Univention Bugzilla – Bug 51713
dbus: Multiple issues (4.4)
Last modified: 2020-07-29 16:50:46 CEST
New Debian dbus 1.10.32-0+deb9u1 fixes: This update addresses the following issue: * denial of service via file descriptor leak (CVE-2020-12049)
--- mirror/ftp/4.4/unmaintained/4.4-1/source/dbus_1.10.28-0+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-5/source/dbus_1.10.32-0+deb9u1.dsc @@ -1,3 +1,10 @@ +1.10.32-0+deb9u1 [Thu, 02 Jul 2020 20:36:28 +0100] Simon McVittie <smcv@debian.org>: + + * New upstream stable release + - CVE-2020-12049: Prevent a denial of service attack in which a local + user can make the system dbus-daemon run out of file descriptors + - Prevent use-after-free if two usernames share a uid + 1.10.28-0+deb9u1 [Sun, 09 Jun 2019 22:42:06 +0100] Simon McVittie <smcv@debian.org>: * New upstream stable release <http://10.200.17.11/4.4-5/#136108680348895500>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-5] 805b18cc9c Bug #51713: dbus 1.10.32-0+deb9u1 doc/errata/staging/dbus.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [4.4-5] 828ea49ff6 Bug #51713: dbus 1.10.32-0+deb9u1 doc/errata/staging/dbus.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x655>