File _patchinfo of Package patchinfo.4996
<patchinfo incident="4996"> <issue id="1036873" tracker="bnc">mcelog does not start on a SLES12 SP2 dom0 server</issue> <issue id="1040942" tracker="bnc">systemd automounter issue in combination with nfs</issue> <issue id="982303" tracker="bnc">Updating shows: /usr/sbin/systemd-sysv-convert: line 62: /var/lib/systemd/sysv-convert/database: No such file or directory</issue> <issue id="1004995" tracker="bnc">L3: _netdev mounts are started too early in SLES 12 SP1</issue> <issue id="1029516" tracker="bnc">systemd-sysusers creates entries in /etc/gshadow, but groupdel does not remove that</issue> <issue id="1029102" tracker="bnc">systemctl won't report TasksCurrent after daemon-reload</issue> <issue id="1038865" tracker="bnc">NVMe over Fabrics devices don't get picked up by multipathd</issue> <issue id="1040614" tracker="bnc">VUL-0: CVE-2017-9217: systemd: systemd-resolved through 233 allows remote attackers to cause a denial ofservice (daemon crash) via a crafted DNS response with an empty questionsection.</issue> <issue id="1043758" tracker="bnc">machinectl pull-tar segfaults in tar_pull_job_on_finished</issue> <issue id="1040258" tracker="bnc">systemd : Failed to read server status: Connection reset by peer</issue> <issue id="2017-9217" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>fbui</packager> <description>This update for systemd fixes the following issues: Security issue fixed: - CVE-2017-9217: resolved: Fix null pointer p->question dereferencing that could lead to resolved aborting (bsc#1040614) The update also fixed several non-security bugs: - core/mount: Use the "-c" flag to not canonicalize paths when calling /bin/umount - automount: Handle expire_tokens when the mount unit changes its state (bsc#1040942) - automount: Rework propagation between automount and mount units - build: Make sure tmpfiles.d/systemd-remote.conf get installed when necessary - build: Fix systemd-journal-upload installation - basic: Detect XEN Dom0 as no virtualization (bsc#1036873) - virt: Make sure some errors are not ignored - fstab-generator: Do not skip Before= ordering for noauto mountpoints - fstab-gen: Do not convert device timeout into seconds when initializing JobTimeoutSec - core/device: Use JobRunningTimeoutSec= for device units (bsc#1004995) - fstab-generator: Apply the _netdev option also to device units (bsc#1004995) - job: Add JobRunningTimeoutSec for JOB_RUNNING state (bsc#1004995) - job: Ensure JobRunningTimeoutSec= survives serialization (bsc#1004995) - rules: Export NVMe WWID udev attribute (bsc#1038865) - rules: Introduce disk/by-id (model_serial) symbolic links for NVMe drives - rules: Add rules for NVMe devices - sysusers: Make group shadow support configurable (bsc#1029516) - core: When deserializing a unit, fully restore its cgroup state (bsc#1029102) - core: Introduce cg_mask_from_string()/cg_mask_to_string() - core:execute: Fix handling failures of calling fork() in exec_spawn() (bsc#1040258) - Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303) The database might be missing when upgrading a package which was shipping no sysv init scripts nor unit files (at the time --save was called) but the new version start shipping unit files. - Disable group shadow support (bsc#1029516) - Only check signature job error if signature job exists (bsc#1043758) </description> <summary>Security update for systemd</summary> </patchinfo>
