#4408: A systemd-journald exploit
----------------------+-----------------------
Reporter: avmaisak | Owner: renodr
Type: task | Status: assigned
Priority: normal | Milestone: 8.4
Component: Book | Version: SVN
Severity: normal | Resolution:
Keywords: |
----------------------+-----------------------
Comment (by renodr):
According to [https://security.archlinux.org/package/systemd], systemd-240
is affected by CVE-2018-16865 and CVE-2018-16864. They mark it as high.
I'll look at backporting the commits as soon as Qualys gets back to me
with PoCs. This is one of the few occasions where I'd like to verify for
myself that things are fixed before I drop them in. systemd is not a nice
daemon to screw up on, similar to if I made a typo in the source of
sysvinit.
--
Ticket URL: <http://wiki.linuxfromscratch.org/lfs/ticket/4408#comment:3>
LFS Trac <http://wiki.linuxfromscratch.org/lfs/>
Linux From Scratch: Your Distro, Your Rules.
--
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
