aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDouglas R. Reno <renodr@linuxfromscratch.org>2022-12-28 09:52:50 -0600
committerDouglas R. Reno <renodr@linuxfromscratch.org>2022-12-28 09:52:50 -0600
commite193e35799dc8e247c9efecf8440a835462a77ed (patch)
tree0600cabb3c6b8dfa7cfae73923430e32ab7498de
parentfb3f5d7424639890ae6643648bb9ac88a6d674c6 (diff)
Patch systemd against CVE-2022-4415
-rw-r--r--chapter01/changelog.xml10
-rw-r--r--chapter01/whatsnew.xml4
-rw-r--r--chapter03/patches.xml4
-rw-r--r--chapter08/systemd.xml6
-rw-r--r--patches.ent10
5 files changed, 24 insertions, 10 deletions
diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml
index d15590c1f..7baf7c058 100644
--- a/chapter01/changelog.xml
+++ b/chapter01/changelog.xml
@@ -39,6 +39,16 @@
<listitem revision="sysv"> or <listitem revision="systemd"> as
appropriate for the entry or if needed the entire day's listitem.
-->
+ <listitem revision="systemd">
+ <para>2022-12-28</para>
+ <itemizedlist>
+ <listitem>
+ <para>[renodr] - Patch systemd against CVE-2022-4415. Fixes
+ <ulink url="&lfs-ticket-root;5187">#5187</ulink>.</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+
<listitem>
<para>2022-12-15</para>
<itemizedlist>
diff --git a/chapter01/whatsnew.xml b/chapter01/whatsnew.xml
index 207240036..86992592b 100644
--- a/chapter01/whatsnew.xml
+++ b/chapter01/whatsnew.xml
@@ -299,6 +299,10 @@
<listitem>
<para>&readline-fixes-patch;</para>
</listitem>
+
+ <listitem revision="systemd">
+ <para>&systemd-upstream-patch;</para>
+ </listitem>
</itemizedlist>
<itemizedlist>
diff --git a/chapter03/patches.xml b/chapter03/patches.xml
index 033ccd00c..05b49d319 100644
--- a/chapter03/patches.xml
+++ b/chapter03/patches.xml
@@ -135,7 +135,7 @@
</listitem>
</varlistentry>
-<!--
+
<varlistentry revision="systemd">
<term>Systemd Upstream Patch - <token>&systemd-upstream-patch-size;</token>:</term>
<listitem>
@@ -143,7 +143,7 @@
<para>MD5 sum: <literal>&systemd-upstream-patch-md5;</literal></para>
</listitem>
</varlistentry>
--->
+
<!--
<varlistentry>
<term>Xz Upstream Fix Patch - <token>&xz-upstream-fix-patch-size;</token>:</term>
diff --git a/chapter08/systemd.xml b/chapter08/systemd.xml
index 4548056ea..2c5c0e11b 100644
--- a/chapter08/systemd.xml
+++ b/chapter08/systemd.xml
@@ -40,11 +40,11 @@
<sect2 role="installation">
<title>Installation of systemd</title>
-<!--
- <para>First, fix an issue introduced by glibc-2.36.</para>
+
+ <para>First, fix a security issue in systemd-coredump:</para>
<screen><userinput remap="pre">patch -Np1 -i ../&systemd-upstream-patch;</userinput></screen>
--->
+
<para>Remove two unneeded groups,
<systemitem class="groupname">render</systemitem> and
diff --git a/patches.ent b/patches.ent
index 53536069e..91cd3b719 100644
--- a/patches.ent
+++ b/patches.ent
@@ -91,11 +91,11 @@
<!ENTITY sysvinit-consolidated-patch-md5 "372d367918134f2f41daf54f2acf280a">
<!ENTITY sysvinit-consolidated-patch-size "2.4 KB">
-<!--
-<!ENTITY systemd-upstream-patch "systemd-&systemd-version;-glibc_2.36_fix-1.patch">
-<!ENTITY systemd-upstream-patch-md5 "fd8dc901e73ad00dc72a351a0d4ac48c">
-<!ENTITY systemd-upstream-patch-size "3.0 KB">
--->
+
+<!ENTITY systemd-upstream-patch "systemd-&systemd-version;-security_fix-1.patch">
+<!ENTITY systemd-upstream-patch-md5 "da817e69e897d35cdffd7c45ea06be39">
+<!ENTITY systemd-upstream-patch-size "76.0 KB">
+
<!--
<!ENTITY xz-upstream-fix-patch "xz-&xz-version;-upstream_fix-1.patch">
<!ENTITY xz-upstream-fix-patch-md5 "584c72ea3d8f7502b2770670f3090788">