Updated systemd packages fix security vulnerabilityPublication date: 19 Nov 2019
Affected Mageia releases : 7
Updated systemd packages fix security vulnerability: Nadav Markus from Palo Alto Networks discovered that systemd-resolved does not enforce appropriate access controls on its D-Bus interface and allows unprivileged users to execute methods that are meant to be available only to privileged users. This can be exploited by local users to modify the system's DNS resolver settings (CVE-2019-15718). This update also adds various upstream fixes for networkd, resolved, updates the manpages, fixing some logging messages and adds some missing checks that can potentially be used to cause crashes or malfunction. The syscall filter list has been updated to properly support newer glibc and kernel features with seccomp and nspawn.