ELSA-2021-1611
- ULN >
- Oracle Linux Errata repository >
- ELSA-2021-1611
ELSA-2021-1611 - systemd security, bug fix, and enhancement update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2021-05-25 |
Description
[239-45.0.1]
- backport upstream pstore tmpfiles patch [Orabug: 31420486]
- udev rules: fix memory hot add and remove [Orabug: 31310273]
- fix to enable systemd-pstore.service [Orabug: 30951066]
- journal: change support URL shown in the catalog entries [Orabug: 30853009]
- fix to generate systemd-pstore.service file [Orabug: 30230056]
- fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792]
- set 'RemoveIPC=no' in logind.conf as default for OL7.2 [Orabug: 22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]
- add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]
- Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056]
[239-45]
- Revert 'test: add test cases for empty string match' and 'test: add test case for multi matches when use ||' (#1931947)
- test/sys-script.py: add missing DEVNAME entries to uevents (#1931947)
- sd-event: split out helper functions for reshuffling prioqs (#1819868)
- sd-event: split out enable and disable codepaths from sd_event_source_set_enabled() (#1819868)
- sd-event: mention that two debug logged events are ignored (#1819868)
- sd-event: split clock data allocation out of sd_event_add_time() (#1819868)
- sd-event: split out code to add/remove timer event sources to earliest/latest prioq (#1819868)
- sd-event: fix delays assert brain-o (#17790) (#1819868)
- sd-event: lets suffix last_run/last_log with '_usec' (#1819868)
- sd-event: refuse running default event loops in any other thread than the one they are default for (#1819868)
- sd-event: ref event loop while in sd_event_prepare() ot sd_event_run() (#1819868)
- sd-event: follow coding style with naming return parameter (#1819868)
- sd-event: remove earliest_index/latest_index into common part of event source objects (#1819868)
- sd-event: update state at the end in event_source_enable (#1819868)
- sd-event: increase n_enabled_child_sources just once (#1819868)
- sd-event: add ability to ratelimit event sources (#1819868)
- test: add ratelimiting test (#1819868)
- core: prevent excessive /proc/self/mountinfo parsing (#1819868)
- udev: run link_update() with increased retry count in second invocation (#1931947)
- pam-systemd: use secure_getenv() rather than getenv() (#1687514)
[239-44]
- ci: PowerTools repo was renamed to powertools in RHEL 8.3 (#1871827)
- ci: use quay.io instead of Docker Hub to avoid rate limits (#1871827)
- ci: move jobs from Travis CI to GH Actions (#1871827)
- unit: make UNIT() cast function deal with NULL pointers (#1871827)
- use link to RHEL-8 docs (#1623116)
- cgroup: Also set blkio.bfq.weight (#1657810)
- units: make sure initrd-cleanup.service terminates before switching to rootfs (#1657810)
- core: reload SELinux label cache on daemon-reload (#1888912)
- selinux: introduce mac_selinux_create_file_prepare_at() (#1888912)
- selinux: add trigger for policy reload to refresh internal selabel cache (#1888912)
- udev/net_id: give RHEL-8.4 naming scheme a name (#1827462)
- basic/stat-util: make mtime check stricter and use entire timestamp (#1642728)
