| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
g/c CONFIGURE_ARGS_GROUPS (Unused since PR pkg/50075 point 13) )
D-Bus 1.10.8 (2016-03-07)
==
The "digestive biscuits" release.
Fixes:
* Enable "large file support" on systems where it exists: dbus-daemon
is not expected to open large files, but it might need to stat files
that happen to have large inode numbers (fd.o #93545, Hongxu Jia)
* Eliminate padding inside DBusMessageIter on 64-bit platforms,
which might result in a pedantic C compiler not copying the entire contents
of a DBusMessageIter; statically assert that this is not an ABI change
in practice (fd.o #94136, Simon McVittie)
* Document dbus-test-tool echo --sleep-ms=N instead of incorrect --sleep=N
(fd.o #94244, Dmitri Iouchtchenko)
* Correctly report test failures in C tests from run-test.sh
(fd.o #93379; amit tewari, Simon McVittie)
* When tests are enabled, run all the marshal-validate tests, not just
the even-numbered ones (fd.o #93908, Nick Lewycky)
* Correct the expected error from one marshal-validate test, which was
previously not run due to the above bug (fd.o #93908, Simon McVittie)
|
|
|
|
-----------------------
D-Bus 1.11.0 (2015-12-02)
==
The "peppermint deer" release.
Dependencies:
- On non-Windows platforms, dbus now requires an <inttypes.h> that defines
C99 constants such as PRId64 and PRIu64.
Enhancements:
- D-Bus Specification version 0.27
Specify that services should not reply if NO_REPLY_EXPECTED was used
(fd.o #75749, Lars Uebernickel)
- Add a script to do continuous-integration builds, and metadata to run it
on travis-ci.org. To use this, clone the dbus git repository on GitHub
and set it up with travis-ci.org; the only special setting needed is
"only build branches with a .travis.yml". (fd.o #93194, Simon McVittie)
- If dbus-daemon is run with --systemd-activation, do not require
org.freedesktop.systemd1.service to exist (fd.o #93194, Simon McVittie)
Fixes:
- Re-order dbus-daemon startup so that on SELinux systems, the thread
that reads AVC notifications retains the ability to write to the
audit log (fd.o #92832, Laurent Bigonville)
- Print 64-bit integers on non-GNU Unix platforms (fd.o #92043, Natanael Copa)
- When using the Monitoring interface, match messages' destinations
(fd.o #92074, Simon McVittie)
- On Linux with systemd, stop installing a reference to the obsolete
dbus.target, and enable dbus.socket statically (fd.o #78412, #92402;
Simon McVittie)
- On Windows, when including configuration files with <include> or
<includedir>, apply the same relocation as for the Exec paths
in .service files (fd.o #92028, Simon McVittie)
- Add support for backtraces on Windows (fd.o #92721, Ralf Habacker)
- Fix many -Wpointer-sign warnings (fd.o #93069, Ralf Habacker)
|
|
D-Bus 1.10.6 (2015-12-01)
==
The “marzipan beetles” release.
Fixes:
• On Unix when running tests as root, don't assert that root and
the dbus-daemon user can still call UpdateActivationEnvironment;
assert that those privileged users can call BecomeMonitor instead
(fd.o #93036, Simon McVittie)
• On Windows, fix a memory leak in the autolaunch transport (fd.o #92899,
Simon McVittie)
• On Windows Autotools builds, don't run tests that rely on
dbus-run-session and other Unix-specifics (fd.o #92899, Simon McVittie)
|
|
D-Bus 1.10.4 (2015-11-17)
==
The “Frostburn Canyon” release.
Enhancements:
• GetConnectionCredentials, GetConnectionUnixUser and
GetConnectionUnixProcessID with argument "org.freedesktop.DBus"
will now return details of the dbus-daemon itself. This is required
to be able to call SetEnvironment on systemd.
(fd.o #92857, Jan Alexander Steffens)
Fixes:
• Make UpdateActivationEnvironment always fail with AccessDenied on the
system bus. Previously, it was possible to configure it so root could
call it, but the environment variables were not actually used,
because the launch helper would discard them.
(fd.o #92857, Jan Alexander Steffens)
• On Unix with --systemd-activation on a user bus, make
UpdateActivationEnvironment pass on its arguments to systemd's
SetEnvironment method, solving inconsistency between the environments
used for traditional activation and systemd user-service activation.
(fd.o #92857, Jan Alexander Steffens)
• On Windows, don't crash if <syslog/> or --syslog is used
(fd.o #92538, Ralf Habacker)
• On Windows, fix a memory leak when setting a DBusError from a Windows
error (fd.o #92721, Ralf Habacker)
• On Windows, don't go into infinite recursion if we abort the process
with backtraces enabled (fd.o #92721, Ralf Habacker)
• Fix various failing tests, variously on Windows and cross-platform:
· don't test system.conf features (users, groups) that only make sense
on the system bus, which is not supported on Windows
· don't call _dbus_warn() when we skip a test, since it is fatal
· fix computation of expected <standard_session_servicedirs/>
· when running TAP tests, translate newlines to Unix format, fixing
cross-compiled tests under Wine on Linux
· don't stress-test refcounting under Wine, where it's really slow
· stop assuming that a message looped-back to the test will be received
immediately
· skip some system bus tests on Windows since they make no sense there
(fd.o #92538, fd.o #92721; Ralf Habacker, Simon McVittie)
|
|
D-Bus 1.10.2 (2015-10-26)
==
The “worst pies in London” release.
Fixes:
• Correct error handling for activation: if there are multiple attempts
to activate the same service and it fails immediately, the first attempt
would get the correct reply, but the rest would time out. We now send
the same error reply to each attempt. (fd.o #92200, Simon McVittie)
• If BecomeMonitor is called with a syntactically invalid match rule,
don't crash with an assertion failure, fixing a regression in 1.9.10.
This was not exploitable as a denial of service, because the check
for a privileged user is done first. (fd.o #92298, Simon McVittie)
• On Linux with --enable-user-session, add the bus address to the
environment of systemd services for better backwards compatibility
(fd.o #92612, Jan Alexander Steffens)
• On Windows, fix the logic for replacing the installation prefix
in service files' Exec lines (fd.o #83539; Milan Crha, Simon McVittie)
• On Windows, if installed in the conventional layout with ${prefix}/etc
and ${prefix}/share, use relative paths between bus configuration files
to allow the tree to be relocated (fd.o #92028, Simon McVittie)
• Make more of the regression tests pass in Windows builds (fd.o #92538,
Simon McVittie)
|
|
Problems found with existing digests:
Package memconf distfile memconf-2.16/memconf.gz
b6f4b736cac388dddc5070670351cf7262aba048 [recorded]
95748686a5ad8144232f4d4abc9bf052721a196f [calculated]
Problems found locating distfiles:
Package dc-tools: missing distfile dc-tools/abs0-dc-burn-netbsd-1.5-0-gae55ec9
Package ipw-firmware: missing distfile ipw2100-fw-1.2.tgz
Package iwi-firmware: missing distfile ipw2200-fw-2.3.tgz
Package nvnet: missing distfile nvnet-netbsd-src-20050620.tgz
Package syslog-ng: missing distfile syslog-ng-3.7.2.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
|
|
D-Bus 1.10.0 (2015-08-25)
==
The “0x20” release.
This is a new stable branch, recommended for use in OS distributions.
Fixes since 1.9.20:
• distribute test/tap-test.sh.in, even if the tarball was built without
tests enabled (fd.o #91684, Simon McVittie)
• work around a fd leak in libcap-ng < 0.7.7 (fd.o #91684, Simon McVittie)
Summary of major changes since 1.8.0:
• The basic setup for the well-known system and session buses is
now done in read-only files in ${datadir} (normally /usr/share).
See the NEWS entry for 1.9.18 for details.
• AppArmor integration has been merged, with features similar to the
pre-existing SELinux integration. It is mostly compatible with the
patches previously shipped by Ubuntu, with one significant change:
Ubuntu's GetConnectionAppArmorSecurityContext method has been superseded
by GetConnectionCredentials and was not included.
