-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.0438
              SUSE-SU-2020:0335-1 Security update for systemd
                              7 February 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           systemd
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account      
                   Reduced Security                -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-1712 CVE-2019-20386 

Reference:         ESB-2020.0432
                   ESB-2020.0428

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2020/suse-su-20200335-1.html

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for systemd

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:0335-1
Rating:            important
References:        #1084671 #1092920 #1106383 #1133495 #1151377 #1154256
                   #1155207 #1155574 #1156213 #1156482 #1158485 #1159814
                   #1161436 #1162108
Cross-References:  CVE-2019-20386 CVE-2020-1712
Affected Products:
                   SUSE Linux Enterprise Server for SAP 15
                   SUSE Linux Enterprise Server 15-LTSS
                   SUSE Linux Enterprise Module for Open Buildservice Development 
		   Tools 15-SP1
                   SUSE Linux Enterprise Module for Open Buildservice Development 
		   Tools 15
                   SUSE Linux Enterprise Module for Basesystem 15-SP1
                   SUSE Linux Enterprise Module for Basesystem 15
                   SUSE Linux Enterprise High Performance Computing 15-LTSS
                   SUSE Linux Enterprise High Performance Computing 15-ESPOS
______________________________________________________________________________

An update that solves two vulnerabilities and has 12 fixes is now available.

Description:

This update for systemd fixes the following issues:

  o CVE-2020-1712 (bsc#bsc#1162108) Fix a heap use-after-free vulnerability,
    when asynchronous Polkit queries were performed while handling Dbus
    messages. A local unprivileged attacker could have abused this flaw to
    crash systemd services or potentially execute code and elevate their
    privileges, by sending specially crafted Dbus messages.


  o Use suse.pool.ntp.org server pool on SLE distros (jsc#SLE-7683)


  o libblkid: open device in nonblock mode. (bsc#1084671)
  o udev/cdrom_id: Do not open CD-rom in exclusive mode. (bsc#1154256)
  o bus_open leak sd_event_source when udevadm triggera   (bsc#1161436
    CVE-2019-20386)
  o fileio: introduce read_full_virtual_file() for reading virtual files in
    sysfs, procfs (bsc#1133495 bsc#1159814)
  o fileio: initialize errno to zero before we do fread()
  o fileio: try to read one byte too much in read_full_stream()
  o logind: consider "greeter" sessions suitable as "display" sessions of a
    user (bsc#1158485)
  o logind: never elect a session that is stopping as display


  o journal: include kmsg lines from the systemd process which exec()d us (#
    8078)
  o udevd: don't use monitor after manager_exit()
  o udevd: capitalize log messages in on_sigchld()
  o udevd: merge conditions to decrease indentation
  o Revert "udevd: fix crash when workers time out after exit is signal caught"
  o core: fragments of masked units ought not be considered for
    NeedDaemonReload (#7060) (bsc#1156482)
  o udevd: fix crash when workers time out after exit is signal caught
  o udevd: wait for workers to finish when exiting (bsc#1106383)


  o Improve bash completion support (bsc#1155207) * shell-completion:
    systemctl: do not list template units in {re,}start * shell-completion:
    systemctl: pass current word to all list_unit* * bash-completion:
    systemctl: pass current partial unit to list-unit* (bsc#1155207) *
    bash-completion: systemctl: use systemctl --no-pager * bash-completion:
    also suggest template unit files * bash-completion: systemctl: add missing
    options and verbs * bash-completion: use the first argument instead of the
    global variable (#6457)


  o networkd: VXLan Make group and remote variable separate (bsc#1156213)
  o networkd: vxlan require Remote= to be a non multicast address (#8117) (bsc#
    1156213)
  o fs-util: let's avoid unnecessary strerror()
  o fs-util: introduce inotify_add_watch_and_warn() helper
  o ask-password: improve log message when inotify limit is reached (bsc#
    1155574)
  o shared/install: failing with -ELOOP can be due to the use of an alias in
    install_error() (bsc#1151377)
  o man: alias names can't be used with enable command (bsc#1151377)


  o Add boot option to not use swap at system start (jsc#SLE-7689)


  o Allow YaST to select Iranian (Persian, Farsi) keyboard layout (bsc#1092920)

