Oval Definition:oval:org.opensuse.security:def:63685
Revision Date:2020-12-01Version:1
Title:Security update for systemd (Important)
Description:

This update for systemd fixes the following issues:

Security issues fixed:

- CVE-2018-6954: Fixed a vulnerability in the symlink handling of systemd-tmpfiles which allowed a local user to obtain ownership of arbitrary files (bsc#1080919). - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a local user to escalate privileges (bsc#1132348). - CVE-2019-6454: Fixed a denial of service caused by long dbus messages (bsc#1125352).

Non-security issues fixed:

- systemd-coredump: generate a stack trace of all core dumps (jsc#SLE-5933) - udevd: notify when max number value of children is reached only once per batch of events (bsc#1132400) - sd-bus: bump message queue size again (bsc#1132721) - core: only watch processes when it's really necessary (bsc#955942 bsc#1128657) - rules: load drivers only on 'add' events (bsc#1126056) - sysctl: Don't pass null directive argument to '%s' (bsc#1121563) - Do not automatically online memory on s390x (bsc#1127557)
Family:unixClass:patch
Status:Reference(s):1080919
1111177
1113246
1114710
1121563
1121567
1125352
1126056
1127557
1128657
1130230
1132348
1132400
1132721
1137443
1138872
1139073
1141035
1145092
1154043
1155988
1159550
1171550
1171862
1173786
1174010
1174157
1175223
1175259
955942
CVE-2018-14662
CVE-2018-16846
CVE-2018-16889
CVE-2018-6954
CVE-2019-10208
CVE-2019-11135
CVE-2019-11139
CVE-2019-11708
CVE-2019-12735
CVE-2019-17639
CVE-2019-19724
CVE-2019-3842
CVE-2019-6454
CVE-2020-12823
CVE-2020-13249
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-2752
CVE-2020-2760
CVE-2020-2812
CVE-2020-2814
CVE-2020-7068
openSUSE-SU-2019:1561-1
openSUSE-SU-2020:0057-1
openSUSE-SU-2020:0997-1
openSUSE-SU-2020:1354-1
SUSE-SU-2019:0499-1
SUSE-SU-2019:1265-1
SUSE-SU-2019:1684-1
SUSE-SU-2019:2959-1
SUSE-SU-2020:1710-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gvim-8.0.1568-lp151.5.3 is installed
  • OR vim-8.0.1568-lp151.5.3 is installed
  • OR vim-data-8.0.1568-lp151.5.3 is installed
  • OR vim-data-common-8.0.1568-lp151.5.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libsystemd0-228-150.66 is installed
  • OR libsystemd0-32bit-228-150.66 is installed
  • OR libudev1-228-150.66 is installed
  • OR libudev1-32bit-228-150.66 is installed
  • OR systemd-228-150.66 is installed
  • OR systemd-32bit-228-150.66 is installed
  • OR systemd-bash-completion-228-150.66 is installed
  • OR systemd-sysvinit-228-150.66 is installed
  • OR udev-228-150.66 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.70-38.56 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.70-38.56 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.70-38.56 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.70-38.56 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.70-38.56 is installed
  • BACK