[ANNOUNCE] D-Bus 1.4.1 (fixing CVE-2010-4352)
remi at remlab.net
Mon Dec 20 16:35:35 PST 2010
On Tuesday 21 December 2010, Brian Cameron wrote:
> I assume the CVE-2010-4352 issue does not affect D-Bus 1.2 since no
> mention is made. Can you confirm?
At least the Debian's D-Bus 1.2.24 is affected according to my own testing. I
assume all D-Bus versions are affected.
I can send you the PoC privately if you wish.
More information about the dbus