CVE-2012-3524 patch review
Colin Walters
walters at verbum.org
Mon Sep 24 09:48:21 PDT 2012
So this patch has been shipped by a few vendors now:
https://bugs.freedesktop.org/show_bug.cgi?id=52202
Sorry about the way this issue bounced around. I eventually changed my
mind on this issue, and came to believe it makes a lot of sense to
mitigate the issue as much as possible in libdbus. This is even more
true now that we know there's a possible vector via pam_systemd.
Let's get this upstream, so please review!
More information about the dbus
mailing list