Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vulnerability Discovered In Latest Ubuntu Distributions, Users Advised To Update (ubuntu.com)

Posted by msmash on from the go-update dept.

Celarent Darii writes: There is a vulnerability in the latest ubuntu distributions due to the DNS resolver included in systemd. The inclusion of the dns resolver was lamented by many on the mailing list, not without cause. All are advised to update their distribution.

8 of 159 comments (clear)

  1. Dare I say it? by DontBeAMoran · · Score: 5, Insightful

    Here goes: systemd, the cause of all modern Linux problems.

    systemd is completely backward in how unix systems are built. You're supposed to have tiny programs do one job and do it well. systemd is a huge monolith that's assimilating everything on its path.

    Wait, why does that sound familiar?

    Anyone know if the authors of systemd are getting paid by Microsoft, by any chance?

    --
    #DeleteFacebook
    1. Re:Dare I say it? by chihowa · · Score: 4, Insightful

      The problem with systemd is the half-assed assimilation of more and more system functions.

      • Why does systemd even have its own DNS resolver?
      • How many people are working on it and reviewing the code for security issues?
      • Why was the whole thing rewritten from scratch instead of just writing a shim for the previously used, reviewed, secure resolvers that exist?

      It's not just DNS resolvers, either. I've had issues with systemd's own (very incomplete) SNTP client, which is used instead of more mature and robust clients. Why do they keep reinventing the wheel in such a sloppy way?

      --
      If you want a vision of the future, imagine a youtube comments section scrolling - forever.
  2. /. is pretty predictable by Opportunist · · Score: 1, Insightful

    When I read the story, I immediately thought "Half the comments will be about Petya, the other half will lament how systemd is the spawn of hell".

    I was not disappointed.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  3. News? by sqorbit · · Score: 1, Insightful

    A vulnerability is found, update your system. How is that news? That should just be common practice. When security updates are released for your OS, update it. This is not news. Vulnerabilities are found often in all OSes. And updates are released. Seems to me like the article is attempting to call out Ubuntu rather that actually inform and educate.

    --
    Sent from my TARDIS
  4. Re: I'm amazed! by Anonymous Coward · · Score: 2, Insightful

    Although systemd is developed by a clique of Redhat engineers, Redhat distros themselves are so laughably out of date it's likely we will see them suffer from this vulnerability, just in 5 years time.

  5. Please, do not use systemd by what+about · · Score: 3, Insightful

    Switch to slackware, devuan, gentoo...

    After all Linux is still a few percentage of desktop, no need to install Debian derivative
    We are competent admin, are we not ?

    Yes, it is painful to see such a great distro being overtaken by such a crap software.

    Live long and prosper

  6. Re:Proof that Linux is just as insecure as Windows by Anonymous Coward · · Score: 1, Insightful

    interestingly enough, everyone who argued against systemd has been validated. Systemd is a cancer and should be irradicated from all distributions. Systemd is an active effort to fuck over Linux to be more like Windows. As systemd continues to be used, Linux continues to become as broken, dysfunctional, and unsecure as Windows.

    Only the dumb of the dumb actually champion systemd.

  7. Re:what a horrible dns resolver by aardvarkjoe · · Score: 5, Insightful

    What problem do the systemd guys think that they're solving by adding a half-assed dns resolver to systemd? Is it just because they can't stand to have any software that's not under their direct control?

    --

    How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?