Seite 1 von 1

2019-01-19 - Security update to Systemd v239 series (Stable Update)

Verfasst: Samstag 19. Januar 2019, 19:52
von Blueriver
Hi community,

Welcome to our third stable update of 2019. So what do we have with this one?

We addressed the following security issues within systemd v239 series:

CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess.
CVE-2018-15687: A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files.
CVE-2018-6954_2: systemd-tmpfiles in systemd through 239 mishandles symlinks present in non-terminal path components.
CVE-2018-16864: An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog.
CVE-2018-16865: An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket.
CVE-2018-16866: An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ‘:’.
This is also addressed with v239.6-4 in our testing branch and with v240.275-1 in our unstable branch.

We hope with all these changes Manjaro to be more efficient for you all.

Partnership with FCS Linux Aarhus
We are happy to announce a new partnership with FCS Linux Aarhus owned by @fhdk. This enables us to offer you Laptops with Manjaro pre-installed and Manjaro Stickers you can use on your own hardware or gift them to a friend. For each sale FCS will donate a percentage to the Manjaro project.


Manjaro v18.0.2 released!
It took us almost two months of development to update Manjaro Illyria. It comes with refreshed packages and updated tools. You may want to download our XFCE Edition with the latest 4.13 packages, aswell as our most recent styling efforts. Our KDE fans may try our KDE Edition with the latest KDE v5.14 instead. And our GNOME fans may try our Gnome Edition with the latest GNOME v3.30.


Current supported Kernels
linux316 3.16.62
linux318 3.18.131 [EOL]
linux44 4.4.167
linux49 4.9.149
linux414 4.14.92
linux417 4.17.19 [EOL]
linux418 4.18.20 [EOL]
linux419 4.19.14
linux420 4.20.1
linux414-rt 4.14.87_rt49
linux416-rt 4.16.18_rt11
linux418-rt 4.18.16_rt9

Quelle

Re: 2019-01-19 - Security update to Systemd v239 series (Stable Update)

Verfasst: Samstag 19. Januar 2019, 21:34
von Blueriver
Problemlos erledigt. :)

Re: 2019-01-19 - Security update to Systemd v239 series (Stable Update)

Verfasst: Sonntag 20. Januar 2019, 09:31
von Eifelquelle
Lief völlig geräuschlos und problemlos durch!

Re: 2019-01-19 - Security update to Systemd v239 series (Stable Update)

Verfasst: Sonntag 20. Januar 2019, 17:28
von m-bostaurus
Auch bei mir auf allen Rechnern problemlos.