[ubuntu/kinetic-security] dbus 1.14.0-2ubuntu3 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Thu Oct 27 13:06:28 UTC 2022
dbus (1.14.0-2ubuntu3) kinetic; urgency=medium
* SECURITY UPDATE: Assertion failure in dbus-marshal-validate
- debian/patches/CVE-2022-42010.patch: Check brackets in signature nest
correctly
- CVE-2022-42010
* SECURITY UPDATE: Out-of-bound access in dbus-marshal-validate
- debian/patches/CVE-2022-42011.patch: Validate length of arrays of
fixed-length items
- CVE-2022-42011
* SECURITY UPDATE: Out-of-bound access in dbus-marshal-byteswap
- debian/patches/CVE-2022-42012.patch: Byte-swap Unix fd indexes if needed
- CVE-2022-42012
Date: 2022-10-26 12:50:10.104570+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/dbus/1.14.0-2ubuntu3
-------------- next part --------------
Sorry, changesfile not available.
More information about the kinetic-changes
mailing list