Source: systemd Version: 232-25 Severity: important Tags: upstream security patch
Hi, the following vulnerability was published for systemd. CVE-2017-9445[0]: Out-of-bounds write in systemd-resolved with crafted TCP payload If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-9445 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445 [1] http://www.openwall.com/lists/oss-security/2017/06/27/8 As previously discussed, since systemd-resolved is not enabled by default in Debian, an update via the next point release would still be great to have. Thanks for your work! Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
