This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. - CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Non-security issues fixed: - dhcp6: split assert_return to be more debuggable when hit - core: skip unit deserialization and move to the next one when unit_deserialize fails - core: properly handle deserialization of unknown unit types - core: don"t create Requires for workdir if quot;missing okquot; - logind: use manager_get_user_by_pid where appropriate - logind: rework manager_get_{user|session}_by_pid a bit - login: fix user at .service case, so we don"t allow nested sessions - core: be more defensive if we can"t determine per-connection socket peer - socket-util: introduce port argument in sockaddr_port - service: fixup ExecStop for socket-activated shutdown - service: Continue shutdown on socket activated unit on termination - cryptsetup: build fixes for quot;add support for sector-size= optionquot; - udev-rules: IMPORT cmdline does not recognize keys with similar names - core: keep the kernel coredump defaults when systemd-coredump is disabled - core: shorten main a bit, split out coredump initialization - core: set RLIMIT_CORE to unlimited by default - core/mount: fstype may be NULL - journald: don"t ship systemd-journald-audit.socket - core: make quot;tmpfsquot; dependencies on swapfs a quot;defaultquot; dep, not an quot;implicitquot; - mount: make sure we unmount tmpfs mounts before we deactivate swaps - tmp.mount.hm4: After swap.target - Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it"s never been a SySV init tool.