dbus security update

2019-07-11T16:07:34
ID CESA-2019:1726
Type centos
Reporter CentOS Project
Modified 2019-07-11T16:07:34

Description

CentOS Errata and Security Advisory CESA-2019:1726

D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.

Security Fix(es):

  • dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass (CVE-2019-12749)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2019-July/023361.html

Affected packages: dbus dbus-devel dbus-doc dbus-libs dbus-x11

Upstream details at: