systemd: CVE-2017-1000082 - linux/meta-nfv-access-common.git - Mirror of meta-nfv-access-common repository on gerrit.enea.se

diff options

author	Sona Sarmadi <sona.sarmadi@enea.com>	2017-10-03 10:55:33 +0200
committer	Adrian Dudau <adrian.dudau@enea.com>	2017-10-04 09:58:01 +0200
commit	d8a0f5de3d13e8747376af9e7fd2b5007ffb8aab (patch)
tree	abb4662c2ca32b2051822471e097875ce51159d9 /conf
parent	404efc06d1d42e6e56a51b8a703f2bcf653c1705 (diff)
download	meta-nfv-access-common-d8a0f5de3d13e8747376af9e7fd2b5007ffb8aab.tar.gz

systemd: CVE-2017-1000082

refuse to load units with errors If a unit has a statement such as User=0day where the username exists but is strictly speaking invalid, the unit will be started as the root user instead. Backport a patch from upstream to mitigate this by refusing to start units such as this. (From OE-Core rev: a6eaef0f179a341c0b96bb30aaec2d80862a11d6) Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000082 Backport from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=pyro&id=b7e7b5e294f944c27fb1d2be61c0cf38f6c81ba8 Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>

Diffstat (limited to 'conf')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: