From 8ca2f9ee4f77953d340bf460e23918f2a3b96785 Mon Sep 17 00:00:00 2001 From: Chris Lamb Date: Fri, 5 Jun 2020 16:32:27 +0100 Subject: Add DLA-2235-1. --- english/lts/security/2020/dla-2235.data | 9 +++++++++ english/lts/security/2020/dla-2235.wml | 30 ++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 english/lts/security/2020/dla-2235.data create mode 100644 english/lts/security/2020/dla-2235.wml diff --git a/english/lts/security/2020/dla-2235.data b/english/lts/security/2020/dla-2235.data new file mode 100644 index 00000000000..176b4b85092 --- /dev/null +++ b/english/lts/security/2020/dla-2235.data @@ -0,0 +1,9 @@ +DLA-2235-1 dbus +2020-06-05 +CVE-2020-12049 +dbus +yes +yes +no + +#use wml::debian::security diff --git a/english/lts/security/2020/dla-2235.wml b/english/lts/security/2020/dla-2235.wml new file mode 100644 index 00000000000..3357c672a8a --- /dev/null +++ b/english/lts/security/2020/dla-2235.wml @@ -0,0 +1,30 @@ +LTS security update + + +

It was discovered that there was a file descriptor leak in the D-Bus message +bus.

+ +

An unprivileged local attacker could use this to attack the system DBus +daemon, leading to denial of service for all users of the machine.

+ + + +

For Debian 8 Jessie, these problems have been fixed in version +1.8.22-0+deb8u3.

+ +

We recommend that you upgrade your dbus packages.

+ +

Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: https://wiki.debian.org/LTS

+
+ +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2235.data" +# $Id: $ -- cgit v1.2.3