Hi. On Sun, 2 Jul 2017 10:24:13 +0100 Michael Fothergill <michael.fotherg...@gmail.com> wrote:
> On 2 July 2017 at 09:26, Sven Joachim <svenj...@gmx.de> wrote: > > > On 2017-07-02 09:34 +0200, Pascal Hambourg wrote: > > > > > Le 01/07/2017 à 23:19, Sven Joachim a écrit : > > >> On 2017-07-01 16:36 -0400, Perry E. Metzger wrote: > > >> > > >>> Am I correct in interpreting this: > > >>> https://security-tracker.debian.org/tracker/CVE-2017-9445 > > >>> as meaning a fix to it still isn't in sid, and therefore is not > > >>> yet in the process of percolating down to stretch? > > >> > > >> That seems to be correct. > > > > Could this be exploited to force people to use sysvinit instead of systemd > ? Hardly. This is a a bug in an optional component disabled by default with sane alternatives existing. Things like [1], on the other hand… Reco [1] https://github.com/systemd/systemd/issues/6237