You are here
Home > Preporuke > Sigurnosni nedostaci programskih paketa util-linux i shadow

Sigurnosni nedostaci programskih paketa util-linux i shadow

openSUSE Security Update: Security update for util-linux and shadow
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2121-1
Rating: moderate
References: #1081947 #1082293 #1085196 #1106214 #1121197
#1122417 #1125886 #1127701 #1135534 #1135708
#1141113 #353876
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for util-linux and shadow fixes the following issues:

util-linux:

– Fixed an issue where PATH settings in /etc/default/su being ignored
(bsc#1121197)
– Prevent outdated pam files (bsc#1082293).
– De-duplicate fstrim -A properly (bsc#1127701).
– Do not trim read-only volumes (bsc#1106214).
– Integrate pam_keyinit pam module to login (bsc#1081947).
– Perform one-time reset of /etc/default/su (bsc#1121197).
– Fix problems in reading of login.defs values (bsc#1121197)
– libmount: To prevent incorrect behavior, recognize more pseudofs and
netfs (bsc#1122417).
– raw.service: Add RemainAfterExit=yes (bsc#1135534).
– agetty: Return previous response of agetty for special characters
(bsc#1085196, bsc#1125886)
– libmount: print a blacklist hint for “unknown filesystem type”
(jsc#SUSE-4085, fate#326832)
– Fix /etc/default/su comments and create /etc/default/runuser
(bsc#1121197).

shadow:

– Fixed an issue where PATH settings in /etc/default/su being ignored
(bsc#1121197)
– Fix segfault in useradd during setting password inactivity period.
(bsc#1141113)
– Hardening for su wrappers (bsc#353876)

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2121=1

Package List:

– openSUSE Leap 15.1 (i586 x86_64):

libblkid-devel-2.33.1-lp151.3.3.2
libblkid-devel-static-2.33.1-lp151.3.3.2
libblkid1-2.33.1-lp151.3.3.2
libblkid1-debuginfo-2.33.1-lp151.3.3.2
libfdisk-devel-2.33.1-lp151.3.3.2
libfdisk-devel-static-2.33.1-lp151.3.3.2
libfdisk1-2.33.1-lp151.3.3.2
libfdisk1-debuginfo-2.33.1-lp151.3.3.2
libmount-devel-2.33.1-lp151.3.3.2
libmount-devel-static-2.33.1-lp151.3.3.2
libmount1-2.33.1-lp151.3.3.2
libmount1-debuginfo-2.33.1-lp151.3.3.2
libsmartcols-devel-2.33.1-lp151.3.3.2
libsmartcols-devel-static-2.33.1-lp151.3.3.2
libsmartcols1-2.33.1-lp151.3.3.2
libsmartcols1-debuginfo-2.33.1-lp151.3.3.2
libuuid-devel-2.33.1-lp151.3.3.2
libuuid-devel-static-2.33.1-lp151.3.3.2
libuuid1-2.33.1-lp151.3.3.2
libuuid1-debuginfo-2.33.1-lp151.3.3.2
shadow-4.6-lp151.2.3.2
shadow-debuginfo-4.6-lp151.2.3.2
shadow-debugsource-4.6-lp151.2.3.2
util-linux-2.33.1-lp151.3.3.2
util-linux-debuginfo-2.33.1-lp151.3.3.2
util-linux-debugsource-2.33.1-lp151.3.3.2
util-linux-systemd-2.33.1-lp151.3.3.2
util-linux-systemd-debuginfo-2.33.1-lp151.3.3.2
util-linux-systemd-debugsource-2.33.1-lp151.3.3.2
uuidd-2.33.1-lp151.3.3.2
uuidd-debuginfo-2.33.1-lp151.3.3.2

– openSUSE Leap 15.1 (noarch):

util-linux-lang-2.33.1-lp151.3.3.2

– openSUSE Leap 15.1 (x86_64):

libblkid-devel-32bit-2.33.1-lp151.3.3.2
libblkid1-32bit-2.33.1-lp151.3.3.2
libblkid1-32bit-debuginfo-2.33.1-lp151.3.3.2
libmount-devel-32bit-2.33.1-lp151.3.3.2
libmount1-32bit-2.33.1-lp151.3.3.2
libmount1-32bit-debuginfo-2.33.1-lp151.3.3.2
libuuid-devel-32bit-2.33.1-lp151.3.3.2
libuuid1-32bit-2.33.1-lp151.3.3.2
libuuid1-32bit-debuginfo-2.33.1-lp151.3.3.2
python3-libmount-2.33.1-lp151.3.3.2
python3-libmount-debuginfo-2.33.1-lp151.3.3.2
python3-libmount-debugsource-2.33.1-lp151.3.3.2

References:

https://bugzilla.suse.com/1081947
https://bugzilla.suse.com/1082293
https://bugzilla.suse.com/1085196
https://bugzilla.suse.com/1106214
https://bugzilla.suse.com/1121197
https://bugzilla.suse.com/1122417
https://bugzilla.suse.com/1125886
https://bugzilla.suse.com/1127701
https://bugzilla.suse.com/1135534
https://bugzilla.suse.com/1135708
https://bugzilla.suse.com/1141113
https://bugzilla.suse.com/353876


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa python-Twisted

Otkriveni su sigurnosni nedostaci u programskom paketu python-Twisted za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje MitM napada....

Close