Oval Definition:oval:org.opensuse.security:def:85520
Revision Date:2020-03-18Version:1
Title:Security update for systemd (Important)
Description:

This update for systemd fixes the following issues:

- CVE-2020-1712 (bsc#bsc#1162108) Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted Dbus messages.

- Unconfirmed fix for prevent hanging of systemctl during restart. (bsc#1139459) - Fix warnings thrown during package installation. (bsc#1154043) - Fix for system-udevd prevent crash within OES2018. (bsc#1151506) - Fragments of masked units ought not be considered for 'NeedDaemonReload'. (bsc#1156482) - Wait for workers to finish when exiting. (bsc#1106383) - Improve log message when inotify limit is reached. (bsc#1155574) - Mention in the man pages that alias names are only effective after command 'systemctl enable'. (bsc#1151377) - Introduce function for reading virtual files in 'sysfs' and 'procfs'. (bsc#1133495, bsc#1159814)
Family:unixClass:patch
Status:Reference(s):1106383
1133495
1139459
1151377
1151506
1154043
1155574
1156482
1159814
1162108
CVE-2020-1712
SUSE-SU-2020:0331-1
Platform(s):SUSE Linux Enterprise Server 12 SP3-LTSS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libsystemd0-228-150.82.1 is installed
  • OR libsystemd0-32bit-228-150.82.1 is installed
  • OR libudev-devel-228-150.82.1 is installed
  • OR libudev1-228-150.82.1 is installed
  • OR libudev1-32bit-228-150.82.1 is installed
  • OR systemd-228-150.82.1 is installed
  • OR systemd-32bit-228-150.82.1 is installed
  • OR systemd-bash-completion-228-150.82.1 is installed
  • OR systemd-sysvinit-228-150.82.1 is installed
  • OR udev-228-150.82.1 is installed
    • BACK