Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 26 articles for you...
100
security advisorysecurity updateSUSESUSE: 2023:2768-1 Moderate Security Update for Toolbox Released
The container suse/sle-micro/5.5/toolbox was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle-micro/5.5/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2768-1 Container Tags : suse/sle-micro/5.5/toolbox:12.1 , suse/sle-micro/5.5/toolbox:12.1-2.2.29 , suse/sle-micro/5.5/toolbox:latest Container Release : 2.2.29 Severity : moderate Type : security References : 1103893 1112183 1186606 1194609 1208194 1209741 1210702 1211576 1212434 1213185 1213575 1213873 1214025 1214071 CVE-2023-4156 ----------------------------------------------------------------- The container suse/sle-micro/5.5/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3440-1 Released: Mon Aug 28 08:57:10 2023 Summary: Security update for gawk Type: security Severity: low References: 1214025,CVE-2023-4156 This update for gawk fixes the following issues: - CVE-2023-4156: Fix a heap out of bound read by validating the index into argument list. (bsc#1214025) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3451-1 Released: Mon Aug 28 12:15:22 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1186606,1194609,1208194,1209741,1210702,1211576,1212434,1213185,1213575,1213873 This update for systemd fixes the following issues: - Fix reboot and shutdown issues by getting only active MD arrays (bsc#1211576, bsc#1212434, bsc#1213575) - Decrease devlink priority for iso disks (bsc#1213185) - Do not ignore mount point paths longer than 255 characters (bsc#1208194) - Refuse hibernation if there's no possible way to resume (bsc#1186606) - Update 'korean' and 'arabic' keyboard layouts (bsc#1210702) - Drop some entries no longerneeded by YaST (bsc#1194609) - The 'systemd --user' instances get their own session keyring instead of the user default one (bsc#1209741) - Dynamically allocate receive buffer to handle large amount of mounts (bsc#1213873) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3466-1 Released: Tue Aug 29 07:33:16 2023 Summary: Recommended update for icu Type: recommended Severity: moderate References: 1103893,1112183 This update for icu fixes the following issues: - Japanese era Reiwa (bsc#1112183, bsc#1103893, fate570, fate#325570, fate#325419) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3485-1 Released: Tue Aug 29 14:20:56 2023 Summary: Recommended update for lvm2 Type: recommended Severity: moderate References: 1214071 This update for lvm2 fixes the following issues: - blkdeactivate calls wrong mountpoint cmd (bsc#1214071) The following package changes have been done: - gawk-4.2.1-150000.3.3.1 updated - libdevmapper1_03-2.03.16_1.02.185-150500.7.6.1 updated - libicu-suse65_1-65.1-150200.4.8.1 updated - libicu65_1-ledata-65.1-150200.4.8.1 updated - systemd-249.16-150400.8.33.1 updated . Critical security enhancement for SUSE container: suse/sle-micro/5.5/toolbox addressing flaws and system stability concerns.. Container Security, SUSE Toolbox Update, System Security. . LinuxSecurity.com Team
Aug 30, 2023
SuSE
98
security advisoryprivilege escalationbug fixRedHat Enterprise Linux 8: RHSA-2023:3837-01 Moderate: Systemd Update
