Operating System:

[SUSE]

Published:

18 December 2020

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.4477
                  Optional update for systemd-rpm-macros
                             18 December 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           systemd-rpm-macros
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Reduced Security -- Unknown/Unspecified
Resolution:        Patch/Upgrade

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2020/suse-ou-20203835-1

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Optional Update: Optional update for systemd-rpm-macros

______________________________________________________________________________

Announcement ID:   SUSE-OU-2020:3835-1
Rating:            low
References:        #1059627 #1178481 #1179020
Affected Products:
                   SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________

An update that has three optional fixes and contains one feature can now be
installed.

Description:

This update for systemd-rpm-macros fixes the following issues:
Many changes have been applied with this update. The ones outlined below are
the most important ones. Please refer to the systemd-rpm-macros.rpm changelog
for a full list of all changes.

  o Move macros.systemd from /etc to /usr macros.systemd has never meant to be
    modified and treated like a configuration file. Hence let's move it to /usr
    and don't tag it with %config. In the very unlikely case it's been
    modified, it will be backed up with .rpmsave extension but no more read by
    rpmbuild.
  o Added missing macro %_userpresetdir Escape "--user" and "--global"
    arguments with "\\" since rpm treats arguments starting with "-" as macro
    options which causes "Unknown option" rpm error. Use %{expand:...} to force
    expansion of the inner macro. Otherwise %{*} is recursively defined as "\
    --user \--global {%*}" which causes "Too many levels of recursion in macro
    expansion" rpm error.
  o Deprecate '-f'/'-n' options When used with %service_del_preun, support for
    these options will be dropped as DISABLE_STOP_ON_REMOVAL support will be
    removed on the next version of SLE (jsc#SLE-8968) When used with
    %service_del_postun, they should be replaced with their counterpart
    %service_del_postun_with_restart/%service_del_postun_without_restart
  o Backport %service_del_postun_with_restart() It's the counterpart of
    %service_del_postun_without_restart() and replaces the '-f' option of
    %service_del_postun().
  o Backport %systemd_ordering This macro is already available in later distros
    and should ease backports of packages, which rely on it.
  o Dont apply presets when migrating from a disabled initscript (bsc#1178481)

Patch Instructions:

To install this SUSE Optional Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Server 12-SP5:
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3835=1

Package List:

  o SUSE Linux Enterprise Server 12-SP5 (noarch):
       systemd-rpm-macros-5-10.19.1


References:

  o https://bugzilla.suse.com/1059627
  o https://bugzilla.suse.com/1178481
  o https://bugzilla.suse.com/1179020

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX9wC/+NLKJtyKPYoAQgATw//bqGl5KkFhrLevN1LDnViER1G+4neZMTz
NGBeCfb3DFrbNEdoQneCAamWZG5yQDNyGhnSl5D/j5+Bt6wW6vNEyqpNI77ATYov
bSrVcNewNQhWd9ayigL1A3ilXrxOHKLlR3BrN2fwQJH8BSE0+0XLpzpogHQ7/irI
5tkhyBa/LZ6SkNDZC9S2M3/n6460UzQT6CRrVMSNJIb97T4v++8NfjjAK4LOdcOi
82tcl42tmar9hLCEKssJn9Zg04O3riFRtfh2JlJqY53h9XdYTqKeFc/cZGLSWmCi
mvPQZrBnaLLB3/1ipBO5enTBFqm5BibK0r4ubcC/yp/khT35Olwyo3eKWSIOxfNo
nB0pGTiDbN74FAWuw39ZKcXoHbGVS4tIVj8FJvGXfbORQvqTjIxPz1n4545wEgb5
iQaxfEBwG8GJud5biFhP1GmuN7E2O0V3bW2BCyGBhrNIdHdsYuZOTzOJM1XQyRNl
+6SyltpZP5LFAZDYxwNgFAHxEBZUlgLcyXEpS1WZBe+Ig9fgq07e8qHmhEJbm+Hj
EixT3v2zWXYEDYHiMdnMRZp57tm7w9ygolKzvC1r1fUsGHTr1DnTDXPso+LjiioN
N8vegR6WgOnAfmEC6jx/inZv8nYr2HHF9/opvU+gRcmWTq7jgk8m6Gg4PbWD5msY
SIjNyqsMXlI=
=NTP+
-----END PGP SIGNATURE-----