lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1GwV7A-0005vk-Jh@mercury.mandriva.com>
Date: Mon, 18 Dec 2006 19:54:00 -0700
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDKSA-2006:233 ] - Updated dbus packages fix
	vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:233
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : dbus
 Date    : December 18, 2006
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability was discovered in D-Bus that could be exploited by a
 local attacker to cause a Denial of Service.

 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 157420971aee9447fe45a6989c977b6f  2006.0/i586/dbus-0.23.4-5.2.20060mdk.i586.rpm
 8880db0565d247075ca954caa5ef1fab  2006.0/i586/dbus-python-0.23.4-5.2.20060mdk.i586.rpm
 b2349a9c93daee901c2a4122a928460b  2006.0/i586/dbus-x11-0.23.4-5.2.20060mdk.i586.rpm
 37ab661a3f6e6786349562efacb37668  2006.0/i586/libdbus-1_0-0.23.4-5.2.20060mdk.i586.rpm
 665252fd7ec462c7e1a771f2fc649d5b  2006.0/i586/libdbus-1_0-devel-0.23.4-5.2.20060mdk.i586.rpm
 f5e7a8a261a90c0abd7cba5323d365b6  2006.0/i586/libdbus-glib-1_0-0.23.4-5.2.20060mdk.i586.rpm
 4d9b722ad5f26be663108b011645d2dd  2006.0/i586/libdbus-qt-1_0-0.23.4-5.2.20060mdk.i586.rpm
 0cc5027f1378ba34ee4c812536dc3eaa  2006.0/i586/libdbus-qt-1_0-devel-0.23.4-5.2.20060mdk.i586.rpm 
 3ae5fcaa025ca99a30876dd757f91c17  2006.0/SRPMS/dbus-0.23.4-5.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 ebd67615affd1f1cb636b22a9c7d595f  2006.0/x86_64/dbus-0.23.4-5.2.20060mdk.x86_64.rpm
 89b3b13503f01dad8876e16064c216d0  2006.0/x86_64/dbus-python-0.23.4-5.2.20060mdk.x86_64.rpm
 9652189a6b3459458313544b7da84f02  2006.0/x86_64/dbus-x11-0.23.4-5.2.20060mdk.x86_64.rpm
 c2fcfd767785038f74d25e0532f77ef5  2006.0/x86_64/lib64dbus-1_0-0.23.4-5.2.20060mdk.x86_64.rpm
 38254d5bef798ae2e5aa13f942a7fd3c  2006.0/x86_64/lib64dbus-1_0-devel-0.23.4-5.2.20060mdk.x86_64.rpm
 f575dd010c4e3c2e64576f941d9f5723  2006.0/x86_64/lib64dbus-glib-1_0-0.23.4-5.2.20060mdk.x86_64.rpm
 d0c3cb484539042a6035eb548931bf7e  2006.0/x86_64/lib64dbus-qt-1_0-0.23.4-5.2.20060mdk.x86_64.rpm
 53250a34e675c61994ed0740e95a4171  2006.0/x86_64/lib64dbus-qt-1_0-devel-0.23.4-5.2.20060mdk.x86_64.rpm 
 3ae5fcaa025ca99a30876dd757f91c17  2006.0/SRPMS/dbus-0.23.4-5.2.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 068faa33b6cb80a6e9cb434ff45f9c3c  2007.0/i586/dbus-0.92-8.2mdv2007.0.i586.rpm
 5b7890f6585084f62c30a805ae413542  2007.0/i586/dbus-x11-0.92-8.2mdv2007.0.i586.rpm
 0b4b857d9b8214d4c8862d34c29f1bb6  2007.0/i586/libdbus-1_3-0.92-8.2mdv2007.0.i586.rpm
 6b24df1469fc9e02f8958fe070dea431  2007.0/i586/libdbus-1_3-devel-0.92-8.2mdv2007.0.i586.rpm 
 413a21795748c8897eb74dece25e8187  2007.0/SRPMS/dbus-0.92-8.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 2b13e29b75d3b353ac7f773d29d99e00  2007.0/x86_64/dbus-0.92-8.2mdv2007.0.x86_64.rpm
 2d755ac55933d96ae2098887120aa9b3  2007.0/x86_64/dbus-x11-0.92-8.2mdv2007.0.x86_64.rpm
 154086ed8af376e8ed6e5a794a4ff20f  2007.0/x86_64/lib64dbus-1_3-0.92-8.2mdv2007.0.x86_64.rpm
 3a1d2f9656d0f23469267c1105c9c52f  2007.0/x86_64/lib64dbus-1_3-devel-0.92-8.2mdv2007.0.x86_64.rpm 
 413a21795748c8897eb74dece25e8187  2007.0/SRPMS/dbus-0.92-8.2mdv2007.0.src.rpm

 Corporate 3.0:
 0da4e1ae5ccdfa2578a4648d097d7fe5  corporate/3.0/i586/dbus-0.20-7.2.C30mdk.i586.rpm
 d30d24f78af2516c80b83c38137e7ba7  corporate/3.0/i586/dbus-python-0.20-7.2.C30mdk.i586.rpm
 a75d84cd539b35ebcc3b71538e028884  corporate/3.0/i586/dbus-x11-0.20-7.2.C30mdk.i586.rpm
 8346ecc52caf074c8501ea7515991acc  corporate/3.0/i586/libdbus-1_0-0.20-7.2.C30mdk.i586.rpm
 52e7ebc3a55744296b8035ffa2f73098  corporate/3.0/i586/libdbus-1_0-devel-0.20-7.2.C30mdk.i586.rpm
 854973491bef16467a39563ee27b1e83  corporate/3.0/i586/libdbus-glib-1_0-0.20-7.2.C30mdk.i586.rpm
 9a95af41bd674b3421bbd8587515b9e1  corporate/3.0/i586/libdbus-qt-1_0-0.20-7.2.C30mdk.i586.rpm 
 2f2de379e492bb5e3a59706d9fa0ca01  corporate/3.0/SRPMS/dbus-0.20-7.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 9f17293ce755710c2a8f17a51a5cadae  corporate/3.0/x86_64/dbus-0.20-7.2.C30mdk.x86_64.rpm
 8ecb34ef80a01d62819ca0366b55da82  corporate/3.0/x86_64/dbus-python-0.20-7.2.C30mdk.x86_64.rpm
 8f3a5758db4b1bff842a54fa287f53c3  corporate/3.0/x86_64/dbus-x11-0.20-7.2.C30mdk.x86_64.rpm
 5b46732a66d140e679efa345c5931efc  corporate/3.0/x86_64/lib64dbus-1_0-0.20-7.2.C30mdk.x86_64.rpm
 5ae46e081ca781086cec632e52f456e0  corporate/3.0/x86_64/lib64dbus-1_0-devel-0.20-7.2.C30mdk.x86_64.rpm
 c90ba4ffadc8e9698e13f1f732848f1f  corporate/3.0/x86_64/lib64dbus-glib-1_0-0.20-7.2.C30mdk.x86_64.rpm
 fce35cfd33d35fa2adfd9430fce967ff  corporate/3.0/x86_64/lib64dbus-qt-1_0-0.20-7.2.C30mdk.x86_64.rpm 
 2f2de379e492bb5e3a59706d9fa0ca01  corporate/3.0/SRPMS/dbus-0.20-7.2.C30mdk.src.rpm

 Corporate 4.0:
 c17bf8152d2f720687102826d1c7d91a  corporate/4.0/i586/dbus-0.23.4-5.2.20060mlcs4.i586.rpm
 105cd3f06c1db4326b13e617b23dbd98  corporate/4.0/i586/dbus-python-0.23.4-5.2.20060mlcs4.i586.rpm
 6abe23d4761f2055dfeec827fb73e37b  corporate/4.0/i586/dbus-x11-0.23.4-5.2.20060mlcs4.i586.rpm
 3c32ecf3c016ddc1250b76053943b5cf  corporate/4.0/i586/libdbus-1_0-0.23.4-5.2.20060mlcs4.i586.rpm
 3b8b8acef4788298e39fb8850f9dae84  corporate/4.0/i586/libdbus-1_0-devel-0.23.4-5.2.20060mlcs4.i586.rpm
 1a9bb5ec1ea6c6cc1fd53e0089582e6b  corporate/4.0/i586/libdbus-glib-1_0-0.23.4-5.2.20060mlcs4.i586.rpm
 d0627fc8df86636f77d00f460be39159  corporate/4.0/i586/libdbus-qt-1_0-0.23.4-5.2.20060mlcs4.i586.rpm
 d7bff85929ee4ec46af4aa3a3d95d9e5  corporate/4.0/i586/libdbus-qt-1_0-devel-0.23.4-5.2.20060mlcs4.i586.rpm 
 d48bfee5da58ced50182d93e57f51040  corporate/4.0/SRPMS/dbus-0.23.4-5.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 394ac36df35781c105b2706b8db9906c  corporate/4.0/x86_64/dbus-0.23.4-5.2.20060mlcs4.x86_64.rpm
 fff86f6a37644bbec029dc91e9d12cfe  corporate/4.0/x86_64/dbus-python-0.23.4-5.2.20060mlcs4.x86_64.rpm
 e00c9c7f22f11e6b04608fb717f36f6d  corporate/4.0/x86_64/dbus-x11-0.23.4-5.2.20060mlcs4.x86_64.rpm
 df3c1c3cdd6f0b08888900e58699a04d  corporate/4.0/x86_64/lib64dbus-1_0-0.23.4-5.2.20060mlcs4.x86_64.rpm
 37b4efbc19b4272faa12cc184f8f1e3b  corporate/4.0/x86_64/lib64dbus-1_0-devel-0.23.4-5.2.20060mlcs4.x86_64.rpm
 7007d7ba7c172d4d64ae510abedc573b  corporate/4.0/x86_64/lib64dbus-glib-1_0-0.23.4-5.2.20060mlcs4.x86_64.rpm
 c0498bc99d42e57158d69262c760f42c  corporate/4.0/x86_64/lib64dbus-qt-1_0-0.23.4-5.2.20060mlcs4.x86_64.rpm
 a47ff9a620d21558b7c2a110834651d0  corporate/4.0/x86_64/lib64dbus-qt-1_0-devel-0.23.4-5.2.20060mlcs4.x86_64.rpm 
 d48bfee5da58ced50182d93e57f51040  corporate/4.0/SRPMS/dbus-0.23.4-5.2.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFhybDmqjQ0CJFipgRAmoxAJ9BagLKU7/gik+V+C31inRelU+oBQCfTwOt
SFCPPn6dsW8NRZiYXxmBrSY=
=Scv+
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