Update for GraphicsMagick, GraphicsMagick.1464, ... security moderate

update for dbus-1, dbus-1-x11
Fixed bugs
bnc#783657
After automatic upgrade of dbus VirtualBox 4.2 can no longer open files
bnc#381621
krunner crash
bnc#707817
kdesu will not start application
bnc#432901
VUL-0: dbus-1: denial of service
bnc#428963
dbus-1 session bus connection policy bug / was gnomesu
bnc#503074
rcdbus reload doesn't work
bnc#743149
dbus-1: setuid binaries need to be position independent
bnc#437293
obsolete -XXbit packages during system upgrade
bnc#443307
VUL-0: dbus incorrect use of [send|receive]_requested_reply policy rule
bnc#697105
VUL-0: libdbus using getenv() in suids
bnc#394383
dbus segfaults, leaving the system unusable
CVE-CVE-2008-4311
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibl
CVE-CVE-2010-4352
Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
CVE-CVE-2008-0595
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method
CVE-CVE-2006-6107
Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service (lost process messages).
CVE-CVE-2008-3834
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
Selected Binaries
openSUSE Build Service is sponsored by