• The --enable-user-session configure option can be enabled
by OS integrators intending to use systemd to provide a session bus
per user (in effect, treating all concurrent graphical and non-graphical
login sessions as one large session).
• The new listenable address mode "unix:runtime=yes" listens on
$XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the systemd
user session. libdbus and "dbus-launch --autolaunch" will connect to
this address by default. GLib ≥ 2.45.3 and sd-bus ≥ 209 have a
matching default.
• All executables are now dynamically linked to libdbus-1.
Previously, some executables, most notably dbus-daemon, were statically
linked to a specially-compiled variant of libdbus. This results in
various private functions in the _dbus namespace being exposed by the
shared library. These are not API, and must not be used outside
the dbus source tree.
• On platforms with ELF symbol versioning, all public symbols
are versioned LIBDBUS_1_3.
New bus APIs:
• org.freedesktop.DBus.GetConnectionCredentials returns
LinuxSecurityLabel where supported
• org.freedesktop.DBus.Monitoring interface (privileged)
· BecomeMonitor method supersedes match rules with eavesdrop=true,
which are now deprecated
• org.freedesktop.DBus.Stats interface (semi-privileged)
· now enabled by default
· new GetAllMatchRules method
New executables:
• dbus-test-tool
• dbus-update-activation-environment
New optional dependencies:
• The systemd: pseudo-transport requires libsystemd or libsd-daemon
• Complete documentation requires Ducktype and yelp-tools
• Full test coverage requires GLib 2.36 and PyGI
• AppArmor integration requires libapparmor and optionally libaudit
Dependencies removed:
• dbus-glib
D-Bus 1.9.20 (2015-08-06)
==
The “Remember Tomorrow” release.
This is a release-candidate for D-Bus 1.10.0. OS distribution vendors
should test it.
Fixes:
• Don't second-guess what the ABI of poll() is, allowing it to be used
on Integrity RTOS and other unusual platforms (fd.o #90314;
Rolland Dudemaine, Simon McVittie)
• Don't duplicate audit subsystem integration if AppArmor and SELinux are
both enabled (fd.o #89225, Simon McVittie)
• Log audit events for AppArmor/SELinux policy violations whenever
we have CAP_AUDIT_WRITE, even if not the system bus
(fd.o #83856, Laurent Bigonville)
D-Bus 1.9.18 (2015-07-21)
==
The “Pirate Elite” release.
Configuration changes:
• The basic setup for the well-known system and session buses is now done
in read-only files in ${datadir}, moving a step closer to systems
that can operate with an empty /etc directory. In increasing order
of precedence:
· ${datadir}/dbus-1/s*.conf now perform the basic setup such as setting
the default message policies.
· ${sysconfdir}/dbus-1/s*.conf are now optional. By default
dbus still installs a trivial version of each, for documentation
purposes; putting configuration directives in these files is deprecated.
· ${datadir}/dbus-1/s*.d/ are now available for third-party software
to install "drop-in" configuration snippets (any packages
using those directories should explicitly depend on at least this
version of dbus).
· ${sysconfdir}/dbus-1/s*.d/ are also still available for sysadmins
or third-party software to install "drop-in" configuration snippets
· ${sysconfdir}/dbus-1/s*-local.conf are still available for sysadmins'
overrides
${datadir} is normally /usr/share, ${sysconfdir} is normally /etc,
and "s*" refers to either system or session as appropriate.
(fd.o #89280, Dimitri John Ledkov)
Fixes:
• Fix a memory leak when GetConnectionCredentials() succeeds
(fd.o #91008, Jacek Bukarewicz)
• Ensure that dbus-monitor does not reply to messages intended for others,
resulting in its own disconnection (fd.o #90952, Simon McVittie)
D-Bus 1.9.16 (2015-05-14)
==
The “titanium barns” release.
Dependencies:
• Automake 1.13 is now required when compiling from git or modifying
the build system.
Security hardening:
• On Unix platforms, change the default configuration for the session bus
to only allow EXTERNAL authentication (secure kernel-mediated
credentials-passing), as was already done for the system bus.
This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly
unpredictable pseudo-random numbers.
If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport,
in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using
NFS or similar, you will need to reconfigure the session bus to accept
DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration
is not recommended.
(fd.o #90414, Simon McVittie)
• When asked for random numbers for DBUS_COOKIE_SHA1, the nonce-tcp:
transport, UUIDs or any other reason, fail if we cannot obtain entropy
(from /dev/urandom or CryptGenRandom()) or an out-of-memory condition
occurs, instead of silently falling back to low-entropy pseudorandom
numbers from rand(). (fd.o #90414; Simon McVittie, Ralf Habacker)
Enhancements:
• Add dbus_message_iter_get_element_count()
(fd.o #30350; Christian Dywan, Simon McVittie)
• Introduce new internal DBusSocket and DBusPollable types so we can
stop treating the Windows SOCKET type as if it was int. DBusSocket
is specifically a socket, cross-platform. DBusPollable is whatever
_dbus_poll() can act on, i.e. a fd on Unix or a SOCKET on Windows.
(fd.o #89444; Ralf Habacker, Simon McVittie)
• All regression tests now output TAP <https://testanything.org/>
(fd.o #89846, Simon McVittie)
• Internal APIs consistently use signed values for timestamps
(fd.o #18494, Peter McCurdy)
• Improve diagnostics when UpdateActivationEnvironment calls are rejected
(fd.o #88812, Simon McVittie)
• Clean up a lot of compiler warnings
(fd.o #17289, fd.o #89284; Ralf Habacker, Simon McVittie)
Fixes:
• Add locking to DBusCounter's reference count and notify function
(fd.o #89297, Adrian Szyndela)
• Ensure that DBusTransport's reference count is protected by the
corresponding DBusConnection's lock (fd.o #90312, Adrian Szyndela)
• Correctly release DBusServer mutex before early-return if we run out
of memory while copying authentication mechanisms (fd.o #90021,
Ralf Habacker)
• Make dbus-test-tool and dbus-update-activation-environment portable
to Windows (fd.o #90089, Ralf Habacker)
• Correctly initialize all fields of DBusTypeReader (fd.o #90021;
Ralf Habacker, Simon McVittie)
• Fix some missing \n in verbose (debug log) messages (fd.o #90004,
Ralf Habacker)
• Clean up some memory and fd leaks in test code and tools
(fd.o #90021, Ralf Habacker)
• Fix a NULL dereference if the dbus-daemon cannot read a configuration
directory for a reason that is not ENOENT (fd.o #90021, Ralf Habacker)
• CMake generates a versioned shared library even if the revision is 0,
as it usually is on the development branch. (fd.o #89450, Ralf Habacker)
D-Bus 1.9.14 (2015-03-02)
==
The “don't stand in the poison cloud” release.
Dependencies:
• dbus-daemon and dbus-daemon-launch-helper now require libdbus. They
were previously linked to a static version of libdbus.
• The tests no longer require dbus-glib in order to exercise the libdbus
shared library; they are always linked to libdbus now.
Build-time configuration:
• The new --enable-user-session option, off by default, can be enabled
by OS integrators intending to use systemd to provide a session bus
per user (in effect, treating all concurrent graphical and non-graphical
login sessions as one large session)
Enhancements:
• All executables are now linked dynamically to libdbus.
(fd.o #83115; Bertrand SIMONNET, Simon McVittie, Ralf Habacker)
• On platforms that support them (GNU libc and possibly others),
libdbus now has versioned symbols for its public API.
All public symbols (visible in the header files) are currently
versioned as LIBDBUS_1_3; private symbols starting with _dbus or
dbus_internal have a version that changes with each release, and
must not be used by applications. (also fd.o #83115)
• New listenable address mode "unix:runtime=yes" which listens on
a real filesystem (non-abstract) socket $XDG_RUNTIME_DIR/bus
(fd.o #61303; Colin Walters, Alexander Larsson, Simon McVittie)
• Add optional systemd units for a per-user bus listening on
$XDG_RUNTIME_DIR/bus (fd.o #61301; Simon McVittie, Colin Walters)
• On Unix platforms, both libdbus and "dbus-launch --autolaunch"
default to connecting to $XDG_RUNTIME_DIR/bus if it is a socket
(also fd.o #61301)
• New dbus-update-activation-environment tool uploads environment
variables to "dbus-daemon --session" and optionally "systemd --user",
primarily as a way to keep the per-user bus compatible with
distributions' existing X11 login scripts (also fd.o #61301)
• <includedir/> elements in dbus-daemon configuration are now silently
ignored if the directory does not exist. (fd.o #89280, Dimitri John Ledkov)
• Add microsecond-resolution timestamps to the default output of
dbus-monitor and dbus-send (fd.o #88896; Ralf Habacker, Simon McVittie)
Fixes:
• Fix a race condition in the 'monitor' test introduced in 1.9.10
(fd.o #89222, Simon McVittie)
D-Bus 1.9.12 (2015-02-19)
==
The “monster lasagna” release.
Dependencies:
• Ducktype and yelp-tools are now required to build complete documentation
(they are optional for normal builds).
Enhancements:
• D-Bus Specification version 0.26
· GetConnectionCredentials can return LinuxSecurityLabel or WindowsSID
· document the BecomeMonitor method
• On Linux, add LinuxSecurityLabel to GetConnectionCredentials
(fd.o #89041; Tyler Hicks, Simon McVittie)
• On Linux, add support for AppArmor mediation of message sending and
receiving and name ownership (paralleling existing SELinux mediation
support), and eavesdropping (a new check, currently AppArmor-specific)
(fd.o #75113; John Johansen, Tyler Hicks, Simon McVittie)
• In dbus-send and dbus-monitor, pretty-print \0-terminated bytestrings
that have printable ASCII contents; we previously only did this for
unterminated bytestrings (fd.o #89109, Simon McVittie)
• Add a guide to designing good D-Bus APIs (fd.o #88994, Philip Withnall)
• On Windows, add WindowsSID to GetConnectionCredentials
(fd.o #54445, Ralf Habacker)
• Improve clarity of dbus-monitor --profile output and add more columns
(fd.o #89165, Ralf Habacker)
• Add a man page for dbus-test-tool, and build it under CMake as well
as Autotools (fd.o#89086, Simon McVittie)
• If dbus-daemon was compiled with --enable-verbose, add a D-Bus API
to control it at runtime, overriding the DBUS_VERBOSE environment variable
(fd.o #88896, Ralf Habacker)
Fixes:
• Reduce the number of file descriptors used in the fd-passing test,
avoiding failure under the default Linux fd limit, and automatically
skip it if the rlimit is too small (fd.o #88998, Simon McVittie)
D-Bus 1.9.10 (2015-02-09)
==
The “sad cyborgs” release.
Security fixes merged from 1.8.16:
• Do not allow non-uid-0 processes to send forged ActivationFailure
messages. On Linux systems with systemd activation, this would
allow a local denial of service: unprivileged processes could
flood the bus with these forged messages, winning the race with
the actual service activation and causing an error reply
to be sent back when service auto-activation was requested.
This does not prevent the real service from being started,
so the attack only works while the real service is not running.
(CVE-2015-0245, fd.o #88811; Simon McVittie)
Enhancements:
• The new Monitoring interface in the dbus-daemon lets dbus-monitor and
similar tools receive messages without altering the security properties
of the system bus, by calling the new BecomeMonitor method on a
private connection. This bypasses the normal <allow> and <deny> rules
entirely, so to preserve normal message-privacy assumptions, only root
is allowed to do this on the system bus. Restricted environments,
such as Linux with LSMs, should lock down access to the Monitoring
interface. (fd.o #46787, Simon McVittie)
• dbus-monitor uses BecomeMonitor to capture more traffic, if the
dbus-daemon supports it and access permissions allow it.
It still supports the previous approach ("eavesdropping" match rules)
for compatibility with older bus daemons. (fd.o #46787, Simon)
• dbus-monitor can now log the message stream as binary data for later
analysis, with either no extra framing beyond the normal D-Bus headers,
or libpcap-compatible framing treating each D-Bus message
as a captured packet. (fd.o #46787, Simon)
Other fixes:
• Fix some CMake build regressions (fd.o #88964, Ralf Habacker)
• On Unix, forcibly terminate regression tests after 60 seconds to
prevent them from blocking continuous integration frameworks
(fd.o #46787, Simon)
D-Bus 1.9.8 (2015-02-03)
==
The “all the types of precipitation” release.
Dependencies:
• full test coverage now requires GLib 2.36
• full test coverage now requires PyGI (PyGObject 3,
"import gi.repository.GObject") instead of the
obsolete PyGObject 2 ("import gobject")
Enhancements:
• add GLib-style "installed tests" (fd.o #88810, Simon McVittie)
• better regression test coverage, including systemd activation
(fd.o #57952, #88810; Simon McVittie)
Fixes:
• fatal errors correctly make the dbus-daemon exit even if <syslog/> is
turned off (fd.o #88808, Simon McVittie)
• TCP sockets on Windows no longer fail to listen approximately 1 time
in 256, caused by a logic error that should have always made it fail but
was mitigated by incorrect endianness for the port number
(fd.o #87999, Ralf Habacker)
• fix some Windows build failures (fd.o #88009, #88010; Ralf Habacker)
• on Windows, allow up to 8K connections to the dbus-daemon instead of the
previous 64, completing a previous fix which only worked under
Autotools (fd.o #71297, Ralf Habacker)
• on Windows, if the IP family is unspecified only use IPv4,
to mitigate IPv6 not working correctly (fd.o #87999, Ralf Habacker)
• fix some unlikely memory leaks on OOM (fd.o #88087, Simon McVittie)
• lcov code coverage analysis works again (fd.o #88808, Simon McVittie)
• fix an unused function error with --disable-embedded-tests (fd.o #87837,
Thiago Macieira)
D-Bus 1.9.6 (2015-01-05)
==
The “I do have a bread knife” release.
Security hardening:
• Do not allow calls to UpdateActivationEnvironment from uids other than
the uid of the dbus-daemon. If a system service installs unsafe
security policy rules that allow arbitrary method calls
(such as CVE-2014-8148) then this prevents memory consumption and
possible privilege escalation via UpdateActivationEnvironment.
We believe that in practice, privilege escalation here is avoided
by dbus-daemon-launch-helper sanitizing its environment; but
it seems better to be safe.
• Do not allow calls to UpdateActivationEnvironment or the Stats interface
on object paths other than /org/freedesktop/DBus. Some system services
install unsafe security policy rules that allow arbitrary method calls
to any destination, method and interface with a specified object path;
while less bad than allowing arbitrary method calls, these security
policies are still harmful, since dbus-daemon normally offers the
same API on all object paths and other system services might behave
similarly.
Other fixes:
• Add missing initialization so GetExtendedTcpTable doesn't crash on
Windows Vista SP0 (fd.o #77008, Илья А. Ткаченко)
D-Bus 1.9.4 (2014-11-24)
==
The “extra-sturdy caramel” release.
Fixes:
• Partially revert the CVE-2014-3639 patch by increasing the default
authentication timeout on the system bus from 5 seconds back to 30
seconds, since this has been reported to cause boot regressions for
some users, mostly with parallel boot (systemd) on slower hardware.
On fast systems where local users are considered particularly hostile,
administrators can return to the 5 second timeout (or any other value
in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
<busconfig>
<limit name="auth_timeout">5000</limit>
</busconfig>
(fd.o #86431, Simon McVittie)
• Add a message in syslog/the Journal when the auth_timeout is exceeded
(fd.o #86431, Simon McVittie)
• Send back an AccessDenied error if the addressed recipient is not allowed
to receive a message (and in builds with assertions enabled, don't
assert under the same conditions). (fd.o #86194, Jacek Bukarewicz)
D-Bus 1.9.2 (2014-11-10)
==
The “structurally unsound flapjack” release.
Security fixes:
• Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536
so that CVE-2014-3636 part A cannot exhaust the system bus'
file descriptors, completing the incomplete fix in 1.8.8.
(CVE-2014-7824, fd.o #85105; Simon McVittie, Alban Crequy)
Enhancements:
• D-Bus Specification version 0.25
· new value 'const' for EmitsChangedSignal annotation
(fd.o #72958, Lennart Poettering)
· new ALLOW_INTERACTIVE_AUTHORIZATION flag, for PolicyKit and similar
(fd.o #83449; Lennart Poettering, Simon McVittie)
· annotate table of types with reserved/basic/container, and for
basic types, fixed/string-like
· clarify arbitrary limits by quoting them in mebibytes
• New API: add accessors for the ALLOW_INTERACTIVE_AUTHORIZATION flag
(fd.o #83449, Simon McVittie)
• Add dbus-test-tool, a D-Bus swiss army knife with multiple subcommands,
useful for debugging and performance testing:
· dbus-test-tool spam: send repeated messages
· dbus-test-tool echo: send an empty reply for all method calls
· dbus-test-tool black-hole: do not reply to method calls
(fd.o #34140; Alban Crequy, Simon McVittie, Will Thompson)
• Add support for process ID in credentials-passing on NetBSD
(fd.o #69702, Patrick Welche)
• Add an example script to find potentially undesired match rules
(fd.o #84598, Alban Crequy)
• Document the central assumption that makes our use of credentials-passing
secure (fd.o #83499, Simon McVittie)
• Replace the dbus-glib section of the tutorial with a GDBus recommendation,
and add some links to GDBus and QtDBus documentation (fd.o #25140,
Simon McVittie)
Fixes:
• Use a less confusing NoReply message when disconnected with a reply pending
(fd.o #76112, Simon McVittie)
• Make the .pc file relocatable by letting pkg-config do all variable
expansion itself (fd.o #75858, Руслан Ижбулатов)
• Fix a build failure on platforms with kqueue, which regressed in 1.9.0
(fd.o #85563, Patrick Welche)
• Consistently save errno after socket calls (fd.o #83625, Simon McVittie)
• In dbus-spawn, when the grandchild process exits due to a failed exec(),
do not lose the exec() errno (fd.o #24821, Simon McVittie)
• Do not fail the tests if a parent process has leaked non-close-on-exec
file descriptors to us (fd.o #73689, fd.o #83899; Simon McVittie)
• Do not fail the tests on Unix platforms with incomplete
credentials-passing support, but do fail if we can't pass credentials
on a platform where it is known to work: Linux, FreeBSD, OpenBSD, NetBSD
(fd.o #69702, Simon McVittie)
• Detect accept4, dirfd, inotify_init1, pipe2, and Unix fd passing
when building with cmake, and expand test coverage there
(fd.o #73689; Ralf Habacker, Simon McVittie)
D-Bus 1.9.0 (2014-10-01)
==
The “tiered cheeses” release.
Requirements:
• Support for the systemd: (LISTEN_FDS) pseudo-transport on Linux now
requires either the libsystemd or libsd-daemon shared library, dropping the
embedded convenience copy of sd-daemon (fd.o #71818, Simon)
Build-time configuration changes:
• The Stats interface is now enabled by default, and locked-down to
root-only on the system bus. Configure with --disable-stats
to disable it altogether on memory- or disk-constrained systems,
or see ${docdir}/examples/ to open it up to non-root users on the
system bus or restrict access on the session bus.
(fd.o #80759; Simon McVittie, Alban Crequy)
• The CMake build system now builds the same shared library name as Autotools
on at least Linux and Windows:
- on Linux (and perhaps other Unix platforms), it previously built
libdbus-1.so, but now builds libdbus-1.so.3.* with development
symlink libdbus-1.so and SONAME/symlink libdbus-1.so.3
- on Windows, it previously built either libdbus-1.dll (release) or
libdbus-1d.dll (debug), but now builds libdbus-1-3.dll, copied to
libdbus-1.dll for compatibility with older applications.
(fd.o #74117, Ralf Habacker)
Enhancements:
• D-Bus Specification version 0.24
· document how to quote match rules (fd.o #24307, Simon McVittie)
· explicitly say that most message types never expect a reply
regardles of whether they have NO_REPLY_EXPECTED
(fd.o #75749, Simon McVittie)
• on Unix platforms, disable Nagle's algorithm on TCP connections to improve
initial latency (fd.o #75544, Matt Hoosier)
• use backtrace() if it is in -lexecinfo instead of libc, as on NetBSD
(fd.o #69702, Patrick Welche)
• in dbus-monitor, print more information about file descriptors
(fd.o #80603, Alban Crequy)
• do not install system bus configuration if built for Windows
(fd.o #83583; Ralf Habacker, Simon McVittie)
• Add GetAllMatchRules to the Stats interface (fd.o #24307, Alban Crequy)
• Add a regression test for file descriptor passing (fd.o #83622,
Simon McVittie)
Fixes:
• fix an incorrect error message if a Unix socket path is too long
(fd.o #73887, Antoine Jacoutot)
• in an MSYS/Cygwin environment, pass Unix-style filenames to xmlto,
fixing documentation generation (fd.o #75860, Руслан Ижбулатов)
• in Unix with X11, avoid giving dbus-launch a misleading argv[0]
in ps(1) (fd.o #69716, Chengwei Yang)
• avoid calling poll() with timeout < -1, which is considered invalid
on FreeBSD and NetBSD (fd.o #78480, Jaap Boender)
• be portable to BSD-derived platforms where O_CLOEXEC is unavailable in libc
(like Mac OS X 10.6), or available in libc but unsupported by the kernel
(fd.o #77032; rmvsxop, OBATA Akio, Patrick Welche)
• Fix include path for test/internal/*.c with cmake (Ralf Habacker)
• Documentation improvements
(fd.o #80795, #84313; Thomas Haller, Sebastian Rasmussen)
• in dbus-monitor, do not leak file descriptors that we have monitored
(fd.o #80603, Alban Crequy)
• Set the close-on-exec flag for the inotify file descriptor, even
if built with CMake or older libc (fd.o #73689, Simon McVittie)
• Remove some LGPL code from the Windows dbus-daemon
(fd.o #57272, Ralf Habacker)
|
|
D-Bus 1.8.20 (2015-07-21)
==
The “Iguana Vanguard” release.
Fixes:
• Fix a memory leak when GetConnectionCredentials() succeeds
(fd.o #91008, Jacek Bukarewicz)
• Ensure that dbus-monitor does not reply to messages intended for others
(fd.o #90952, Simon McVittie)
|
|
D-Bus 1.8.18 (2015-05-14)
==
The “unicorn rifts” release.
Security hardening:
• On Unix platforms, change the default configuration for the session bus
to only allow EXTERNAL authentication (secure kernel-mediated
credentials-passing), as was already done for the system bus.
This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly
unpredictable pseudo-random numbers; under certain circumstances
(/dev/urandom unreadable or malloc() returns NULL), dbus could
fall back to using rand(), which does not have the desired unpredictability.
The fallback to rand() has not been changed in this stable-branch since
the necessary code changes for correct error-handling are rather intrusive.
If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport,
in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using
NFS or similar, you will need to reconfigure the session bus to accept
DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration
is not recommended.
(fd.o #90414, Simon McVittie)
Other fixes:
• Add locking to DBusCounter's reference count and notify function
(fd.o #89297, Adrian Szyndela)
• Ensure that DBusTransport's reference count is protected by the
corresponding DBusConnection's lock (fd.o #90312, Adrian Szyndela)
• On Windows, listen on the same port for IPv4 and IPv6 (previously
broken by an endianness mistake), and fix a failure to bind TCP
sockets on approximately 1 attempt in 256 (fd.o #87999, Ralf Habacker)
• Correctly release DBusServer mutex before early-return if we run out
of memory while copying authentication mechanisms (fd.o #90004,
Ralf Habacker)
• Fix some missing \n in verbose (debug log) messages (fd.o #90004,
Ralf Habacker)
• Clean up some memory leaks in test code (fd.o #90004, Ralf Habacker)
|
|
D-Bus 1.8.16 (2015-02-09)
==
The “poorly concealed wrestlers” release.
