Fedora has issued an advisory on July 31, 2011: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063294.html Patched package uploaded for Mageia 1. Advisory: ======================== Updated dbus packages fix security vulnerability: A denial of service flaw was found in the way the D-Bus library handled endianness conversion when receiving messages. A local user could use this flaw to send a specially-crafted message to dbus-daemon or to a service using the bus, such as Avahi or NetworkManager, possibly causing the daemon to exit or the service to disconnect from the bus (CVE-2011-2200). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2200 https://rhn.redhat.com/errata/RHSA-2011-1132.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063294.html ======================== Updated packages in core/updates_testing: ======================== dbus-1.4.1-3.1.mga1 libdbus-1_3-1.4.1-3.1.mga1 libdbus-1-devel-1.4.1-3.1.mga1 dbus-x11-1.4.1-3.1.mga1 dbus-doc-1.4.1-3.1.mga1 from dbus-1.4.1-3.1.mga1.src.rpm
I can verify this fixes the issue, via the reproducer posted at the RedHat bug: https://bugzilla.redhat.com/show_bug.cgi?id=712676#c6 Instructions on using it are in the subsequent comments. To get marshal.c to compile, you will need to remove line 27: #include "config.h" You will also need libglib2.0-devel and libdbus-1-devel installed.
Whiteboard: (none) => has_procedure
Testing through David's reproducer procedure OK. For regression testing I guess rebooting and seeing no regression in normal use is OK, since dbus is a core component to many things. [samuel@localhost QA]$ ./marshal /demarshal/le: OK /demarshal/be: ** ERROR:marshal.c:194:test_endian: assertion failed (get_uint32 (output, OFFSET_BODY_LENGTH, output[0]) == 8): (134217728 == 8) Abandon [samuel@localhost QA]$ ./marshal /demarshal/le: OK /demarshal/be: OK /demarshal/needed/le: OK /demarshal/needed/be: OK
CC: (none) => stormiWhiteboard: has_procedure => has_procedure MGA1-32-OK
Testing complete on x86-64. I'd like to hold off a few days before validating the update, to allow for more regression testing though.
CC: (none) => davidwhodginsWhiteboard: has_procedure MGA1-32-OK => has_procedure MGA1-32-OK MGA1-64-OK
Validating the update. Could someone from the sysadmin team push the srpm dbus-1.4.1-3.1.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates. Advisory: Updated dbus packages fix security vulnerability: A denial of service flaw was found in the way the D-Bus library handled endianness conversion when receiving messages. A local user could use this flaw to send a specially-crafted message to dbus-daemon or to a service using the bus, such as Avahi or NetworkManager, possibly causing the daemon to exit or the service to disconnect from the bus (CVE-2011-2200). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2200 https://rhn.redhat.com/errata/RHSA-2011-1132.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063294.html https://bugs.mageia.org/show_bug.cgi?id=7059
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0233
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED