SUSE-SU-2019:1265-1 -- SLES systemd, libsystemd0, libudev1, udevID: oval:org.secpod.oval:def:89003040 | Date: (C)2021-02-27 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-6954: Fixed a vulnerability in the symlink handling of systemd-tmpfiles which allowed a local user to obtain ownership of arbitrary files . - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a local user to escalate privileges . - CVE-2019-6454: Fixed a denial of service caused by long dbus messages . Non-security issues fixed: - systemd-coredump: generate a stack trace of all core dumps - udevd: notify when max number value of children is reached only once per batch of events - sd-bus: bump message queue size again - core: only watch processes when it"s really necessary - rules: load drivers only on quot;addquot; events - sysctl: Don"t pass null directive argument to "%s" - Do not automatically online memory on s390x
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP4 |
Product: |
systemd |
libsystemd0 |
libudev1 |
udev |