SUSE-SU-2017:2031-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2031-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2017:2031-1
- Related
- Published
- 2017-08-03T08:43:31Z
- Modified
- 2017-08-03T08:43:31Z
- Summary
- Security update for systemd
- Details
-
This update for systemd provides several fixes and enhancements.
Security issues fixed:
- CVE-2017-9217: Null pointer dereferencing that could lead to resolved aborting. (bsc#1040614)
- CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. (bsc#1045290)
The update also fixed several non-security bugs:
- core/mount: Use the '-c' flag to not canonicalize paths when calling /bin/umount
- automount: Handle expire_tokens when the mount unit changes its state (bsc#1040942)
- automount: Rework propagation between automount and mount units
- build: Make sure tmpfiles.d/systemd-remote.conf get installed when necessary
- build: Fix systemd-journal-upload installation
- basic: Detect XEN Dom0 as no virtualization (bsc#1036873)
- virt: Make sure some errors are not ignored
- fstab-generator: Do not skip Before= ordering for noauto mountpoints
- fstab-gen: Do not convert device timeout into seconds when initializing JobTimeoutSec
- core/device: Use JobRunningTimeoutSec= for device units (bsc#1004995)
- fstab-generator: Apply the _netdev option also to device units (bsc#1004995)
- job: Add JobRunningTimeoutSec for JOB_RUNNING state (bsc#1004995)
- job: Ensure JobRunningTimeoutSec= survives serialization (bsc#1004995)
- rules: Export NVMe WWID udev attribute (bsc#1038865)
- rules: Introduce disk/by-id (model_serial) symbolic links for NVMe drives
- rules: Add rules for NVMe devices
- sysusers: Make group shadow support configurable (bsc#1029516)
- core: When deserializing a unit, fully restore its cgroup state (bsc#1029102)
- core: Introduce cgmaskfromstring()/cgmasktostring()
- core:execute: Fix handling failures of calling fork() in exec_spawn() (bsc#1040258)
- Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303) The database might be missing when upgrading a package which was shipping no sysv init scripts nor unit files (at the time --save was called) but the new version start shipping unit files.
- Disable group shadow support (bsc#1029516)
- Only check signature job error if signature job exists (bsc#1043758)
- Automounter issue in combination with NFS volumes (bsc#1040968)
- Missing symbolic link for SAS device in /dev/disk/by-path (bsc#1040153)
- Add minimal support for boot.d/* scripts in systemd-sysv-convert (bsc#1046750)
- References
-
- https://www.suse.com/support/update/announcement/2017/suse-su-20172031-1/
- https://bugzilla.suse.com/1004995
- https://bugzilla.suse.com/1029102
- https://bugzilla.suse.com/1029516
- https://bugzilla.suse.com/1032029
- https://bugzilla.suse.com/1033238
- https://bugzilla.suse.com/1036873
- https://bugzilla.suse.com/1037120
- https://bugzilla.suse.com/1038865
- https://bugzilla.suse.com/1040153
- https://bugzilla.suse.com/1040258
- https://bugzilla.suse.com/1040614
- https://bugzilla.suse.com/1040942
- https://bugzilla.suse.com/1040968
- https://bugzilla.suse.com/1043758
- https://bugzilla.suse.com/1043900
- https://bugzilla.suse.com/1045290
- https://bugzilla.suse.com/1046750
- https://bugzilla.suse.com/982303
- https://bugzilla.suse.com/986216
- https://www.suse.com/security/cve/CVE-2017-9217
- https://www.suse.com/security/cve/CVE-2017-9445
Affected packages
SUSE:Linux Enterprise Desktop 12 SP3 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.9.3
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.9.3",
"libsystemd0": "228-150.9.3",
"udev": "228-150.9.3",
"libudev1": "228-150.9.3",
"systemd-32bit": "228-150.9.3",
"systemd-bash-completion": "228-150.9.3",
"libsystemd0-32bit": "228-150.9.3",
"systemd": "228-150.9.3",
"systemd-sysvinit": "228-150.9.3"
}
]
}
SUSE:Linux Enterprise Software Development Kit 12 SP3 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
SUSE:Linux Enterprise Server 12 SP3 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.9.3
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.9.3",
"libsystemd0": "228-150.9.3",
"udev": "228-150.9.3",
"libudev1": "228-150.9.3",
"systemd-32bit": "228-150.9.3",
"systemd-bash-completion": "228-150.9.3",
"libsystemd0-32bit": "228-150.9.3",
"systemd": "228-150.9.3",
"systemd-sysvinit": "228-150.9.3"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.9.3
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.9.3",
"libsystemd0": "228-150.9.3",
"udev": "228-150.9.3",
"libudev1": "228-150.9.3",
"systemd-32bit": "228-150.9.3",
"systemd-bash-completion": "228-150.9.3",
"libsystemd0-32bit": "228-150.9.3",
"systemd": "228-150.9.3",
"systemd-sysvinit": "228-150.9.3"
}
]
}