Bug#866147: systemd: CVE-2017-9445: Out-of-bounds write in systemd-resolved with crafted TCP payload
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 27 19:49:26 BST 2017
Source: systemd
Version: 232-25
Severity: important
Tags: upstream security patch
Hi,
the following vulnerability was published for systemd.
CVE-2017-9445[0]:
Out-of-bounds write in systemd-resolved with crafted TCP payload
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-9445
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445
[1] http://www.openwall.com/lists/oss-security/2017/06/27/8
As previously discussed, since systemd-resolved is not enabled by
default in Debian, an update via the next point release would still be
great to have.
Thanks for your work!
Regards,
Salvatore
More information about the Pkg-systemd-maintainers
mailing list