An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: systemd security and bug fix update Advisory ID: RHSA-2023:3837-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3837 Issue date: 2023-06-27 CVE Names: CVE-2023-26604 ==================================================================== 1. Summary: An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: privilege escalation via the less pager (CVE-2023-26604) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * systemd-pstore crashes when attempting to move standalone files out of /sys/fs/pstore (BZ#2190153) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2175611 - CVE-2023-26604 systemd: privilege escalation via the less pager 2190153 - systemd-pstore crashes when attempting to move standalone files out of /sys/fs/pstore [rhel-8.8.0.z] 6. Package List: Red Hat Enterprise Linux BaseOS (v.8): Source: systemd-239-74.el8_8.2.src.rpm aarch64: systemd-239-74.el8_8.2.aarch64.rpm systemd-container-239-74.el8_8.2.aarch64.rpm systemd-container-debuginfo-239-74.el8_8.2.aarch64.rpm systemd-debuginfo-239-74.el8_8.2.aarch64.rpm systemd-debugsource-239-74.el8_8.2.aarch64.rpm systemd-devel-239-74.el8_8.2.aarch64.rpm systemd-journal-remote-239-74.el8_8.2.aarch64.rpm systemd-journal-remote-debuginfo-239-74.el8_8.2.aarch64.rpm systemd-libs-239-74.el8_8.2.aarch64.rpm systemd-libs-debuginfo-239-74.el8_8.2.aarch64.rpm systemd-pam-239-74.el8_8.2.aarch64.rpm systemd-pam-debuginfo-239-74.el8_8.2.aarch64.rpm systemd-tests-239-74.el8_8.2.aarch64.rpm systemd-tests-debuginfo-239-74.el8_8.2.aarch64.rpm systemd-udev-239-74.el8_8.2.aarch64.rpm systemd-udev-debuginfo-239-74.el8_8.2.aarch64.rpm ppc64le: systemd-239-74.el8_8.2.ppc64le.rpm systemd-container-239-74.el8_8.2.ppc64le.rpm systemd-container-debuginfo-239-74.el8_8.2.ppc64le.rpm systemd-debuginfo-239-74.el8_8.2.ppc64le.rpm systemd-debugsource-239-74.el8_8.2.ppc64le.rpm systemd-devel-239-74.el8_8.2.ppc64le.rpm systemd-journal-remote-239-74.el8_8.2.ppc64le.rpm systemd-journal-remote-debuginfo-239-74.el8_8.2.ppc64le.rpm systemd-libs-239-74.el8_8.2.ppc64le.rpm systemd-libs-debuginfo-239-74.el8_8.2.ppc64le.rpm systemd-pam-239-74.el8_8.2.ppc64le.rpm systemd-pam-debuginfo-239-74.el8_8.2.ppc64le.rpm systemd-tests-239-74.el8_8.2.ppc64le.rpm systemd-tests-debuginfo-239-74.el8_8.2.ppc64le.rpm systemd-udev-239-74.el8_8.2.ppc64le.rpm systemd-udev-debuginfo-239-74.el8_8.2.ppc64le.rpm s390x: systemd-239-74.el8_8.2.s390x.rpm systemd-container-239-74.el8_8.2.s390x.rpm systemd-container-debuginfo-239-74.el8_8.2.s390x.rpm systemd-debuginfo-239-74.el8_8.2.s390x.rpm systemd-debugsource-239-74.el8_8.2.s390x.rpm systemd-devel-239-74.el8_8.2.s390x.rpm systemd-journal-remote-239-74.el8_8.2.s390x.rpm systemd-journal-remote-debuginfo-239-74.el8_8.2.s390x.rpm systemd-libs-239-74.el8_8.2.s390x.rpm systemd-libs-debuginfo-239-74.el8_8.2.s390x.rpm systemd-pam-239-74.el8_8.2.s390x.rpm systemd-pam-debuginfo-239-74.el8_8.2.s390x.rpm systemd-tests-239-74.el8_8.2.s390x.rpm systemd-tests-debuginfo-239-74.el8_8.2.s390x.rpm systemd-udev-239-74.el8_8.2.s390x.rpm systemd-udev-debuginfo-239-74.el8_8.2.s390x.rpm x86_64: systemd-239-74.el8_8.2.i686.rpm systemd-239-74.el8_8.2.x86_64.rpm systemd-container-239-74.el8_8.2.i686.rpm systemd-container-239-74.el8_8.2.x86_64.rpm systemd-container-debuginfo-239-74.el8_8.2.i686.rpm systemd-container-debuginfo-239-74.el8_8.2.x86_64.rpm systemd-debuginfo-239-74.el8_8.2.i686.rpm systemd-debuginfo-239-74.el8_8.2.x86_64.rpm systemd-debugsource-239-74.el8_8.2.i686.rpm systemd-debugsource-239-74.el8_8.2.x86_64.rpm systemd-devel-239-74.el8_8.2.i686.rpm systemd-devel-239-74.el8_8.2.x86_64.rpm systemd-journal-remote-239-74.el8_8.2.x86_64.rpm systemd-journal-remote-debuginfo-239-74.el8_8.2.i686.rpm systemd-journal-remote-debuginfo-239-74.el8_8.2.x86_64.rpm systemd-libs-239-74.el8_8.2.i686.rpm systemd-libs-239-74.el8_8.2.x86_64.rpm systemd-libs-debuginfo-239-74.el8_8.2.i686.rpm systemd-libs-debuginfo-239-74.el8_8.2.x86_64.rpm systemd-pam-239-74.el8_8.2.x86_64.rpm systemd-pam-debuginfo-239-74.el8_8.2.i686.rpm systemd-pam-debuginfo-239-74.el8_8.2.x86_64.rpm systemd-tests-239-74.el8_8.2.x86_64.rpm systemd-tests-debuginfo-239-74.el8_8.2.i686.rpm systemd-tests-debuginfo-239-74.el8_8.2.x86_64.rpm systemd-udev-239-74.el8_8.2.x86_64.rpm systemd-udev-debuginfo-239-74.el8_8.2.i686.rpm systemd-udev-debuginfo-239-74.el8_8.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-26604 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBZJsFPdzjgjWX9erEAQg9mxAAhxgbXiu3Eu2aeUQ81GFm9/vpDSPGUzpz crgGUrCDlPaF+/N7F4I/AzltTamBx1Bs1PyB8dPS5r5+B2mLk84tEpXiiClUx9tl PGG7Fy55+dQqA6f+bnwQKhV+HcJvBz1v8gP//flzjMPiMHMBxmRa5b0gYUJVaT9b i0/X3aiZuUasdf1vveksCTyU3RZTXpRPx6nd94uV1ehYKwzXwOms/2YwuapBgO6w cqAM0y2FLLNyD9oc/eYOvBhp8uYIgVfGiz7AQEZL+/7omzcLXgLt45aEyUJz3h+Q AsrTfJikWAOJ8AQ7CvXbiWQSvdPlt2xiTZ8WSmjJuK6q9sae1rf43Y3g3imZh/Xl WlWr9TbnJhAp4VPwvImMyBM8AbjVGtt+Nj6TyxZWBQmLYXZOxrfpN8ktmLA79JI0 hIlZZJc7mOoDtq3MpD+WXOPB3m0wLbxNgeNvf28NOb+uf2McCGY/0Me5/mGPOGvx zA78WpEMcLI3qtNSrm+MQy5/hofULuCAlTKjQdOTxltx1CPVnW/zFsJAi6cVmi9B LPBvsQ82oInuoA4insyHDqr4wKtuHYK505BbnDBkDMmqbGb7h0acIwDLCDfSGAgt do5bOr4zDWSClDdgzim49LAsIIfmTr73cVKWM4r79QKikxsHLaJ2HTCyQBANOGnt 3CcgaKZb5Kk=TJ1r -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 27, 2023
Red Hat
100
security advisoryimportantsystemd updateSUSE: 2023:1659-1 Important: bci/openjdk-devel Security Update
The container bci/openjdk-devel was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/openjdk-devel ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1659-1 Container Tags : bci/openjdk-devel:11 , bci/openjdk-devel:11-39.112 Container Release : 39.112 Severity : important Type : security References : 1203141 1207410 1211230 1211231 1211232 1211233 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 ----------------------------------------------------------------- The container bci/openjdk-devel was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2224-1 Released: Wed May 17 09:53:54 2023 Summary: Security update for curl Type: security Severity: important References: 1211230,1211231,1211232,1211233,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322 This update for curl adds the following feature: Update to version 8.0.1 (jsc#PED-2580) - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230). - CVE-2023-28320: siglongjmp race condition (bsc#1211231). - CVE-2023-28321: IDN wildcard matching (bsc#1211232). - CVE-2023-28322: POST-after-PUT confusion (bsc#1211233). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2240-1 Released: Wed May 17 19:56:54 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1203141,1207410 This update for systemd fixes the following issues: - udev-rules: fix nvme symlink creation on namespace changes (bsc#1207410) - Optimize when hundred workers claim the same symlink with the same priority (bsc#1203141) - Add nss-resolve and systemd-network to Packagehub-Subpackages(MSC-626) ----------------------------------------------------------------- Advisory ID: SUSE-feature-2023:2269-1 Released: Mon May 22 14:50:34 2023 Summary: Feature update for javapackages-tools Type: feature Severity: moderate References: This update for javapackages-tools fixes the following issues: - Version update from 5.3.1 to 6.1.0 (jsc#SLE-23217): * Add apache-rat-plugin to skippedPlugins * Add bootstrap metadata to XMvn resolver config * Add location of java binary used by the java-1.8.0-openjdk (JRE) package so that setting JAVA_HOME will work correctly * Add lua interpreter to check and GH actions * Add Lua scripts for removing annotations * Add more tests, fix behaviour * Add separate subpackage with RPM generators * Adding ppc64le architecture support on travis-ci * Delete run_tests.py * Drop deprecated add_maven_depmap macro * Drop SCL support * Fix builddep snippet generation * Fix extra XML handling of pom_change_dep * Fix invalid in XMvn configuration * Fix provides matching * Fix running tests without coverage * Implement separate simple class name matching * Introduce common and extra subpackages * Make generated javadoc package noarch * Make scripts compatible with rpmlua * Migrate CI from TravisCI to GitHub Actions * Modularize Lua scripts * Remove dependency on Six compatibility library * Remove explicit import of Python 3 features * Remove license headers from wrapper scripts * Remove Python 3.5 from .travis.yml * Replace nose by pytest * Skip execution of various Maven plugins * Update build status badge in README.md * Update documentation * Update ivy-local-classpath * Use XMvn Javadoc MOJO by default - Remove requirement to python-six as it is not needed The following package changes have been done: - libudev1-249.16-150400.8.28.3 updated - libsystemd0-249.16-150400.8.28.3 updated - libcurl4-8.0.1-150400.5.23.1 updated - javapackages-filesystem-6.1.0-150200.3.7.1 updated -javapackages-tools-6.1.0-150200.3.7.1 updated - container:bci-openjdk-11-15.4.11-35.58 updated . Crucial patch release for SUSE's bci/openjdk-runtime image, resolving various vulnerabilities and strengthening overall security.. SUSE Security Update, bci/openjdk-devel Update, container advisory. . Severity: Important. LinuxSecurity.com Team
May 30, 2023
•Important
SuSE
100
security advisoryimportantsystemd updateSUSE 2023:1645-1 Important: Bci/Rust Security And Curl Fixes
The container bci/rust was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/rust ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1645-1 Container Tags : bci/rust:1.69 , bci/rust:1.69-2.12 , bci/rust:latest Container Release : 2.12 Severity : important Type : security References : 1203141 1207410 1211230 1211231 1211232 1211233 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 ----------------------------------------------------------------- The container bci/rust was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2224-1 Released: Wed May 17 09:53:54 2023 Summary: Security update for curl Type: security Severity: important References: 1211230,1211231,1211232,1211233,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322 This update for curl adds the following feature: Update to version 8.0.1 (jsc#PED-2580) - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230). - CVE-2023-28320: siglongjmp race condition (bsc#1211231). - CVE-2023-28321: IDN wildcard matching (bsc#1211232). - CVE-2023-28322: POST-after-PUT confusion (bsc#1211233). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2240-1 Released: Wed May 17 19:56:54 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1203141,1207410 This update for systemd fixes the following issues: - udev-rules: fix nvme symlink creation on namespace changes (bsc#1207410) - Optimize when hundred workers claim the same symlink with the same priority (bsc#1203141) - Add nss-resolve and systemd-network to Packagehub-Subpackages (MSC-626) The following package changes have been done: - libsystemd0-249.16-150400.8.28.3updated - libcurl4-8.0.1-150400.5.23.1 updated - container:sles15-image-15.0.0-27.14.63 updated . SUSE Container Upgrade for bci/python incorporates critical fixes targeting various security vulnerabilities along with enhancements.. bci/rust Security, Curl Update, Container Advisory, System Update. . Severity: Important. LinuxSecurity.com Team
May 25, 2023
•Important
SuSE
100
security advisoryimportantsystemd updateSUSE Bci/Golang Security Advisory: 2023:1631-1 Important Updates
The container bci/golang was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/golang ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1631-1 Container Tags : bci/golang:1.19 , bci/golang:1.19-22.56 Container Release : 22.56 Severity : important Type : security References : 1203141 1207410 1211230 1211231 1211232 1211233 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 ----------------------------------------------------------------- The container bci/golang was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2224-1 Released: Wed May 17 09:53:54 2023 Summary: Security update for curl Type: security Severity: important References: 1211230,1211231,1211232,1211233,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322 This update for curl adds the following feature: Update to version 8.0.1 (jsc#PED-2580) - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230). - CVE-2023-28320: siglongjmp race condition (bsc#1211231). - CVE-2023-28321: IDN wildcard matching (bsc#1211232). - CVE-2023-28322: POST-after-PUT confusion (bsc#1211233). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2240-1 Released: Wed May 17 19:56:54 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1203141,1207410 This update for systemd fixes the following issues: - udev-rules: fix nvme symlink creation on namespace changes (bsc#1207410) - Optimize when hundred workers claim the same symlink with the same priority (bsc#1203141) - Add nss-resolve and systemd-network to Packagehub-Subpackages (MSC-626) The following package changes have been done: - libudev1-249.16-150400.8.28.3 updated -libsystemd0-249.16-150400.8.28.3 updated - libcurl4-8.0.1-150400.5.23.1 updated - container:sles15-image-15.0.0-27.14.63 updated . SUSE Container Update Advisory details changes related to bci/golang, featuring important security improvements, critical patches, and notable updates for enhanced security and performance. SUSE Container Update, Bci/Golang Security, Curl Patches, Systemd Updates. . Severity: Important. LinuxSecurity.com Team
May 25, 2023
•Important
SuSE
217
security advisorysecurity issuemoderate severityOracle Linux 9 ELSA-2023-0954 Moderate: Systemd Security Fix
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-0954 https://linux.oracle.com/errata/ELSA-2023-0954.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: systemd-250-12.0.2.el9_1.3.i686.rpm systemd-250-12.0.2.el9_1.3.x86_64.rpm systemd-container-250-12.0.2.el9_1.3.i686.rpm systemd-container-250-12.0.2.el9_1.3.x86_64.rpm systemd-devel-250-12.0.2.el9_1.3.i686.rpm systemd-devel-250-12.0.2.el9_1.3.x86_64.rpm systemd-journal-remote-250-12.0.2.el9_1.3.x86_64.rpm systemd-libs-250-12.0.2.el9_1.3.i686.rpm systemd-libs-250-12.0.2.el9_1.3.x86_64.rpm systemd-oomd-250-12.0.2.el9_1.3.x86_64.rpm systemd-pam-250-12.0.2.el9_1.3.x86_64.rpm systemd-resolved-250-12.0.2.el9_1.3.x86_64.rpm systemd-rpm-macros-250-12.0.2.el9_1.3.noarch.rpm systemd-udev-250-12.0.2.el9_1.3.x86_64.rpm aarch64: systemd-250-12.0.2.el9_1.3.aarch64.rpm systemd-container-250-12.0.2.el9_1.3.aarch64.rpm systemd-devel-250-12.0.2.el9_1.3.aarch64.rpm systemd-journal-remote-250-12.0.2.el9_1.3.aarch64.rpm systemd-libs-250-12.0.2.el9_1.3.aarch64.rpm systemd-oomd-250-12.0.2.el9_1.3.aarch64.rpm systemd-pam-250-12.0.2.el9_1.3.aarch64.rpm systemd-resolved-250-12.0.2.el9_1.3.aarch64.rpm systemd-rpm-macros-250-12.0.2.el9_1.3.noarch.rpm systemd-udev-250-12.0.2.el9_1.3.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//systemd-250-12.0.2.el9_1.3.src.rpm Related CVEs: CVE-2022-4415 CVE-2022-45873 Description of changes: [250-12.0.2.3] - Backport upstream pstore dmesg fix [Orabug: 34868110] - Remove upstream references [Orabug: 33995357] - Disable unprivileged BPF by default [Orabug: 32870980] - udev rules: fix memory hot add and remove [Orabug: 31310273] - set "RemoveIPC=no" in logind.conf as default for OL7.2 [Orabug: 22224874] - allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469] - fix _netdev is missing for iscsi entry in /etc/fstab (
Mar 01, 2023
Oracle
98
security advisorysecurity fixRed Hat Enterprise LinuxRed Hat Enterprise Linux 9: RHSA-2023:0954-01 Moderate: Systemd Concerns