Security fixes:
• Do not allow non-uid-0 processes to send forged ActivationFailure
messages. On Linux systems with systemd activation, this would
allow a local denial of service: unprivileged processes could
flood the bus with these forged messages, winning the race with
the actual service activation and causing an error reply
to be sent back when service auto-activation was requested.
This does not prevent the real service from being started,
so it only works while the real service is not running.
(CVE-2015-0245, fd.o #88811; Simon McVittie)
Other fixes:
• fix a Windows build failure (fd.o #88009, Ralf Habacker)
• on Windows, allow up to 8K connections to the dbus-daemon instead of the
previous 64, completing a previous fix which only worked under
Autotools (fd.o #71297, Ralf Habacker)
|
|
D-Bus 1.8.14 (2015-01-05)
==
The “40lb of roofing nails” release.
Security hardening:
• Do not allow calls to UpdateActivationEnvironment from uids other than
the uid of the dbus-daemon. If a system service installs unsafe
security policy rules that allow arbitrary method calls
(such as CVE-2014-8148) then this prevents memory consumption and
possible privilege escalation via UpdateActivationEnvironment.
We believe that in practice, privilege escalation here is avoided
by dbus-daemon-launch-helper sanitizing its environment; but
it seems better to be safe.
• Do not allow calls to UpdateActivationEnvironment or the Stats interface
on object paths other than /org/freedesktop/DBus. Some system services
install unsafe security policy rules that allow arbitrary method calls
to any destination, method and interface with a specified object path;
while less bad than allowing arbitrary method calls, these security
policies are still harmful, since dbus-daemon normally offers the
same API on all object paths and other system services might behave
similarly.
Other fixes:
• Add missing initialization so GetExtendedTcpTable doesn't crash on
Windows Vista SP0 (fd.o #77008, Илья А. Ткаченко)
|
|
D-Bus 1.8.12 (2014-11-24)
==
The “days of fuchsia passed” release.
Fixes:
• Partially revert the CVE-2014-3639 patch by increasing the default
authentication timeout on the system bus from 5 seconds back to 30
seconds, since this has been reported to cause boot regressions for
some users, mostly with parallel boot (systemd) on slower hardware.
On fast systems where local users are considered particularly hostile,
administrators can return to the 5 second timeout (or any other value
in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
<busconfig>
<limit name="auth_timeout">5000</limit>
</busconfig>
(fd.o #86431, Simon McVittie)
• Add a message in syslog/the Journal when the auth_timeout is exceeded
(fd.o #86431, Simon McVittie)
• Send back an AccessDenied error if the addressed recipient is not allowed
to receive a message (and in builds with assertions enabled, don't
assert under the same conditions). (fd.o #86194, Jacek Bukarewicz)
|
|
The "tenants with a leaking roof get priority" release.
Security fixes:
* Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536
so that CVE-2014-3636 part A cannot exhaust the system bus'
file descriptors, completing the incomplete fix in 1.8.8.
(CVE-2014-7824, fd.o #85105; Simon McVittie, Alban Crequy)
|
|
D-Bus 1.8.8 (2014-09-16)
==
The "smashy smashy egg man" release.
Security fixes:
* Do not accept an extra fd in the padding of a cmsg message, which
could lead to a 4-byte heap buffer overrun.
(CVE-2014-3635, fd.o #83622; Simon McVittie)
* Reduce default for maximum Unix file descriptors passed per message
from 1024 to 16, preventing a uid with the default maximum number of
connections from exhausting the system bus' file descriptors under
Linux's default rlimit. Distributors or system administrators with a
more restrictive fd limit may wish to reduce these limits further.
Additionally, on Linux this prevents a second denial of service
in which the dbus-daemon can be made to exceed the maximum number
of fds per sendmsg() and disconnect the process that would have
received them.
(CVE-2014-3636, fd.o #82820; Alban Crequy)
* Disconnect connections that still have a fd pending unmarshalling after
a new configurable limit, pending_fd_timeout (defaulting to 150 seconds),
removing the possibility of creating an abusive connection that cannot be
disconnected by setting up a circular reference to a connection's
file descriptor.
(CVE-2014-3637, fd.o #80559; Alban Crequy)
* Reduce default for maximum pending replies per connection from 8192 to 128,
mitigating an algorithmic complexity denial-of-service attack
(CVE-2014-3638, fd.o #81053; Alban Crequy)
* Reduce default for authentication timeout on the system bus from
30 seconds to 5 seconds, avoiding denial of service by using up
all unauthenticated connection slots; and when all unauthenticated
connection slots are used up, make new connection attempts block
instead of disconnecting them.
(CVE-2014-3639, fd.o #80919; Alban Crequy)
Other fixes:
* Check for libsystemd from systemd >= 209, falling back to
the older separate libraries if not found (Umut Tezduyar Lindskog,
Simon McVittie)
* On Linux, use prctl() to disable core dumps from a test executable
that deliberately raises SIGSEGV to test dbus-daemon's handling
of that condition (fd.o #83772, Simon McVittie)
* Fix compilation with --enable-stats (fd.o #81043, Gentoo #507232;
Alban Crequy)
* Improve documentation for running tests on Windows (fd.o #41252,
Ralf Habacker)
|
|
bump PKGREVISION
|
|
D-Bus 1.8.6 (2014-06-02)
==
Security fixes:
• On Linux ≥ 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently drop
the message. This prevents an attack in which a malicious client can
make dbus-daemon disconnect a system service, which is a local
denial of service.
(fd.o #80163, CVE-2014-3532; Alban Crequy)
• Track remaining Unix file descriptors correctly when more than one
message in quick succession contains fds. This prevents another attack
in which a malicious client can make dbus-daemon disconnect a system
service.
(fd.o #79694, fd.o #80469, CVE-2014-3533; Alejandro Martínez Suárez,
Simon McVittie, Alban Crequy)
Other fixes:
• When dbus-launch --exit-with-session starts a dbus-daemon but then cannot
attach to a session, kill the dbus-daemon as intended
(fd.o #74698, Роман Донченко)
|
|
Accepted upstream as part of
https://bugs.freedesktop.org/show_bug.cgi?id=69702
|
|
|
|
|
|
D-Bus 1.8.4 (2014-06-10)
==
Security fix:
• Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service
flaw in dbus-daemon, part of the reference implementation of D-Bus.
Additionally, in highly unusual environments the same flaw could lead to
a side channel between processes that should not be able to communicate.
(CVE-2014-3477, fd.o #78979)
|
|
D-Bus 1.8.2 (2014-04-30)
==
The “nobody wants red” release.
Enhancements:
• in the CMake build system, add some hints for Linux users cross-compiling
Windows D-Bus binaries to be able to run tests under Wine
(fd.o #41252, Ralf Habacker)
• add Documentation key to dbus.service (fd.o #77447, Cameron Norman)
Fixes:
• in "dbus-uuidgen --ensure", try to copy systemd's /etc/machine-id
to /var/lib/dbus/machine-id instead of generating an entirely new ID
(fd.o #77941, Simon McVittie)
• if dbus-launch receives an X error very quickly, do not kill
unrelated processes (fd.o #74698, Роман Донченко)
• on Windows, allow up to 8K connections to the dbus-daemon, instead of the
previous 64 (fd.o #71297; Cristian Onet, Ralf Habacker)
• cope with \r\n newlines in regression tests, since on Windows,
dbus-daemon.exe uses text mode (fd.o #75863, Руслан Ижбулатов)
|
|
|
|
but on *BSD, only -1 means infinite.
|
|
|
|
D-Bus 1.8.0 (2014-01-20)
==
The “Wolverine distrusts my printer” release.
This starts a new stable branch. The 1.6.x branch is now considered to be
outdated, and will only receive fixes for serious bugs such as security
flaws. The 1.4.x and 1.2.x branches no longer have upstream support and
are unlikely to get any more releases, but if distributors still need to
support them, please share security patches via upstream.
