Oval Definition:oval:org.opensuse.security:def:55927
Revision Date:2021-07-21Version:1
Title:Security update for systemd (Important)
Description:

This update for systemd fixes the following issues:

Security issues fixed:

- CVE-2021-33910: Fixed a denial of service (stack exhaustion) in systemd (PID 1) (bsc#1188063)

Other fixes:

- mount-util: shorten the loop a bit (#7545) - mount-util: do not use the official MAX_HANDLE_SZ (#7523) - mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761) - mount-util: fix bad indenting - mount-util: EOVERFLOW might have other causes than buffer size issues - mount-util: fix error propagation in fd_fdinfo_mnt_id() - mount-util: drop exponential buffer growing in name_to_handle_at_loop() - udev: port udev_has_devtmpfs() to use path_get_mnt_id() - mount-util: add new path_get_mnt_id() call that queries the mnt ID of a path - mount-util: add name_to_handle_at_loop() wrapper around name_to_handle_at() - mount-util: accept that name_to_handle_at() might fail with EPERM (#5499) - basic: fallback to the fstat if we don't have access to the /proc/self/fdinfo - sysusers: use the usual comment style - test/TEST-21-SYSUSERS: add tests for new functionality - sysusers: allow admin/runtime overrides to command-line config - basic/strv: add function to insert items at position - sysusers: allow the shell to be specified - sysusers: move various user credential validity checks to src/basic/ - man: reformat table in sysusers.d(5) - sysusers: take configuration as positional arguments - sysusers: emit a bit more info at debug level when locking fails - sysusers: allow force reusing existing user/group IDs (#8037) - sysusers: ensure GID in uid:gid syntax exists - sysusers: make ADD_GROUP always create a group - test: add TEST-21-SYSUSERS test - sysuser: use OrderedHashmap - sysusers: allow uid:gid in sysusers.conf files - sysusers: fix memleak (#4430) - These commits implement the option '--replace' for systemd-sysusers so %sysusers_create_package can be introduced in SLE and packages can rely on this rpm macro without wondering whether the macro is available on the different target the package is submitted to. - Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807) - systemctl: add --value option - execute: make sure to call into PAM after initializing resource limits (bsc#1184967) - rlimit-util: introduce setrlimit_closest_all() - system-conf: drop reference to ShutdownWatchdogUsec= - core: rename ShutdownWatchdogSec to RebootWatchdogSec (bsc#1185331) - Return -EAGAIN instead of -EALREADY from unit_reload (bsc#1185046) - rules: don't ignore Xen virtual interfaces anymore (bsc#1178561) - write_net_rules: set execute bits (bsc#1178561) - udev: rework network device renaming - Revert 'Revert 'udev: network device renaming - immediately give up if the target name isn't available''
Family:unixClass:patch
Status:Reference(s):1000998
1002639
1004728
1007853
1007854
1007855
1007857
1007858
1010893
1011805
1011812
1028391
1102682
1103203
1105323
1111331
1118277
1135273
1137597
1140747
1178561
1184761
1184967
1185046
1185331
1185807
1188063
791372
838333
853423
853425
854915
896715
937752
938344
967190
968787
969727
973010
973164
973790
974407
975930
980483
980854
CVE-2012-0786
CVE-2012-5576
CVE-2013-1913
CVE-2013-1978
CVE-2013-6462
CVE-2014-4330
CVE-2014-8119
CVE-2015-3982
CVE-2015-5122
CVE-2015-5123
CVE-2015-5145
CVE-2015-5154
CVE-2015-5963
CVE-2015-8213
CVE-2016-0762
CVE-2016-1234
CVE-2016-2347
CVE-2016-3075
CVE-2016-3706
CVE-2016-4429
CVE-2016-5018
CVE-2016-6794
CVE-2016-6796
CVE-2016-6797
CVE-2016-6816
CVE-2016-7545
CVE-2016-8735
CVE-2017-5398
CVE-2017-5400
CVE-2017-5401
CVE-2017-5402
CVE-2017-5404
CVE-2017-5405
CVE-2017-5407
CVE-2017-5408
CVE-2017-5409
CVE-2017-5410
CVE-2018-10902
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-19788
CVE-2018-5390
CVE-2019-11091
CVE-2019-11477
CVE-2019-11478
CVE-2021-33910
SUSE-SU-2015:1258-1
SUSE-SU-2015:1472-1
SUSE-SU-2016:1091-1
SUSE-SU-2016:1733-1
SUSE-SU-2016:3079-1
SUSE-SU-2017:0340-1
SUSE-SU-2017:0714-1
SUSE-SU-2019:0019-1
SUSE-SU-2019:1452-1
SUSE-SU-2019:1924-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP2-LTSS-ERICSSON
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libXcursor1-1.1.15-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • kernel-debug-4.12.14-lp151.28.7 is installed
  • OR kernel-debug-base-4.12.14-lp151.28.7 is installed
  • OR kernel-debug-devel-4.12.14-lp151.28.7 is installed
