Advisories ยป MGASA-2014-0188

Updated systemd packages fix a buffer overflow

Publication date: 23 Apr 2014
Modification date: 23 Apr 2014
Type: security
Affected Mageia releases : 3 , 4

Description

A stack-based buffer overflow was found in systemd-ask-password, a utility
used to query a system password or passphrase from the user, using a
question message specified on the command line. A local user could this
flaw to crash the binary or even execute arbitrary code with the
permissions of the user running the program.

The systemd packages shipped with Mageia 3 and 4 have been updated to
address this vulnerability.

Additionally, the Mageia 4 packages include various other general
stability and performance fixed deemed appropriate for the stable
updates.
                

References

SRPMS

4/core

3/core