Another systemd vulnerability

/g/ said that open source is virus proof tho?

>>61141831
>/g/ is one person
ok lol

>>61141804
I told everyone here months ago. GOOGLE DNS was embedded in botnetd.

>Without Systemd Wiki.
without-systemd.org

devuan.orgCache

>Devuan is a fork of Debian without systemd.
devuan.org

Download arch-openrc for free.
OpenRC ISOs for Manjaro Linux...
Looking for the latest version?

Download archlinux-openrc-2017.06.01-x86_64.iso (509.6 MB)

>>61141831
Lennart, gas your life.


>ITT delusional millenilas shitlords.

It's systemd not SystemD. Take your Pascal notation back with you, Grandpa. systemd is the future.

>>61141804
That's it, I'm moving from arch linux to slackware

File: 983211343.png (69KB, 1030x862px) Image search: [Google]

69KB, 1030x862px

HARRY POTTER DOES IT AGAIN

>>61141804
>If you love centralized garbage so much why don't just use Windows

Windows doesn't have sick apps like TuxRacer, silly Anon.

>>61142181
tuxracer.sourceforge.net

>>61141919
>want to use unbound and dnscrypt-proxy like I did in 16.04
>shit breaks because systemd-resolved lol fuck you use systemd redhat knows best
Ok, I will, I lose a lot of privacy and I'm forced to use Google DNS as a backup but it kind of supports DNSSEC, at least I won't get MITM'd by Ivan
>backup DNS never works I have to manually edit resolv.conf everytiem the DNS fails
>it's completely fucking undocumented
>the few documented parts barely ever fucking work
>DNSSEC has never worked either
wew lad
And now this
Seriously what the fuck you either use Devuan with stable repos and live with old ass usually half broken packages or go full autist with Void Linux or Gentoo and watch out for every update because muh bleeding edge
Worst of it, macOS it's even worse and Windows 10 is broken and will get ransomware all the time
Computing has never been this fucking awful

check out the proposed fix and what it replaces

--- a/src/resolve/resolved-dns-packet.c
+++ b/src/resolve/resolved-dns-packet.c
@@ -47,13 +47,7 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
 
         assert(ret);
 
-        if (mtu <= UDP_PACKET_HEADER_SIZE)
-                a = DNS_PACKET_SIZE_START;
-        else
-                a = mtu - UDP_PACKET_HEADER_SIZE;
-
-        if (a < DNS_PACKET_HEADER_SIZE)
-                a = DNS_PACKET_HEADER_SIZE;
+        a = MAX(mtu, DNS_PACKET_HEADER_SIZE);

wew, I wonder how many other blocks of garbage like that are all over systemd

Lennart, '"maintaners'" and System-D users should all be hanged.

For a better future.

File: i have given up.jpg (20KB, 480x480px) Image search: [Google]

20KB, 480x480px

>>61142414

>>61142414
>not using wget on a shell account and transferring plaintext versions of everything to your isolated autistbox via morse code

>>61142414
>or go full autist with Void Linux or Gentoo and watch out for every update because muh bleeding edge
gentoo has a proper stable branch

File: 543643534.gif (422KB, 1000x907px) Image search: [Google]

422KB, 1000x907px

Oh, hi there, what's going on in this thread?

>>61142414
>go full autist with Void Linux or Gentoo and watch out for every update because muh bleeding edge
You're a special kind of retard.

File: systemdtrap420.gif (93KB, 420x420px) Image search: [Google]

93KB, 420x420px

>>61141804

File: 432534634634.jpg (66KB, 1254x268px) Image search: [Google]

66KB, 1254x268px

Is Lennart Poettering right, /g/?

source
https://thenewstack.io/unix-greatest-inspiration-behind-systemd/

>random software has a bug
>no one cares, it only gets discussed briefly on the bug tracker

>systemd has a bug
>presses stop, huge outrage and idiots start talking about it

It's so predictable, it's pathetic.

File: 1479910395335.png (487KB, 608x653px) Image search: [Google]

487KB, 608x653px

>>61143429
>People who still think that computers work exactly the way they worked in the 1970s probably don’t have much experience dealing with computers and knowing how much they’ve changed

>Lennart Poettering (born October 15, 1980) is a German computer free software programmer known for (...)
>born October 15, 1980

>>61143429
If it ain't broke..

File: redhatshill.png (318KB, 768x986px) Image search: [Google]

318KB, 768x986px

>>61143515
*tips red hat*

>>61143515
>over-complex software that for no good reason presents a giant attack surface to the heart of the system has a bug.
>people care and talk about it.

No shit, Sherlock.

http://www.funtoo.org/Funtoo_Linux_FAQ
>We are planning to develop a new OpenRC-style init system, incorporating "next-gen" features, which will be comparable in functionality to systemd.
Hmm

>>61143865

No, that's not the reason, regardless of your meme "over-complex" and "giant attack surface".
Go post a bug from the kernel or Xorg and no one will care. People see systemd and instantly start throwing around their lack of knowledge. Including you.

I guess I'll jut unplug everything now

Well fuck me.
Time to move to Devuan then. I'm still too unexperienced to use gentoo as a daily driver distro.

>>61143515
>Everything depens on systemd
>Not a big deal if it has a vulnerability
Kill yourself Poettering

File: 1495641426051.png (60KB, 645x968px) Image search: [Google]

60KB, 645x968px

Big awesome software sometimes has bugs that's a normal thing you retards

What is important is that it gets patched fast. And it did. But go on use your ancient dinosaur legacy distro and tell your mom why you switched to devuan I'm sure she will be proud of you

>>61144098
Well actually, I plan to move Gentoo or Arch eventually but when I want to get shit done and fast, I'll just use Debian

>>61143996
Think about it twice though. Devuan stable is still based on Debian Jessie (8).
Devuan team plans to extend support for Jessie beyond what Debian does and will most likely stay stable for some time before they move to Ascii (based on stretch).

Just a tip from fellow devuan autist.

>>61144098
> The programming blunder, assigned the ID CVE-2017-9445, was accidentally introduced in Systemd version 223 in June 2015 and is present all the way up to and including version 233 in March this year
>What's important is that it gets patched quickly. And it did
>And it did

I wonder what other "accidental" exploits will be introduced

>>61143880
>we are currently looking for a logo

>>61141831
>/g/ said that open source is virus proof tho?
No one ever said that. It generally tends to be more secure for various reasons, but if the people doing the project don't care about the quality of the code, security will be shit.

>>61144296
Calm down /g/ Anon. Breath deeply and slowly.

>>61144153
>I'll just use Debian
Sadly it didn't worked well with my hardware, and I don't see myself using a *buntu or fedora. Any other distribution left that have serious maintainers ?

>>61143429
Absolutely

>>61144265
Well isn't it obvious? I mean this is to be expected when using a bit more unknown distro that support for it will be an issue. I think it's a shame that there is no easy-to-use distro with no systemd. If the options are Arch linux with openrc, Void and Gentoo (there is some other but these are the major ones) then it's time to get down and dirty to learn to use those distros.
>inb4 Install LFS or Shrine (TempleOS fork)
>>61144391
You better start to stock on those thinkpads, because they tend to just werk with Linux.
>Serious maintainers
Either Arch or Gentoo or TempleOS (Terry A. Davis)

>>61144391
Slackware. It even has a Live CD version now.

File: Henry-5x7-small.jpg (430KB, 1000x1400px) Image search: [Google]

430KB, 1000x1400px

>>61143429
"Those who do not understand Unix are condemned to reinvent it, poorly."

Install Gentoo

>>61144503
"I liken starting one's computing career with Unix, say as an undergraduate, to being born in East Africa. It is intolerably hot, your body is covered with lice and flies, you are malnourished and you suffer from numerous curable diseases. But, as far as young East Africans can tell, this is simply the natural condition and they live within it. By the time they find out differently, it is too late. They already think that the writing of shell scripts is a natural act."

