(RHSA-2009:0008) Moderate: dbus security update

2009-01-07T05:00:00
ID RHSA-2009:0008
Type redhat
Reporter RedHat
Modified 2017-09-08T12:06:32

Description

D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility.

A denial-of-service flaw was discovered in the system for sending messages between applications. A local user could send a message with a malformed signature to the bus causing the bus (and, consequently, any process using libdbus to receive messages) to abort. (CVE-2008-3834)

All users are advised to upgrade to these updated dbus packages, which contain backported patch which resolve this issue. For the update to take effect, all running instances of dbus-daemon and all running applications using libdbus library must be restarted, or the system rebooted.