]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d1bdb66) | patch
systemd: Fix CVE-2022-3821 issue
authorRanjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Mon, 14 Nov 2022 14:50:23 +0000 (20:20 +0530)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 23 Nov 2022 00:26:19 +0000 (00:26 +0000)
commite2db40ca49b8ed217f14c7f861087837e8b3f389
tree4f25ba0739a0e7f7ca7b97ad1ea7a95bc6026439tree
parentd1bdb663e6a69993d3f42547a27296b606965d47commit | diff
systemd: Fix CVE-2022-3821 issue

An off-by-one Error issue was discovered in Systemd in format_timespan()
function of time-util.c. An attacker could supply specific values for
time and accuracy that leads to buffer overrun in format_timespan(),
leading to a Denial of Service.
Add a patch to solve above CVE issue
Link: https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-core/systemd/systemd/CVE-2022-3821.patch [new file with mode: 0644] blob
meta/recipes-core/systemd/systemd_244.5.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core