dbus security update

CentOS Errata and Security Advisory CESA-2011:0376

D-Bus is a system for sending messages between applications. It is used for
the system-wide message bus service and as a per-user-login-session
messaging facility.

A denial of service flaw was discovered in the system for sending messages
between applications. A local user could send a message with an excessive
number of nested variants to the system-wide message bus, causing the
message bus (and, consequently, any process using libdbus to receive
messages) to abort. (CVE-2010-4352)

All users are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue. For the update to take effect, all
running instances of dbus-daemon and all running applications using the
libdbus library must be restarted, or the system rebooted.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-April/079494.html
https://lists.centos.org/pipermail/centos-announce/2011-April/079495.html

Affected packages:
dbus
dbus-devel
dbus-libs
dbus-x11

Upstream details at:
https://access.redhat.com/errata/RHSA-2011:0376