Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="4677">
  <packager>fstrba</packager>
  <issue tracker="cve" id="2015-0245"></issue>
  <issue tracker="bnc" id="1003898">VUL-0: dbus-1: format string vulnerability in dbus_activation_systemd_failure</issue>
  <issue tracker="bnc" id="978477">L3: systemd-logind restarting  under heavy load</issue>
  <issue tracker="bnc" id="980928">backport upstream freedesktop.org bug 95264</issue>
  <issue tracker="fdo" id="87999"></issue>
  <issue tracker="fdo" id="89297"></issue>
  <issue tracker="fdo" id="90004"></issue>
  <issue tracker="fdo" id="90021"></issue>
  <issue tracker="fdo" id="90312"></issue>
  <issue tracker="fdo" id="90952"></issue>
  <issue tracker="fdo" id="91008"></issue>
  <issue tracker="fdo" id="98157"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for dbus-1</summary>
  <description>This update for dbus-1 to version 1.8.22 fixes several issues.

This security issue was fixed:
   - boo#1003898: Do not treat ActivationFailure message received from
     root-owned systemd name as a format string.

   These non-security issues were fixed:
   - boo#978477: Correctly reset timeouts for pending file descriptors
   - boo#980928: increase listen() backlog of AF_UNIX sockets to SOMAXCONN
   - Change the default configuration for the session bus to only allow
     EXTERNAL authentication (secure kernel-mediated credentials-passing), as
     was already done for the system bus.
   - Fix a memory leak when GetConnectionCredentials() succeeds (fdo#91008)
   - Ensure that dbus-monitor does not reply to messages intended for others
     (fdo#90952)
   - Add locking to DBusCounter's reference count and notify function
     (fdo#89297)
   - Ensure that DBusTransport's reference count is protected by the
     corresponding DBusConnection's lock (fdo#90312)
   - Correctly release DBusServer mutex before early-return if we run out of
     memory while copying authentication mechanisms (fdo#90021)
   - Correctly initialize all fields of DBusTypeReader (fdo#90021)
   - Fix some missing \n in verbose (debug log) messages (fdo#90004)
   - Clean up some memory leaks in test code (fdo#90021)</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places