Information on source package systemd

Available versions

ReleaseVersion
jessie215-17+deb8u7
jessie (security)215-17+deb8u13
stretch (security)232-25+deb9u11
buster241-5
sid241-5

Open issues

BugjessiestretchbustersidDescription
CVE-2019-9619vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablenot enabled pam_systemd for non-interactive sessions
CVE-2019-3844fixedvulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerableIt was discovered that a systemd service that uses DynamicUser propert ...
CVE-2019-3843fixedvulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerableIt was discovered that a systemd service that uses DynamicUser propert ...
CVE-2018-6954vulnerable (no DSA, postponed)vulnerable (no DSA, ignored)fixedfixedsystemd-tmpfiles in systemd through 237 mishandles symlinks present in ...
CVE-2018-20839vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablesystemd 242 changes the VT1 mode upon a logout, which allows attackers ...
CVE-2018-16888vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedIt was discovered systemd does not correctly check the content of PIDF ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2017-18078fixedvulnerablefixedfixedsystemd-tmpfiles in systemd before 237 attempts to support ownership/p ...
CVE-2017-1000082fixedvulnerablefixedfixedsystemd v233 and earlier fails to safely parse usernames starting with ...
CVE-2013-4392vulnerablevulnerablevulnerablevulnerablesystemd, when updating file permissions, allows local users to change ...

Resolved issues

BugDescription
CVE-2019-6454An issue was discovered in sd-bus in systemd 239. bus_process_object() ...
CVE-2019-3842In systemd before v242-rc4, it was discovered that pam_systemd does no ...
CVE-2019-3815A memory leak was discovered in the backport of fixes for CVE-2018-168 ...
CVE-2018-16866An out of bounds read was discovered in systemd-journald in the way it ...
CVE-2018-16865An allocation of memory without limits, that could result in the stack ...
CVE-2018-16864An allocation of memory without limits, that could result in the stack ...
CVE-2018-15688A buffer overflow vulnerability in the dhcp6 client of systemd allows ...
CVE-2018-15687A race condition in chown_one() of systemd allows an attacker to cause ...
CVE-2018-15686A vulnerability in unit_deserialize of systemd allows an attacker to s ...
CVE-2018-1049In systemd prior to 234 a race condition exists between .mount and .au ...
CVE-2017-9445In systemd through 233, certain sizes passed to dns_packet_new in syst ...
CVE-2017-9217systemd-resolved through 233 allows remote attackers to cause a denial ...
CVE-2017-15908In systemd 223 through 235, a remote DNS server can respond with a cus ...
CVE-2016-7796The manager_dispatch_notify_fd function in systemd allows local users ...
CVE-2016-7795The manager_invoke_notify_message function in systemd 231 and earlier ...
CVE-2016-10156A flaw in systemd v228 in /src/basic/fs-util.c caused world writable s ...
CVE-2015-8842tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions fo ...
CVE-2015-7510Stack-based buffer overflow in the getpwnam and getgrnam functions of ...
CVE-2014-9770tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions fo ...
CVE-2013-4394The SetX11Keyboard function in systemd, when PolicyKit Local Authority ...
CVE-2013-4393journald in systemd, when the origin of native messages is set to file ...
CVE-2013-4391Integer overflow in the valid_user_field function in journal/journald- ...
CVE-2013-4327systemd does not properly use D-Bus for communication with a polkit au ...
CVE-2012-1174The rm_rf_children function in util.c in the systemd-logind login mana ...
CVE-2012-1101
CVE-2012-0871The session_link_x11_socket function in login/logind-session.c in syst ...

Security announcements

DSA / DLADescription
DLA-1762-2systemd - regression update
DLA-1762-1systemd - security update
DSA-4428-1systemd - security update
DLA-1711-1systemd - security update
DLA-1684-1systemd - security update
DSA-4393-1systemd - security update
DLA-1639-1systemd - security update
DSA-4367-2systemd - regression update
DSA-4367-1systemd - security update
DLA-1580-1systemd - security update
DLA-659-1systemd - security update
DSA-2777-1systemd - several

Search for package or bug name: Reporting problems