Linux Security
    Linux Security
    Linux Security

    Debian: New dbus packages fix denial of service

    Posted By
    Colin Walters discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack.
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-1658-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.                          Thijs Kinkhorst
    October 22, 2008            
    - ------------------------------------------------------------------------
    Package        : dbus
    Vulnerability  : programming error
    Problem type   : local
    Debian-specific: no
    CVE Id(s)      : CVE-2008-3834
    Debian Bug     : 501443
    Colin Walters discovered that the dbus_signature_validate function in 
    dbus, a simple interprocess messaging system, is prone to a denial of 
    service attack.
    For the stable distribution (etch), this problem has been fixed in 
    version 1.0.2-1+etch2.
    For the testing distribution (lenny) and unstable distribution (sid) 
    this problem will be fixed soon.
    We recommend that you upgrade your dbus package.
    Upgrade instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 4.0 alias etch
    - -------------------------------
    Source archives:
        Size/MD5 checksum:      824 476bb3df500c50f67b4088317482e0ef
        Size/MD5 checksum:    19909 27df2fd0bc5cb93069d6c10d89e0214a
        Size/MD5 checksum:  1400278 0552a9b54beb4a044951b7cdbc8fc855
    Architecture independent packages:
        Size/MD5 checksum:  1623126 68e4e1787515928f95af670ec2677663
    alpha architecture (DEC Alpha)
        Size/MD5 checksum:   403640 fa77ef6e2fc986018a1b6074b3ae9343
        Size/MD5 checksum:   184728 631b1a1ed1215eb05a696b40a72db26c
        Size/MD5 checksum:   378152 662bea6b7c1db00fdf933b53a2334f7d
        Size/MD5 checksum:   289022 3ebba7555c92b42fdfe9331c35fbafc6
    amd64 architecture (AMD x86_64 (AMD64))
        Size/MD5 checksum:   279202 dfbd440a6a800eea8ba2e46b692dd636
        Size/MD5 checksum:   348548 ccc32fdddbaca40a7e62cffc250d493a
        Size/MD5 checksum:   363840 fd13ad30b922eff52503762ba60d08e0
        Size/MD5 checksum:   184096 cb1028347d48476de045ad633939119a
    arm architecture (ARM)
        Size/MD5 checksum:   331110 508d164df564a28f626b1941bf784bcd
        Size/MD5 checksum:   183846 34fc9addad9e6e1858107a9382fc89e4
        Size/MD5 checksum:   343302 dd43eeb35c44bb838d45d6324f9842fb
        Size/MD5 checksum:   265858 e2438b408ec289d96454d30c971a1eeb
    hppa architecture (HP PA RISC)
        Size/MD5 checksum:   184866 7b0aa00c72398485849a46c3a376b5a3
        Size/MD5 checksum:   375644 6146db75333cc23bcf98184886e2358f
        Size/MD5 checksum:   362346 5002551bf82c33092fdd3fee8356078d
        Size/MD5 checksum:   285994 55964151812beb09104dadc5fe883ded
    i386 architecture (Intel ia32)
        Size/MD5 checksum:   335874 116b0084af4713242092e2b07a64734f
        Size/MD5 checksum:   349844 cfa20eea1e6e8be195d520199e8415c6
        Size/MD5 checksum:   184284 98c8270b762a20bffc194124562c2a68
        Size/MD5 checksum:   269032 ebf1993ab8d40f4d10becd43324c3fb7
    ia64 architecture (Intel ia64)
        Size/MD5 checksum:   439328 0e4d4761c026e5d1a1d0fec1a2e2cc59
        Size/MD5 checksum:   186576 9a83ca03b18ba3bbaa0e976c73e5ee49
        Size/MD5 checksum:   411494 c4e44af1f20c10c57205270249f337a9
        Size/MD5 checksum:   322378 94081937e3524ee2faecb311d0b55772
    mips architecture (MIPS (Big Endian))
        Size/MD5 checksum:   370622 4bdcd5653af2b8d82005e4f517b9b4b4
        Size/MD5 checksum:   183866 413cae07b1a9058a0c6aebdd7f8ea027
        Size/MD5 checksum:   272250 6d0e938439d3eb8ca62606630b8c3703
        Size/MD5 checksum:   359500 7f221dd76f85d4ba43e2f9de932a0e2d
    mipsel architecture (MIPS (Little Endian))
        Size/MD5 checksum:   184158 fb889a6d77b704244d791a6eacc6bdd7
        Size/MD5 checksum:   369594 90c29c9d9647268f0b44b94a01de0f45
        Size/MD5 checksum:   358738 cd6052fccfc4fefdda2ca7bf42823922
        Size/MD5 checksum:   272356 c61c0d2c433d4300df31bc681d0d0edd
    powerpc architecture (PowerPC)
        Size/MD5 checksum:   271688 b4fa35b2b6d5d106043064b321c62ff7
        Size/MD5 checksum:   353198 192e72c7dabd1d8d7b64a755293969b9
        Size/MD5 checksum:   184192 0a4598f9d41f45a4f8d99982258bc352
        Size/MD5 checksum:   335480 4267b587cd7d75ea76dc36ec679bb2d6
    s390 architecture (IBM S/390)
        Size/MD5 checksum:   355016 839cfa24a74c834cba9161faaf7621e0
        Size/MD5 checksum:   285310 d7265f270c738d91c19bfaeeff8130a7
        Size/MD5 checksum:   184598 86f3ad1f997139c8f2c18105417f369b
        Size/MD5 checksum:   373294 8e8fbab4cf0f0214dbd64e6faaf1a87a
    sparc architecture (Sun SPARC/UltraSPARC)
        Size/MD5 checksum:   340024 74d40edc715045d8693421b4093168c8
        Size/MD5 checksum:   184162 32f294e0f8a06390053f8592cfce1f4d
        Size/MD5 checksum:   336182 65adba9662394147aad1d34bb5ac90a4
        Size/MD5 checksum:   265080 9d47f318df9648ad5988c36e30d63016
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"131","title":"Preventing information leakage","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.