{"id":19987,"date":"2017-10-27T04:34:17","date_gmt":"2017-10-26T19:34:17","guid":{"rendered":"https:\/\/jirak.net\/wp\/usn-3466-1-systemd-vulnerability\/"},"modified":"2017-10-27T04:34:18","modified_gmt":"2017-10-26T19:34:18","slug":"usn-3466-1-systemd-vulnerability","status":"publish","type":"post","link":"https:\/\/jirak.net\/wp\/usn-3466-1-systemd-vulnerability\/","title":{"rendered":"USN-3466-1: systemd vulnerability"},"content":{"rendered":"<p>USN-3466-1: systemd vulnerability<\/p>\n<h2>Ubuntu Security Notice USN-3466-1<\/h2>\n<p><em>26th October, 2017<\/em><\/p>\n<h3>systemd vulnerability<\/h3>\n<p>A security issue affects these releases of Ubuntu and its<br \/>\n    derivatives:<\/p>\n<ul>\n<li>Ubuntu 17.10<\/li>\n<li>Ubuntu 17.04<\/li>\n<\/ul>\n<h3>Summary<\/h3>\n<p>systemd could be made to temporarily stop responding if it received<br \/>\nspecially crafted network traffic.\n<\/p>\n<h3>Software description<\/h3>\n<ul>\n<li>systemd<br \/>\n    &#8211; system and service manager<\/p>\n<\/li>\n<\/ul>\n<h3>Details<\/h3>\n<p>Karim Hossen &amp; Thomas Imbert discovered that systemd-resolved incorrectly<br \/>handled certain DNS responses. A remote attacker could possibly use this<br \/>issue to cause systemd to temporarily stop responding, resulting in a<br \/>denial of service.<\/p>\n<h3>Update instructions<\/h3>\n<p> The problem can be corrected by updating your system to the following<br \/>\npackage version:<\/p>\n<dl>\n<dt>Ubuntu 17.10:<\/dt>\n<dd>\n    <a href=\"https:\/\/launchpad.net\/ubuntu\/+source\/systemd\">systemd<\/a><br \/>\n    <span><br \/>\n        <a href=\"https:\/\/launchpad.net\/ubuntu\/+source\/systemd\/234-2ubuntu12.1\">234-2ubuntu12.1<\/a><br \/>\n    <\/span>\n  <\/dd>\n<dt>Ubuntu 17.04:<\/dt>\n<dd>\n    <a href=\"https:\/\/launchpad.net\/ubuntu\/+source\/systemd\">systemd<\/a><br \/>\n    <span><br \/>\n        <a href=\"https:\/\/launchpad.net\/ubuntu\/+source\/systemd\/232-21ubuntu7.1\">232-21ubuntu7.1<\/a><br \/>\n    <\/span>\n  <\/dd>\n<\/dl>\n<p>To update your system, please follow these instructions:<br \/>\n<a href=\"https:\/\/wiki.ubuntu.com\/Security\/Upgrades\">https:\/\/wiki.ubuntu.com\/Security\/Upgrades<\/a>.\n<\/p>\n<p>In general, a standard system update will make all the necessary changes.<\/p>\n<h3>References<\/h3>\n<p>        <a href=\"http:\/\/people.ubuntu.com\/~ubuntu-security\/cve\/CVE-2017-15908\">CVE-2017-15908<\/a><\/p>\n<p>Source: <a href=\"http:\/\/www.ubuntu.com\/usn\/usn-3466-1\/\" target=\"_blank\">USN-3466-1: systemd vulnerability<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"mh-excerpt\"><p>USN-3466-1: systemd vulnerability Ubuntu Security Notice USN-3466-1 26th October, 2017 systemd vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Summary systemd could be made to temporarily stop responding if it received specially crafted network traffic. Software description systemd &#8211; system and service manager Details Karim Hossen &amp; Thomas Imbert discovered that systemd-resolved incorrectlyhandled certain DNS responses. A remote attacker could possibly use thisissue to cause systemd to temporarily stop responding, resulting in adenial of service. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: systemd 234-2ubuntu12.1 Ubuntu 17.04: systemd 232-21ubuntu7.1 To update your system, please follow these instructions: https:\/\/wiki.ubuntu.com\/Security\/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2017-15908 Source: USN-3466-1: systemd vulnerability<\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-19987","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/19987","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=19987"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/19987\/revisions"}],"predecessor-version":[{"id":19988,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/19987\/revisions\/19988"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=19987"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=19987"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=19987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}