From 228c52b602edc8b01fb397509aa90e9769382b88 Mon Sep 17 00:00:00 2001 From: Guillem Jover Date: Fri, 30 May 2025 22:39:23 +0200 Subject: [PATCH] MT#62935 Update sysctl kernel.core_pattern for systemd 252.38-1~deb12u1 security update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The systemd package got a security update in Debian bookworm, which changed the systemd-coredump kernel sysctl core_pattern value (by appending « %d»). This is part of the fix for CVE-2025-4598. This has caused ngcp-system-tests to fail to match the new pattern, so we need to adapt it for all currently support Debian bookworm releases. Ref: https://security-tracker.debian.org/tracker/CVE-2025-4598 Ref: https://github.com/systemd/systemd-stable/commit/2eb46dce078334805c547cbcf5e6462cf9d2f9f0 Change-Id: I531f197e47094321d688d425fb7f577b42fd7391 (cherry picked from commit 2abaac7e3c26c77a7d5b995d077cb195bb3610f3) --- templates/610_kernel-sysctl-params.yaml.tt2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/610_kernel-sysctl-params.yaml.tt2 b/templates/610_kernel-sysctl-params.yaml.tt2 index 4bc1d7d..d241266 100644 --- a/templates/610_kernel-sysctl-params.yaml.tt2 +++ b/templates/610_kernel-sysctl-params.yaml.tt2 @@ -4,7 +4,7 @@ kernel-param: value: "1" kernel.core_pattern: - value: "|/lib/systemd/systemd-coredump %P %u %g %s %t 9223372036854775808 %h" + value: "|/lib/systemd/systemd-coredump %P %u %g %s %t 9223372036854775808 %h %d" fs.suid_dumpable: value: "2"