]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 23939d0) | patch
systemd: refuse to load units with errors (CVE-2017-1000082)
authorRoss Burton <ross.burton@intel.com>
Wed, 19 Jul 2017 12:34:44 +0000 (13:34 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 27 Jul 2017 21:35:08 +0000 (22:35 +0100)
commita6eaef0f179a341c0b96bb30aaec2d80862a11d6
tree954fc3bbe4762d1cdee86b1479f1f4e5369da0d6tree | snapshot
parent23939d0acb563e27a1419d3f532a47c3d6a59a3ecommit | diff
systemd: refuse to load units with errors (CVE-2017-1000082)

If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.

Backport a patch from upstream to mitigate this by refusing to start units such
as this.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-core/systemd/systemd/0001-core-load-fragment-refuse-units-with-errors-in-certa.patch [new file with mode: 0644] blob
meta/recipes-core/systemd/systemd_232.bb diff | blob | history
Mirror of the official openembedded-core repository