SUSE: 2023:113-1 suse/sles12sp5 Security Update
Summary
Advisory ID: SUSE-SU-2023:58-1 Released: Tue Jan 10 09:15:27 2023 Summary: Security update for systemd Type: security Severity: moderate
References
References : 1181636 1205000 CVE-2022-4415
1181636,1205000,CVE-2022-4415
This update for systemd fixes the following issues:
Fixing the following issues:
- units: restore RemainAfterExit=yes in systemd-vconsole-setup.service
- vconsole-setup: don't concat strv if we don't need to (i.e. not in debug log mode)
- vconsole-setup: add more log messages
- units: restore Before dependencies for systemd-vconsole-setup.service
- vconsole-setup: add lots of debug messages
- Add enable_disable() helper
- vconsole: correct kernel command line namespace
- vconsole: Don't do static installation under sysinit.target
- vconsole: use KD_FONT_OP_GET/SET to handle copying (bsc#1181636)
- vconsole: updates of keyboard/font loading functions
- vconsole: Add generic is_*() functions
- vconsole: add two new toggle functions, remove old enable/disable ones
- vconsole: copy font to 63 consoles instead of 15
- vconsole: add log_oom() where appropriate
- vconsole-setup: Store fonts on heap (#3268)
- errno-util: add new errno_or_else() helper
The following fix is now integrated upstream:
- CVE-2022-4415: coredump: do not allow user to access coredumps with changed uid/gid/capabilities (bsc#1205000).
The following package changes have been done:
- libsystemd0-228-157.49.1 updated
- libudev1-228-157.49.1 updated
