Backport one "security" patch

The patch order is messed up, because I committed the patches that
Michal selected to systemd-stable in the wrong order. Sorry.

0023-resolved-bugfix-of-null-pointer-p-question-dereferen.patch

@@ -0,0 +1,27 @@
+From 2934d046b1f1d6e0cfc08b843066d10bea3e9109 Mon Sep 17 00:00:00 2001
+From: Evgeny Vereshchagin <evvers@ya.ru>
+Date: Wed, 24 May 2017 08:56:48 +0300
+Subject: [PATCH] resolved: bugfix of null pointer p->question dereferencing
+ (#6020)
+
+See https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1621396
+
+(cherry picked from commit a924f43f30f9c4acaf70618dd2a055f8b0f166be)
+---
+ src/resolve/resolved-dns-packet.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
+index a8ad8fe342..8b620cb6a8 100644
+--- a/src/resolve/resolved-dns-packet.c
++++ b/src/resolve/resolved-dns-packet.c
+@@ -2264,6 +2264,9 @@ int dns_packet_is_reply_for(DnsPacket *p, const DnsResourceKey *key) {
+         if (r < 0)
+                 return r;
+ 
++        if (!p->question)
++                return 0;
++
+         if (p->question->n_keys != 1)
+                 return 0;
+ 

0024-udev-net_id-add-support-for-phys_port_name-attribute.patch

@@ -1,4 +1,4 @@
-From 3081adc053a862e8ccbccd97cd45168c0af052aa Mon Sep 17 00:00:00 2001
+From 59fab93ac7960c28bcd7f7646dff07f57073df7d Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Ji=C5=99=C3=AD=20P=C3=ADrko?= <jiri@resnulli.us>
 Date: Wed, 2 Nov 2016 03:46:01 +0100
 Subject: [PATCH] udev: net_id: add support for phys_port_name attribute
@@ -14,7 +14,7 @@ Signed-off-by: Jiri Pirko <jiri@mellanox.com>
  1 file changed, 22 insertions(+), 8 deletions(-)
 
 diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
-index a7be2a4..0eb2500 100644
+index a7be2a4eed..0eb2500dd2 100644
 --- a/src/udev/udev-builtin-net_id.c
 +++ b/src/udev/udev-builtin-net_id.c
 @@ -35,10 +35,12 @@
@@ -100,6 +100,3 @@ index a7be2a4..0eb2500 100644
                          l = strpcpyf(&s, l, "d%d", dev_port);
                  if (l == 0)
                          names->pci_slot[0] = '\0';
--- 
-2.9.3
-

0025-logind-don-t-hit-assert-when-we-try-to-free-NULL-man.patch

@@ -1,4 +1,4 @@
-From 264148da88b25a0800178f0c33e2b6ae292de455 Mon Sep 17 00:00:00 2001
+From a33057b3b58fba988b52da60fada0b25de589c78 Mon Sep 17 00:00:00 2001
 From: Lennart Poettering <lennart@poettering.net>
 Date: Thu, 20 Oct 2016 19:19:46 +0200
 Subject: [PATCH] logind: don't hit assert when we try to free NULL manager
@@ -11,7 +11,7 @@ Fixes: #4431
  1 file changed, 2 insertions(+), 1 deletion(-)
 
 diff --git a/src/login/logind.c b/src/login/logind.c
-index 5ce36d2..e5854db 100644
+index 5ce36d28c7..e5854db264 100644
 --- a/src/login/logind.c
 +++ b/src/login/logind.c
 @@ -125,7 +125,8 @@ static void manager_free(Manager *m) {
@@ -24,6 +24,3 @@ index 5ce36d2..e5854db 100644
  
          while ((session = hashmap_first(m->sessions)))
                  session_free(session);
--- 
-2.9.3
-

