Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[Security Announce] [ MDVSA-2008:213 ] dbus

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

This is a multi-part message in MIME format...

 

------------=_1224103218-14940-760

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Security Advisory MDVSA-2008:213

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : dbus

Date : October 15, 2008

Affected: 2008.0, 2008.1, 2009.0

_______________________________________________________________________

 

Problem Description:

 

The D-Bus library did not correctly validate certain corrupted

signatures which could cause a crash of applications linked against

the D-Bus library if a local user were to send a specially crafted

D-Bus request (CVE-2008-3834).

 

The updated packages have been patched to prevent this issue.

_______________________________________________________________________

 

References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834

_______________________________________________________________________

 

Updated Packages:

 

Mandriva Linux 2008.0:

53ddac46fc15f92a05beb6bf4b79e8f1 2008.0/i586/dbus-1.0.2-10.3mdv2008.0.i586.rpm

abfcbe2261e69ce5df6c9fbbb82fbab9 2008.0/i586/dbus-x11-1.0.2-10.3mdv2008.0.i586.rpm

e04213f6dac50b0c287006ff57c1f996 2008.0/i586/libdbus-1_3-1.0.2-10.3mdv2008.0.i586.rpm

175dfa98c5a745bfd1600ae0f7762c5c 2008.0/i586/libdbus-1_3-devel-1.0.2-10.3mdv2008.0.i586.rpm

a6cb2643f7bc8dbdb07a543409bed40b 2008.0/SRPMS/dbus-1.0.2-10.3mdv2008.0.src.rpm

 

Mandriva Linux 2008.0/X86_64:

b46a4d074a675a25ac84f6732e6c8871 2008.0/x86_64/dbus-1.0.2-10.3mdv2008.0.x86_64.rpm

226392774b33b7d1d3ba7335e28afb18 2008.0/x86_64/dbus-x11-1.0.2-10.3mdv2008.0.x86_64.rpm

8a7f98b123c9c9e88fe5fb4b2309adc8 2008.0/x86_64/lib64dbus-1_3-1.0.2-10.3mdv2008.0.x86_64.rpm

8226572ecedf628042d43ea4b21d1ab0 2008.0/x86_64/lib64dbus-1_3-devel-1.0.2-10.3mdv2008.0.x86_64.rpm

a6cb2643f7bc8dbdb07a543409bed40b 2008.0/SRPMS/dbus-1.0.2-10.3mdv2008.0.src.rpm

 

Mandriva Linux 2008.1:

f44638434665041b0c082f3d2621e0ff 2008.1/i586/dbus-1.1.20-5.1mdv2008.1.i586.rpm

75e7d341786089e9410d80af6c50e90a 2008.1/i586/dbus-x11-1.1.20-5.1mdv2008.1.i586.rpm

f148fb013796617ad2426756d5914dd0 2008.1/i586/libdbus-1_3-1.1.20-5.1mdv2008.1.i586.rpm

1c30ba194643108bae7fe38228157691 2008.1/i586/libdbus-1-devel-1.1.20-5.1mdv2008.1.i586.rpm

a74cf7a5ae6427e0b3a7e387540e6d55 2008.1/SRPMS/dbus-1.1.20-5.1mdv2008.1.src.rpm

 

Mandriva Linux 2008.1/X86_64:

91b111e4298984d5cfe51706b64d07dd 2008.1/x86_64/dbus-1.1.20-5.1mdv2008.1.x86_64.rpm

b1627308cb9dfcf93b2eb8e59d8b1c79 2008.1/x86_64/dbus-x11-1.1.20-5.1mdv2008.1.x86_64.rpm

b41e2ebdb48617ee523bc6a5a47aa567 2008.1/x86_64/lib64dbus-1_3-1.1.20-5.1mdv2008.1.x86_64.rpm

35f9609ccd79ad79c4f0ec60559948a1 2008.1/x86_64/lib64dbus-1-devel-1.1.20-5.1mdv2008.1.x86_64.rpm

a74cf7a5ae6427e0b3a7e387540e6d55 2008.1/SRPMS/dbus-1.1.20-5.1mdv2008.1.src.rpm

 

Mandriva Linux 2009.0:

9b5d7c9beac341543c08bfb60622b1d2 2009.0/i586/dbus-1.2.3-2.1mdv2009.0.i586.rpm

a06cbb82b1029a3c4ba2b0b5cdeb5348 2009.0/i586/dbus-x11-1.2.3-2.1mdv2009.0.i586.rpm

792d37202f7782bf25c7a806bdd3e6ff 2009.0/i586/libdbus-1_3-1.2.3-2.1mdv2009.0.i586.rpm

b122d9c75a13ce7d03cf705e3e6e1011 2009.0/i586/libdbus-1-devel-1.2.3-2.1mdv2009.0.i586.rpm

789c0a12c1e14968b364c296b1a81278 2009.0/SRPMS/dbus-1.2.3-2.1mdv2009.0.src.rpm

 

Mandriva Linux 2009.0/X86_64:

f6f343d89dbc2ee0c5d44f8ee0d91648 2009.0/x86_64/dbus-1.2.3-2.1mdv2009.0.x86_64.rpm

3dc65757a0631ef1593150b56cda2176 2009.0/x86_64/dbus-x11-1.2.3-2.1mdv2009.0.x86_64.rpm

f1b2f70268553ebbdad7459b1e9957be 2009.0/x86_64/lib64dbus-1_3-1.2.3-2.1mdv2009.0.x86_64.rpm

421d70189a8fd14d79f02c01138ae586 2009.0/x86_64/lib64dbus-1-devel-1.2.3-2.1mdv2009.0.x86_64.rpm

789c0a12c1e14968b364c296b1a81278 2009.0/SRPMS/dbus-1.2.3-2.1mdv2009.0.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFI9iibmqjQ0CJFipgRAsjUAJsGSDl/T5JqJg0soVrNTCjjA/OjAACgtwvD

E/GjNt9M7Qq1awFdoQeOpU4=

=lJFx

-----END PGP SIGNATURE-----

 

 

------------=_1224103218-14940-760

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1224103218-14940-760--

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×