openSUSE Security Update : systemd (openSUSE-2012-139)

Medium Nessus Plugin ID 74560


The remote openSUSE host is missing a security update.


- Add fix-console-switch.patch: prevent console lockup (rhb#771563).

- Add fix-quota.patch: correctly enable quota (rhb#773431).

- Add passcredentials.patch: ensure compatibility with kernel 3.2 (bnc#743299).

- Update modules_on_boot.patch to not cause failed state for systemd-modules-load.service (bnc#741481).

- Ensure systemd show service status when started behind bootsplash and don't try to start when bootsplash isn't installed (bnc#736225).

- Add fix-proc-net-unix-parsing.patch: fix /tmp socket cleanup on 32bits (mmeeks) (bnc#739438).

- Add improve-readahead.patch: don't monopolize IO when replaying (git).

- Add sysv_to_syslog_and_console.patch: ensure sysv services output is logged to syslog in addition to console (improve bnc#731342, bnc#681127).

- Add fix-daemon-reload-reaping.patch: fix activating service being killed if daemon-reload is started (git).

- Add no-variable-tcpwrappers.patch: fix manpage for tcpwrapper support (bnc#741023).

- Add remote-fs-after-network.patch and update insserv patch: ensure is enabled and started before network mount points (bnc#744293).

- Add dm-lvm-after-local-fs-pre-target.patch: ensure md / lvm /dmraid is started before mounting partitions, if fsck was disabled for them (bnc#733283).

- Update lsb-header patch to correctly disable heuristic if X-Systemd-RemainAfterExit is specified (whatever its value)

- Add fix-message-after-chkconfig.patch: don't complain if only sysv services are called in systemctl.

- Add is-enabled-non-existing-service.patch: fix error message when running is-enabled on non-existing service.

- Add remove-timedated-ntp-dependency.patch: don't require ntp to use timedated (partially fixes bnc#734831).

- Add move-x11-socket.patch: change X11 socket symlink name (bnc#747154).

- Add fix-is-enabled.patch: ensure systemctl is-enabled work properly when systemd isn't running.

- Add logind-console.patch: do not bail logind if /dev/tty0 doesn't exist (bnc#733022, bnc#735047).

- Add sysctl-modules.patch: ensure sysctl is started after modules are loaded (bnc#725412).

- Fix warning in insserv patch.

- Update avoid-random-seed-cycle.patch with better upstream approach.

- Update storage-after-cryptsetup.patch to restart lvm before, not after it (bnc#740106).

- Increase pam-config dependency (bnc#713319).


Update the affected systemd packages.

See Also

Plugin Details

Severity: Medium

ID: 74560

File Name: openSUSE-2012-139.nasl

Version: $Revision: 1.1 $

Type: local

Agent: unix

Published: 2014/06/13

Modified: 2014/06/13

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:systemd, p-cpe:/a:novell:opensuse:systemd-32bit, p-cpe:/a:novell:opensuse:systemd-debuginfo, p-cpe:/a:novell:opensuse:systemd-debuginfo-32bit, p-cpe:/a:novell:opensuse:systemd-debugsource, p-cpe:/a:novell:opensuse:systemd-devel, p-cpe:/a:novell:opensuse:systemd-sysvinit, cpe:/o:novell:opensuse:12.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2012/02/29

Reference Information

CVE: CVE-2012-0871