Nom du paquet
dbus-glib
Date
2013-04-08
Advisory ID
MDVSA-2013:071
Affected versions
MBS1 x86_64

Problem description

Updated dbus-glib packages fix security vulnerability:

A privilege escalation flaw was found in the way dbus-glib, the D-Bus
add-on library to integrate the standard D-Bus library with the GLib
thread abstraction and main loop, performed filtering of the message
sender (message source subject), when the NameOwnerChanged signal
was received. A local attacker could use this flaw to escalate their
privileges (CVE-2013-0292).

Updated packages

MBS1 x86_64

 9ab96c579f8b25af6351fdadc60b35b3  mbs1/x86_64/lib64dbus-glib-0.96-2.1.mbs1.x86_64.rpm
 26926651e48b9b3f5c08be82a756c2c0  mbs1/x86_64/lib64dbus-glib1_2-0.96-2.1.mbs1.x86_64.rpm 
 537f5d00df4764bb0ecbcb29ff6737d3  mbs1/SRPMS/dbus-glib-0.96-2.1.mbs1.src.rpm

References