SUSE: Security Advisory (SUSE-SU-2021:2423-1)

The remote host is missing an update for the 'systemd' package(s) announced via the SUSE-SU-2021:2423-1 advisory.

This update for systemd fixes the following issues: Security issues fixed: CVE-2021-33910: Fixed a denial of service (stack exhaustion) in systemd (PID 1) (bsc#1188063) Other fixes: mount-util: shorten the loop a bit (#7545) mount-util: do not use the official MAX_HANDLE_SZ (#7523) mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761) mount-util: fix bad indenting mount-util: EOVERFLOW might have other causes than buffer size issues mount-util: fix error propagation in fd_fdinfo_mnt_id() mount-util: drop exponential buffer growing in name_to_handle_at_loop() udev: port udev_has_devtmpfs() to use path_get_mnt_id() mount-util: add new path_get_mnt_id() call that queries the mnt ID of a path mount-util: add name_to_handle_at_loop() wrapper around name_to_handle_at() mount-util: accept that name_to_handle_at() might fail with EPERM (#5499) basic: fallback to the fstat if we don't have access to the /proc/self/fdinfo sysusers: use the usual comment style test/TEST-21-SYSUSERS: add tests for new functionality sysusers: allow admin/runtime overrides to command-line config basic/strv: add function to insert items at position sysusers: allow the shell to be specified sysusers: move various user credential validity checks to src/basic/ man: reformat table in sysusers.d(5) sysusers: take configuration as positional arguments sysusers: emit a bit more info at debug level when locking fails sysusers: allow force reusing existing user/group IDs (#8037) sysusers: ensure GID in uid:gid syntax exists sysusers: make ADD_GROUP always create a group test: add TEST-21-SYSUSERS test sysuser: use OrderedHashmap sysusers: allow uid:gid in sysusers.conf files sysusers: fix memleak (#4430) These commits implement the option '--replace' for systemd-sysusers so %sysusers_create_package can be introduced in SLE and packages can rely on this rpm macro without wondering whether the macro is available on the different target the package is submitted to. Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807) systemctl: add --value option execute: make sure to call into PAM after initializing resource limits (bsc#1184967) rlimit-util: introduce setrlimit_closest_all() system-conf: drop reference to ShutdownWatchdogUsec= core: rename ShutdownWatchdogSec to RebootWatchdogSec (bsc#1185331) Return -EAGAIN instead of -EALREADY from unit_reload (bsc#1185046) rules: don't ignore Xen virtual interfaces anymore (bsc#1178561) write_net_rules: set execute bits (bsc#1178561) udev: rework network device renaming Revert 'Revert 'udev: network device renaming - immediately give up if the target name isn't available''

'systemd' package(s) on SUSE OpenStack Cloud Crowbar 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud 8, SUSE Linux Enterprise Server for SAP 12-SP4, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP2, HPE Helion Openstack 8.

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).