+++ This bug was initially created as a clone of Bug #21948 +++ Ubuntu has issued an advisory on October 26: https://usn.ubuntu.com/usn/usn-3466-1/ Mageia 6 is also affected. I don't believe the affected code is present in Mageia 5. Patched package uploaded for Mageia 6. Cauldron is still not fixed. Advisory: ======================== Updated systemd packages fix security vulnerability: Karim Hossen & Thomas Imbert and Nelson William Gamazo Sanchez independently discovered that systemd-resolved incorrectly handled certain DNS responses. A remote attacker could possibly use this issue to cause systemd to temporarily stop responding, resulting in a denial of service (CVE-2017-15908). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15908 https://usn.ubuntu.com/usn/usn-3466-1/ ======================== Updated packages in core/updates_testing: ======================== systemd-230-12.2.mga6 systemd-units-230-12.2.mga6 systemd-devel-230-12.2.mga6 nss-myhostname-230-12.2.mga6 libsystemd0-230-12.2.mga6 libudev1-230-12.2.mga6 libudev-devel-230-12.2.mga6 from systemd-230-12.2.mga6.src.rpm
Been running this for one day without issues. Note that even if its installed, Mageia does not use systemd-resolved by default. advisory added to svn
Whiteboard: (none) => MGA6-64-OKCC: (none) => tmbKeywords: (none) => advisory
Tested 32bit in virtualbox. validating.
Whiteboard: MGA6-64-OK => MGA6-64-OK, MGA6-32-OKKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0058.html
Status: NEW => RESOLVEDResolution: (none) => FIXED