This update for systemd fixes several issues.
These security issues were fixed:
- CVE-2014-9770, CVE-2015-8842: Don’t allow read access to journal files
to users (boo#972612)
These non-security issues were fixed:
- Import commit 523777609a04fe9e590420e89f94ef07e3719baa: e5e362a udev:
exclude MD from block device ownership event locking 8839413 udev:
really exclude device-mapper from block device ownership event locking
66782e6 udev: exclude device-mapper from block device ownership event
locking (boo#972727) 1386f57 tmpfiles: explicitly set mode for /run/log
faadb74 tmpfiles: don’t allow read access to journal files to users not
in systemd-journal 9b1ef37 tmpfiles: don’t apply sgid and executable bit
to journal files, only the directories they are contained in 011c39f
tmpfiles: add ability to mask access mode by pre-existing access mode on
files/directories 07e2d60 tmpfiles: get rid of "m" lines d504e28
tmpfiles: various modernizations f97250d systemctl: no need to pass
–all if inactive is explicitly requested in list-units (boo#967122)
2686573 fstab-generator: fix automount option and don’t start associated
mount unit at boot (boo#970423) 5c1637d login: support more than just
power-gpio-key (fate#318444) (boo#970860) 2c95ecd logind: add standard
gpio power button support (fate#318444) (boo#970860) af3eb93 Revert
"log-target-null-instead-kmsg" 555dad4 shorten hostname before checking
for trailing dot (boo#965897) 522194c Revert "log: honour the kernel’s
quiet cmdline argument" (boo#963230) cc94e47 transaction: downgrade
warnings about wanted unit which are not found (boo#960158) eb3cfb3
Revert "vhangup-on-all-consoles" 0c28752 remove WorkingDirectory
parameter from emergency, rescue and console-shell.service (boo#959886)
1d6d840 Fix wrong substitution variable name in
systemd-udev-root-symlink.service.in (boo#964355)
- Don’t ship boot.udev and systemd-journald.init anymore. It was used
during the systemd transition when both sysvinit and systemd could be
used on the same system