Oval Definition:oval:org.opensuse.security:def:56423
Revision Date:2020-12-01Version:1
Title:Security update for systemd (Moderate)
Description:

This update for systemd provides several fixes and enhancements.

Security issues fixed:

- CVE-2017-9217: Null pointer dereferencing that could lead to resolved aborting. (bsc#1040614) - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. (bsc#1045290)

The update also fixed several non-security bugs:

- core/mount: Use the '-c' flag to not canonicalize paths when calling /bin/umount - automount: Handle expire_tokens when the mount unit changes its state (bsc#1040942) - automount: Rework propagation between automount and mount units - build: Make sure tmpfiles.d/systemd-remote.conf get installed when necessary - build: Fix systemd-journal-upload installation - basic: Detect XEN Dom0 as no virtualization (bsc#1036873) - virt: Make sure some errors are not ignored - fstab-generator: Do not skip Before= ordering for noauto mountpoints - fstab-gen: Do not convert device timeout into seconds when initializing JobTimeoutSec - core/device: Use JobRunningTimeoutSec= for device units (bsc#1004995) - fstab-generator: Apply the _netdev option also to device units (bsc#1004995) - job: Add JobRunningTimeoutSec for JOB_RUNNING state (bsc#1004995) - job: Ensure JobRunningTimeoutSec= survives serialization (bsc#1004995) - rules: Export NVMe WWID udev attribute (bsc#1038865) - rules: Introduce disk/by-id (model_serial) symbolic links for NVMe drives - rules: Add rules for NVMe devices - sysusers: Make group shadow support configurable (bsc#1029516) - core: When deserializing a unit, fully restore its cgroup state (bsc#1029102) - core: Introduce cg_mask_from_string()/cg_mask_to_string() - core:execute: Fix handling failures of calling fork() in exec_spawn() (bsc#1040258) - Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303) The database might be missing when upgrading a package which was shipping no sysv init scripts nor unit files (at the time --save was called) but the new version start shipping unit files. - Disable group shadow support (bsc#1029516) - Only check signature job error if signature job exists (bsc#1043758) - Automounter issue in combination with NFS volumes (bsc#1040968) - Missing symbolic link for SAS device in /dev/disk/by-path (bsc#1040153) - Add minimal support for boot.d/* scripts in systemd-sysv-convert (bsc#1046750)
Family:unixClass:patch
Status:Reference(s):1004995
1017420
1029102
1029516
1032029
1033238
1036873
1037120
1038865
1040153
1040258
1040614
1040942
1040968
1041282
1041283
1043758
1043900
1044946
1045290
1046750
1047666
1048299
1053153
1068032
1068101
1069708
1071471
1076017
1083488
1085114
1085447
1103098
1124729
1124734
1128378
954210
982303
986216
990856
CVE-2007-6600
CVE-2008-1686
CVE-2009-4034
CVE-2009-4136
CVE-2009-4492
CVE-2010-0541
CVE-2010-1169
CVE-2010-1170
CVE-2010-3433
CVE-2011-1004
CVE-2011-1005
CVE-2011-4815
CVE-2012-0866
CVE-2012-0867
CVE-2012-0868
CVE-2012-2143
CVE-2012-2655
CVE-2012-3488
CVE-2012-3489
CVE-2013-0255
CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
CVE-2013-6401
CVE-2013-7459
CVE-2014-0060
CVE-2014-0061
CVE-2014-0062
CVE-2014-0063
CVE-2014-0064
CVE-2014-0065
CVE-2014-0066
CVE-2014-0067
CVE-2014-8104
CVE-2014-9638
CVE-2014-9639
CVE-2014-9640
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE-2015-5288
CVE-2015-5289
CVE-2015-6749
CVE-2015-8079
CVE-2016-0752
CVE-2016-6354
CVE-2017-1000381
CVE-2017-10661
CVE-2017-11499
CVE-2017-13166
CVE-2017-15868
CVE-2017-16939
