On Thu, 10 Jan 2019 14:02:00 -0800
Rick Moen <rick@???> wrote:
> [insert ironic comment here.]
Surprising details from the original report:
| CVE-2018-16864 was introduced in April 2013 (systemd v203) and became
| exploitable in February 2016 (systemd v230).
and
| CVE-2018-16865 was introduced in December 2011 (systemd v38) and became
| exploitable in April 2013 (systemd v201). CVE-2018-16866 was introduced
| in June 2015 (systemd v221) and was inadvertently fixed in August 2018.