Summary of changes since 1.6.x:
• libdbus always behaves as if dbus_threads_init_default() had been called
(thread-safety by default)
• new dbus-run-session tool, replacing certain misuses of dbus-launch
• dbus-monitor can talk to outdated versions of dbus-daemon again
• new org.freedesktop.DBus.GetConnectionCredentials method
• GetConnectionUnixProcessID also works correctly on Windows, returning
the Windows process ID
• GetConnectionWindowsSID returns the correct SID on Windows
• expat is required, libxml2 can no longer be used as a substitute
• the userDB cache is required, and cannot be disabled
• a 64-bit integer type (either int, long, long long or _int64) is required
• better systemd-journald integration on Linux
• fixed long-standing fd and array leaks when failing to parse a message
• fixed referenced-but-never-freed parent nodes (effectively memory leaks)
when using certain object-path allocation patterns, notably in Avahi
• better defaults for Windows support
• better CMake support
• better portability to mingw32, FreeBSD, NetBSD, QNX and Hurd
• the source language for the man pages is now Docbook XML
Enhancements since 1.7.10:
• Enhance the CMake build system to check for GLib and compile/run
a subset of the regression tests (fd.o #41252, #73495; Ralf Habacker)
Fixes since 1.7.10:
• don't rely on va_copy(), use DBUS_VA_COPY() wrapper (fd.o #72840,
Ralf Habacker)
• fix compilation of systemd journal support on older systemd versions where
sd-journal.h doesn't include syslog.h (fd.o #73455, Ralf Habacker)
• fix compilation on older MSVC versions by including stdlib.h
(fd.o #73455, Ralf Habacker)
• Allow <allow_anonymous/> to appear in an included configuration file
(fd.o #73475, Matt Hoosier)
Test behaviour changes since 1.7.10:
• If the tests crash with an assertion failure, they no longer default to
blocking for a debugger to be attached. Set DBUS_BLOCK_ON_ABORT in the
environment if you want the old behaviour.
• To improve debuggability, the dbus-daemon and dbus-daemon-eavesdrop tests
can be run with an external dbus-daemon by setting
DBUS_TEST_DAEMON_ADDRESS in the environment. Test-cases that require
an unusually-configured dbus-daemon are skipped.
D-Bus 1.7.10 (2014-01-06)
==
The “weighted companion cube” release.
This is a release candidate for D-Bus 1.8.
D-Bus Specification 0.23:
• don't require messages with no INTERFACE to be dispatched
(fd.o #68597, Simon McVittie)
• document "tcp:bind=..." and "nonce-tcp:bind=..." (fd.o #72301,
Chengwei Yang)
• define "listenable" and "connectable" addresses, and discuss
the difference (fd.o #61303, Simon McVittie)
Enhancements:
• support printing Unix file descriptors in dbus-send, dbus-monitor
(fd.o #70592, Robert Ancell)
• don't install systemd units if --disable-systemd is given
(fd.o #71818, Chengwei Yang)
Fixes:
• don't leak memory on out-of-memory while listing activatable or
active services (fd.o #71526, Radoslaw Pajak)
• fix undefined behaviour in a regression test (fd.o #69924, DreamNik)
• escape Unix socket addresses correctly (fd.o #46013, Chengwei Yang)
• on SELinux systems, don't assume that SECCLASS_DBUS, DBUS__ACQUIRE_SVC
and DBUS__SEND_MSG are numerically equal to their values in the
reference policy (fd.o #88719, osmond sun)
• define PROCESS_QUERY_LIMITED_INFORMATION if missing from MinGW < 4 headers
(fd.o #71366, Matt Fischer)
• define WIN32_LEAN_AND_MEAN to avoid conflicts between winsock.h and
winsock2.h (fd.o #71405, Matt Fischer)
• do not return failure from _dbus_read_nonce() with no error set,
preventing a potential crash (fd.o #72298, Chengwei Yang)
• on BSD systems, avoid some O(1)-per-process memory and fd leaks in kqueue,
preventing test failures (fd.o #69332, fd.o #72213; Chengwei Yang)
• fix warning spam on Hurd by not trying to set SO_REUSEADDR on Unix sockets,
which doesn't do anything anyway on at least Linux and FreeBSD
(fd.o #69492, Simon McVittie)
• fix use of TCP sockets on FreeBSD and Hurd by tolerating EINVAL from
sendmsg() with SCM_CREDS (retrying with plain send()), and looking
for credentials more correctly (fd.o #69492, Simon McVittie)
• ensure that tests run with a temporary XDG_RUNTIME_DIR to avoid
getting mixed up in XDG/systemd "user sessions" (fd.o #61301,
Simon McVittie)
• refresh cached policy rules for existing connections when bus
configuration changes (fd.o #39463, Chengwei Yang)
D-Bus 1.7.8 (2013-11-01)
==
The “extreme hills” release.
Dependencies:
• If systemd support is enabled, libsystemd-journal is now required.
Enhancements:
• When activating a non-systemd service under systemd, annotate its
stdout/stderr with its bus name in the Journal. Known limitation:
because the socket is opened before forking, the process will still be
logged as if it had dbus-daemon's process ID and user ID.
(fd.o #68559, Chengwei Yang)
• Document more configuration elements in dbus-daemon(1)
(fd.o #69125, Chengwei Yang)
Fixes:
• Don't leak string arrays or fds if dbus_message_iter_get_args_valist()
unpacks them and then encounters an error (fd.o #21259, Chengwei Yang)
• If compiled with libaudit, retain CAP_AUDIT_WRITE so we can write
disallowed method calls to the audit log, fixing a regression in 1.7.6
(fd.o #49062, Colin Walters)
• path_namespace='/' in match rules incorrectly matched nothing; it
now matches everything. (fd.o #70799, Simon McVittie)
D-Bus 1.7.6 (2013-10-09)
==
The “CSI Shrewsbury” release.
Build-time configuration changes:
• Directory change notification via dnotify on Linux is no longer
supported; it hadn't compiled successfully since 2010 in any case.
If you don't have inotify (Linux) or kqueue (*BSD), you will need
to send SIGHUP to the dbus-daemon when its configuration changes.
(fd.o #33001, Chengwei Yang)
• Compiling with --disable-userdb-cache is no longer supported;
it didn't work since at least 2008, and would lead to an extremely
slow dbus-daemon even it worked. (fd.o #15589, #17133, #66947;
Chengwei Yang)
• The DBUS_DISABLE_ASSERTS CMake option didn't actually disable most
assertions. It has been renamed to DBUS_DISABLE_ASSERT to be consistent
with the Autotools build system. (fd.o #66142, Chengwei Yang)
• --with-valgrind=auto enables Valgrind instrumentation if and only if
valgrind headers are available. The default is still --with-valgrind=no.
(fd.o #56925, Simon McVittie)
Dependencies:
• Platforms with no 64-bit integer type are no longer supported.
(fd.o #65429, Simon McVittie)
• GNU make is now (documented to be) required. (fd.o #48277, Simon McVittie)
• Full test coverage no longer requires dbus-glib, although the tests do not
exercise the shared library (only a static copy) if dbus-glib is missing.
(fd.o #68852, Simon McVittie)
Enhancements:
• D-Bus Specification 0.22
· Document GetAdtAuditSessionData() and
GetConnectionSELinuxSecurityContext() (fd.o #54445, Simon)
· Fix example .service file (fd.o #66481, Chengwei Yang)
· Don't claim D-Bus is "low-latency" (lower than what?), just
give factual statements about it supporting async use
(fd.o #65141, Justin Lee)
· Document the contents of .service files, and the fact that
system services' filenames are constrained
(fd.o #66608; Simon McVittie, Chengwei Yang)
• Be thread-safe by default on all platforms, even if
dbus_threads_init_default() has not been called. For compatibility with
older libdbus, library users should continue to call
dbus_threads_init_default(): it is harmless to do so.
(fd.o #54972, Simon McVittie)
• Add GetConnectionCredentials() method (fd.o #54445, Simon)
• New API: dbus_setenv(), a simple wrapper around setenv().
