Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 11 Jan 2022 02:55:57 +0000
From: Sam James <>
Subject: Re: CVE-2021-3997: Uncontrolled recursion in systemd's

> On 10 Jan 2022, at 18:08, Qualys Security Advisory <> wrote:
> Hi all,
> We discovered a minor denial of service (an uncontrolled recursion) in
> systemd-tmpfiles, CVE-2021-3997; the Coordinated Release Date is today
> (January 10, 2022), and a patch is now available at (many thanks to
> Zbigniew Jedrzejewski-Szmek for working on this):
> [snip]

For the benefit of distros:

Note that it's been backported in 250.x as 250.2 but there isn't
a stable/backport release for 249.x yet.


Download attachment "signature.asc" of type "application/pgp-signature" (619 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.