Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#61804 - [systemd] [Security] denial of service (CVE-2019-6454)

Attached to Project: Arch Linux
Opened by Morten Linderud (Foxboron) - Monday, 18 February 2019, 23:47 GMT
Last edited by Levente Polyak (anthraxx) - Thursday, 21 February 2019, 13:16 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Dave Reisner (falconindy)
Christian Hesse (eworm)
Levente Polyak (anthraxx)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Summary
=======

The package systemd is vulnerable to denial of service via CVE-2019-6454.

Guidance
========

The PR contains the patches provided from the open-wall announcement. I assume they will land in master unmodified. One part of the patch-set is already upstream.

References
==========

https://security.archlinux.org/AVG-906
https://bugzilla.redhat.com/show_bug.cgi?id=1667032
https://www.openwall.com/lists/oss-security/2019/02/18/3
https://github.com/systemd/systemd/pull/11754
https://github.com/systemd/systemd/commit/612b74d32f970c43c14ad087ad086424792981b1
This task depends upon

Closed by  Levente Polyak (anthraxx)
Thursday, 21 February 2019, 13:16 GMT
Reason for closing:  Fixed
Additional comments about closing:  241.7-2
Comment by Morten Linderud (Foxboron) - Monday, 18 February 2019, 23:49 GMT
Forgot guidance again :/

The PR contains the patches provided from the open-wall announcement. I assume they will land in master unmodified. One part of the patch-set is already upstream.

Loading...