[SECURITY] [DLA 2235-1] dbus security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : dbus
Version : 1.8.22-0+deb8u3
CVE ID : CVE-2020-12049
It was discovered that there was a file descriptor leak in the D-Bus
message bus.
An unprivileged local attacker could use this to attack the system
DBus daemon, leading to denial of service for all users of the
machine.
For Debian 8 "Jessie", this issue has been fixed in dbus version
1.8.22-0+deb8u3.
We recommend that you upgrade your dbus packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7aZbIACgkQHpU+J9Qx
HliT9hAAtzQWcjADdHxVrfa7SoFLS3KCxEj+ekLMMaTBVZFZYM1lV+ZnN+dLK/6s
Y0hZfrdoGyqxUL/qVGZA4qDqCmnE52CDmIgwNyK9EEc/d2QwvDMxawyE9aAK1EZC
P0xAkDKwJCH0KnCs6UHZoqbPSkRqV62nUJprxhQ/Us7xz8AySjgdrrXt8oD1xE+b
d+nbPMd5QkGn6QKKE9bObAZliEZ8oyRrL1aTsVZZft4sCGtxeINyL+zmV5U+iOYU
4Ff93IlJrG0hTfOXPKCsyTT+jCUeZ/1gVw25Bp8Ct9JZQJKWDAXSdkBkJoQGd0gE
oF5gXRpcHo00/u2CTAGvho9RvVzFOxD3TaQYOdLnnIRv3Hea8zB+FFZEfthTd6Px
fQF9vFjnKjWJ7UPcfek6PVje5o9qETRy2E4T7o9rRfa1JU4YIT2P8+xCWgDcFxWN
wzXcSApgSPrcDV/LNAWcc50qHrJePvnsJfM66Kab48+bQH7T+hSJfs/D3nAKIrG2
2EquJswME2rO0MLYlbjt0XNPD0/BovhqdRVV4Tpdm4KuBBVx0H6MZglIGni+ySJI
Ndz8D7nHSfE2tdgcF6F4avHMCKWSCtC9DTv2R3znbmmUEiXdkpLwKtRksT7dd65t
ujHr7Ykd5F2ity9reIl7lDvnEzljARbavcOQ4G6Q/gzoYldev6I=
=5ek1
-----END PGP SIGNATURE-----
Reply to: