http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&feed=atom&action=history Arguments against systemd - Revision history 2019-07-11T08:57:25Z Revision history for this page on the wiki MediaWiki 1.19.20+dfsg-0+deb7u3 http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2989&oldid=prev Elgowuw: /* Poor design */ 2019-04-05T19:11:54Z <p>‎<span dir="auto"><span class="autocomment">Poor design</span></span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 19:11, 5 April 2019</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 51:</td> <td colspan="2" class="diff-lineno">Line 51:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* https://bugzilla.redhat.com/show_bug.cgi?id=1170765</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* https://bugzilla.redhat.com/show_bug.cgi?id=1170765</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784720</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784720</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* systemd units are started with zero context. This eliminates most of the functionality of inotify and makes systemd.path unusable for virtually any purpose.</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Scope creep leads to vulnerabilities ==</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Scope creep leads to vulnerabilities ==</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2868:newid:2989 --> </table> Elgowuw http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2868&oldid=prev Lipixx: /* Scope creep */ 2019-02-25T19:18:36Z <p>‎<span dir="auto"><span class="autocomment">Scope creep</span></span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 19:18, 25 February 2019</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 20:</td> <td colspan="2" class="diff-lineno">Line 20:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* systemd provides a network manager and DHCP client, {{man|systemd-networkd}}</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* systemd provides a network manager and DHCP client, {{man|systemd-networkd}}</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* systemd provides a HTTP server for journal events, {{man|systemd-journal-gatewayd}} (can be disabled with <code>remote</code> compile option)</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* systemd provides a HTTP server for journal events, {{man|systemd-journal-gatewayd}} (can be disabled with <code>remote</code> compile option)</div></td> </tr> <tr> <td class="diff-marker">−</td> <td style="background: #ffa; color:black; font-size: smaller;"><div></div></td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div><span class="diffchange diffchange-inline">* systemd provides a containerization system {{man|systemd-nspawn}} (see [https://lwn.net/Articles/676831/ lwn - Systemd vs. Docker])</span></div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>See [[Wikipedia:File:Systemd components.svg]].</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>See [[Wikipedia:File:Systemd components.svg]].</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2867:newid:2868 --> </table> Lipixx http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2867&oldid=prev Lightbringer: /* CVEs */ add CVE-2019-6454 2019-02-18T23:40:04Z <p>‎<span dir="auto"><span class="autocomment">CVEs: </span> add CVE-2019-6454</span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 23:40, 18 February 2019</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 66:</td> <td colspan="2" class="diff-lineno">Line 66:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>[https://security-tracker.debian.org/tracker/source-package/systemd Debian tracker]</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>[https://security-tracker.debian.org/tracker/source-package/systemd Debian tracker]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://seclists.org/oss-sec/2019/q1/140 CVE-2019-6454] systemd (PID1) crash with specially crafted D-Bus message [https://usn.ubuntu.com/3891-1/ USN-3891-1]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16866 CVE-2018-16866] information leak, out-of-bounds read</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16866 CVE-2018-16866] information leak, out-of-bounds read</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16865 CVE-2018-16865] memory corruption</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16865 CVE-2018-16865] memory corruption</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2811:newid:2867 --> </table> Lightbringer http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2811&oldid=prev Lightbringer: /* Scope creep leads to vulnerabilities */ System Down 2019-01-13T02:34:42Z <p>‎<span dir="auto"><span class="autocomment">Scope creep leads to vulnerabilities: </span> System Down</span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 02:34, 13 January 2019</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 60:</td> <td colspan="2" class="diff-lineno">Line 60:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://latesthackingnews.com/2017/06/29/a-systemd-vulnerability-allows-attackers-hack-linux-machines-via-malicious-dns-response/ systemd vulnerability allows attackers to hack Linux machines via malicious DNS response]<br></div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://latesthackingnews.com/2017/06/29/a-systemd-vulnerability-allows-attackers-hack-linux-machines-via-malicious-dns-response/ systemd vulnerability allows attackers to hack Linux machines via malicious DNS response]<br></div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://www.theregister.co.uk/2018/10/26/systemd_dhcpv6_rce/ Remote code execution via DHCPv6]</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://www.theregister.co.uk/2018/10/26/systemd_dhcpv6_rce/ Remote code execution via DHCPv6]</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://www.qualys.com/2019/01/09/system-down/system-down.txt System Down: several vulnerabilities in systemd-journald] [https://www.theregister.co.uk/2019/01/10/systemd_bugs_qualys/ The Register article on same]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>=== CVEs ===</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>=== CVEs ===</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2810:newid:2811 --> </table> Lightbringer http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2810&oldid=prev Editor: /* CVEs */ link Debian tracker 2019-01-10T14:51:37Z <p>‎<span dir="auto"><span class="autocomment">CVEs: </span> link Debian tracker</span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 14:51, 10 January 2019</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 62:</td> <td colspan="2" class="diff-lineno">Line 62:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>=== CVEs ===</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>=== CVEs ===</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>[https://security-tracker.debian.org/tracker/source-package/systemd Debian tracker]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16866 CVE-2018-16866] information leak, out-of-bounds read</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16866 CVE-2018-16866] information leak, out-of-bounds read</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2809:newid:2810 --> </table> Editor http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2809&oldid=prev Editor: /* CVEs */ expand 2019-01-10T14:47:32Z <p>‎<span dir="auto"><span class="autocomment">CVEs: </span> expand</span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 14:47, 10 January 2019</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 66:</td> <td colspan="2" class="diff-lineno">Line 66:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16865 CVE-2018-16865] memory corruption</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16865 CVE-2018-16865] memory corruption</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16864 CVE-2018-16864] memory corruption</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16864 CVE-2018-16864] memory corruption</div></td> </tr> <tr> <td class="diff-marker">−</td> <td style="background: #ffa; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-15688 CVE-2018-15688] buffer <span class="diffchange diffchange-inline">error</span></div></td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-15688 CVE-2018-15688] buffer <span class="diffchange diffchange-inline">overflow in the dhcp6 client</span></div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-15687 CVE-2018-15687] set arbitrary permissions on arbitrary files</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-15687 CVE-2018-15687] set arbitrary permissions on arbitrary files</div></td> </tr> <tr> <td class="diff-marker">−</td> <td style="background: #ffa; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-15686 CVE-2018-15686]</div></td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-15686 CVE-2018-15686]<span class="diffchange diffchange-inline"> potential root privilege escalation</span></div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-6954 CVE-2018-6954] obtain ownership of arbitrary files</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-1049 CVE-2018-1049]</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-1049 CVE-2018-1049]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2017-1000082 CVE-2017-1000082] parsing error leads to root privilege escalation</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2017-1000082 CVE-2017-1000082] parsing error leads to root privilege escalation</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2808:newid:2809 --> </table> Editor http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2808&oldid=prev Editor: /* CVEs */ add 2019-01-10T14:42:02Z <p>‎<span dir="auto"><span class="autocomment">CVEs: </span> add</span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 14:42, 10 January 2019</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 67:</td> <td colspan="2" class="diff-lineno">Line 67:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16864 CVE-2018-16864] memory corruption</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16864 CVE-2018-16864] memory corruption</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-15688 CVE-2018-15688] buffer error</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-15688 CVE-2018-15688] buffer error</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-15687 CVE-2018-15687] set arbitrary permissions on arbitrary files</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-15686 CVE-2018-15686]</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-15686 CVE-2018-15686]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-1049 CVE-2018-1049]</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-1049 CVE-2018-1049]</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2017-1000082 CVE-2017-1000082] parsing error leads to root privilege escalation</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2017-9217 CVE-2017-9217]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Absurd bugs and responses ==</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Absurd bugs and responses ==</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2807:newid:2808 --> </table> Editor http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2807&oldid=prev Editor: /* Scope creep leads to vulnerabilities */ start listing CVEs 2019-01-10T14:32:41Z <p>‎<span dir="auto"><span class="autocomment">Scope creep leads to vulnerabilities: </span> start listing CVEs</span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 14:32, 10 January 2019</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 60:</td> <td colspan="2" class="diff-lineno">Line 60:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://latesthackingnews.com/2017/06/29/a-systemd-vulnerability-allows-attackers-hack-linux-machines-via-malicious-dns-response/ systemd vulnerability allows attackers to hack Linux machines via malicious DNS response]<br></div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://latesthackingnews.com/2017/06/29/a-systemd-vulnerability-allows-attackers-hack-linux-machines-via-malicious-dns-response/ systemd vulnerability allows attackers to hack Linux machines via malicious DNS response]<br></div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://www.theregister.co.uk/2018/10/26/systemd_dhcpv6_rce/ Remote code execution via DHCPv6]</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://www.theregister.co.uk/2018/10/26/systemd_dhcpv6_rce/ Remote code execution via DHCPv6]</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>=== CVEs ===</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16866 CVE-2018-16866] information leak, out-of-bounds read</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16865 CVE-2018-16865] memory corruption</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-16864 CVE-2018-16864] memory corruption</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://nvd.nist.gov/vuln/detail/CVE-2018-15688 CVE-2018-15688] buffer error</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-15686 CVE-2018-15686]</div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://security-tracker.debian.org/tracker/CVE-2018-1049 CVE-2018-1049]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Absurd bugs and responses ==</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Absurd bugs and responses ==</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2783:newid:2807 --> </table> Editor http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2783&oldid=prev Tch: /* Absurd bugs and responses */ new debian backdoor? :P 2018-12-16T07:58:32Z <p>‎<span dir="auto"><span class="autocomment">Absurd bugs and responses: </span> new debian backdoor? :P</span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 07:58, 16 December 2018</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 63:</td> <td colspan="2" class="diff-lineno">Line 63:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Absurd bugs and responses ==</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Absurd bugs and responses ==</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739593#54 Debian#739593] systemd makes / shared by default, poettering suggest to not patch this, because you'll broke a lot of containers</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://bugs.freedesktop.org/show_bug.cgi?id=74589 freedesktop#74589] Unchecked null pointer dereferencing in PID 1 not considered a serious issue.</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://bugs.freedesktop.org/show_bug.cgi?id=74589 freedesktop#74589] Unchecked null pointer dereferencing in PID 1 not considered a serious issue.</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://bugzilla.opensuse.org/show_bug.cgi?id=918226 openSUSE#918226] systemd segfaults after updating from 208-23.3 to 208-28.1</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://bugzilla.opensuse.org/show_bug.cgi?id=918226 openSUSE#918226] systemd segfaults after updating from 208-23.3 to 208-28.1</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2742:newid:2783 --> </table> Tch http://without-systemd.org/wiki/index.php?title=Arguments_against_systemd&diff=2742&oldid=prev Lightbringer: /* Scope creep leads to vulnerabilities */ RCE via DHCPv6 2018-10-26T23:15:44Z <p>‎<span dir="auto"><span class="autocomment">Scope creep leads to vulnerabilities: </span> RCE via DHCPv6</span></p> <table class='diff diff-contentalign-left'> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr valign='top'> <td colspan='2' style="background-color: white; color:black;">← Older revision</td> <td colspan='2' style="background-color: white; color:black;">Revision as of 23:15, 26 October 2018</td> </tr><tr> <td colspan="2" class="diff-lineno">Line 59:</td> <td colspan="2" class="diff-lineno">Line 59:</td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>** [https://www.cvedetails.com/cve/CVE-2015-1344/ The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions] CVSS 7.2</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>** [https://www.cvedetails.com/cve/CVE-2015-1344/ The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions] CVSS 7.2</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://latesthackingnews.com/2017/06/29/a-systemd-vulnerability-allows-attackers-hack-linux-machines-via-malicious-dns-response/ systemd vulnerability allows attackers to hack Linux machines via malicious DNS response]<br></div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>* [https://latesthackingnews.com/2017/06/29/a-systemd-vulnerability-allows-attackers-hack-linux-machines-via-malicious-dns-response/ systemd vulnerability allows attackers to hack Linux machines via malicious DNS response]<br></div></td> </tr> <tr> <td colspan="2" class="diff-empty"> </td> <td class="diff-marker">+</td> <td style="background: #cfc; color:black; font-size: smaller;"><div>* [https://www.theregister.co.uk/2018/10/26/systemd_dhcpv6_rce/ Remote code execution via DHCPv6]</div></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"></td> </tr> <tr> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Absurd bugs and responses ==</div></td> <td class="diff-marker"> </td> <td style="background: #eee; color:black; font-size: smaller;"><div>== Absurd bugs and responses ==</div></td> </tr> <!-- diff cache key withoutsystemd:diff:version:1.11a:oldid:2732:newid:2742 --> </table> Lightbringer