Summary: | <sys-apps/systemd-233-r3: systemd-resolved: Out-of-bounds write via crafted TCP payload (CVE-2017-9445) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | alexander, systemd |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2017/06/27/8 | ||
See Also: |
https://launchpad.net/bugs/1695546 https://github.com/systemd/systemd/pull/6214 https://github.com/systemd/systemd/pull/6220 |
||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
sys-libs/libseccomp-2.3.2 arm
sys-apps/systemd-233-r3
|
Runtime testing required: | --- |
Bug Depends on: | 623532 | ||
Bug Blocks: | 595476, 623536 |
Description
GLSAMaker/CVETool Bot
2017-06-27 20:42:49 UTC
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d6384e102e34db05c2897b20d63587173f141c5 commit 6d6384e102e34db05c2897b20d63587173f141c5 Author: Mike Gilbert <floppym@gentoo.org> Date: Wed Jun 28 13:01:09 2017 -0400 sys-apps/systemd: backport fix for CVE-2017-9445 Bug: https://bugs.gentoo.org/622874 Package-Manager: Portage-2.3.6_p9, Repoman-2.3.2_p77 sys-apps/systemd/files/233-CVE-2017-9445.patch | 178 ++++++++++ sys-apps/systemd/systemd-233-r2.ebuild | 460 +++++++++++++++++++++++++ 2 files changed, 638 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e9a542b09cb0ee4c3b085881190bed393f4ece03 commit e9a542b09cb0ee4c3b085881190bed393f4ece03 Author: Mike Gilbert <floppym@gentoo.org> Date: Wed Jun 28 16:30:47 2017 -0400 sys-apps/systemd: update CVE-2017-9445 patch after upstream revert Package-Manager: Portage-2.3.6_p9, Repoman-2.3.2_p77 sys-apps/systemd/files/233-CVE-2017-9445.patch | 29 ---------------------- ...systemd-233-r2.ebuild => systemd-233-r3.ebuild} | 0 2 files changed, 29 deletions(-) amd64 stable x86 stable arm stable sparc stable ppc stable ppc64 stable Stable on alpha. GLSA Vote: No |