[Buildroot] [PATCH-2021.02.x] package/systemd: security bump to version 247.9

Peter Korsgaard peter at korsgaard.com
Thu Oct 14 20:29:21 UTC 2021


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security issues:
 > - CVE-2020-13529: An exploitable denial-of-service vulnerability exists in
 >   Systemd 245.  A specially crafted DHCP FORCERENEW packet can cause a
 >   server running the DHCP client to be vulnerable to a DHCP ACK spoofing
 >   attack.  An attacker can forge a pair of FORCERENEW and DCHP ACK packets
 >   to reconfigure the server.
 >   https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142

 > - CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)
 >   https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/cve-2021-33910-denial-of-service-stack-exhaustion-in-systemd-pid-1

 > Update hash of README for a change of IRC network:
 > -        #systemd on irc.freenode.org
 > +        #systemd on irc.libera.chat

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2021.02.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list