- udev: make algorithm that selects highest priority devlink less susceptible to race conditions (#1642728)
- test: create /dev/null in test-udev.pl (#1642728)
- test: missing 'die' (#1642728)
- udev-test: remove a check for whether the test is run in a container (#1642728)
- udev-test: skip the test only if it cant setup its environment (#1642728)
- udev-test: fix test skip condition (#1642728)
- udev-test: fix missing directory test/run (#1642728)
- udev-test: check if permitted to create block device nodes (#1642728)
- test-udev: add a testcase of too long line (#1642728)
- test-udev: use proper semantics for too long line with continuation (#1642728)
- test-udev: add more tests for line continuations and comments (#1642728)
- test-udev: add more tests for line continuation (#1642728)
- test-udev: fix alignment and drop unnecessary white spaces (#1642728)
- test/udev-test.pl: cleanup if skipping test (#1642728)
- test: add test cases for empty string match (#1642728)
- test: add test case for multi matches when use '||' (#1642728)
- udev-test: do not rely on 'mail' group being defined (#1642728)
- test/udev-test.pl: allow multiple devices per test (#1642728)
- test/udev-test.pl: create rules only once (#1642728)
- test/udev-test.pl: allow concurrent additions and removals (#1642728)
- test/udev-test.pl: use computed devnode name (#1642728)
- test/udev-test.pl: test correctness of symlink targets (#1642728)
- test/udev-test.pl: allow checking multiple symlinks (#1642728)
- test/udev-test.pl: fix wrong test descriptions (#1642728)
- test/udev-test.pl: last_rule is unsupported (#1642728)
- test/udev-test.pl: Make some tests a little harder (#1642728)
- test/udev-test.pl: remove bogus rules from magic subsys test (#1642728)
- test/udev-test.pl: merge 'space and var with space' tests (#1642728)
- test/udev-test.pl: merge import parent tests into one (#1642728)
- test/udev-test.pl: count 'good' results (#1642728)
- tests/udev-test.pl: add multiple device test (#1642728)
- test/udev-test.pl: add repeat count (#1642728)
- test/udev-test.pl: generator for large list of block devices (#1642728)
- test/udev-test.pl: suppress umount error message at startup (#1642728)
- test/udev_test.pl: add 'expected good' count (#1642728)
- test/udev-test: gracefully exit when imports fail (#1642728)
[239-43]
- man: mention System Administrators Guide in systemctl manpage (#1623116)
- udev: introduce udev net_id 'naming schemes' (#1827462)
- meson: make net.naming-scheme= default configurable (#1827462)
- man: describe naming schemes in a new man page (#1827462)
- udev/net_id: parse _SUN ACPI index as a signed integer (#1827462)
- udev/net_id: dont generate slot based names if multiple devices might claim the same slot (#1827462)
- fix typo in ProtectSystem= option (#1871139)
- remove references of non-existent man pages (#1876807)
- log: Prefer logging to CLI unless JOURNAL_STREAM is set (#1865840)
- locale-util: add new helper locale_is_installed() (#1755287)
- test: add test case for locale_is_installed() (#1755287)
- tree-wide: port various bits over to locale_is_installed() (#1755287)
- install: allow instantiated units to be enabled via presets (#1812972)
- install: small refactor to combine two function calls into one function (#1812972)
- test: fix a memleak (#1812972)
- docs: Add syntax for templated units to systemd.preset man page (#1812972)
- shared/install: fix preset operations for non-service instantiated units (#1812972)
- introduce setsockopt_int() helper (#1887181)
- socket-util: add generic socket_pass_pktinfo() helper (#1887181)
- core: add new PassPacketInfo= socket unit property (#1887181)
- resolved: tweak cmsg calculation (#1887181)
[239-42]
- logind: dont print warning when user@.service template is masked (#1880270)
- build: use simple project version in pkgconfig files (#1862714)
- basic/virt: try the /proc/1/sched hack also for PID1 (#1868877)
- seccomp: rework how the S[UG]ID filter is installed (#1860374)
- vconsole-setup: downgrade log message when setting font fails on dummy console (#1889996)
- units: fix systemd.special man page reference in system-update-cleanup.service (#1871827)
- units: drop reference to sushell man page (#1871827)
- sd-bus: break the loop in bus_ensure_running() if the bus is not connecting (#1885553)
- core: add new API for enqueing a job with returning the transaction data (#846319)
- systemctl: replace switch statement by table of structures (#846319)
- systemctl: reindent table (#846319)
- systemctl: Only wait when theres something to wait for. (#846319)
- systemctl: clean up start_unit_one() error handling (#846319)
- systemctl: split out extra args generation into helper function of its own (#846319)
- systemctl: add new --show-transaction switch (#846319)
- test: add some basic testing that 'systemctl start -T' does something (#846319)
- man: document the new systemctl --show-transaction option (#846319)
- socket: New option 'FlushPending' (boolean) to flush socket before entering listening state (#1870638)
- core: remove support for API bus 'started outside our own logic' (#1764282)
- mount-setup: fix segfault in mount_cgroup_controllers when using gcc9 compiler (#1868877)
- dbus-execute: make transfer of CPUAffinity endian safe (#12711) (#1740657)
- core: add support for setting CPUAffinity= to special 'numa' value (#1740657)
- basic/user-util: always use base 10 for user/group numbers (#1848373)
- parse-util: sometimes it is useful to check if a string is a valid integer, but not actually parse it (#1848373)
- basic/parse-util: add safe_atoux64() (#1848373)
- parse-util: allow tweaking how to parse integers (#1848373)
- parse-util: allow '-0' as alternative to '0' and '+0' (#1848373)
- parse-util: make return parameter optional in safe_atou16_full() (#1848373)
- parse-util: rewrite parse_mode() on top of safe_atou_full() (#1848373)
- user-util: be stricter in parse_uid() (#1848373)
- strv: add new macro STARTSWITH_SET() (#1848373)
- parse-util: also parse integers prefixed with 0b and 0o (#1848373)
- tests: beef up integer parsing tests (#1848373)
- shared/user-util: add compat forms of user name checking functions (#1848373)
- shared/user-util: emit a warning on names with dots (#1848373)
- user-util: Allow names starting with a digit (#1848373)
- shared/user-util: allow usernames with dots in specific fields (#1848373)
- user-util: switch order of checks in valid_user_group_name_or_id_full() (#1848373)
- user-util: rework how we validate user names (#1848373)
