Bug 24323

Summary: CVE-2018-16864, CVE-2018-16865 and CVE-2018-16866
Product: Mageia Reporter: Jeff Robins <jeffrobinsSAE>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: marja11
Version: 6   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://www.bleepingcomputer.com/news/security/linux-systemd-affected-by-memory-corruption-vulnerabilities-no-patches-yet/
Whiteboard:
Source RPM: systemd-230-12.3.mga6 CVE:
Status comment:

Description Jeff Robins 2019-02-07 05:33:04 CET 
Description of problem:
CVE-2018-16864,  CVE-2018-16865) and CVE-2018-16866

Version-Release number of selected component (if applicable):
230

Need to update systemd or recompile with GCC's -fstack-clash-protection

I'm not sure if there is a new version of systemd with the fixes yet.  The article is from Jan 10th.
Comment 1 Marja Van Waes 2019-02-07 08:08:30 CET 
Thanks, Jeff, for caring about security issues!

Those three were already reported in bug 23801 (against both cauldron and Mga6)

You probably missed it, because that report is about more CVEs and those three were written as: CVE-2018-1686[4-6]

Kind regards,
Marja

*** This bug has been marked as a duplicate of bug 23801 ***

Resolution: (none) => DUPLICATE
Status: NEW => RESOLVED
CC: (none) => marja11