fix CVE-2023-50387 and CVE-2023-50868

2024-04-17 16:02:18 +08:00 · 2024-04-17 16:02:18 +08:00 · 1bfc023dbe
commit 1bfc023dbe
parent 12775545d4
3 changed files with 6 additions and 3 deletions
--- a/backport-resolved-limit-the-number-of-signature-validations-i.patch
+++ b/backport-resolved-limit-the-number-of-signature-validations-i.patch
--- a/backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
+++ b/backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
--- a/systemd.spec
+++ b/systemd.spec
@ -16,7 +16,7 @@
 Name:           systemd
 Url:            https://systemd.io/
 Version:        243
-Release:        77
+Release:        78
 License:        MIT and LGPLv2+ and GPLv2+
 Summary:        System and Service Manager

@ -303,8 +303,8 @@ Patch0255:      backport-busctl-avoid-asserting-on-NULL-message.patch
 Patch0256:      backport-sd-journal-check-sd-event-state-before-setting-up-po.patch
 Patch0257:      backport-utmp-remove-dev-from-line.patch
 Patch0258:      backport-core-exec-do-not-crash-with-UtmpMode-user-without-Us.patch
-Patch0259:      backport-resolved-limit-the-number-of-signature-validations-i.patch
-Patch0260:      backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
+Patch0259:      backport-CVE-2023-50387.patch
+Patch0260:      backport-CVE-2023-50868.patch

 #openEuler
 Patch9002:      1509-fix-journal-file-descriptors-leak-problems.patch
@ -1712,6 +1712,9 @@ fi
 %exclude /usr/share/man/man3/*

 %changelog
+* Wed Apr 17 2024 huyubiao <huyubiao@huawei.com> - 243-78
+- fix CVE-2023-50387 and CVE-2023-50868
+
 * Tue Apr 16 2024 huyubiao <huyubiao@huawei.com> - 243-77
 - Update outdated URL