CVE-2012-3524 patch review
walters at verbum.org
Mon Sep 24 09:48:21 PDT 2012
So this patch has been shipped by a few vendors now:
Sorry about the way this issue bounced around. I eventually changed my
mind on this issue, and came to believe it makes a lot of sense to
mitigate the issue as much as possible in libdbus. This is even more
true now that we know there's a possible vector via pam_systemd.
Let's get this upstream, so please review!
More information about the dbus