Announcing D-Bus 1.8.6 (security fix release)
Simon McVittie
simon.mcvittie at collabora.co.uk
Wed Jul 2 09:04:37 PDT 2014
This is a security fix release for the current stable branch, 1.8.x.
Please upgrade unless you have a reason to keep using an older branch.
http://dbus.freedesktop.org/releases/dbus/dbus-1.8.6.tar.gz
http://dbus.freedesktop.org/releases/dbus/dbus-1.8.6.tar.gz.asc
git tag: dbus-1.8.6
git branch: dbus-1.8
Security fixes:
• On Linux ≥ 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently
drop the message. This prevents an attack in which a malicious client
can make dbus-daemon disconnect a system service, which is a local
denial of service.
(fd.o #80163, CVE-2014-3532; Alban Crequy)
• Track remaining Unix file descriptors correctly when more than one
message in quick succession contains fds. This prevents another attack
in which a malicious client can make dbus-daemon disconnect a system
service.
(fd.o #79694, fd.o #80469, CVE-2014-3533; Alejandro Martínez Suárez,
Simon McVittie, Alban Crequy)
Other fixes:
• When dbus-launch --exit-with-session starts a dbus-daemon but then
cannot attach to a session, kill the dbus-daemon as intended
(fd.o #74698, Роман Донченко)
Regards,
S
More information about the dbus
mailing list