SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3149

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3149

Security update for systemd

Type: security

Severity: moderate

Issued: 2024-09-05

Description:

This update for systemd fixes the following issues:

- CVE-2023-7008: Fixed man-in-the-middle due to unsigned name response in signed zone not refused when DNSSEC=yes (bsc#1218297)

Other fixes:
- Unit: drop ProtectClock=yes from systemd-udevd.service (bsc#1226414)
- Don't mention any rpm macros inside comments, even if escaped (bsc#1228091)
- Skip redundant dependencies specified the LSB description that references the file name of the service itself for early boot scripts (bsc#1221479).

References

CVE: CVE-2023-7008
Bugzilla: 1228091 pesign-obs-integration drops systemd post script
Bugzilla: 1226414 Intermittent reboot Failure on md RAID1 for systemd/udev
Bugzilla: 1221479 systemd-sysv-generator crashes in "free" when /etc/init.d/ contains scripts starting with "boot."
Bugzilla: 1218297 VUL-0: CVE-2023-7008: systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

Packages

systemd-249.17-150400.8.43.1