diff options
author | Chen Qi <Qi.Chen@windriver.com> | 2016-10-25 14:23:08 +0800 |
---|---|---|
committer | Chen Qi <Qi.Chen@windriver.com> | 2016-10-26 14:05:52 +0800 |
commit | 03fe8f1085b1f9ab381e69f1735ba8b1c049d4b8 (patch) | |
tree | 473856bc706f34db444792e01e081d91bfd6725e /meta/recipes-core/systemd/systemd_230.bb | |
parent | 1886ab2f1dc1e3b5758a85604998e8deb9198f5e (diff) | |
download | openembedded-core-contrib-ChenQi/CVE-2016-7795.tar.gz |
systemd: CVE-2016-7795ChenQi/CVE-2016-7795
The manager_invoke_notify_message function in systemd 231 and earlier allows
local users to cause a denial of service (assertion failure and PID 1 hang)
via a zero-length message received over a notify socket.
The patch is a backport from the latest git repo.
Please see the link below for more information.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7795
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Diffstat (limited to 'meta/recipes-core/systemd/systemd_230.bb')
-rw-r--r-- | meta/recipes-core/systemd/systemd_230.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/systemd/systemd_230.bb b/meta/recipes-core/systemd/systemd_230.bb index a949fe8dbf..19d144d3fa 100644 --- a/meta/recipes-core/systemd/systemd_230.bb +++ b/meta/recipes-core/systemd/systemd_230.bb @@ -36,6 +36,7 @@ SRC_URI += " \ file://0021-include-missing.h-for-getting-secure_getenv-definiti.patch \ file://0022-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch \ file://udev-re-enable-mount-propagation-for-udevd.patch \ + file://CVE-2016-7795.patch \ " SRC_URI_append_libc-uclibc = "\ file://0002-units-Prefer-getty-to-agetty-in-console-setup-system.patch \ |