>>61142430
Can someone explain how an attacker might abuse this?

>>61144485
>You better start to stock on those thinkpads, because they tend to just werk with Linux.
I no longer use laptops, only desktop computers.
Right now I'm on arch, but I'll soon buy an SSD and one or two HDD. I'll have to choose a distribution for my home server and for my desktop.

>>61144497
I often hear about it and never gave it a try actually. So I'll consider it.

>>61142430
jesus fuck this would make a nice freshman programmer meme

>>61144905

RTFM:

"the software's resolved component can be fooled into allocating too little memory for a lookup response, and when a large reply is eventually received, this data overflows the buffer allowing the attacker to overwrite memory. This can crash the process or lead to remote code execution, meaning the remote evil DNS service can run malware on your box."

anyone know if Mint boxes are vulnerable to this?

>>61145373

anything running systemd is vulnerable, distro is irrelevant (provided X distro is running systemd)

>>61142430
how can this not be united tested, what a bunch of incompetent amateurs.

I am glad I didn't fall for the Arch meme

File: 1498082941694.gif (3MB, 200x149px) Image search: [Google]

3MB, 200x149px

ITT: The bottom of the barrel.

>>61142814
Not much. We're just talking about an OS that is usable, supports modern hardware and isn't using a literal cuck license

>>61146409
What's the point of using Linux these days? With garbage like Freedesktop/Pulseaudio/SystemD you might as well just run Windows.

File: 1440809259973.png (555KB, 996x560px) Image search: [Google]

555KB, 996x560px

The future is bright.

>>61141919
>This means it is present in Ubuntu versions 17.04 and 16.10. Canonical has put out a pair of fixes for 17.04 and 16.10 to address the flaw.
Already patched.

>>61143429
when people talk about UNIX they're not talking about making systems with little features or restrictions based on lack of hardware capability

UNIX philosophy is about the design principle of doing one thing and doing it well

File: 1497572196670.jpg (12KB, 253x303px) Image search: [Google]

12KB, 253x303px

>>61141804
Any good distro without systemd?

I was about to reinstall debian on a T420
Should I switch to BSD?

File: openbsd.jpg (210KB, 869x1338px) Image search: [Google]

210KB, 869x1338px

>>61147557
>Should I switch to BSD?

Yes, but give Slackware a try before that.

>>61141804
It's funny how people pretend that systemd has suddenly centralized all the Linux distros when even before systemd they were super similar. Before systemd they all used sysvinit and gnu coreutils and X.org and so on, maybe had different package names but thats it.

File: 1483627768769.gif (760KB, 350x262px) Image search: [Google]

760KB, 350x262px

>>61147610
>give Slackware a try
are you trying to be mean to him, anon?

>>61147729
Slackware is a solid distro I don't know what you are talking about.

File: 1467540847862.png (95KB, 475x208px) Image search: [Google]

95KB, 475x208px

>>61144098
Why does this sound like something a Windows user would say?

>>61147862
Slackware *was* a stable distro.

systemd will envelop and replace all of Linux before you neckbeards can find a single valid flaw with it.

File: 1345703436845.jpg (27KB, 410x410px) Image search: [Google]

27KB, 410x410px

>systemd is parsing DNS

>>61147862
AHHHHHHHHHHHHH ONE WORD: THE MANUAL RESOLUTION OF DEPENDENCIES AHHHHHHHHHHHHH

>>61143429
>People who still think that computers work exactly the way they worked in the 1970s probably don’t have much experience dealing with computers and knowing how much they’ve changed
Says the retard who crippled systemD's support to the rotating disks because everybody in his team uses macs with SSDs...

>>61141804
Install Gentoo

File: signal-2017-06-29-140155.jpg (20KB, 379x364px) Image search: [Google]

20KB, 379x364px

>not using gentoo

Enjoy your bloat, NSA Botnet and shit performance retards