SUSE-SU-2018:0546-1

Source
https://www.suse.com/support/update/announcement/2018/suse-su-20180546-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0546-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:0546-1
Related
Published
2018-02-26T15:35:50Z
Modified
2018-02-26T15:35:50Z
Summary
Security update for systemd
Details

This update for systemd fixes the following issues:

Security issue fixed:

  • CVE-2017-18078: tmpfiles: refuse to chown()/chmod() files which are hardlinked, unless protected_hardlinks sysctl is on. This could be used by local attackers to gain privileges (bsc#1077925)

Non Security issues fixed:

  • core: use id unit when retrieving unit file state (#8038) (bsc#1075801)
  • cryptsetup-generator: run cryptsetup service before swap unit (#5480)
  • udev-rules: all values can contain escaped double quotes now (#6890)
  • strv: fix buffer size calculation in strvjoinquoted()
  • tmpfiles: change ownership of symlinks too
  • stdio-bridge: Correctly propagate error
  • stdio-bridge: remove dead code
  • remove bus-proxyd (bsc#1057974)
  • core/timer: Prevent timer looping when unit cannot start (bsc#1068588)

  • Make systemd-timesyncd use the openSUSE NTP servers by default Previously systemd-timesyncd used the Google Public NTP servers time{1..4}.google.com

  • Don't ship /usr/lib/systemd/system/tmp.mnt at all (bsc#1071224) But we still ship a copy in /var. Users who want to use tmpfs on /tmp are supposed to add a symlink in /etc/ pointing to the copy shipped in /var. To support the update path we automatically create the symlink if tmp.mount in use is located in /usr.

  • Enable systemd-networkd on Leap distros only (bsc#1071311)

References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP2 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.32.1",
            "libsystemd0": "228-150.32.1",
            "udev": "228-150.32.1",
            "libudev1": "228-150.32.1",
            "systemd-32bit": "228-150.32.1",
            "systemd-bash-completion": "228-150.32.1",
            "libsystemd0-32bit": "228-150.32.1",
            "systemd": "228-150.32.1",
            "systemd-sysvinit": "228-150.32.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP3 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.32.1",
            "libsystemd0": "228-150.32.1",
            "udev": "228-150.32.1",
            "libudev1": "228-150.32.1",
            "systemd-32bit": "228-150.32.1",
            "systemd-bash-completion": "228-150.32.1",
            "libsystemd0-32bit": "228-150.32.1",
            "systemd": "228-150.32.1",
            "systemd-sysvinit": "228-150.32.1"
        }
    ]
}

SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "libsystemd0": "228-150.32.1",
            "systemd-bash-completion": "228-150.32.1",
            "udev": "228-150.32.1",
            "libudev1": "228-150.32.1",
            "systemd": "228-150.32.1",
            "systemd-sysvinit": "228-150.32.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP2 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "systemd-devel": "228-150.32.1",
            "libudev-devel": "228-150.32.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP3 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "systemd-devel": "228-150.32.1",
            "libudev-devel": "228-150.32.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.32.1",
            "libsystemd0": "228-150.32.1",
            "udev": "228-150.32.1",
            "libudev1": "228-150.32.1",
            "systemd-32bit": "228-150.32.1",
            "systemd-bash-completion": "228-150.32.1",
            "libsystemd0-32bit": "228-150.32.1",
            "systemd": "228-150.32.1",
            "systemd-sysvinit": "228-150.32.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.32.1",
            "libsystemd0": "228-150.32.1",
            "udev": "228-150.32.1",
            "libudev1": "228-150.32.1",
            "systemd-32bit": "228-150.32.1",
            "systemd-bash-completion": "228-150.32.1",
            "libsystemd0-32bit": "228-150.32.1",
            "systemd": "228-150.32.1",
            "systemd-sysvinit": "228-150.32.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.32.1",
            "libsystemd0": "228-150.32.1",
            "udev": "228-150.32.1",
            "libudev1": "228-150.32.1",
            "systemd-32bit": "228-150.32.1",
            "systemd-bash-completion": "228-150.32.1",
            "libsystemd0-32bit": "228-150.32.1",
            "systemd": "228-150.32.1",
            "systemd-sysvinit": "228-150.32.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / systemd

Package

Name
systemd
Purl
purl:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-150.32.1

Ecosystem specific

{
    "binaries": [
        {
            "libudev1-32bit": "228-150.32.1",
            "libsystemd0": "228-150.32.1",
            "udev": "228-150.32.1",
            "libudev1": "228-150.32.1",
            "systemd-32bit": "228-150.32.1",
            "systemd-bash-completion": "228-150.32.1",
            "libsystemd0-32bit": "228-150.32.1",
            "systemd": "228-150.32.1",
            "systemd-sysvinit": "228-150.32.1"
        }
    ]
}