File _patchinfo of Package patchinfo.9922

<patchinfo incident="9922">
  <issue tracker="bnc" id="1101591">Unable to change VTs after wayland compositor crash</issue>
  <issue tracker="bnc" id="1119971">SLES 15 SP1 - systemd-cryptsetup-generator generates invalid systemd unit with key files in /sys</issue>
  <issue tracker="bnc" id="1005023">udev errors when booting an MD RAID system</issue>
  <issue tracker="bnc" id="1120323">EMU: VUL-0: CVE-2018-16864, CVE-2018-16865, CVE-2018-16866: systemd: Qualys Security Advisory "System Down"</issue>
  <issue tracker="bnc" id="1114933">vconsole setup fails, fonts will not be copied to tty7</issue>
  <issue tracker="bnc" id="1045723">systemd no longer allows symlink /tmp =&gt; /var/tmp since Tumbleweed 20170620</issue>
  <issue tracker="bnc" id="1117063">systemd.spec: the test for figuring out if /etc/machine-id is writable is incorrect</issue>
  <issue tracker="bnc" id="1093753">after reboot other qgroups are assigned to parent qgroups</issue>
  <issue tracker="bnc" id="1076696">KunLun Server Hotplug: kernel panic after hot-add one memory board in KunLun 9004</issue>
  <issue tracker="bnc" id="1080919">VUL-0: CVE-2018-6954: systemd: systemd-tmpfiles mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files</issue>
  <issue tracker="bnc" id="1111498"> pam_systemd(sudo:session): Cannot create session: Already running in a session</issue>
  <issue tracker="cve" id="2018-6954"/>
  <issue tracker="cve" id="2018-16865"/>
  <issue tracker="cve" id="2018-16864"/>
  <issue tracker="cve" id="2018-16866"/>
  <category>security</category>
  <rating>important</rating>
  <packager>fbui</packager>
  <description>This update for systemd provides the following fixes:

Security issues fixed:

- CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)
- CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)
- CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919)
- Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)

Non-security issues fixed:

- pam_systemd: Fix 'Cannot create session: Already running in a session' (bsc#1111498)
- systemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933)
- systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723)
- Fixed installation issue with /etc/machine-id during update (bsc#1117063)
- btrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753)
- logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)
- udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)
- udev: Ignore the exit code of systemd-detect-virt for memory hot-add.  In SLE-12-SP3,
  80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to
  detect non-zvm environment. The systemd-detect-virt returns exit failure code when it
  detected _none_ state.  The exit failure code causes that the hot-add memory block can
  not be set to online. (bsc#1076696)
  </description>
  <summary>Security update for systemd</summary>
</patchinfo>