Comment 39 for bug 1934221

This bug was fixed in the package systemd - 247.3-3ubuntu3.7

---------------
systemd (247.3-3ubuntu3.7) hirsute-security; urgency=medium

  * SECURITY UPDATE: systemd-tmpfiles could be made to crash.
    - d/p/rm-rf-refactor-rm-rf-children-split-out-body-of-directory.patch:
      Backport upstream patch from PR#20173
    - d/p/rm-rf-optionally-fsync-after-removing-directory-tree.patch:
      Backport upstream patch required for CVE-2021-3997 patches
    - d/p/CVE-2021-3997-1.patch: Backport upstream patch to refactor
      rm_rf_children_inner()
    - d/p/CVE-2021-3997-2.patch: Backport upstream patch to refactor
      rm_rf()
    - d/p/CVE-2021-3997-3.patch: Backport upstream patch to loop over
      nested directories instead of using recursion
    - CVE-2021-3997

 -- Alex Murray <email address hidden> Mon, 10 Jan 2022 14:56:34 +1030