You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa dbus

Sigurnosni nedostatak programskog paketa dbus

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-2425-1
November 27, 2014

dbus vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.10
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS

Summary:

DBus could be made to stop responding under certain conditions.

Software Description:
– dbus: simple interprocess messaging system

Details:

It was discovered that DBus incorrectly handled a large number of file
descriptor messages. A local attacker could use this issue to cause DBus to
stop responding, resulting in a denial of service. (CVE-2014-7824)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.10:
dbus 1.8.8-1ubuntu2.1
libdbus-1-3 1.8.8-1ubuntu2.1

Ubuntu 14.04 LTS:
dbus 1.6.18-0ubuntu4.3
libdbus-1-3 1.6.18-0ubuntu4.3

Ubuntu 12.04 LTS:
dbus 1.4.18-1ubuntu1.7
libdbus-1-3 1.4.18-1ubuntu1.7

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2425-1
CVE-2014-7824

Package Information:
https://launchpad.net/ubuntu/+source/dbus/1.8.8-1ubuntu2.1
https://launchpad.net/ubuntu/+source/dbus/1.6.18-0ubuntu4.3
https://launchpad.net/ubuntu/+source/dbus/1.4.18-1ubuntu1.7

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJUd0wwAAoJEGVp2FWnRL6TOS8QAKK/YlwVJCriOym0iYHtbOK/
wJKEQTaN6Q42PpF4YCFnz7NI/iejqN9NkfuLwnzec+V2PXjdP9AMXvjxv/xi38k/
cDfuNPL0lLaoIf/bl6PPmDIHL/OFxUa7e+r3DcpxPUwhvCBc4FnK3/CM7a4wXABA
QeATg9VS/4R7q9yAOmqH9l71f0DF24PeAtvco8tlv9B5FKsinJbMp6+nDVU8rgb0
nVxSBC1dfBcMY5shTwl2qevNumqP0oPDdW4wP74Rvyh3WbsdPgDPFaIKyUSQJroo
cXqdJ0wd7YCDilUTVq+cRzyio36I7Cec7CkXjGDMFw25JFpJLCKxngPruUvw1Brq
hV3P0EA6/07lCmyqd2EQSoU/xg3FooPXPXnRvEwVC7VLnx6fVCzvapM9o5VVsUt9
H+a02pkVa8nnWfyzY1/DXWs+rbr3bpTu45EzRm2wdB4rSUdmtpwAbK2pk67I78yB
IPK0G3sWO8MPNOXoC9BXLHsmx0lvhnCgJrGduKs6CP1/QdWPQt57yWJCCp1VjDCj
B/eKgVcmgi2M1STeweLxYBU3wgznxxSYKJ+wi3jzNo9l7c+55PyzWtfc8V3yw+yG
d+mt2eQcKOsO3WSFNcWPurPCkw+DMuKwaD9A/evMW1/Z9Qju4/cTuuh7ilLtntQA
H3EhvpR5qqYFiEwUK2ZD
=7a1b
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Ranjivost programske biblioteke libksba

Otkrivena je ranjivost cjelobrojnog podljeva u funkciji ksba_oid_to_str() unutar programske biblioteke libksba. Potencijalni zlonamjerni korisnik ranjivost bi mogao iskoristiti za...

Close