Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#57525 - [systemd] [Security] arbitrary file overwrite (CVE-2018-6954)
Attached to Project:
Arch Linux
Opened by Morten Linderud (Foxboron) - Thursday, 15 February 2018, 23:04 GMT
Last edited by Dave Reisner (falconindy) - Saturday, 05 January 2019, 14:52 GMT
Opened by Morten Linderud (Foxboron) - Thursday, 15 February 2018, 23:04 GMT
Last edited by Dave Reisner (falconindy) - Saturday, 05 January 2019, 14:52 GMT
|
DetailsSummary
======= The package systemd is vulnerable to arbitrary file overwrite via CVE-2018-6954. Guidance ======== Cherry picking the commit might be desirable. References ========== https://security.archlinux.org/AVG-615 https://github.com/systemd/systemd/issues/7986 |
This task depends upon
Closed by Dave Reisner (falconindy)
Saturday, 05 January 2019, 14:52 GMT
Reason for closing: Fixed
Additional comments about closing: testing/systemd-240
Saturday, 05 January 2019, 14:52 GMT
Reason for closing: Fixed
Additional comments about closing: testing/systemd-240
Comment by loqs (loqs) -
Friday, 16 February 2018, 22:03 GMT
Cherry picking which commit?
Comment by loqs (loqs) -
Tuesday, 30 October 2018, 00:11 GMT
All the commits from https://github.com/systemd/systemd/pull/8822 apply and the only test failure is the unrelated lz4 issue.
systemd.patch
(1.8 KiB)