aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/systemd/systemd_230.bb
diff options
context:
space:
mode:
authorChen Qi <Qi.Chen@windriver.com>2016-10-26 14:09:47 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-11-06 23:35:16 +0000
commit543570cafa8d7f595b489d03d05f0aa4478f8539 (patch)
tree475d3c30c929a59992eba14c350952d2c7128580 /meta/recipes-core/systemd/systemd_230.bb
parentf4d70bb0882eec4fb46cd942f2796fad57c72982 (diff)
downloadopenembedded-core-contrib-543570cafa8d7f595b489d03d05f0aa4478f8539.tar.gz
systemd: CVE-2016-7795
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket. The patch is a backport from the latest git repo. Please see the link below for more information. https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7795 Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-core/systemd/systemd_230.bb')
-rw-r--r--meta/recipes-core/systemd/systemd_230.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/systemd/systemd_230.bb b/meta/recipes-core/systemd/systemd_230.bb
index 542f99d04b..f60dd60d01 100644
--- a/meta/recipes-core/systemd/systemd_230.bb
+++ b/meta/recipes-core/systemd/systemd_230.bb
@@ -36,6 +36,7 @@ SRC_URI += " \
file://0021-include-missing.h-for-getting-secure_getenv-definiti.patch \
file://0022-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch \
file://udev-re-enable-mount-propagation-for-udevd.patch \
+ file://CVE-2016-7795.patch \
"
SRC_URI_append_libc-uclibc = "\
file://0002-units-Prefer-getty-to-agetty-in-console-setup-system.patch \
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-09-23 09:51:01 +0000