  • OR kernel-default-4.12.14-lp151.28.7 is installed
  • OR kernel-default-base-4.12.14-lp151.28.7 is installed
  • OR kernel-default-devel-4.12.14-lp151.28.7 is installed
  • OR kernel-devel-4.12.14-lp151.28.7 is installed
  • OR kernel-docs-4.12.14-lp151.28.7 is installed
  • OR kernel-docs-html-4.12.14-lp151.28.7 is installed
  • OR kernel-kvmsmall-4.12.14-lp151.28.7 is installed
  • OR kernel-kvmsmall-base-4.12.14-lp151.28.7 is installed
  • OR kernel-kvmsmall-devel-4.12.14-lp151.28.7 is installed
  • OR kernel-macros-4.12.14-lp151.28.7 is installed
  • OR kernel-obs-build-4.12.14-lp151.28.7 is installed
  • OR kernel-obs-qa-4.12.14-lp151.28.7 is installed
  • OR kernel-source-4.12.14-lp151.28.7 is installed
  • OR kernel-source-vanilla-4.12.14-lp151.28.7 is installed
  • OR kernel-syms-4.12.14-lp151.28.7 is installed
  • OR kernel-vanilla-4.12.14-lp151.28.7 is installed
  • OR kernel-vanilla-base-4.12.14-lp151.28.7 is installed
  • OR kernel-vanilla-devel-4.12.14-lp151.28.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • xorg-x11-devel-7.4-8.26.40 is installed
  • OR xorg-x11-libs-7.4-8.26.40 is installed
  • OR xorg-x11-libs-32bit-7.4-8.26.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • gimp-2.6.2-3.34.45 is installed
  • OR gimp-lang-2.6.2-3.34.45 is installed
  • OR gimp-plugins-python-2.6.2-3.34.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • flash-player-11.2.202.491-0.11 is installed
  • OR flash-player-gnome-11.2.202.491-0.11 is installed
  • OR flash-player-kde4-11.2.202.491-0.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • lhasa-0.2.0-5 is installed
  • OR liblhasa0-0.2.0-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • augeas-1.2.0-3 is installed
  • OR augeas-lenses-1.2.0-3 is installed
  • OR libaugeas0-1.2.0-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_63-default-9-2 is installed
  • OR kgraft-patch-3_12_74-60_64_63-xen-9-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_22-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • cpp48-4.8.5-30 is installed
  • OR gcc48-4.8.5-30 is installed
  • OR gcc48-32bit-4.8.5-30 is installed
  • OR gcc48-c++-4.8.5-30 is installed
  • OR gcc48-info-4.8.5-30 is installed
  • OR gcc48-locale-4.8.5-30 is installed
  • OR libasan0-4.8.5-30 is installed
  • OR libasan0-32bit-4.8.5-30 is installed
  • OR libstdc++48-devel-4.8.5-30 is installed
  • OR libstdc++48-devel-32bit-4.8.5-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libsystemd0-228-150.58 is installed
  • OR libsystemd0-32bit-228-150.58 is installed
  • OR libudev1-228-150.58 is installed
  • OR libudev1-32bit-228-150.58 is installed
  • OR systemd-228-150.58 is installed
  • OR systemd-32bit-228-150.58 is installed
  • OR systemd-bash-completion-228-150.58 is installed
  • OR systemd-sysvinit-228-150.58 is installed
  • OR udev-228-150.58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180703-13.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libjavascriptcoregtk-3_0-0-2.4.11-23 is installed
  • OR libwebkitgtk-3_0-0-2.4.11-23 is installed
  • OR libwebkitgtk3-lang-2.4.11-23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.6.0-109.110 is installed
  • OR MozillaFirefox-translations-common-68.6.0-109.110 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_72-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.74 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.74 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.74 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • apache2-2.4.23-29.24 is installed
  • OR apache2-doc-2.4.23-29.24 is installed
  • OR apache2-example-pages-2.4.23-29.24 is installed
  • OR apache2-prefork-2.4.23-29.24 is installed
  • OR apache2-utils-2.4.23-29.24 is installed
  • OR apache2-worker-2.4.23-29.24 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND python-Django-1.8.9-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
  • OR openssl-doc-1.0.2j-60.30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.0-30.60 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND haproxy-1.6.11-11.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • openstack-manila-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-api-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-data-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-scheduler-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-share-7.3.1~dev15-4.18 is installed
  • OR python-manila-7.3.1~dev15-4.18 is installed
    • BACK