Note that this is not thread-safe. (fd.o #39196, Simon)
• Add dbus-send --peer=ADDRESS (connect to a given peer-to-peer connection,
like --address=ADDRESS in previous versions) and dbus-send --bus=ADDRESS
(connect to a given bus, like dbus-monitor --address=ADDRESS).
dbus-send --address still exists for backwards compatibility,
but is no longer documented. (fd.o #48816, Andrey Mazo)
• Windows-specific:
· "dbus-daemon --nofork" is allowed on Windows again. (fd.o #68852,
Simon McVittie)
Fixes:
• Avoid an infinite busy-loop if a signal interrupts waitpid()
(fd.o #68945, Simon McVittie)
• Clean up memory for parent nodes when objects are unexported
(fd.o #60176, Thomas Fitzsimmons)
• Make dbus_connection_set_route_peer_messages(x, FALSE) behave as
documented. Previously, it assumed its second parameter was TRUE.
(fd.o #69165, Chengwei Yang)
• Escape addresses containing non-ASCII characters correctly
(fd.o #53499, Chengwei Yang)
• Document <servicedir> search order correctly (fd.o #66994, Chengwei Yang)
• Don't crash on "dbus-send --session / x.y.z" which regressed in 1.7.4.
(fd.o #65923, Chengwei Yang)
• If malloc() returns NULL in _dbus_string_init() or similar, don't free
an invalid pointer if the string is later freed (fd.o #65959, Chengwei Yang)
• If malloc() returns NULL in dbus_set_error(), don't va_end() a va_list
that was never va_start()ed (fd.o #66300, Chengwei Yang)
• fix build failure with --enable-stats (fd.o #66004, Chengwei Yang)
• fix a regression test on platforms with strict alignment (fd.o #67279,
Colin Walters)
• Avoid calling function parameters "interface" since certain Windows headers
have a namespace-polluting macro of that name (fd.o #66493, Ivan Romanov)
• Assorted Doxygen fixes (fd.o #65755, Chengwei Yang)
• Various thread-safety improvements to static variables (fd.o #68610,
Simon McVittie)
• Make "make -j check" work (fd.o #68852, Simon McVittie)
• Fix a NULL pointer dereference on an unlikely error path
(fd.o #69327, Sviatoslav Chagaev)
• Improve valgrind memory pool tracking (fd.o #69326,
Sviatoslav Chagaev)
• Don't over-allocate memory in dbus-monitor (fd.o #69329,
Sviatoslav Chagaev)
• dbus-monitor can monitor dbus-daemon < 1.5.6 again
(fd.o #66107, Chengwei Yang)
• Unix-specific:
· If accept4() fails with EINVAL, as it can on older Linux kernels
with newer glibc, try accept() instead of going into a busy-loop.
(fd.o #69026, Chengwei Yang)
· If socket() or socketpair() fails with EINVAL or EPROTOTYPE,
for instance on Hurd or older Linux with a new glibc, try without
SOCK_CLOEXEC. (fd.o #69073; Pino Toscano, Chengwei Yang)
· Fix a file descriptor leak on an error code path.
(fd.o #69182, Sviatoslav Chagaev)
· dbus-run-session: clear some unwanted environment variables
(fd.o #39196, Simon)
· dbus-run-session: compile on FreeBSD (fd.o #66197, Chengwei Yang)
· Don't fail the autolaunch test if there is no DISPLAY (fd.o #40352, Simon)
· Use dbus-launch from the builddir for testing, not the installed copy
(fd.o #37849, Chengwei Yang)
· Fix compilation if writev() is unavailable (fd.o #69409,
Vasiliy Balyasnyy)
· Remove broken support for LOCAL_CREDS credentials passing, and
document where each credential-passing scheme is used (fd.o #60340,
Simon McVittie)
· Make autogen.sh work on *BSD by not assuming GNU coreutils functionality
(fd.o #35881, #69787; Chengwei Yang)
· dbus-monitor: be portable to NetBSD (fd.o #69842, Chengwei Yang)
· dbus-launch: stop using non-portable asprintf (fd.o #37849, Simon)
· Improve error reporting from the setuid activation helper (fd.o #66728,
Chengwei Yang)
• Windows-specific:
· Remove unavailable command-line options from 'dbus-daemon --help'
(fd.o #42441, Ralf Habacker)
· Add support for looking up local TCPv4 clients' credentials on
Windows XP via the undocumented AllocateAndGetTcpExTableFromStack
function (fd.o #66060, Ralf Habacker)
· Fix insufficient dependency-tracking (fd.o #68505, Simon McVittie)
· Don't include wspiapi.h, fixing a compiler warning (fd.o #68852,
Simon McVittie)
• Internal changes:
· add DBUS_ENABLE_ASSERT, DBUS_ENABLE_CHECKS for less confusing
conditionals (fd.o #66142, Chengwei Yang)
· improve verbose-mode output (fd.o #63047, Colin Walters)
· consolidate Autotools and CMake build (fd.o #64875, Ralf Habacker)
· fix various unused variables, unusual build configurations
etc. (fd.o #65712, #65990, #66005, #66257, #69165, #69410, #70218;
Chengwei Yang, Vasiliy Balyasnyy)
D-Bus 1.7.4 (2013-06-13)
==
The “but is your thread-safety thread-safe?” release.
Security fixes:
• CVE-2013-2168: Fix misuse of va_list that could be used as a denial
of service for system services. Vulnerability reported by Alexandru Cornea.
(Simon)
Dependencies:
• The Windows version of libdbus now contains a C++ source file, used
to provide global initialization when the library is loaded.
gcc (mingw*) users should ensure that g++ is also installed.
• The libxml2-based configuration reader (which hasn't worked for 2.5 years,
and was never the recommended option) has been removed. Expat is now a
hard dependency.
Enhancements:
• It should now be safe to call dbus_threads_init_default() from any thread,
at any time. Authors of loadable modules and plugins that use libdbus
should consider doing so during initialization.
(fd.o #54972, Simon McVittie)
• Improve dbus-send documentation and command-line parsing (fd.o #65424,
Chengwei Yang)
Unix-specific:
· dbus-run-session: experimental new tool to start a temporary D-Bus
session, e.g. for regression tests or a text console, replacing
certain uses of dbus-launch which weren't really correct
(fd.o #39196, Simon)
Other fixes:
• In dbus-daemon, don't crash if a .service file starts with key=value
(fd.o #60853, Chengwei Yang)
• Unix-specific:
· Fix a crash similar to CVE-2013-2168 the first time we try to use syslog
on a platform not defining LOG_PERROR, such as Solaris or QNX.
This regressed in 1.7.0. (Simon)
· Fix an assertion failure if we try to activate systemd services before
systemd connects to the bus (fd.o #50199, Chengwei Yang)
· Avoid compiler warnings for ignoring the return from write()
(Chengwei Yang)
• Windows-specific:
· Under cmake, install runtime libraries (DLLs) into bin/ instead of lib/
so that Windows finds them (fd.o #59733, Ralf Habacker)
D-Bus 1.7.2 (2013-04-25)
==
The “only partially opaque” release.
Configuration changes:
• On non-QNX Unix platforms, the default limit on fds per message in the
session bus configuration has reduced from 4096 to 1024. The default
limit used on the system bus was already 1024. On QNX, both limits are
reduced further, to 128.
Enhancements:
• D-Bus Specification 0.21
· Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF,
U+FDD0..U+FDEF are allowed in UTF-8 strings again. (fd.o #63072,
Simon McVittie)
Fixes:
• Diagnose incorrect use of dbus_connection_get_data() with negative slot
(i.e. before allocating the slot) rather than returning junk
(fd.o #63127, Dan Williams)
• Fix a cmake build regression since 1.7.0 (fd.o #63682; Ralf Habacker,
Simon McVittie)
• Unix-specific:
· On Linux, link successfully with glibc 2.17 (fd.o #63166, Simon McVittie)
· Under systemd, log to syslog only, not stderr, avoiding duplication
(fd.o #61399, #39987; Colin Walters, Dagobert Michelsen)
· Under systemd, remove unnecessary dependency on syslog.socket
(fd.o #63531, Cristian Rodríguez)
· Include alloca.h for alloca() if available, fixing compilation on
Solaris 10 (fd.o #63071, Dagobert Michelsen)
· Allow use of systemd-logind without the rest of systemd
(fd.o #62585, Martin Pitt)
· When built with CMake, link to librt and use the right path for
meinproc's XSLT stylesheets (fd.o #61637, Ralf Habacker)
· Reduce the default limit on number of fds per message to 128 under
QNX, working around an arbitrary OS limit (fd.o #61176, Matt Fischer)
• Windows-specific:
· Do not claim that all bus clients have the dbus-daemon's credentials;
pick up local TCPv4 clients' credentials (process ID and security
identifier, i.e. user) using GetExtendedTcpTable() (fd.o #61787,
Ralf Habacker)
D-Bus 1.7.0 (2013-02-22)
==
The "Disingenuous Assertions" release.
