Scientific Linux 7.x: 2016-2610-1 Moderate: Systemd Freezing Flaw Fix

Date: Wed, 14 Dec 2016 17:50:04 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Scott Reid 
Subject: Security ERRATA Moderate: systemd on SL7.x x86_64
MIME-Version: 1.0
Message-ID: <20161214175004.15404.53301@slpackages.fnal.gov>

Synopsis: Moderate: systemd security and bug fix update
Advisory ID: SLSA-2016:2610-1
Issue Date: 2016-11-03
CVE Numbers: CVE-2016-7795
--

Security Fix(es):

* A flaw was found in the way systemd handled empty notification messages.
A local attacker could use this flaw to make systemd freeze its execution,
preventing further management of system services, system shutdown, or
zombie process collection via systemd. (CVE-2016-7795)

Bug Fix(es):

* Previously, the udev device manager automatically enabled all memory
banks on IBM z System installations. As a consequence, hot plug memory was
enabled automatically, which was incorrect. With this update, system
architecture checks have been added to the udev rules to address the
problem. As a result, hot plug memory is no longer automatically enabled.
--

SL7
 x86_64
 libgudev1-219-30.el7_3.3.i686.rpm
 libgudev1-219-30.el7_3.3.x86_64.rpm
 systemd-219-30.el7_3.3.x86_64.rpm
 systemd-debuginfo-219-30.el7_3.3.i686.rpm
 systemd-debuginfo-219-30.el7_3.3.x86_64.rpm
 systemd-libs-219-30.el7_3.3.i686.rpm
 systemd-libs-219-30.el7_3.3.x86_64.rpm
 systemd-python-219-30.el7_3.3.x86_64.rpm
 systemd-sysv-219-30.el7_3.3.x86_64.rpm
 libgudev1-devel-219-30.el7_3.3.i686.rpm
 libgudev1-devel-219-30.el7_3.3.x86_64.rpm
 systemd-devel-219-30.el7_3.3.i686.rpm
 systemd-devel-219-30.el7_3.3.x86_64.rpm
 systemd-journal-gateway-219-30.el7_3.3.x86_64.rpm
 systemd-networkd-219-30.el7_3.3.x86_64.rpm
 systemd-resolved-219-30.el7_3.3.i686.rpm
 systemd-resolved-219-30.el7_3.3.x86_64.rpm

- Scientific Linux Development Team