GitList

Browse code

Fix CVE in systemd-notify socket

Change-Id: I47b403499ee564df314b02bb9acf2562a835dd23
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/1468
Reviewed-by: Divya Thaluru <dthaluru@vmware.com>
Tested-by: gerrit-photon <photon-checkins@vmware.com>
(cherry picked from commit 5c18ace74ac8e2781dddc01c6b9d4b4c3a3f25ea)
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/1471
Reviewed-by: Vinay Kulkarni <kulkarniv@vmware.com>

Vinay Kulkarni authored on 2016/09/29 17:30:19
Showing 2 changed files

SPECS/systemd/systemd-228-CVE-notify-socket-DOS-fix.patch index 0000000..dc23f16
SPECS/systemd/systemd.spec index 559b757..9913fac 100644

SPECS/systemd/systemd-228-CVE-notify-socket-DOS-fix.patch

History View file @ fc8b655

                     new file mode 100644
@@ -0,0 +1,15 @@
                     +diff --git a/src/core/manager.c b/src/core/manager.c
                     +index fa8deb9..43e231c 100644
                     +--- a/src/core/manager.c
                     +@@ -1721,6 +1721,10 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
+                    +
                     +                 return -errno;
                     +         }
                     ++        if (n == 0) {
                     ++                log_debug("Got zero-length notification message. Ignoring.");
                     ++                return 0;
                     ++        }
+                    +
                     +         CMSG_FOREACH(cmsg, &msghdr) {
                     +                 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {

SPECS/systemd/systemd.spec

History View file @ fc8b655

@@ -1,7 +1,7 @@
                      Summary:          Systemd-228
                      Name:             systemd
                      Version:          228
                     -Release:          30%{?dist}
                     +Release:          31%{?dist}
                      License:          LGPLv2+ and GPLv2+ and MIT
                      URL:              http://www.freedesktop.org/wiki/Software/systemd/
                      Group:            System Environment/Security
@@ -32,6 +32,7 @@ Patch16:          systemd-228-dhcp-duid-api-update.patch
                      Patch17:          systemd-228-domains-search-fix.patch
                      Patch18:          systemd-228-dns-transaction-pending-fix.patch
                      Patch19:          02-install-general-aliases.patch
                     +Patch20:          systemd-228-CVE-notify-socket-DOS-fix.patch
                      Requires:         Linux-PAM
                      Requires:         libcap
                      Requires:         xz
@@ -84,6 +85,7 @@ sed -i "s:blkid/::" $(grep -rl "blkid/blkid.h")
                      %patch17 -p1
                      %patch18 -p1
                      %patch19 -p1
                     +%patch20 -p1
                      sed -i "s#\#DefaultTasksMax=512#DefaultTasksMax=infinity#g" src/core/system.conf
                      %build
@@ -193,6 +195,8 @@ rm -rf %{buildroot}/*
                      %dir %{_localstatedir}/log/journal
                      %changelog
                     +*    Thu Sep 29 2016 Vinay Kulkarni <kulkarniv@vmware.com>  228-31
                     +-    Fix a CVE in systemd-notify socket.
                      *    Mon Aug 29 2016 Alexey Makhalov <amakhalov@vmware.com>  228-30
                      -    02-install-general-aliases.patch to create absolute symlinks
                      *    Fri Aug 26 2016 Anish Swaminathan <anishs@vmware.com>  228-29