Opened 11 years ago
Closed 11 years ago
#961 closed task (fixed)
D-Bus 1.8.4 Announce with security fix
Reported by: | William Harrington | Owned by: | |
---|---|---|---|
Priority: | critical | Milestone: | CLFS Standard 3.0 |
Component: | BOOK | Version: | CLFS Sysroot GIT |
Keywords: | Cc: | berzerkula@…, jonathan@… |
Description
http://comments.gmane.org/gmane.comp.freedesktop.dbus/15817
We need to upgrade this during our package freeze. It is a critical fix.
Security fix:
- Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service flaw in dbus-daemon, part of the reference implementation of D-Bus. Additionally, in highly unusual environments the same flaw could lead to a side channel between processes that should not be able to communicate. (CVE-2014-3477, fd.o #78979)
Note:
See TracTickets
for help on using tickets.
Upgraded to 1.8.4.
commit c7ce049070e0aa43ae7e6ddbcbb91ac08eae727e fixes this.