Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#60609 - [systemd] CVE-2018-15688 A buffer overflow vulnerability in the dhcp6…

Attached to Project: Arch Linux
Opened by Ariel AxionL (axionl) - Saturday, 27 October 2018, 06:08 GMT
Last edited by Evangelos Foutras (foutrelis) - Friday, 07 December 2018, 18:21 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Dave Reisner (falconindy)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No



A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.

Additional info:
* package version(s)
* config and/or log files etc.

systemd 239.2-1

This task depends upon

Closed by  Evangelos Foutras (foutrelis)
Friday, 07 December 2018, 18:21 GMT
Reason for closing:  Fixed
Additional comments about closing:  systemd 239.6-1
Comment by Dave Reisner (falconindy) - Sunday, 28 October 2018, 21:18 GMT
backport is in testing.