be a dlopen library soon
commit e54175a0a455a0d4fae6a7e7bcc207fede9bbc9a
Author: Luca Boccassi
Date: Wed Apr 15 15:41:05 2026 +0100
Install new files for upstream build
Gbp-Dch: ignore
commit 23ef56be0050f78be704f288ed1ce30ace47cbfe
Author: Luca Boccassi
Date: Thu Mar 26 22:26:42 2026 +0000
Install new files for upstream build
Needed for https://github.com/systemd/systemd/pull/41016
Gbp-Dch: ignore
commit 98645a89bac72fa166b0a1c1ddf190617b4fdd68
Author: Luca Boccassi
Date: Thu Mar 26 13:44:38 2026 +0000
Install new files for upstream build
Needed for https://github.com/systemd/systemd/pull/40980
Gbp-Dch: ignore
commit dc2dd78cc02792e335f1e18df1cc01f54dc43256
Author: Luca Boccassi
Date: Tue Mar 24 23:23:11 2026 +0000
Install new files for upstream build
Gbp-Dch: ignore
commit aad316ec34964056cf534ddcd980493420b8fe98
Author: Luca Boccassi
Date: Tue Mar 24 23:11:17 2026 +0000
Drop wildcards, dh_exec does not suppor them for manpages
Follow-up for 3bf8703dab4729110c9c9c47bdafd2200a1b8a53
Gbp-Dch: ignore
commit 3bf8703dab4729110c9c9c47bdafd2200a1b8a53
Author: Luca Boccassi
Date: Tue Mar 24 22:49:47 2026 +0000
Install new files for upstream build
Gbp-Dch: ignore
Created: 2026-03-25
Last update: 2026-04-20
23:01
8 open merge requests
in Salsa
normal
There are
8 open merge requests
for this package on Salsa. You should consider reviewing and/or merging these
merge requests.
Created: 2025-08-19
Last update: 2026-04-15
17:02
lintian reports
1 warning
normal
Lintian reports
1 warning
about this package. You should make the package
lintian clean
getting rid of them.
Created: 2026-03-25
Last update: 2026-03-25
03:30
5 low-priority security issues
in trixie
low
There are
5 open security issues
in trixie.
5 issues left for the package maintainer to handle:
CVE-2026-4105
(needs triaging)
A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.
CVE-2026-29111
(needs triaging)
systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.
CVE-2026-40225
(needs triaging)
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.
CVE-2026-40226
(needs triaging)
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.
CVE-2026-40228
(needs triaging)
In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set.
You can find information about how to handle these issues in the
security team's documentation
Created: 2026-03-13
Last update: 2026-04-17
12:31
5 low-priority security issues
in bookworm
low
There are
5 open security issues
in bookworm.
5 issues left for the package maintainer to handle:
CVE-2026-4105
(needs triaging)
A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.
CVE-2026-29111
(needs triaging)
systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.
CVE-2026-40225
(needs triaging)
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.
CVE-2026-40226
(needs triaging)
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.
CVE-2026-40228
(needs triaging)
In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set.
You can find information about how to handle these issues in the
security team's documentation
Created: 2026-03-13
Last update: 2026-04-17
12:31
Standards version of the package is outdated.
wishlist
The package should be updated to follow the last version of
Debian Policy
(Standards-Version
4.7.4
instead of
4.7.2
).
Created: 2025-12-23
Last update: 2026-03-31
15:01
testing migrations
This package will soon be part of the
auto-openssl
transition. You might want to ensure that your package is ready for it.
You can probably find supplementary information in the
debian-release
archives
or in the corresponding
release.debian.org
bug
news
[rss feed]
2026-04-15
Accepted systemd 247.3-7+deb11u8 (source) into oldoldstable-security
Arnaud Rebillout
2026-03-26
systemd 260.1-1 MIGRATED to testing
Debian testing watch
2026-03-23
Accepted systemd 260.1-1 (source) into unstable
Luca Boccassi
2026-03-20
systemd 260-1 MIGRATED to testing
Debian testing watch
2026-03-18
systemd 260~rc4-1 MIGRATED to testing
Debian testing watch
2026-03-17
Accepted systemd 260-1 (source) into unstable
Luca Boccassi
2026-03-14
Accepted systemd 260~rc4-1 (source) into unstable
Luca Boccassi
2026-03-12
Accepted systemd 260~rc3-1 (source) into unstable
Luca Boccassi
2026-03-09
systemd 260~rc2-1 MIGRATED to testing
Debian testing watch
2026-03-04
Accepted systemd 260~rc2-1 (source) into unstable
Luca Boccassi
2026-02-25
Accepted systemd 260~rc1-2 (source) into unstable
Luca Boccassi
2026-02-25
Accepted systemd 260~rc1-1 (source) into unstable
Luca Boccassi
2026-02-10
systemd 259.1-1 MIGRATED to testing
Debian testing watch
2026-02-06
Accepted systemd 259.1-1 (source) into unstable
Luca Boccassi
2025-12-23
systemd 259-1 MIGRATED to testing
Debian testing watch
2025-12-18
Accepted systemd 259-1 (source) into unstable
Luca Boccassi
2025-12-13
systemd 259~rc3-1 MIGRATED to testing
Debian testing watch
2025-12-10
Accepted systemd 259~rc3-1 (source) into unstable
Luca Boccassi
2025-12-02
systemd 259~rc2-1 MIGRATED to testing
Debian testing watch
2025-11-26
Accepted systemd 259~rc2-1 (source) into unstable
Luca Boccassi
2025-11-21
systemd 259~rc1-1 MIGRATED to testing
Debian testing watch
2025-11-17
Accepted systemd 259~rc1-1 (source) into unstable
Luca Boccassi
2025-10-30
systemd 258.1-2 MIGRATED to testing
Debian testing watch
2025-10-27
Accepted systemd 258.1-2 (source) into unstable
Luca Boccassi
2025-10-19
Accepted systemd 257.9-1~deb13u1 (source) into proposed-updates
Debian FTP Masters
(signed by:
Luca Boccassi
2025-10-16
systemd 258.1-1 MIGRATED to testing
Debian testing watch
2025-10-13
Accepted systemd 258.1-1 (source) into unstable
Luca Boccassi
2025-09-20
systemd 258-1 MIGRATED to testing
Debian testing watch
2025-09-17
Accepted systemd 258-1 (source) into unstable
Luca Boccassi
2025-09-11
systemd 258~rc4-1 MIGRATED to testing
Debian testing watch
bugs
[bug history graph]
all:
93
100
RC:
I&N:
70
75
M&W:
21
22
F&P:
patch:
help:
links
homepage
lintian
buildd:
logs
reproducibility
popcon
browse source code
other distros
security tracker
screenshots
l10n
77
debci
ubuntu
[Information about Ubuntu for Debian Developers]
version:
259.5-0ubuntu3
78 bugs
2 patches
patches for 259.5-0ubuntu3