Browse code
Util-linux : Update to version 2.32, fix CVE-2018-7738
Change-Id: Ie58ed58bbb32c1264535da104872a95fe29e3a94
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/4984
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>
Xiaolin Li authored on 2018/04/12 05:46:09Showing 3 changed files
- SPECS/systemd/systemd-233-util-linux-build-failure.patch
- SPECS/systemd/systemd.spec
- SPECS/util-linux/util-linux.spec
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,72 @@ |
| 0 |
+From 227b8a762fea1458547be2cdf0e6e4aac0079730 Mon Sep 17 00:00:00 2001 |
|
| 1 |
+From: Michael Olbrich <m.olbrich@pengutronix.de> |
|
| 2 |
+Date: Mon, 26 Mar 2018 17:34:53 +0200 |
|
| 3 |
+Subject: [PATCH] core: don't include libmount.h in a header file (#8580) |
|
| 4 |
+ |
|
| 5 |
+linux/fs.h sys/mount.h, libmount.h and missing.h all include MS_* |
|
| 6 |
+definitions. |
|
| 7 |
+ |
|
| 8 |
+To avoid problems, only one of linux/fs.h, sys/mount.h and libmount.h |
|
| 9 |
+should be included. And missing.h must be included last. |
|
| 10 |
+ |
|
| 11 |
+Without this, building systemd may fail with: |
|
| 12 |
+ |
|
| 13 |
+In file included from [...]/libmount/libmount.h:31:0, |
|
| 14 |
+ from ../systemd-238/src/core/manager.h:23, |
|
| 15 |
+ from ../systemd-238/src/core/emergency-action.h:37, |
|
| 16 |
+ from ../systemd-238/src/core/unit.h:34, |
|
| 17 |
+ from ../systemd-238/src/core/dbus-timer.h:25, |
|
| 18 |
+ from ../systemd-238/src/core/timer.c:26: |
|
| 19 |
+[...]/sys/mount.h:57:2: error: expected identifier before numeric constant |
|
| 20 |
+--- |
|
| 21 |
+ src/core/dbus-execute.c | 1 + |
|
| 22 |
+ src/core/manager.h | 3 ++- |
|
| 23 |
+ src/core/mount.c | 2 ++ |
|
| 24 |
+ 3 files changed, 5 insertions(+), 1 deletion(-) |
|
| 25 |
+ |
|
| 26 |
+diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c |
|
| 27 |
+index 7344623ebf6..c342093bca4 100644 |
|
| 28 |
+--- a/src/core/dbus-execute.c |
|
| 29 |
+@@ -17,6 +17,7 @@ |
|
| 30 |
+ along with systemd; If not, see <http://www.gnu.org/licenses/>. |
|
| 31 |
+ ***/ |
|
| 32 |
+ |
|
| 33 |
++#include <sys/mount.h> |
|
| 34 |
+ #include <sys/prctl.h> |
|
| 35 |
+ |
|
| 36 |
+ #ifdef HAVE_SECCOMP |
|
| 37 |
+diff --git a/src/core/manager.h b/src/core/manager.h |
|
| 38 |
+index 28c5da225b1..e09e0cdf5e9 100644 |
|
| 39 |
+--- a/src/core/manager.h |
|
| 40 |
+@@ -20,7 +20,6 @@ |
|
| 41 |
+ along with systemd; If not, see <http://www.gnu.org/licenses/>. |
|
| 42 |
+ ***/ |
|
| 43 |
+ |
|
| 44 |
+-#include <libmount.h> |
|
| 45 |
+ #include <stdbool.h> |
|
| 46 |
+ #include <stdio.h> |
|
| 47 |
+ |
|
| 48 |
+@@ -34,6 +33,8 @@ |
|
| 49 |
+ #include "list.h" |
|
| 50 |
+ #include "ratelimit.h" |
|
| 51 |
+ |
|
| 52 |
++struct libmnt_monitor; |
|
| 53 |
++ |
|
| 54 |
+ /* Enforce upper limit how many names we allow */ |
|
| 55 |
+ #define MANAGER_MAX_NAMES 131072 /* 128K */ |
|
| 56 |
+ |
|
| 57 |
+diff --git a/src/core/mount.c b/src/core/mount.c |
|
| 58 |
+index 0e755da5c02..0154ebda5d6 100644 |
|
| 59 |
+--- a/src/core/mount.c |
