add CVE reference

author Simon McVittie <smcv@debian.org>

Tue, 14 Jun 2011 19:13:39 +0000 (20:13 +0100)

committer Simon McVittie <smcv@debian.org>

Tue, 14 Jun 2011 19:13:39 +0000 (20:13 +0100)
author Simon McVittie <smcv@debian.org>
Tue, 14 Jun 2011 19:13:39 +0000 (20:13 +0100)
committer Simon McVittie <smcv@debian.org>
Tue, 14 Jun 2011 19:13:39 +0000 (20:13 +0100)
diff --git a/debian/changelog b/debian/changelog

index cae746d..0fed2be 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,7 @@
  dbus (1.2.24-4+squeeze1) stable; urgency=low
  
    * Update Vcs-* control fields to reflect the move to git
-  * Apply patch to fix upstream bug fd.o #38120, which is a local DoS for
+  * Apply patch to fix CVE-2011-2200 (fd.o #38120), which is a local DoS for
      system services (Closes: #629938)
  
   -- Simon McVittie <smcv@debian.org>  Tue, 14 Jun 2011 19:45:00 +0100
diff --git a/debian/patches/13-629938-_dbus_header_byteswap.patch b/debian/patches/13-629938-_dbus_header_byteswap.patch

index 226eff9..a59cba5 100644 (file)
--- a/debian/patches/13-629938-_dbus_header_byteswap.patch
+++ b/debian/patches/13-629938-_dbus_header_byteswap.patch
@@ -9,6 +9,7 @@ http://lists.freedesktop.org/archives/dbus/2007-March/007357.html
  This prevents a local DoS, in which users can disconnect a system service
  from the system bus by sending a non-native-endian message to it.
  
+CVE: CVE-2011-2200
  Bug: https://bugs.freedesktop.org/show_bug.cgi?id=38120
  Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629938
  Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
author	Simon McVittie <smcv@debian.org>
	Tue, 14 Jun 2011 19:13:39 +0000 (20:13 +0100)
committer	Simon McVittie <smcv@debian.org>
	Tue, 14 Jun 2011 19:13:39 +0000 (20:13 +0100)
debian/changelog		patch \| blob \| history
debian/patches/13-629938-_dbus_header_byteswap.patch		patch \| blob \| history