Re: Remotely exploitable bug in systemd (CVE-2017-9445)
On Sun, Jul 02, 2017 at 12:44:20AM +0200, deloptes wrote:
>
> I don't think it is that new as I have not done any upgrades recently and I
> have
> dpkg -l | grep systemd
> ii libpam-systemd:amd64 215-17+deb8u7
> amd64 system and service manager - PAM module
> ii libsystemd0:amd64 215-17+deb8u7
> amd64 systemd utility library
>
> and in the CVE-2017-9445 it says it is fixed in jessie in the above
> mentioned versions ... so it must be at least few weeks old as I recently
> updated back then.
>
>From my reading of the issue it isn't that it is fixed in Jessie, it is
that it was never an issue in the first place in Jessie -- Jessie's
version of systemd never had the vulnerable code (presumably because the
vulnerable code is newer than that)
Mark
Reply to: