fix CVE-2023-50387 and CVE-2023-50868

2024-04-17 16:07:42 +08:00 · 2024-04-17 16:07:42 +08:00 · d67d164e88
commit d67d164e88
parent 395f529b8a
3 changed files with 6 additions and 3 deletions
--- a/backport-resolved-limit-the-number-of-signature-validations-i.patch
+++ b/backport-resolved-limit-the-number-of-signature-validations-i.patch
--- a/backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
+++ b/backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
--- a/systemd.spec
+++ b/systemd.spec
@ -21,7 +21,7 @@
 Name:           systemd
 Url:            https://systemd.io/
 Version:        249
-Release:        76
+Release:        77
 License:        MIT and LGPLv2+ and GPLv2+
 Summary:        System and Service Manager

@ -638,8 +638,8 @@ Patch6589:      backport-resolve-don-t-add-sockets-to-the-graveyard-on-shutdo.pa
 Patch6590:      backport-sd-journal-check-sd-event-state-before-setting-up-po.patch
 Patch6591:      backport-shutdown-get-only-active-md-arrays.patch
 Patch6592:      backport-core-exec-do-not-crash-with-UtmpMode-user-without-Us.patch
-Patch6593:      backport-resolved-limit-the-number-of-signature-validations-i.patch
-Patch6594:      backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
+Patch6593:      backport-CVE-2023-50387.patch
+Patch6594:      backport-CVE-2023-50868.patch

 Patch9001:      update-rtc-with-system-clock-when-shutdown.patch
 Patch9002:      udev-add-actions-while-rename-netif-failed.patch
@ -2144,6 +2144,9 @@ grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null &&
 %{_libdir}/security/pam_systemd.so

 %changelog
+* Wed Apr 17 2024 huyubiao <huyubiao@huawei.com> - 249-77
+- fix CVE-2023-50387 and CVE-2023-50868
+
 * Tue Apr 16 2024 huyubiao <huyubiao@huawei.com> - 249-76
 - Update outdated URL