CVE-2017-9217 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9217): systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section.
@Maintainers fix is available in 235, please call for stabilization when ready. Thank you
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2e698f887553690f3172ab1c1cabf36296dd901e commit 2e698f887553690f3172ab1c1cabf36296dd901e Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2017-10-28 18:57:31 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2017-10-28 18:58:29 +0000 sys-apps/systemd: backport fix for CVE-2017-9217 Bug: https://bugs.gentoo.org/635718 Package-Manager: Portage-2.3.12_p5, Repoman-2.3.3_p75 sys-apps/systemd/files/CVE-2017-9217.patch | 28 ++ sys-apps/systemd/systemd-233-r6.ebuild | 462 +++++++++++++++++++++++++++++ 2 files changed, 490 insertions(+)}
ia64 stable
ppc/ppc64 stable
amd64 stable
x86 stable
Stable on alpha.
@ Maintainer(s): Stabilization is complete, please clean the vulnerable versions from the tree. @ Security: Please vote on glsa.
@arm ping, we need you to finish stabilization before proceeding. Thank you
ping @arm.
arm stable, all arches done.
GLSA Vote: No @maintainer(s), please drop the vulnerable versions.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3baee2f1beb124c37f0307acd2124f92218dae0c commit 3baee2f1beb124c37f0307acd2124f92218dae0c Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2017-12-17 19:02:49 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2017-12-17 19:03:15 +0000 sys-apps/systemd: remove old Bug: https://bugs.gentoo.org/635718 Package-Manager: Portage-2.3.19_p1, Repoman-2.3.6_p35 sys-apps/systemd/systemd-233-r4.ebuild | 460 -------------------------------- sys-apps/systemd/systemd-233-r5.ebuild | 461 --------------------------------- 2 files changed, 921 deletions(-)}
Tree is clean.