Security update for systemd (moderate)

An update that solves three vulnerabilities and has four
fixes is now available.

Description:

This update for systemd provides the following fixes:

Security issues fixed:

• CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through
  attacker-controlled alloca()s (bsc#1120323)
• CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)
• Fixed an issue during system startup in relation to encrypted swap disks
  (bsc#1119971)

Non-security issues fixed:

• core: Queue loading transient units after setting their properties.
  (bsc#1115518)
• logind: Stop managing VT switches if no sessions are registered on that
  VT. (bsc#1101591)
• terminal-util: introduce vt_release() and vt_restore() helpers.
• terminal: Unify code for resetting kbd utf8 mode a bit.
• terminal Reset should honour default_utf8 kernel setting.
• logind: Make session_restore_vt() static.
• udev: Downgrade message when settting inotify watch up fails.
  (bsc#1005023)
• log: Never log into foreign fd #2 in PID 1 or its pre-execve() children.
  (bsc#1114981)
• udev: Ignore the exit code of systemd-detect-virt for memory hot-add.
  In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that
  uses systemd-detect-virt to detect non-zvm environment. The
  systemd-detect-virt returns exit failure code when it detected none
  state. The exit failure code causes that the hot-add memory block can
  not be set to online. (bsc#1076696)

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Leap 42.3:

  zypper in -t patch openSUSE-2019-97=1