diff options
author | Chen Qi <Qi.Chen@windriver.com> | 2016-10-26 14:09:47 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-11-06 23:35:16 +0000 |
commit | 543570cafa8d7f595b489d03d05f0aa4478f8539 (patch) | |
tree | 475d3c30c929a59992eba14c350952d2c7128580 /meta/recipes-core/systemd/systemd_230.bb | |
parent | f4d70bb0882eec4fb46cd942f2796fad57c72982 (diff) | |
download | openembedded-core-contrib-543570cafa8d7f595b489d03d05f0aa4478f8539.tar.gz |
systemd: CVE-2016-7795
The manager_invoke_notify_message function in systemd 231 and earlier allows
local users to cause a denial of service (assertion failure and PID 1 hang)
via a zero-length message received over a notify socket.
The patch is a backport from the latest git repo.
Please see the link below for more information.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7795
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-core/systemd/systemd_230.bb')
-rw-r--r-- | meta/recipes-core/systemd/systemd_230.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/systemd/systemd_230.bb b/meta/recipes-core/systemd/systemd_230.bb index 542f99d04b..f60dd60d01 100644 --- a/meta/recipes-core/systemd/systemd_230.bb +++ b/meta/recipes-core/systemd/systemd_230.bb @@ -36,6 +36,7 @@ SRC_URI += " \ file://0021-include-missing.h-for-getting-secure_getenv-definiti.patch \ file://0022-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch \ file://udev-re-enable-mount-propagation-for-udevd.patch \ + file://CVE-2016-7795.patch \ " SRC_URI_append_libc-uclibc = "\ file://0002-units-Prefer-getty-to-agetty-in-console-setup-system.patch \ |