Re: Remotely exploitable bug in systemd (CVE-2017-9445)

To: debian-user@lists.debian.org
Subject: Re: Remotely exploitable bug in systemd (CVE-2017-9445)
From: Mark Fletcher <mark27q1@gmail.com>
Date: Sun, 2 Jul 2017 08:20:04 +0900
Message-id: <[🔎] 20170701232004.solbyjzn44nb3t7x@kazuki.local>
In-reply-to: <[🔎] oj98ju$jdv$2@blaine.gmane.org>
References: <[🔎] 20170701163641.0567492f@jabberwock.cb.piermont.com> <[🔎] oj98ju$jdv$2@blaine.gmane.org>

On Sun, Jul 02, 2017 at 12:44:20AM +0200, deloptes wrote:
> 
> I don't think it is that new as I have not done any upgrades recently and I
> have
> dpkg -l | grep systemd
> ii  libpam-systemd:amd64                   215-17+deb8u7                          
> amd64        system and service manager - PAM module
> ii  libsystemd0:amd64                      215-17+deb8u7                          
> amd64        systemd utility library
> 
> and in the CVE-2017-9445 it says it is fixed in jessie in the above
> mentioned versions ... so it must be at least few weeks old as I recently
> updated back then.
> 

>From my reading of the issue it isn't that it is fixed in Jessie, it is 
that it was never an issue in the first place in Jessie -- Jessie's 
version of systemd never had the vulnerable code (presumably because the 
vulnerable code is newer than that)

Mark

Reply to:

References:
- Remotely exploitable bug in systemd (CVE-2017-9445)
  - From: "Perry E. Metzger" <perry@piermont.com>
- Re: Remotely exploitable bug in systemd (CVE-2017-9445)
  - From: deloptes <deloptes@gmail.com>

Prev by Date: Re: mplayer won't play audio CD
Next by Date: Re: mplayer won't play audio CD
Previous by thread: Re: Remotely exploitable bug in systemd (CVE-2017-9445)
Next by thread: Re: Remotely exploitable bug in systemd (CVE-2017-9445)
Index(es):
- Date
- Thread