Описание
ELSA-2023-0100: systemd security and bug fix update (MODERATE)
[239-68.0.2.1]
- Backport upstream pstore dmesg fix [Orabug: 34850699]
- Standardize ioctl (BTRFS_IOC_QGROUP_CREATE) check and return -ENOTCONN, if quota is not enabled [Orabug: 34694253]
- Disable unprivileged BPF by default [Orabug: 32870980]
- backport upstream pstore tmpfiles patch [Orabug: 31420486]
- udev rules: fix memory hot add and remove [Orabug: 31310273]
- fix to enable systemd-pstore.service [Orabug: 30951066]
- journal: change support URL shown in the catalog entries [Orabug: 30853009]
- fix to generate systemd-pstore.service file [Orabug: 30230056]
- fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792]
- set 'RemoveIPC=no' in logind.conf as default for OL7.2 [Orabug: 22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]
- add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]
- Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056]
[239-68.1]
- time-util: fix buffer-over-run (#2139390)
- core: move reset_arguments() to the end of main's finish (#2127170)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
systemd
239-68.0.2.el8_7.1
systemd-container
239-68.0.2.el8_7.1
systemd-devel
239-68.0.2.el8_7.1
systemd-journal-remote
239-68.0.2.el8_7.1
systemd-libs
239-68.0.2.el8_7.1
systemd-pam
239-68.0.2.el8_7.1
systemd-tests
239-68.0.2.el8_7.1
systemd-udev
239-68.0.2.el8_7.1
Oracle Linux x86_64
systemd
239-68.0.2.el8_7.1
systemd-container
239-68.0.2.el8_7.1
systemd-devel
239-68.0.2.el8_7.1
systemd-journal-remote
239-68.0.2.el8_7.1
systemd-libs
239-68.0.2.el8_7.1
systemd-pam
239-68.0.2.el8_7.1
systemd-tests
239-68.0.2.el8_7.1
systemd-udev
239-68.0.2.el8_7.1
Связанные CVE
Связанные уязвимости
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
An off-by-one Error issue was discovered in Systemd in format_timespan ...