Updated systemd packages fix a buffer overflow
Publication date: 23 Apr 2014Modification date: 23 Apr 2014
Type: security
Affected Mageia releases : 3 , 4
Description
A stack-based buffer overflow was found in systemd-ask-password, a utility used to query a system password or passphrase from the user, using a question message specified on the command line. A local user could this flaw to crash the binary or even execute arbitrary code with the permissions of the user running the program. The systemd packages shipped with Mageia 3 and 4 have been updated to address this vulnerability. Additionally, the Mageia 4 packages include various other general stability and performance fixed deemed appropriate for the stable updates.
References
SRPMS
4/core
- systemd-208-10.5.mga4
3/core
- systemd-195-22.2.mga3