Security update for systemd, dracut
Announcement ID: | SUSE-SU-2017:1898-1 |
---|---|
Rating: | important |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves one vulnerability and has eight security fixes can now be installed.
Description:
This update for systemd and dracut fixes the following issues:
Security issues fixed:
- CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. (bsc#1045290)
Non-security issues fixed in systemd:
- Automounter issue in combination with NFS volumes (bsc#1040968)
- Missing symbolic link for SAS device in /dev/disk/by-path (bsc#1040153)
- Add minimal support for boot.d/* scripts in systemd-sysv-convert (bsc#1046750)
Non-security issues fixed in dracut:
- Bail out if module directory does not exist. (bsc#1043900)
- Suppress bogus error message. (bsc#1032029)
- Fix module force loading with systemd. (bsc#986216)
- Ship udev files required by systemd. (bsc#1040153)
- Ignore module resolution errors (e.g. with kgraft). (bsc#1037120)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
Magnum Orchestration 7
zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1174=1
-
SUSE Linux Enterprise Software Bootstrap Kit 12 12-SP2
zypper in -t patch SUSE-SLE-BSK-12-SP2-2017-1174=1
-
SUSE Linux Enterprise Desktop 12 SP2
zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1174=1
-
SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1174=1
-
SUSE Linux Enterprise Software Development Kit 12 12-SP2
zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1174=1
-
SUSE Linux Enterprise High Performance Computing 12 SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1174=1
-
SUSE Linux Enterprise Server 12 SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1174=1
-
SUSE Linux Enterprise Server for SAP Applications 12 SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1174=1
Package List:
-
Magnum Orchestration 7 (x86_64)
- libsystemd0-debuginfo-228-150.7.1
- systemd-debuginfo-228-150.7.1
- systemd-sysvinit-228-150.7.1
- libudev1-debuginfo-228-150.7.1
- libudev1-228-150.7.1
- libsystemd0-228-150.7.1
- dracut-044.1-109.8.3
- udev-228-150.7.1
- systemd-228-150.7.1
- systemd-debugsource-228-150.7.1
- dracut-debugsource-044.1-109.8.3
- udev-debuginfo-228-150.7.1
- dracut-debuginfo-044.1-109.8.3
-
SUSE Linux Enterprise Software Bootstrap Kit 12 12-SP2 (ppc64le s390x x86_64)
- udev-mini-228-150.7.1
- systemd-mini-debugsource-228-150.7.1
- udev-mini-debuginfo-228-150.7.1
- libudev-mini-devel-228-150.7.1
- libudev-mini1-debuginfo-228-150.7.1
- libudev-mini1-228-150.7.1
- systemd-mini-debuginfo-228-150.7.1
- systemd-mini-228-150.7.1
- systemd-mini-devel-228-150.7.1
-
SUSE Linux Enterprise Desktop 12 SP2 (x86_64)
- libsystemd0-debuginfo-228-150.7.1
- libudev1-32bit-228-150.7.1
- libsystemd0-debuginfo-32bit-228-150.7.1
- libudev1-debuginfo-32bit-228-150.7.1
- systemd-32bit-228-150.7.1
- systemd-debuginfo-228-150.7.1
- systemd-sysvinit-228-150.7.1
- libudev1-debuginfo-228-150.7.1
- libudev1-228-150.7.1
- libsystemd0-228-150.7.1
- dracut-044.1-109.8.3
- systemd-debuginfo-32bit-228-150.7.1
- udev-228-150.7.1
- libsystemd0-32bit-228-150.7.1
- systemd-228-150.7.1
- systemd-debugsource-228-150.7.1
- dracut-debugsource-044.1-109.8.3
- udev-debuginfo-228-150.7.1
- dracut-debuginfo-044.1-109.8.3
-
SUSE Linux Enterprise Desktop 12 SP2 (noarch)
- systemd-bash-completion-228-150.7.1
-
SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 (aarch64)
- libsystemd0-debuginfo-228-150.7.1
- systemd-debuginfo-228-150.7.1
- systemd-sysvinit-228-150.7.1
- libudev1-debuginfo-228-150.7.1
- libudev1-228-150.7.1
- libsystemd0-228-150.7.1
