{"id":"MGASA-2014-0266","summary":"Updated dbus packages fix security vulnerability","details":"Updated dbus packages fix security vulnerability:\n\nA denial of service vulnerability in D-Bus before 1.6.20 allows a local\nattacker to cause a bus-activated service that is not currently running\nto attempt to start, and fail, denying other users access to this service\nAdditionally, in highly unusual environments the same flaw could lead to\na side channel between processes that should not be able to communicate\n(CVE-2014-3477).\n","modified":"2026-04-16T06:26:03.747222013Z","published":"2014-06-18T19:25:42Z","upstream":["CVE-2014-3477"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0266.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13513"},{"type":"WEB","url":"http://lists.freedesktop.org/archives/dbus/2014-June/016220.html"}],"affected":[{"package":{"name":"dbus","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/dbus?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.8-4.2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0266.json"}},{"package":{"name":"dbus","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/dbus?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.18-1.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0266.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}