Commit 5edabcea authored by Dimitri John Ledkov's avatar Dimitri John Ledkov
Browse files

releasing package systemd version 234-2ubuntu12.1

parent a064af24
systemd (234-2ubuntu12.1) artful-security; urgency=medium
* SECURITY UPDATE: remote DoS in resolve (LP: #1725351)
- debian/patches/CVE-2017-15908.patch: fix loop on packets with pseudo
dns types in src/resolve/resolved-dns-packet.c.
- CVE-2017-15908
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 26 Oct 2017 07:56:42 -0400
systemd (234-2ubuntu12) artful; urgency=medium
[ Dimitri John Ledkov ]
......
From 9f939335a07085aa9a9663efd1dca06ef6405d62 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 25 Oct 2017 11:19:19 +0200
Subject: [PATCH] resolved: fix loop on packets with pseudo dns types
Reported by Karim Hossen & Thomas Imbert from Sogeti ESEC R&D.
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
---
src/resolve/resolved-dns-packet.c | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
Index: systemd-234/src/resolve/resolved-dns-packet.c
===================================================================
--- systemd-234.orig/src/resolve/resolved-dns-packet.c 2017-10-26 07:56:37.659734025 -0400
+++ systemd-234/src/resolve/resolved-dns-packet.c 2017-10-26 07:56:37.655733987 -0400
@@ -1503,7 +1503,7 @@ static int dns_packet_read_type_window(D
found = true;
- while (bitmask) {
+ for (; bitmask; bit++, bitmask >>= 1)
if (bitmap[i] & bitmask) {
uint16_t n;
@@ -1517,10 +1517,6 @@ static int dns_packet_read_type_window(D
if (r < 0)
return r;
}
-
- bit++;
- bitmask >>= 1;
- }
}
if (!found)
......@@ -37,3 +37,4 @@ debian/Ubuntu-resolved-resolvconf-integration.patch
debian/Ubuntu-Ship-modprobe.d-drop-in-to-set-bonding-max_bonds-to-0.patch
debian/Ubuntu-core-in-execute-soft-fail-setting-Nice-priority-when.patch
debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch
CVE-2017-15908.patch
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment