add CVE referencedebian/1.2.24-4+squeeze1

author: Simon McVittie <smcv@debian.org> 2011-06-14 20:13:39 +0100
committer: Simon McVittie <smcv@debian.org> 2011-06-14 20:13:39 +0100
commit: b091c559d1b935bbe38f84c56f47463e0f8c99df (patch)
tree: 07472c3e29ea152a6eb82f7cf77a4324c079770b
parent: a0cd3f71e617ab49cf14c7379a289356a663cda2 (diff)
download: dbus-b091c559d1b935bbe38f84c56f47463e0f8c99df.tar.gz
2 files changed, 2 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog
index cae746d3..0fed2be5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,7 @@
 dbus (1.2.24-4+squeeze1) stable; urgency=low
 
   * Update Vcs-* control fields to reflect the move to git
-  * Apply patch to fix upstream bug fd.o #38120, which is a local DoS for
+  * Apply patch to fix CVE-2011-2200 (fd.o #38120), which is a local DoS for
     system services (Closes: #629938)
 
  -- Simon McVittie <smcv@debian.org>  Tue, 14 Jun 2011 19:45:00 +0100
diff --git a/debian/patches/13-629938-_dbus_header_byteswap.patch b/debian/patches/13-629938-_dbus_header_byteswap.patch
index 226eff9b..a59cba5c 100644
--- a/debian/patches/13-629938-_dbus_header_byteswap.patch
+++ b/debian/patches/13-629938-_dbus_header_byteswap.patch
@@ -9,6 +9,7 @@ http://lists.freedesktop.org/archives/dbus/2007-March/007357.html
 This prevents a local DoS, in which users can disconnect a system service
 from the system bus by sending a non-native-endian message to it.
 
+CVE: CVE-2011-2200
 Bug: https://bugs.freedesktop.org/show_bug.cgi?id=38120
 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629938
 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
author	Simon McVittie <smcv@debian.org>	2011-06-14 20:13:39 +0100
committer	Simon McVittie <smcv@debian.org>	2011-06-14 20:13:39 +0100
commit	b091c559d1b935bbe38f84c56f47463e0f8c99df (patch)
tree	07472c3e29ea152a6eb82f7cf77a4324c079770b
parent	a0cd3f71e617ab49cf14c7379a289356a663cda2 (diff)
download	dbus-b091c559d1b935bbe38f84c56f47463e0f8c99df.tar.gz