Announcing dbus 1.2.28
Simon Mcvittie
simon.mcvittie at collabora.co.uk
Fri Jun 10 15:41:58 PDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
A new old-stable release of dbus is now available. This release fixes a local
denial of service by backporting the patch from 1.4.12.
http://dbus.freedesktop.org/releases/dbus/dbus-1.2.28.tar.gz
http://dbus.freedesktop.org/releases/dbus/dbus-1.2.28.tar.gz.asc
D-Bus 1.2.28 (2011-06-10)
==
• Byte-swap foreign-endian messages correctly, preventing a long-standing
local DoS if foreign-endian messages are relayed through the dbus-daemon
(fd.o #38120, Debian #629938, no CVE number yet; Simon McVittie)
• Use AC_TRY_COMPILE in configure to avoid a symlink attack in /tmp
during compilation
-----BEGIN PGP SIGNATURE-----
iQIVAwUBTfKdtU3o/ypjx8yQAQgBbw/+I2O4TLi7oL/6p4X4bS5x4vhdo5Rrnbsr
ri+O8TogUVPYYGrh0DwoG7nIXegesn3Q+EZxCguufJU0UMk5kQjNHu4/6LAS/wlr
fqMi2oISSYVT5gfVM4nfKo2sTgRFQMHWMV8o5Rt+SYXD+HYxnzIlbZmnrlm2AEPf
Y8GkRKNBURVgoghH0u5igXXps4f3b1g96oXmNRQ1P3dE4sxO9e/FPye3F8hDpCaS
4aUxGybRbcip1MfG8MrQqvDpVdLcLQe7VnpjeXVv/yXL9OLWfaNqjEvR9T7oJh3V
oZOrfmoVJmjdmpWolZlnZL4w2NUzVOuVxGcyPr4vLx0idlKkMUnHvQJZoEfO5Vd0
28cZN4gkXiMs/AQyg1CcTghP46MQXwOuWoqWD8We4jdZxEh9yiMy217oailFg2oB
fi4TCdcvuCDXdCLfF3K9x7bYIuOV6JgnFsUx4vH/azaPjTRtp4U0PdsK9pZ1oyqm
xMWkeSy7b/+otWde/l4+R+j1Xh8MpZB0p/lzFkHK3Eg7XmDZqTYHc2xhrVoS4lC9
4msoSJRrsKs0JCcsBhASqOURDiXCOOowb76H2WGKfHMXWRhtDk85H0q/ap7tnVcx
ub9RTOjwyMJs6/2ZDQZ4g4aTYvf8mMORKLAYFvwHVKSf4J33E7UoVZp/XmyJDNVj
s7p5fEkhtmI=
=sDzg
-----END PGP SIGNATURE-----
More information about the dbus
mailing list