MGASA-2012-0233
| Date: | August 23rd, 2012 |
| Affected releases: | 1 |
Description:
Updated dbus packages fix security vulnerability:
A denial of service flaw was found in the way the D-Bus library handled
endianness conversion when receiving messages. A local user could use this
flaw to send a specially-crafted message to dbus-daemon or to a service
using the bus, such as Avahi or NetworkManager, possibly causing the
daemon to exit or the service to disconnect from the bus (CVE-2011-2200).
Updated Packages:
dbus-1.4.1-3.1.mga1
dbus-doc-1.4.1-3.1.mga1
dbus-x11-1.4.1-3.1.mga1
lib(64)dbus-1_3-1.4.1-3.1.mga1
lib(64)dbus-1-devel-1.4.1-3.1.mga1
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2200
https://rhn.redhat.com/errata/RHSA-2011-1132.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063294.html
https://bugs.mageia.org/show_bug.cgi?id=7059
