Synopsis:	Moderate: dbus security update
Issue date:	2009-01-07
CVE Names:	CVE-2008-3834

A denial-of-service flaw was discovered in the system for sending messages
between applications. A local user could send a message with a malformed
signature to the bus causing the bus (and, consequently, any process using
libdbus to receive messages) to abort. (CVE-2008-3834)

SL 5.x

    SRPMS:
dbus-1.0.0-7.el5_2.1.src.rpm
    i386:
dbus-1.0.0-7.el5_2.1.i386.rpm
dbus-devel-1.0.0-7.el5_2.1.i386.rpm
dbus-x11-1.0.0-7.el5_2.1.i386.rpm
    x86_64:
dbus-1.0.0-7.el5_2.1.i386.rpm
dbus-1.0.0-7.el5_2.1.x86_64.rpm
dbus-devel-1.0.0-7.el5_2.1.i386.rpm
dbus-devel-1.0.0-7.el5_2.1.x86_64.rpm
dbus-x11-1.0.0-7.el5_2.1.x86_64.rpm

-Connie Sieh
-Troy Dawson