Oval Definition:oval:org.opensuse.security:def:59163
Revision Date:2020-12-01Version:1
Title:Security update for systemd (Important)
Description:

This update for systemd fixes the following issues:

Security vulnerability fixed:

- CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user (bsc#1125352)

Other bug fixes and changes:

- journal-remote: set a limit on the number of fields in a message - journal-remote: verify entry length from header - journald: set a limit on the number of fields (1k) - journald: do not store the iovec entry for process commandline on stack - core: include Found state in device dumps - device: fix serialization and deserialization of DeviceFound - fix path in btrfs rule (#6844) - assemble multidevice btrfs volumes without external tools (#6607) (bsc#1117025) - Update systemd-system.conf.xml (bsc#1122000) - units: inform user that the default target is started after exiting from rescue or emergency mode - manager: don't skip sigchld handler for main and control pid for services (#3738) - core: Add helper functions unit_{main, control}_pid - manager: Fixing a debug printf formatting mistake (#3640) - manager: Only invoke a single sigchld per unit within a cleanup cycle (bsc#1117382) - core: update invoke_sigchld_event() to handle NULL ->sigchld_event() - sd-event: expose the event loop iteration counter via sd_event_get_iteration() (#3631) - unit: rework a bit how we keep the service fdstore from being destroyed during service restart (bsc#1122344) - core: when restarting services, don't close fds - cryptsetup: Add dependency on loopback setup to generated units - journal-gateway: use localStorage['cursor'] only when it has valid value - journal-gateway: explicitly declare local variables - analyze: actually select longest activated-time of services - sd-bus: fix implicit downcast of bitfield reported by LGTM - core: free lines after reading them (bsc#1123892) - pam_systemd: reword message about not creating a session (bsc#1111498) - pam_systemd: suppress LOG_DEBUG log messages if debugging is off (bsc#1111498) - main: improve RLIMIT_NOFILE handling (#5795) (bsc#1120658) - sd-bus: if we receive an invalid dbus message, ignore and proceeed - automount: don't pass non-blocking pipe to kernel. - units: make sure initrd-cleanup.service terminates before switching to rootfs (bsc#1123333) - units: add Wants=initrd-cleanup.service to initrd-switch-root.target (#4345) (bsc#1123333)
Family:unixClass:patch
Status:Reference(s):1055857
1059893
1080891
1082318
1085970
1088681
1092544
1095218
1095219
1111331
1111498
1111622
1117025
1117382
1120658
1120943
1122000
1122344
1122668
1123333
1123886
1123892
1125352
1125401
1128525
1130324
1133375
1153332
1160594
1160764
1160770
1161779
1163922
1171475
1171847
1172105
1172116
1172121
1172265
1173948
1174538
1176733
CVE-2011-0523
CVE-2011-0524
CVE-2016-6328
CVE-2017-7544
CVE-2017-9103
CVE-2017-9104
CVE-2017-9105
CVE-2017-9106
CVE-2017-9107
CVE-2017-9108
CVE-2017-9109
CVE-2018-11233
CVE-2018-11235
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-16301
CVE-2018-18074
CVE-2018-20030
CVE-2018-2755
CVE-2018-2759
CVE-2018-2761
CVE-2018-2766
CVE-2018-2767
CVE-2018-2771
CVE-2018-2777
CVE-2018-2781
CVE-2018-2782
CVE-2018-2784
CVE-2018-2786
CVE-2018-2787
CVE-2018-2810
CVE-2018-2813
CVE-2018-2817
CVE-2018-2819
CVE-2018-8088
CVE-2019-11091
CVE-2019-15165
CVE-2019-6454
CVE-2019-8936
CVE-2019-9278
CVE-2019-9924
CVE-2019-9928
CVE-2020-0093
CVE-2020-12767
CVE-2020-13112
CVE-2020-13113
CVE-2020-13114
CVE-2020-15652
CVE-2020-15653
CVE-2020-15654
CVE-2020-15655
CVE-2020-15656
CVE-2020-15657
CVE-2020-15658
CVE-2020-15659
CVE-2020-26117
CVE-2020-6463
CVE-2020-6514
CVE-2020-8013
SUSE-SU-2018:1566-2
SUSE-SU-2018:1744-1
SUSE-SU-2018:1771-1
SUSE-SU-2019:0428-1
SUSE-SU-2019:0789-1
SUSE-SU-2019:0838-2
SUSE-SU-2019:1296-1
SUSE-SU-2019:2669-1
SUSE-SU-2020:0545-1
SUSE-SU-2020:1612-1
SUSE-SU-2020:2100-1
SUSE-SU-2020:2898-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libFS6-1.0.7-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND docker-runc-1.0.0rc8+gitr3826_425e105d5a03-lp151.3.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • git-2.12.3-27.14 is installed
  • OR git-core-2.12.3-27.14 is installed
  • OR git-doc-2.12.3-27.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • gstreamer-0_10-plugins-base-0.10.36-18.3 is installed
  • OR gstreamer-0_10-plugins-base-32bit-0.10.36-18.3 is installed
  • OR libgstapp-0_10-0-32bit-0.10.36-18.3 is installed
  • OR libgstinterfaces-0_10-0-32bit-0.10.36-18.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libsystemd0-228-150.63 is installed
  • OR libsystemd0-32bit-228-150.63 is installed
  • OR libudev1-228-150.63 is installed
  • OR libudev1-32bit-228-150.63 is installed
  • OR systemd-228-150.63 is installed
  • OR systemd-32bit-228-150.63 is installed
  • OR systemd-bash-completion-228-150.63 is installed
  • OR systemd-sysvinit-228-150.63 is installed
  • OR udev-228-150.63 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libgypsy0-0.9-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • freeradius-server-3.0.15-2.14 is installed
  • OR freeradius-server-doc-3.0.15-2.14 is installed
  • OR freeradius-server-krb5-3.0.15-2.14 is installed
  • OR freeradius-server-ldap-3.0.15-2.14 is installed
  • OR freeradius-server-libs-3.0.15-2.14 is installed
  • OR freeradius-server-mysql-3.0.15-2.14 is installed
  • OR freeradius-server-perl-3.0.15-2.14 is installed
  • OR freeradius-server-postgresql-3.0.15-2.14 is installed
  • OR freeradius-server-python-3.0.15-2.14 is installed
  • OR freeradius-server-sqlite-3.0.15-2.14 is installed
  • OR freeradius-server-utils-3.0.15-2.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • cups-filters-1.0.58-19.2 is installed
  • OR cups-filters-cups-browsed-1.0.58-19.2 is installed
  • OR cups-filters-foomatic-rip-1.0.58-19.2 is installed
  • OR cups-filters-ghostscript-1.0.58-19.2 is installed
  • OR libqpdf18-7.1.1-3.3 is installed
  • OR qpdf-7.1.1-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cpp48-4.8.5-31.17 is installed
  • OR gcc48-4.8.5-31.17 is installed
  • OR gcc48-32bit-4.8.5-31.17 is installed
  • OR gcc48-c++-4.8.5-31.17 is installed
  • OR gcc48-info-4.8.5-31.17 is installed
  • OR gcc48-locale-4.8.5-31.17 is installed
  • OR libasan0-4.8.5-31.17 is installed
  • OR libasan0-32bit-4.8.5-31.17 is installed
  • OR libstdc++48-devel-4.8.5-31.17 is installed
  • OR libstdc++48-devel-32bit-4.8.5-31.17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libpcap-1.8.1-10.3 is installed
  • OR libpcap1-1.8.1-10.3 is installed
  • OR tcpdump-4.9.2-14.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • MozillaFirefox-78.0.1-112.3 is installed
  • OR MozillaFirefox-branding-SLE-78-35.3 is installed
  • OR MozillaFirefox-devel-78.0.1-112.3 is installed
  • OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND slf4j-1.7.12-3.3 is installed
    • BACK