This page tracks the changes needed to fix 503532: D-Bus deny-by-default.
"Release candidate" of dbus source and i386 binaries for testing
Bugs related to CVE-2008-4311
(some of these may be non-RC)
fd.o #18961
Bugs which are probably not RC, related to fd.o #18961:
Otherwise broken
libosso, osso-gwconnect (RM requested)
Related bugs (not yet filed in Debian)
NM-0.7: http://bugzilla.gnome.org/show_bug.cgi?id=565008
dbus-glib: http://bugs.freedesktop.org/show_bug.cgi?id=19441: Fix in dbus-glib 0.80-1 (from experimental)
Complete list of affected packages
Fixed packages
bluemon |
510628, fixed in 1.4-5, looks ok |
bluez-utils |
510644, fixed in 3.36-3, seems ok, bare send_interfaces though, limitation of bluez architecture |
consolekit |
510645, fixed in 0.2.10-4, looks ok |
hal |
510639, fixed in 0.5.11-7, mostly ok, cleanup default section |
odccm |
510788, fixed in 0.11.1-4, looks mostly ok, restrict to interfaces? |
policykit |
510646, fixed in 0.9-2, looks ok |
pommed |
510700, fixed in 1.25~dfsg-1, looks mostly ok, allows access to everyone? |
smart-notifier |
510709, fixed in 0.28-1.1, looks ok, strict |
sugar |
510657, fixed in 0.82.8-3, looks ok |
system-tools-backends |
510744, fixed in 2.6.0-2lenny1, looks ok, too strict? |
dnsmasq |
510649, fixed in 2.47-1 |
powersaved |
510633, fixed in 0.15.20-5 |
network-manager-kde |
510757, fixed in 1:0.7~~svn908338-2 |
network-manager-openvpn |
510730, fixed in 0.7.0-2 |
network-manager-pptp |
510732, fixed in 0.7.0-2 |
network-manager-vpnc |
510735, fixed in 0.7.0-2 |
network-manager-gnome |
510728, fixed in 0.7.0-2 |
avahi-daemon |
510653, fixed in 0.6.24-2 |
network-manager |
510729, fixed in 0.7.0.97-1 |
Packages with bug report not yet fixed
cups |
510634, no patch |
dhcdbd |
510791, no patch, bare send_interfaces, superfluous default section |
galago-daemon |
511146, request to remove system bus policy file |
pathfinderd |
510696, no patch, remove bare send_interfaces and default section |
system-config-printer |
510756, no patch, superfluous default section, remove send_interface |
wpasupplicant |
510652, patch, denials with NM 0.7 |
yum |
510659, no patch, remove bare send_interfaces, default section |
Packages without a bug report
gconf-defaults-service |
from experimental, bare send_interfaceS |
gnome-applets-data |
from experimental, bare send_interfaceS |
gnome-panel-data |
from experimental, bare send_interfaceS |
gpe-bluetooth |
no bug report filed |
kerneloops |
completely broken, file extension does not even end with .conf |
libgksu-polkit0 |
looks mostly ok |
libpam-dbus |
not sure, allow everyone to own the name |
mumble-server |
looks ok |
osso-gwconnect |
bare send_interfaceS, needs review |
setroubleshoot |
bare send_interfaceS, needs review |
wicd |
bare send_interfaceS, needs review, allows everyone to configure the network? |