Information on source package systemd

Available versions

ReleaseVersion
stretch232-25+deb9u12
stretch (security)232-25+deb9u11
buster241-7~deb10u4
bullseye246.6-1
sid246.6-1

Open issues

BugstretchbusterbullseyesidDescription
CVE-2020-1712vulnerable (no DSA)fixedfixedfixedA heap use-after-free vulnerability was found in systemd before versio ...
CVE-2019-3844vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedIt was discovered that a systemd service that uses DynamicUser propert ...
CVE-2019-3843vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedIt was discovered that a systemd service that uses DynamicUser propert ...
CVE-2018-6954vulnerable (no DSA, ignored)fixedfixedfixedsystemd-tmpfiles in systemd through 237 mishandles symlinks present in ...
CVE-2018-16888vulnerable (no DSA, ignored)fixedfixedfixedIt was discovered systemd does not correctly check the content of PIDF ...

Open unimportant issues

BugstretchbusterbullseyesidDescription
CVE-2020-13776vulnerablevulnerablefixedfixedsystemd through v245 mishandles numerical usernames such as ones compo ...
CVE-2019-20386vulnerablevulnerablefixedfixedAn issue was discovered in button_open in login/logind-button.c in sys ...
CVE-2017-18078vulnerablefixedfixedfixedsystemd-tmpfiles in systemd before 237 attempts to support ownership/p ...
CVE-2017-1000082vulnerablefixedfixedfixedsystemd v233 and earlier fails to safely parse usernames starting with ...
CVE-2013-4392vulnerablevulnerablevulnerablevulnerablesystemd, when updating file permissions, allows local users to change ...

Resolved issues

BugDescription
CVE-2019-6454An issue was discovered in sd-bus in systemd 239. bus_process_object() ...
CVE-2019-3842In systemd before v242-rc4, it was discovered that pam_systemd does no ...
CVE-2019-3815A memory leak was discovered in the backport of fixes for CVE-2018-168 ...
CVE-2019-15718In systemd 240, bus_open_system_watch_bind_with_description in shared/ ...
CVE-2018-21029** DISPUTED ** systemd 239 through 245 accepts any certificate signed ...
CVE-2018-16866An out of bounds read was discovered in systemd-journald in the way it ...
CVE-2018-16865An allocation of memory without limits, that could result in the stack ...
CVE-2018-16864An allocation of memory without limits, that could result in the stack ...
CVE-2018-15688A buffer overflow vulnerability in the dhcp6 client of systemd allows ...
CVE-2018-15687A race condition in chown_one() of systemd allows an attacker to cause ...
CVE-2018-15686A vulnerability in unit_deserialize of systemd allows an attacker to s ...
CVE-2018-1049In systemd prior to 234 a race condition exists between .mount and .au ...
CVE-2017-9445In systemd through 233, certain sizes passed to dns_packet_new in syst ...
CVE-2017-9217systemd-resolved through 233 allows remote attackers to cause a denial ...
CVE-2017-15908In systemd 223 through 235, a remote DNS server can respond with a cus ...
CVE-2016-7796The manager_dispatch_notify_fd function in systemd allows local users ...
CVE-2016-7795The manager_invoke_notify_message function in systemd 231 and earlier ...
CVE-2016-10156A flaw in systemd v228 in /src/basic/fs-util.c caused world writable s ...
CVE-2015-8842tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions fo ...
CVE-2015-7510Stack-based buffer overflow in the getpwnam and getgrnam functions of ...
CVE-2014-9770tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions fo ...
CVE-2013-4394The SetX11Keyboard function in systemd, when PolicyKit Local Authority ...
CVE-2013-4393journald in systemd, when the origin of native messages is set to file ...
CVE-2013-4391Integer overflow in the valid_user_field function in journal/journald- ...
CVE-2013-4327systemd does not properly use D-Bus for communication with a polkit au ...
CVE-2012-1174The rm_rf_children function in util.c in the systemd-logind login mana ...
CVE-2012-1101systemd 37-1 does not properly handle non-existent services, which cau ...
CVE-2012-0871The session_link_x11_socket function in login/logind-session.c in syst ...

Security announcements

DSA / DLADescription
DLA-1762-2systemd - regression update
DLA-1762-1systemd - security update
DSA-4428-1systemd - security update
DLA-1711-1systemd - security update
DLA-1684-1systemd - security update
DSA-4393-1systemd - security update
DLA-1639-1systemd - security update
DSA-4367-2systemd - regression update
DSA-4367-1systemd - security update
DLA-1580-1systemd - security update
DLA-659-1systemd - security update
DSA-2777-1systemd - several

Search for package or bug name: Reporting problems