0026-core-if-the-start-command-vanishes-during-runtime-do.patch

@@ -1,4 +1,4 @@
-From a30e889de3487c8c478389da0aded6d73f7f4cc7 Mon Sep 17 00:00:00 2001
+From 4185055dfcc4eb549c66c116fd8a7e87e9931ae8 Mon Sep 17 00:00:00 2001
 From: Lennart Poettering <lennart@poettering.net>
 Date: Fri, 21 Oct 2016 12:27:46 +0200
 Subject: [PATCH] core: if the start command vanishes during runtime don't hit
@@ -14,7 +14,7 @@ Fixes: #4444
  1 file changed, 9 insertions(+), 1 deletion(-)
 
 diff --git a/src/core/service.c b/src/core/service.c
-index afb1985..537db62 100644
+index afb198507b..537db62808 100644
 --- a/src/core/service.c
 +++ b/src/core/service.c
 @@ -1706,7 +1706,15 @@ static void service_enter_start(Service *s) {
@@ -34,6 +34,3 @@ index afb1985..537db62 100644
                  service_enter_start_post(s);
                  return;
          }
--- 
-2.9.3
-

0027-core-don-t-hit-an-assert-when-printing-status-messag.patch

@@ -1,4 +1,4 @@
-From f1d2c31949a501d919a17e09b0d2a093d93837b4 Mon Sep 17 00:00:00 2001
+From 37c30b6829eabedf0e5c800aeffb16d4d1b3d2ec Mon Sep 17 00:00:00 2001
 From: Lennart Poettering <lennart@poettering.net>
 Date: Wed, 2 Nov 2016 12:02:53 -0600
 Subject: [PATCH] core: don't hit an assert when printing status messages about
@@ -19,7 +19,7 @@ Fixes: #4534
  1 file changed, 2 insertions(+), 1 deletion(-)
 
 diff --git a/src/core/job.c b/src/core/job.c
-index 7557874..4efcfb8 100644
+index 7557874d4d..4efcfb80f3 100644
 --- a/src/core/job.c
 +++ b/src/core/job.c
 @@ -767,8 +767,9 @@ static void job_log_status_message(Unit *u, JobType t, JobResult result) {
@@ -33,6 +33,3 @@ index 7557874..4efcfb8 100644
          REENABLE_WARNING;
  
          switch (t) {
--- 
-2.9.3
-

0028-device-Avoid-calling-unit_free-NULL-in-device-setup-.patch

@@ -1,4 +1,4 @@
-From 3c9f8cc10801766fba96459c46e52eaf1f77f16b Mon Sep 17 00:00:00 2001
+From c29d24941d5cb3a7016647a4791c7812f2cb83ed Mon Sep 17 00:00:00 2001
 From: Dave Reisner <d@falconindy.com>
 Date: Sun, 27 Nov 2016 17:05:39 -0500
 Subject: [PATCH] device: Avoid calling unit_free(NULL) in device setup logic
@@ -13,13 +13,14 @@ Assertion 'u' failed at src/core/unit.c:519, function unit_free().  Aborting.
 
 Fixes #4747
 https://bugs.archlinux.org/task/51950
+
 (cherry picked from commit d112eae7da77899be245ab52aa1747d4675549f1)
 ---
  src/core/device.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/core/device.c b/src/core/device.c
-index 16e56ef..31724e4 100644
+index 16e56efcc3..31724e4e55 100644
 --- a/src/core/device.c
 +++ b/src/core/device.c
 @@ -369,7 +369,7 @@ static int device_setup_unit(Manager *m, struct udev_device *dev, const char *pa
@@ -31,6 +32,3 @@ index 16e56ef..31724e4 100644
                  unit_free(u);
  
          return r;
--- 
-2.9.3
-

0029-sd-network-fix-memleak-in-dhcp6_option_parse_domainn.patch

@@ -1,4 +1,4 @@
-From 0360725e0871bf29251636c561bfcd738ac5aba2 Mon Sep 17 00:00:00 2001
+From 975e64e62b5db27f3d65f9a7aeb6a0689a535436 Mon Sep 17 00:00:00 2001
 From: Evgeny Vereshchagin <evvers@ya.ru>
 Date: Tue, 24 Jan 2017 05:11:59 +0300
 Subject: [PATCH] sd-network: fix memleak in dhcp6_option_parse_domainname
@@ -64,13 +64,14 @@ Direct leak of 4 byte(s) in 1 object(s) allocated from:
 
