Author: Hendrik Boom Date: To: dng Subject: Re: [DNG] (forw) [sf-lug] systemd memory corruption...
On Fri, Jan 11, 2019 at 12:05:16AM +0100, Florian Zieboll wrote: > On Thu, 10 Jan 2019 14:02:00 -0800
> Rick Moen <rick@???> wrote:
>
> > [insert ironic comment here.]
>
>
> Surprising details from the original report:
>
> | CVE-2018-16864 was introduced in April 2013 (systemd v203) and became
> | exploitable in February 2016 (systemd v230).
>
> and
>
> | CVE-2018-16865 was introduced in December 2011 (systemd v38) and became
> | exploitable in April 2013 (systemd v201). CVE-2018-16866 was introduced
> | in June 2015 (systemd v221) and was inadvertently fixed in August 2018.
Love "inadvertently fixed"! If only all bugs would fix themselves!