Commit bdc38fe6 authored by Simon McVittie's avatar Simon McVittie

Fix CVE-2014-7824

  - Add patch from upstream to increase dbus-daemon's file descriptor
    limit to 65536, completing the incomplete fix for CVE-2014-3636
parent 9b9b8ddf
dbus (1.6.8-1+deb7u5) UNRELEASED; urgency=medium
* Start 'dbus-daemon --system' as root under sysvinit (it already
starts as root under systemd), so it can increase its file
descriptor limit
dbus (1.6.8-1+deb7u5) wheezy; urgency=medium
* Fix CVE-2014-7824:
- Start 'dbus-daemon --system' as root under sysvinit (it already
starts as root under systemd), so it can increase its file
descriptor limit
- Add patch from upstream to increase dbus-daemon's file descriptor
limit to 65536, completing the incomplete fix for CVE-2014-3636
-- Simon McVittie <smcv@debian.org> Thu, 06 Nov 2014 16:31:34 +0000
......
......@@ -13,3 +13,5 @@ If-loader-contains-two-messages-with-fds-don-t-corru.patch
0007-DBusConnection-implements-_dbus_connection_set_pendi.patch
0008-bus-enforce-pending_fd_timeout.patch
0010-_dbus_read_socket_with_unix_fds-do-not-accept-extra-.patch
0001-CVE-2014-7824-set-fd-rlimit-to-64k-for-the-system-db.patch
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment