Red Hat Product Errata RHSA-2020:0593 - Security Advisory

Issued:: 2020-02-25
Updated:: 2020-02-25

RHSA-2020:0593 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: systemd security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for systemd is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.

Security Fix(es):

systemd: line splitting via fgets() allows for state injection during daemon-reexec (CVE-2018-15686)
systemd: out-of-bounds read when parsing a crafted syslog message (CVE-2018-16866)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 7.4 x86_64
Red Hat Enterprise Linux Server - TUS 7.4 x86_64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.4 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4 x86_64

Fixes

BZ - 1639071 - CVE-2018-15686 systemd: line splitting via fgets() allows for state injection during daemon-reexec
BZ - 1653867 - CVE-2018-16866 systemd: out-of-bounds read when parsing a crafted syslog message

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.4

SRPM
systemd-219-42.el7_4.20.src.rpm	SHA-256: 5477f4acddd8e8b78680f798e6c648a9a5341c5d0f13f98e9fe64c4586540618
x86_64
libgudev1-219-42.el7_4.20.i686.rpm	SHA-256: 90d3ea28142cfcc2131f5ed63b3305c2b6bad66155e7d5333ff7eac2d62ea3ee
libgudev1-219-42.el7_4.20.x86_64.rpm	SHA-256: 54a2535840b4cb077d121f1482b93e497d7616f885a6bb6c918ae99a627b0f2c
libgudev1-devel-219-42.el7_4.20.i686.rpm	SHA-256: a1f53d86d17e208ec963c20d61cf9639cba88e0f8c0bb713c95ecf43787636f3
libgudev1-devel-219-42.el7_4.20.x86_64.rpm	SHA-256: 4aa59a1dad6538c762ebc92d8434522608119adb37f72014321fd784cd6ae66d
systemd-219-42.el7_4.20.x86_64.rpm	SHA-256: 465e8e0844de6af700c9006d6f2c66739c1ce8e980919a295d4212dc70000002
systemd-debuginfo-219-42.el7_4.20.i686.rpm	SHA-256: 741a7129572008971c02dc4d621e3a574b58433fa05610ea305e2ab66da30977
systemd-debuginfo-219-42.el7_4.20.i686.rpm	SHA-256: 741a7129572008971c02dc4d621e3a574b58433fa05610ea305e2ab66da30977
systemd-debuginfo-219-42.el7_4.20.x86_64.rpm	SHA-256: 22056a662bb674507d2b623e9fe8d0105213e372f9ff646585d979308b234256
systemd-debuginfo-219-42.el7_4.20.x86_64.rpm	SHA-256: 22056a662bb674507d2b623e9fe8d0105213e372f9ff646585d979308b234256
systemd-devel-219-42.el7_4.20.i686.rpm	SHA-256: 5eb4e3f09e42a5479fb15d2e931af6d74783623f739bbbeb9142b0e7ba1c2d10
systemd-devel-219-42.el7_4.20.x86_64.rpm	SHA-256: 722dc062f38f4c52d1747e4615bfe2f5a3080722474145061eb21fafdf84ea11
systemd-journal-gateway-219-42.el7_4.20.x86_64.rpm	SHA-256: f655112911f41d3d333859e611206aab88ab36f28f89abd29daa963204662a86
systemd-libs-219-42.el7_4.20.i686.rpm	SHA-256: 57927fc3ab8e8fee0f0b098becb714b56ae66633ae5ae125858d313ffbaab2ac
systemd-libs-219-42.el7_4.20.x86_64.rpm	SHA-256: fe293ed6407a388da37d44682067dc9ddcb5b643fa764a5dc36e55443f18f329
systemd-networkd-219-42.el7_4.20.x86_64.rpm	SHA-256: e49602abc743d3b0dd51aad3b335ed5f9d4166e498c16b52de60f3747f6c8304
systemd-python-219-42.el7_4.20.x86_64.rpm	SHA-256: d0615dea4e0036429a91699c393d35b0afe50f0d3866597313bd7698600fd20f
systemd-resolved-219-42.el7_4.20.i686.rpm	SHA-256: 7667cff605d850fd6652e209dcf0d0e213cf506cc39858a9d86beb64d3182b22
systemd-resolved-219-42.el7_4.20.x86_64.rpm	SHA-256: c213f7c5113f55c6bdf6c7363114e75edfc3c3898bccf31d9f26e21c6afe86ab
systemd-sysv-219-42.el7_4.20.x86_64.rpm	SHA-256: 72e6b06008810506881fb0c7bb1eb4423f8c0642390a824f7af4ff0fbb34d193

Red Hat Enterprise Linux Server - TUS 7.4

SRPM
systemd-219-42.el7_4.20.src.rpm	SHA-256: 5477f4acddd8e8b78680f798e6c648a9a5341c5d0f13f98e9fe64c4586540618
x86_64
libgudev1-219-42.el7_4.20.i686.rpm	SHA-256: 90d3ea28142cfcc2131f5ed63b3305c2b6bad66155e7d5333ff7eac2d62ea3ee
libgudev1-219-42.el7_4.20.x86_64.rpm	SHA-256: 54a2535840b4cb077d121f1482b93e497d7616f885a6bb6c918ae99a627b0f2c
libgudev1-devel-219-42.el7_4.20.i686.rpm	SHA-256: a1f53d86d17e208ec963c20d61cf9639cba88e0f8c0bb713c95ecf43787636f3
libgudev1-devel-219-42.el7_4.20.x86_64.rpm	SHA-256: 4aa59a1dad6538c762ebc92d8434522608119adb37f72014321fd784cd6ae66d
systemd-219-42.el7_4.20.x86_64.rpm	SHA-256: 465e8e0844de6af700c9006d6f2c66739c1ce8e980919a295d4212dc70000002
systemd-debuginfo-219-42.el7_4.20.i686.rpm	SHA-256: 741a7129572008971c02dc4d621e3a574b58433fa05610ea305e2ab66da30977
systemd-debuginfo-219-42.el7_4.20.i686.rpm	SHA-256: 741a7129572008971c02dc4d621e3a574b58433fa05610ea305e2ab66da30977
systemd-debuginfo-219-42.el7_4.20.x86_64.rpm	SHA-256: 22056a662bb674507d2b623e9fe8d0105213e372f9ff646585d979308b234256
systemd-debuginfo-219-42.el7_4.20.x86_64.rpm	SHA-256: 22056a662bb674507d2b623e9fe8d0105213e372f9ff646585d979308b234256
systemd-devel-219-42.el7_4.20.i686.rpm	SHA-256: 5eb4e3f09e42a5479fb15d2e931af6d74783623f739bbbeb9142b0e7ba1c2d10
systemd-devel-219-42.el7_4.20.x86_64.rpm	SHA-256: 722dc062f38f4c52d1747e4615bfe2f5a3080722474145061eb21fafdf84ea11
systemd-journal-gateway-219-42.el7_4.20.x86_64.rpm	SHA-256: f655112911f41d3d333859e611206aab88ab36f28f89abd29daa963204662a86
systemd-libs-219-42.el7_4.20.i686.rpm	SHA-256: 57927fc3ab8e8fee0f0b098becb714b56ae66633ae5ae125858d313ffbaab2ac
systemd-libs-219-42.el7_4.20.x86_64.rpm	SHA-256: fe293ed6407a388da37d44682067dc9ddcb5b643fa764a5dc36e55443f18f329
systemd-networkd-219-42.el7_4.20.x86_64.rpm	SHA-256: e49602abc743d3b0dd51aad3b335ed5f9d4166e498c16b52de60f3747f6c8304
systemd-python-219-42.el7_4.20.x86_64.rpm	SHA-256: d0615dea4e0036429a91699c393d35b0afe50f0d3866597313bd7698600fd20f
systemd-resolved-219-42.el7_4.20.i686.rpm	SHA-256: 7667cff605d850fd6652e209dcf0d0e213cf506cc39858a9d86beb64d3182b22
systemd-resolved-219-42.el7_4.20.x86_64.rpm	SHA-256: c213f7c5113f55c6bdf6c7363114e75edfc3c3898bccf31d9f26e21c6afe86ab
systemd-sysv-219-42.el7_4.20.x86_64.rpm	SHA-256: 72e6b06008810506881fb0c7bb1eb4423f8c0642390a824f7af4ff0fbb34d193

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.4

SRPM
systemd-219-42.el7_4.20.src.rpm	SHA-256: 5477f4acddd8e8b78680f798e6c648a9a5341c5d0f13f98e9fe64c4586540618
ppc64le
libgudev1-219-42.el7_4.20.ppc64le.rpm	SHA-256: fed1f38c6f4a9d3bda7e443cc1a20e0e9e67eb27e1da1b33bdac9b7017ad01a8
libgudev1-devel-219-42.el7_4.20.ppc64le.rpm	SHA-256: 739632f2dc794cb0da8c5de30ea7914501ab2a5916b58e0369a4a07bd5fc2d22
systemd-219-42.el7_4.20.ppc64le.rpm	SHA-256: 85e652bd35011ff8466da258be46b45f3a92b5c12811523fcee87a15ad8d06bb
systemd-debuginfo-219-42.el7_4.20.ppc64le.rpm	SHA-256: 493becebdf9fc1537fdd173b1437af5ab48c350565dd831108e37cbdbbdca27b
systemd-debuginfo-219-42.el7_4.20.ppc64le.rpm	SHA-256: 493becebdf9fc1537fdd173b1437af5ab48c350565dd831108e37cbdbbdca27b
systemd-devel-219-42.el7_4.20.ppc64le.rpm	SHA-256: af69ad876eec7dbca695f09fe9b62c13a890383119819e9350481324995b3e29
systemd-journal-gateway-219-42.el7_4.20.ppc64le.rpm	SHA-256: 74cc6db491f73af69850e7f28cae2e94a5eb4d120d53f4a0d98414f10fda5fb1
systemd-libs-219-42.el7_4.20.ppc64le.rpm	SHA-256: ac94e68044d643c0a52c78e50c2ffa5f8de8f1d257ea55bb5d8d0f4ad9aba6fd
systemd-networkd-219-42.el7_4.20.ppc64le.rpm	SHA-256: 74e45ebe6bbf43b534ee076d330f239dad13ca0b69a00ebffc7d6b84d307b841
systemd-python-219-42.el7_4.20.ppc64le.rpm	SHA-256: a462b5c9672c1fe57744bd1e7c87a0eb61647367be28c1e06a246da18dc0dbd8
systemd-resolved-219-42.el7_4.20.ppc64le.rpm	SHA-256: 2be2f767fba5f1d606b54e7b17ea4a17468e4d9ac9c209950e88e9716efd45a2
systemd-sysv-219-42.el7_4.20.ppc64le.rpm	SHA-256: 0d66cb062436a969612862cc60daca663d5b2dc0e4c7ad111dd2b0d6e56b8755

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4

SRPM
systemd-219-42.el7_4.20.src.rpm	SHA-256: 5477f4acddd8e8b78680f798e6c648a9a5341c5d0f13f98e9fe64c4586540618
x86_64
libgudev1-219-42.el7_4.20.i686.rpm	SHA-256: 90d3ea28142cfcc2131f5ed63b3305c2b6bad66155e7d5333ff7eac2d62ea3ee
libgudev1-219-42.el7_4.20.x86_64.rpm	SHA-256: 54a2535840b4cb077d121f1482b93e497d7616f885a6bb6c918ae99a627b0f2c
libgudev1-devel-219-42.el7_4.20.i686.rpm	SHA-256: a1f53d86d17e208ec963c20d61cf9639cba88e0f8c0bb713c95ecf43787636f3
libgudev1-devel-219-42.el7_4.20.x86_64.rpm	SHA-256: 4aa59a1dad6538c762ebc92d8434522608119adb37f72014321fd784cd6ae66d
systemd-219-42.el7_4.20.x86_64.rpm	SHA-256: 465e8e0844de6af700c9006d6f2c66739c1ce8e980919a295d4212dc70000002
systemd-debuginfo-219-42.el7_4.20.i686.rpm	SHA-256: 741a7129572008971c02dc4d621e3a574b58433fa05610ea305e2ab66da30977
systemd-debuginfo-219-42.el7_4.20.i686.rpm	SHA-256: 741a7129572008971c02dc4d621e3a574b58433fa05610ea305e2ab66da30977
systemd-debuginfo-219-42.el7_4.20.x86_64.rpm	SHA-256: 22056a662bb674507d2b623e9fe8d0105213e372f9ff646585d979308b234256
systemd-debuginfo-219-42.el7_4.20.x86_64.rpm	SHA-256: 22056a662bb674507d2b623e9fe8d0105213e372f9ff646585d979308b234256
systemd-devel-219-42.el7_4.20.i686.rpm	SHA-256: 5eb4e3f09e42a5479fb15d2e931af6d74783623f739bbbeb9142b0e7ba1c2d10
systemd-devel-219-42.el7_4.20.x86_64.rpm	SHA-256: 722dc062f38f4c52d1747e4615bfe2f5a3080722474145061eb21fafdf84ea11
systemd-journal-gateway-219-42.el7_4.20.x86_64.rpm	SHA-256: f655112911f41d3d333859e611206aab88ab36f28f89abd29daa963204662a86
systemd-libs-219-42.el7_4.20.i686.rpm	SHA-256: 57927fc3ab8e8fee0f0b098becb714b56ae66633ae5ae125858d313ffbaab2ac
systemd-libs-219-42.el7_4.20.x86_64.rpm	SHA-256: fe293ed6407a388da37d44682067dc9ddcb5b643fa764a5dc36e55443f18f329
systemd-networkd-219-42.el7_4.20.x86_64.rpm	SHA-256: e49602abc743d3b0dd51aad3b335ed5f9d4166e498c16b52de60f3747f6c8304
systemd-python-219-42.el7_4.20.x86_64.rpm	SHA-256: d0615dea4e0036429a91699c393d35b0afe50f0d3866597313bd7698600fd20f
systemd-resolved-219-42.el7_4.20.i686.rpm	SHA-256: 7667cff605d850fd6652e209dcf0d0e213cf506cc39858a9d86beb64d3182b22
systemd-resolved-219-42.el7_4.20.x86_64.rpm	SHA-256: c213f7c5113f55c6bdf6c7363114e75edfc3c3898bccf31d9f26e21c6afe86ab
systemd-sysv-219-42.el7_4.20.x86_64.rpm	SHA-256: 72e6b06008810506881fb0c7bb1eb4423f8c0642390a824f7af4ff0fbb34d193

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation