[Buildroot] [PATCH-2021.02.x] package/systemd: security bump to version 247.9
Peter Korsgaard
peter at korsgaard.com
Thu Oct 14 20:29:21 UTC 2021
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> - CVE-2020-13529: An exploitable denial-of-service vulnerability exists in
> Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a
> server running the DHCP client to be vulnerable to a DHCP ACK spoofing
> attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets
> to reconfigure the server.
> https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
> - CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)
> https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/cve-2021-33910-denial-of-service-stack-exhaustion-in-systemd-pid-1
> Update hash of README for a change of IRC network:
> - #systemd on irc.freenode.org
> + #systemd on irc.libera.chat
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2021.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list