10 matches found
Updated dbus packages fix security vulnerability
A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical...
MGASA-2022-0365 Updated dbus packages fix security vulnerability
A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical...
MGASA-2017-0310 Updated dbus packages fix security vulnerabilities
A format string vulnerability in the reference bus implementation, dbus-daemon, could potentially allow local users to cause arbitrary code execution or denial of service. Symlink attack in nonce-tcp transport bsc1025950. Symlink attack in unit tests bsc1025951...
MGASA-2015-0405 Updated dbus packages fixes security vulnerability
Updated dbus packages provides security hardening and fixes some bugs Security hardening: On Unix platforms, change the default configuration for the session bus to only allow EXTERNAL authentication secure kernel-mediated credentials-passing, as was already done for the system bus. This avoids...
MGASA-2015-0071 Updated dbus packages fix security vulnerabilities
non-systemd processes can make dbus-daemon think systemd failed to activate a system service, resulting in an error reply back to the requester, causing a local denial of service CVE-2015-0245...
MGASA-2014-0457 Updated dbus packages fix security vulnerabilitiy
The patch issued by the D-Bus maintainers for CVE-2014-3636 was based on incorrect reasoning, and does not fully prevent the attack described as "CVE-2014-3636 part A", which is repeated below. Preventing that attack requires raising the system dbus-daemon's RLIMITNOFILE ulimit -n to a higher...
MGASA-2013-0173 Updated dbus packages fix security vulnerability
Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in dbusprintfstringupperbound. This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus services running, it could lead to...
CentOS 5 : dbus (CESA-2008:0159)
Updated dbus packages that fix an issue with circumventing the security policy are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. D-Bus is a system for sending messages between applications. It is used both for the system-wide...
dbus security update
CentOS Errata and Security Advisory CESA-2009:0008 Updated dbus packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. D-Bus is a system for sending messages between...
RedHat Security Advisory RHSA-2009:0008
The remote host is missing updates announced in advisory RHSA-2009:0008. D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. A denial-of-service flaw was discovered in the system for...