Change-Id: If56bf4e2e38d00b6e3afcc5594fc72be6f57a8ac
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/3003
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Xiaolin Li <xiaolinl@vmware.com>
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,25 @@ |
0 |
+From a924f43f30f9c4acaf70618dd2a055f8b0f166be Mon Sep 17 00:00:00 2001 |
|
1 |
+From: Evgeny Vereshchagin <evvers@ya.ru> |
|
2 |
+Date: Wed, 24 May 2017 08:56:48 +0300 |
|
3 |
+Subject: [PATCH] resolved: bugfix of null pointer p->question dereferencing |
|
4 |
+ (#6020) |
|
5 |
+ |
|
6 |
+See https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1621396 |
|
7 |
+--- |
|
8 |
+ src/resolve/resolved-dns-packet.c | 3 +++ |
|
9 |
+ 1 file changed, 3 insertions(+) |
|
10 |
+ |
|
11 |
+diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c |
|
12 |
+index 652970284e..240ee448f4 100644 |
|
13 |
+--- a/src/resolve/resolved-dns-packet.c |
|
14 |
+@@ -2269,6 +2269,9 @@ int dns_packet_is_reply_for(DnsPacket *p, const DnsResourceKey *key) { |
|
15 |
+ if (r < 0) |
|
16 |
+ return r; |
|
17 |
+ |
|
18 |
++ if (!p->question) |
|
19 |
++ return 0; |
|
20 |
++ |
|
21 |
+ if (p->question->n_keys != 1) |
|
22 |
+ return 0; |
|
23 |
+ |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: Systemd-233 |
2 | 2 |
Name: systemd |
3 | 3 |
Version: 233 |
4 |
-Release: 1%{?dist} |
|
4 |
+Release: 2%{?dist} |
|
5 | 5 |
License: LGPLv2+ and GPLv2+ and MIT |
6 | 6 |
URL: http://www.freedesktop.org/wiki/Software/systemd/ |
7 | 7 |
Group: System Environment/Security |
... | ... |
@@ -20,6 +20,7 @@ Patch3: systemd-233-ipv6-disabled-fix.patch |
20 | 20 |
Patch4: systemd-233-default-dns-from-env.patch |
21 | 21 |
Patch5: systemd-macros.patch |
22 | 22 |
Patch6: systemd-233-resolv-conf-symlink.patch |
23 |
+Patch7: systemd-233-CVE-2017-9217.patch |
|
23 | 24 |
|
24 | 25 |
Requires: Linux-PAM |
25 | 26 |
Requires: libcap |
... | ... |
@@ -75,6 +76,7 @@ sed -i "s:blkid/::" $(grep -rl "blkid/blkid.h") |
75 | 75 |
%patch4 -p1 |
76 | 76 |
%patch5 -p1 |
77 | 77 |
%patch6 -p1 |
78 |
+%patch7 -p1 |
|
78 | 79 |
|
79 | 80 |
sed -i "s#\#DefaultTasksMax=512#DefaultTasksMax=infinity#g" src/core/system.conf |
80 | 81 |
|
... | ... |
@@ -222,6 +224,8 @@ rm -rf %{buildroot}/* |
222 | 222 |
%files lang -f %{name}.lang |
223 | 223 |
|
224 | 224 |
%changelog |
225 |
+* Tue Jun 20 2017 Anish Swaminathan <anishs@vmware.com> 233-2 |
|
226 |
+- Fix for CVE-2017-9217 |
|
225 | 227 |
* Mon Mar 06 2017 Vinay Kulkarni <kulkarniv@vmware.com> 233-1 |
226 | 228 |
- Update systemd to 233 |
227 | 229 |
* Tue Jan 3 2017 Alexey Makhalov <amakhalov@vmware.com> 232-5 |