A security issue fixed upstream in DBus has been announced today (June 11): https://www.openwall.com/lists/oss-security/2019/06/11/2 The issue is fixed in 1.13.12. Mageia 6 is also affected. It sounds like older versions of Ubuntu are more exposed to this vulnerability than other distros; I'm not sure exactly what our level of exposure is.
Whiteboard: (none) => MGA7TOO, MGA6TOO
Ubuntu and Debian have issued advisories for this on June 11 and June 13: https://usn.ubuntu.com/4015-1/ https://www.debian.org/security/2019/dsa-4462
RedHat has issued an advisory for this on November 5: https://access.redhat.com/errata/RHSA-2019:3707
Severity: normal => critical
openSUSE has issued advisories for this on June 24 and July 1: https://lists.opensuse.org/opensuse-updates/2019-06/msg00123.html https://lists.opensuse.org/opensuse-updates/2019-06/msg00196.html
SRPM: dbus-1.13.8-4.1.mga7.src.rpm i586: dbus-1.13.8-4.1.mga7.i586.rpm dbus-doc-1.13.8-4.1.mga7.noarch.rpm dbus-x11-1.13.8-4.1.mga7.i586.rpm libdbus1_3-1.13.8-4.1.mga7.i586.rpm libdbus-devel-1.13.8-4.1.mga7.i586.rpm x86_64: dbus-1.13.8-4.1.mga7.x86_64.rpm dbus-doc-1.13.8-4.1.mga7.noarch.rpm dbus-x11-1.13.8-4.1.mga7.x86_64.rpm lib64dbus1_3-1.13.8-4.1.mga7.x86_64.rpm lib64dbus-devel-1.13.8-4.1.mga7.x86_64.rpm
Whiteboard: MGA7TOO, MGA6TOO => (none)Version: Cauldron => 7Assignee: tmb => qa-bugs
Installed on a 32 bits system. Had to accept glibc-2.29-19 update to get it. All seems ok.
CC: (none) => lists.jjorge
Whiteboard: (none) => MGA7-32-OK
Installed on a 64-bit Plasma system. The glibc update had already been installed. After the reboot, all looks good. Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_updateWhiteboard: MGA7-32-OK => MGA7-32-OK, MGA7-64-OK
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0339.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED