SUSE 5009 Published by

The following updates has been released for SUSE:

openSUSE-SU-2019:2108-1: moderate: Security update for SDL2_image
openSUSE-SU-2019:2109-1: moderate: Security update for SDL_image
openSUSE-SU-2019:2110-1: moderate: Security update for python-Twisted
openSUSE-SU-2019:2114-1: important: Security update for nodejs10
openSUSE-SU-2019:2115-1: important: Security update for nodejs8
openSUSE-SU-2019:2118-1: moderate: Security update for python-Werkzeug
openSUSE-SU-2019:2120-1: important: Security update for nginx
openSUSE-SU-2019:2121-1: moderate: Security update for util-linux and shadow



openSUSE-SU-2019:2108-1: moderate: Security update for SDL2_image

openSUSE Security Update: Security update for SDL2_image
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2108-1
Rating: moderate
References: #1135787 #1135789 #1135796 #1135806 #1136101
#1140419 #1140421 #1141844 #1143763 #1143764
#1143766 #1143768
Cross-References: CVE-2019-12217 CVE-2019-12218 CVE-2019-12220
CVE-2019-12221 CVE-2019-12222 CVE-2019-13616
CVE-2019-5051 CVE-2019-5052 CVE-2019-5057
CVE-2019-5058 CVE-2019-5059 CVE-2019-5060

Affected Products:
openSUSE Backports SLE-15-SP1
openSUSE Backports SLE-15
______________________________________________________________________________

An update that fixes 12 vulnerabilities is now available.

Description:

This update for SDL2_image fixes the following issues:

Update to new upstream release 2.0.5.

Security issues fixed:

* TALOS-2019-0820 CVE-2019-5051: exploitable heap-based buffer overflow
vulnerability when loading a PCX file (boo#1140419)
* TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow
vulnerability when loading a PCX file (boo#1140421)
* TALOS-2019-0841 CVE-2019-5057: code execution vulnerability in the PCX
image-rendering functionality of SDL2_image (boo#1143763)
* TALOS-2019-0842 CVE-2019-5058: heap overflow in XCF image rendering can
lead to code execution (boo#1143764)
* TALOS-2019-0843 CVE-2019-5059: heap overflow in XPM image (boo#1143766)
* TALOS-2019-0844 CVE-2019-5060: integer overflow in the XPM image
(boo#1143768)

Not mentioned by upstream, but issues seemingly further fixed:

* CVE-2019-12218: NULL pointer dereference in the SDL2_image function
IMG_LoadPCX_RW (boo#1135789)
* CVE-2019-12217: NULL pointer dereference in the SDL stdio_read function
(boo#1135787)
* CVE-2019-12220: SDL_image triggers an out-of-bounds read in the SDL
function SDL_FreePalette_REAL (boo#1135806)
* CVE-2019-12221: a SEGV caused by SDL_image in SDL function SDL_free_REAL
in stdlib/SDL_malloc.c (boo#1135796)
* CVE-2019-12222: out-of-bounds read triggered by SDL_image in the
function SDL_InvalidateMap at video/SDL_pixels.c (boo#1136101)
* CVE-2019-13616: fix heap buffer overflow when reading a crafted bmp file
(boo#1141844).



This update was imported from the openSUSE:Leap:15.0:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2019-2108=1

- openSUSE Backports SLE-15:

zypper in -t patch openSUSE-2019-2108=1



Package List:

- openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):

SDL2_image-debugsource-2.0.5-bp151.4.3.1
libSDL2_image-2_0-0-2.0.5-bp151.4.3.1
libSDL2_image-2_0-0-debuginfo-2.0.5-bp151.4.3.1
libSDL2_image-devel-2.0.5-bp151.4.3.1

- openSUSE Backports SLE-15-SP1 (aarch64_ilp32):

libSDL2_image-2_0-0-64bit-2.0.5-bp151.4.3.1
libSDL2_image-2_0-0-64bit-debuginfo-2.0.5-bp151.4.3.1
libSDL2_image-devel-64bit-2.0.5-bp151.4.3.1

- openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64):

libSDL2_image-2_0-0-2.0.5-bp150.3.6.1
libSDL2_image-devel-2.0.5-bp150.3.6.1

- openSUSE Backports SLE-15 (aarch64_ilp32):

libSDL2_image-2_0-0-64bit-2.0.5-bp150.3.6.1
libSDL2_image-devel-64bit-2.0.5-bp150.3.6.1


References:

https://www.suse.com/security/cve/CVE-2019-12217.html
https://www.suse.com/security/cve/CVE-2019-12218.html
https://www.suse.com/security/cve/CVE-2019-12220.html
https://www.suse.com/security/cve/CVE-2019-12221.html
https://www.suse.com/security/cve/CVE-2019-12222.html
https://www.suse.com/security/cve/CVE-2019-13616.html
https://www.suse.com/security/cve/CVE-2019-5051.html
https://www.suse.com/security/cve/CVE-2019-5052.html
https://www.suse.com/security/cve/CVE-2019-5057.html
https://www.suse.com/security/cve/CVE-2019-5058.html
https://www.suse.com/security/cve/CVE-2019-5059.html
https://www.suse.com/security/cve/CVE-2019-5060.html
https://bugzilla.suse.com/1135787
https://bugzilla.suse.com/1135789
https://bugzilla.suse.com/1135796
https://bugzilla.suse.com/1135806
https://bugzilla.suse.com/1136101
https://bugzilla.suse.com/1140419
https://bugzilla.suse.com/1140421
https://bugzilla.suse.com/1141844
https://bugzilla.suse.com/1143763
https://bugzilla.suse.com/1143764
https://bugzilla.suse.com/1143766
https://bugzilla.suse.com/1143768

openSUSE-SU-2019:2109-1: moderate: Security update for SDL_image

openSUSE Security Update: Security update for SDL_image
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2109-1
Rating: moderate
References: #1124827 #1140421 #1141844 #1143763 #1143764
#1143766 #1143768
Cross-References: CVE-2019-13616 CVE-2019-5052 CVE-2019-5057
CVE-2019-5058 CVE-2019-5059 CVE-2019-5060
CVE-2019-7635
Affected Products:
openSUSE Backports SLE-15-SP1
openSUSE Backports SLE-15
______________________________________________________________________________

An update that fixes 7 vulnerabilities is now available.

Description:

This update for SDL_image fixes the following issues:

Update SDL_Image to new snapshot 1.2.12+hg695.

Security issues fixed:

* TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow
vulnerability when loading a PCX file (boo#1140421)
* TALOS-2019-0841 CVE-2019-5057: code execution vulnerability in the PCX
image-rendering functionality of SDL2_image (boo#1143763)
* TALOS-2019-0842 CVE-2019-5058: heap overflow in XCF image rendering can
lead to code execution (boo#1143764)
* TALOS-2019-0843 CVE-2019-5059: heap overflow in XPM image handling
(boo#1143766)
* TALOS-2019-0844 CVE-2019-5060: integer overflow in the XPM image
(boo#1143768)
* CVE-2019-7635: heap-based buffer over-read in Blit1to4 in
video/SDL_blit_1.c (boo#1124827)
* CVE-2019-13616: fix heap buffer overflow when reading a crafted bmp file
(boo#1141844).

This update was imported from the openSUSE:Leap:15.0:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2019-2109=1

- openSUSE Backports SLE-15:

zypper in -t patch openSUSE-2019-2109=1



Package List:

- openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):

SDL_image-debugsource-1.2.12+hg695-bp151.4.3.1
libSDL_image-1_2-0-1.2.12+hg695-bp151.4.3.1
libSDL_image-1_2-0-debuginfo-1.2.12+hg695-bp151.4.3.1
libSDL_image-devel-1.2.12+hg695-bp151.4.3.1

- openSUSE Backports SLE-15-SP1 (aarch64_ilp32):

libSDL_image-1_2-0-64bit-1.2.12+hg695-bp151.4.3.1
libSDL_image-1_2-0-64bit-debuginfo-1.2.12+hg695-bp151.4.3.1
libSDL_image-devel-64bit-1.2.12+hg695-bp151.4.3.1

- openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64):

libSDL_image-1_2-0-1.2.12+hg695-bp150.3.3.1
libSDL_image-devel-1.2.12+hg695-bp150.3.3.1

