[ubuntu/cosmic-security] dbus 1.12.10-1ubuntu2.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jun 11 16:34:05 UTC 2019
dbus (1.12.10-1ubuntu2.1) cosmic-security; urgency=medium
* SECURITY UPDATE: DBUS_COOKIE_SHA1 implementation flaw
- d/p/0001-auth-Reject-DBUS_COOKIE_SHA1-for-users-other-than-th.patch:
reject DBUS_COOKIE_SHA1 for users other than the server owner in
dbus/dbus-auth.c.
- d/p/0002-test-Add-basic-test-coverage-for-DBUS_COOKIE_SHA1.patch:
add basic test coverage for DBUS_COOKIE_SHA1 in
dbus/dbus-auth-script.c, dbus/dbus-sysdeps-util-unix.c,
dbus/dbus-sysdeps-util-win.c, dbus/dbus-sysdeps.h, test/Makefile.am,
test/data/auth/cookie-sha1-username.auth-script,
test/data/auth/cookie-sha1.auth-script.
- CVE-2019-12749
Date: 2019-06-10 19:27:12.865140+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/dbus/1.12.10-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Cosmic-changes
mailing list