Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2010:0018 - Security Advisory
Issued:
2010-01-07
Updated:
2010-01-07

RHSA-2010:0018 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: dbus security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated dbus packages that fix a security issue are now available for Red
Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

D-Bus is a system for sending messages between applications. It is used for
the system-wide message bus service and as a per-user-login-session
messaging facility.

It was discovered that the Red Hat Security Advisory RHSA-2009:0008 did
not correctly fix the denial of service flaw in the system for sending
messages between applications. A local user could use this flaw to send a
message with a malformed signature to the bus, causing the bus (and,
consequently, any process using libdbus to receive messages) to abort.
(CVE-2009-1189)

Note: Users running any application providing services over the system
message bus are advised to test this update carefully before deploying it
in production environments.

All users are advised to upgrade to these updated packages, which contain a
backported patch to correct this issue. For the update to take effect, all
running instances of dbus-daemon and all running applications using the
libdbus library must be restarted, or the system rebooted.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 496672 - CVE-2009-1189 dbus: invalid fix for CVE-2008-3834

CVEs

  • CVE-2009-1189

References

  • http://www.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
dbus-1.1.2-12.el5_4.1.src.rpm SHA-256: b773890477f54322bc74d902b700af8939b8136c3a096297384825c5eb35654a
x86_64
dbus-1.1.2-12.el5_4.1.i386.rpm SHA-256: e77bdcbda5d82d354cc8ef1ab34157c4ad9df0b03597eda7e4e26523f7e7dcaa
dbus-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: fa9274f45bee8686556bbb46d7528bb1d1dbfc74658a10d011a0619392206d73
dbus-devel-1.1.2-12.el5_4.1.i386.rpm SHA-256: f538976a60369a70486f78eb63e33d7d5a982d3afabcdda80d5ae95debd556d4
dbus-devel-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: 46d46521c27dc8f6e74dc64c81bb63b148f98d934c10f7baf3a831cf7eff5976
dbus-libs-1.1.2-12.el5_4.1.i386.rpm SHA-256: 72904d1e31eb548b9d5f08657b7ecf4e4f403dd387fb75b42419553265cb2255
dbus-libs-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: f3ce3cdc5009d9591cbb6a2723a852dcecfbd5cb39b9f8ca1704296224070bbf
dbus-x11-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: 8a2549a898f18e91233c5cf19c41d371dd81a93c9e09042e9d23906b780c07f2
ia64
dbus-1.1.2-12.el5_4.1.ia64.rpm SHA-256: f8dde37e28c9f19c13f1ab75c0f4dea7ec7ec8ee68aa20f5b0c1445a3b0a13c7
dbus-devel-1.1.2-12.el5_4.1.ia64.rpm SHA-256: 155832b819cf5ad9551405e61ed3695124d72b0784fab898d7a4873af00c29a1
dbus-libs-1.1.2-12.el5_4.1.ia64.rpm SHA-256: 79f1d2cb064e29f3db238ada2c449766b28c296823aaf1ada91db03c9930405d
dbus-x11-1.1.2-12.el5_4.1.ia64.rpm SHA-256: a419aa0e1a38f27e4ca40b86ff6003d0e1b9a7b01f237e4c1fda1f4270077b72
i386
dbus-1.1.2-12.el5_4.1.i386.rpm SHA-256: e77bdcbda5d82d354cc8ef1ab34157c4ad9df0b03597eda7e4e26523f7e7dcaa
dbus-devel-1.1.2-12.el5_4.1.i386.rpm SHA-256: f538976a60369a70486f78eb63e33d7d5a982d3afabcdda80d5ae95debd556d4
dbus-libs-1.1.2-12.el5_4.1.i386.rpm SHA-256: 72904d1e31eb548b9d5f08657b7ecf4e4f403dd387fb75b42419553265cb2255
dbus-x11-1.1.2-12.el5_4.1.i386.rpm SHA-256: d4ad8e7d3d3eae840522b1766af3a7da3d0e09a38b3a98eb07c17ee7332a584d

Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Workstation 5

SRPM
dbus-1.1.2-12.el5_4.1.src.rpm SHA-256: b773890477f54322bc74d902b700af8939b8136c3a096297384825c5eb35654a
x86_64
dbus-1.1.2-12.el5_4.1.i386.rpm SHA-256: e77bdcbda5d82d354cc8ef1ab34157c4ad9df0b03597eda7e4e26523f7e7dcaa
dbus-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: fa9274f45bee8686556bbb46d7528bb1d1dbfc74658a10d011a0619392206d73
dbus-devel-1.1.2-12.el5_4.1.i386.rpm SHA-256: f538976a60369a70486f78eb63e33d7d5a982d3afabcdda80d5ae95debd556d4
dbus-devel-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: 46d46521c27dc8f6e74dc64c81bb63b148f98d934c10f7baf3a831cf7eff5976
dbus-libs-1.1.2-12.el5_4.1.i386.rpm SHA-256: 72904d1e31eb548b9d5f08657b7ecf4e4f403dd387fb75b42419553265cb2255
dbus-libs-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: f3ce3cdc5009d9591cbb6a2723a852dcecfbd5cb39b9f8ca1704296224070bbf
dbus-x11-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: 8a2549a898f18e91233c5cf19c41d371dd81a93c9e09042e9d23906b780c07f2
i386
dbus-1.1.2-12.el5_4.1.i386.rpm SHA-256: e77bdcbda5d82d354cc8ef1ab34157c4ad9df0b03597eda7e4e26523f7e7dcaa
dbus-devel-1.1.2-12.el5_4.1.i386.rpm SHA-256: f538976a60369a70486f78eb63e33d7d5a982d3afabcdda80d5ae95debd556d4
dbus-libs-1.1.2-12.el5_4.1.i386.rpm SHA-256: 72904d1e31eb548b9d5f08657b7ecf4e4f403dd387fb75b42419553265cb2255
dbus-x11-1.1.2-12.el5_4.1.i386.rpm SHA-256: d4ad8e7d3d3eae840522b1766af3a7da3d0e09a38b3a98eb07c17ee7332a584d

Red Hat Enterprise Linux Desktop 5

SRPM
dbus-1.1.2-12.el5_4.1.src.rpm SHA-256: b773890477f54322bc74d902b700af8939b8136c3a096297384825c5eb35654a
x86_64
dbus-1.1.2-12.el5_4.1.i386.rpm SHA-256: e77bdcbda5d82d354cc8ef1ab34157c4ad9df0b03597eda7e4e26523f7e7dcaa
dbus-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: fa9274f45bee8686556bbb46d7528bb1d1dbfc74658a10d011a0619392206d73
dbus-libs-1.1.2-12.el5_4.1.i386.rpm SHA-256: 72904d1e31eb548b9d5f08657b7ecf4e4f403dd387fb75b42419553265cb2255
dbus-libs-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: f3ce3cdc5009d9591cbb6a2723a852dcecfbd5cb39b9f8ca1704296224070bbf
dbus-x11-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: 8a2549a898f18e91233c5cf19c41d371dd81a93c9e09042e9d23906b780c07f2
i386
dbus-1.1.2-12.el5_4.1.i386.rpm SHA-256: e77bdcbda5d82d354cc8ef1ab34157c4ad9df0b03597eda7e4e26523f7e7dcaa
dbus-libs-1.1.2-12.el5_4.1.i386.rpm SHA-256: 72904d1e31eb548b9d5f08657b7ecf4e4f403dd387fb75b42419553265cb2255
dbus-x11-1.1.2-12.el5_4.1.i386.rpm SHA-256: d4ad8e7d3d3eae840522b1766af3a7da3d0e09a38b3a98eb07c17ee7332a584d

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
dbus-1.1.2-12.el5_4.1.src.rpm SHA-256: b773890477f54322bc74d902b700af8939b8136c3a096297384825c5eb35654a
s390x
dbus-1.1.2-12.el5_4.1.s390.rpm SHA-256: a65552eca37e0c7ad81bb9f1fd369a3e363a2307563968d3651eaf6a755cac81
dbus-1.1.2-12.el5_4.1.s390x.rpm SHA-256: 142c020d9b652f77c3995b3e404d5d0d718f2552ba415c59bebe957c0f6a386a
dbus-devel-1.1.2-12.el5_4.1.s390.rpm SHA-256: 654336eae41ba8cb9cd5e81c938d12ad75602779448ea9bfa552c86ff1806c1e
dbus-devel-1.1.2-12.el5_4.1.s390x.rpm SHA-256: 85b5c9783db9a79e715d0dd124ec130a567c37d13e21a536d6ef52ce2aee7ce1
dbus-libs-1.1.2-12.el5_4.1.s390.rpm SHA-256: feb8d6b2b5854f6a09d574831314b944f4adf81e11d5e2bc46c75048f67aac7c
dbus-libs-1.1.2-12.el5_4.1.s390x.rpm SHA-256: e3ccdedcc8ab5bce4b95773a492d50eeeb2cdb2606637635f638d0bd5189626d
dbus-x11-1.1.2-12.el5_4.1.s390x.rpm SHA-256: f7776e91fbbe6481b2d0f44fd6f98b44f8db339c31d792c275dca7e2992e26f1

