deleted file mode 100644

@@ -1,23 +0,0 @@

-diff -uNr systemd-233/src/resolve/resolved-conf.c systemd-233-new/src/resolve/resolved-conf.c

-+++ systemd-233-new/src/resolve/resolved-conf.c	2017-07-07 03:29:00.130502439 +0000

-@@ -229,6 +229,7 @@

- 

- int manager_parse_config_file(Manager *m) {

-         int r;

-+        char *default_dns_servers;

- 

-         assert(m);

- 

-@@ -241,7 +242,10 @@

-                 return r;

- 

-         if (m->need_builtin_fallbacks) {

--                r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_FALLBACK, DNS_SERVERS);

-+                default_dns_servers = secure_getenv("DEFAULT_DNS_SERVERS");

-+                if (default_dns_servers == NULL)

-+                        default_dns_servers = DNS_SERVERS;

-+                r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_FALLBACK, default_dns_servers);

-                 if (r < 0)

-                         return r;

-         }

deleted file mode 100644

@@ -1,72 +0,0 @@

-From 227b8a762fea1458547be2cdf0e6e4aac0079730 Mon Sep 17 00:00:00 2001

-From: Michael Olbrich <m.olbrich@pengutronix.de>

-Date: Mon, 26 Mar 2018 17:34:53 +0200

-Subject: [PATCH] core: don't include libmount.h in a header file (#8580)

-

-linux/fs.h sys/mount.h, libmount.h and missing.h all include MS_*

-definitions.

-

-To avoid problems, only one of linux/fs.h, sys/mount.h and libmount.h

-should be included. And missing.h must be included last.

-

-Without this, building systemd may fail with:

-

-In file included from [...]/libmount/libmount.h:31:0,

-                 from ../systemd-238/src/core/manager.h:23,

-                 from ../systemd-238/src/core/emergency-action.h:37,

-                 from ../systemd-238/src/core/unit.h:34,

-                 from ../systemd-238/src/core/dbus-timer.h:25,

-                 from ../systemd-238/src/core/timer.c:26:

-[...]/sys/mount.h:57:2: error: expected identifier before numeric constant

- src/core/dbus-execute.c | 1 +

- src/core/manager.h      | 3 ++-

- src/core/mount.c        | 2 ++

- 3 files changed, 5 insertions(+), 1 deletion(-)

-

-diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c

-index 7344623ebf6..c342093bca4 100644

-+++ b/src/core/dbus-execute.c

-@@ -18,6 +18,7 @@

-   along with systemd; If not, see <http://www.gnu.org/licenses/>.

- ***/

- 

-+#include <sys/mount.h>

- #include <sys/prctl.h>

- #include <stdio_ext.h>

- 

-diff --git a/src/core/manager.h b/src/core/manager.h

-index 28c5da225b1..e09e0cdf5e9 100644

-+++ b/src/core/manager.h

-@@ -20,7 +20,6 @@

-   along with systemd; If not, see <http://www.gnu.org/licenses/>.

- ***/

- 

--#include <libmount.h>

- #include <stdbool.h>

- #include <stdio.h>

- 

-@@ -34,6 +33,8 @@

- #include "list.h"

- #include "ratelimit.h"

- 

-+struct libmnt_monitor;

-+

- /* Enforce upper limit how many names we allow */

- #define MANAGER_MAX_NAMES 131072 /* 128K */

- 

-diff --git a/src/core/mount.c b/src/core/mount.c

-index 0e755da5c02..0154ebda5d6 100644

-+++ b/src/core/mount.c

-@@ -23,6 +23,8 @@

- #include <stdio.h>

- #include <sys/epoll.h>

- 

-+#include <libmount.h>

-+

- #include "sd-messages.h"

- 

- #include "alloc-util.h"

new file mode 100644

@@ -0,0 +1,242 @@

+From 1a05ff4948d778280ec155a9abe69d3360bfddd9 Mon Sep 17 00:00:00 2001

+From: Lennart Poettering <lennart@poettering.net>

+Date: Wed, 17 Oct 2018 18:36:24 +0200

+Subject: [PATCH] =?UTF-8?q?core:=20when=20deserializing=20state=20always?=

+ =?UTF-8?q?=20use=20read=5Fline(=E2=80=A6,=20LONG=5FLINE=5FMAX,=20?=

+ =?UTF-8?q?=E2=80=A6)?=

+MIME-Version: 1.0

+Content-Type: text/plain; charset=UTF-8

+Content-Transfer-Encoding: 8bit

+

+This should be much better than fgets(), as we can read substantially

+longer lines and overly long lines result in proper errors.

+

+Fixes a vulnerability discovered by Jann Horn at Google.

+

+CVE-2018-15686

+LP: #1796402

+https://bugzilla.redhat.com/show_bug.cgi?id=1639071

+

+(cherry picked from commit 8948b3415d762245ebf5e19d80b97d4d8cc208c1)

+---

+ src/core/job.c     | 19 +++++++++++--------

+ src/core/manager.c | 44 ++++++++++++++++++++------------------------

+ src/core/unit.c    | 34 ++++++++++++++++++----------------

+ src/core/unit.h    |  2 +-

+ 4 files changed, 50 insertions(+), 49 deletions(-)

+

+diff --git a/src/core/job.c b/src/core/job.c

+index 734756b666..8552ffb704 100644

+--- a/src/core/job.c

+@@ -10,6 +10,7 @@

+ #include "dbus-job.h"

+ #include "dbus.h"

+ #include "escape.h"

++#include "fileio.h"

+ #include "job.h"

+ #include "log.h"

+ #include "macro.h"

+@@ -1091,24 +1092,26 @@ int job_serialize(Job *j, FILE *f) {

+ }

+ 

+ int job_deserialize(Job *j, FILE *f) {

++        int r;

++

+         assert(j);

+         assert(f);

+ 

+         for (;;) {

+-                char line[LINE_MAX], *l, *v;

++                _cleanup_free_ char *line = NULL;

++                char *l, *v;

+                 size_t k;

+ 

+-                if (!fgets(line, sizeof(line), f)) {

+-                        if (feof(f))

+-                                return 0;

+-                        return -errno;

+-                }

++                r = read_line(f, LONG_LINE_MAX, &line);

++                if (r < 0)

++                        return log_error_errno(r, "Failed to read serialization line: %m");

++                if (r == 0)

++                        return 0;

+ 

+-                char_array_0(line);

+                 l = strstrip(line);

+ 

+                 /* End marker */

+-                if (l[0] == 0)

++                if (isempty(l))

+                         return 0;

+ 

+                 k = strcspn(l, "=");

+diff --git a/src/core/manager.c b/src/core/manager.c

+index 3a7f0c41b2..a5780c9440 100644

+--- a/src/core/manager.c

+@@ -3171,22 +3171,19 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {

+         m->n_reloading++;

+ 

+         for (;;) {

+-                char line[LINE_MAX];

++                _cleanup_free_ char *line = NULL;

+                 const char *val, *l;

+ 

+-                if (!fgets(line, sizeof(line), f)) {

+-                        if (feof(f))

+-                                r = 0;

+-                        else

+-                                r = -errno;

+-

++                r = read_line(f, LONG_LINE_MAX, &line);

++                if (r < 0) {

++                        log_error_errno(r, "Failed to read serialization line: %m");

+                         goto finish;

+                 }

++                if (r == 0)

++                        break;

+ 

+-                char_array_0(line);

+                 l = strstrip(line);

+-

+-                if (l[0] == 0)

++                if (isempty(l)) /* end marker */

+                         break;

+ 

+                 if ((val = startswith(l, "current-job-id="))) {

+@@ -3353,29 +3350,31 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {

+         }

+ 

+         for (;;) {

+-                Unit *u;

+-                char name[UNIT_NAME_MAX+2];

++                _cleanup_free_ char *line = NULL;

+                 const char* unit_name;

++                Unit *u;

+ 

+                 /* Start marker */

+-                if (!fgets(name, sizeof(name), f)) {

+-                        if (feof(f))

+-                                r = 0;

+-                        else

+-                                r = -errno;

+-

++                r = read_line(f, LONG_LINE_MAX, &line);

++                if (r < 0) {

++                        log_error_errno(r, "Failed to read serialization line: %m");

+                         goto finish;

+                 }

++                if (r == 0)

++                        break;

+ 

+-                char_array_0(name);

+-                unit_name = strstrip(name);

++                unit_name = strstrip(line);

+ 

+                 r = manager_load_unit(m, unit_name, NULL, NULL, &u);

+                 if (r < 0) {

+                         log_notice_errno(r, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name);

+                         if (r == -ENOMEM)

+                                 goto finish;

+-                        unit_deserialize_skip(f);

++

++                        r = unit_deserialize_skip(f);

++                        if (r < 0)

++                                goto finish;

