Ubuntu
sysstat package

Change logs for sysstat source package in Focal

  1. Focal (20.04)
  2. Change log 
  • sysstat (12.2.0-2ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: overflow in arithmetic multiplication
    - debian/patches/CVE-2023-33204.patch: fix overflow check logic in
      check_overflow() in common.c.
    - CVE-2023-33204

 -- Rodrigo Figueiredo Zaiden <email address hidden>  Mon, 05 Jun 2023 11:19:10 -0300
  • sysstat (12.2.0-2ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: overflow in arithmetic multiplication
    - debian/patches/CVE-2022-39377-1.patch: fix size_t overflow in
      common.c, common.h, sa_common.c.
    - debian/patches/CVE-2022-39377-2.patch: add more overflow checks in
      common.c, common.h, sa_common.c, sadc.c.
    - debian/patches/CVE-2022-39377-3.patch: make sure values to be
      compared are unsigned integers in common.c, common.h, sa_common.c,
      sadc.c.
    - CVE-2022-39377

 -- Marc Deslauriers <email address hidden>  Fri, 25 Nov 2022 12:57:50 -0500
  • sysstat (12.2.0-2ubuntu0.1) focal; urgency=medium

  * d/p/12-fix-wMB-json-output.patch: Correct values for the number of
    megabytes written to the device per second when using JSON output.
    Thanks to Sebastien GODARD <email address hidden> #264
    on upstream (LP: #1888345).

 -- Miriam EspaƱa Acebal <email address hidden>  Mon, 09 Aug 2021 16:08:06 +0200
  • sysstat (12.2.0-2) unstable; urgency=medium

  * Add 11-Double-free-in-check_file_actlst.patch, taken from upstream,
    to really fix CVE-2019-19725 (closes: #946657).

 -- Robert Luberda <email address hidden>  Mon, 23 Dec 2019 20:11:03 +0100
  • sysstat (12.2.0-1) unstable; urgency=medium

  * New upstream stable version:
    + fixes double free in check_file_actlst in check_file_actlst in
      sa_common.c (CVE-2019-19725, closes: #946657).
  * Replace debian/compat file with build dependency on debhelper-compat.
  * Add lintian overrides for manpages that document internal programs
    shipped in /usr/lib/sysstat.
  * Add upstream metadata file.

 -- Robert Luberda <email address hidden>  Sun, 22 Dec 2019 12:44:20 +0100
  • sysstat (12.1.7-1) unstable; urgency=medium

  * New upstream development version:
    + fixes memory corruption bug due to integer overflow in remap_struct()
      function (CVE-2019-16167, closes: #939914).
  * debian/control:
    + switch Build-Depends to libsensors-dev from libsensors4-dev
      (closes: #917450);
    + Standards-Version: 4.4.1 (no changes).

 -- Robert Luberda <email address hidden>  Sat, 02 Nov 2019 11:55:12 +0100
  • sysstat (12.0.6-1) unstable; urgency=medium

  * New upstream stable version.

 -- Robert Luberda <email address hidden>  Sun, 18 Aug 2019 13:05:20 +0200