On Thu, Nov 28, 2013 at 11:15:09PM +0100, Michael Stapelberg wrote:
> > I should say that it is hard to write code with no security bugs at
> > all. But I think our benchmark for security bugs in our init system
> > ought to be "very few", particularly if we are making a specific
> > implementatio
Hi Ian,
Ian Jackson writes:
>> CVE summary Debian BTS Redhat
>> 2012-0871systemd-logind insecure file creation ? 795853
>> 2012-1101DoS from systemctl status 662029 799902
>> 2012-1174TOCTOU deletion
Ian Jackson wrote:
> It isn't always 100% clear to me from reading these which of them
> apply to systemd's init replacement. But reading the systemd debate
> page makes it clear that the other components in the systemd upstream
> package are seen by systemd proponents as part of their offering, a
Andrew Kanaber :
> The debian-devel post I was thinking of is
> <441543.92540...@smtp118.mail.ir2.yahoo.com>
> but it actually only mentions three vulnerabilities, there's a more complete
> list of the ones that have affected Debian at
> https://security-tracker.debian.org/tracker/source-package/
A friend of mine mentioned to me in the pub that he had seem alarming
reports of systemd security bugs. Naturally I asked for more
information and he promised me an email with some references.
So, here's what Andrew sent me. Thanks to Andrew for doing this
legwork.
I'll reply substantively in a
On Wed, 27 Nov 2013 19:50:54 +
Steven Chamberlain wrote:
> The sysvinit page doesn't have a specific maintainer/advocate. It is a
> collection of opinions from discussion on debian-devel@ and elsewhere.
> Other camps have already responded to parts they don't agree with.
>
> Unless any volu
6 matches
Mail list logo
