openSUSE Security Update : systemd (openSUSE-2012-139)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

- Add fix-console-switch.patch: prevent console lockup
(rhb#771563).

- Add fix-quota.patch: correctly enable quota
(rhb#773431).

- Add passcredentials.patch: ensure compatibility with
kernel 3.2 (bnc#743299).

- Update modules_on_boot.patch to not cause failed state
for systemd-modules-load.service (bnc#741481).

- Ensure systemd show service status when started behind
bootsplash and don't try to start when bootsplash isn't
installed (bnc#736225).

- Add fix-proc-net-unix-parsing.patch: fix /tmp socket
cleanup on 32bits (mmeeks) (bnc#739438).

- Add improve-readahead.patch: don't monopolize IO when
replaying (git).

- Add sysv_to_syslog_and_console.patch: ensure sysv
services output is logged to syslog in addition to
console (improve bnc#731342, bnc#681127).

- Add fix-daemon-reload-reaping.patch: fix activating
service being killed if daemon-reload is started (git).

- Add no-variable-tcpwrappers.patch: fix manpage for
tcpwrapper support (bnc#741023).

- Add remote-fs-after-network.patch and update insserv
patch: ensure remote-fs-pre.target is enabled and
started before network mount points (bnc#744293).

- Add dm-lvm-after-local-fs-pre-target.patch: ensure md /
lvm /dmraid is started before mounting partitions, if
fsck was disabled for them (bnc#733283).

- Update lsb-header patch to correctly disable heuristic
if X-Systemd-RemainAfterExit is specified (whatever its
value)

- Add fix-message-after-chkconfig.patch: don't complain if
only sysv services are called in systemctl.

- Add is-enabled-non-existing-service.patch: fix error
message when running is-enabled on non-existing service.

- Add remove-timedated-ntp-dependency.patch: don't require
ntp to use timedated (partially fixes bnc#734831).

- Add move-x11-socket.patch: change X11 socket symlink
name (bnc#747154).

- Add fix-is-enabled.patch: ensure systemctl is-enabled
work properly when systemd isn't running.

- Add logind-console.patch: do not bail logind if
/dev/tty0 doesn't exist (bnc#733022, bnc#735047).

- Add sysctl-modules.patch: ensure sysctl is started after
modules are loaded (bnc#725412).

- Fix warning in insserv patch.

- Update avoid-random-seed-cycle.patch with better
upstream approach.

- Update storage-after-cryptsetup.patch to restart lvm
before local-fs.target, not after it (bnc#740106).

- Increase pam-config dependency (bnc#713319).

See also :

https://bugzilla.novell.com/show_bug.cgi?id=681127
https://bugzilla.novell.com/show_bug.cgi?id=713319
https://bugzilla.novell.com/show_bug.cgi?id=725412
https://bugzilla.novell.com/show_bug.cgi?id=731342
https://bugzilla.novell.com/show_bug.cgi?id=733022
https://bugzilla.novell.com/show_bug.cgi?id=733283
https://bugzilla.novell.com/show_bug.cgi?id=734831
https://bugzilla.novell.com/show_bug.cgi?id=735047
https://bugzilla.novell.com/show_bug.cgi?id=736225
https://bugzilla.novell.com/show_bug.cgi?id=739438
https://bugzilla.novell.com/show_bug.cgi?id=740106
https://bugzilla.novell.com/show_bug.cgi?id=741023
https://bugzilla.novell.com/show_bug.cgi?id=741481
https://bugzilla.novell.com/show_bug.cgi?id=743299
https://bugzilla.novell.com/show_bug.cgi?id=744293
https://bugzilla.novell.com/show_bug.cgi?id=747154

Solution :

Update the affected systemd packages.

Risk factor :

Medium / CVSS Base Score : 6.3
(CVSS2#AV:L/AC:M/Au:N/C:N/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 74560 ()

Bugtraq ID:

CVE ID: CVE-2012-0871

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now