CVE-2017-16939
CVE-2017-5715
CVE-2017-7826
CVE-2017-7828
CVE-2017-7830
CVE-2017-9217
CVE-2017-9445
CVE-2018-1000004
CVE-2018-1068
CVE-2018-5391
CVE-2018-7566
CVE-2019-6974
CVE-2019-7221
CVE-2019-9213
SUSE-SU-2016:2397-1
SUSE-SU-2017:2031-1
SUSE-SU-2017:2168-1
SUSE-SU-2017:2350-1
SUSE-SU-2017:3213-1
SUSE-SU-2017:3337-1
SUSE-SU-2018:0056-1
SUSE-SU-2018:0271-1
SUSE-SU-2018:1005-1
SUSE-SU-2019:0672-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.0 NonFree
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libIlmImf-2_2-23-2.2.1-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.0 NonFree is installed
  • AND opera-54.0.2952.41-lp150.2.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • go1.12-1.12.9-lp151.2.21 is installed
  • OR go1.12-doc-1.12.9-lp151.2.21 is installed
  • OR go1.12-race-1.12.9-lp151.2.21 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libsystemd0-228-150.9 is installed
  • OR libsystemd0-32bit-228-150.9 is installed
  • OR libudev1-228-150.9 is installed
  • OR libudev1-32bit-228-150.9 is installed
  • OR systemd-228-150.9 is installed
  • OR systemd-32bit-228-150.9 is installed
  • OR systemd-bash-completion-228-150.9 is installed
  • OR systemd-sysvinit-228-150.9 is installed
  • OR udev-228-150.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libecpg6-9.4.5-4 is installed
  • OR libpq5-9.4.5-4 is installed
  • OR libpq5-32bit-9.4.5-4 is installed
  • OR postgresql94-9.4.5-4 is installed
  • OR postgresql94-contrib-9.4.5-4 is installed
  • OR postgresql94-docs-9.4.5-4 is installed
  • OR postgresql94-server-9.4.5-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_40-default-7-2 is installed
  • OR kgraft-patch-3_12_74-60_64_40-xen-7-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_15-7-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libjansson4-2.7-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libsnmp30-5.7.3-6.3 is installed
  • OR libsnmp30-32bit-5.7.3-6.3 is installed
  • OR net-snmp-5.7.3-6.3 is installed
  • OR perl-SNMP-5.7.3-6.3 is installed
  • OR snmp-mibs-5.7.3-6.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kernel-firmware-20170530-21.22 is installed
  • OR ucode-amd-20170530-21.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • glibc-2.22-62.13 is installed
  • OR glibc-32bit-2.22-62.13 is installed
  • OR glibc-devel-2.22-62.13 is installed
  • OR glibc-devel-32bit-2.22-62.13 is installed
  • OR glibc-html-2.22-62.13 is installed
  • OR glibc-i18ndata-2.22-62.13 is installed
  • OR glibc-info-2.22-62.13 is installed
  • OR glibc-locale-2.22-62.13 is installed
  • OR glibc-locale-32bit-2.22-62.13 is installed
  • OR glibc-profile-2.22-62.13 is installed
  • OR glibc-profile-32bit-2.22-62.13 is installed
  • OR nscd-2.22-62.13 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND davfs2-1.5.2-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND apache2-mod_perl-2.0.8-13.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND ft2demos-2.6.3-7.15 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-actionview-4_2-4.2.2-5 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • nodejs-common-1.0-2 is installed
  • OR nodejs6-6.11.1-11.5 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • MozillaFirefox-68.1.0-109.89 is installed
  • OR MozillaFirefox-branding-SLE-68-32.8 is installed
  • OR MozillaFirefox-translations-common-68.1.0-109.89 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • git-2.26.2-27.36 is installed
  • OR git-core-2.26.2-27.36 is installed
  • BACK