{"affected":[{"ecosystem_specific":{"binaries":[{"libsystemd0":"228-150.9.3","libsystemd0-32bit":"228-150.9.3","libudev1":"228-150.9.3","libudev1-32bit":"228-150.9.3","systemd":"228-150.9.3","systemd-32bit":"228-150.9.3","systemd-bash-completion":"228-150.9.3","systemd-sysvinit":"228-150.9.3","udev":"228-150.9.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP3","name":"systemd","purl":"pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"228-150.9.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libudev-devel":"228-150.9.3","systemd-devel":"228-150.9.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP3","name":"systemd","purl":"pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"228-150.9.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libsystemd0":"228-150.9.3","libsystemd0-32bit":"228-150.9.3","libudev1":"228-150.9.3","libudev1-32bit":"228-150.9.3","systemd":"228-150.9.3","systemd-32bit":"228-150.9.3","systemd-bash-completion":"228-150.9.3","systemd-sysvinit":"228-150.9.3","udev":"228-150.9.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3","name":"systemd","purl":"pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"228-150.9.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libsystemd0":"228-150.9.3","libsystemd0-32bit":"228-150.9.3","libudev1":"228-150.9.3","libudev1-32bit":"228-150.9.3","systemd":"228-150.9.3","systemd-32bit":"228-150.9.3","systemd-bash-completion":"228-150.9.3","systemd-sysvinit":"228-150.9.3","udev":"228-150.9.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","name":"systemd","purl":"pkg:rpm/suse/systemd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"228-150.9.3"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for systemd provides several fixes and enhancements.\n\nSecurity issues fixed:\n\n- CVE-2017-9217: Null pointer dereferencing that could lead to resolved aborting. (bsc#1040614)\n- CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload\n  from a DNS server. (bsc#1045290)\n\nThe update also fixed several non-security bugs:\n\n- core/mount: Use the '-c' flag to not canonicalize paths when calling /bin/umount\n- automount: Handle expire_tokens when the mount unit changes its state (bsc#1040942)\n- automount: Rework propagation between automount and mount units\n- build: Make sure tmpfiles.d/systemd-remote.conf get installed when necessary\n- build: Fix systemd-journal-upload installation\n- basic: Detect XEN Dom0 as no virtualization (bsc#1036873)\n- virt: Make sure some errors are not ignored\n- fstab-generator: Do not skip Before= ordering for noauto mountpoints\n- fstab-gen: Do not convert device timeout into seconds when initializing JobTimeoutSec\n- core/device: Use JobRunningTimeoutSec= for device units (bsc#1004995)\n- fstab-generator: Apply the _netdev option also to device units (bsc#1004995)\n- job: Add JobRunningTimeoutSec for JOB_RUNNING state (bsc#1004995)\n- job: Ensure JobRunningTimeoutSec= survives serialization (bsc#1004995)\n- rules: Export NVMe WWID udev attribute (bsc#1038865)\n- rules: Introduce disk/by-id (model_serial) symbolic links for NVMe drives\n- rules: Add rules for NVMe devices\n- sysusers: Make group shadow support configurable (bsc#1029516)\n- core: When deserializing a unit, fully restore its cgroup state (bsc#1029102)\n- core: Introduce cg_mask_from_string()/cg_mask_to_string()\n- core:execute: Fix handling failures of calling fork() in exec_spawn() (bsc#1040258)\n- Fix systemd-sysv-convert when a package starts shipping service units (bsc#982303)\n  The database might be missing when upgrading a package which was\n  shipping no sysv init scripts nor unit files (at the time --save was\n  called) but the new version start shipping unit files.\n- Disable group shadow support (bsc#1029516)\n- Only check signature job error if signature job exists (bsc#1043758)\n- Automounter issue in combination with NFS volumes (bsc#1040968)\n- Missing symbolic link for SAS device in /dev/disk/by-path (bsc#1040153)\n- Add minimal support for boot.d/* scripts in systemd-sysv-convert (bsc#1046750)\n","id":"SUSE-SU-2017:2031-1","modified":"2017-08-03T08:43:31Z","published":"2017-08-03T08:43:31Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20172031-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1004995"},{"type":"REPORT","url":"https://bugzilla.suse.com/1029102"},{"type":"REPORT","url":"https://bugzilla.suse.com/1029516"},{"type":"REPORT","url":"https://bugzilla.suse.com/1032029"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033238"},{"type":"REPORT","url":"https://bugzilla.suse.com/1036873"},{"type":"REPORT","url":"https://bugzilla.suse.com/1037120"},{"type":"REPORT","url":"https://bugzilla.suse.com/1038865"},{"type":"REPORT","url":"https://bugzilla.suse.com/1040153"},{"type":"REPORT","url":"https://bugzilla.suse.com/1040258"},{"type":"REPORT","url":"https://bugzilla.suse.com/1040614"},{"type":"REPORT","url":"https://bugzilla.suse.com/1040942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1040968"},{"type":"REPORT","url":"https://bugzilla.suse.com/1043758"},{"type":"REPORT","url":"https://bugzilla.suse.com/1043900"},{"type":"REPORT","url":"https://bugzilla.suse.com/1045290"},{"type":"REPORT","url":"https://bugzilla.suse.com/1046750"},{"type":"REPORT","url":"https://bugzilla.suse.com/982303"},{"type":"REPORT","url":"https://bugzilla.suse.com/986216"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-9217"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-9445"}],"related":["CVE-2017-9217","CVE-2017-9445"],"summary":"Security update for systemd","upstream":["CVE-2017-9217","CVE-2017-9445"]}