 SUMMARY: AddressSanitizer: 8 byte(s) leaked in 2 allocation(s).
 ```
+
 (cherry picked from commit 419eaa8f8d2025bae98c23bdedb434d6dbb025b8)
 ---
  src/libsystemd-network/dhcp6-option.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/libsystemd-network/dhcp6-option.c b/src/libsystemd-network/dhcp6-option.c
-index 5462e03..f8056db 100644
+index 5462e03476..f8056dbc4b 100644
 --- a/src/libsystemd-network/dhcp6-option.c
 +++ b/src/libsystemd-network/dhcp6-option.c
 @@ -339,7 +339,7 @@ int dhcp6_option_parse_ip6addrs(uint8_t *optval, uint16_t optlen,
@@ -82,6 +83,3 @@ index 5462e03..f8056db 100644
          int r;
  
          assert_return(optlen > 1, -ENODATA);
--- 
-2.9.3
-

0030-sd-network-fix-memleak-in-dhcp6_lease_set_domains-51.patch

@@ -1,4 +1,4 @@
-From c0f1299f8dda31ca91e5b7c8a098fad633156960 Mon Sep 17 00:00:00 2001
+From e40c3001ab4ec57c78b0a0093c165cf850f5540a Mon Sep 17 00:00:00 2001
 From: Evgeny Vereshchagin <evvers@ya.ru>
 Date: Tue, 24 Jan 2017 05:12:58 +0300
 Subject: [PATCH] sd-network: fix memleak in dhcp6_lease_set_domains (#5113)
@@ -35,13 +35,14 @@ Direct leak of 10 byte(s) in 1 object(s) allocated from:
 
 SUMMARY: AddressSanitizer: 10 byte(s) leaked in 1 allocation(s).
 ```
+
 (cherry picked from commit 0b75a95ace6e1d82772f6b5f1809f4839b810628)
 ---
  src/libsystemd-network/sd-dhcp6-lease.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/libsystemd-network/sd-dhcp6-lease.c b/src/libsystemd-network/sd-dhcp6-lease.c
-index 5c10a63..681384b 100644
+index 5c10a6326a..681384b3ff 100644
 --- a/src/libsystemd-network/sd-dhcp6-lease.c
 +++ b/src/libsystemd-network/sd-dhcp6-lease.c
 @@ -226,7 +226,7 @@ int dhcp6_lease_set_domains(sd_dhcp6_lease *lease, uint8_t *optval,
@@ -53,6 +54,3 @@ index 5c10a63..681384b 100644
          lease->domains = domains;
          lease->domains_count = r;
  
--- 
-2.9.3
-

0031-sd-event-when-exiting-no-signal-event-are-pending-is.patch

@@ -1,4 +1,4 @@
-From b3f8184653e03409669e24c4e42b2aff4ecf00b7 Mon Sep 17 00:00:00 2001
+From e72c338a9fe72a45e6687174fddf1a1725b5949b Mon Sep 17 00:00:00 2001
 From: Franck Bui <fbui@suse.com>
 Date: Wed, 8 Feb 2017 20:56:22 +0100
 Subject: [PATCH] sd-event: "when exiting no signal event are pending" is a
@@ -35,13 +35,14 @@ sd_event_add_post().
 
 This patch simply removes this assertion as it doesn't seem to be a
 bug if the signal data still reference a signal source at this point.
+
 (cherry picked from commit 4470860388e12a5dda1d65773e411a349221a3e9)
 ---
  src/libsystemd/sd-event/sd-event.c | 1 -
  1 file changed, 1 deletion(-)
 
 diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
-index 9857f8b..41ce91f 100644
+index 9857f8b1fc..41ce91fa79 100644
 --- a/src/libsystemd/sd-event/sd-event.c
 +++ b/src/libsystemd/sd-event/sd-event.c
 @@ -730,7 +730,6 @@ static void event_unmask_signal_data(sd_event *e, struct signal_data *d, int sig
@@ -52,6 +53,3 @@ index 9857f8b..41ce91f 100644
                  safe_close(d->fd);
                  free(d);
                  return;
--- 
-2.9.3
-

0032-journal-gatewayd-fix-segfault-with-certain-request-3.patch

@@ -1,4 +1,4 @@
-From 965082d8f944d96ff1f1f5c5483d2d50215ff1a6 Mon Sep 17 00:00:00 2001
+From 97248e26cdd728c025cc709496d4250350a4878a Mon Sep 17 00:00:00 2001
 From: Yi EungJun <semtlenori@gmail.com>
 Date: Sun, 7 Aug 2016 05:39:13 +0900
 Subject: [PATCH] journal-gatewayd: fix segfault with certain request (#3893)
@@ -10,13 +10,14 @@ Make request_reader_entries to return zero in such case to wait for
 matching entries.
 
