Author: renodr
Date: Fri Jan 11 08:49:55 2019
New Revision: 11500
Log:
Add systemd security patch. Please update as soon as you can.
Modified:
trunk/BOOK/chapter01/changelog.xml
trunk/BOOK/chapter03/patches.xml
trunk/BOOK/chapter06/systemd.xml
trunk/BOOK/general.ent
trunk/BOOK/patches.ent
Modified: trunk/BOOK/chapter01/changelog.xml
==============================================================================
--- trunk/BOOK/chapter01/changelog.xml Wed Jan 9 21:54:40 2019 (r11499)
+++ trunk/BOOK/chapter01/changelog.xml Fri Jan 11 08:49:55 2019 (r11500)
@@ -42,6 +42,20 @@
<listitem revision="sysv"> or <listitem revision="systemd"> as
appropriate for the entry or if needed the entire day's listitem.
-->
+
+ <listitem revision="systemd">
+ <para>2019-01-11</para>
+ <itemizedlist>
+ <listitem>
+ <para>[renodr] - Add a security patch for systemd-240. This fixes
+ CVE-2018-16865 and CVE-2018-16864 (memory corruption in journald
+ leading to stack overflows / arbitrary code execution).
+ Apply this as soon as you can. Fixes
+ <ulink url="&lfs-ticket-root;4408">#4408</ulink>.</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+
<listitem>
<para>2019-01-10</para>
<itemizedlist>
Modified: trunk/BOOK/chapter03/patches.xml
==============================================================================
--- trunk/BOOK/chapter03/patches.xml Wed Jan 9 21:54:40 2019 (r11499)
+++ trunk/BOOK/chapter03/patches.xml Fri Jan 11 08:49:55 2019 (r11500)
@@ -116,7 +116,6 @@
</listitem>
</varlistentry>
-<!--
<varlistentry revision="systemd">
<term>Systemd security patch -
<token>&systemd-security-patch-size;</token>:</term>
<listitem>
@@ -124,24 +123,6 @@
<para>MD5 sum: <literal>&systemd-security-patch-md5;</literal></para>
</listitem>
</varlistentry>
--->
-<!--
- <varlistentry revision="systemd">
- <term>systemd glibc patch -
<token>&systemd-glibc-patch-size;</token>:</term>
- <listitem>
- <para>Download: <ulink
url="&patches-root;&systemd-glibc-patch;"/></para>
- <para>MD5 sum: <literal>&systemd-glibc-patch-md5;</literal></para>
- </listitem>
- </varlistentry>
-
- <varlistentry revision="systemd">
- <term>systemd meson fixes patch -
<token>&systemd-meson-patch-size;</token>:</term>
- <listitem>
- <para>Download: <ulink
url="&patches-root;&systemd-meson-patch;"/></para>
- <para>MD5 sum: <literal>&systemd-meson-patch-md5;</literal></para>
- </listitem>
- </varlistentry>
- -->
</variablelist>
Modified: trunk/BOOK/chapter06/systemd.xml
==============================================================================
--- trunk/BOOK/chapter06/systemd.xml Wed Jan 9 21:54:40 2019 (r11499)
+++ trunk/BOOK/chapter06/systemd.xml Fri Jan 11 08:49:55 2019 (r11500)
@@ -40,6 +40,10 @@
<sect2 role="installation">
<title>Installation of systemd</title>
+ <para>Apply a patch to fix two critical security vulnerabilities:</para>
+
+<screen><userinput remap="pre">patch -Np1 -i
../systemd-240-security_fixes-1.patch</userinput></screen>
+
<para>Create a symlink to work around missing xsltproc:</para>
<screen><userinput remap="pre">ln -sf /tools/bin/true
/usr/bin/xsltproc</userinput></screen>
Modified: trunk/BOOK/general.ent
==============================================================================
--- trunk/BOOK/general.ent Wed Jan 9 21:54:40 2019 (r11499)
+++ trunk/BOOK/general.ent Fri Jan 11 08:49:55 2019 (r11500)
@@ -1,13 +1,13 @@
-<!ENTITY version "SVN-20190109">
+<!ENTITY version "SVN-20190111">
<!ENTITY short-version "svn"> <!-- Used below in &blfs-book;
Change to x.y for release but not -rc
releases -->
<!ENTITY generic-version "development"> <!-- Use "development" or
"x.y[-pre{x}]" -->
-<!ENTITY versiond "20190101-systemd">
+<!ENTITY versiond "20190111-systemd">
<!ENTITY short-versiond "systemd">
<!ENTITY generic-versiond "systemd">
-<!ENTITY releasedate "January 9, 2019">
+<!ENTITY releasedate "January 11, 2019">
<!ENTITY copyrightdate "1999-2019"><!-- jhalfs needs a literal dash, not
– -->
<!ENTITY milestone "8.4">
Modified: trunk/BOOK/patches.ent
==============================================================================
--- trunk/BOOK/patches.ent Wed Jan 9 21:54:40 2019 (r11499)
+++ trunk/BOOK/patches.ent Fri Jan 11 08:49:55 2019 (r11500)
@@ -57,17 +57,6 @@
<!ENTITY sysvinit-consolidated-patch-md5 "aaa84675e717504d7d3da452c8c2eaf1">
<!ENTITY sysvinit-consolidated-patch-size "2.6 KB">
-<!--
-<!ENTITY systemd-security-patch
"systemd-&systemd-version;-security_fix-1.patch">
-<!ENTITY systemd-security-patch-md5 "aa9d81fec9a3875a54e63af86904513a">
-<!ENTITY systemd-security-patch-size "4 KB">
--->
-<!--
-<!ENTITY systemd-glibc-patch
"systemd-&systemd-version;-glibc_statx_fix-1.patch">
-<!ENTITY systemd-glibc-patch-md5 "a44057d6a6ca69760bafc126458d89e5">
-<!ENTITY systemd-glibc-patch-size "4 KB">
-
-<!ENTITY systemd-meson-patch
"systemd-&systemd-version;-meson-0.48.0_fixes-1.patch">
-<!ENTITY systemd-meson-patch-md5 "0e12e0722bd6bb84e8a4ec4de8979722">
-<!ENTITY systemd-meson-patch-size "4 KB">
--->
+<!ENTITY systemd-security-patch
"systemd-&systemd-version;-security_fixes-1.patch">
+<!ENTITY systemd-security-patch-md5 "e0e27d1e5eb527f0ce2ac55b808cb7b2">
+<!ENTITY systemd-security-patch-size "12 KB">
--
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
