MDVSA-2009:256
- Nom du paquet
- dbus
- Date
- 2009-10-06
- Advisory ID
- MDVSA-2009:256
- Affected versions
- 2009.0 x86_64 , MES5 i586 , 2009.0 i586 , 2008.1 x86_64 , 2008.1 i586 , MES5 x86_64
Problem description
A vulnerability was discovered and corrected in dbus:
The _dbus_validate_signature_with_reason function
(dbus-marshal-validate.c) in D-Bus (aka DBus) uses incorrect logic
to validate a basic type, which allows remote attackers to spoof a
signature via a crafted key. NOTE: this is due to an incorrect fix
for CVE-2008-3834 (CVE-2009-1189).
This update provides a fix for this vulnerability.
Updated packages
2009.0 x86_64
10de67ba852e1f03c8c5068a1932c9a4 2009.0/x86_64/dbus-1.2.3-2.2mdv2009.0.x86_64.rpm 63126e1831d32cc8fca0d302a854110a 2009.0/x86_64/dbus-x11-1.2.3-2.2mdv2009.0.x86_64.rpm 9502f2304d46083597555fce5002f036 2009.0/x86_64/lib64dbus-1_3-1.2.3-2.2mdv2009.0.x86_64.rpm 61ff69d44d8a5ee5a074896a1367c44b 2009.0/x86_64/lib64dbus-1-devel-1.2.3-2.2mdv2009.0.x86_64.rpm 031a8c677cc5991ca5e8e697133c11aa 2009.0/SRPMS/dbus-1.2.3-2.2mdv2009.0.src.rpm
MES5 i586
70a9654d8ce376e719b746ac6d6f18ce mes5/i586/dbus-1.2.3-2.2mdvmes5.i586.rpm c7046464734a015f02178186b3172cbe mes5/i586/dbus-x11-1.2.3-2.2mdvmes5.i586.rpm 5d80c2ad6fa253e65abd0d22c15e1682 mes5/i586/libdbus-1_3-1.2.3-2.2mdvmes5.i586.rpm a1977f7af5f039346775da2cbd8fbddd mes5/i586/libdbus-1-devel-1.2.3-2.2mdvmes5.i586.rpm a8041ed9daac331ec21941be8807635c mes5/SRPMS/dbus-1.2.3-2.2mdvmes5.src.rpm
2009.0 i586
215ccf38f576bec61e61fc6051124434 2009.0/i586/dbus-1.2.3-2.2mdv2009.0.i586.rpm f9fa47fe70299069babb6f8c9713af7e 2009.0/i586/dbus-x11-1.2.3-2.2mdv2009.0.i586.rpm 697fa33756593aa08f0ba95058dfe35b 2009.0/i586/libdbus-1_3-1.2.3-2.2mdv2009.0.i586.rpm b330b7b339ff67790c30da985dd7f440 2009.0/i586/libdbus-1-devel-1.2.3-2.2mdv2009.0.i586.rpm 031a8c677cc5991ca5e8e697133c11aa 2009.0/SRPMS/dbus-1.2.3-2.2mdv2009.0.src.rpm
2008.1 x86_64
5221836d3ef1c8269d52079c67945d4a 2008.1/x86_64/dbus-1.1.20-5.2mdv2008.1.x86_64.rpm b6503f824662c20dc0ecc5d334fe5ce8 2008.1/x86_64/dbus-x11-1.1.20-5.2mdv2008.1.x86_64.rpm 1f06af2644b6977c45751a6a40ef83e3 2008.1/x86_64/lib64dbus-1_3-1.1.20-5.2mdv2008.1.x86_64.rpm 324a55d3ded9a2880969ee20fba3827f 2008.1/x86_64/lib64dbus-1-devel-1.1.20-5.2mdv2008.1.x86_64.rpm aa54669bdc4c618d680156b633db24c7 2008.1/SRPMS/dbus-1.1.20-5.2mdv2008.1.src.rpm
2008.1 i586
a1d1e3dc737e1a4827a9529db2e3308a 2008.1/i586/dbus-1.1.20-5.2mdv2008.1.i586.rpm e9a35f39a855151ca27c06b261a34a4d 2008.1/i586/dbus-x11-1.1.20-5.2mdv2008.1.i586.rpm 11f206c95fd281daeab789ec3e7b4c21 2008.1/i586/libdbus-1_3-1.1.20-5.2mdv2008.1.i586.rpm d3907296ccc8a6fa66f716907c0bb780 2008.1/i586/libdbus-1-devel-1.1.20-5.2mdv2008.1.i586.rpm aa54669bdc4c618d680156b633db24c7 2008.1/SRPMS/dbus-1.1.20-5.2mdv2008.1.src.rpm
MES5 x86_64
ffe499ed02e415401abfeb6ff47df151 mes5/x86_64/dbus-1.2.3-2.2mdvmes5.x86_64.rpm 4fce107e5ffd58229e6f252120defee7 mes5/x86_64/dbus-x11-1.2.3-2.2mdvmes5.x86_64.rpm c67a437e620a291c359ca24e335d77c6 mes5/x86_64/lib64dbus-1_3-1.2.3-2.2mdvmes5.x86_64.rpm 80cbb52eff0c2ccbb07aea8fe6a97251 mes5/x86_64/lib64dbus-1-devel-1.2.3-2.2mdvmes5.x86_64.rpm a8041ed9daac331ec21941be8807635c mes5/SRPMS/dbus-1.2.3-2.2mdvmes5.src.rpm