SUSE-SU-2019:0135-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:0135-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2019:0135-1
- Related
- Published
- 2019-01-21T12:54:40Z
- Modified
- 2019-01-21T12:54:40Z
- Summary
- Security update for systemd
- Details
-
This update for systemd provides the following fixes:
Security issues fixed:
- CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)
- CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)
- Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)
Non-security issues fixed:
- core: Queue loading transient units after setting their properties. (bsc#1115518)
- logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)
- terminal-util: introduce vtrelease() and vtrestore() helpers.
- terminal: Unify code for resetting kbd utf8 mode a bit.
- terminal Reset should honour default_utf8 kernel setting.
- logind: Make sessionrestorevt() static.
- udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)
- log: Never log into foreign fd #2 in PID 1 or its pre-execve() children. (bsc#1114981)
- udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected none state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)
- References
-
- https://www.suse.com/support/update/announcement/2019/suse-su-20190135-1/
- https://bugzilla.suse.com/1005023
- https://bugzilla.suse.com/1076696
- https://bugzilla.suse.com/1101591
- https://bugzilla.suse.com/1114981
- https://bugzilla.suse.com/1115518
- https://bugzilla.suse.com/1119971
- https://bugzilla.suse.com/1120323
- https://www.suse.com/security/cve/CVE-2018-16864
- https://www.suse.com/security/cve/CVE-2018-16865
- https://www.suse.com/security/cve/CVE-2018-16866
Affected packages
SUSE:OpenStack Cloud 7 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20OpenStack%20Cloud%207
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Desktop 12 SP3 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Desktop 12 SP4 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Software Development Kit 12 SP3 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
SUSE:Linux Enterprise Software Development Kit 12 SP4 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4
SUSE:Linux Enterprise Server 12 SP2-LTSS / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP2-BCL / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP3 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP4 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP4 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}
SUSE:Enterprise Storage 4 / systemd
Package
- Name
- systemd
- Purl
- purl:rpm/suse/systemd&distro=SUSE%20Enterprise%20Storage%204
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed228-150.58.1
Ecosystem specific
{
"binaries": [
{
"libudev1-32bit": "228-150.58.1",
"libsystemd0": "228-150.58.1",
"udev": "228-150.58.1",
"libudev1": "228-150.58.1",
"systemd-32bit": "228-150.58.1",
"systemd-bash-completion": "228-150.58.1",
"libsystemd0-32bit": "228-150.58.1",
"systemd": "228-150.58.1",
"systemd-sysvinit": "228-150.58.1"
}
]
}