|
| 60 |
+@@ -23,6 +23,8 @@ |
|
| 61 |
+ #include <stdio.h> |
|
| 62 |
+ #include <sys/epoll.h> |
|
| 63 |
+ |
|
| 64 |
++#include <libmount.h> |
|
| 65 |
++ |
|
| 66 |
+ #include "sd-messages.h" |
|
| 67 |
+ |
|
| 68 |
+ #include "alloc-util.h" |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
Summary: Systemd-233 |
| 2 | 2 |
Name: systemd |
| 3 | 3 |
Version: 233 |
| 4 |
-Release: 12%{?dist}
|
|
| 4 |
+Release: 13%{?dist}
|
|
| 5 | 5 |
License: LGPLv2+ and GPLv2+ and MIT |
| 6 | 6 |
URL: http://www.freedesktop.org/wiki/Software/systemd/ |
| 7 | 7 |
Group: System Environment/Security |
| ... | ... |
@@ -29,6 +29,7 @@ Patch11: systemd-233-ra-improvements.patch |
| 29 | 29 |
Patch12: systemd-233-link-disabled-nullptr-fix.patch |
| 30 | 30 |
Patch13: systemd-228-CVE-2017-15908-dns-pkt-loop-fix.patch |
| 31 | 31 |
Patch14: systemd-233-CVE-2017-18078.patch |
| 32 |
+Patch15: systemd-233-util-linux-build-failure.patch |
|
| 32 | 33 |
|
| 33 | 34 |
Requires: Linux-PAM |
| 34 | 35 |
Requires: libcap |
| ... | ... |
@@ -97,6 +98,7 @@ sed -i "/xlocale.h/d" src/basic/parse-util.c |
| 97 | 97 |
%patch12 -p1 |
| 98 | 98 |
%patch13 -p1 |
| 99 | 99 |
%patch14 -p1 |
| 100 |
+%patch15 -p1 |
|
| 100 | 101 |
|
| 101 | 102 |
sed -i "s#\#DefaultTasksMax=512#DefaultTasksMax=infinity#g" src/core/system.conf |
| 102 | 103 |
|
| ... | ... |
@@ -245,6 +247,8 @@ rm -rf %{buildroot}/*
|
| 245 | 245 |
%files lang -f %{name}.lang
|
| 246 | 246 |
|
| 247 | 247 |
%changelog |
| 248 |
+* Wed Apr 11 2018 Xiaolin Li <xiaolinl@vmware.com> 233-13 |
|
| 249 |
+- Build systemd with util-linux 2.32. |
|
| 248 | 250 |
* Wed Mar 14 2018 Xiaolin Li <xiaolinl@vmware.com> 233-12 |
| 249 | 251 |
- Fix CVE-2017-18078. |
| 250 | 252 |
* Thu Nov 09 2017 Vinay Kulkarni <kulkarniv@vmware.com> 233-11 |
| ... | ... |
@@ -1,14 +1,14 @@ |
| 1 | 1 |
Summary: Utilities for file systems, consoles, partitions, and messages |
| 2 | 2 |
Name: util-linux |
| 3 |
-Version: 2.29.2 |
|
| 4 |
-Release: 5%{?dist}
|
|
| 3 |
+Version: 2.32 |
|
| 4 |
+Release: 1%{?dist}
|
|
| 5 | 5 |
URL: http://www.kernel.org/pub/linux/utils/util-linux |
| 6 | 6 |
License: GPLv2+ |
| 7 | 7 |
Group: Applications/System |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Source0: %{name}-%{version}.tar.xz
|
| 11 |
-%define sha1 util-linux=b488f185e74187a63b55baef9d3f48d5b1780118 |
|
| 11 |
+%define sha1 util-linux=4a21387d51f73bab44230c3bf9fe5a291e761111 |
|
| 12 | 12 |
BuildRequires: ncurses-devel |
| 13 | 13 |
%if %{with_check}
|
| 14 | 14 |
BuildRequires: ncurses-terminfo |
| ... | ... |
@@ -97,6 +97,8 @@ rm -rf %{buildroot}/lib/systemd/system
|
| 97 | 97 |
%{_mandir}/man3/*
|
| 98 | 98 |
|
| 99 | 99 |
%changelog |
| 100 |
+* Mon Apr 09 2018 Xiaolin Li <xiaolinl@vmware.com> 2.32-1 |
|
| 101 |
+- Update to version 2.32, fix CVE-2018-7738 |
|
| 100 | 102 |
* Mon Oct 02 2017 Alexey Makhalov <amakhalov@vmware.com> 2.29.2-5 |
| 101 | 103 |
- Added conflicts toybox |
| 102 | 104 |
* Fri Sep 15 2017 Bo Gan <ganb@vmware.com> 2.29.2-4 |