SUSE-SU-2018:0299-1

Description

Security update for systemd This update for systemd fixes several issues. This security issue was fixed: - CVE-2018-1049: Prevent race that can lead to DoS when using automounts (bsc#1076308). These non-security issues were fixed: - core: don't choke if a unit another unit triggers vanishes during reload - delta: don't ignore PREFIX when the given argument is PREFIX/SUFFIX - delta: extend skip logic to work on full directory paths (prefix+suffix) (bsc#1070428) - delta: check if a prefix needs to be skipped only once - delta: skip symlink paths when split-usr is enabled (#4591) - sysctl: use raw file descriptor in sysctl_write (#7753) - sd-netlink: don't take possesion of netlink fd from caller on failure (bsc#1074254) - Fix the regexp used to detect broken by-id symlinks in /etc/crypttab It was missing the following case: '/dev/disk/by-id/cr_-xxx'. - sysctl: disable buffer while writing to /proc (bsc#1071558) - Use read_line() and LONG_LINE_MAX to read values configuration files. (bsc#1071558) - sysctl: no need to check for eof twice - def: add new constant LONG_LINE_MAX - fileio: add new helper call read_line() as bounded getline() replacement - service: Don't stop unneeded units needed by restarted service (#7526) (bsc#1066156) - gpt-auto-generator: fix the handling of the value returned by fstab_has_fstype() in add_swap() (#6280) - gpt-auto-generator: disable gpt auto logic for swaps if at least one is defined in fstab (bsc#897422) - fstab-util: introduce fstab_has_fstype() helper - fstab-generator: ignore root=/dev/nfs (#3591) - fstab-generator: don't process root= if it happens to be 'gpt-auto' (#3452) - virt: use XENFEAT_dom0 to detect the hardware domain (#6442, #6662) (#7581) (bsc#1048510) - analyze: replace --no-man with --man=no in the man page (bsc#1068251) - udev: net_setup_link: don't error out when we couldn't apply link config (#7328) - Add missing /etc/systemd/network directory - Fix parsing of features in detect_vm_xen_dom0 (#7890) (bsc#1048510) - sd-bus: use -- when passing arguments to ssh (#6706) - systemctl: make sure we terminate the bus connection first, and then close the pager (#3550) - sd-bus: bump message queue size (bsc#1075724) - tmpfiles: downgrade warning about duplicate line

Affected Systems

• suse•systemd&distro=SUSE Linux Enterprise Desktop 12 SP2

  < 228-150.29.1

• suse•systemd&distro=SUSE Linux Enterprise Desktop 12 SP3

  < 228-150.29.1

• suse•systemd&distro=SUSE Linux Enterprise Server 12 SP2

  < 228-150.29.1

• suse•systemd&distro=SUSE Linux Enterprise Server 12 SP3

  < 228-150.29.1

• suse•systemd&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

  < 228-150.29.1

• suse•systemd&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

  < 228-150.29.1

• suse•systemd&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3

  < 228-150.29.1

• suse•systemd&distro=SUSE Linux Enterprise Software Development Kit 12 SP2

  < 228-150.29.1

• suse•systemd&distro=SUSE Linux Enterprise Software Development Kit 12 SP3

  < 228-150.29.1

References (13)

• https://www.suse.com/support/update/announcement/2018/suse-su-20180299-1/
• https://bugzilla.suse.com/1048510
• https://bugzilla.suse.com/1065276
• https://bugzilla.suse.com/1066156
• https://bugzilla.suse.com/1068251
• https://bugzilla.suse.com/1070428
• https://bugzilla.suse.com/1071558
• https://bugzilla.suse.com/1074254
• https://bugzilla.suse.com/1075724
• https://bugzilla.suse.com/1076308
• https://bugzilla.suse.com/897422
• https://www.suse.com/security/cve/CVE-2017-15908
• https://www.suse.com/security/cve/CVE-2018-1049