GitList

Browse code

systemd - Fix CVE-2018-15688

Change-Id: I7a0024a15ca4dd135c076cdf3d3f72484c8405ca
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/6083
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>

Tapas Kundu authored on 2018/11/02 22:44:18
Showing 2 changed files

SPECS/systemd/systemd-228-CVE-2018-15688.patch index 0000000..a7d44a0
SPECS/systemd/systemd.spec index 219fcef..863fd05 100644

SPECS/systemd/systemd-228-CVE-2018-15688.patch

History View file @ 2b91653

                     new file mode 100644
@@ -0,0 +1,11 @@
                     +--- a/src/libsystemd-network/dhcp6-option.c	2018-11-02 18:46:16.710217740 +0530
                     +@@ -102,7 +102,7 @@ int dhcp6_option_append_ia(uint8_t **buf
                     +                 return -EINVAL;
                     +         }
+                    +
                     +-        if (*buflen < len)
                     ++        if (*buflen < offsetof(DHCP6Option, data) + len)
                     +                 return -ENOBUFS;
+                    +
                     +         ia_hdr = *buf;

SPECS/systemd/systemd.spec

History View file @ 2b91653

@@ -1,7 +1,7 @@
                      Summary:          Systemd-228
                      Name:             systemd
                      Version:          228
                     -Release:          47%{?dist}
                     +Release:          48%{?dist}
                      License:          LGPLv2+ and GPLv2+ and MIT
                      URL:              http://www.freedesktop.org/wiki/Software/systemd/
                      Group:            System Environment/Security
@@ -46,6 +46,7 @@ Patch28:          systemd-228-link-disabled-nullptr-fix.patch
                      Patch29:          systemd-228-CVE-2017-15908-dns-pkt-loop-fix.patch
                      Patch30:          systemd-228-CVE-2017-18078.patch
                      Patch31:          systemd-228-CVE-2018-1049.patch
                     +Patch32:          systemd-228-CVE-2018-15688.patch
                      Requires:         Linux-PAM
                      Requires:         libcap
                      Requires:         xz
@@ -111,6 +112,7 @@ sed -i "s:blkid/::" $(grep -rl "blkid/blkid.h")
                      %patch29 -p1
                      %patch30 -p1
                      %patch31 -p1
                     +%patch32 -p1
                      sed -i "s#\#DefaultTasksMax=512#DefaultTasksMax=infinity#g" src/core/system.conf
                      %build
@@ -251,6 +253,8 @@ rm -rf %{buildroot}/*
                      %changelog
                     +*    Fri Nov 02 2018 Tapas Kundu <tkundu@vmware.com> 228-48
                     +-    Fix CVE-2018-15688
                      *    Mon Jul 23 2018 Ankit Jain <ankitja@vmware.com>  228-47
                      -    Fix CVE-2018-1049.
                      *    Thu Jun 28 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 228-46