SciLinux: CVE-2010-1172 Moderate: dbus-glib SL5.x i386/x86_64
Summary
internally but specified as read-only externally, a malicious, localuser could use this flaw to modify that property of an application. Sucha change could impact the application's behavior (for example, if an IPaddress were changed the network may not come up properly after reboot)and possibly lead to a denial of service. (CVE-2010-1172)Due to the way dbus-glib translates an application's XML definitions ofservice interfaces and properties into C code at application build time,applications built against dbus-glib that use read-only propertiesneeded to be rebuilt to fully fix the flaw. As such, this updateprovides NetworkManager packages that have been rebuilt against theupdated dbus-glib packages. No other applications shipped withScientific Linux 5 were affected.Running instances of NetworkManager must be restarted (serviceNetworkManager restart) for this update to take effect.SL 5.xSRPMS:NetworkManager-0.7.0-10.el5_5.1.src.rpmdbus-glib-0.73-10.el5_5.src.rpmi386:dbus-glib-0.73-10.el5_5.i386.rpmdbus-glib-devel-0.73-10.el5_5.i386.rpmNetworkManager-0.7.0-10.el5_5.1.i386.rpmNetworkManager-devel-0.7.0-10.el5_5.1.i386.rpmNetworkManager-glib-0.7.0-10.el5_5.1.i386.rpmNetworkManager-glib-devel-0.7.0-10.el5_5.1.i386.rpmNetworkManager-gnome-0.7.0-10.el5_5.1.i386.rpmx86_64:dbus-glib-0.73-10.el5_5.i386.rpmdbus-glib-0.73-10.el5_5.x86_64.rpmdbus-glib-devel-0.73-10.el5_5.i386.rpmdbus-glib-devel-0.73-10.el5_5.x86_64.rpmNetworkManager-0.7.0-10.el5_5.1.i386.rpmNetworkManager-0.7.0-10.el5_5.1.x86_64.rpmNetworkManager-devel-0.7.0-10.el5_5.1.i386.rpmNetworkManager-devel-0.7.0-10.el5_5.1.x86_64.rpmNetworkManager-glib-0.7.0-10.el5_5.1.i386.rpmNetworkManager-glib-0.7.0-10.el5_5.1.x86_64.rpmNetworkManager-glib-devel-0.7.0-10.el5_5.1.i386.rpmNetworkManager-glib-devel-0.7.0-10.el5_5.1.x86_64.rpmNetworkManager-gnome-0.7.0-10.el5_5.1.x86_64.rpm-Connie Sieh-Troy Dawson