Updated dbus packages fix security vulnerability
Publication date: 18 Jun 2014Modification date: 18 Jun 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3477
Description
Updated dbus packages fix security vulnerability: A denial of service vulnerability in D-Bus before 1.6.20 allows a local attacker to cause a bus-activated service that is not currently running to attempt to start, and fail, denying other users access to this service Additionally, in highly unusual environments the same flaw could lead to a side channel between processes that should not be able to communicate (CVE-2014-3477).
References
SRPMS
3/core
- dbus-1.6.8-4.2.mga3
4/core
- dbus-1.6.18-1.1.mga4