Announcing dbus 1.6.22 (security fix release)

Simon McVittie simon.mcvittie at collabora.co.uk
Wed Jul 2 09:04:43 PDT 2014


This is a security release for the old-stable branch. Upgrading to 1.8.6
instead is recommended, but if you need to use 1.6.x:

http://dbus.freedesktop.org/releases/dbus/dbus-1.6.22.tar.gz
http://dbus.freedesktop.org/releases/dbus/dbus-1.6.22.tar.gz.asc
git tag: dbus-1.6.22
new git branch: dbus-1.6

Security fixes backported from 1.8.6:

• On Linux ≥ 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently
  drop the message. This prevents an attack in which a malicious client
  can make dbus-daemon disconnect a system service, which is a local
  denial of service.
  (fd.o #80163, CVE-2014-3532; Alban Crequy)

• Track remaining Unix file descriptors correctly when more than one
  message in quick succession contains fds. This prevents another attack
  in which a malicious client can make dbus-daemon disconnect a system
  service.
  (fd.o #79694, fd.o #80469, CVE-2014-3533; Alejandro Martínez Suárez,
  Simon McVittie, Alban Crequy)

Regards,
    S


More information about the dbus mailing list