This bug was fixed in the package dbus - 1.1.20-1ubuntu3.4
---
dbus (1.1.20-1ubuntu3.4) hardy-security; urgency=low
* SECURITY UPDATE: fix DoS with too deeply nested messages
- debian/patches/84-CVE-2010-4352.patch: Limit nesting to 64 for dynamic
message variants. Backpor
This bug was fixed in the package dbus - 1.2.16-0ubuntu9.1
---
dbus (1.2.16-0ubuntu9.1) karmic-security; urgency=low
* SECURITY UPDATE: fix DoS with too deeply nested messages
- debian/patches/99-CVE-2010-4352.patch: Limit nesting to 64 for dynamic
message variants. Backpo
This bug was fixed in the package dbus - 1.2.16-2ubuntu4.1
---
dbus (1.2.16-2ubuntu4.1) lucid-security; urgency=low
* SECURITY UPDATE: fix DoS with too deeply nested messages
- debian/patches/99-CVE-2010-4352.patch: Limit nesting to 64 for dynamic
message variants. Backpor
This bug was fixed in the package dbus - 1.4.0-0ubuntu1.1
---
dbus (1.4.0-0ubuntu1.1) maverick-security; urgency=low
* SECURITY UPDATE: fix DoS with too deeply nested messages
- debian/patches/99-CVE-2010-4352.patch: Limit nesting to 64 for dynamic
message variants.
-
Uploaded patched packages to the security PPA.
** Changed in: dbus (Ubuntu Lucid)
Status: In Progress => Fix Committed
** Changed in: dbus (Ubuntu Maverick)
Status: In Progress => Fix Committed
** Changed in: dbus (Ubuntu Hardy)
Status: In Progress => Fix Committed
** Chang
** Also affects: dbus (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: dbus (Ubuntu Karmic)
Importance: Undecided
Status: New
** Also affects: dbus (Ubuntu Lucid)
Importance: Undecided
Status: New
** Changed in: dbus (Ubuntu Lucid)
Status: Ne
This is fixed in 1.4.1-0ubuntu2 in Natty.
** Also affects: dbus (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: dbus (Ubuntu Natty)
Importance: Low
Assignee: Jamie Strandboge (jdstrand)
Status: In Progress
** Changed in: dbus (Ubuntu Natty)
St
** Changed in: dbus (Ubuntu)
Status: Confirmed => In Progress
** Changed in: dbus
Importance: Unknown => Undecided
** Changed in: dbus
Status: Unknown => New
** Changed in: dbus
Remote watch: freedesktop.org Bugzilla #32321 => None
** Changed in: dbus
Status: New => Fix
** Changed in: dbus (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/688992
Title:
dbus variant recursion crash
--
ubuntu-bugs mail
** Changed in: dbus (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/688992
Title:
dbus variant recursion crash
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.
>From oss-security:
"just FYI, particular bugzilla entry now opened:
[1] https://bugs.freedesktop.org/show_bug.cgi?id=32321
Issue fixed in dbus-v1.4.1 release:
[2] https://bugs.freedesktop.org/show_bug.cgi?id=32321#c12
And relevant changeset (from c#13):
[3]
http://cgit.freedesktop.org/dbus/dbu
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4352
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/688992
Title:
dbus variant recursion crash
12 matches
Mail list logo
