Patches for the journal CVEs and various other fixes

2019-01-11 13:35:20 +01:00 · 2019-01-11 13:35:20 +01:00 · 0214da5fc8
commit 0214da5fc8
parent ea91d39bdd
5 changed files with 12 additions and 123 deletions
--- a/0001-test-json-check-absolute-and-relative-difference-in-.patch
+++ b/0001-test-json-check-absolute-and-relative-difference-in-.patch
@ -1,55 +0,0 @@
-From 847364f5123f108884f8c59fb05d7ff941693dfb Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
-Date: Fri, 21 Dec 2018 22:49:53 +0100
-Subject: [PATCH] test-json: check absolute and relative difference in floating
- point test
-
-The test fails under valgrind, so there was an exception for valgrind.
-Unfortunately that check only works when valgrind-devel headers are
-available during build. But it is possible to have just valgrind installed,
-or simply install it after the build, and then "valgrind test-json" would
-fail.
-
-It also seems that even without valgrind, this fails on some arm32 CPUs.
-Let's do the usual-style test for absolute and relative differences.
---
- src/test/test-json.c | 16 +++++++---------
- 1 file changed, 7 insertions(+), 9 deletions(-)
-
-diff --git a/src/test/test-json.c b/src/test/test-json.c
-index 5aa4d19dbe..cd6269f798 100644
--- a/src/test/test-json.c
-+++ b/src/test/test-json.c
-@@ -1,9 +1,6 @@
- /* SPDX-License-Identifier: LGPL-2.1+ */
- 
- #include <math.h>
-#if HAVE_VALGRIND_VALGRIND_H
-#include <valgrind/valgrind.h>
-#endif
- 
- #include "alloc-util.h"
- #include "fd-util.h"
-@@ -45,12 +42,13 @@ static void test_tokenizer(const char *data, ...) {
- 
-                         d = va_arg(ap, long double);
- 
-#if HAVE_VALGRIND_VALGRIND_H
-                        if (!RUNNING_ON_VALGRIND)
-#endif
-                                /* Valgrind doesn't support long double calculations and automatically downgrades to 80bit:
-                                 * http://www.valgrind.org/docs/manual/manual-core.html#manual-core.limits */
-                                assert_se(fabsl(d - v.real) < 0.001L);
-+                        /* Valgrind doesn't support long double calculations and automatically downgrades to 80bit:
-+                         * http://www.valgrind.org/docs/manual/manual-core.html#manual-core.limits.
-+                         * Some architectures might not support long double either.
-+                         */
-+
-+                        assert_se(fabsl(d - v.real) < 1e-10 ||
-+                                  fabsl((d - v.real) / v.real) < 1e-10);
- 
-                 } else if (t == JSON_TOKEN_INTEGER) {
-                         intmax_t i;
-- 
-2.19.2
-
--- a/0003-Revert-sd-device-ignore-bind-unbind-events-for-now.patch
+++ b/0003-Revert-sd-device-ignore-bind-unbind-events-for-now.patch
@ -1,33 +0,0 @@
-From 1f17a35ef85e943965ffafe2ef6eebd98d6b917a Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Sat, 22 Dec 2018 19:39:51 +0900
-Subject: [PATCH 3/4] Revert "sd-device: ignore bind/unbind events for now"
-
-This reverts commit 56c886dc7ed5b2bb0882ba85136f4070545bfc1b.
---
- src/libsystemd/sd-device/device-private.c | 9 ---------
- 1 file changed, 9 deletions(-)
-
-diff --git a/src/libsystemd/sd-device/device-private.c b/src/libsystemd/sd-device/device-private.c
-index 01a5aa3d3f..36beb3e7df 100644
--- a/src/libsystemd/sd-device/device-private.c
-+++ b/src/libsystemd/sd-device/device-private.c
-@@ -326,15 +326,6 @@ static int device_append(sd_device *device, char *key, const char **_major, cons
-                         action = device_action_from_string(value);
-                         if (action == _DEVICE_ACTION_INVALID)
-                                 return -EINVAL;
-                        /* FIXME: remove once we no longer flush previuos state for each action */
-                        if (action == DEVICE_ACTION_BIND || action == DEVICE_ACTION_UNBIND) {
-                                static bool warned;
-                                if (!warned) {
-                                        log_device_debug(device, "sd-device: ignoring actions 'bind' and 'unbind'");
-                                        warned = true;
-                                }
-                                return -EINVAL;
-                        }
-                 } else if (streq(key, "SEQNUM")) {
-                         r = safe_atou64(value, &seqnum);
-                         if (r < 0)
-- 
-2.19.2
-
--- a/0004-Revert-udevd-configure-a-child-process-name-for-work.patch
+++ b/0004-Revert-udevd-configure-a-child-process-name-for-work.patch
@ -1,27 +0,0 @@
-From 6d243cc3e79fa1b4de4388661c9318d17a3d9d1a Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Sat, 22 Dec 2018 19:49:47 +0900
-Subject: [PATCH 4/4] Revert "udevd: configure a child process name for worker
- processes"
-
-This reverts commit 49f3ee7e74c714f55aab395c080b1099fc17f7fd.
---
- src/udev/udevd.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/udev/udevd.c b/src/udev/udevd.c
-index fb8724ea87..ec77bd4a71 100644
--- a/src/udev/udevd.c
-+++ b/src/udev/udevd.c
-@@ -534,7 +534,7 @@ static int worker_spawn(Manager *manager, struct event *event) {
-         if (r < 0)
-                 return log_error_errno(r, "Worker: Failed to enable receiving of device: %m");
- 
-        r = safe_fork("(worker)", FORK_DEATHSIG, &pid);
-+        r = safe_fork(NULL, FORK_DEATHSIG, &pid);
-         if (r < 0) {
-                 event->state = EVENT_QUEUED;
-                 return log_error_errno(r, "Failed to fork() worker: %m");
-- 
-2.19.2
-
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (systemd-240.tar.gz) = da7467781b16f65d868931ae88fd07554db61542aec7f11dbec9f7279b529f900301edfea2d3813ddb64eeb3fdcfb7be86e540c65212dd7cfdcdebbc80de2ff5
+SHA512 (systemd-f02b547.tar.gz) = a7d774ed00d572eb2d9313ff25a09c707112443020d173d4d350bdb9b269fcef519da8efc2d93b3b72f4ebdd3ff295716e2f640f8c1e679cb24b26e71fca56ee
--- a/systemd.spec
+++ b/systemd.spec
@ -1,7 +1,7 @@
-#global commit a188229ade906a1374efea4d1851b510d6216c38
+%global commit f02b5472c6f0c41e5dc8dc2c84590866baf937ff
 %{?commit:%global shortcommit %(c=%{commit}; echo ${c:0:7})}

-#global stable 1
+%global stable 1

 # We ship a .pc file but don't want to have a dep on pkg-config. We
 # strip the automatically generated dep here and instead co-own the
@ -14,8 +14,8 @@

 Name:           systemd
 Url:            https://www.freedesktop.org/wiki/Software/systemd
-Version:        240%{?commit:~0.git%{shortcommit}}
-Release:        2%{?dist}
+Version:        240
+Release:        3%{?commit:.git%{shortcommit}}%{?dist}
 # For a breakdown of the licensing, see README
 License:        LGPLv2+ and MIT and GPLv2+
 Summary:        System and Service Manager
@ -50,10 +50,7 @@ i=1; for j in 00*patch; do printf "Patch%04d:      %s\n" $i $j; i=$((i+1));done|
 GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py > hwdb.patch
 %endif

-Patch0001:      0001-test-json-check-absolute-and-relative-difference-in-.patch
 Patch0002:      0002-Revert-units-set-NoNewPrivileges-for-all-long-runnin.patch
-Patch0003:      0003-Revert-sd-device-ignore-bind-unbind-events-for-now.patch
-Patch0004:      0004-Revert-udevd-configure-a-child-process-name-for-work.patch

 Patch0998:      0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch

@ -688,6 +685,13 @@ fi
 %files tests -f .file-list-tests

 %changelog
+* Fri Jan 11 2019 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 240-3.gitf02b547
+- systemd-journald and systemd-journal-remote reject entries which
+  contain too many fields (CVE-2018-16865, #1664973) and set limits on the
+  process' command line length (CVE-2018-16864, #1664972)
+- $DBUS_SESSION_BUS_ADDRESS is again exported by pam_systemd (#1662857)
+- A fix for systemd-udevd crash (#1662303)
+
 * Sat Dec 22 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 240-2
 - Add two more patches that revert recent udev changes