systemd security, bug fix, and enhancement update

2020-05-05T00:00:00
ID ELSA-2020-1794
Type oraclelinux
Reporter OracleLinux
Modified 2020-05-05T00:00:00

Description

[239-29.0.1.el8] - fix to enable systemd-pstore.service [Orabug: 30951066] - journal: change support URL shown in the catalog entries [Orabug: 30853009] - fix to generate systemd-pstore.service file [Orabug: 30230056] - fix netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792] - set 'RemoveIPC=no' in logind.conf as default for OL7.2 [Orabug: 22224874] - allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469] - add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475] - Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056] [239-29] - cryptsetup: Treat key file errors as a failed password attempt (#1763155) [239-28] - pid1: fix DefaultTasksMax initialization (#1809037) - cgroup: make sure that cpuset is supported on cgroup v2 and disabled with v1 (#1808940) - test: introduce TEST-36-NUMAPOLICY (#1808940) - test: replace tail -f with journal cursor which should be more reliable (#1808940) - test: support MPOL_LOCAL matching in unpatched strace versions (#1808940) - test: make sure the strace process is indeed dead (#1808940) - test: skip the test on systems without NUMA support (#1808940) - test: give strace some time to initialize (#1808940) - test: add a simple sanity check for systems without NUMA support (#1808940) - test: drop the missed || exit 1 expression (#1808940) - test: replace cursor file with a plain cursor (#1808940) [239-27] - cgroup: introduce support for cgroup v2 CPUSET controller (#1724617) [239-26] - seccomp: introduce seccomp_restrict_suid_sgid() for blocking chmod() for suid/sgid files (#1687512) - test: add test case for restrict_suid_sgid() (#1687512) - core: expose SUID/SGID restriction as new unit setting RestrictSUIDSGID= (#1687512) - analyze: check for RestrictSUIDSGID= in 'systemd-analyze security' (#1687512) - man: document the new RestrictSUIDSGID= setting (#1687512) - units: turn on RestrictSUIDSGID= in most of our long-running daemons (#1687512) - core: imply NNP and SUID/SGID restriction for DynamicUser=yes service (#1687512) [239-25] - sd-bus: use 'queue' message references for managing r/w message queues in connection objects (CVE-2020-1712) - pid1: make sure to restore correct default values for some rlimits (#1789930) - main: introduce a define HIGH_RLIMIT_MEMLOCK similar to HIGH_RLIMIT_NOFILE (#1789930) [239-24] - rules: reintroduce 60-alias-kmsg.rules (#1739353) - sd-bus: make rqueue/wqueue sizes of type size_t (CVE-2020-1712) - sd-bus: reorder bus ref and bus message ref handling (CVE-2020-1712) - sd-bus: make sure dispatch_rqueue() initializes return parameter on all types of success (CVE-2020-1712) - sd-bus: drop two inappropriate empty lines (CVE-2020-1712) - sd-bus: initialize mutex after we allocated the wqueue (CVE-2020-1712) - sd-bus: always go through sd_bus_unref() to free messages (CVE-2020-1712) - bus-message: introduce two kinds of references to bus messages (CVE-2020-1712) - sd-bus: introduce API for re-enqueuing incoming messages (CVE-2020-1712) - sd-event: add sd_event_source_disable_unref() helper (CVE-2020-1712) - polkit: when authorizing via PK lets re-resolve callback/userdata instead of caching it (CVE-2020-1712) - sysctl: lets by default increase the numeric PID range from 2^16 to 2^22 (#1744214) - journal: do not trigger assertion when journal_file_close() get NULL (#1788085) - journal: use cleanup attribute at one more place (#1788085) [239-23] - catalog: fix name of variable (#1677768) - cryptsetup: add keyfile-timeout to allow a keydev timeout and allow to fallback to a password if it fails. (#1763155) - cryptsetup: add documentation for keyfile-timeout (#1763155) - cryptsetup: use unabbrieviated variable names (#1763155) - cryptsetup: dont assert on variable which is optional (#1763155) - cryptsetup-generator: guess whether the keyfile argument is two items or one (#1763155) - crypt-util: Translate libcryptsetup log level instead of using log_debug() (#1776408) - cryptsetup: add some commenting about EAGAIN generation (#1776408) - cryptsetup: downgrade a log message we ignore (#1776408) - cryptsetup: rework how we log about activation failures (#1776408) [239-22] - spec: dont ship /var/log/README - spec: provide systemd-rpm-macros [239-21] - test-cpu-set-util: fix comparison for allocation size (#1734787) - test-cpu-set-util: fix allocation size check on i386 (#1734787) [239-20] - journal: rely on _cleanup_free to free a temporary string used in client_context_read_cgroup (#1764560) - basic/user-util: allow dots in user names (#1717603) - sd-bus: bump message queue size again (#1770189) - tests: put fuzz_journald_processing_function in a .c file (#1764560) - tests: add a fuzzer for dev_kmsg_record (#1764560) - basic: remove an assertion from cunescape_one (#1764560) - journal: fix an off-by-one error in dev_kmsg_record (#1764560) - tests: add a reproducer for a memory leak fixed in 30eddcd51b8a472e05d3b8d1 in August (#1764560) - tests: add a reproducer for a heap-buffer-overflow fixed in 937b1171378bc1000a (#1764560) - test: initialize syslog_fd in fuzz-journald-kmsg too (#1764560) - tests: add a fuzzer for process_audit_string (#1764560) - journald: check whether sscanf has changed the value corresponding to %n (#1764560) - tests: introduce dummy_server_init and use it in all journald fuzzers (#1764560) - tests: add a fuzzer for journald streams (#1764560) - tests: add a fuzzer for server_process_native_file (#1764560) - fuzz-journal-stream: avoid assertion failure on samples which dont fit in pipe (#1764560) - journald: take leading spaces into account in syslog_parse_identifier (#1764560) - Add a warning about the difference in permissions between existing directories and unit settings. (#1778384) - execute: remove one redundant comparison check (#1778384) - core: change ownership/mode of the execution directories also for static users (#1778384) - core/dbus-execute: remove unnecessary initialization (#1734787) - shared/cpu-set-util: move the part to print cpu-set into a separate function (#1734787) - shared/cpu-set-util: remove now-unused CPU_SIZE_TO_NUM() (#1734787) - Rework cpu affinity parsing (#1734787) - Move cpus_in_affinity_mask() to cpu-set-util.[ch] (#1734787) - test-cpu-set-util: add simple test for cpus_in_affinity_mask() (#1734787) - test-cpu-set-util: add a smoke test for test_parse_cpu_set_extend() (#1734787) - pid1: parse CPUAffinity= in incremental fashion (#1734787) - pid1: dont reset setting from /proc/cmdline upon restart (#1734787) - pid1: when reloading configuration, forget old settings (#1734787) - test-execute: use CPUSet too (#1734787) - shared/cpu-set-util: drop now-unused cleanup function (#1734787) - shared/cpu-set-util: make transfer of cpu_set_t over bus endian safe (#1734787) - test-cpu-set-util: add test for dbus conversions (#1734787) - shared/cpu-set-util: introduce cpu_set_to_range() (#1734787) - systemctl: present CPUAffinity mask as a list of CPU index ranges (#1734787) - shared/cpu-set-util: only force range printing one time (#1734787) - execute: dump CPUAffinity as a range string instead of a list of CPUs (#1734787) - cpu-set-util: use %d-%d format in cpu_set_to_range_string() only for actual ranges (#1734787) - core: introduce NUMAPolicy and NUMAMask options (#1734787) - core: disable CPUAccounting by default (#1734787) - set kptr_restrict=1 (#1689346) - cryptsetup: reduce the chance that we will be OOM killed (#1696602) - core, job: fix breakage of ordering dependencies by systemctl reload command (#1766417) - debug-generator: enable custom systemd.debug_shell tty (#1723722) [239-19] - core: never propagate reload failure to service result (#1735787) - man: document systemd-analyze security (#1750343) - man: reorder and add examples to systemd-analyze(1) (#1750343) - travis: move to CentOS 8 docker images (#1761519) - travis: drop SCL remains (#1761519) - syslog: fix segfault in syslog_parse_priority() (#1761519) - sd-bus: make strict asan shut up (#1761519) - travis: dont run slow tests under ASan/UBSan (#1761519) - kernel-install: do not require non-empty kernel cmdline (#1701454) - ask-password: prevent buffer overrow when reading from keyring (#1752050) - core: try to reopen /dev/kmsg again right after mounting /dev (#1749212) - buildsys: dont garbage collect sections while linking (#1748258) - udev: introduce CONST key name (#1762679) - Call getgroups() to know size of supplementary groups array to allocate (#1743230256 KB - Consider smb3 as remote filesystem (#1757257) - process-util: introduce pid_is_my_child() helper (#1744972) - core: reduce the number of stalled PIDs from the watched processes list when possible (#1744972) - core: only watch processes when its really necessary (#1744972) - core: implement per unit journal rate limiting (#1719577) - path: stop watching path specs once we triggered the target unit (#1763161) - journald: fixed assertion failure when system journal rotation fails (#9893) (#1763619) - test: use PBKDF2 instead of Argon2 in cryptsetup... (#1761519) - test: mask several unnecessary services (#1761519) - test: bump the second partitions size to 50M (#1761519) - shared/sleep-config: exclude zram devices from hibernation candidates (#1763617) - selinux: dont log SELINUX_INFO and SELINUX_WARNING messages to audit (#1763612) - sd-device: introduce log_device_() macros (#1753369) - udev: Add id program and rule for FIDO security tokens (#1753369) - shared/but-util: drop trusted annotation from bus_open_system_watch_bind_with_description() (#1746857) - sd-bus: adjust indentation of comments (#1746857) - resolved: do not run loop twice (#1746857) - resolved: allow access to SetLink and Revert methods through polkit (#1746857) - resolved: query polkit only after parsing the data (#1746857)