Change History (3)
comment:1 by , 2 years ago
comment:2 by , 2 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Fixed at commit
Update to iana-etc-20221007. Update to vim-9.0.0739. Add upstream patches to readline and bash. Update to zlib-1.2.13. Update to man-pages-6.00. Update to gettext-0.21.1. Update to iproute2-6.0.0. Update to meson-0.63.3. Update to Python-3.10.8. Update to xz-5.2.7. Update to tzdata-2022e. Update to linux-6.0.1. Update to dbus-1.14.4.
Note:
See TracTickets
for help on using tickets.
dbus 1.14.4 (2022-10-05)
This is a security update for the dbus 1.14.x stable branch, fixing denial-of-service issues (CVE-2022-42010, -42011, -42012) and applying security hardening.
Denial of service fixes:
There are several ways in which an authenticated local attacker could cause a crash (denial of service) in dbus-daemon --system or a custom DBusServer. In uncommon configurations these could potentially be carried out by an authenticated remote attacker.