SUSE Security Update: Security update for systemd ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:4279-1 Rating: moderate References: #1197244 #1198507 #1204968 Cross-References: CVE-2022-3821 CVSS scores: CVE-2022-3821 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3821 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in format_timespan() function (bsc#1204968). - Import commit 417bb0944e035969594fff83a3ab9c2ca9a56234 * 20743c1a44 logind: fix crash in logind on user-specified message string * b971b5f085 tmpfiles: check the directory we were supposed to create, not its parent * 2850271ea6 stat-util: replace is_dir() + is_dir_fd() by single is_dir_full() call * 3d3bd5fc8d systemd --user: call pam_loginuid when creating [email protected] (#3120) (bsc#1198507) * 4b56c3540a parse-util: introduce pid_is_valid() * aa811a4c0c systemd-detect-virt: refine hypervisor detection (#7171) (bsc#1197244) Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-4279=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-4279=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): libudev-devel-228-157.43.2 systemd-debuginfo-228-157.43.2 systemd-debugsource-228-157.43.2 systemd-devel-228-157.43.2 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libsystemd0-228-157.43.2 libsystemd0-debuginfo-228-157.43.2 libudev-devel-228-157.43.2 libudev1-228-157.43.2 libudev1-debuginfo-228-157.43.2 systemd-228-157.43.2 systemd-debuginfo-228-157.43.2 systemd-debugsource-228-157.43.2 systemd-devel-228-157.43.2 systemd-sysvinit-228-157.43.2 udev-228-157.43.2 udev-debuginfo-228-157.43.2 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libsystemd0-32bit-228-157.43.2 libsystemd0-debuginfo-32bit-228-157.43.2 libudev1-32bit-228-157.43.2 libudev1-debuginfo-32bit-228-157.43.2 systemd-32bit-228-157.43.2 systemd-debuginfo-32bit-228-157.43.2 - SUSE Linux Enterprise Server 12-SP5 (noarch): systemd-bash-completion-228-157.43.2 References: https://www.suse.com/security/cve/CVE-2022-3821.html https://bugzilla.suse.com/1197244 https://bugzilla.suse.com/1198507 https://bugzilla.suse.com/1204968