Bug 24323 - CVE-2018-16864, CVE-2018-16865 and CVE-2018-16866
Summary: CVE-2018-16864, CVE-2018-16865 and CVE-2018-16866
Status: RESOLVED DUPLICATE of bug 23801
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact: Sec team
URL: https://www.bleepingcomputer.com/news...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-02-07 05:33 CET by Jeff Robins
Modified: 2019-02-07 08:08 CET (History)
1 user (show)

See Also:
Source RPM: systemd-230-12.3.mga6
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Jeff Robins 2019-02-07 05:33:04 CET 
Description of problem:
CVE-2018-16864,  CVE-2018-16865) and CVE-2018-16866

Version-Release number of selected component (if applicable):
230

Need to update systemd or recompile with GCC's -fstack-clash-protection

I'm not sure if there is a new version of systemd with the fixes yet.  The article is from Jan 10th.
Comment 1 Marja Van Waes 2019-02-07 08:08:30 CET 
Thanks, Jeff, for caring about security issues!

Those three were already reported in bug 23801 (against both cauldron and Mga6)

You probably missed it, because that report is about more CVEs and those three were written as: CVE-2018-1686[4-6]

Kind regards,
Marja

*** This bug has been marked as a duplicate of bug 23801 ***

Resolution: (none) => DUPLICATE
Status: NEW => RESOLVED
CC: (none) => marja11
Note You need to log in before you can comment on or make changes to this bug.