 This fixes https://github.com/systemd/systemd/issues/3873.
+
 (cherry picked from commit 3475fc5899db8c8c9198573912429b85213e4862)
 ---
  src/journal-remote/journal-gatewayd.c | 3 +++
  1 file changed, 3 insertions(+)
 
 diff --git a/src/journal-remote/journal-gatewayd.c b/src/journal-remote/journal-gatewayd.c
-index 4ad9184..e4a8287 100644
+index 4ad9184993..e4a82871b5 100644
 --- a/src/journal-remote/journal-gatewayd.c
 +++ b/src/journal-remote/journal-gatewayd.c
 @@ -239,6 +239,9 @@ static ssize_t request_reader_entries(
@@ -29,6 +30,3 @@ index 4ad9184..e4a8287 100644
          if (fseeko(m->tmp, pos, SEEK_SET) < 0) {
                  log_error_errno(errno, "Failed to seek to position: %m");
                  return MHD_CONTENT_READER_END_WITH_ERROR;
--- 
-2.9.3
-

0033-boot-fix-bootctl-install-segfault-4404.patch

@@ -1,4 +1,4 @@
-From 293bb90e89dfdfdad1423d0d1a8e1487a95fec46 Mon Sep 17 00:00:00 2001
+From abdafca5183be5593275033e0514f62fae579aba Mon Sep 17 00:00:00 2001
 From: Yu Watanabe <watanabe.yu+github@gmail.com>
 Date: Wed, 19 Oct 2016 20:50:47 +0900
 Subject: [PATCH] boot: fix `bootctl install` segfault (#4404)
@@ -9,7 +9,7 @@ Subject: [PATCH] boot: fix `bootctl install` segfault (#4404)
  1 file changed, 2 insertions(+), 1 deletion(-)
 
 diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c
-index 37fa049..115fe93 100644
+index 37fa049ecf..115fe9338c 100644
 --- a/src/boot/bootctl.c
 +++ b/src/boot/bootctl.c
 @@ -550,7 +550,8 @@ static const char *efi_subdirs[] = {
@@ -22,6 +22,3 @@ index 37fa049..115fe93 100644
  };
  
