Mailinglist Archive: opensuse-updates (124 mails)

< Previous Next >
openSUSE-SU-2017:1844-1: moderate: Security update for systemd
openSUSE Security Update: Security update for systemd
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:1844-1
Rating: moderate
References: #1004995 #1029102 #1029516 #1036873 #1038865
#1040258 #1040614 #1040942 #1043758 #982303

Cross-References: CVE-2017-9217
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________

An update that solves one vulnerability and has 9 fixes is
now available.

Description:

This update for systemd fixes the following issues:

Security issue fixed:

- CVE-2017-9217: resolved: Fix null pointer p->question dereferencing that
could lead to resolved aborting (bsc#1040614)

The update also fixed several non-security bugs:

- core/mount: Use the "-c" flag to not canonicalize paths when calling
/bin/umount
- automount: Handle expire_tokens when the mount unit changes its state
(bsc#1040942)
- automount: Rework propagation between automount and mount units
- build: Make sure tmpfiles.d/systemd-remote.conf get installed when
necessary
- build: Fix systemd-journal-upload installation
- basic: Detect XEN Dom0 as no virtualization (bsc#1036873)
- virt: Make sure some errors are not ignored
- fstab-generator: Do not skip Before= ordering for noauto mountpoints
- fstab-gen: Do not convert device timeout into seconds when initializing
JobTimeoutSec
- core/device: Use JobRunningTimeoutSec= for device units (bsc#1004995)
- fstab-generator: Apply the _netdev option also to device units
(bsc#1004995)
- job: Add JobRunningTimeoutSec for JOB_RUNNING state (bsc#1004995)
- job: Ensure JobRunningTimeoutSec= survives serialization (bsc#1004995)
- rules: Export NVMe WWID udev attribute (bsc#1038865)
- rules: Introduce disk/by-id (model_serial) symbolic links for NVMe drives
- rules: Add rules for NVMe devices
- sysusers: Make group shadow support configurable (bsc#1029516)
- core: When deserializing a unit, fully restore its cgroup state
(bsc#1029102)
- core: Introduce cg_mask_from_string()/cg_mask_to_string()
- core:execute: Fix handling failures of calling fork() in exec_spawn()
(bsc#1040258)
- Fix systemd-sysv-convert when a package starts shipping service units
(bsc#982303) The database might be missing when upgrading a package
which was shipping no sysv init scripts nor unit files (at the time
--save was called) but the new version start shipping unit files.
- Disable group shadow support (bsc#1029516)
- Only check signature job error if signature job exists (bsc#1043758)


This update was imported from the SUSE:SLE-12-SP2:Update update project.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-806=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.2 (i586 x86_64):

libsystemd0-228-25.6.1
libsystemd0-debuginfo-228-25.6.1
libsystemd0-mini-228-25.6.1
libsystemd0-mini-debuginfo-228-25.6.1
libudev-devel-228-25.6.1
libudev-mini-devel-228-25.6.1
libudev-mini1-228-25.6.1
libudev-mini1-debuginfo-228-25.6.1
libudev1-228-25.6.1
libudev1-debuginfo-228-25.6.1
nss-myhostname-228-25.6.1
nss-myhostname-debuginfo-228-25.6.1
nss-mymachines-228-25.6.1
nss-mymachines-debuginfo-228-25.6.1
systemd-228-25.6.1
systemd-debuginfo-228-25.6.1
systemd-debugsource-228-25.6.1
systemd-devel-228-25.6.1
systemd-logger-228-25.6.1
systemd-mini-228-25.6.1
systemd-mini-debuginfo-228-25.6.1
systemd-mini-debugsource-228-25.6.1
systemd-mini-devel-228-25.6.1
systemd-mini-sysvinit-228-25.6.1
systemd-sysvinit-228-25.6.1
udev-228-25.6.1
udev-debuginfo-228-25.6.1
udev-mini-228-25.6.1
udev-mini-debuginfo-228-25.6.1

- openSUSE Leap 42.2 (x86_64):

libsystemd0-32bit-228-25.6.1
libsystemd0-debuginfo-32bit-228-25.6.1
libudev1-32bit-228-25.6.1
libudev1-debuginfo-32bit-228-25.6.1
nss-myhostname-32bit-228-25.6.1
nss-myhostname-debuginfo-32bit-228-25.6.1
systemd-32bit-228-25.6.1
systemd-debuginfo-32bit-228-25.6.1

- openSUSE Leap 42.2 (noarch):

systemd-bash-completion-228-25.6.1
systemd-mini-bash-completion-228-25.6.1


References:

https://www.suse.com/security/cve/CVE-2017-9217.html
https://bugzilla.suse.com/1004995
https://bugzilla.suse.com/1029102
https://bugzilla.suse.com/1029516
https://bugzilla.suse.com/1036873
https://bugzilla.suse.com/1038865
https://bugzilla.suse.com/1040258
https://bugzilla.suse.com/1040614
https://bugzilla.suse.com/1040942
https://bugzilla.suse.com/1043758
https://bugzilla.suse.com/982303


< Previous Next >
This Thread
  • No further messages