1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 2707-1] dbus security update

    From Yves-Alexis Perez@1:229/2 to All on Thu Jun 13 15:00:03 2013
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2707-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez
    June 13, 2013 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : dbus
    Vulnerability : denial of service
    Problem type : local
    Debian-specific: no
    CVE ID : CVE-2013-2168

    Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in _dbus_printf_string_upper_bound(). This
    vulnerability can be exploited by a local user to crash system services
    that use libdbus, causing denial of service. Depending on the dbus
    services running, it could lead to complete system crash.

    The oldstable distribution (squeeze) is not affected by this problem.

    For the stable distribution (wheezy), this problem has been fixed in
    version 1.6.8-1+deb7u1.

    For the testing distribution (jessie), this problem has been fixed in
    version 1.6.12-1.

    For the unstable distribution (sid), this problem has been fixed in
    version 1.6.12-1.

    We recommend that you upgrade your dbus packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.20 (GNU/Linux)

    iQEcBAEBCgAGBQJRub9QAAoJEG3bU/KmdcClBZ0H/AyRsjX0rH4O1dARNlgtNC8r VdJyuzlKUzEbVxD7o8PV2EDBVU58h+7cQQUvA8l3qNFEKctcfPmJzGlkfuYaZWQg ZlTH6FUA6fYsTrE7fsUUTig/wct12UMNJm+WLkkqWfjTAgwRJpyvwEg10TzwMUYH pyvT86nGLaRIdxILczrfA8W+jDY8Ned4pj/DsKOY9ky+IkS3p9Mq7L/kAqe91Ynd 1HhAU7+9MbUg3UrSjGF7PF4BijR7/cseUiRd0R6oEdrzxXT9kbb57UCso9LcJh76 y/UfFqyetdJqqdyFqBnASHwCE510WmXwwSqSXWTnBpiEwJy7LjaXiCcZx8Ej1wg=
    =gnak
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)