Oval Definition:oval:org.opensuse.security:def:103795
Revision Date:2019-07-15Version:1
Title:Security update for systemd (Moderate)
Description:

This update for systemd fixes the following issues:

Security issues fixed:

- CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348). - CVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352). - CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509).

Non-security issued fixed:

- logind: fix killing of scopes (bsc#1125604) - namespace: make MountFlags=shared work again (bsc#1124122) - rules: load drivers only on 'add' events (bsc#1126056) - sysctl: Don't pass null directive argument to '%s' (bsc#1121563) - systemd-coredump: generate a stack trace of all core dumps and log into the journal (jsc#SLE-5933) - udevd: notify when max number value of children is reached only once per batch of events (bsc#1132400) - sd-bus: bump message queue size again (bsc#1132721) - Do not automatically online memory on s390x (bsc#1127557) - Removed sg.conf (bsc#1036463)
Family:unixClass:patch
Status:Reference(s):1036463
1121563
1124122
1125352
1125604
1126056
1127557
1130230
1132348
1132400
1132721
1133506
1133509
CVE-2019-3842
CVE-2019-3843
CVE-2019-3844
CVE-2019-6454
SUSE-SU-2019:1364-2
Platform(s):SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libsystemd0-234-24.30.1 is installed
  • OR libsystemd0-32bit-234-24.30.1 is installed
  • OR libudev-devel-234-24.30.1 is installed
  • OR libudev1-234-24.30.1 is installed
  • OR libudev1-32bit-234-24.30.1 is installed
  • OR systemd-234-24.30.1 is installed
  • OR systemd-32bit-234-24.30.1 is installed
  • OR systemd-bash-completion-234-24.30.1 is installed
  • OR systemd-container-234-24.30.1 is installed
  • OR systemd-coredump-234-24.30.1 is installed
  • OR systemd-devel-234-24.30.1 is installed
  • OR systemd-sysvinit-234-24.30.1 is installed
  • OR udev-234-24.30.1 is installed
  • BACK