[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Remotely exploitable bug in systemd (CVE-2017-9445)

	Hi.

On Sun, 2 Jul 2017 10:24:13 +0100
Michael Fothergill <michael.fothergill@gmail.com> wrote:

> On 2 July 2017 at 09:26, Sven Joachim <svenjoac@gmx.de> wrote:
> 
> > On 2017-07-02 09:34 +0200, Pascal Hambourg wrote:
> >
> > > Le 01/07/2017 à 23:19, Sven Joachim a écrit :
> > >> On 2017-07-01 16:36 -0400, Perry E. Metzger wrote:
> > >>
> > >>> Am I correct in interpreting this:
> > >>> https://security-tracker.debian.org/tracker/CVE-2017-9445
> > >>> as meaning a fix to it still isn't in sid, and therefore is not
> > >>> yet in the process of percolating down to stretch?
> > >>
> > >> That seems to be correct.
> >
> 
> ​Could this be exploited to force people to use sysvinit instead of systemd
> ?

Hardly. This is a a bug in an optional component disabled by default
with sane alternatives existing.

Things like [1], on the other hand…

Reco

[1] https://github.com/systemd/systemd/issues/6237
Reply to: