Browse code
Fix CVE-2017-9217 in systemd
Change-Id: I688e9a43094c38711d841c7f0e0d7edeb6b03506
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/4210
Reviewed-by: Vinay Kulkarni <kulkarniv@vmware.com>
Tested-by: gerrit-photon <photon-checkins@vmware.com>
suezzelur authored on 2017/11/04 10:07:55Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,12 @@ |
| 0 |
+diff -rup systemd-228/src/resolve/resolved-dns-transaction.c systemd-228-new/src/resolve/resolved-dns-transaction.c |
|
| 1 |
+--- systemd-228/src/resolve/resolved-dns-transaction.c 2015-11-17 23:59:06.000000000 -0800 |
|
| 2 |
+@@ -454,7 +454,7 @@ void dns_transaction_process_reply(DnsTr |
|
| 3 |
+ } |
|
| 4 |
+ |
|
| 5 |
+ /* Only consider responses with equivalent query section to the request */ |
|
| 6 |
+- if (p->question->n_keys != 1 || dns_resource_key_equal(p->question->keys[0], t->key) <= 0) {
|
|
| 7 |
++ if (!p->question || p->question->n_keys != 1 || dns_resource_key_equal(p->question->keys[0], t->key) <= 0) {
|
|
| 8 |
+ dns_transaction_complete(t, DNS_TRANSACTION_INVALID_REPLY); |
|
| 9 |
+ return; |
|
| 10 |
+ } |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
Summary: Systemd-228 |
| 2 | 2 |
Name: systemd |
| 3 | 3 |
Version: 228 |
| 4 |
-Release: 40%{?dist}
|
|
| 4 |
+Release: 41%{?dist}
|
|
| 5 | 5 |
License: LGPLv2+ and GPLv2+ and MIT |
| 6 | 6 |
URL: http://www.freedesktop.org/wiki/Software/systemd/ |
| 7 | 7 |
Group: System Environment/Security |
| ... | ... |
@@ -40,6 +40,7 @@ Patch23: systemd-228-CVE-2016-10156-suid-fix.patch |
| 40 | 40 |
Patch24: systemd-228-CVE-2017-9445-dns-oob.patch |
| 41 | 41 |
Patch25: systemd-228-logind-disconnect.patch |
| 42 | 42 |
Patch26: systemd-228-CVE-2015-7510-long-machinename.patch |
| 43 |
+Patch27: systemd-228-resolved-null-deferencing-fix.patch |
|
| 43 | 44 |
Requires: Linux-PAM |
| 44 | 45 |
Requires: libcap |
| 45 | 46 |
Requires: xz |
| ... | ... |
@@ -100,6 +101,7 @@ sed -i "s:blkid/::" $(grep -rl "blkid/blkid.h") |
| 100 | 100 |
%patch24 -p1 |
| 101 | 101 |
%patch25 -p1 |
| 102 | 102 |
%patch26 -p1 |
| 103 |
+%patch27 -p1 |
|
| 103 | 104 |
sed -i "s#\#DefaultTasksMax=512#DefaultTasksMax=infinity#g" src/core/system.conf |
| 104 | 105 |
|
| 105 | 106 |
%build |
| ... | ... |
@@ -239,6 +241,8 @@ rm -rf %{buildroot}/*
|
| 239 | 239 |
|
| 240 | 240 |
|
| 241 | 241 |
%changelog |
| 242 |
+* Thu Nov 03 2017 Anish Swaminathan <anishs@vmware.com> 228-41 |
|
| 243 |
+- Fix null pointer dereferencing in resolved - CVE-2017-9217 |
|
| 242 | 244 |
* Thu Nov 03 2017 Vinay Kulkarni <kulkarniv@vmware.com> 228-40 |
| 243 | 245 |
- Fix CVE-2015-7510. |
| 244 | 246 |
* Thu Oct 19 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 228-39 |