[Deepin Integration]~[v25-Release] fix: backport security vulnerability patches from upstream by st0nie@deepin-community/systemd by deepin-community-ci-bot[bot]

[deepin-bot]

Package information | 软件包信息

包名	版本
systemd	255.2-4deepin28

Package repository address | 软件包仓库地址

deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-4078/testing/ ./

Changelog | 更新信息

systemd (255.2-4deepin28) stable; urgency=medium

• Backport upstream critical security vulnerability patches:
• aa76d811: resolved: add missing polkit checks for
  FlushCaches/ResetServerFeatures
• e7cd836d: resolved: cap pre-allocation for questions/RRs to prevent
  DNS memory exhaustion
• 9b217384: sd-bus: add depth limit to message_skip_fields() to
  prevent stack overflow via variant recursion
• b45a897e: sd-hwdb: reject out-of-bounds fnmatch prefixes to prevent
  OOB read
• 4e02162a: core/exec-invoke: chdir after chroot to prevent CWD escape

[deepin-bot]

Integration Test Info

Test suggestion | 测试建议

Influence | 影响范围

ADDITIONAL INFORMATION | 额外补充

[deepin-bot]

IntegrationProjector Notify the author
@st0nie: Integrated issue updated

[deepin-bot]

IntegrationProjector Bot
Deepin Testing Integration Project Manager Info
Link to deepin-community/Repository-Integration#4078