Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9e13356e by Salvatore Bonaccorso at 2019-01-19T21:50:22Z Update notes on CVE-2019-3815/systemd The CVE is affecting specifically our backport of the CVE-2018-16864 fix for stretch which was based on both upstream's and Red Hat's backport work for v219. Details in the regression fix at https://lists.debian.org/debian-security-announce/2019/msg00008.html . - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -5783,12 +5783,14 @@ CVE-2019-3817 RESERVED CVE-2019-3816 RESERVED -CVE-2019-3815 +CVE-2019-3815 [systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864] RESERVED - systemd <not-affected> (This only affected backports to older suites, not the version in sid) [stretch] - systemd 232-25+deb9u8 - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3815 + [jessie] - systemd <not-affected> (Broken fix for CVE-2018-16864 not applied) + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1666690 NOTE: For stable it affected DSA-4367-1 and was corrected in DSA-4367-2 + NOTE: specifically the backport of the fix for CVE-2018-16864. CVE-2019-3814 RESERVED CVE-2019-3813 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e13356ebe28dd61cf418f814688fc5960e10118 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9e13356ebe28dd61cf418f814688fc5960e10118 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits