Stay Secure with the Latest Linux Advisories

security advisorycritical issuefedora

Fedora 24: 2017-0a1b2d495a critical: systemd-resolved DNS crash

A security fix for a systemd-resolved crash on a crafted DNS packet. Relevant only to systemd-resolved users (not enabled by default). No need to reboot or logout.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-0a1b2d495a 2017-06-11 16:12:28.834667 --------------------------------------------------------------------------------Name : systemd Product : Fedora 24 Version : 229 Release : 20.fc24 URL : https://https:// Summary : A System and Service Manager Description : systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports snapshotting and restoring of the system state, maintains mount and automount points and implements an elaborate transactional dependency-based service control logic. --------------------------------------------------------------------------------Update Information: A security fix for a systemd-resolved crash on a crafted DNS packet. Relevant only to systemd-resolved users (not enabled by default). No need to reboot or logout. --------------------------------------------------------------------------------References: [ 1 ] Bug #1455493 - CVE-2017-9217 systemd: Null pointer dereference in dns_packet_is_reply_for function https://bugzilla.redhat.com/show_bug.cgi?id=1455493 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade systemd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . A vital security patch addressing a vulnerability in systemd-resolved triggered by malicious DNS packets, requiring no system restart.. Fedora Security Fix, Systemd Crash, DNS Packet Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Jun 11, 2017 •Critical Fedora