From ebc30d4a7b4bef87043a959b544668d949798e24 Mon Sep 17 00:00:00 2001
From: Aldas Nabazas <aldas@opensde.net>
Date: Mon, 3 Mar 2008 08:16:50 +0100
Subject: [PATCH] Updated dbus (1.0.2 -> 1.0.3) : SECURITY - HIGH

CVE-2008-0595 (High) :
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes
in allow directives in the security policy only for fully qualified method calls, which allows local
users to bypass intended access restrictions via a method call with a NULL interface.
---
 network/dbus/dbus.desc | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/network/dbus/dbus.desc b/network/dbus/dbus.desc
index 8a32c9924..e23dacd73 100644
--- a/network/dbus/dbus.desc
+++ b/network/dbus/dbus.desc
@@ -2,7 +2,7 @@
 [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 [COPY]
 [COPY] Filename: package/.../dbus/dbus.desc
-[COPY] Copyright (C) 2006 - 2007 The OpenSDE Project
+[COPY] Copyright (C) 2006 - 2008 The OpenSDE Project
 [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
 [COPY]
 [COPY] More information can be found in the files COPYING and README.
@@ -36,7 +36,7 @@
 
 [L] GPL
 [S] Beta
-[V] 1.0.2
+[V] 1.0.3
 [P] X -----5---9 112.350
 
-[D] 2540049283 dbus-1.0.2.tar.gz http://dbus.freedesktop.org/releases/dbus/
+[D] 446788995 dbus-1.0.3.tar.gz http://dbus.freedesktop.org/releases/dbus/