Pardus alert 2011-30 (dbus)

From:
    	     
 
Meltem  <meltem@pardus.org.tr> 
To:
    	     
 
pardus-security@pardus.org.tr 
Subject:
    	     
 
[Pardus-security]  [PLSA 2011-30] D-BUS: Stack overflow 
Date:
    	     
 
Sat, 12 Feb 2011 00:51:17 +0200
Message-ID:
    	     
 
<201102120051.17805.meltem@pardus.org.tr>
Archive-link:
    	     
 
Article, Thread
              
------------------------------------------------------------------------
Pardus Linux Security Advisory 2011-30            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2011-02-12
  Severity: 3
      Type: Local
------------------------------------------------------------------------

Summary
=======

A vulnerability have been fixed in d-bus, which allows local  users  to 
cause a denial of service. 


Description
===========

CVE-2010-4352: 

Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows 
local users to cause a denial of service (daemon crash) via  a  message 
containing many nested variants. 



Affected packages:

  Pardus 2009:
    dbus, all before 1.2.4.6-46-8


Resolution
==========

There are update(s) for dbus. You can update them via Package Manager or
with a single command from console: 

    pisi up dbus

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=15808
  * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-...

------------------------------------------------------------------------

_______________________________________________
Pardus-Security mailing list
Pardus-Security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security