From 7f53998bd3726c808abf8b0c4950e25db29d9ea2 Mon Sep 17 00:00:00 2001
From: P Dheeraj Srujan Kumar
Date: Sat, 8 Jul 2023 03:35:27 +0530
Subject: Update to internal 1-1.11-1
Signed-off-by: P Dheeraj Srujan Kumar
---
.../systemd/systemd/CVE-2022-3821.patch | 24 ++++++++++++++++++++++
.../recipes-core/systemd/systemd_%.bbappend | 1 +
2 files changed, 25 insertions(+)
create mode 100644 meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/CVE-2022-3821.patch
(limited to 'meta-openbmc-mods/meta-common/recipes-core/systemd')
diff --git a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/CVE-2022-3821.patch b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/CVE-2022-3821.patch
new file mode 100644
index 000000000..5e32866f1
--- /dev/null
+++ b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/CVE-2022-3821.patch
@@ -0,0 +1,24 @@
+From 8d2d0895229cfbe39c1c5c16e61e426812a72e8b Mon Sep 17 00:00:00 2001
+From: Yu Watanabe
+Date: Thu, 7 Jul 2022 18:27:02 +0900
+Subject: [PATCH] time-util: fix buffer-over-run
+
+Fixes #23928.
+---
+ src/basic/time-util.c | 2 +-
+ src/test/test-time-util.c | 5 +++++
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/basic/time-util.c b/src/basic/time-util.c
+index abbc4ad5cd70..26d59de12348 100644
+--- a/src/basic/time-util.c
++++ b/src/basic/time-util.c
+@@ -591,7 +591,7 @@ char *format_timespan(char *buf, size_t l, usec_t t, usec_t accuracy) {
+ t = b;
+ }
+
+- n = MIN((size_t) k, l);
++ n = MIN((size_t) k, l-1);
+
+ l -= n;
+ p += n;
diff --git a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend
index 262f557e0..66d3a9bdc 100644
--- a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend
+++ b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend
@@ -4,6 +4,7 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
SRC_URI += "file://0002-Add-event-log-for-system-time-synchronization.patch \
file://0003-Added-timeout-to-systemd-networkd-wait-online.servic.patch \
+ file://CVE-2022-3821.patch \
"
# We don't support loadable modules in kernel config
--
cgit v1.2.3