Announcing dbus 1.6.12
Simon McVittie
simon.mcvittie at collabora.co.uk
Thu Jun 13 04:54:19 PDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The “does this unit have a soul?” release.
This is a stable-branch release fixing a security vulnerability. You
should upgrade.
http://dbus.freedesktop.org/releases/dbus/dbus-1.6.12.tar.gz
http://dbus.freedesktop.org/releases/dbus/dbus-1.6.12.tar.gz.asc
Fixes:
• CVE-2013-2168: Fix misuse of va_list that could be used as a denial
of service for system services. Vulnerability reported by Alexandru
Cornea. (Simon)
• In dbus-daemon, don't crash if a .service file starts with key=value
(fd.o #60853, Chengwei Yang)
• Unix-specific:
· Fix an assertion failure if we try to activate systemd services
before systemd connects to the bus (fd.o #50199, Chengwei Yang)
· Avoid compiler warnings for ignoring the return from write()
(Chengwei Yang)
-----BEGIN PGP SIGNATURE-----
iQIVAwUBUbmy603o/ypjx8yQAQgrtQ//dN9qMmGzsk4FGe7NRaCODRQpL/NgLfvA
kKzoL/204uD2ky+7Efe1aEffTb7iPXWn+dwCx/tSqlJEQER0hDn9GyaHYJztxDrI
zl9nmgsdaNZsjPMnuGThRXpYrrMGVOO+5IcoER1BF7gwazVp6tQea6VBYVcsFfZc
+pw3q3vJ0kP4pnJboeuf0mT2VoGEREcCAwZcd2m8BS8w0+chRVIoHrsvPlB0K6tx
bh/SHw87cyt99d9Vdm+k0AkIHVds/6nMPGVdhDRnUlJiZgqAIdSgnAVXo9zZzx3e
Gsb8vGMyoyEtvrxSsyVg14XigiJDgPuxNr3vPD6/e26f0AXC+AjxpYP4vAZZe4aX
FuPfwjXvEtF3w/CezKjTLy1SkxAphfkGg0nyCpA6/xW2ap04jxYmfqkt+TmIsJkI
spsNd5SiqmXFb3kIahIrhWitzz8S2B545NvF8jNScDf06VwHt3T50zYsz3FeAHr5
T78ZdfzyKuDgVRhCJP62jTpbbwx+W+lXfsiSLrhnuCR0yPfqWqg3ckkOl6JuQxKh
h0Lky3OaZVzZ6pciqn0wDAOFfAJ0vZArMkyjlGQBjjTz8AX0UG2oicllvV9FGmB1
7G1ZTtJSQaTYO5dumUIVRnXa9qIRxjc05qPXbDJeMD4qPg288dQfI2Frg7flN2IP
vuBahyi2nx4=
=cWux
-----END PGP SIGNATURE-----
More information about the dbus
mailing list