Bug 489953 - bluez: dbus policy broken for CVE-2008-4311 [rhel-5.3.z]
bluez: dbus policy broken for CVE-2008-4311 [rhel-5.3.z]
Status: CLOSED DEFERRED
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: bluez-utils (Show other bugs)
5.3
All Linux
low Severity medium
: rc
: ---
Assigned To: Jiri Moskovcak
desktop-bugs@redhat.com
:
Depends On:
Blocks: CVE-2008-4311
  Show dependency treegraph
 
Reported: 2009-03-12 12:54 EDT by Colin Walters
Modified: 2015-02-01 17:48 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 489955 (view as bug list)
Environment:
Last Closed: 2010-10-29 06:05:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Comment 2 Tomas Hoger 2009-03-13 06:23:13 EDT
DBus security policy used by bluez-utils need to be updated to work correctly with fixed system message bus security policy (the one that really denies by default, CVE-2008-4311).
Comment 3 Josh Bressers 2009-09-22 15:11:29 EDT
As CVE-2008-4311 has been deferred, this bug obviously follows suit. If CVE-2008-4311 is fixed in a future update, this bug will be addressed there.
Comment 4 Jiri Moskovcak 2010-10-29 06:05:56 EDT
The dbus change never happened, so closing this as DEFEREED.

Note You need to log in before you can comment on or make changes to this bug.