Hello Michael, On 16-10-02 22:36:00, Michael Biebl wrote: > The news about systemd crashing when getting a zero sized message > on the notification socket made the rounds recently. While v215 is > not directly affected by this crash (the code to access messages of > length=0 was added in v219) [..] > I would propose to fix this in stable via regular stable update but > would appreciate if the debian-security team would comment on this. > If they would prefer a security upload I'm happy to do that as well.
https://security-tracker.debian.org/tracker/CVE-2016-7796 says all but the version in sid are vulnerable to CVE-2016-7796 and reading https://github.com/systemd/systemd/issues/4234#issuecomment-250441246 this sounds still rather serious, so a security upload would be appreciated. Cheers Wolfgang
signature.asc
Description: Digital signature
