Описание
Security update for systemd
This update for systemd fixes the following issues:
This security issue was fixed:
- CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges (bsc#1020601).
These non-security issues were fixed:
- Fix permission set on /var/lib/systemd/linger/*
- install: follow config_path symlink (#3362)
- install: fix disable when /etc/systemd/system is a symlink (bsc#1014560)
- run: make --slice= work in conjunction with --scope (bsc#1014566)
- core: don't dispatch load queue when setting Slice= for transient units
- systemctl: remove duplicate entries showed by list-dependencies (#5049) (bsc#1012266)
- rule: don't automatically online standby memory on s390x (bsc#997682)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
libsystemd0-228-132.1
libsystemd0-32bit-228-132.1
libudev1-228-132.1
libudev1-32bit-228-132.1
systemd-228-132.1
systemd-32bit-228-132.1
systemd-bash-completion-228-132.1
systemd-sysvinit-228-132.1
udev-228-132.1
SUSE Linux Enterprise Server 12 SP2
libsystemd0-228-132.1
libsystemd0-32bit-228-132.1
libudev1-228-132.1
libudev1-32bit-228-132.1
systemd-228-132.1
systemd-32bit-228-132.1
systemd-bash-completion-228-132.1
systemd-sysvinit-228-132.1
udev-228-132.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libsystemd0-228-132.1
libudev1-228-132.1
systemd-228-132.1
systemd-bash-completion-228-132.1
systemd-sysvinit-228-132.1
udev-228-132.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libsystemd0-228-132.1
libsystemd0-32bit-228-132.1
libudev1-228-132.1
libudev1-32bit-228-132.1
systemd-228-132.1
systemd-32bit-228-132.1
systemd-bash-completion-228-132.1
systemd-sysvinit-228-132.1
udev-228-132.1
SUSE Linux Enterprise Software Development Kit 12 SP2
libudev-devel-228-132.1
systemd-devel-228-132.1
Ссылки
- Link for SUSE-SU-2017:0279-1
- E-Mail link for SUSE-SU-2017:0279-1
- SUSE Security Ratings
- SUSE Bug 1012266
- SUSE Bug 1014560
- SUSE Bug 1014566
- SUSE Bug 1020601
- SUSE Bug 997682
- SUSE CVE CVE-2016-10156 page
Описание
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libsystemd0-228-132.1
SUSE Linux Enterprise Desktop 12 SP2:libsystemd0-32bit-228-132.1
SUSE Linux Enterprise Desktop 12 SP2:libudev1-228-132.1
SUSE Linux Enterprise Desktop 12 SP2:libudev1-32bit-228-132.1
Ссылки
- CVE-2016-10156
- SUSE Bug 1020601
- SUSE Bug 1021969
- SUSE Bug 1086936