| Message ID | 20211013114809.25474-1-peter@korsgaard.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [PATCH-2021.02.x] package/systemd: security bump to version 247.9 | expand |
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes: > Fixes the following security issues: > - CVE-2020-13529: An exploitable denial-of-service vulnerability exists in > Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a > server running the DHCP client to be vulnerable to a DHCP ACK spoofing > attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets > to reconfigure the server. > https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142 > - CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1) > https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/cve-2021-33910-denial-of-service-stack-exhaustion-in-systemd-pid-1 > Update hash of README for a change of IRC network: > - #systemd on irc.freenode.org > + #systemd on irc.libera.chat > Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Committed to 2021.02.x, thanks.
diff --git a/package/systemd/systemd.hash b/package/systemd/systemd.hash index 20cd922259..4ed5e96d4f 100644 --- a/package/systemd/systemd.hash +++ b/package/systemd/systemd.hash @@ -1,6 +1,6 @@ # sha256 locally computed -sha256 2869986e219a8dfc96cc0dffac66e0c13bb70a89e16b85a3948876c146cfa3e0 systemd-247.3.tar.gz +sha256 629b8c895efa000b921092c7a565680c66dcd0ec74ed11cb2dd2b6701492675d systemd-247.9.tar.gz sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE.GPL2 sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 LICENSE.LGPL2.1 -sha256 6f22d19d35b00f35e0444e0bc9139e6d3bdf7277978f89c4e175e37b18c43f3d README +sha256 996b2bd286a6832b4c8cbab8e662d371e2fd061a2e14925bc6099d805f12c7a3 README sha256 83bb6bd9ccd2cf5230cb1807ed16258289768dc4d9cb80069a814e04415a1275 tools/chromiumos/LICENSE diff --git a/package/systemd/systemd.mk b/package/systemd/systemd.mk index 74c561e67e..21e8c48ed7 100644 --- a/package/systemd/systemd.mk +++ b/package/systemd/systemd.mk @@ -4,7 +4,7 @@ # ################################################################################ -SYSTEMD_VERSION = 247.3 +SYSTEMD_VERSION = 247.9 SYSTEMD_SITE = $(call github,systemd,systemd-stable,v$(SYSTEMD_VERSION)) SYSTEMD_LICENSE = LGPL-2.1+, GPL-2.0+ (udev), Public Domain (few source files, see README), BSD-3-Clause (tools/chromiumos) SYSTEMD_LICENSE_FILES = LICENSE.GPL2 LICENSE.LGPL2.1 README tools/chromiumos/LICENSE
Fixes the following security issues: - CVE-2020-13529: An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server. https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142 - CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1) https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/cve-2021-33910-denial-of-service-stack-exhaustion-in-systemd-pid-1 Update hash of README for a change of IRC network: - #systemd on irc.freenode.org + #systemd on irc.libera.chat Signed-off-by: Peter Korsgaard <peter@korsgaard.com> --- package/systemd/systemd.hash | 4 ++-- package/systemd/systemd.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)