- openSUSE Backports SLE-15 (aarch64_ilp32):

libSDL_image-1_2-0-64bit-1.2.12+hg695-bp150.3.3.1
libSDL_image-devel-64bit-1.2.12+hg695-bp150.3.3.1


References:

https://www.suse.com/security/cve/CVE-2019-13616.html
https://www.suse.com/security/cve/CVE-2019-5052.html
https://www.suse.com/security/cve/CVE-2019-5057.html
https://www.suse.com/security/cve/CVE-2019-5058.html
https://www.suse.com/security/cve/CVE-2019-5059.html
https://www.suse.com/security/cve/CVE-2019-5060.html
https://www.suse.com/security/cve/CVE-2019-7635.html
https://bugzilla.suse.com/1124827
https://bugzilla.suse.com/1140421
https://bugzilla.suse.com/1141844
https://bugzilla.suse.com/1143763
https://bugzilla.suse.com/1143764
https://bugzilla.suse.com/1143766
https://bugzilla.suse.com/1143768

openSUSE-SU-2019:2110-1: moderate: Security update for python-Twisted

openSUSE Security Update: Security update for python-Twisted
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2110-1
Rating: moderate
References: #1138461
Cross-References: CVE-2019-12855
Affected Products:
openSUSE Backports SLE-15
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-Twisted fixes the following issues:

Security issue fixed:

- CVE-2019-12855: Fixed TLS certificate verification to protecting against
MITM attacks (bsc#1138461).

This update was imported from the SUSE:SLE-15:Update update project. This
update was imported from the openSUSE:Leap:15.0:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15:

zypper in -t patch openSUSE-2019-2110=1



Package List:

- openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64):

python-Twisted-doc-17.9.0-bp150.4.6.1
python2-Twisted-17.9.0-bp150.4.6.1
python3-Twisted-17.9.0-bp150.4.6.1


References:

https://www.suse.com/security/cve/CVE-2019-12855.html
https://bugzilla.suse.com/1138461

openSUSE-SU-2019:2114-1: important: Security update for nodejs10

openSUSE Security Update: Security update for nodejs10
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2114-1
Rating: important
References: #1146090 #1146091 #1146093 #1146094 #1146095
#1146097 #1146099 #1146100
Cross-References: CVE-2019-9511 CVE-2019-9512 CVE-2019-9513
CVE-2019-9514 CVE-2019-9515 CVE-2019-9516
CVE-2019-9517 CVE-2019-9518
Affected Products:
openSUSE Leap 15.1
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes 8 vulnerabilities is now available.

Description:

This update for nodejs10 to version 10.16.3 fixes the following issues:

Security issues fixed:

- CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to
window size manipulation and stream prioritization manipulation,
potentially leading to a denial of service (bsc#1146091).
- CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded
memory growth (bsc#1146099).
- CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to
resource loops, potentially leading to a denial of service.
(bsc#1146094).
- CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset
flood, potentially leading to a denial of service (bsc#1146095).
- CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in
unbounded memory growth (bsc#1146100).
- CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a
header leak, potentially leading to a denial of service (bsc#1146090).
- CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to
unconstrained interal data buffering (bsc#1146097).
- CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood
of empty frames, potentially leading to a denial of service
(bsc#1146093).

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2114=1

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-2114=1



Package List:

- openSUSE Leap 15.1 (i586 x86_64):

nodejs10-10.16.3-lp151.2.6.1
nodejs10-debuginfo-10.16.3-lp151.2.6.1
nodejs10-debugsource-10.16.3-lp151.2.6.1
nodejs10-devel-10.16.3-lp151.2.6.1
npm10-10.16.3-lp151.2.6.1

- openSUSE Leap 15.1 (noarch):

nodejs10-docs-10.16.3-lp151.2.6.1

- openSUSE Leap 15.0 (x86_64):

nodejs10-10.16.3-lp150.5.1
nodejs10-debuginfo-10.16.3-lp150.5.1
nodejs10-debugsource-10.16.3-lp150.5.1
nodejs10-devel-10.16.3-lp150.5.1
npm10-10.16.3-lp150.5.1

- openSUSE Leap 15.0 (noarch):

nodejs10-docs-10.16.3-lp150.5.1


References:

https://www.suse.com/security/cve/CVE-2019-9511.html
https://www.suse.com/security/cve/CVE-2019-9512.html
https://www.suse.com/security/cve/CVE-2019-9513.html
https://www.suse.com/security/cve/CVE-2019-9514.html
https://www.suse.com/security/cve/CVE-2019-9515.html
https://www.suse.com/security/cve/CVE-2019-9516.html
https://www.suse.com/security/cve/CVE-2019-9517.html
https://www.suse.com/security/cve/CVE-2019-9518.html
https://bugzilla.suse.com/1146090
https://bugzilla.suse.com/1146091
https://bugzilla.suse.com/1146093
https://bugzilla.suse.com/1146094
https://bugzilla.suse.com/1146095
https://bugzilla.suse.com/1146097
https://bugzilla.suse.com/1146099
https://bugzilla.suse.com/1146100

openSUSE-SU-2019:2115-1: important: Security update for nodejs8

openSUSE Security Update: Security update for nodejs8
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2115-1
Rating: important
References: #1144919 #1146090 #1146091 #1146093 #1146094
#1146095 #1146097 #1146099 #1146100
Cross-References: CVE-2019-9511 CVE-2019-9512 CVE-2019-9513
CVE-2019-9514 CVE-2019-9515 CVE-2019-9516
CVE-2019-9517 CVE-2019-9518
Affected Products:
openSUSE Leap 15.1
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves 8 vulnerabilities and has one errata
is now available.

Description:

This update for nodejs8 to version 8.16.1 fixes the following issues:

Security issues fixed:

- CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to
window size manipulation and stream prioritization manipulation,
potentially leading to a denial of service (bsc#1146091).
- CVE-2019-9512: Fixed HTTP/2 flood using PING frames results in unbounded
memory growth (bsc#1146099).
- CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to
resource loops, potentially leading to a denial of service.
(bsc#1146094).
- CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset
flood, potentially leading to a denial of service (bsc#1146095).
- CVE-2019-9515: Fixed HTTP/2 flood using SETTINGS frames results in
unbounded memory growth (bsc#1146100).
- CVE-2019-9516: Fixed HTTP/2 implementation that is vulnerable to a
header leak, potentially leading to a denial of service (bsc#1146090).
- CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to
unconstrained interal data buffering (bsc#1146097).
- CVE-2019-9518: Fixed HTTP/2 implementation that is vulnerable to a flood
of empty frames, potentially leading to a denial of service
(bsc#1146093).

Bug fixes:

- Fixed that npm resolves its default config file like in all other
versions, as /etc/nodejs/npmrc (bsc#1144919).

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2115=1

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-2115=1



Package List:

- openSUSE Leap 15.1 (i586 x86_64):

nodejs8-8.16.1-lp151.2.6.1
nodejs8-debuginfo-8.16.1-lp151.2.6.1
nodejs8-debugsource-8.16.1-lp151.2.6.1
nodejs8-devel-8.16.1-lp151.2.6.1
npm8-8.16.1-lp151.2.6.1

- openSUSE Leap 15.1 (noarch):

nodejs8-docs-8.16.1-lp151.2.6.1

- openSUSE Leap 15.0 (i586 x86_64):

nodejs8-8.16.1-lp150.2.19.1
nodejs8-debuginfo-8.16.1-lp150.2.19.1
nodejs8-debugsource-8.16.1-lp150.2.19.1
nodejs8-devel-8.16.1-lp150.2.19.1
npm8-8.16.1-lp150.2.19.1

- openSUSE Leap 15.0 (noarch):

nodejs8-docs-8.16.1-lp150.2.19.1


References:

https://www.suse.com/security/cve/CVE-2019-9511.html
https://www.suse.com/security/cve/CVE-2019-9512.html
https://www.suse.com/security/cve/CVE-2019-9513.html
https://www.suse.com/security/cve/CVE-2019-9514.html
https://www.suse.com/security/cve/CVE-2019-9515.html
https://www.suse.com/security/cve/CVE-2019-9516.html
https://www.suse.com/security/cve/CVE-2019-9517.html
https://www.suse.com/security/cve/CVE-2019-9518.html
https://bugzilla.suse.com/1144919
https://bugzilla.suse.com/1146090
https://bugzilla.suse.com/1146091
https://bugzilla.suse.com/1146093
https://bugzilla.suse.com/1146094
https://bugzilla.suse.com/1146095
https://bugzilla.suse.com/1146097
https://bugzilla.suse.com/1146099
https://bugzilla.suse.com/1146100

openSUSE-SU-2019:2118-1: moderate: Security update for python-Werkzeug

openSUSE Security Update: Security update for python-Werkzeug
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2118-1
Rating: moderate
References: #1145383
Cross-References: CVE-2019-14806
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-Werkzeug fixes the following issues:

Security issue fixed:

- CVE-2019-14806: Fixed the development server in Docker, the debugger
security pin is now unique per container (bsc#1145383).

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-2118=1



Package List:

- openSUSE Leap 15.0 (noarch):

python-Werkzeug-doc-0.12.2-lp150.2.3.1
python2-Werkzeug-0.12.2-lp150.2.3.1
python3-Werkzeug-0.12.2-lp150.2.3.1


References:

https://www.suse.com/security/cve/CVE-2019-14806.html
https://bugzilla.suse.com/1145383

openSUSE-SU-2019:2120-1: important: Security update for nginx

openSUSE Security Update: Security update for nginx
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2120-1
Rating: important
References: #1115015 #1115022 #1115025 #1145579 #1145580
#1145582
Cross-References: CVE-2018-16843 CVE-2018-16844 CVE-2018-16845
CVE-2019-9511 CVE-2019-9513 CVE-2019-9516

Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________

An update that fixes 6 vulnerabilities is now available.

Description:

This update for nginx fixes the following issues:

Security issues fixed:

- CVE-2019-9511: Fixed a denial of service by manipulating the window size
and stream prioritization (bsc#1145579).
- CVE-2019-9513: Fixed a denial of service caused by resource loops
(bsc#1145580).
- CVE-2019-9516: Fixed a denial of service caused by header leaks
(bsc#1145582).
- CVE-2018-16845: Fixed denial of service and memory disclosure via mp4
module (bsc#1115015).
- CVE-2018-16843: Fixed excessive memory consumption in HTTP/2
implementation (bsc#1115022).
- CVE-2018-16844: Fixed excessive CPU usage via flaw in HTTP/2
implementation (bsc#1115025).

This update was imported from the SUSE:SLE-15-SP1:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2120=1



Package List:

- openSUSE Leap 15.1 (x86_64):

nginx-1.14.2-lp151.4.3.1
nginx-debuginfo-1.14.2-lp151.4.3.1
nginx-debugsource-1.14.2-lp151.4.3.1

- openSUSE Leap 15.1 (noarch):

nginx-source-1.14.2-lp151.4.3.1
vim-plugin-nginx-1.14.2-lp151.4.3.1


References:

https://www.suse.com/security/cve/CVE-2018-16843.html
https://www.suse.com/security/cve/CVE-2018-16844.html
https://www.suse.com/security/cve/CVE-2018-16845.html
https://www.suse.com/security/cve/CVE-2019-9511.html
https://www.suse.com/security/cve/CVE-2019-9513.html
https://www.suse.com/security/cve/CVE-2019-9516.html
https://bugzilla.suse.com/1115015
https://bugzilla.suse.com/1115022
https://bugzilla.suse.com/1115025
https://bugzilla.suse.com/1145579
https://bugzilla.suse.com/1145580
https://bugzilla.suse.com/1145582

openSUSE-SU-2019:2121-1: moderate: Security update for util-linux and shadow

openSUSE Security Update: Security update for util-linux and shadow
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2121-1
Rating: moderate
References: #1081947 #1082293 #1085196 #1106214 #1121197
#1122417 #1125886 #1127701 #1135534 #1135708
#1141113 #353876
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for util-linux and shadow fixes the following issues:

util-linux:

- Fixed an issue where PATH settings in /etc/default/su being ignored
(bsc#1121197)
- Prevent outdated pam files (bsc#1082293).
- De-duplicate fstrim -A properly (bsc#1127701).
- Do not trim read-only volumes (bsc#1106214).
- Integrate pam_keyinit pam module to login (bsc#1081947).
- Perform one-time reset of /etc/default/su (bsc#1121197).
- Fix problems in reading of login.defs values (bsc#1121197)
- libmount: To prevent incorrect behavior, recognize more pseudofs and
netfs (bsc#1122417).
- raw.service: Add RemainAfterExit=yes (bsc#1135534).
- agetty: Return previous response of agetty for special characters
(bsc#1085196, bsc#1125886)
- libmount: print a blacklist hint for "unknown filesystem type"
(jsc#SUSE-4085, fate#326832)
- Fix /etc/default/su comments and create /etc/default/runuser
(bsc#1121197).

shadow:

- Fixed an issue where PATH settings in /etc/default/su being ignored
(bsc#1121197)
- Fix segfault in useradd during setting password inactivity period.
(bsc#1141113)
- Hardening for su wrappers (bsc#353876)

This update was imported from the SUSE:SLE-15-SP1:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2121=1



Package List:

- openSUSE Leap 15.1 (i586 x86_64):

libblkid-devel-2.33.1-lp151.3.3.2
libblkid-devel-static-2.33.1-lp151.3.3.2
libblkid1-2.33.1-lp151.3.3.2
libblkid1-debuginfo-2.33.1-lp151.3.3.2
libfdisk-devel-2.33.1-lp151.3.3.2
libfdisk-devel-static-2.33.1-lp151.3.3.2
libfdisk1-2.33.1-lp151.3.3.2
libfdisk1-debuginfo-2.33.1-lp151.3.3.2
libmount-devel-2.33.1-lp151.3.3.2
libmount-devel-static-2.33.1-lp151.3.3.2
libmount1-2.33.1-lp151.3.3.2
libmount1-debuginfo-2.33.1-lp151.3.3.2
libsmartcols-devel-2.33.1-lp151.3.3.2
libsmartcols-devel-static-2.33.1-lp151.3.3.2
libsmartcols1-2.33.1-lp151.3.3.2
libsmartcols1-debuginfo-2.33.1-lp151.3.3.2
libuuid-devel-2.33.1-lp151.3.3.2
libuuid-devel-static-2.33.1-lp151.3.3.2
libuuid1-2.33.1-lp151.3.3.2
libuuid1-debuginfo-2.33.1-lp151.3.3.2
shadow-4.6-lp151.2.3.2
shadow-debuginfo-4.6-lp151.2.3.2
shadow-debugsource-4.6-lp151.2.3.2
util-linux-2.33.1-lp151.3.3.2
util-linux-debuginfo-2.33.1-lp151.3.3.2
util-linux-debugsource-2.33.1-lp151.3.3.2
util-linux-systemd-2.33.1-lp151.3.3.2
util-linux-systemd-debuginfo-2.33.1-lp151.3.3.2
util-linux-systemd-debugsource-2.33.1-lp151.3.3.2
uuidd-2.33.1-lp151.3.3.2
uuidd-debuginfo-2.33.1-lp151.3.3.2

- openSUSE Leap 15.1 (noarch):

util-linux-lang-2.33.1-lp151.3.3.2

- openSUSE Leap 15.1 (x86_64):

libblkid-devel-32bit-2.33.1-lp151.3.3.2
libblkid1-32bit-2.33.1-lp151.3.3.2
libblkid1-32bit-debuginfo-2.33.1-lp151.3.3.2
libmount-devel-32bit-2.33.1-lp151.3.3.2
libmount1-32bit-2.33.1-lp151.3.3.2
libmount1-32bit-debuginfo-2.33.1-lp151.3.3.2
libuuid-devel-32bit-2.33.1-lp151.3.3.2
libuuid1-32bit-2.33.1-lp151.3.3.2
libuuid1-32bit-debuginfo-2.33.1-lp151.3.3.2
python3-libmount-2.33.1-lp151.3.3.2
python3-libmount-debuginfo-2.33.1-lp151.3.3.2
python3-libmount-debugsource-2.33.1-lp151.3.3.2


References:

https://bugzilla.suse.com/1081947
https://bugzilla.suse.com/1082293
https://bugzilla.suse.com/1085196
https://bugzilla.suse.com/1106214
https://bugzilla.suse.com/1121197
https://bugzilla.suse.com/1122417
https://bugzilla.suse.com/1125886
https://bugzilla.suse.com/1127701
https://bugzilla.suse.com/1135534
https://bugzilla.suse.com/1135708
https://bugzilla.suse.com/1141113
https://bugzilla.suse.com/353876