Package: systemd Version: 215-17+deb8u10 Severity: important Tags: patch Dear Maintainer,
The fix for CVE-2018-16864 contains a memory leak that was fixed for newer distributions of Debian, but not old-stable. I believe this commit contains the changes that need to be applied: https://salsa.debian.org/systemd-team/systemd/commit/d9c31850e7bfbb537c7fdc81ad9a9fc96a1fd33e Thanks, Will -- Package-specific info: -- System Information: Debian Release: 8.11 APT prefers oldstable APT policy: (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-6-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd depends on: ii acl 2.2.52-2 ii adduser 3.113+nmu3 ii initscripts 2.88dsf-59 ii libacl1 2.2.52-2 ii libaudit1 1:2.4-1+b1 ii libblkid1 2.25.2-6 ii libc6 2.19-18+deb8u10 ii libcap2 1:2.24-8 ii libcap2-bin 1:2.24-8 ii libcryptsetup4 2:1.6.6-5 ii libgcrypt20 1.6.3-2+deb8u5 ii libkmod2 18-3 ii liblzma5 5.1.1alpha+20120614-2+b3 ii libpam0g 1.1.8-3.1+deb8u2+b1 ii libselinux1 2.3-2 ii libsystemd0 215-17+deb8u10 ii mount 2.25.2-6 ii sysv-rc 2.88dsf-59 ii udev 215-17+deb8u10 ii util-linux 2.25.2-6 Versions of packages systemd recommends: ii dbus 1.8.22-0+deb8u1 ii libpam-systemd 215-17+deb8u10 Versions of packages systemd suggests: pn systemd-ui <none> -- no debconf information