diff options
| author | Douglas R. Reno <renodr@linuxfromscratch.org> | 2022-12-28 09:52:50 -0600 |
|---|---|---|
| committer | Douglas R. Reno <renodr@linuxfromscratch.org> | 2022-12-28 09:52:50 -0600 |
| commit | e193e35799dc8e247c9efecf8440a835462a77ed (patch) | |
| tree | 0600cabb3c6b8dfa7cfae73923430e32ab7498de | |
| parent | fb3f5d7424639890ae6643648bb9ac88a6d674c6 (diff) | |
Patch systemd against CVE-2022-4415
| -rw-r--r-- | chapter01/changelog.xml | 10 | ||||
| -rw-r--r-- | chapter01/whatsnew.xml | 4 | ||||
| -rw-r--r-- | chapter03/patches.xml | 4 | ||||
| -rw-r--r-- | chapter08/systemd.xml | 6 | ||||
| -rw-r--r-- | patches.ent | 10 |
5 files changed, 24 insertions, 10 deletions
diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml index d15590c1f..7baf7c058 100644 --- a/chapter01/changelog.xml +++ b/chapter01/changelog.xml @@ -39,6 +39,16 @@ <listitem revision="sysv"> or <listitem revision="systemd"> as appropriate for the entry or if needed the entire day's listitem. --> + <listitem revision="systemd"> + <para>2022-12-28</para> + <itemizedlist> + <listitem> + <para>[renodr] - Patch systemd against CVE-2022-4415. Fixes + <ulink url="&lfs-ticket-root;5187">#5187</ulink>.</para> + </listitem> + </itemizedlist> + </listitem> + <listitem> <para>2022-12-15</para> <itemizedlist> diff --git a/chapter01/whatsnew.xml b/chapter01/whatsnew.xml index 207240036..86992592b 100644 --- a/chapter01/whatsnew.xml +++ b/chapter01/whatsnew.xml @@ -299,6 +299,10 @@ <listitem> <para>&readline-fixes-patch;</para> </listitem> + + <listitem revision="systemd"> + <para>&systemd-upstream-patch;</para> + </listitem> </itemizedlist> <itemizedlist> diff --git a/chapter03/patches.xml b/chapter03/patches.xml index 033ccd00c..05b49d319 100644 --- a/chapter03/patches.xml +++ b/chapter03/patches.xml @@ -135,7 +135,7 @@ </listitem> </varlistentry> -<!-- + <varlistentry revision="systemd"> <term>Systemd Upstream Patch - <token>&systemd-upstream-patch-size;</token>:</term> <listitem> @@ -143,7 +143,7 @@ <para>MD5 sum: <literal>&systemd-upstream-patch-md5;</literal></para> </listitem> </varlistentry> ---> + <!-- <varlistentry> <term>Xz Upstream Fix Patch - <token>&xz-upstream-fix-patch-size;</token>:</term> diff --git a/chapter08/systemd.xml b/chapter08/systemd.xml index 4548056ea..2c5c0e11b 100644 --- a/chapter08/systemd.xml +++ b/chapter08/systemd.xml @@ -40,11 +40,11 @@ <sect2 role="installation"> <title>Installation of systemd</title> -<!-- - <para>First, fix an issue introduced by glibc-2.36.</para> + + <para>First, fix a security issue in systemd-coredump:</para> <screen><userinput remap="pre">patch -Np1 -i ../&systemd-upstream-patch;</userinput></screen> ---> + <para>Remove two unneeded groups, <systemitem class="groupname">render</systemitem> and diff --git a/patches.ent b/patches.ent index 53536069e..91cd3b719 100644 --- a/patches.ent +++ b/patches.ent @@ -91,11 +91,11 @@ <!ENTITY sysvinit-consolidated-patch-md5 "372d367918134f2f41daf54f2acf280a"> <!ENTITY sysvinit-consolidated-patch-size "2.4 KB"> -<!-- -<!ENTITY systemd-upstream-patch "systemd-&systemd-version;-glibc_2.36_fix-1.patch"> -<!ENTITY systemd-upstream-patch-md5 "fd8dc901e73ad00dc72a351a0d4ac48c"> -<!ENTITY systemd-upstream-patch-size "3.0 KB"> ---> + +<!ENTITY systemd-upstream-patch "systemd-&systemd-version;-security_fix-1.patch"> +<!ENTITY systemd-upstream-patch-md5 "da817e69e897d35cdffd7c45ea06be39"> +<!ENTITY systemd-upstream-patch-size "76.0 KB"> + <!-- <!ENTITY xz-upstream-fix-patch "xz-&xz-version;-upstream_fix-1.patch"> <!ENTITY xz-upstream-fix-patch-md5 "584c72ea3d8f7502b2770670f3090788"> |