UbuntuUpdates.org

Package "dbus"

Name: dbus

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • simple interprocess messaging system (test infrastructure)

Latest version: 1.12.20-2ubuntu4.1
Release: jammy (22.04)
Level: updates
Repository: universe

Links



Other versions of "dbus" in Jammy

Repository Area Version
base main 1.12.20-2ubuntu4
base universe 1.12.20-2ubuntu4
security main 1.12.20-2ubuntu4.1
security universe 1.12.20-2ubuntu4.1
updates main 1.12.20-2ubuntu4.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.12.20-2ubuntu4.1 2022-10-27 16:07:23 UTC

  dbus (1.12.20-2ubuntu4.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Assertion failure in dbus-marshal-validate
    - debian/patches/CVE-2022-42010.patch: Check brackets in signature nest
      correctly
    - CVE-2022-42010
  * SECURITY UPDATE: Out-of-bound access in dbus-marshal-validate
    - debian/patches/CVE-2022-42011.patch: Validate length of arrays of
      fixed-length items
    - CVE-2022-42011
  * SECURITY UPDATE: Out-of-bound access in dbus-marshal-byteswap
    - debian/patches/CVE-2022-42012.patch: Byte-swap Unix fd indexes if needed
    - CVE-2022-42012

 -- Nishit Majithia <email address hidden> Tue, 25 Oct 2022 18:45:07 +0530

CVE-2022-42010 An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-
CVE-2022-42011 An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-
CVE-2022-42012 An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-



About   -   Send Feedback to @ubuntu_updates