Säkerhetsbulletin från Debian
DSA-1599-1 dbus -- programmeringsfel
- Rapporterat den:
- 2008-06-26
- Berörda paket:
- dbus
- Sårbara:
- Ja
- Referenser i säkerhetsdatabaser:
- I Mitres CVE-förteckning: CVE-2008-0595.
- Ytterligare information:
-
Havoc Pennington upptäckte att DBus, ett enkelt system för kommunikation mellan processer, inte utförde tillräcklig kontroll av säkerhetspolicyer, vilket kunde leda till en lokal utökning av privilegier.
För den stabila utgåvan (Etch) har detta problem rättats i version 1.0.2-1+etch1.
För den instabila utgåvan (Sid) har detta problem rättats i version 1.1.20-1.
Vi rekommenderar att ni uppgraderar era dbus-paket.
- Rättat i:
-
Debian GNU/Linux 4.0 (etch)
- Källkod:
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2.orig.tar.gz
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1.dsc
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1.diff.gz
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1.dsc
- Arkitekturoberoende komponent:
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-doc_1.0.2-1+etch1_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_alpha.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_alpha.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_alpha.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_alpha.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_amd64.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_amd64.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_amd64.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_amd64.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_amd64.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_hppa.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_hppa.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_hppa.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_hppa.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_i386.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_i386.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_i386.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_i386.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_ia64.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_ia64.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_ia64.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_ia64.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_ia64.deb
- Big-endian MIPS:
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_mips.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_mips.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_mips.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_mips.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_mips.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_mipsel.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_mipsel.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_mipsel.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_mipsel.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_powerpc.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_powerpc.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_powerpc.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_powerpc.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_s390.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_s390.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_s390.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_s390.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-3_1.0.2-1+etch1_sparc.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_sparc.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus_1.0.2-1+etch1_sparc.deb
- http://security.debian.org/pool/updates/main/d/dbus/libdbus-1-dev_1.0.2-1+etch1_sparc.deb
- http://security.debian.org/pool/updates/main/d/dbus/dbus-1-utils_1.0.2-1+etch1_sparc.deb
MD5-kontrollsummor för dessa filer finns i originalbulletinen.