Ticket #961 (closed task: fixed)

Opened 3 years ago

Last modified 3 years ago

D-Bus 1.8.4 Announce with security fix

Reported by: kb0iic Owned by: clfs-commits@…
Priority: critical Milestone: CLFS Standard 3.0
Component: BOOK Version: CLFS Sysroot GIT
Keywords: Cc: berzerkula@…, jonathan@…

Description

 http://comments.gmane.org/gmane.comp.freedesktop.dbus/15817

We need to upgrade this during our package freeze. It is a critical fix.

Security fix:

• Alban Crequy at Collabora Ltd. discovered and fixed a

denial-of-service flaw in dbus-daemon, part of the reference implementation of D-Bus. Additionally, in highly unusual environments the same flaw could lead to a side channel between processes that should not be able to communicate. (CVE-2014-3477, fd.o #78979)

 http://seclists.org/oss-sec/2014/q2/509

Change History

comment:1 Changed 3 years ago by kb0iic

  • Status changed from new to closed
  • Resolution set to fixed

Upgraded to 1.8.4.

commit c7ce049070e0aa43ae7e6ddbcbb91ac08eae727e fixes this.

Last edited 3 years ago by kb0iic (previous) (diff)
Note: See TracTickets for help on using tickets.