- dracut-044.1-109.8.3
- udev-228-150.7.1
- systemd-228-150.7.1
- dracut-fips-044.1-109.8.3
- systemd-debugsource-228-150.7.1
- dracut-debugsource-044.1-109.8.3
- udev-debuginfo-228-150.7.1
- dracut-debuginfo-044.1-109.8.3
-
SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 (noarch)
- systemd-bash-completion-228-150.7.1
-
SUSE Linux Enterprise Software Development Kit 12 12-SP2 (aarch64 ppc64le s390x x86_64)
- systemd-devel-228-150.7.1
- libudev-devel-228-150.7.1
- systemd-debugsource-228-150.7.1
- systemd-debuginfo-228-150.7.1
-
SUSE Linux Enterprise High Performance Computing 12 SP2 (aarch64 x86_64)
- libsystemd0-debuginfo-228-150.7.1
- systemd-debuginfo-228-150.7.1
- systemd-sysvinit-228-150.7.1
- libudev1-debuginfo-228-150.7.1
- libudev1-228-150.7.1
- libsystemd0-228-150.7.1
- dracut-044.1-109.8.3
- udev-228-150.7.1
- systemd-228-150.7.1
- dracut-fips-044.1-109.8.3
- systemd-debugsource-228-150.7.1
- dracut-debugsource-044.1-109.8.3
- udev-debuginfo-228-150.7.1
- dracut-debuginfo-044.1-109.8.3
-
SUSE Linux Enterprise High Performance Computing 12 SP2 (noarch)
- systemd-bash-completion-228-150.7.1
-
SUSE Linux Enterprise High Performance Computing 12 SP2 (x86_64)
- libudev1-32bit-228-150.7.1
- libsystemd0-debuginfo-32bit-228-150.7.1
- systemd-32bit-228-150.7.1
- libudev1-debuginfo-32bit-228-150.7.1
- systemd-debuginfo-32bit-228-150.7.1
- libsystemd0-32bit-228-150.7.1
-
SUSE Linux Enterprise Server 12 SP2 (aarch64 ppc64le s390x x86_64)
- libsystemd0-debuginfo-228-150.7.1
- systemd-debuginfo-228-150.7.1
- systemd-sysvinit-228-150.7.1
- libudev1-debuginfo-228-150.7.1
- libudev1-228-150.7.1
- libsystemd0-228-150.7.1
- dracut-044.1-109.8.3
- udev-228-150.7.1
- systemd-228-150.7.1
- dracut-fips-044.1-109.8.3
- systemd-debugsource-228-150.7.1
- dracut-debugsource-044.1-109.8.3
- udev-debuginfo-228-150.7.1
- dracut-debuginfo-044.1-109.8.3
-
SUSE Linux Enterprise Server 12 SP2 (noarch)
- systemd-bash-completion-228-150.7.1
-
SUSE Linux Enterprise Server 12 SP2 (s390x x86_64)
- libudev1-32bit-228-150.7.1
- libsystemd0-debuginfo-32bit-228-150.7.1
- systemd-32bit-228-150.7.1
- libudev1-debuginfo-32bit-228-150.7.1
- systemd-debuginfo-32bit-228-150.7.1
- libsystemd0-32bit-228-150.7.1
-
SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
- libsystemd0-debuginfo-228-150.7.1
- systemd-debuginfo-228-150.7.1
- systemd-sysvinit-228-150.7.1
- libudev1-debuginfo-228-150.7.1
- libudev1-228-150.7.1
- libsystemd0-228-150.7.1
- dracut-044.1-109.8.3
- udev-228-150.7.1
- systemd-228-150.7.1
- dracut-fips-044.1-109.8.3
- systemd-debugsource-228-150.7.1
- dracut-debugsource-044.1-109.8.3
- udev-debuginfo-228-150.7.1
- dracut-debuginfo-044.1-109.8.3
-
SUSE Linux Enterprise Server for SAP Applications 12 SP2 (noarch)
- systemd-bash-completion-228-150.7.1
-
SUSE Linux Enterprise Server for SAP Applications 12 SP2 (x86_64)
- libudev1-32bit-228-150.7.1
- libsystemd0-debuginfo-32bit-228-150.7.1
- systemd-32bit-228-150.7.1
- libudev1-debuginfo-32bit-228-150.7.1
- systemd-debuginfo-32bit-228-150.7.1
- libsystemd0-32bit-228-150.7.1
References:
- https://www.suse.com/security/cve/CVE-2017-9445.html
- https://bugzilla.suse.com/show_bug.cgi?id=1032029
- https://bugzilla.suse.com/show_bug.cgi?id=1033238
- https://bugzilla.suse.com/show_bug.cgi?id=1037120
- https://bugzilla.suse.com/show_bug.cgi?id=1040153
- https://bugzilla.suse.com/show_bug.cgi?id=1040968
- https://bugzilla.suse.com/show_bug.cgi?id=1043900
- https://bugzilla.suse.com/show_bug.cgi?id=1045290
- https://bugzilla.suse.com/show_bug.cgi?id=1046750
- https://bugzilla.suse.com/show_bug.cgi?id=986216