it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5250-1] dbus security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5250-1] dbus security update
Date: Thu, 6 Oct 2022 18:51:40 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
List-archive: https://lists.debian.org/msgid-search/Yz8jvCNp0GqcBGqm AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=6W9oT2TvJB6vHrli9yVLAPmVwjB+kTwqFafoCSjVACw=; b=am GsxWnnOLpkCW+xiHPC/sAX6KZkHEf1WBnjlr/C6Adn0FZJ2umAs30vDCQ7MPayWhKjY9iuI3+BRRq bR1U0IoIO25UYsHfwxNzL536Qmd644aAUUBw4ebZUkBVDlM6P/XBvE4DnqOrLNG8jnxPChi2S4mTJ meepUAquw4Ap1PdiH8O6GmSa4YNCJrUcnrKc1YWTEEjk3BI1Y4+LVVGvD7BqE5zTFKKL6XVR6md/n 4x53NohgpdU6JY4Cqp0rShFFzZhQwJ1xWeqeTU3HfL9I+RPH006WVCcf4T4joGI6IDM7mkhMah6Hx bvX5pNT8fX/Il7BJT34FkliC966tesrw==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Thu, 6 Oct 2022 18:52:06 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <jXJYi1SoEgC.A.3sB.WPyPjB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5250-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 06, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : dbus
CVE ID : CVE-2022-42010 CVE-2022-42011 CVE-2022-42012
Debian Bug : 1004543 1005889

Evgeny Vereshchagin discovered multiple vulnerabilities in D-Bus, a
simple interprocess messaging system, which may result in denial of
service by an authenticated user.

For the stable distribution (bullseye), these problems have been fixed in
version 1.12.24-0+deb11u1.

We recommend that you upgrade your dbus packages.

For the detailed security status of dbus please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/dbus

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmM/IxwACgkQEMKTtsN8
TjZbKw/+M1xqmX1FYtgsnbD45nlHY2fHNcQ8RsaCVO27OslpBiHtDDSFqZHmmXqV
lg+OimobLRbEQqBMweteNnrrMBetFNFB0C+RUhMrK2b91MdxyvYJes4Xca0Y/5Zb
vIusD/e7md9ZVrsMbl1hVcuWAWkI3Elw22Tt0TUKxwQiKt9Bux8zbtHg6ADxHjVt
E+Bml9ygDYp4FQ05AMiBQN3PwmGw9QF8N7FUpdOM9KUKVdtXTVjYt+JcBY13p4Zj
8SwzOGndXlfevPo1q3loozlX0Pkg9eDPe2oZDQhmv2cFGxqduRWkdN0EE45pvxuf
b1Vr9NFeJ8eoAHw4n8w+xGBGxpVFkS108bzkq0jJdpgqN6xAblqpc2rhtruJ7b/t
SvMLrwc+c4RpBMHpN0S5y7QrezrQBkF+n73DaO5k7FFIyiH5fNT0AVOb8byGD+eC
XUfgDmKLYXt8iorqGgOYFGn7/5iiXglGghIqXS++h0hdO7K1GRB3ZxtAAm6+VdmG
wyTkNPcHv5LOAykLgxBSAkJ8/zm4b2bvkBpd+6myem7xEmv3dNoHofVMYEI1Lq1X
Bca5fejg5Vyd2ahA8osEi218RGTvF60mgIuDqHbF7vfwycRSzmQx16/5daBS1Pzt
uCn/B2AVvgUNSfH009T8+SY2MSunljFv03/vOYUyp3wJoHFYnnM=
=nxx8
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5250-1] dbus security update, Moritz Muehlenhoff, 06.10.2022

Archiv bereitgestellt durch MHonArc 2.6.24.