summaryrefslogtreecommitdiffstats
path: root/recipes-core/systemd
Commit message (Collapse)AuthorAgeFilesLines
* systemd: CVE-2017-1000082Sona Sarmadi2017-10-042-0/+330
| | | | | | | | | | | | | | | | | | | | | | | refuse to load units with errors If a unit has a statement such as User=0day where the username exists but is strictly speaking invalid, the unit will be started as the root user instead. Backport a patch from upstream to mitigate this by refusing to start units such as this. (From OE-Core rev: a6eaef0f179a341c0b96bb30aaec2d80862a11d6) Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000082 Backport from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=pyro&id=b7e7b5e294f944c27fb1d2be61c0cf38f6c81ba8 Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* systemd: CVE-2017-9445Sona Sarmadi2017-09-262-0/+62
Out-of-bounds write in systemd-resolved due to allocating too small buffer in dns_packet_new References: https://bugzilla.redhat.com/attachment.cgi?id=1290017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>