Overview

File _patchinfo of Package patchinfo.14037

<patchinfo incident="14037">
  <issue tracker="bnc" id="1156482">systemctl reports warning on masked service when drop-in is present</issue>
  <issue tracker="bnc" id="1156213">networkd: vxlan parameter Remote=  says invalid multicast address</issue>
  <issue tracker="bnc" id="1154256">udev: mounting CDROM can race with cdrom_id</issue>
  <issue tracker="bnc" id="1133495">MD Array size detection is not done before fsck process start in the system start process. As the result it leads to emergency mode.</issue>
  <issue tracker="bnc" id="1161436">VUL-1: CVE-2019-20386: systemd: memory leak in button_open in login/logind-button.c</issue>
  <issue tracker="bnc" id="1155207">systemctl command line completion is very slow</issue>
  <issue tracker="bnc" id="1084671">blkid triggers autoclose</issue>
  <issue tracker="bnc" id="1092920">missing Farsi in language and keyboard selection</issue>
  <issue tracker="bnc" id="1159814">SLES12SP3LTSS s390x PTF request for kernel and systemd from bsc#1133495</issue>
  <issue tracker="bnc" id="1155574">systemd: failed to add watch on /tmp/inotify-test/file8184: No space left on device</issue>
  <issue tracker="bnc" id="1162108">VUL-0: EMBARGOED: CVE-2020-1712: systemd: heap use-after-free when asynchronous Polkit queries are performed while handling Dbus messages</issue>
  <issue tracker="bnc" id="1106383">Some of qlogic FC controllers are failed to apply qla2xxx driver on SLES15</issue>
  <issue tracker="bnc" id="1151377">SLES 15 SP1 - ISST-RWS: Not able to ON the syslog.service and it's getting removed during OFF</issue>
  <issue tracker="bnc" id="1158485">[Build 101.1] openQA test fails in gdm_session_switch; can not reboot system in gdm</issue>
  <issue tracker="cve" id="2020-1712"/>
  <issue tracker="cve" id="2019-20386"/>
  <issue tracker="jsc" id="SLE-7683"/>
  <issue tracker="jsc" id="SLE-7689"/>
  <packager>fbui</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for systemd</summary>
  <description>This update for systemd fixes the following issues:

- CVE-2020-1712 (bsc#bsc#1162108)
  Fix a heap use-after-free vulnerability, when asynchronous
  Polkit queries were performed while handling Dbus messages. A local
  unprivileged attacker could have abused this flaw to crash systemd services or
  potentially execute code and elevate their privileges, by sending specially
  crafted Dbus messages.

- Use suse.pool.ntp.org server pool on SLE distros (jsc#SLE-7683)

- libblkid: open device in nonblock mode. (bsc#1084671)
- udev/cdrom_id: Do not open CD-rom in exclusive mode. (bsc#1154256)
- bus_open leak sd_event_source when udevadm trigger&#12290; (bsc#1161436 CVE-2019-20386)
- fileio: introduce read_full_virtual_file() for reading virtual files in sysfs, procfs (bsc#1133495 bsc#1159814)
- fileio: initialize errno to zero before we do fread()
- fileio: try to read one byte too much in read_full_stream()
- logind: consider "greeter" sessions suitable as "display" sessions of a user (bsc#1158485)
- logind: never elect a session that is stopping as display

- journal: include kmsg lines from the systemd process which exec()d us (#8078)
- udevd: don't use monitor after manager_exit()
- udevd: capitalize log messages in on_sigchld()
- udevd: merge conditions to decrease indentation
- Revert "udevd: fix crash when workers time out after exit is signal caught"
- core: fragments of masked units ought not be considered for NeedDaemonReload (#7060) (bsc#1156482)
- udevd: fix crash when workers time out after exit is signal caught
- udevd: wait for workers to finish when exiting (bsc#1106383)

- Improve bash completion support (bsc#1155207)
  * shell-completion: systemctl: do not list template units in {re,}start
  * shell-completion: systemctl: pass current word to all list_unit*
  * bash-completion: systemctl: pass current partial unit to list-unit* (bsc#1155207)
  * bash-completion: systemctl: use systemctl --no-pager
  * bash-completion: also suggest template unit files
  * bash-completion: systemctl: add missing options and verbs
  * bash-completion: use the first argument instead of the global variable (#6457)

- networkd: VXLan Make group and remote variable separate (bsc#1156213)
- networkd: vxlan require Remote= to be a non multicast address (#8117) (bsc#1156213)
- fs-util: let's avoid unnecessary strerror()
- fs-util: introduce inotify_add_watch_and_warn() helper
- ask-password: improve log message when inotify limit is reached (bsc#1155574)
- shared/install: failing with -ELOOP can be due to the use of an alias in install_error() (bsc#1151377)
- man: alias names can't be used with enable command (bsc#1151377)

- Add boot option to not use swap at system start (jsc#SLE-7689)

- Allow YaST to select Iranian (Persian, Farsi) keyboard layout
  (bsc#1092920)
  </description>
</patchinfo>
openSUSE Build Service is sponsored by
Places