diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 74 |
1 files changed, 74 insertions, 0 deletions
@@ -1,3 +1,77 @@ +D-Bus 1.9.2 (2014-11-10) +== + +The “structurally unsound flapjack” release. + +Security fixes: + +• Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536 + so that CVE-2014-3636 part A cannot exhaust the system bus' + file descriptors, completing the incomplete fix in 1.8.8. + (CVE-2014-7824, fd.o #85105; Simon McVittie, Alban Crequy) + +Enhancements: + +• D-Bus Specification version 0.25 + · new value 'const' for EmitsChangedSignal annotation + (fd.o #72958, Lennart Poettering) + · new ALLOW_INTERACTIVE_AUTHORIZATION flag, for PolicyKit and similar + (fd.o #83449; Lennart Poettering, Simon McVittie) + · annotate table of types with reserved/basic/container, and for + basic types, fixed/string-like + · clarify arbitrary limits by quoting them in mebibytes + +• New API: add accessors for the ALLOW_INTERACTIVE_AUTHORIZATION flag + (fd.o #83449, Simon McVittie) + +• Add dbus-test-tool, a D-Bus swiss army knife with multiple subcommands, + useful for debugging and performance testing: + · dbus-test-tool spam: send repeated messages + · dbus-test-tool echo: send an empty reply for all method calls + · dbus-test-tool black-hole: do not reply to method calls + (fd.o #34140; Alban Crequy, Simon McVittie, Will Thompson) + +• Add support for process ID in credentials-passing on NetBSD + (fd.o #69702, Patrick Welche) + +• Add an example script to find potentially undesired match rules + (fd.o #84598, Alban Crequy) + +• Document the central assumption that makes our use of credentials-passing + secure (fd.o #83499, Simon McVittie) + +• Replace the dbus-glib section of the tutorial with a GDBus recommendation, + and add some links to GDBus and QtDBus documentation (fd.o #25140, + Simon McVittie) + +Fixes: + +• Use a less confusing NoReply message when disconnected with a reply pending + (fd.o #76112, Simon McVittie) + +• Make the .pc file relocatable by letting pkg-config do all variable + expansion itself (fd.o #75858, Руслан Ижбулатов) + +• Fix a build failure on platforms with kqueue, which regressed in 1.9.0 + (fd.o #85563, Patrick Welche) + +• Consistently save errno after socket calls (fd.o #83625, Simon McVittie) + +• In dbus-spawn, when the grandchild process exits due to a failed exec(), + do not lose the exec() errno (fd.o #24821, Simon McVittie) + +• Do not fail the tests if a parent process has leaked non-close-on-exec + file descriptors to us (fd.o #73689, fd.o #83899; Simon McVittie) + +• Do not fail the tests on Unix platforms with incomplete + credentials-passing support, but do fail if we can't pass credentials + on a platform where it is known to work: Linux, FreeBSD, OpenBSD, NetBSD + (fd.o #69702, Simon McVittie) + +• Detect accept4, dirfd, inotify_init1, pipe2, and Unix fd passing + when building with cmake, and expand test coverage there + (fd.o #73689; Ralf Habacker, Simon McVittie) + D-Bus 1.9.0 (2014-10-01) == |