]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: ef68005) | patch
systemd: refuse to load units with errors (CVE-2017-1000082)
authorRoss Burton <ross.burton@intel.com>
Tue, 18 Jul 2017 16:04:08 +0000 (17:04 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 19 Jul 2017 10:30:10 +0000 (11:30 +0100)
commit549cb941c5b19909fb00f2bef9c04172ca1c162d
tree5f7c2070e851a925e8c69f274fed59ba5acc347btree | snapshot
parentef68005a8c527e9b1d05b7769f0ec8ebe9ec3f91commit | diff
systemd: refuse to load units with errors (CVE-2017-1000082)

If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.

Backport a patch from upstream to mitigate this by refusing to start units such
as this.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-core/systemd/systemd/0001-core-load-fragment-refuse-units-with-errors-in-certa.patch [new file with mode: 0644] blob
meta/recipes-core/systemd/systemd_232.bb diff | blob | history
Mirror of the official openembedded-core repository