• Various correctness and potential crash fixes (systemd-journald, udev, systemctl, systemd, systemd-tmpfiles, systemd-resolved)
  • Better handling of very long sysfs paths
  • Compilation fixes for updated glibc and kernel headers
  • Addition of new syscalls to seccomp filters
  • Latvian and Spanish/Dvorak keyboard mappings
  • Shell completion fixes
  • Ignore FORCERENEW DHCP messages in systemd-networkd (TALOS-2020-1142, CVE-2020-13529, #1959398)
  • by-uuid symlinks for ubifs volumes are now created
  • CVE-2021-33910, #1984020: an unchecked stack allocation could be used to crash systemd and cause the system to reboot by creating a very long fuse mountpoint path.

No need to log out or reboot.

How to install

sudo dnf upgrade --advisory=FEDORA-2021-166e461c8d

This update has been submitted for testing by zbyszek.

2 weeks ago

This update's test gating status has been changed to 'failed'.

2 weeks ago

This update's test gating status has been changed to 'waiting'.

2 weeks ago

This update's test gating status has been changed to 'failed'.

2 weeks ago

This update's test gating status has been changed to 'passed'.

2 weeks ago

This update has been pushed to testing.

2 weeks ago
User Icon ngompa provided feedback 2 weeks ago
karma
BZ#1959398 CVE-2020-13529 systemd: crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack [fedora-all]

zbyszek edited this update.

2 weeks ago
User Icon ngompa provided feedback 2 weeks ago
karma
BZ#1959398 CVE-2020-13529 systemd: crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack [fedora-all]
BZ#1984020 CVE-2021-33910 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash [fedora-all]
User Icon dowdle commented & provided feedback a week ago
karma

Worked in a brief KVM VM test.

This update can be pushed to stable now if the maintainer wishes

a week ago

This update has been submitted for stable by zbyszek.

a week ago

This update has been pushed to stable.

a week ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
2 weeks ago
in testing
2 weeks ago
in stable
a week ago
modified
2 weeks ago
BZ#1959398 CVE-2020-13529 systemd: crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack [fedora-all]
0
1
BZ#1984020 CVE-2021-33910 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash [fedora-all]
0
1

Automated Test Results

Test Cases

0 2 Test Case base service manipulation
0 2 Test Case base services start
0 2 Test Case base shutdown/reboot