]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b236023) | patch
systemd: CVE-2016-7795
authorChen Qi <Qi.Chen@windriver.com>
Wed, 26 Oct 2016 06:09:47 +0000 (14:09 +0800)
committerAndreas Oberritter <obi@opendreambox.org>
Tue, 17 Oct 2017 02:38:27 +0000 (04:38 +0200)
commit7e506fb6d2e8ff9dc837c59c8097fa1e8d151d15
tree75b28ca35546c8c6c42b8d1f1e9ce99fae9f67cdtree
parentb236023eaab5a71fa740542a397b7fca85181845commit | diff
systemd: CVE-2016-7795

The manager_invoke_notify_message function in systemd 231 and earlier allows
local users to cause a denial of service (assertion failure and PID 1 hang)
via a zero-length message received over a notify socket.

The patch is a backport from the latest git repo.

Please see the link below for more information.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7795

(From OE-Core rev: 543570cafa8d7f595b489d03d05f0aa4478f8539)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit df3f4785fc69d3ddbd30ccd954aad3d3618c5916)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
meta/recipes-core/systemd/systemd/CVE-2016-7795.patch [new file with mode: 0644] blob
meta/recipes-core/systemd/systemd_230.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib