[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2235-1] dbus security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : dbus
Version        : 1.8.22-0+deb8u3
CVE ID         : CVE-2020-12049

It was discovered that there was a file descriptor leak in the D-Bus
message bus.

An unprivileged local attacker could use this to attack the system
DBus daemon, leading to denial of service for all users of the
machine.

For Debian 8 "Jessie", this issue has been fixed in dbus version
1.8.22-0+deb8u3.

We recommend that you upgrade your dbus packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7aZbIACgkQHpU+J9Qx
HliT9hAAtzQWcjADdHxVrfa7SoFLS3KCxEj+ekLMMaTBVZFZYM1lV+ZnN+dLK/6s
Y0hZfrdoGyqxUL/qVGZA4qDqCmnE52CDmIgwNyK9EEc/d2QwvDMxawyE9aAK1EZC
P0xAkDKwJCH0KnCs6UHZoqbPSkRqV62nUJprxhQ/Us7xz8AySjgdrrXt8oD1xE+b
d+nbPMd5QkGn6QKKE9bObAZliEZ8oyRrL1aTsVZZft4sCGtxeINyL+zmV5U+iOYU
4Ff93IlJrG0hTfOXPKCsyTT+jCUeZ/1gVw25Bp8Ct9JZQJKWDAXSdkBkJoQGd0gE
oF5gXRpcHo00/u2CTAGvho9RvVzFOxD3TaQYOdLnnIRv3Hea8zB+FFZEfthTd6Px
fQF9vFjnKjWJ7UPcfek6PVje5o9qETRy2E4T7o9rRfa1JU4YIT2P8+xCWgDcFxWN
wzXcSApgSPrcDV/LNAWcc50qHrJePvnsJfM66Kab48+bQH7T+hSJfs/D3nAKIrG2
2EquJswME2rO0MLYlbjt0XNPD0/BovhqdRVV4Tpdm4KuBBVx0H6MZglIGni+ySJI
Ndz8D7nHSfE2tdgcF6F4avHMCKWSCtC9DTv2R3znbmmUEiXdkpLwKtRksT7dd65t
ujHr7Ykd5F2ity9reIl7lDvnEzljARbavcOQ4G6Q/gzoYldev6I=
=5ek1
-----END PGP SIGNATURE-----


Reply to: