[ MDVSA-2015:176 ] dbus

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:176
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : dbus
 Date    : March 30, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated dbus packages fix multiple vulnerabilities:
 
 A denial of service vulnerability in D-Bus before 1.6.20 allows a
 local attacker to cause a bus-activated service that is not currently
 running to attempt to start, and fail, denying other users access to
 this service Additionally, in highly unusual environments the same
 flaw could lead to a side channel between processes that should not
 be able to communicate (CVE-2014-3477).
 
 A flaw was reported in D-Bus's file descriptor passing feature. A
 local attacker could us

007 Software

[ MDVSA-2015:176 ] dbus

Leave a Reply Cancel reply

Software and Security Information