SUSE-SU-2023:0058-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2023/suse-su-20230058-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0058-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2023:0058-1
Related
Published
2023-01-10T08:15:43Z
Modified
2023-01-10T08:15:43Z
Summary
Security update for systemd
Details

This update for systemd fixes the following issues:

Fixing the following issues:

  • units: restore RemainAfterExit=yes in systemd-vconsole-setup.service
  • vconsole-setup: don't concat strv if we don't need to (i.e. not in debug log mode)
  • vconsole-setup: add more log messages
  • units: restore Before dependencies for systemd-vconsole-setup.service
  • vconsole-setup: add lots of debug messages
  • Add enable_disable() helper
  • vconsole: correct kernel command line namespace
  • vconsole: Don't do static installation under sysinit.target
  • vconsole: use KDFONTOP_GET/SET to handle copying (bsc#1181636)
  • vconsole: updates of keyboard/font loading functions
  • vconsole: Add generic is_*() functions
  • vconsole: add two new toggle functions, remove old enable/disable ones
  • vconsole: copy font to 63 consoles instead of 15
  • vconsole: add log_oom() where appropriate
  • vconsole-setup: Store fonts on heap (#3268)
  • errno-util: add new errnoorelse() helper

The following fix is now integrated upstream:

  • CVE-2022-4415: coredump: do not allow user to access coredumps with changed uid/gid/capabilities (bsc#1205000).
References

Affected packages

SUSE:Linux Enterprise Software Development Kit 12 SP5 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-157.49.1

Ecosystem specific 

{
    "binaries": [
        {
            "systemd-devel": "228-157.49.1",
            "libudev-devel": "228-157.49.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-157.49.1

Ecosystem specific 

{
    "binaries": [
        {
            "libudev1-32bit": "228-157.49.1",
            "libsystemd0": "228-157.49.1",
            "systemd-devel": "228-157.49.1",
            "libudev-devel": "228-157.49.1",
            "udev": "228-157.49.1",
            "libudev1": "228-157.49.1",
            "systemd-32bit": "228-157.49.1",
            "systemd-bash-completion": "228-157.49.1",
            "libsystemd0-32bit": "228-157.49.1",
            "systemd": "228-157.49.1",
            "systemd-sysvinit": "228-157.49.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / systemd

Package

Name
systemd
Purl
pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
228-157.49.1

Ecosystem specific 

{
    "binaries": [
        {
            "libudev1-32bit": "228-157.49.1",
            "libsystemd0": "228-157.49.1",
            "systemd-devel": "228-157.49.1",
            "libudev-devel": "228-157.49.1",
            "udev": "228-157.49.1",
            "libudev1": "228-157.49.1",
            "systemd-32bit": "228-157.49.1",
            "systemd-bash-completion": "228-157.49.1",
            "libsystemd0-32bit": "228-157.49.1",
            "systemd": "228-157.49.1",
            "systemd-sysvinit": "228-157.49.1"
        }
    ]
}