Re: systemd CVE-2016-7796

To: Ben Hutchings <ben@decadent.org.uk>, debian-lts@lists.debian.org, team@security.debian.org
Subject: Re: systemd CVE-2016-7796
From: Brian May <bam@debian.org>
Date: Thu, 13 Oct 2016 08:27:21 +1100
Message-id: <[🔎] 87vawxi7gm.fsf@prune.linuxpenguins.xyz>
In-reply-to: <[🔎] 87eg3o66b8.fsf@prune.linuxpenguins.xyz>
References: <[🔎] 87h98ri8ef.fsf@prune.linuxpenguins.xyz> <[🔎] 1475670785.2632.149.camel@decadent.org.uk> <[🔎] 87eg3uike4.fsf@prune.linuxpenguins.xyz> <[🔎] 87bmyyijxv.fsf@prune.linuxpenguins.xyz> <[🔎] 1475703150.2632.175.camel@decadent.org.uk> <[🔎] 87wphlgp4j.fsf@prune.linuxpenguins.xyz> <[🔎] 1475792148.15081.16.camel@decadent.org.uk> <[🔎] 87r37shcqg.fsf@prune.linuxpenguins.xyz> <[🔎] 1475845445.15081.26.camel@decadent.org.uk> <[🔎] 87fuo5grgb.fsf@prune.linuxpenguins.xyz> <[🔎] 1476054388.2631.0.camel@decadent.org.uk> <[🔎] 87eg3o66b8.fsf@prune.linuxpenguins.xyz>

Brian May <bam@debian.org> writes:

> Ben Hutchings <ben@decadent.org.uk> writes:
>> That looks about right.
>
> I have a version available for testing:
>
> https://people.debian.org/~bam/debian/pool/main/s/systemd/

Just tested this on a wheezy VM. Using
NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""

Without the patch:

Oct 13 07:58:00 debian systemd[1]: Failed to run mainloop: Input/output error
Oct 13 07:58:00 debian systemd-cgroups[1890]: Failed to get D-Bus connection: Failed to connect to socket /org/freedesktop/systemd1/private: Connection refused
Oct 13 08:00:23 debian systemd-logind[689]: Removed session c2.
Oct 13 08:00:27 debian [1920]: Failed to get D-Bus connection: Failed to connect to socket /org/freedesktop/systemd1/private: Connection refused
[ at this point no systemctl operations work ]

After the patch:

Oct 13 08:16:13 debian systemd[1]: Cannot find unit for notify message of PID 2944.
[ everything still works ]

Will upload this afternoon or tomorrow unless any objections.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: systemd CVE-2016-7796
  - From: Brian May <bam@debian.org>

References:
- systemd CVE-2016-7796
  - From: Brian May <bam@debian.org>
- Re: systemd CVE-2016-7796
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: systemd CVE-2016-7796
  - From: Brian May <bam@debian.org>
- Re: systemd CVE-2016-7796
  - From: Brian May <bam@debian.org>
- Re: systemd CVE-2016-7796
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: systemd CVE-2016-7796
  - From: Brian May <bam@debian.org>
- Re: systemd CVE-2016-7796
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: systemd CVE-2016-7796
  - From: Brian May <bam@debian.org>
- Re: systemd CVE-2016-7796
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: systemd CVE-2016-7796
  - From: Brian May <bam@debian.org>
- Re: systemd CVE-2016-7796
  - From: Ben Hutchings <ben@decadent.org.uk>
- Re: systemd CVE-2016-7796
  - From: Brian May <bam@debian.org>

Prev by Date: Re: Wheezy update for libass ?
Next by Date: Re: graphicsmagick packaging
Previous by thread: Re: systemd CVE-2016-7796
Next by thread: Re: systemd CVE-2016-7796
Index(es):
- Date
- Thread