ALAS-2012-128

It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, by setting specific environment variables before running a setuid or setgid application linked against the D-Bus library (libdbus). (CVE-2012-3524)

i686:
    dbus-libs-1.2.24-7.16.amzn1.i686
    dbus-debuginfo-1.2.24-7.16.amzn1.i686
    dbus-1.2.24-7.16.amzn1.i686
    dbus-devel-1.2.24-7.16.amzn1.i686

noarch:
    dbus-doc-1.2.24-7.16.amzn1.noarch

src:
    dbus-1.2.24-7.16.amzn1.src

x86_64:
    dbus-1.2.24-7.16.amzn1.x86_64
    dbus-devel-1.2.24-7.16.amzn1.x86_64
    dbus-libs-1.2.24-7.16.amzn1.x86_64
    dbus-debuginfo-1.2.24-7.16.amzn1.x86_64