| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd in the upstream pyro is 232
CVE: CVE-2017-15908
Reference:
https://github.com/systemd/systemd/commit/9f939335a07085aa9a9663efd1dca06ef6405d62
Change-Id: Ifb3c138b324fe943c8a80e646c06731420d69ec0
Signed-off-by: Andreas Wellving <andreas.wellving@enea.com>
Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com>
|
|
|
|
|
|
| |
This patch has already been applied in upstream poky/pyro.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
refuse to load units with errors
If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.
Backport a patch from upstream to mitigate this by refusing to start units such
as this.
(From OE-Core rev: a6eaef0f179a341c0b96bb30aaec2d80862a11d6)
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000082
Backport from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=pyro&id=b7e7b5e294f944c27fb1d2be61c0cf38f6c81ba8
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
Out-of-bounds write in systemd-resolved due to allocating too
small buffer in dns_packet_new
References:
https://bugzilla.redhat.com/attachment.cgi?id=1290017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|