FEDORA-2022-076544c8aa — security update for dbus

stable

dbus-1.14.4-1.fc36

FEDORA-2022-076544c8aa created by amigadave 5 months ago for Fedora 36

Update to 1.14.4

Fix CVE-2022-42010, CVE-2022-42011 and CVE-2022-42012

Reboot Required

After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2022-076544c8aa

This update has been submitted for testing by amigadave.

5 months ago

This update's test gating status has been changed to 'waiting'.

5 months ago

This update's test gating status has been changed to 'failed'.

5 months ago

This update's test gating status has been changed to 'passed'.

5 months ago

imabug provided feedback 5 months ago

karma

This update has been pushed to testing.

5 months ago

bojan commented & provided feedback 5 months ago

karma

Works.

This update can be pushed to stable now if the maintainer wishes

5 months ago

filiperosset commented & provided feedback 5 months ago

karma

no regressions noted

This update has been submitted for stable by bodhi.

5 months ago

This update has been pushed to stable.

5 months ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

passed

Builds

dbus-1.14.4-1.fc36

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Dates

submitted

5 months ago

in testing

5 months ago

in stable

5 months ago

BZ#2133621 CVE-2022-42010 dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets [fedora-36]

BZ#2133625 CVE-2022-42011 dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type [fedora-36]

BZ#2133629 CVE-2022-42012 dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly [fedora-36]

dbus-1.14.4-1.fc36

Automated Test Results

passed