SUSE-SU-2019:0135-1

Source
https://www.suse.com/support/update/announcement/2019/suse-su-20190135-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:0135-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2019:0135-1
Related
Published
2019-01-21T12:54:40Z
Modified
2019-01-21T12:54:40Z
Summary
Security update for systemd
Details

This update for systemd provides the following fixes:

Security issues fixed:

  • CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)
  • CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)
  • Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)

Non-security issues fixed:

  • core: Queue loading transient units after setting their properties. (bsc#1115518)
  • logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)
  • terminal-util: introduce vtrelease() and vtrestore() helpers.
  • terminal: Unify code for resetting kbd utf8 mode a bit.
  • terminal Reset should honour default_utf8 kernel setting.
  • logind: Make sessionrestorevt() static.
  • udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)
  • log: Never log into foreign fd #2 in PID 1 or its pre-execve() children. (bsc#1114981)
  • udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected none state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)
References

Affected packages

SUSE:OpenStack Cloud 7 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20OpenStack%20Cloud%207

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP3 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP4 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP3 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "systemd-devel": "228-150.58.1",
            "libudev-devel": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP4 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "systemd-devel": "228-150.58.1",
            "libudev-devel": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-LTSS / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP4 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}

SUSE:Enterprise Storage 4 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Enterprise%20Storage%204

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.58.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.58.1",
            "libsystemd0": "228-150.58.1",
            "udev": "228-150.58.1",
            "libudev1": "228-150.58.1",
            "systemd-32bit": "228-150.58.1",
            "systemd-bash-completion": "228-150.58.1",
            "libsystemd0-32bit": "228-150.58.1",
            "systemd": "228-150.58.1",
            "systemd-sysvinit": "228-150.58.1"
        }
    ]
}