[ALSA-2023:0096] Moderate: dbus security update
Type:
security
Severity:
moderate
Release date:
2023-03-13
Description:
D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix(es): * dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets (CVE-2022-42010) * dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type (CVE-2022-42011) * dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly (CVE-2022-42012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 dbus-tools-1.12.8-23.el8_7.1.aarch64.rpm 573d07b059b21ea522bdcadf0920b7865a429c56fd721a29b2cf53cce3172911
aarch64 dbus-libs-1.12.8-23.el8_7.1.aarch64.rpm 77aaee87aa8af8e8c7e1456f5d019c5e8ff17451a95e0af40df63e9dcc19e455
aarch64 dbus-devel-1.12.8-23.el8_7.1.aarch64.rpm 7a200895c9844666e199f49525449944ec86ff6edf686b7e5ee56d56473db4a9
aarch64 dbus-x11-1.12.8-23.el8_7.1.aarch64.rpm b0268d88f98d148d478d443dfc8170b78a8cfc44561f1066faf1a9bb11101a95
aarch64 dbus-daemon-1.12.8-23.el8_7.1.aarch64.rpm d5ed46b4e0deaa9028158bdad75651214179f95b03fe7f2a0f20f1818c7fbccb
aarch64 dbus-1.12.8-23.el8_7.1.aarch64.rpm fb8de356c52f10f0aeb603f0a057b743862dad5212c7d751605852edcb25634e
i686 dbus-libs-1.12.8-23.el8_7.1.i686.rpm 0cf5ba9b593dae3f2d97979cca8f175a18fdc5a0600a45fad5abf5e3d2a81e42
i686 dbus-devel-1.12.8-23.el8_7.1.i686.rpm da6b1f8e8b8b7ed1016df65402d9a2dcc9899e0f02143cbba477b8f97c9691f9
noarch dbus-common-1.12.8-23.el8_7.1.noarch.rpm 47b4b5a28eacca1115828df5738cb78ecd058f56e5b4abb6adf2071fe3d5bfc2
ppc64le dbus-daemon-1.12.8-23.el8_7.1.ppc64le.rpm 29cf404354e3dff85784cbff431e6bf84dff37575479caccd6c41d3aff98862a
ppc64le dbus-x11-1.12.8-23.el8_7.1.ppc64le.rpm 5604486eba6c1c7b71f8a0a71904fee28619d799f35f43517674c9105e477a5f
ppc64le dbus-devel-1.12.8-23.el8_7.1.ppc64le.rpm a872b7b4836c5b4f033f825a68296906670274898e9c8774459edb61187c5f1d
ppc64le dbus-1.12.8-23.el8_7.1.ppc64le.rpm c0e4c9a44d1c33dc99865fe5711a8337ee12149ec82b088d721c01bc118ed2cd
ppc64le dbus-libs-1.12.8-23.el8_7.1.ppc64le.rpm e9077575dffadf1be9c5d10aa5a5a1b33156e6648d3c4424ee22ab612faff683
ppc64le dbus-tools-1.12.8-23.el8_7.1.ppc64le.rpm f3cf2d04403f21dd3297e550572b110e331e7411e636a73cc17ba3ac14c1310a
s390x dbus-daemon-1.12.8-23.el8_7.1.s390x.rpm 00818f2307bb25e932cee96308d84be0fb30445f2fbddc4abc9f487e0d89f2b2
s390x dbus-x11-1.12.8-23.el8_7.1.s390x.rpm 1745508e02d68e395a2857832f1106c1cc568445c96497d2d2a4b8ecb4fd7d80
s390x dbus-1.12.8-23.el8_7.1.s390x.rpm 1f7458b7926fd23f5d7b4ed91c42c585e46471b1cc5843ee1d440b04a934f575
s390x dbus-tools-1.12.8-23.el8_7.1.s390x.rpm 946c8fc4dc3fddfc3c90a12d6e827b67c41c23ce836dc9f11eaebcdb838cced1
s390x dbus-libs-1.12.8-23.el8_7.1.s390x.rpm bd0a790cfb3c59e31faf8afaa9a376834dd8b07a0a94e0931473f182990acd6b
s390x dbus-devel-1.12.8-23.el8_7.1.s390x.rpm c7284b56776d75b86eb97aa3a9cadff1f9a0434ed17b034a3f2a687e233f92f0
x86_64 dbus-tools-1.12.8-23.el8_7.1.x86_64.rpm 4631573af9d998026428f4638d5b0ef6d2fbfd36fad0c572ac5f73c575e705cb
x86_64 dbus-1.12.8-23.el8_7.1.x86_64.rpm 5e40d369a78d1d0339685a3cfa1f9adeec39c34b944d6d729ddcdf78d9e5e557
x86_64 dbus-daemon-1.12.8-23.el8_7.1.x86_64.rpm 71d99f819ad282f3965c1449fe6718a3c67569d200097896775cbd15074806e7
x86_64 dbus-libs-1.12.8-23.el8_7.1.x86_64.rpm a3c959b44474fcff6981b938d04534cc0114d7093212cad5a4bc63a0dcefce3f
x86_64 dbus-x11-1.12.8-23.el8_7.1.x86_64.rpm b11565d732331824e9fa84464a838051cb43ccbb7a0b750cf3bf2f0de441f476
x86_64 dbus-devel-1.12.8-23.el8_7.1.x86_64.rpm ffcccf5c65b01e651b7460d9ba71846b7d4d5c791a261936af7f01af5ac70c25
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.