Bug#924060: systemd: Memory leak introduced with CVE-2018-16864 fix
Will Roberts
debian at bws42.com
Fri Mar 8 23:14:54 GMT 2019
Package: systemd
Version: 215-17+deb8u10
Severity: important
Tags: patch
Dear Maintainer,
The fix for CVE-2018-16864 contains a memory leak that was fixed for
newer distributions of Debian, but not old-stable. I believe this commit contains
the changes that need to be applied:
https://salsa.debian.org/systemd-team/systemd/commit/d9c31850e7bfbb537c7fdc81ad9a9fc96a1fd33e
Thanks,
Will
-- Package-specific info:
-- System Information:
Debian Release: 8.11
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-6-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages systemd depends on:
ii acl 2.2.52-2
ii adduser 3.113+nmu3
ii initscripts 2.88dsf-59
ii libacl1 2.2.52-2
ii libaudit1 1:2.4-1+b1
ii libblkid1 2.25.2-6
ii libc6 2.19-18+deb8u10
ii libcap2 1:2.24-8
ii libcap2-bin 1:2.24-8
ii libcryptsetup4 2:1.6.6-5
ii libgcrypt20 1.6.3-2+deb8u5
ii libkmod2 18-3
ii liblzma5 5.1.1alpha+20120614-2+b3
ii libpam0g 1.1.8-3.1+deb8u2+b1
ii libselinux1 2.3-2
ii libsystemd0 215-17+deb8u10
ii mount 2.25.2-6
ii sysv-rc 2.88dsf-59
ii udev 215-17+deb8u10
ii util-linux 2.25.2-6
Versions of packages systemd recommends:
ii dbus 1.8.22-0+deb8u1
ii libpam-systemd 215-17+deb8u10
Versions of packages systemd suggests:
pn systemd-ui <none>
-- no debconf information
More information about the Pkg-systemd-maintainers
mailing list