MDVSA-2009:256-1 -- Mandriva dbusID: oval:org.secpod.oval:def:300733 | Date: (C)2012-01-07 (M)2023-11-13 |
Class: PATCH | Family: unix |
A vulnerability was discovered and corrected in dbus: The _dbus_validate_signature_with_reason function in D-Bus uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834 . This update provides a fix for this vulnerability. Update: Packages for 2008.0 are being provided due to extended support for Corporate products.
Platform: |
Mandriva Linux 2008.0 |