diff options
author | bsiegert <bsiegert@pkgsrc.org> | 2020-06-09 11:59:41 +0000 |
---|---|---|
committer | bsiegert <bsiegert@pkgsrc.org> | 2020-06-09 11:59:41 +0000 |
commit | 39997e54937c077612681dee7314dd82176001a4 (patch) | |
tree | 0351ab1bbcac1953af4bf573adf155d471f9aca6 | |
parent | 70f592baa0b7dee9dc4308686ce9ab3882257b5b (diff) | |
download | pkgsrc-39997e54937c077612681dee7314dd82176001a4.tar.gz |
Pullup ticket #6233 - requested by wiz
sysutils/dbus: security fix
Revisions pulled up:
- sysutils/dbus/Makefile 1.121
- sysutils/dbus/distinfo 1.93
---
Module Name: pkgsrc
Committed By: wiz
Date: Tue Jun 9 07:13:31 UTC 2020
Modified Files:
pkgsrc/sysutils/dbus: Makefile distinfo
Log Message:
dbus: update to 1.12.18.
dbus 1.12.18 (2020-06-02)
=========================
The “telepathic vines” release.
Denial of service fixes:
• CVE-2020-12049: If a message contains more file descriptors than can
be sent, close those that did get through before reporting error.
Previously, a local attacker could cause the system dbus-daemon (or
another system service with its own DBusServer) to run out of file
descriptors, by repeatedly connecting to the server and sending fds that
would get leaked.
Thanks to Kevin Backhouse of GitHub Security Lab.
(dbus#294, GHSL-2020-057; Simon McVittie)
Other fixes:
• Fix a crash when the dbus-daemon is terminated while one or more
monitors are active (dbus#291, dbus!140; Simon McVittie)
• The dbus-send(1) man page now documents --bus and --peer instead of
the old --address synonym for --peer, which has been deprecated since
the introduction of --bus and --peer in 1.7.6
(fd.o #48816, dbus!115; Chris Morin)
• Fix a wrong environment variable name in dbus-daemon(1)
(dbus#275, dbus!122; Mubin, Philip Withnall)
• Fix formatting of dbus_message_append_args example
(dbus!126, Felipe Franciosi)
• Avoid a test failure on Linux when built in a container as uid 0, but
without the necessary privileges to increase resource limits
(dbus!58, Debian #908092; Simon McVittie)
• When building with CMake, cope with libX11 in a non-standard location
(dbus!129, Tuomo Rinne)
-rw-r--r-- | sysutils/dbus/Makefile | 9 | ||||
-rw-r--r-- | sysutils/dbus/distinfo | 10 |
2 files changed, 9 insertions, 10 deletions
diff --git a/sysutils/dbus/Makefile b/sysutils/dbus/Makefile index 8f81eb1a822..f73ab59938a 100644 --- a/sysutils/dbus/Makefile +++ b/sysutils/dbus/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.120 2020/01/18 23:35:15 rillig Exp $ +# $NetBSD: Makefile,v 1.120.2.1 2020/06/09 11:59:41 bsiegert Exp $ -DISTNAME= dbus-1.12.16 +DISTNAME= dbus-1.12.18 CATEGORIES= sysutils MASTER_SITES= http://dbus.freedesktop.org/releases/dbus/ @@ -63,13 +63,12 @@ SUBST_SED.docbook= -e 's,http://www.oasis-open.org/docbook/xml,${PREFIX}/share/x PTHREAD_AUTO_VARS= yes .if ${OPSYS} == "Linux" -PLIST.linux= yes +# not currently used +#PLIST.linux= yes .else CONFIGURE_ARGS+= --disable-selinux .endif -PLIST_VARS+= linux - DBUS_CONF_DIR= ${PKG_SYSCONFBASE}/dbus-1 OWN_DIRS+= ${DBUS_CONF_DIR}/services OWN_DIRS+= ${DBUS_CONF_DIR}/system-services diff --git a/sysutils/dbus/distinfo b/sysutils/dbus/distinfo index 40643eba9a9..0ecbb8043ef 100644 --- a/sysutils/dbus/distinfo +++ b/sysutils/dbus/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.92 2019/06/11 20:04:23 wiz Exp $ +$NetBSD: distinfo,v 1.92.6.1 2020/06/09 11:59:41 bsiegert Exp $ -SHA1 (dbus-1.12.16.tar.gz) = 06e3412a7d9c7e345bfcfb027016c634e20f7ece -RMD160 (dbus-1.12.16.tar.gz) = fb9c2f01d3068600cb43eae05ccd687878a31e4f -SHA512 (dbus-1.12.16.tar.gz) = 27ae805170e9515a8bb0fba5f29d414edc70e3b6b28b7b65bbea47035b8eafa9ac4820cdc92645be6035f6748f8aa45679e1ffc84ba74a64859a3056d318b9bb -Size (dbus-1.12.16.tar.gz) = 2093296 bytes +SHA1 (dbus-1.12.18.tar.gz) = 06a8faeb4c3c2c9739fda04f81c6ccdb1a0e5f77 +RMD160 (dbus-1.12.18.tar.gz) = 6d2952910ce8122d0cc3d33551d0a2a1b84be937 +SHA512 (dbus-1.12.18.tar.gz) = 817674e86a5d4cbfa705a79ca5197176311e47505c5da02334c2811f63b55014b582a12bce53bc73a08a3ad5061f210ba0d1e5f3bbf7697c81ca70c22a76fc13 +Size (dbus-1.12.18.tar.gz) = 2094453 bytes SHA1 (patch-ak) = 4535584537a22a2e42824fe45e2d75253b484147 SHA1 (patch-al) = ffaa8f224c3dd6a97ffa42fe2e9ca924160fa68c SHA1 (patch-am) = ed334bc76911c9db9f5472c58fb762c56255c5b4 |