++

+                         continue;

+                 }

+ 

+@@ -3388,9 +3387,6 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {

+         }

+ 

+ finish:

+-        if (ferror(f))

+-                r = -EIO;

+-

+         assert(m->n_reloading > 0);

+         m->n_reloading--;

+ 

+diff --git a/src/core/unit.c b/src/core/unit.c

+index 7da963a9b7..e98c9c4099 100644

+--- a/src/core/unit.c

+@@ -3380,21 +3380,19 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {

+         assert(fds);

+ 

+         for (;;) {

+-                char line[LINE_MAX], *l, *v;

++                _cleanup_free_ char *line = NULL;

+                 CGroupIPAccountingMetric m;

++                char *l, *v;

+                 size_t k;

+ 

+-                if (!fgets(line, sizeof(line), f)) {

+-                        if (feof(f))

+-                                return 0;

+-                        return -errno;

+-                }

++                r = read_line(f, LONG_LINE_MAX, &line);

++                if (r < 0)

++                        return log_error_errno(r, "Failed to read serialization line: %m");

++                if (r == 0) /* eof */

++                        break;

+ 

+-                char_array_0(line);

+                 l = strstrip(line);

+-

+-                /* End marker */

+-                if (isempty(l))

++                if (isempty(l)) /* End marker */

+                         break;

+ 

+                 k = strcspn(l, "=");

+@@ -3671,23 +3669,27 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {

+         return 0;

+ }

+ 

+-void unit_deserialize_skip(FILE *f) {

++int unit_deserialize_skip(FILE *f) {

++        int r;

+         assert(f);

+ 

+         /* Skip serialized data for this unit. We don't know what it is. */

+ 

+         for (;;) {

+-                char line[LINE_MAX], *l;

++                _cleanup_free_ char *line = NULL;

++                char *l;

+ 

+-                if (!fgets(line, sizeof line, f))

+-                        return;

++                r = read_line(f, LONG_LINE_MAX, &line);

++                if (r < 0)

++                        return log_error_errno(r, "Failed to read serialization line: %m");

++                if (r == 0)

++                        return 0;

+ 

+-                char_array_0(line);

+                 l = strstrip(line);

+ 

+                 /* End marker */

+                 if (isempty(l))

+-                        return;

++                        return 1;

+         }

+ }

+ 

+diff --git a/src/core/unit.h b/src/core/unit.h

+index 06321bb39c..51c7aaae39 100644

+--- a/src/core/unit.h

+@@ -684,7 +684,7 @@ bool unit_can_serialize(Unit *u) _pure_;

+ 

+ int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs);

+ int unit_deserialize(Unit *u, FILE *f, FDSet *fds);

+-void unit_deserialize_skip(FILE *f);

++int unit_deserialize_skip(FILE *f);

+ 

+ int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value);

+ int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value);

new file mode 100644

@@ -0,0 +1,298 @@

+From 5de6cce58b3e8b79239b6e83653459d91af6e57c Mon Sep 17 00:00:00 2001

+From: Lennart Poettering <lennart@poettering.net>

+Date: Fri, 19 Oct 2018 11:26:59 +0200

+Subject: [PATCH 1/4] chown-recursive: let's rework the recursive logic to use

+ O_PATH

+

+That way we can pin a specific inode and analyze it and manipulate it

+without it being swapped out beneath our hands.

+

+Fixes a vulnerability originally found by Jann Horn from Google.

+

+CVE-2018-15687

+LP: #1796692

+https://bugzilla.redhat.com/show_bug.cgi?id=1639076

+---

+ src/core/chown-recursive.c | 146 ++++++++++++++++++-------------------

+ 1 file changed, 70 insertions(+), 76 deletions(-)

+

+diff --git a/src/core/chown-recursive.c b/src/core/chown-recursive.c

+index c4794501c2c..27c64489b55 100644

+--- a/src/core/chown-recursive.c

+@@ -1,17 +1,19 @@

+ /* SPDX-License-Identifier: LGPL-2.1+ */

+ 

+-#include <sys/types.h>

+-#include <sys/stat.h>

+ #include <fcntl.h>

++#include <sys/stat.h>

++#include <sys/types.h>

+ 

+-#include "user-util.h"

+-#include "macro.h"

+-#include "fd-util.h"

+-#include "dirent-util.h"

+ #include "chown-recursive.h"

++#include "dirent-util.h"

++#include "fd-util.h"

++#include "macro.h"

++#include "stdio-util.h"

