1 |
boklm |
29 |
type: security |
2 |
|
|
subject: Updated dbus packages fix security vulnerability |
3 |
|
|
CVE: |
4 |
|
|
- CVE-2013-2168 |
5 |
|
|
src: |
6 |
|
|
2: |
7 |
|
|
core: |
8 |
|
|
- dbus-1.4.16-5.2.mga2 |
9 |
|
|
3: |
10 |
|
|
core: |
11 |
|
|
- dbus-1.6.8-4.1.mga3 |
12 |
|
|
description: | |
13 |
|
|
Alexandru Cornea discovered a vulnerability in libdbus caused by an |
14 |
|
|
implementation bug in _dbus_printf_string_upper_bound(). This |
15 |
|
|
vulnerability can be exploited by a local user to crash system services |
16 |
|
|
that use libdbus, causing denial of service. Depending on the dbus |
17 |
|
|
services running, it could lead to complete system crash (CVE-2013-2168). |
18 |
|
|
|
19 |
|
|
This problem only currently appears to affect the x86_64 version of Mageia |
20 |
|
|
but we advise that all systems should be updated. |
21 |
|
|
references: |
22 |
|
|
- https://bugs.mageia.org/show_bug.cgi?id=10520 |
23 |
|
|
- http://www.debian.org/security/2013/dsa-2707 |
24 |
boklm |
38 |
ID: MGASA-2013-0173 |