[OE-core] [sumo][PATCH 0/8] systemd: fix CVEs
George McCollister
george.mccollister at gmail.com
Mon Feb 25 16:37:05 UTC 2019
Apply CVE patches to systemd. Backport changes from thud when possible
otherwise use patches from:
https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.13
The following changes since commit 31f0c5e59c7fb0ae0915de584fbfcf3d95bbb061:
testsdk: Improvements to the json logging (2018-12-07 10:56:32 +0000)
are available in the git repository at:
git://github.com/gmccollister/openembedded-core sumo-cve-fixes
https://github.com/gmccollister/openembedded-core/tree/sumo-cve-fixes
Chen Qi (2):
systemd: fix CVE-2018-15686
systemd: fix CVE-2018-15688
George McCollister (5):
systemd: fix CVE-2018-15687
systemd: Security fix CVE-2018-16864
systemd: Security fix CVE-2018-16865
systemd: fix CVE-2018-6954
systemd: fix CVE-2019-6454
Marcus Cooper (1):
systemd: Security fix CVE-2018-16866
...sive-let-s-rework-the-recursive-logic-to-.patch | 252 +++
...eserializing-state-always-use-read_line-L.patch | 250 +++
...sure-we-have-enough-space-for-the-DHCP6-o.patch | 39 +
...n-t-resolve-pathnames-when-traversing-rec.patch | 643 +++++++
.../systemd/systemd/0002-Make-tmpfiles-safe.patch | 1828 ++++++++++++++++++++
...-not-store-the-iovec-entry-for-process-co.patch | 193 +++
...ld-set-a-limit-on-the-number-of-fields-1k.patch | 60 +
...ote-set-a-limit-on-the-number-of-fields-i.patch | 79 +
...nal-fix-out-of-bounds-read-CVE-2018-16866.patch | 49 +
.../systemd/systemd/CVE-2019-6454.patch | 210 +++
...e-receive-an-invalid-dbus-message-ignore-.patch | 61 +
meta/recipes-core/systemd/systemd_237.bb | 11 +
12 files changed, 3675 insertions(+)
create mode 100644 meta/recipes-core/systemd/systemd/0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch
create mode 100644 meta/recipes-core/systemd/systemd/0001-core-when-deserializing-state-always-use-read_line-L.patch
create mode 100644 meta/recipes-core/systemd/systemd/0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch
create mode 100644 meta/recipes-core/systemd/systemd/0001-tmpfiles-don-t-resolve-pathnames-when-traversing-rec.patch
create mode 100644 meta/recipes-core/systemd/systemd/0002-Make-tmpfiles-safe.patch
create mode 100644 meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch
create mode 100644 meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields-1k.patch
create mode 100644 meta/recipes-core/systemd/systemd/0026-journal-remote-set-a-limit-on-the-number-of-fields-i.patch
create mode 100644 meta/recipes-core/systemd/systemd/0027-journal-fix-out-of-bounds-read-CVE-2018-16866.patch
create mode 100644 meta/recipes-core/systemd/systemd/CVE-2019-6454.patch
create mode 100644 meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch
--
2.11.0
More information about the Openembedded-core
mailing list