Overview

File _patchinfo of Package patchinfo.6694

<patchinfo incident="6694">
  <issue id="1071311" tracker="bnc">Please enable networkd in the systemd package</issue>
  <issue id="1057974" tracker="bnc">systemctl never finishes with option "start" or "enable" , "status" works fine</issue>
  <issue id="1077925" tracker="bnc">VUL-0: CVE-2017-18078: systemd: systemd-tmpfiles in systemd before 237 attempts to support ownership/permissionchanges on hardlinked files even if the fs.protected_hardlinks sysctl is turnedoff, which allows local users to bypass intended</issue>
  <issue id="1071224" tracker="bnc">systemd: removes /usr/lib/systemd/system/tmp.mount in %post</issue>
  <issue id="1075801" tracker="bnc">[systemd 228-32-2] `systemctl status` always reports the status of the service file as enabled even when disabled</issue>
  <issue id="1068588" tracker="bnc">L3: /var/log/warn flooded with snmpagentmonitor.service errors</issue>
  <issue id="2017-18078" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>fbui</packager>
  <description>
  
This update for systemd fixes the following issues:

Security issue fixed:

- CVE-2017-18078: tmpfiles: refuse to chown()/chmod() files which are
  hardlinked, unless protected_hardlinks sysctl is on. This could be used
  by local attackers to gain privileges (bsc#1077925)

Non Security issues fixed:

- core: use id unit when retrieving unit file state (#8038) (bsc#1075801)
- cryptsetup-generator: run cryptsetup service before swap unit (#5480)
- udev-rules: all values can contain escaped double quotes now (#6890)
- strv: fix buffer size calculation in strv_join_quoted()
- tmpfiles: change ownership of symlinks too
- stdio-bridge: Correctly propagate error
- stdio-bridge: remove dead code
- remove bus-proxyd (bsc#1057974)
- core/timer: Prevent timer looping when unit cannot start (bsc#1068588)

- Make systemd-timesyncd use the openSUSE NTP servers by default
  Previously systemd-timesyncd used the Google Public NTP servers
  time{1..4}.google.com

- Don't ship /usr/lib/systemd/system/tmp.mnt at all (bsc#1071224)
  But we still ship a copy in /var.
  Users who want to use tmpfs on /tmp are supposed to add a symlink in
  /etc/ pointing to the copy shipped in /var.
  To support the update path we automatically create the symlink if
  tmp.mount in use is located in /usr.

- Enable systemd-networkd on Leap distros only (bsc#1071311)

</description>
  <summary>Security update for systemd</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places