[ubuntu/trusty-security] dbus 1.6.18-0ubuntu4.4 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Nov 1 16:50:23 UTC 2016


dbus (1.6.18-0ubuntu4.4) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via ActivationFailure signal race
    - debian/patches/CVE-2015-0245.patch: prevent forged ActivationFailure
      from non-root processes in bus/system.conf.in.
    - CVE-2015-0245
  * SECURITY UPDATE: arbitrary code execution or denial of service via
    format string vulnerability
    - debian/patches/format_string.patch: do not use non-literal format
      string in bus/activation.c.
    - No CVE number

Date: 2016-10-12 13:15:02.618834+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/dbus/1.6.18-0ubuntu4.4
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list