++#include "strv.h"

++#include "user-util.h"

+ 

+-static int chown_one(int fd, const char *name, const struct stat *st, uid_t uid, gid_t gid) {

+-        int r;

++static int chown_one(int fd, const struct stat *st, uid_t uid, gid_t gid) {

++        char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];

+ 

+         assert(fd >= 0);

+         assert(st);

+@@ -20,90 +22,82 @@ static int chown_one(int fd, const char *name, const struct stat *st, uid_t uid,

+             (!gid_is_valid(gid) || st->st_gid == gid))

+                 return 0;

+ 

+-        if (name)

+-                r = fchownat(fd, name, uid, gid, AT_SYMLINK_NOFOLLOW);

+-        else

+-                r = fchown(fd, uid, gid);

+-        if (r < 0)

+-                return -errno;

++        /* We change ownership through the /proc/self/fd/%i path, so that we have a stable reference that works with

++         * O_PATH. (Note: fchown() and fchmod() do not work with O_PATH, the kernel refuses that. */

++        xsprintf(procfs_path, "/proc/self/fd/%i", fd);

+ 

+-        /* The linux kernel alters the mode in some cases of chown(). Let's undo this. */

+-        if (name) {

+-                if (!S_ISLNK(st->st_mode))

+-                        r = fchmodat(fd, name, st->st_mode, 0);

+-                else /* There's currently no AT_SYMLINK_NOFOLLOW for fchmodat() */

+-                        r = 0;

+-        } else

+-                r = fchmod(fd, st->st_mode);

+-        if (r < 0)

++        if (chown(procfs_path, uid, gid) < 0)

+                 return -errno;

+ 

++        /* The linux kernel alters the mode in some cases of chown(). Let's undo this. We do this only for non-symlinks

++         * however. That's because for symlinks the access mode is ignored anyway and because on some kernels/file

++         * systems trying to change the access mode will succeed but has no effect while on others it actively

++         * fails. */

++        if (!S_ISLNK(st->st_mode))

++                if (chmod(procfs_path, st->st_mode & 07777) < 0)

++                        return -errno;

++

+         return 1;

+ }

+ 

+ static int chown_recursive_internal(int fd, const struct stat *st, uid_t uid, gid_t gid) {

++        _cleanup_closedir_ DIR *d = NULL;

+         bool changed = false;

++        struct dirent *de;

+         int r;

+ 

+         assert(fd >= 0);

+         assert(st);

+ 

+-        if (S_ISDIR(st->st_mode)) {

+-                _cleanup_closedir_ DIR *d = NULL;

+-                struct dirent *de;

+-

+-                d = fdopendir(fd);

+-                if (!d) {

+-                        r = -errno;

+-                        goto finish;

+-                }

+-                fd = -1;

+-

+-                FOREACH_DIRENT_ALL(de, d, r = -errno; goto finish) {

+-                        struct stat fst;

+-

+-                        if (dot_or_dot_dot(de->d_name))

+-                                continue;

+-

+-                        if (fstatat(dirfd(d), de->d_name, &fst, AT_SYMLINK_NOFOLLOW) < 0) {

+-                                r = -errno;

+-                                goto finish;

+-                        }

+-

+-                        if (S_ISDIR(fst.st_mode)) {

+-                                int subdir_fd;

+-

+-                                subdir_fd = openat(dirfd(d), de->d_name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);

+-                                if (subdir_fd < 0) {

+-                                        r = -errno;

+-                                        goto finish;

+-                                }

+-

+-                                r = chown_recursive_internal(subdir_fd, &fst, uid, gid);

+-                                if (r < 0)

+-                                        goto finish;

+-                                if (r > 0)

+-                                        changed = true;

+-                        } else {

+-                                r = chown_one(dirfd(d), de->d_name, &fst, uid, gid);

+-                                if (r < 0)

+-                                        goto finish;

+-                                if (r > 0)

+-                                        changed = true;

+-                        }

++        d = fdopendir(fd);

++        if (!d) {

++                safe_close(fd);

++                return -errno;

++        }

++

++        FOREACH_DIRENT_ALL(de, d, return -errno) {

++                _cleanup_close_ int path_fd = -1;

++                struct stat fst;

++

++                if (dot_or_dot_dot(de->d_name))

++                        continue;

++

++                /* Let's pin the child inode we want to fix now with an O_PATH fd, so that it cannot be swapped out

++                 * while we manipulate it. */

++                path_fd = openat(dirfd(d), de->d_name, O_PATH|O_CLOEXEC|O_NOFOLLOW);

++                if (path_fd < 0)

++                        return -errno;

++

++                if (fstat(path_fd, &fst) < 0)

++                        return -errno;

++

++                if (S_ISDIR(fst.st_mode)) {

++                        int subdir_fd;

++

++                        /* Convert it to a "real" (i.e. non-O_PATH) fd now */

++                        subdir_fd = fd_reopen(path_fd, O_RDONLY|O_CLOEXEC|O_NOATIME);

++                        if (subdir_fd < 0)

++                                return subdir_fd;

++

++                        r = chown_recursive_internal(subdir_fd, &fst, uid, gid); /* takes possession of subdir_fd even on failure */

++                        if (r < 0)

++                                return r;

++                        if (r > 0)

++                                changed = true;

++                } else {

++                        r = chown_one(path_fd, &fst, uid, gid);

++                        if (r < 0)

++                                return r;

++                        if (r > 0)

++                                changed = true;

+                 }

++        }

+ 

+-                r = chown_one(dirfd(d), NULL, st, uid, gid);

+-        } else

+-                r = chown_one(fd, NULL, st, uid, gid);

++        r = chown_one(dirfd(d), st, uid, gid);

+         if (r < 0)

+-                goto finish;

++                return r;

+ 

+-        r = r > 0 || changed;

+-

+-finish:

+-        safe_close(fd);

+-        return r;

++        return r > 0 || changed;

+ }

+ 

+ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) {

+@@ -111,7 +105,7 @@ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) {

+         struct stat st;

+         int r;

+ 

+-        fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);

++        fd = open(path, O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);

+         if (fd < 0)

+                 return -errno;

+ 

+

+From f89bc84f3242449cbc308892c87573b131f121df Mon Sep 17 00:00:00 2001

+From: Lennart Poettering <lennart@poettering.net>

+Date: Fri, 19 Oct 2018 11:28:40 +0200

+Subject: [PATCH 2/4] chown-recursive: also drop ACLs when recursively

+ chown()ing

+

+Let's better be safe than sorry and also drop ACLs.

+---

+ src/core/chown-recursive.c | 16 ++++++++++++----

+ 1 file changed, 12 insertions(+), 4 deletions(-)

+

+diff --git a/src/core/chown-recursive.c b/src/core/chown-recursive.c

+index 27c64489b55..447b7712676 100644

+--- a/src/core/chown-recursive.c

+@@ -3,6 +3,7 @@

+ #include <fcntl.h>

+ #include <sys/stat.h>

+ #include <sys/types.h>

++#include <sys/xattr.h>

+ 

+ #include "chown-recursive.h"

+ #include "dirent-util.h"

+@@ -14,6 +15,7 @@

+ 

+ static int chown_one(int fd, const struct stat *st, uid_t uid, gid_t gid) {

+         char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];

++        const char *n;

+ 

+         assert(fd >= 0);

+         assert(st);

+@@ -26,13 +28,19 @@ static int chown_one(int fd, const struct stat *st, uid_t uid, gid_t gid) {

+          * O_PATH. (Note: fchown() and fchmod() do not work with O_PATH, the kernel refuses that. */

+         xsprintf(procfs_path, "/proc/self/fd/%i", fd);

+ 

++        /* Drop any ACL if there is one */

++        FOREACH_STRING(n, "system.posix_acl_access", "system.posix_acl_default")

++                if (removexattr(procfs_path, n) < 0)

++                        if (!IN_SET(errno, ENODATA, EOPNOTSUPP, ENOSYS, ENOTTY))

++                                return -errno;

++

+         if (chown(procfs_path, uid, gid) < 0)

+                 return -errno;

+ 

+-        /* The linux kernel alters the mode in some cases of chown(). Let's undo this. We do this only for non-symlinks

+-         * however. That's because for symlinks the access mode is ignored anyway and because on some kernels/file

+-         * systems trying to change the access mode will succeed but has no effect while on others it actively

+-         * fails. */

++        /* The linux kernel alters the mode in some cases of chown(), as well when we change ACLs. Let's undo this. We

++         * do this only for non-symlinks however. That's because for symlinks the access mode is ignored anyway and

++         * because on some kernels/file systems trying to change the access mode will succeed but has no effect while

++         * on others it actively fails. */

+         if (!S_ISLNK(st->st_mode))

+                 if (chmod(procfs_path, st->st_mode & 07777) < 0)

+                         return -errno;

+

+From cd6b7d50c337b3676a3d5fc2188ff298dcbdb939 Mon Sep 17 00:00:00 2001

+From: Lennart Poettering <lennart@poettering.net>

+Date: Fri, 19 Oct 2018 11:42:11 +0200

+Subject: [PATCH 3/4] chown-recursive: TAKE_FD() is your friend

+

+---

+ src/core/chown-recursive.c | 6 +-----

+ 1 file changed, 1 insertion(+), 5 deletions(-)

+

+diff --git a/src/core/chown-recursive.c b/src/core/chown-recursive.c

+index 447b7712676..7767301f7d9 100644

+--- a/src/core/chown-recursive.c

+@@ -111,7 +111,6 @@ static int chown_recursive_internal(int fd, const struct stat *st, uid_t uid, gi

+ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) {

+         _cleanup_close_ int fd = -1;

+         struct stat st;

+-        int r;

+ 

+         fd = open(path, O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);

+         if (fd < 0)

+@@ -130,8 +129,5 @@ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) {

+             (!gid_is_valid(gid) || st.st_gid == gid))

+                 return 0;

+ 

+-        r = chown_recursive_internal(fd, &st, uid, gid);

+-        fd = -1; /* we donated the fd to the call, regardless if it succeeded or failed */

+-

+-        return r;

++        return chown_recursive_internal(TAKE_FD(fd), &st, uid, gid); /* we donate the fd to the call, regardless if it succeeded or failed */

+ }

+

new file mode 100644

@@ -0,0 +1,23 @@

+diff -uNr systemd-233/src/resolve/resolved-conf.c systemd-233-new/src/resolve/resolved-conf.c

+--- systemd-233/src/resolve/resolved-conf.c	2017-03-01 21:43:06.000000000 +0000

+@@ -229,6 +229,7 @@

+ 

+ int manager_parse_config_file(Manager *m) {

+         int r;

++        char *default_dns_servers;

+ 

+         assert(m);

+ 

+@@ -241,7 +242,10 @@

+                 return r;

+ 

+         if (m->need_builtin_fallbacks) {

+-                r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_FALLBACK, DNS_SERVERS);

++                default_dns_servers = secure_getenv("DEFAULT_DNS_SERVERS");

++                if (default_dns_servers == NULL)

++                        default_dns_servers = DNS_SERVERS;

++                r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_FALLBACK, default_dns_servers);

+                 if (r < 0)

+                         return r;

+         }

@@ -1,7 +1,7 @@

 Summary:          Systemd-239

 Name:             systemd

 Version:          239

-Release:          7%{?dist}

+Release:          8%{?dist}

 License:          LGPLv2+ and GPLv2+ and MIT

 URL:              http://www.freedesktop.org/wiki/Software/systemd/

 Group:            System Environment/Security

@@ -17,13 +17,15 @@ Source5:          10-rdrand-rng.conf

 Patch0:           01-enoX-uses-instance-number-for-vmware-hv.patch

 Patch1:           02-install-general-aliases.patch

-Patch2:           systemd-236-default-dns-from-env.patch

+Patch2:           systemd-239-default-dns-from-env.patch

 Patch3:           systemd-macros.patch

 Patch4:           systemd-239-query-duid.patch

 # Fix glibc-2.28 build issue. Checked in upstream after v239

 Patch5:           systemd-239-glibc-build-fix.patch

 Patch6:           systemd-239-revert-mtu.patch

 Patch7:           systemd-239-CVE-2018-15688.patch

+Patch8:           systemd-239-CVE-2018-15686.patch

+Patch9:           systemd-239-CVE-2018-15687.patch

 Requires:         Linux-PAM

 Requires:         libcap

@@ -86,6 +88,8 @@ EOF

 %patch5 -p1

 %patch6 -p1

 %patch7 -p1

+%patch8 -p1

+%patch9 -p1

 sed -i "s#\#DefaultTasksMax=512#DefaultTasksMax=infinity#g" src/core/system.conf.in

@@ -252,6 +256,8 @@ rm -rf %{buildroot}/*

 %files lang -f %{name}.lang

 %changelog

+*    Wed Jan 02 2019 Anish Swaminathan <anishs@vmware.com>  239-8

+-    Fix CVE-2018-15686, CVE-2018-15687

 *    Sun Nov 11 2018 Tapas Kundu <tkundu@vmware.com> 239-7

 -    Fix CVE-2018-15688

 *    Fri Oct 26 2018 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 239-6