Overview
Request 1056400 accepted
- Add 5000-rules-add-missing-line-continuation.patch until commit
de8409ac43f6e4596de4cecce8dbbb5f1f2a18b1 is backported to the v252 stable
tree.
- Import commit 5a506d73bde7ba9261985f8e9ce084044a519432 (merge of v252.4)
It includes the following fixes:
9b75a3d050 coredump: do not allow user to access coredumps with changed uid/gid/capabilities (bsc#1205000 CVE-2022-4415)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/bf3fef99886bd977a1c7a51d20087bc8977fff44...5a506d73bde7ba9261985f8e9ce084044a519432
Additionally, it also includes the following backports:
- 20ca3155c5 localed: reload PID1 configuration after modifying /etc/locale.conf
- 3538c202fd test: update TEST-73-LOCALE to define several locale settings in initial PID1 environment
- Drop 5000-coredump-adjust-whitespace.patch
5001-coredump-do-not-allow-user-to-access-coredumps-with-.patch
They are part of v252.4.
https://openqa.opensuse.org/tests/2973182#step/journal_check/21
sounds very suspicious
Dec 23 07:26:25.666498 localhost systemd-udevd[579]: event_source: Failed to get device name: No such file or directory Dec 23 07:28:52.045029 localhost systemd-udevd[553]: event_source: Failed to get device name: No such file or directory Dec 23 07:30:15.936277 localhost systemd-udevd[548]: event_source: Failed to get device name: No such file or directory Dec 23 07:31:51.702049 localhost systemd-udevd[549]: event_source: Failed to get device name: No such file or directory Dec 23 07:33:27.055370 localhost systemd-udevd[554]: event_source: Failed to get device name: No such file or directory Dec 23 07:35:38.248401 localhost systemd-udevd[547]: event_source: Failed to get device name: No such file or directory Dec 23 07:37:09.944116 localhost systemd-udevd[548]: event_source: Failed to get device name: No such file or directory Dec 23 07:39:04.143411 localhost systemd-udevd[546]: event_source: Failed to get device name: No such file or directory Dec 23 07:40:27.411617 localhost systemd-udevd[535]: event_source: Failed to get device name: No such file or directory Dec 23 07:42:11.071235 localhost systemd-udevd[554]: event_source: Failed to get device name: No such file or directory Dec 23 07:43:39.936981 localhost systemd-udevd[549]: event_source: Failed to get device name: No such file or directory Dec 23 07:47:16.394992 localhost systemd-udevd[532]: event_source: Failed to get device name: No such file or directory Dec 23 07:49:54.163905 localhost systemd-udevd[546]: event_source: Failed to get device name: No such file or directory Dec 23 07:49:56.537591 localhost.localdomain root[836]: ERROR: "/usr/libexec/health-checker/fail.sh check" failed Dec 23 07:49:56.676293 localhost.localdomain root[882]: Machine didn't come up correctly, do a rollback Dec 23 07:50:23.593143 localhost systemd-udevd[532]: event_source: Failed to get device name: No such file or directory
It should be addressed by https://github.com/systemd/systemd/pull/25812, I'll backport the fix.
Request History
fbui created request
- Add 5000-rules-add-missing-line-continuation.patch until commit
de8409ac43f6e4596de4cecce8dbbb5f1f2a18b1 is backported to the v252 stable
tree.
- Import commit 5a506d73bde7ba9261985f8e9ce084044a519432 (merge of v252.4)
It includes the following fixes:
9b75a3d050 coredump: do not allow user to access coredumps with changed uid/gid/capabilities (bsc#1205000 CVE-2022-4415)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/bf3fef99886bd977a1c7a51d20087bc8977fff44...5a506d73bde7ba9261985f8e9ce084044a519432
Additionally, it also includes the following backports:
- 20ca3155c5 localed: reload PID1 configuration after modifying /etc/locale.conf
- 3538c202fd test: update TEST-73-LOCALE to define several locale settings in initial PID1 environment
- Drop 5000-coredump-adjust-whitespace.patch
5001-coredump-do-not-allow-user-to-access-coredumps-with-.patch
They are part of v252.4.
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
dimstar_suse set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:F"
licensedigger accepted review
The legal review is accepted preliminary. The package may require actions later on.
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:F got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:F got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:F got accepted.