An update for systemd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: systemd security update Advisory ID: RHSA-2023:0954-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0954 Issue date: 2023-02-28 CVE Names: CVE-2022-4415 CVE-2022-45873 ==================================================================== 1. Summary: An update for systemd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd: local information leak due to systemd-coredump notrespecting fs.suid_dumpable kernel setting (CVE-2022-4415) * systemd: deadlock in systemd-coredump via a crash with a long backtrace (CVE-2022-45873) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2149063 - CVE-2022-45873 systemd: deadlock in systemd-coredump via a crash with a long backtrace 2155515 - CVE-2022-4415 systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 6. Package List: Red Hat Enterprise Linux AppStream (v.9): aarch64: systemd-container-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-debugsource-250-12.el9_1.3.aarch64.rpm systemd-devel-250-12.el9_1.3.aarch64.rpm systemd-devel-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-journal-remote-250-12.el9_1.3.aarch64.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-libs-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-oomd-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-pam-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-resolved-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-udev-debuginfo-250-12.el9_1.3.aarch64.rpm ppc64le: systemd-container-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-debugsource-250-12.el9_1.3.ppc64le.rpm systemd-devel-250-12.el9_1.3.ppc64le.rpm systemd-devel-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-journal-remote-250-12.el9_1.3.ppc64le.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-libs-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-oomd-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-pam-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-resolved-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-udev-debuginfo-250-12.el9_1.3.ppc64le.rpm s390x: systemd-container-debuginfo-250-12.el9_1.3.s390x.rpm systemd-debuginfo-250-12.el9_1.3.s390x.rpm systemd-debugsource-250-12.el9_1.3.s390x.rpm systemd-devel-250-12.el9_1.3.s390x.rpm systemd-devel-debuginfo-250-12.el9_1.3.s390x.rpm systemd-journal-remote-250-12.el9_1.3.s390x.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.s390x.rpm systemd-libs-debuginfo-250-12.el9_1.3.s390x.rpm systemd-oomd-debuginfo-250-12.el9_1.3.s390x.rpm systemd-pam-debuginfo-250-12.el9_1.3.s390x.rpm systemd-resolved-debuginfo-250-12.el9_1.3.s390x.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.s390x.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.s390x.rpm systemd-udev-debuginfo-250-12.el9_1.3.s390x.rpm x86_64: systemd-container-debuginfo-250-12.el9_1.3.i686.rpm systemd-container-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-debuginfo-250-12.el9_1.3.i686.rpm systemd-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-debugsource-250-12.el9_1.3.i686.rpm systemd-debugsource-250-12.el9_1.3.x86_64.rpm systemd-devel-250-12.el9_1.3.i686.rpm systemd-devel-250-12.el9_1.3.x86_64.rpm systemd-devel-debuginfo-250-12.el9_1.3.i686.rpm systemd-devel-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-journal-remote-250-12.el9_1.3.x86_64.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.i686.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-libs-debuginfo-250-12.el9_1.3.i686.rpm systemd-libs-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-oomd-debuginfo-250-12.el9_1.3.i686.rpm systemd-oomd-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-pam-debuginfo-250-12.el9_1.3.i686.rpm systemd-pam-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-resolved-debuginfo-250-12.el9_1.3.i686.rpm systemd-resolved-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.i686.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.i686.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-udev-debuginfo-250-12.el9_1.3.i686.rpm systemd-udev-debuginfo-250-12.el9_1.3.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.9): Source: systemd-250-12.el9_1.3.src.rpm aarch64: systemd-250-12.el9_1.3.aarch64.rpm systemd-container-250-12.el9_1.3.aarch64.rpm systemd-container-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-debugsource-250-12.el9_1.3.aarch64.rpm systemd-devel-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-libs-250-12.el9_1.3.aarch64.rpm systemd-libs-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-oomd-250-12.el9_1.3.aarch64.rpm systemd-oomd-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-pam-250-12.el9_1.3.aarch64.rpm systemd-pam-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-resolved-250-12.el9_1.3.aarch64.rpm systemd-resolved-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.aarch64.rpm systemd-udev-250-12.el9_1.3.aarch64.rpm systemd-udev-debuginfo-250-12.el9_1.3.aarch64.rpm noarch: systemd-rpm-macros-250-12.el9_1.3.noarch.rpm ppc64le: systemd-250-12.el9_1.3.ppc64le.rpm systemd-container-250-12.el9_1.3.ppc64le.rpm systemd-container-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-debugsource-250-12.el9_1.3.ppc64le.rpm systemd-devel-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-libs-250-12.el9_1.3.ppc64le.rpm systemd-libs-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-oomd-250-12.el9_1.3.ppc64le.rpm systemd-oomd-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-pam-250-12.el9_1.3.ppc64le.rpm systemd-pam-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-resolved-250-12.el9_1.3.ppc64le.rpm systemd-resolved-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.ppc64le.rpm systemd-udev-250-12.el9_1.3.ppc64le.rpm systemd-udev-debuginfo-250-12.el9_1.3.ppc64le.rpm s390x: systemd-250-12.el9_1.3.s390x.rpm systemd-container-250-12.el9_1.3.s390x.rpm systemd-container-debuginfo-250-12.el9_1.3.s390x.rpm systemd-debuginfo-250-12.el9_1.3.s390x.rpm systemd-debugsource-250-12.el9_1.3.s390x.rpm systemd-devel-debuginfo-250-12.el9_1.3.s390x.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.s390x.rpm systemd-libs-250-12.el9_1.3.s390x.rpm systemd-libs-debuginfo-250-12.el9_1.3.s390x.rpm systemd-oomd-250-12.el9_1.3.s390x.rpm systemd-oomd-debuginfo-250-12.el9_1.3.s390x.rpm systemd-pam-250-12.el9_1.3.s390x.rpm systemd-pam-debuginfo-250-12.el9_1.3.s390x.rpm systemd-resolved-250-12.el9_1.3.s390x.rpm systemd-resolved-debuginfo-250-12.el9_1.3.s390x.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.s390x.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.s390x.rpm systemd-udev-250-12.el9_1.3.s390x.rpm systemd-udev-debuginfo-250-12.el9_1.3.s390x.rpm x86_64: systemd-250-12.el9_1.3.i686.rpm systemd-250-12.el9_1.3.x86_64.rpm systemd-container-250-12.el9_1.3.i686.rpm systemd-container-250-12.el9_1.3.x86_64.rpm systemd-container-debuginfo-250-12.el9_1.3.i686.rpm systemd-container-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-debuginfo-250-12.el9_1.3.i686.rpm systemd-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-debugsource-250-12.el9_1.3.i686.rpm systemd-debugsource-250-12.el9_1.3.x86_64.rpm systemd-devel-debuginfo-250-12.el9_1.3.i686.rpm systemd-devel-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.i686.rpm systemd-journal-remote-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-libs-250-12.el9_1.3.i686.rpm systemd-libs-250-12.el9_1.3.x86_64.rpm systemd-libs-debuginfo-250-12.el9_1.3.i686.rpm systemd-libs-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-oomd-250-12.el9_1.3.x86_64.rpm systemd-oomd-debuginfo-250-12.el9_1.3.i686.rpm systemd-oomd-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-pam-250-12.el9_1.3.x86_64.rpm systemd-pam-debuginfo-250-12.el9_1.3.i686.rpm systemd-pam-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-resolved-250-12.el9_1.3.x86_64.rpm systemd-resolved-debuginfo-250-12.el9_1.3.i686.rpm systemd-resolved-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.i686.rpm systemd-standalone-sysusers-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.i686.rpm systemd-standalone-tmpfiles-debuginfo-250-12.el9_1.3.x86_64.rpm systemd-udev-250-12.el9_1.3.x86_64.rpm systemd-udev-debuginfo-250-12.el9_1.3.i686.rpm systemd-udev-debuginfo-250-12.el9_1.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-4415 https://access.redhat.com/security/cve/CVE-2022-45873 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY/3zmtzjgjWX9erEAQjVQQ//T3ainOMg7qjaxA1Q91lW4nhLqsyoVSzX kYjdIOJ3Dn8+yEmhZWq73oNZLqWpSzRpDG6LmNHAGYZwnbVa6+bPeMMxvcI2ys89 tYYDIXwDJiNd2NFFzdanN5UnY2qO+NrkHz6MUHb60ZLfecHQLJXmCMZsoYKSDfC/ 4J8wzo4nHoUKGeWQP/0+DkGFS91ZFveJ+xDx6iCh7rY795NKcEbI8ss3yEMrEeKP BznZycfH+wScZrXIaZFvov2h6gExdznqLkBRNHyA0Sfc2e2P1NkbEc5Thx9X6jFH xCNbArQa1TGnyQjkxElgugqb/CUvFFbi/3KnB3hzcwk7jdg8hN9eIvyXuUdN0tVK AL01JjzJP2cSJmxPKyq/5bn6WPPTZIu9fmhsrKMWjUS7yurJECzpUVbFtjagt3YK B6qFITCU/DMe9q+eX2A5elo71Cu1sIbPtve+w3kbmodZ0zsOX+gsImg7hCirxuBT xWKSgmbfdCQiHcDDvHSj6u6xp31+yeMfpho5TN0W655jOwhh7taPwh48CIGPxUWB Rgc4hy268Ur09UkomIJ52KsUJScnqMHPW4X5cLkkFdtWYC0HUaw1b72u4FKFQRPV 48a9iz9LRBG1NBUifWjr9BqRC/pagSasyfIu2WnJmtWTIreBwHh3p5aRsdEUAOFF x94o/J1EsVM=P/XD -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Feb 28, 2023
Red Hat
217
security advisorysecurity issueupdateOracle Linux 8 ELSA-2023-0837 Moderate Systemd Update Details
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-0837 https://linux.oracle.com/errata/ELSA-2023-0837.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: systemd-239-68.0.2.el8_7.4.i686.rpm systemd-239-68.0.2.el8_7.4.x86_64.rpm systemd-container-239-68.0.2.el8_7.4.i686.rpm systemd-container-239-68.0.2.el8_7.4.x86_64.rpm systemd-devel-239-68.0.2.el8_7.4.i686.rpm systemd-devel-239-68.0.2.el8_7.4.x86_64.rpm systemd-journal-remote-239-68.0.2.el8_7.4.x86_64.rpm systemd-libs-239-68.0.2.el8_7.4.i686.rpm systemd-libs-239-68.0.2.el8_7.4.x86_64.rpm systemd-pam-239-68.0.2.el8_7.4.x86_64.rpm systemd-tests-239-68.0.2.el8_7.4.x86_64.rpm systemd-udev-239-68.0.2.el8_7.4.x86_64.rpm aarch64: systemd-239-68.0.2.el8_7.4.aarch64.rpm systemd-container-239-68.0.2.el8_7.4.aarch64.rpm systemd-devel-239-68.0.2.el8_7.4.aarch64.rpm systemd-journal-remote-239-68.0.2.el8_7.4.aarch64.rpm systemd-libs-239-68.0.2.el8_7.4.aarch64.rpm systemd-pam-239-68.0.2.el8_7.4.aarch64.rpm systemd-tests-239-68.0.2.el8_7.4.aarch64.rpm systemd-udev-239-68.0.2.el8_7.4.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//systemd-239-68.0.2.el8_7.4.src.rpm Related CVEs: CVE-2022-4415 Description of changes: [239-68.0.2] - Backport upstream pstore dmesg fix [Orabug: 34850699] - Standardize ioctl (BTRFS_IOC_QGROUP_CREATE) check and return -ENOTCONN, if quota is not enabled [Orabug: 34694253] - Disable unprivileged BPF by default [Orabug: 32870980] - backport upstream pstore tmpfiles patch [Orabug: 31420486] - udev rules: fix memory hot add and remove [Orabug: 31310273] - fix to enable systemd-pstore.service [Orabug: 30951066] - journal: change support URL shown in the catalog entries [Orabug: 30853009] - fix to generate systemd-pstore.service file [Orabug: 30230056] - fix _netdev is missing for iscsi entry in /etc/fstab (
Feb 22, 2023
•Important
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!