summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Martin Pitt [Sun, 17 Feb 2019 09:17:45 +0000 (10:17 +0100)]
sd-bus: enforce a size limit on D-Bus object paths
Replace stack with heap allocation. This avoids accessing/modifying
memory outside of the allocated stack region by sending specially
crafted D-Bus messages with very large object paths.
Vulnerability discovered by Chris Coulson <chris.coulson@canonical.com>,
patch provided by Riccardo Schirone <rschiron@redhat.com>.
CVE-2019-6454
Gbp-Pq: Name sd-bus-enforce-a-size-limit-on-D-Bus-object-paths.patch
Michael Biebl [Fri, 29 Jan 2021 14:16:06 +0000 (14:16 +0000)]
systemd (241-7~deb10u6) buster; urgency=medium
* journal: do not trigger assertion when journal_file_close() get NULL
(Closes: #975561)
* test-bpf: skip test when run inside containers.
The test reliably fails inside LXC and Docker when run on a new enough
kernel. It's unclear whether this is a kernel, LXC/Docker or systemd
issue and apparently there is no real interest to get this fixed, so
let's skip this test.
* autopkgtest: mark networkd-test.py as flaky.
See https://github.com/systemd/systemd/issues/18357
and https://github.com/systemd/systemd/issues/18196
[dgit import unpatched systemd 241-7~deb10u6]
Michael Biebl [Fri, 29 Jan 2021 14:16:06 +0000 (14:16 +0000)]
Import systemd_241-7~deb10u6.debian.tar.xz
[dgit import tarball systemd 241-7~deb10u6 systemd_241-7~deb10u6.debian.tar.xz]
Felipe Sateler [Thu, 21 Feb 2019 23:10:15 +0000 (23:10 +0000)]
Import systemd_241.orig.tar.gz
[dgit import orig systemd_241.orig.tar.gz]
projects / systemd.git / log