-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 18 Jun 2009 06:12:34 +0200
Source: dbus
Binary: dbus dbus-x11 libdbus-1-3 dbus-1-doc libdbus-1-dev
Architecture: amd64
Version: 1.2.1-5+lenny1
Distribution: stable-security
Urgency: high
Maintainer: Debian amd64 Build Daemon <buildd_i386-excelsior@buildd.debian.org>
Changed-By: Michael Biebl <biebl@debian.org>
Description: 
 dbus       - simple interprocess messaging system
 dbus-1-doc - simple interprocess messaging system (documentation)
 dbus-x11   - simple interprocess messaging system (X11 deps)
 libdbus-1-3 - simple interprocess messaging system
 libdbus-1-dev - simple interprocess messaging system (development headers)
Closes: 532720
Changes: 
 dbus (1.2.1-5+lenny1) stable-security; urgency=high
 .
   * debian/patches/52-CVE-2009-1189.patch
     - Security: The _dbus_validate_signature_with_reason function
       (dbus-marshal-validate.c) uses incorrect logic to validate a basic type,
       which allows remote attackers to spoof a signature via a crafted key.
       NOTE: this is due to an incorrect fix for CVE-2008-3834
       Closes: #532720
       Fixes: CVE-2009-1189
   * Urgency high for the security fix.
Checksums-Sha1: 
 fa9930664be17d90eef14d818830456869eac00a 249006 dbus_1.2.1-5+lenny1_amd64.deb
 1b0517592b7587659032a8b754a8deea51f0c5f5 64710 dbus-x11_1.2.1-5+lenny1_amd64.deb
 a9c507aef73771f7fafa38281331da022d0557a4 162880 libdbus-1-3_1.2.1-5+lenny1_amd64.deb
 ae76d9cd2e1838f28b71fc301499202a9fe3c43b 259300 libdbus-1-dev_1.2.1-5+lenny1_amd64.deb
Checksums-Sha256: 
 369f24eb5d969e91728d0773863796021996c4e0a404b6cd358b26de84d359cb 249006 dbus_1.2.1-5+lenny1_amd64.deb
 175d715ea906ea3f4fc3fcae626639684b4a761f1f492b6d0faf86d3956e5e21 64710 dbus-x11_1.2.1-5+lenny1_amd64.deb
 0b2d261ea76feca765e7c296d913d758e8e2f4dcac45df5ec0f9bd3bd133b2d4 162880 libdbus-1-3_1.2.1-5+lenny1_amd64.deb
 a46b1d30e232291a79887beaf148ca5da87a17b06a1008b84362cb7522059546 259300 libdbus-1-dev_1.2.1-5+lenny1_amd64.deb
Files: 
 966d8f20171594a83abd09251c277dd1 249006 devel optional dbus_1.2.1-5+lenny1_amd64.deb
 62a4fbb57742faed71a853cd7c6d5443 64710 x11 optional dbus-x11_1.2.1-5+lenny1_amd64.deb
 12a802692ae3d1774a5cb2a55fee7abe 162880 libs optional libdbus-1-3_1.2.1-5+lenny1_amd64.deb
 9086503f08d3a4970c966cb1461b8309 259300 libdevel optional libdbus-1-dev_1.2.1-5+lenny1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJKRgxfAAoJECIIoQCMVaAc6J8IAJgI24OsY0hu3iEgoEg76Bn5
MB8jZLUkh2iO7JII2kYR3SqpmKvoDptH23Py6wWDMRMcUyHlvTHehU4+00L4pYSH
T/xXkjUveGvCL5Y/nszq32ty08zrBVD8GSAjZjQADac4f0ztcPBfZ9OVwGNyqDGq
KfkRau6FJUnM4E0cgKTH/oXBR8IH8XO2R29qN7njSQY/1c5yVAYn8fTP6Xtr7JKg
cESMezq/XtTiu0H/G/mKem1kSvsrUu5HjNMejZCYSct7Ivmv8PqTghNQ8xvcjPK0
qU3zH/YLZLMbNpw4CJMarA3mr1r5AgKGwHtf2bNwBd04T7Z6zKcUPhmwGHUx6wc=
=uc5p
-----END PGP SIGNATURE-----