diff options
author | tron <tron> | 2013-06-19 14:44:07 +0000 |
---|---|---|
committer | tron <tron> | 2013-06-19 14:44:07 +0000 |
commit | 35411e18fe781e41c5b93d883728ed95ce1c2687 (patch) | |
tree | 78d20f824e3bc7160fa0b73aa3b83516a46c1a02 | |
parent | 226352af48026a2081e70e75288bdd3c58757cf0 (diff) | |
download | pkgsrc-35411e18fe781e41c5b93d883728ed95ce1c2687.tar.gz |
Pullup ticket #4162 - requested by wiz
sysutils/dbus: security update
Revisions pulled up:
- sysutils/dbus/Makefile 1.60-1.61
- sysutils/dbus/distinfo 1.43-1.44
- sysutils/dbus/patches/patch-ab 1.21
---
Module Name: pkgsrc
Committed By: wiz
Date: Sun May 26 18:06:05 UTC 2013
Modified Files:
pkgsrc/sysutils/dbus: Makefile distinfo
pkgsrc/sysutils/dbus/patches: patch-ab
Log Message:
Update to 1.6.10:
D-Bus 1.6.10 (2013-04-24)
==
The “little-known facts about bananas” release.
• Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF,
U+FDD0..U+FDEF are allowed in UTF-8 strings again.
(fd.o #63072, Simon McVittie)
• Diagnose incorrect use of dbus_connection_get_data() with negative slot
(i.e. before allocating the slot) rather than returning junk
(fd.o #63127, Dan Williams)
• In the activation helper, when compiled for tests, do not reset the system
bus address, fixing the regression tests. (fd.o #52202, Simon)
• Fix building with Valgrind 3.8, at the cost of causing harmless warnings
with Valgrind 3.6 on some compilers (fd.o #55932, Arun Raghavan)
• Don't leak temporary fds pointing to /dev/null (fd.o #56927, Michel HERMIER)
• Create session.d, system.d directories under CMake (fd.o #41319,
Ralf Habacker)
• Unix-specific:
· Include alloca.h for alloca() if available, fixing compilation on
Solaris 10 (fd.o #63071, Dagobert Michelsen)
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jun 13 13:00:34 UTC 2013
Modified Files:
pkgsrc/sysutils/dbus: Makefile distinfo
Log Message:
Update to 1.6.12:
D-Bus 1.6.12 (2013-06-13)
==
Fixes:
• CVE-2013-2168: Fix misuse of va_list that could be used as a denial
of service for system services. Vulnerability reported by Alexandru Cornea.
(Simon)
• In dbus-daemon, don't crash if a .service file starts with key=value
(fd.o #60853, Chengwei Yang)
• Unix-specific:
· Fix an assertion failure if we try to activate systemd services before
systemd connects to the bus (fd.o #50199, Chengwei Yang)
· Avoid compiler warnings for ignoring the return from write()
(Chengwei Yang)
-rw-r--r-- | sysutils/dbus/Makefile | 4 | ||||
-rw-r--r-- | sysutils/dbus/distinfo | 10 | ||||
-rw-r--r-- | sysutils/dbus/patches/patch-ab | 24 |
3 files changed, 19 insertions, 19 deletions
diff --git a/sysutils/dbus/Makefile b/sysutils/dbus/Makefile index d44a072bf11..7696676aeee 100644 --- a/sysutils/dbus/Makefile +++ b/sysutils/dbus/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.59 2013/01/06 03:55:51 ryoon Exp $ +# $NetBSD: Makefile,v 1.59.2.1 2013/06/19 14:44:07 tron Exp $ -DISTNAME= dbus-1.6.8 +DISTNAME= dbus-1.6.12 CATEGORIES= sysutils MASTER_SITES= http://dbus.freedesktop.org/releases/dbus/ diff --git a/sysutils/dbus/distinfo b/sysutils/dbus/distinfo index 5efd7f0f227..976ff217953 100644 --- a/sysutils/dbus/distinfo +++ b/sysutils/dbus/distinfo @@ -1,10 +1,10 @@ -$NetBSD: distinfo,v 1.42 2012/10/07 21:35:14 wiz Exp $ +$NetBSD: distinfo,v 1.42.4.1 2013/06/19 14:44:07 tron Exp $ -SHA1 (dbus-1.6.8.tar.gz) = d9634807d1de9b64727ae2178e3af2227fca0fca -RMD160 (dbus-1.6.8.tar.gz) = 063d855945bae0124a10b2fa98d64fd09e3b8eda -Size (dbus-1.6.8.tar.gz) = 1929630 bytes +SHA1 (dbus-1.6.12.tar.gz) = 96f7ae2edb8711fe4fb42718d03fdb00a90416d5 +RMD160 (dbus-1.6.12.tar.gz) = 2ffda0a66ac457ee77c498a95b85d04a147906d6 +Size (dbus-1.6.12.tar.gz) = 1933805 bytes SHA1 (patch-aa) = 0c3d145979e3b2358261c9f7f34701d02eb6ecd4 -SHA1 (patch-ab) = 48dd40c59eef3d99e1933a646e23206c7c55bc97 +SHA1 (patch-ab) = 77eb92f31e849789448ae80990caf9f573aa87a7 SHA1 (patch-ak) = fcb0cad1b6e306db03d538d4ca65f4a18d4726ab SHA1 (patch-al) = 3f9f793b0c1455bf2bf079cc27b841c22f42c276 SHA1 (patch-am) = 8c794ff8b0981e90243ee20c26ae1ecc72e68de8 diff --git a/sysutils/dbus/patches/patch-ab b/sysutils/dbus/patches/patch-ab index a31f40dfd37..d5e1bf880ed 100644 --- a/sysutils/dbus/patches/patch-ab +++ b/sysutils/dbus/patches/patch-ab @@ -1,9 +1,9 @@ -$NetBSD: patch-ab,v 1.20 2012/08/14 19:18:08 abs Exp $ +$NetBSD: patch-ab,v 1.20.6.1 2013/06/19 14:44:07 tron Exp $ _dbus_poll: Set the timeout value argument to poll to -1 whenever it is less than -1 to avoid kde4 session start hang ---- dbus/dbus-sysdeps-unix.c.orig 2012-07-03 18:02:45.000000000 +0000 +--- dbus/dbus-sysdeps-unix.c.orig 2013-04-22 14:10:32.000000000 +0000 +++ dbus/dbus-sysdeps-unix.c @@ -22,6 +22,8 @@ * @@ -14,8 +14,8 @@ it is less than -1 to avoid kde4 session start hang #include <config.h> #include "dbus-internals.h" -@@ -72,6 +74,10 @@ - #include <ucred.h> +@@ -75,6 +77,10 @@ + #include <alloca.h> #endif +#ifdef __NetBSD__ @@ -25,7 +25,7 @@ it is less than -1 to avoid kde4 session start hang #ifdef HAVE_ADT #include <bsm/adt.h> #endif -@@ -122,6 +128,32 @@ +@@ -125,6 +131,32 @@ #endif /* Solaris */ @@ -58,7 +58,7 @@ it is less than -1 to avoid kde4 session start hang static dbus_bool_t _dbus_open_socket (int *fd_p, int domain, -@@ -969,7 +1001,7 @@ _dbus_set_local_creds (int fd, dbus_bool +@@ -972,7 +1004,7 @@ _dbus_set_local_creds (int fd, dbus_bool { dbus_bool_t retval = TRUE; @@ -67,7 +67,7 @@ it is less than -1 to avoid kde4 session start hang /* NOOP just to make sure only one codepath is used * and to prefer CMSGCRED */ -@@ -1674,6 +1706,11 @@ _dbus_read_credentials_socket (int +@@ -1677,6 +1709,11 @@ _dbus_read_credentials_socket (int char cred[CMSG_SPACE (sizeof (struct cmsgcred))]; } cmsg; @@ -79,7 +79,7 @@ it is less than -1 to avoid kde4 session start hang #elif defined(LOCAL_CREDS) struct { struct cmsghdr hdr; -@@ -1709,10 +1746,15 @@ _dbus_read_credentials_socket (int +@@ -1712,10 +1749,15 @@ _dbus_read_credentials_socket (int msg.msg_iov = &iov; msg.msg_iovlen = 1; @@ -96,7 +96,7 @@ it is less than -1 to avoid kde4 session start hang #endif again: -@@ -1749,9 +1791,13 @@ _dbus_read_credentials_socket (int +@@ -1752,9 +1794,13 @@ _dbus_read_credentials_socket (int return FALSE; } @@ -111,7 +111,7 @@ it is less than -1 to avoid kde4 session start hang { dbus_set_error (error, DBUS_ERROR_FAILED, "Message from recvmsg() was not SCM_CREDS"); -@@ -1787,6 +1833,16 @@ _dbus_read_credentials_socket (int +@@ -1790,6 +1836,16 @@ _dbus_read_credentials_socket (int cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr); pid_read = cred->cmcred_pid; uid_read = cred->cmcred_euid; @@ -128,7 +128,7 @@ it is less than -1 to avoid kde4 session start hang #elif defined(LOCAL_CREDS) pid_read = DBUS_PID_UNSET; uid_read = cmsg.cred.sc_uid; -@@ -1848,7 +1904,7 @@ _dbus_read_credentials_socket (int +@@ -1851,7 +1907,7 @@ _dbus_read_credentials_socket (int } if (ucred != NULL) ucred_free (ucred); @@ -137,7 +137,7 @@ it is less than -1 to avoid kde4 session start hang _dbus_verbose ("Socket credentials not supported on this OS\n"); #endif } -@@ -2525,6 +2581,10 @@ _dbus_poll (DBusPollFD *fds, +@@ -2528,6 +2584,10 @@ _dbus_poll (DBusPollFD *fds, _DBUS_STRUCT_OFFSET (DBusPollFD, revents) == _DBUS_STRUCT_OFFSET (struct pollfd, revents)) { |