Overview

File _patchinfo of Package patchinfo.10940

<patchinfo incident="10940">
  <issue tracker="bnc" id="1036463">Please take over /usr/lib/modules-load.d/sg.conf</issue>
  <issue tracker="bnc" id="1124122">[SLE 15] After latest systemd and udev update, "MountFlags=shared" does not work.</issue>
  <issue tracker="bnc" id="1127557">SLES 12 SP4 - Linux activates all reserve memory on IPL (systemd?)</issue>
  <issue tracker="bnc" id="1125604">systemd keeps inconsistent data about scope processes with cgroup v2</issue>
  <issue tracker="bnc" id="1126056">SLES 12 SP4 - Problems with chcpu on large s390x LPARs (util-linux?/systemd?)</issue>
  <issue tracker="bnc" id="1132348">VUL-1: CVE-2019-3842: systemd:  Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"</issue>
  <issue tracker="bnc" id="1130230">quilt: fails to unpack systemd.spec</issue>
  <issue tracker="bnc" id="1121563">GCC 9: systemd build fails</issue>
  <issue tracker="bnc" id="1125352">VUL-0: CVE-2019-6454: systemd: crashes in long dbus messages</issue>
  <issue tracker="bnc" id="1132400">udev: debug log spammed with "maximum number (248) of children reached"</issue>
  <issue tracker="bnc" id="1133509">VUL-0: CVE-2019-3844: systemd: services with DynamicUser can get new privileges and create SGID binaries</issue>
  <issue tracker="bnc" id="1132721">Customer encountered the systemd issue small BUS_WQUEUE_MAX #4068 with systemd-228-150.63.1</issue>
  <issue tracker="bnc" id="1133506">VUL-0: CVE-2019-3843: systemd: services with DynamicUser can create SUID/SGID binaries</issue>
  <issue tracker="cve" id="2019-3842"/>
  <issue tracker="cve" id="2019-3843"/>
  <issue tracker="cve" id="2019-6454"/>
  <issue tracker="cve" id="2019-3844"/>
  <issue tracker="jsc" id="SLE-5933"/>
  <packager>fbui</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for systemd</summary>
  <description>This update for systemd fixes the following issues:

Security issues fixed:

- CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348).
- CVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352).
- CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509).

Non-security issued fixed:

- logind: fix killing of scopes (bsc#1125604)
- namespace: make MountFlags=shared work again (bsc#1124122)
- rules: load drivers only on "add" events (bsc#1126056)
- sysctl: Don't pass null directive argument to '%s' (bsc#1121563)
- systemd-coredump: generate a stack trace of all core dumps and log into the journal (jsc#SLE-5933)
- udevd: notify when max number value of children is reached only once per batch of events (bsc#1132400)
- sd-bus: bump message queue size again (bsc#1132721)
- Do not automatically online memory on s390x (bsc#1127557)
- Removed sg.conf (bsc#1036463)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places