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4

SRPM
s390x

Red Hat Enterprise Linux for Power, big endian 5

SRPM
dbus-1.1.2-12.el5_4.1.src.rpm SHA-256: b773890477f54322bc74d902b700af8939b8136c3a096297384825c5eb35654a
ppc
dbus-1.1.2-12.el5_4.1.ppc.rpm SHA-256: 7f93e90d6d03ac01d6d571e1842d976dff98015c96b87d3aeeb2a160138cab18
dbus-1.1.2-12.el5_4.1.ppc64.rpm SHA-256: f7f3d8ffd7740a8b668bcec51faa7255cbc8b9b2cb7d790b1debcc0c08388e6e
dbus-devel-1.1.2-12.el5_4.1.ppc.rpm SHA-256: 69af324e0dbc42c0dbeda99c45b955eedc5adfd7cbc4fd2dcbc8276f1986ea03
dbus-devel-1.1.2-12.el5_4.1.ppc64.rpm SHA-256: a924dee09e73aed13bf55a7d18ec2f4993273e2716f2454c73c8e26ef60ae315
dbus-libs-1.1.2-12.el5_4.1.ppc.rpm SHA-256: 85e84bfd4933f7173696280c5098e037cd1169192f39714062de75a18278ba25
dbus-libs-1.1.2-12.el5_4.1.ppc64.rpm SHA-256: 79299628385cee9c647391e2cd0a4d681d9ab4e94eea2239ba7e879f18dae736
dbus-x11-1.1.2-12.el5_4.1.ppc.rpm SHA-256: 3d765e21da0166863bcf94066065e70c3a0275b675dd3030a4ab35fdf301ea40

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4

SRPM
ppc

Red Hat Enterprise Linux Server from RHUI 5

SRPM
dbus-1.1.2-12.el5_4.1.src.rpm SHA-256: b773890477f54322bc74d902b700af8939b8136c3a096297384825c5eb35654a
x86_64
dbus-1.1.2-12.el5_4.1.i386.rpm SHA-256: e77bdcbda5d82d354cc8ef1ab34157c4ad9df0b03597eda7e4e26523f7e7dcaa
dbus-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: fa9274f45bee8686556bbb46d7528bb1d1dbfc74658a10d011a0619392206d73
dbus-devel-1.1.2-12.el5_4.1.i386.rpm SHA-256: f538976a60369a70486f78eb63e33d7d5a982d3afabcdda80d5ae95debd556d4
dbus-devel-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: 46d46521c27dc8f6e74dc64c81bb63b148f98d934c10f7baf3a831cf7eff5976
dbus-libs-1.1.2-12.el5_4.1.i386.rpm SHA-256: 72904d1e31eb548b9d5f08657b7ecf4e4f403dd387fb75b42419553265cb2255
dbus-libs-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: f3ce3cdc5009d9591cbb6a2723a852dcecfbd5cb39b9f8ca1704296224070bbf
dbus-x11-1.1.2-12.el5_4.1.x86_64.rpm SHA-256: 8a2549a898f18e91233c5cf19c41d371dd81a93c9e09042e9d23906b780c07f2
i386
dbus-1.1.2-12.el5_4.1.i386.rpm SHA-256: e77bdcbda5d82d354cc8ef1ab34157c4ad9df0b03597eda7e4e26523f7e7dcaa
dbus-devel-1.1.2-12.el5_4.1.i386.rpm SHA-256: f538976a60369a70486f78eb63e33d7d5a982d3afabcdda80d5ae95debd556d4
dbus-libs-1.1.2-12.el5_4.1.i386.rpm SHA-256: 72904d1e31eb548b9d5f08657b7ecf4e4f403dd387fb75b42419553265cb2255
dbus-x11-1.1.2-12.el5_4.1.i386.rpm SHA-256: d4ad8e7d3d3eae840522b1766af3a7da3d0e09a38b3a98eb07c17ee7332a584d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter