File _patchinfo of Package patchinfo.3239

<patchinfo incident="3239">
  <category>recommended</category>
  <rating>moderate</rating>
  <packager>fstrba</packager>
  <summary>recommended update for dbus-1</summary>
  <description>This recommended update for dbus-1 fixes the following issues:
- Update to 1.6.28:
  + Regression fix backported from 1.8.12:
    * Partially revert the CVE-2014-3639 patch by increasing the default authentication timeout on the system bus from 5 seconds back to 30 seconds, since this has been reported to cause boot regressions for some users, mostly with parallel boot (systemd) on slower hardware. On fast systems where local users are considered particularly hostile, administrators can return to the 5 second timeout (or any other value in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
      &lt;busconfig&gt;
        &lt;limit name="auth_timeout"&gt;5000&lt;/limit&gt;
      &lt;/busconfig&gt; (fdo#86431)
    * Add a message in syslog/the Journal when the auth_timeout is exceeded (fdo#86431)</description>
  <issue tracker="fdo" id="86431"/>
  <issue tracker="cve" id="CVE-2014-3639"/>
</patchinfo>
openSUSE Build Service is sponsored by