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Server for SAP 15:
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-335=1
  o SUSE Linux Enterprise Server 15-LTSS:
    zypper in -t patch SUSE-SLE-Product-SLES-15-2020-335=1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools
    15-SP1:
    zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-335=1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:
    zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2020-335=1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-335=1
  o SUSE Linux Enterprise Module for Basesystem 15:
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-2020-335=1
  o SUSE Linux Enterprise High Performance Computing 15-LTSS:
    zypper in -t patch SUSE-SLE-Product-HPC-15-2020-335=1
  o SUSE Linux Enterprise High Performance Computing 15-ESPOS:
    zypper in -t patch SUSE-SLE-Product-HPC-15-2020-335=1

Package List:

  o SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
       libsystemd0-234-24.39.1
       libsystemd0-debuginfo-234-24.39.1
       libudev-devel-234-24.39.1
       libudev1-234-24.39.1
       libudev1-debuginfo-234-24.39.1
       systemd-234-24.39.1
       systemd-container-234-24.39.1
       systemd-container-debuginfo-234-24.39.1
       systemd-coredump-234-24.39.1
       systemd-coredump-debuginfo-234-24.39.1
       systemd-debuginfo-234-24.39.1
       systemd-debugsource-234-24.39.1
       systemd-devel-234-24.39.1
       systemd-sysvinit-234-24.39.1
       udev-234-24.39.1
       udev-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Server for SAP 15 (x86_64):
       libsystemd0-32bit-234-24.39.1
       libsystemd0-32bit-debuginfo-234-24.39.1
       libudev1-32bit-234-24.39.1
       libudev1-32bit-debuginfo-234-24.39.1
       systemd-32bit-234-24.39.1
       systemd-32bit-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Server for SAP 15 (noarch):
       systemd-bash-completion-234-24.39.1
  o SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
       libsystemd0-234-24.39.1
       libsystemd0-debuginfo-234-24.39.1
       libudev-devel-234-24.39.1
       libudev1-234-24.39.1
       libudev1-debuginfo-234-24.39.1
       systemd-234-24.39.1
       systemd-container-234-24.39.1
       systemd-container-debuginfo-234-24.39.1
       systemd-coredump-234-24.39.1
       systemd-coredump-debuginfo-234-24.39.1
       systemd-debuginfo-234-24.39.1
       systemd-debugsource-234-24.39.1
       systemd-devel-234-24.39.1
       systemd-sysvinit-234-24.39.1
       udev-234-24.39.1
       udev-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Server 15-LTSS (noarch):
       systemd-bash-completion-234-24.39.1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
    (aarch64 ppc64le s390x x86_64):
       libsystemd0-mini-234-24.39.1
       libsystemd0-mini-debuginfo-234-24.39.1
       libudev-mini-devel-234-24.39.1
       libudev-mini1-234-24.39.1
       libudev-mini1-debuginfo-234-24.39.1
       nss-myhostname-234-24.39.1
       nss-myhostname-debuginfo-234-24.39.1
       nss-mymachines-234-24.39.1
       nss-mymachines-debuginfo-234-24.39.1
       nss-systemd-234-24.39.1
       nss-systemd-debuginfo-234-24.39.1
       systemd-debuginfo-234-24.39.1
       systemd-debugsource-234-24.39.1
       systemd-logger-234-24.39.1
       systemd-mini-234-24.39.1
       systemd-mini-container-mini-234-24.39.1
       systemd-mini-container-mini-debuginfo-234-24.39.1
       systemd-mini-coredump-mini-234-24.39.1
       systemd-mini-coredump-mini-debuginfo-234-24.39.1
       systemd-mini-debuginfo-234-24.39.1
       systemd-mini-debugsource-234-24.39.1
       systemd-mini-devel-234-24.39.1
       systemd-mini-sysvinit-234-24.39.1
       udev-mini-234-24.39.1
       udev-mini-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
    (x86_64):
       libudev-devel-32bit-234-24.39.1
       nss-myhostname-32bit-234-24.39.1
       nss-myhostname-32bit-debuginfo-234-24.39.1
       nss-mymachines-32bit-234-24.39.1
       nss-mymachines-32bit-debuginfo-234-24.39.1
       systemd-32bit-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
    (noarch):
       systemd-mini-bash-completion-234-24.39.1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
    (aarch64 ppc64le s390x x86_64):
       libsystemd0-mini-234-24.39.1
       libsystemd0-mini-debuginfo-234-24.39.1
       libudev-mini-devel-234-24.39.1
       libudev-mini1-234-24.39.1
       libudev-mini1-debuginfo-234-24.39.1
       nss-myhostname-234-24.39.1
       nss-myhostname-debuginfo-234-24.39.1
       nss-mymachines-234-24.39.1
       nss-mymachines-debuginfo-234-24.39.1
       nss-systemd-234-24.39.1
       nss-systemd-debuginfo-234-24.39.1
       systemd-debuginfo-234-24.39.1
       systemd-debugsource-234-24.39.1
       systemd-logger-234-24.39.1
       systemd-mini-234-24.39.1
       systemd-mini-container-mini-234-24.39.1
       systemd-mini-container-mini-debuginfo-234-24.39.1
       systemd-mini-coredump-mini-234-24.39.1
       systemd-mini-coredump-mini-debuginfo-234-24.39.1
       systemd-mini-debuginfo-234-24.39.1
       systemd-mini-debugsource-234-24.39.1
       systemd-mini-devel-234-24.39.1
       systemd-mini-sysvinit-234-24.39.1
       udev-mini-234-24.39.1
       udev-mini-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
    (noarch):
       systemd-mini-bash-completion-234-24.39.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x
    x86_64):
       libsystemd0-234-24.39.1
       libsystemd0-debuginfo-234-24.39.1
       libudev-devel-234-24.39.1
       libudev1-234-24.39.1
       libudev1-debuginfo-234-24.39.1
       systemd-234-24.39.1
       systemd-container-234-24.39.1
       systemd-container-debuginfo-234-24.39.1
       systemd-coredump-234-24.39.1
       systemd-coredump-debuginfo-234-24.39.1
       systemd-debuginfo-234-24.39.1
       systemd-debugsource-234-24.39.1
       systemd-devel-234-24.39.1
       systemd-sysvinit-234-24.39.1
       udev-234-24.39.1
       udev-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1 (x86_64):
       libsystemd0-32bit-234-24.39.1
       libsystemd0-32bit-debuginfo-234-24.39.1
       libudev1-32bit-234-24.39.1
       libudev1-32bit-debuginfo-234-24.39.1
       systemd-32bit-234-24.39.1
       systemd-32bit-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1 (noarch):
       systemd-bash-completion-234-24.39.1
  o SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x
    x86_64):
       libsystemd0-234-24.39.1
       libsystemd0-debuginfo-234-24.39.1
       libudev-devel-234-24.39.1
       libudev1-234-24.39.1
       libudev1-debuginfo-234-24.39.1
       systemd-234-24.39.1
       systemd-container-234-24.39.1
       systemd-container-debuginfo-234-24.39.1
       systemd-coredump-234-24.39.1
       systemd-coredump-debuginfo-234-24.39.1
       systemd-debuginfo-234-24.39.1
       systemd-debugsource-234-24.39.1
       systemd-devel-234-24.39.1
       systemd-sysvinit-234-24.39.1
       udev-234-24.39.1
       udev-debuginfo-234-24.39.1
  o SUSE Linux Enterprise Module for Basesystem 15 (noarch):
       systemd-bash-completion-234-24.39.1
  o SUSE Linux Enterprise Module for Basesystem 15 (x86_64):
       libsystemd0-32bit-234-24.39.1
       libsystemd0-32bit-debuginfo-234-24.39.1
       libudev1-32bit-234-24.39.1
       libudev1-32bit-debuginfo-234-24.39.1
       systemd-32bit-234-24.39.1
       systemd-32bit-debuginfo-234-24.39.1
  o SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
       libsystemd0-234-24.39.1
       libsystemd0-debuginfo-234-24.39.1
       libudev-devel-234-24.39.1
       libudev1-234-24.39.1
       libudev1-debuginfo-234-24.39.1
       systemd-234-24.39.1
       systemd-container-234-24.39.1
       systemd-container-debuginfo-234-24.39.1
       systemd-coredump-234-24.39.1
       systemd-coredump-debuginfo-234-24.39.1
       systemd-debuginfo-234-24.39.1
       systemd-debugsource-234-24.39.1
       systemd-devel-234-24.39.1
       systemd-sysvinit-234-24.39.1
       udev-234-24.39.1
       udev-debuginfo-234-24.39.1
  o SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
       systemd-bash-completion-234-24.39.1
  o SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
       libsystemd0-32bit-234-24.39.1
       libsystemd0-32bit-debuginfo-234-24.39.1
       libudev1-32bit-234-24.39.1
       libudev1-32bit-debuginfo-234-24.39.1
       systemd-32bit-234-24.39.1
       systemd-32bit-debuginfo-234-24.39.1
  o SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
       libsystemd0-234-24.39.1
       libsystemd0-debuginfo-234-24.39.1
       libudev-devel-234-24.39.1
       libudev1-234-24.39.1
       libudev1-debuginfo-234-24.39.1
       systemd-234-24.39.1
       systemd-container-234-24.39.1
       systemd-container-debuginfo-234-24.39.1
       systemd-coredump-234-24.39.1
       systemd-coredump-debuginfo-234-24.39.1
       systemd-debuginfo-234-24.39.1
       systemd-debugsource-234-24.39.1
       systemd-devel-234-24.39.1
       systemd-sysvinit-234-24.39.1
       udev-234-24.39.1
       udev-debuginfo-234-24.39.1
  o SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
       systemd-bash-completion-234-24.39.1
  o SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
       libsystemd0-32bit-234-24.39.1
       libsystemd0-32bit-debuginfo-234-24.39.1
       libudev1-32bit-234-24.39.1
       libudev1-32bit-debuginfo-234-24.39.1
       systemd-32bit-234-24.39.1
       systemd-32bit-debuginfo-234-24.39.1


References:

  o https://www.suse.com/security/cve/CVE-2019-20386.html
  o https://www.suse.com/security/cve/CVE-2020-1712.html
  o https://bugzilla.suse.com/1084671
  o https://bugzilla.suse.com/1092920
  o https://bugzilla.suse.com/1106383
  o https://bugzilla.suse.com/1133495
  o https://bugzilla.suse.com/1151377
  o https://bugzilla.suse.com/1154256
  o https://bugzilla.suse.com/1155207
  o https://bugzilla.suse.com/1155574
  o https://bugzilla.suse.com/1156213
  o https://bugzilla.suse.com/1156482
  o https://bugzilla.suse.com/1158485
  o https://bugzilla.suse.com/1159814
  o https://bugzilla.suse.com/1161436
  o https://bugzilla.suse.com/1162108

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXjys42aOgq3Tt24GAQgPww/+MVwRX590uKX/UZE2EaJnkl5yIRG2FF/V
5wxnrBs1ClEofCnuKyfEkU6rwDUlqb7O2j9yZlwVxJyL3PjPl6r0Rtre4575z3O8
P94WCzgy5/8Go4Z5O9FLDB1tv9jowv8T5/ilwSqatMZIIxL9B7tkvojujZsXvUcU
KrpB7zwLBrWMIsPAa/lkQGDze8RPZmNWKC5RiE3reWocHLrgCqfBLnVe6MwzobQl
oOsxzSiW9SSjxrAgy7etX/OWf8w1vOJVkOM92fAf9CtbKqsg0FY/57IE4qC6UFCS
tSteWpQHKj+UYKSZxygFjib00cNRIkIHSzeai/yN0cBihHGJ18u1jbHgP34/4PuB
kI8CyHuaNmq/ABQ35om1xA4dAmcUKpkeBjXwQiWDqBVPnuVmLK3s2SkkSrZrGT6C
TvTpmc6SslL43ImCrQtB1avUKDckAeKiQpSSiECaCiRUNC1Zs7gwg3WBhI/aMEA9
Q5qEl8/iel2AAUeGSHT/pcIb6adx62l2m8BOGaDPER1QMaTViwFFDkMgjjmrVQqz
/1U/2Hr+udHfxmqrm8rhxjMvPMZos9cRh13I5ER0kU1ygdf2bS+qdLQ3vxVS1CYo
yMkYFRrMhgIpR7yXxzl+YHG0Xt44wtkaH9G7Tfmw4lUOA1eex9Jhq+3zDEMzIEF4
iZ/rE4WWLfs=
=o6AI
-----END PGP SIGNATURE-----