Comment 7 for bug 306705

Thanks for the patch, Martin.

I agree with you that, if we were to upload this fix to Intrepid, -security would be the best place where this should happen.

Today I've read Scott's email in ubuntu-devel which says:

"We've audited the system bus services shipped in Ubuntu, and are
confident that there is no security exploit.  Those services exporting
privileged methods either have sufficient "deny" rules, or use PolicyKit
for authorisation.

For this reason, and due to the large potential for regressions, we've
opted not to release a security update for previous Ubuntu versions.  We
may still do so if we discover a potential for exploit."

In other words, if they decide to update Dbus in Intrepid we'll have to upload this fix .