#4328: dbus-1.12.10
--------------------+-----------------------
Reporter: bdubbs | Owner: lfs-book
Type: task | Status: new
Priority: normal | Milestone: 8.3
Component: Book | Version: SVN
Severity: normal | Resolution:
Keywords: |
--------------------+-----------------------
Comment (by bdubbs):
dbus 1.12.10 (2018-08-02)
Fixes:
• Prevent reading up to 3 bytes beyond the end of a truncated message.
This could in principle be an information leak or denial of service
on the system bus, but is not believed to be exploitable to crash
the system bus or leak interesting information in practice.
• Fix build with gcc 8 -Werror=cast-function-type
• Fix warning from gcc 8 about suspicious use of strncpy() when
populating struct sockaddr_un
• Fix a minor memory leak when a DBusServer listens on a new address
• Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer
runs out of memory
• Don't use misleading errno-derived error names if getaddrinfo() or
getnameinfo() fails with a code other than EAI_SYSTEM
• Skip tests that require working TCP if we are in a container environment
where 127.0.0.1 cannot be resolved
--
Ticket URL: <http://wiki.linuxfromscratch.org/lfs/ticket/4328#comment:1>
LFS Trac <http://wiki.linuxfromscratch.org/lfs/>
Linux From Scratch: Your Distro, Your Rules.
--
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
