[Pkg-utopia-maintainers] dbus_1.12.16-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Jun 11 16:34:04 BST 2019
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 09 Jun 2019 21:34:34 +0100
Source: dbus
Architecture: source
Version: 1.12.16-1
Distribution: unstable
Urgency: medium
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Changes:
dbus (1.12.16-1) unstable; urgency=medium
.
* New upstream stable release
- CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1
authentication for identities that differ from the user running the
DBusServer. Previously, a local attacker could manipulate symbolic
links in their own home directory to bypass authentication and
connect to a DBusServer with elevated privileges. The standard
system and session dbus-daemons in their default configuration were
immune to this attack because they did not allow DBUS_COOKIE_SHA1,
but third-party users of DBusServer such as Upstart could be
vulnerable.
Checksums-Sha1:
b8c94436dacb58a3993f0bd97eca34535756b4cb 3752 dbus_1.12.16-1.dsc
06e3412a7d9c7e345bfcfb027016c634e20f7ece 2093296 dbus_1.12.16.orig.tar.gz
29f8332a0ad9fa7d4f2adaa99c1936e308e79933 833 dbus_1.12.16.orig.tar.gz.asc
0f8a973ade5d9de843e602b0cb69e36a29c5283d 64052 dbus_1.12.16-1.debian.tar.xz
bd6a6a2a87e921ee689c2211892476d0bef0e08f 7064 dbus_1.12.16-1_source.buildinfo
Checksums-Sha256:
86a42029448c3ef881d351db0d298b2d6ecd260110e06b815b520eed63749749 3752 dbus_1.12.16-1.dsc
54a22d2fa42f2eb2a871f32811c6005b531b9613b1b93a0d269b05e7549fec80 2093296 dbus_1.12.16.orig.tar.gz
5906e4cb235e8a3a88f5f0566b7775b065dc3e14683c2c379af86b4f428042f9 833 dbus_1.12.16.orig.tar.gz.asc
61376d1420c56f81538bc3d5dc3492d9ee08714f69d0cbed804d28fc14421e1f 64052 dbus_1.12.16-1.debian.tar.xz
9a4c2d1a803aabefed29a435e92a3c0d449ffb201474732440421161dfc59a7e 7064 dbus_1.12.16-1_source.buildinfo
Files:
70e259270a693ebf252b425327789532 3752 admin optional dbus_1.12.16-1.dsc
2dbeae80dfc9e3632320c6a53d5e8890 2093296 admin optional dbus_1.12.16.orig.tar.gz
127466044bdd38aee9a119b23fc3f0e3 833 admin optional dbus_1.12.16.orig.tar.gz.asc
fbac40d161673f617e36bcdef664966b 64052 admin optional dbus_1.12.16-1.debian.tar.xz
6260ac6d2fcf54ba3262b8920176b7cc 7064 admin optional dbus_1.12.16-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAlz/xF4ACgkQ4FrhR4+B
TE96IxAAiK4DxG9zOdq+5AhYDDXKquPWA6kEOKsEBK8Mx9KAkI8sFaoAfyqa7bS6
qVxrCGjFjq/f6VxSZ/sqe1Eeydit1pDiGVk/TRy21ooJk3wPSKclr1T77gUAFnUm
pUiLihRWh1Fj+Jk/bGKoW3wjf7CZBW5ZXwlUknFDhETQU6GBb74aQLSqnkMMXR8r
/iZY6gHclvYmbAoniYb5TWPRw9qDsrJd1qWfxATm5lfEgkBwQgjR6l4HqdHej95k
r7jme6WJxqg/hcajkSMh256RpB+VaJqFayeRNvsRmUdAA/6invpTzivvJYiT8xr5
gLs7hHWCzL5QlVXYN+TghvSHtZO1nL87H4oJssVHJkPM5gfFohOyB0X3sSZn7phi
O+WXrUJGkq/7FvKosCYvoSxXOwQrWqQHqe5TYsWJsdmFEmI6AWP1vzl0RrUOzjCl
VBlhrcWz1aVMTuTe66yOTCBqBpqR/wl2w9P6XUxnKl01UgfFLyn3vZZB2ytFT/fS
ebEoMdwsFawJBnVooOhRQkbW21+TTWOlGNUeHgNFfHe6kgucmdRJFB9nWo1fVtp5
JwS8VShJrsDpTNEqTCMjJS9egtL9tLhHi8pQvFoNhThyhDxyIhIh+vKmzI5NULDG
Y/q3NL26v33ryQo/L3qFqNUGdHlB6FdZNPzYKn4DBjM+6ABNaN0=
=pW4X
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-utopia-maintainers
mailing list