  static int create_dirs(const char *esp_path) {
--- 
-2.9.3
-

0034-sysusers-fix-memleak-4430.patch

@@ -1,4 +1,4 @@
-From 8f88b3ca7697acfe79a97d6c7094c277744fd6b2 Mon Sep 17 00:00:00 2001
+From 18de263b7581d2b222027143e9f90e2ebcaefe72 Mon Sep 17 00:00:00 2001
 From: Evgeny Vereshchagin <evvers@ya.ru>
 Date: Thu, 20 Oct 2016 21:23:32 +0300
 Subject: [PATCH] sysusers: fix memleak (#4430)
@@ -16,13 +16,14 @@ Fixes:
 ==28075==    by 0x111EB8: main (sysusers.c:1773)
 ==28075==
 ```
+
 (cherry picked from commit d9b8ea5448ba1e61d681a206d770a4eac39b9936)
 ---
  src/sysusers/sysusers.c | 1 +
  1 file changed, 1 insertion(+)
 
 diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
-index 787d68a..a39a580 100644
+index 787d68a009..a39a580e6a 100644
 --- a/src/sysusers/sysusers.c
 +++ b/src/sysusers/sysusers.c
 @@ -1189,6 +1189,7 @@ static void item_free(Item *i) {
@@ -33,6 +34,3 @@ index 787d68a..a39a580 100644
          free(i);
  }
  
--- 
-2.9.3
-

0035-sysusers-fix-memleak-4443.patch

@@ -1,4 +1,4 @@
-From fa36e278e78aea1d23aac18239f928e168223f39 Mon Sep 17 00:00:00 2001
+From e67c65061dd9fc540ff9e40d0262641af73e1a4d Mon Sep 17 00:00:00 2001
 From: Evgeny Vereshchagin <evvers@ya.ru>
 Date: Fri, 21 Oct 2016 13:30:45 +0300
 Subject: [PATCH] sysusers: fix memleak (#4443)
@@ -14,13 +14,14 @@ Oct 20 09:10:49 systemd-sysusers[144]:     #5 0x56197c4a1766 in make_backup src/
 Oct 20 09:10:49 systemd-sysusers[144]:     #6 0x56197c4a6335 in write_files src/sysusers/sysusers.c:710
 Oct 20 09:10:49 systemd-sysusers[144]:     #7 0x56197c4ae571 in main src/sysusers/sysusers.c:1817
 Oct 20 09:10:49 systemd-sysusers[144]:     #8 0x7f3564dee730 in __libc_start_main (/lib64/libc.so.6+0x20730)
+
 (cherry picked from commit 0a12bb1eaa097dc83018aa034faef113a91e6014)
 ---
  src/sysusers/sysusers.c | 3 ++-
  1 file changed, 2 insertions(+), 1 deletion(-)
 
 diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
-index a39a580..dfb708c 100644
+index a39a580e6a..dfb708c1b9 100644
 --- a/src/sysusers/sysusers.c
 +++ b/src/sysusers/sysusers.c
 @@ -190,7 +190,8 @@ static int load_group_database(void) {
@@ -33,6 +34,3 @@ index a39a580..dfb708c 100644
          struct timespec ts[2];
          struct stat st;
          int r;
--- 
-2.9.3
-

0036-journalctl-fix-memleak.patch

@@ -1,4 +1,4 @@
-From 01ad377a1d4029efb083c6a512793ca7b2a58048 Mon Sep 17 00:00:00 2001
+From c36c799dafadcf5c5447698da97a8d7bd36c9ea4 Mon Sep 17 00:00:00 2001
 From: Evgeny Vereshchagin <evvers@ya.ru>
 Date: Thu, 3 Nov 2016 21:23:22 +0000
 Subject: [PATCH] journalctl: fix memleak
@@ -26,7 +26,7 @@ Closes: #4568
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c
-index d04728f..f347cee 100644
+index d04728f505..f347ceed11 100644
 --- a/src/shared/logs-show.c
 +++ b/src/shared/logs-show.c
 @@ -378,7 +378,7 @@ static int output_short(
@@ -38,6 +38,3 @@ index d04728f..f347cee 100644
                  hostname_len = 0;
          }
  
--- 
-2.9.3
-

0037-acl-util-fix-memleak.patch

@@ -1,4 +1,4 @@
-From 02fc17d4db1f2bc215f7915f4394ea7f4d8d0602 Mon Sep 17 00:00:00 2001
+From 33628598ef1af73f8f50f96b4ce18f8a95733913 Mon Sep 17 00:00:00 2001
 From: Evgeny Vereshchagin <evvers@ya.ru>
 Date: Thu, 3 Nov 2016 22:04:40 +0000
 Subject: [PATCH] acl-util: fix memleak
@@ -42,7 +42,7 @@ Hint: You are currently not seeing messages from other users and the system.
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/shared/acl-util.c b/src/shared/acl-util.c
-index 2aa951f..79a3b95 100644
+index 2aa951fce9..79a3b9591d 100644
 --- a/src/shared/acl-util.c
 +++ b/src/shared/acl-util.c
 @@ -162,7 +162,7 @@ int add_base_acls_if_needed(acl_t *acl_p, const char *path) {
@@ -54,6 +54,3 @@ index 2aa951f..79a3b95 100644
          bool ret = false;
          acl_entry_t entry;
          int r;
--- 
-2.9.3
-

0038-core-fix-memleak-in-bus_exec_context_set_transient_p.patch

@@ -1,4 +1,4 @@
-From a402c90c369f083d37c65a8ba830e7b123b4278b Mon Sep 17 00:00:00 2001
+From 2b0fa6690d559b069612115764e6f80f27699534 Mon Sep 17 00:00:00 2001
 From: Evgeny Vereshchagin <evvers@ya.ru>
 Date: Wed, 25 Jan 2017 05:53:50 +0300
 Subject: [PATCH] core: fix memleak in bus_exec_context_set_transient_property
@@ -24,13 +24,14 @@ systemd-run --property EnvironmentFile=/some/environment/file /bin/sleep 30
     by 0x4F2CE1D: process_message (sd-bus.c:2563)
 ```
 Closes: #5142
+
 (cherry picked from commit 9b531f04fb16e072100b10b93613abe846140305)
 ---
  src/core/dbus-execute.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
-index 307c3d8..a1d5523 100644
+index 307c3d8e7a..a1d55236fc 100644
 --- a/src/core/dbus-execute.c
 +++ b/src/core/dbus-execute.c
 @@ -1224,7 +1224,7 @@ int bus_exec_context_set_transient_property(
@@ -42,6 +43,3 @@ index 307c3d8..a1d5523 100644
                  size_t size = 0;
                  char **i;
  
--- 
-2.9.3
-

0039-core-dbus-fix-two-strv-memleaks.patch

@@ -1,4 +1,4 @@
-From 827038487456a5ad249529cb643ec30bcd1dac62 Mon Sep 17 00:00:00 2001
+From c9906ce0e0a74d5fe9c04bcb1bbc0de75402b8ea Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Tue, 24 Jan 2017 22:21:16 -0500
 Subject: [PATCH] core/dbus: fix two strv memleaks
@@ -12,7 +12,7 @@ strv_free.
  1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/src/core/dbus.c b/src/core/dbus.c
-index 3422a02..5d87bca 100644
+index 3422a02d68..5d87bca8b1 100644
 --- a/src/core/dbus.c
 +++ b/src/core/dbus.c
 @@ -477,7 +477,7 @@ static int bus_kill_context_find(sd_bus *bus, const char *path, const char *inte
@@ -33,6 +33,3 @@ index 3422a02..5d87bca 100644
          Manager *m = userdata;
          unsigned k = 0;
          Iterator i;
--- 
-2.9.3
-

0040-resolve-fix-strv-memleak.patch

@@ -1,4 +1,4 @@
-From 610b7bf641e708c95e5ec7e7bd2bc8742a44e86a Mon Sep 17 00:00:00 2001
+From 47194e64843ea986a56864442cb9653a6b23219d Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Tue, 24 Jan 2017 22:27:21 -0500
 Subject: [PATCH] resolve: fix strv memleak
@@ -11,7 +11,7 @@ sd_bus_message_read_strv() returns a normal strv...
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/resolve/resolved-link-bus.c b/src/resolve/resolved-link-bus.c
-index 3648122..59cd6cf 100644
+index 364812250f..59cd6cf1cb 100644
 --- a/src/resolve/resolved-link-bus.c
 +++ b/src/resolve/resolved-link-bus.c
 @@ -462,7 +462,7 @@ int bus_link_method_set_dnssec(sd_bus_message *message, void *userdata, sd_bus_e
@@ -23,6 +23,3 @@ index 3648122..59cd6cf 100644
          Link *l = userdata;
          int r;
          char **i;
--- 
-2.9.3
-

0041-sd-device-replace-lstat-open-with-open-O_NOFOLLOW.patch

@@ -1,4 +1,4 @@
-From e863293901fc7cfe823c0c0213b86aa5a98b07ba Mon Sep 17 00:00:00 2001
+From a7c2ac892ad0c6e9d270bf9adf071f0aab456282 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Sun, 19 Feb 2017 14:17:19 -0500
 Subject: [PATCH] sd-device: replace lstat() + open() with open(O_NOFOLLOW)
@@ -20,7 +20,7 @@ v2:
  1 file changed, 16 insertions(+), 27 deletions(-)
 
 diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c
-index 0c4ad96..1d68fe0 100644
+index 0c4ad966bd..1d68fe07ae 100644
 --- a/src/libsystemd/sd-device/sd-device.c
 +++ b/src/libsystemd/sd-device/sd-device.c
 @@ -1857,8 +1857,7 @@ _public_ int sd_device_set_sysattr_value(sd_device *device, const char *sysattr,
@@ -104,6 +104,3 @@ index 0c4ad96..1d68fe0 100644
          value = NULL;
  
          return 0;
--- 
-2.9.3
-

systemd.spec

@@ -12,7 +12,7 @@
 Name:           systemd
 Url:            http://www.freedesktop.org/wiki/Software/systemd
 Version:        231
-Release:        14%{?gitcommit:.git%{gitcommitshort}}%{?dist}
+Release:        15%{?gitcommit:.git%{gitcommitshort}}%{?dist}
 # For a breakdown of the licensing, see README
 License:        LGPLv2+ and MIT and GPLv2+
 Summary:        A System and Service Manager
@@ -59,24 +59,25 @@ Patch0019:      0019-shared-install-fix-set-default-with-empty-root-4118.patch
 Patch0020:      0020-Various-simplifications.patch
 Patch0021:      0021-build-sys-check-for-lz4-in-the-old-and-new-numbering.patch
 Patch0022:      0022-pid1-do-not-use-mtime-0-as-sign-of-masking-4388.patch
-Patch0023:      0023-udev-net_id-add-support-for-phys_port_name-attribute.patch
-Patch0024:      0024-logind-don-t-hit-assert-when-we-try-to-free-NULL-man.patch
-Patch0025:      0025-core-if-the-start-command-vanishes-during-runtime-do.patch
-Patch0026:      0026-core-don-t-hit-an-assert-when-printing-status-messag.patch
-Patch0027:      0027-device-Avoid-calling-unit_free-NULL-in-device-setup-.patch
-Patch0028:      0028-sd-network-fix-memleak-in-dhcp6_option_parse_domainn.patch
-Patch0029:      0029-sd-network-fix-memleak-in-dhcp6_lease_set_domains-51.patch
-Patch0030:      0030-sd-event-when-exiting-no-signal-event-are-pending-is.patch
-Patch0031:      0031-journal-gatewayd-fix-segfault-with-certain-request-3.patch
-Patch0032:      0032-boot-fix-bootctl-install-segfault-4404.patch
-Patch0033:      0033-sysusers-fix-memleak-4430.patch
-Patch0034:      0034-sysusers-fix-memleak-4443.patch
-Patch0035:      0035-journalctl-fix-memleak.patch
-Patch0036:      0036-acl-util-fix-memleak.patch
-Patch0037:      0037-core-fix-memleak-in-bus_exec_context_set_transient_p.patch
-Patch0038:      0038-core-dbus-fix-two-strv-memleaks.patch
-Patch0039:      0039-resolve-fix-strv-memleak.patch
-Patch0040:      0040-sd-device-replace-lstat-open-with-open-O_NOFOLLOW.patch
+Patch0023:      0023-resolved-bugfix-of-null-pointer-p-question-dereferen.patch
+Patch0024:      0024-udev-net_id-add-support-for-phys_port_name-attribute.patch
+Patch0025:      0025-logind-don-t-hit-assert-when-we-try-to-free-NULL-man.patch
+Patch0026:      0026-core-if-the-start-command-vanishes-during-runtime-do.patch
+Patch0027:      0027-core-don-t-hit-an-assert-when-printing-status-messag.patch
+Patch0028:      0028-device-Avoid-calling-unit_free-NULL-in-device-setup-.patch
+Patch0029:      0029-sd-network-fix-memleak-in-dhcp6_option_parse_domainn.patch
+Patch0030:      0030-sd-network-fix-memleak-in-dhcp6_lease_set_domains-51.patch
+Patch0031:      0031-sd-event-when-exiting-no-signal-event-are-pending-is.patch
+Patch0032:      0032-journal-gatewayd-fix-segfault-with-certain-request-3.patch
+Patch0033:      0033-boot-fix-bootctl-install-segfault-4404.patch
+Patch0034:      0034-sysusers-fix-memleak-4430.patch
+Patch0035:      0035-sysusers-fix-memleak-4443.patch
+Patch0036:      0036-journalctl-fix-memleak.patch
+Patch0037:      0037-acl-util-fix-memleak.patch
+Patch0038:      0038-core-fix-memleak-in-bus_exec_context_set_transient_p.patch
+Patch0039:      0039-core-dbus-fix-two-strv-memleaks.patch
+Patch0040:      0040-resolve-fix-strv-memleak.patch
+Patch0041:      0041-sd-device-replace-lstat-open-with-open-O_NOFOLLOW.patch
 
 Patch0998:      0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
 
@@ -975,6 +976,9 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
 %{_mandir}/man[1578]/systemd-nspawn.*
 
 %changelog
+* Thu May 25 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 231-15
+- Fix systemd-resolved crash on crafted DNS packet (CVE-2017-9217, #1455493)
+
 * Wed Feb 22 2017 Michal Sekletar <msekleta@redhat.com> - 231-14
 - Backport support for phys_port_name to net_id (#1425737)
 - Backport bunch of bugfixes (asserts, segv, memleaks) from upstream