-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : systemd Version : 215-17+deb8u11 CVE ID : CVE-2019-3815 Debian Bug : 924060
A memory leak was discovered in the backport of fixes for CVE-2018-16864 in systemd-journald. Function dispatch_message_real() in journald-server.c does not free allocated memory to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-journald crash. Note that as the systemd-journald service is not restarted automatically a restart of the service or more safely a reboot is advised. For Debian 8 "Jessie", this problem has been fixed in version 215-17+deb8u11. We recommend that you upgrade your systemd packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlyI+3hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQBCBAAuRxc5S6w7gbiX2rWJVEALcDOR1o3tVzgJ2nWEoRhSVo7Ugnon8CWTMCs aYzXrZL1lIxwTjTGx0LtjIj4C1A/47uK4jugHG/k9eosxlmHPkp5BcYJiHubpetv poXPT0GjnvDv/ARynsrF9Rq7M3pkx9Kq55SiNqixol3M9sHHBvZiKIbseSo89KDo Zk+V2bhlgs574BsG04cuTZQoia23fIlL//NslH9xA+t5fUH/bu38HVp6vRe3rMEg zV1uV3XNKv0IFc7HeAbZM3okKSK6MKaITaprWzsOUPlTkcUqu45mlFyWCsXymTGv 4EXqcHOhg2Z20bSKQMhhN0g2T+Vqsecand3AXwHnhPaKTu5qFuEXujZf7cLD5BoU qTI2lU2yr95K43ZIQ+kxWE+HkoxZgqVh7DSxR7lWAYHv/n8tGFCXVZ2oHynKNwi0 unNHUjsKbvfdym0uBR/o9SzYNXUfDZoAo7QDtecl1wBfAVjWMkrjO4xOfUmjdcj4 02CH5zoTOw1oOI/0SRkGwauXxfPPosi09rE6iL+pcdTu0LpmR4p+5VV5CNGOPE6f V2bqJTRREye2BMV4lnq9QQlZ3MgaVRNZGvqH/ut2nGZKCvBpIOPqp1yWgfntcFrA yjGP0raxkpBhg+6W2paw/x50vpSdQsBNjRtxXQmR0WabJVBUN0A= =YPDI -----END PGP SIGNATURE-----
