Pullup ticket #4162 - requested by wiz

sysutils/dbus: security update

Revisions pulled up:
- sysutils/dbus/Makefile                                        1.60-1.61
- sysutils/dbus/distinfo                                        1.43-1.44
- sysutils/dbus/patches/patch-ab                                1.21

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Sun May 26 18:06:05 UTC 2013

   Modified Files:
   	pkgsrc/sysutils/dbus: Makefile distinfo
   	pkgsrc/sysutils/dbus/patches: patch-ab

   Log Message:
   Update to 1.6.10:

   D-Bus 1.6.10 (2013-04-24)
   ==

   The “little-known facts about bananas” release.

   • Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF,
     U+FDD0..U+FDEF are allowed in UTF-8 strings again.
     (fd.o #63072, Simon McVittie)

   • Diagnose incorrect use of dbus_connection_get_data() with negative slot
     (i.e. before allocating the slot) rather than returning junk
     (fd.o #63127, Dan Williams)

   • In the activation helper, when compiled for tests, do not reset the system
     bus address, fixing the regression tests. (fd.o #52202, Simon)

   • Fix building with Valgrind 3.8, at the cost of causing harmless warnings
     with Valgrind 3.6 on some compilers (fd.o #55932, Arun Raghavan)

   • Don't leak temporary fds pointing to /dev/null (fd.o #56927, Michel HERMIER)

   • Create session.d, system.d directories under CMake (fd.o #41319,
     Ralf Habacker)

   • Unix-specific:
     · Include alloca.h for alloca() if available, fixing compilation on
       Solaris 10 (fd.o #63071, Dagobert Michelsen)

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Jun 13 13:00:34 UTC 2013

   Modified Files:
   	pkgsrc/sysutils/dbus: Makefile distinfo

   Log Message:
   Update to 1.6.12:

   D-Bus 1.6.12 (2013-06-13)
   ==

   Fixes:

   • CVE-2013-2168: Fix misuse of va_list that could be used as a denial
     of service for system services. Vulnerability reported by Alexandru Cornea.
     (Simon)

   • In dbus-daemon, don't crash if a .service file starts with key=value
     (fd.o #60853, Chengwei Yang)

   • Unix-specific:
     · Fix an assertion failure if we try to activate systemd services before
       systemd connects to the bus (fd.o #50199, Chengwei Yang)
     · Avoid compiler warnings for ignoring the return from write()
       (Chengwei Yang)

3 files changed, 19 insertions, 19 deletions

diff --git a/sysutils/dbus/Makefile b/sysutils/dbus/Makefile
index d44a072bf11..7696676aeee 100644
--- a/sysutils/dbus/Makefile
+++ b/sysutils/dbus/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.59 2013/01/06 03:55:51 ryoon Exp $
+# $NetBSD: Makefile,v 1.59.2.1 2013/06/19 14:44:07 tron Exp $
 
-DISTNAME=	dbus-1.6.8
+DISTNAME=	dbus-1.6.12
 CATEGORIES=	sysutils
 MASTER_SITES=	http://dbus.freedesktop.org/releases/dbus/
 
diff --git a/sysutils/dbus/distinfo b/sysutils/dbus/distinfo
index 5efd7f0f227..976ff217953 100644
--- a/sysutils/dbus/distinfo
+++ b/sysutils/dbus/distinfo
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.42 2012/10/07 21:35:14 wiz Exp $
+$NetBSD: distinfo,v 1.42.4.1 2013/06/19 14:44:07 tron Exp $
 
-SHA1 (dbus-1.6.8.tar.gz) = d9634807d1de9b64727ae2178e3af2227fca0fca
-RMD160 (dbus-1.6.8.tar.gz) = 063d855945bae0124a10b2fa98d64fd09e3b8eda
-Size (dbus-1.6.8.tar.gz) = 1929630 bytes
+SHA1 (dbus-1.6.12.tar.gz) = 96f7ae2edb8711fe4fb42718d03fdb00a90416d5
+RMD160 (dbus-1.6.12.tar.gz) = 2ffda0a66ac457ee77c498a95b85d04a147906d6
+Size (dbus-1.6.12.tar.gz) = 1933805 bytes
 SHA1 (patch-aa) = 0c3d145979e3b2358261c9f7f34701d02eb6ecd4
-SHA1 (patch-ab) = 48dd40c59eef3d99e1933a646e23206c7c55bc97
+SHA1 (patch-ab) = 77eb92f31e849789448ae80990caf9f573aa87a7
 SHA1 (patch-ak) = fcb0cad1b6e306db03d538d4ca65f4a18d4726ab
 SHA1 (patch-al) = 3f9f793b0c1455bf2bf079cc27b841c22f42c276
 SHA1 (patch-am) = 8c794ff8b0981e90243ee20c26ae1ecc72e68de8
diff --git a/sysutils/dbus/patches/patch-ab b/sysutils/dbus/patches/patch-ab
index a31f40dfd37..d5e1bf880ed 100644
--- a/sysutils/dbus/patches/patch-ab
+++ b/sysutils/dbus/patches/patch-ab
@@ -1,9 +1,9 @@
-$NetBSD: patch-ab,v 1.20 2012/08/14 19:18:08 abs Exp $
+$NetBSD: patch-ab,v 1.20.6.1 2013/06/19 14:44:07 tron Exp $
 
 _dbus_poll: Set the timeout value argument to poll to -1 whenever
 it is less than -1 to avoid kde4 session start hang
 
---- dbus/dbus-sysdeps-unix.c.orig	2012-07-03 18:02:45.000000000 +0000
+--- dbus/dbus-sysdeps-unix.c.orig	2013-04-22 14:10:32.000000000 +0000
 +++ dbus/dbus-sysdeps-unix.c
 @@ -22,6 +22,8 @@
   *
@@ -14,8 +14,8 @@ it is less than -1 to avoid kde4 session start hang
  #include <config.h>
  
  #include "dbus-internals.h"
-@@ -72,6 +74,10 @@
- #include <ucred.h>
+@@ -75,6 +77,10 @@
+ #include <alloca.h>
  #endif
  
 +#ifdef __NetBSD__
@@ -25,7 +25,7 @@ it is less than -1 to avoid kde4 session start hang
  #ifdef HAVE_ADT
  #include <bsm/adt.h>
  #endif
-@@ -122,6 +128,32 @@
+@@ -125,6 +131,32 @@
  
  #endif /* Solaris */
  
@@ -58,7 +58,7 @@ it is less than -1 to avoid kde4 session start hang
  static dbus_bool_t
  _dbus_open_socket (int              *fd_p,
                     int               domain,
-@@ -969,7 +1001,7 @@ _dbus_set_local_creds (int fd, dbus_bool
+@@ -972,7 +1004,7 @@ _dbus_set_local_creds (int fd, dbus_bool
  {
    dbus_bool_t retval = TRUE;
  
@@ -67,7 +67,7 @@ it is less than -1 to avoid kde4 session start hang
    /* NOOP just to make sure only one codepath is used
     *      and to prefer CMSGCRED
     */
-@@ -1674,6 +1706,11 @@ _dbus_read_credentials_socket  (int     
+@@ -1677,6 +1709,11 @@ _dbus_read_credentials_socket  (int     
      char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
    } cmsg;
  
@@ -79,7 +79,7 @@ it is less than -1 to avoid kde4 session start hang
  #elif defined(LOCAL_CREDS)
    struct {
      struct cmsghdr hdr;
-@@ -1709,10 +1746,15 @@ _dbus_read_credentials_socket  (int     
+@@ -1712,10 +1749,15 @@ _dbus_read_credentials_socket  (int     
    msg.msg_iov = &iov;
    msg.msg_iovlen = 1;
  
@@ -96,7 +96,7 @@ it is less than -1 to avoid kde4 session start hang
  #endif
  
   again:
-@@ -1749,9 +1791,13 @@ _dbus_read_credentials_socket  (int     
+@@ -1752,9 +1794,13 @@ _dbus_read_credentials_socket  (int     
        return FALSE;
      }
  
@@ -111,7 +111,7 @@ it is less than -1 to avoid kde4 session start hang
      {
        dbus_set_error (error, DBUS_ERROR_FAILED,
                        "Message from recvmsg() was not SCM_CREDS");
-@@ -1787,6 +1833,16 @@ _dbus_read_credentials_socket  (int     
+@@ -1790,6 +1836,16 @@ _dbus_read_credentials_socket  (int     
      cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr);
      pid_read = cred->cmcred_pid;
      uid_read = cred->cmcred_euid;
@@ -128,7 +128,7 @@ it is less than -1 to avoid kde4 session start hang
  #elif defined(LOCAL_CREDS)
      pid_read = DBUS_PID_UNSET;
      uid_read = cmsg.cred.sc_uid;
-@@ -1848,7 +1904,7 @@ _dbus_read_credentials_socket  (int     
+@@ -1851,7 +1907,7 @@ _dbus_read_credentials_socket  (int     
        }
      if (ucred != NULL)
        ucred_free (ucred);
@@ -137,7 +137,7 @@ it is less than -1 to avoid kde4 session start hang
      _dbus_verbose ("Socket credentials not supported on this OS\n");
  #endif
    }
-@@ -2525,6 +2581,10 @@ _dbus_poll (DBusPollFD *fds,
+@@ -2528,6 +2584,10 @@ _dbus_poll (DBusPollFD *fds,
        _DBUS_STRUCT_OFFSET (DBusPollFD, revents) ==
        _DBUS_STRUCT_OFFSET (struct pollfd, revents))
      {