Changed in v2: - Added CVE tag, Upstream-Status tag and Sign-off-by tags. - removed the verification of the entry length in the header - squashed CVE-2018-16865 patches into one - CVE-2018-16866 patch now taken from systemd-stable and includes an additional heap buffer overflow fix.
Marcus Cooper (3): systemd: Security fix CVE-2018-16864 systemd: Security fix CVE-2018-16865 systemd: Security fix CVE-2018-16866 ...-not-store-the-iovec-entry-for-process-co.patch | 208 +++++++++++++++++++++ ...rnald-set-a-limit-on-the-number-of-fields.patch | 139 ++++++++++++++ ...nal-fix-out-of-bounds-read-CVE-2018-16866.patch | 49 +++++ meta/recipes-core/systemd/systemd_239.bb | 3 + 4 files changed, 399 insertions(+) create mode 100644 meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch create mode 100644 meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields.patch create mode 100644 meta/recipes-core/systemd/systemd/0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch -- 2.11.0 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
