[OE-core] [PATCH v2 0/3] systemd: Fixes Security fix CVE-2018-16864 - CVE-2018-16866
Marcus Cooper
marcus.cooper at axis.com
Mon Jan 28 11:17:29 UTC 2019
Changed in v2:
- Added CVE tag, Upstream-Status tag and Sign-off-by tags.
- removed the verification of the entry length in the header
- squashed CVE-2018-16865 patches into one
- CVE-2018-16866 patch now taken from systemd-stable and includes
an additional heap buffer overflow fix.
Marcus Cooper (3):
systemd: Security fix CVE-2018-16864
systemd: Security fix CVE-2018-16865
systemd: Security fix CVE-2018-16866
...-not-store-the-iovec-entry-for-process-co.patch | 208 +++++++++++++++++++++
...rnald-set-a-limit-on-the-number-of-fields.patch | 139 ++++++++++++++
...nal-fix-out-of-bounds-read-CVE-2018-16866.patch | 49 +++++
meta/recipes-core/systemd/systemd_239.bb | 3 +
4 files changed, 399 insertions(+)
create mode 100644 meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch
create mode 100644 meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields.patch
create mode 100644 meta/recipes-core/systemd/systemd/0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch
--
2.11.0
More information about the Openembedded-core
mailing list