[Nottingham] CVE-2019-6454: systemd (PID1) crash with specially crafted D-Bus message

VM vadim at mankevich.co.uk
Mon Feb 18 20:58:58 UTC 2019


This has been patched by RedHat. In Debian an updated version 232-25+deb9u9 should be available. I think it's different to what you're referring to, Jason.

On 18 February 2019 18:14:09 GMT, Jason via Nottingham <nottingham at mailman.lug.org.uk> wrote:
>Is that the one which is already patched and requires you to launch a
>tainted image?
>
>On February 18, 2019 5:44:37 PM UTC, VM via Nottingham
><nottingham at mailman.lug.org.uk> wrote:
>>https://seclists.org/oss-sec/2019/q1/140
>>So Martin's criticism of systemd now has actual grounds.
>>--
>>vadim at mankevich.co.uk PGP key fingerprint
>>0xC046022A3A91455AF0C9BB2404BF882B1905C772
>>Retrieve from https://keybase.io/vmankevich
>>
>>"When we take away the right to figure out if something bad is going
>on
>>in our computers, the inevitable consequence is that bad things will
>>happen in our computers." (Cory Doctorow)
>
>-- 
>Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/nottingham/attachments/20190218/586ea4e2/attachment.html>


More information about the Nottingham mailing list