SUSE-CU-2020:50-1: Security update of suse/sles12sp5

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Fri Feb 7 00:00:42 MST 2020


SUSE Container Update Advisory: suse/sles12sp5
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:50-1
Container Tags        : suse/sles12sp5:5.2.284 , suse/sles12sp5:latest
Container Release     : 5.2.284
Severity              : important
Type                  : security
References            : 1106383 1127557 1133495 1139459 1140631 1150595 1151377 1151506
                        1154043 1154948 1155574 1156482 1159814 1162108 CVE-2020-1712
-----------------------------------------------------------------

The container suse/sles12sp5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:353-1
Released:    Thu Feb  6 17:34:41 2020
Summary:     Security update for systemd
Type:        security
Severity:    important
References:  1106383,1127557,1133495,1139459,1140631,1150595,1151377,1151506,1154043,1154948,1155574,1156482,1159814,1162108,CVE-2020-1712
Description:

This update for systemd provides the following fixes:

- CVE-2020-1712 (bsc#bsc#1162108)
  Fix a heap use-after-free vulnerability, when asynchronous
  Polkit queries were performed while handling Dbus messages. A local
  unprivileged attacker could have abused this flaw to crash systemd services or
  potentially execute code and elevate their privileges, by sending specially
  crafted Dbus messages.
- sd-bus: Deal with cookie overruns. (bsc#1150595)
- rules: Add by-id symlinks for persistent memory. (bsc#1140631)
- Drop the old fds used for logging and reopen them in the sub process before doing any
  new logging. (bsc#1154948)
- Fix warnings thrown during package installation (bsc#1154043)
- Fix for systemctl hanging by restart. (bsc#1139459)
- man: mention that alias names are only effective after 'systemctl enable'. (bsc#1151377)
- ask-password: improve log message when inotify limit is reached. (bsc#1155574)
- udevd: wait for workers to finish when exiting. (bsc#1106383)
- core: fragments of masked units ought not be considered for NeedDaemonReload. (bsc#1156482)
- udev: fix 'NULL' deref when executing rules. (bsc#1151506)
- Introduce function for reading virtual files in 'sysfs' and 'procfs'. (bsc#1133495, bsc#1159814)



More information about the sle-security-updates mailing list