Related CVEs
| CVE-2020-13776 |
| CVE-2019-3842 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | systemd-239-45.0.1.el8.src.rpm | 669171f3c563f9d22d2eee1ff303c3d9aff1034093dc85d156bae0746e8274fb | - | ol8_aarch64_baseos_latest |
| systemd-239-45.0.1.el8.src.rpm | 669171f3c563f9d22d2eee1ff303c3d9aff1034093dc85d156bae0746e8274fb | - | ol8_aarch64_u4_baseos_base | |
| systemd-239-45.0.1.el8.aarch64.rpm | 375d2339d992aa15b74b1a37d796b33236d8f3378b35aba2b42690bbac1c8f62 | - | ol8_aarch64_baseos_latest | |
| systemd-239-45.0.1.el8.aarch64.rpm | 375d2339d992aa15b74b1a37d796b33236d8f3378b35aba2b42690bbac1c8f62 | - | ol8_aarch64_u4_baseos_base | |
| systemd-container-239-45.0.1.el8.aarch64.rpm | e917b20e646852ea4e9a520e029c2de81b0712dd6a4432677391a978f9c36fab | - | ol8_aarch64_baseos_latest | |
| systemd-container-239-45.0.1.el8.aarch64.rpm | e917b20e646852ea4e9a520e029c2de81b0712dd6a4432677391a978f9c36fab | - | ol8_aarch64_u4_baseos_base | |
| systemd-devel-239-45.0.1.el8.aarch64.rpm | 04687263f5e81a3c6337695d761c49fa0fd3e960d222377b35c07a6a0c5484cc | - | ol8_aarch64_baseos_latest | |
| systemd-devel-239-45.0.1.el8.aarch64.rpm | 04687263f5e81a3c6337695d761c49fa0fd3e960d222377b35c07a6a0c5484cc | - | ol8_aarch64_u4_baseos_base | |
| systemd-journal-remote-239-45.0.1.el8.aarch64.rpm | 4953cf866dd55715fcee1b5535e5381b70f08b2b0595126434444364ccec1122 | - | ol8_aarch64_baseos_latest | |
| systemd-journal-remote-239-45.0.1.el8.aarch64.rpm | 4953cf866dd55715fcee1b5535e5381b70f08b2b0595126434444364ccec1122 | - | ol8_aarch64_u4_baseos_base | |
| systemd-libs-239-45.0.1.el8.aarch64.rpm | 8ff76240f101be3aa524aff5a7a5bb5ee7cacc8d691c4502168f6312bac102d8 | - | ol8_aarch64_baseos_latest | |
| systemd-libs-239-45.0.1.el8.aarch64.rpm | 8ff76240f101be3aa524aff5a7a5bb5ee7cacc8d691c4502168f6312bac102d8 | - | ol8_aarch64_u4_baseos_base | |
| systemd-pam-239-45.0.1.el8.aarch64.rpm | c4034b0bd4f0f052b04298503c68ff479ce91744bdbf206efa59bc1cb0fc8f97 | - | ol8_aarch64_baseos_latest | |
| systemd-pam-239-45.0.1.el8.aarch64.rpm | c4034b0bd4f0f052b04298503c68ff479ce91744bdbf206efa59bc1cb0fc8f97 | - | ol8_aarch64_u4_baseos_base | |
| systemd-tests-239-45.0.1.el8.aarch64.rpm | f1c3fbbb6df54a61ba28c5a6de7a541be3665d72b272cea7342510e75c38348a | - | ol8_aarch64_baseos_latest | |
| systemd-tests-239-45.0.1.el8.aarch64.rpm | f1c3fbbb6df54a61ba28c5a6de7a541be3665d72b272cea7342510e75c38348a | - | ol8_aarch64_u4_baseos_base | |
| systemd-udev-239-45.0.1.el8.aarch64.rpm | d447cb171f2987e3b431db48d0b222433c0472ad0b350063e4bc3c97f5b22fda | - | ol8_aarch64_baseos_latest | |
| systemd-udev-239-45.0.1.el8.aarch64.rpm | d447cb171f2987e3b431db48d0b222433c0472ad0b350063e4bc3c97f5b22fda | - | ol8_aarch64_u4_baseos_base | |
| Oracle Linux 8 (x86_64) | systemd-239-45.0.1.el8.src.rpm | 669171f3c563f9d22d2eee1ff303c3d9aff1034093dc85d156bae0746e8274fb | - | ol8_x86_64_baseos_latest |
| systemd-239-45.0.1.el8.src.rpm | 669171f3c563f9d22d2eee1ff303c3d9aff1034093dc85d156bae0746e8274fb | - | ol8_x86_64_u4_baseos_base | |
| systemd-239-45.0.1.el8.i686.rpm | e49d28c8849182add9af7304ba6e5df6e293672f1f5cc7ce71b04757d98f306f | - | ol8_x86_64_baseos_latest | |
| systemd-239-45.0.1.el8.i686.rpm | e49d28c8849182add9af7304ba6e5df6e293672f1f5cc7ce71b04757d98f306f | - | ol8_x86_64_u4_baseos_base | |
| systemd-239-45.0.1.el8.x86_64.rpm | 9bd019334f0028bdf8eacb43bd687d664d155c1e1c7ec287fb0406b62747a700 | - | ol8_x86_64_baseos_latest | |
| systemd-239-45.0.1.el8.x86_64.rpm | 9bd019334f0028bdf8eacb43bd687d664d155c1e1c7ec287fb0406b62747a700 | - | ol8_x86_64_u4_baseos_base | |
| systemd-container-239-45.0.1.el8.i686.rpm | 6b405981ae4a09525c0ad2d2ac0f866cba69cd663d90157910e4ea2ef567dbc7 | - | ol8_x86_64_baseos_latest | |
| systemd-container-239-45.0.1.el8.i686.rpm | 6b405981ae4a09525c0ad2d2ac0f866cba69cd663d90157910e4ea2ef567dbc7 | - | ol8_x86_64_u4_baseos_base | |
| systemd-container-239-45.0.1.el8.x86_64.rpm | f9b5d7c072a61fed1b393a471834ac6ed25cf1166f10e15b3bff348b305aed07 | - | ol8_x86_64_baseos_latest | |
| systemd-container-239-45.0.1.el8.x86_64.rpm | f9b5d7c072a61fed1b393a471834ac6ed25cf1166f10e15b3bff348b305aed07 | - | ol8_x86_64_u4_baseos_base | |
| systemd-devel-239-45.0.1.el8.i686.rpm | d08017877b48136dfe5fdb911ecca9d8b3312913feeb2f9dac93ff5e4a93e22a | - | ol8_x86_64_baseos_latest | |
| systemd-devel-239-45.0.1.el8.i686.rpm | d08017877b48136dfe5fdb911ecca9d8b3312913feeb2f9dac93ff5e4a93e22a | - | ol8_x86_64_u4_baseos_base | |
| systemd-devel-239-45.0.1.el8.x86_64.rpm | 13f13c1a093c92cff1b2a48145eed1aea6749f306974b30267c5c6c6d48844c3 | - | ol8_x86_64_baseos_latest | |
| systemd-devel-239-45.0.1.el8.x86_64.rpm | 13f13c1a093c92cff1b2a48145eed1aea6749f306974b30267c5c6c6d48844c3 | - | ol8_x86_64_u4_baseos_base | |
| systemd-journal-remote-239-45.0.1.el8.x86_64.rpm | 33cc1b68b56b324cd43cf414fb77112716f8195294a81c625749ae267588e847 | - | ol8_x86_64_baseos_latest | |
| systemd-journal-remote-239-45.0.1.el8.x86_64.rpm | 33cc1b68b56b324cd43cf414fb77112716f8195294a81c625749ae267588e847 | - | ol8_x86_64_u4_baseos_base | |
| systemd-libs-239-45.0.1.el8.i686.rpm | c3d4e98b35e61bb42a78dd49fa029db0243b6d0d360061fc0df31e20da396913 | - | ol8_x86_64_baseos_latest | |
| systemd-libs-239-45.0.1.el8.i686.rpm | c3d4e98b35e61bb42a78dd49fa029db0243b6d0d360061fc0df31e20da396913 | - | ol8_x86_64_u4_baseos_base | |
| systemd-libs-239-45.0.1.el8.x86_64.rpm | 1b2693697c4d49bac365752a7cd878ef44ea0cc38b874c9c2344c0bac44ee952 | - | ol8_x86_64_baseos_latest | |
| systemd-libs-239-45.0.1.el8.x86_64.rpm | 1b2693697c4d49bac365752a7cd878ef44ea0cc38b874c9c2344c0bac44ee952 | - | ol8_x86_64_u4_baseos_base | |
| systemd-pam-239-45.0.1.el8.x86_64.rpm | 7daef79d565de78445e8faeff030d12418f7e28e9c75aac20d41746913e30779 | - | ol8_x86_64_baseos_latest | |
| systemd-pam-239-45.0.1.el8.x86_64.rpm | 7daef79d565de78445e8faeff030d12418f7e28e9c75aac20d41746913e30779 | - | ol8_x86_64_u4_baseos_base | |
| systemd-tests-239-45.0.1.el8.x86_64.rpm | 5f575d37974df409ca0d02cd8fb48301921a870d804f1734c6ed93072fac7f62 | - | ol8_x86_64_baseos_latest | |
| systemd-tests-239-45.0.1.el8.x86_64.rpm | 5f575d37974df409ca0d02cd8fb48301921a870d804f1734c6ed93072fac7f62 | - | ol8_x86_64_u4_baseos_base | |
| systemd-udev-239-45.0.1.el8.x86_64.rpm | f32d22f98381c5f7c9b963f237359e15b9ed6d9323fd3e3e80b2fab1ef00d9e7 | - | ol8_x86_64_baseos_latest | |
| systemd-udev-239-45.0.1.el8.x86_64.rpm | f32d22f98381c5f7c9b963f237359e15b9ed6d9323fd3e3e80b2fab1ef00d9e7 | - | ol8_x86_64_u4_baseos_base | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