This is a new development release, starting the 1.7.x branch. D-Bus 1.6
remains the recommended version for long-term-supported distributions
or the upcoming GNOME 3.8 release.
Build-time configuration changes:
• The --with-dbus-session-bus-default-address configure option is no longer
supported. Use the new --with-dbus-session-bus-connect-address and
--with-dbus-session-bus-listen-address options instead. On Windows, you
usually want them to have the same argument; on Unix, the defaults are
usually correct.
• Similarly, the DBUS_SESSION_BUS_DEFAULT_ADDRESS CMake variable is no longer
supported; use the new DBUS_SESSION_BUS_LISTEN_ADDRESS and
DBUS_SESSION_BUS_CONNECT_ADDRESS variables instead.
• cmake/cross-compile.sh has been removed. Instead, please use a
cross-toolchain file (-DCMAKE_TOOLCHAIN_FILE) as documented at
<http://www.vtk.org/Wiki/CMake_Cross_Compiling>; or use Autotools
as documented in "info automake Cross-Compilation", and set
PKG_CONFIG_PATH appropriately.
Requirements:
• Man pages now require xmlto (or either xmlto or meinproc, if using CMake).
• man2html is no longer used.
Enhancements:
• D-Bus Specification 0.20
· actually say that /org/freedesktop/DBus is the object that
implements o.fd.DBus (fd.o #51865, Colin Walters)
· various reorganisation for better clarity (fd.o #38252, Simon McVittie)
· stop claiming that all basic types work just like INT32 (strings don't!)
• The "source code" for the man pages is now Docbook XML, eliminating
the outdated duplicate copies used when building with CMake.
(fd.o #59805; Ralf Habacker, Simon McVittie)
Fixes:
• In the activation helper, when compiled for tests, do not reset the system
bus address, fixing the regression tests. (fd.o #52202, Simon)
• Fix building with Valgrind 3.8, at the cost of causing harmless warnings
with Valgrind 3.6 on some compilers (fd.o #55932, Arun Raghavan)
• Merge <servicehelper> from system-local.conf if necessary (fd.o #51560,
Krzysztof Konopko)
• Under CMake, prefer xmlto over meinproc (fd.o #59733, Ralf Habacker)
• Stop duplicating CMake's own logic to find libexpat
(fd.o #59733, Ralf Habacker)
• Don't assume CMake host and build system are the same (fd.o #59733,
Ralf Habacker)
• Avoid deprecation warnings for GLib 2.35 (fd.o #59971, Simon McVittie)
• Unix-specific:
· Check for functions in libpthread correctly, fixing compilation on
(at least) OpenBSD (fd.o #47239, Simon)
· Don't leak temporary fds pointing to /dev/null (fd.o #56927,
Michel HERMIER)
· Update sd-daemon.[ch] from systemd (fd.o #60681)
· Add partial support for QNX (fd.o #60339, fd.o #61176; Matt Fischer)
• Windows-specific:
· The default session bus listening and connecting address is now
"autolaunch:", which makes D-Bus on Windows interoperate with itself
and GDBus "out of the box". Use the configure options and cmake variables
described above if you require a different autolaunch scope.
(fd.o #38201, Simon McVittie)
· Avoid a CMake warning under Cygwin (fd.o #59401, Ralf Habacker)
• Create session.d, system.d directories under CMake (fd.o #41319,
Ralf Habacker)
|
|
D-Bus 1.6.18 (2013-11-01)
==
The “sunflower plains” release.
Fixes:
• path_namespace='/' in match rules incorrectly matched nothing; it
now matches everything. (fd.o #70799, Simon McVittie)
|
|
D-Bus 1.6.16 (2013-10-08)
==
The “Fortify Agility” release.
Fixes:
• Make dbus_connection_set_route_peer_messages(x, FALSE) behave as
documented. Previously, it assumed its second parameter was TRUE.
(fd.o #69165, Chengwei Yang)
• Fix a NULL pointer dereference on an unlikely error path
(fd.o #69327, Sviatoslav Chagaev)
• Unix-specific:
· If accept4() fails with EINVAL, as it can on older Linux kernels
with newer glibc, try accept() instead of going into a busy-loop.
(fd.o #69026, Chengwei Yang)
· If socket() or socketpair() fails with EINVAL or EPROTOTYPE,
for instance on Hurd or older Linux with a new glibc, try without
SOCK_CLOEXEC. (fd.o #69073; Pino Toscano, Chengwei Yang)
· Fix a file descriptor leak on an error code path.
(fd.o #69182, Sviatoslav Chagaev)
· Fix compilation if writev() is unavailable (fd.o #69409,
Vasiliy Balyasnyy)
|
|
D-Bus 1.6.14 (2013-09-05)
==
The “Restore Fatigue” release.
Fixes:
• Avoid an infinite busy-loop if a signal interrupts waitpid()
(fd.o #68945, Simon McVittie)
• Escape addresses containing non-ASCII characters correctly
(fd.o #53499, Chengwei Yang)
• If malloc() returns NULL in _dbus_string_init() or similar, don't free
an invalid pointer if the string is later freed (fd.o #65959, Chengwei Yang)
• If malloc() returns NULL in dbus_set_error(), don't va_end() a va_list
that was never va_start()ed (fd.o #66300, Chengwei Yang)
• Fix a regression test on platforms with strict alignment (fd.o #67279,
Colin Walters)
• Avoid calling function parameters "interface" since certain Windows headers
have a namespace-polluting macro of that name (fd.o #66493, Ivan Romanov)
• Make "make -j check" work (fd.o #68852, Simon McVittie)
|
|
D-Bus 1.6.12 (2013-06-13)
==
Fixes:
• CVE-2013-2168: Fix misuse of va_list that could be used as a denial
of service for system services. Vulnerability reported by Alexandru Cornea.
(Simon)
• In dbus-daemon, don't crash if a .service file starts with key=value
(fd.o #60853, Chengwei Yang)
• Unix-specific:
· Fix an assertion failure if we try to activate systemd services before
systemd connects to the bus (fd.o #50199, Chengwei Yang)
· Avoid compiler warnings for ignoring the return from write()
(Chengwei Yang)
|
|
D-Bus 1.6.10 (2013-04-24)
==
The “little-known facts about bananas” release.
• Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF,
U+FDD0..U+FDEF are allowed in UTF-8 strings again.
(fd.o #63072, Simon McVittie)
• Diagnose incorrect use of dbus_connection_get_data() with negative slot
(i.e. before allocating the slot) rather than returning junk
(fd.o #63127, Dan Williams)
• In the activation helper, when compiled for tests, do not reset the system
bus address, fixing the regression tests. (fd.o #52202, Simon)
• Fix building with Valgrind 3.8, at the cost of causing harmless warnings
with Valgrind 3.6 on some compilers (fd.o #55932, Arun Raghavan)
• Don't leak temporary fds pointing to /dev/null (fd.o #56927, Michel HERMIER)
• Create session.d, system.d directories under CMake (fd.o #41319,
Ralf Habacker)
• Unix-specific:
· Include alloca.h for alloca() if available, fixing compilation on
Solaris 10 (fd.o #63071, Dagobert Michelsen)
|
|
D-Bus 1.6.8 (2012-09-28)
==
The "Fix one thing, break another" release.
• Follow up to CVE-2012-3524: The additional hardening
work to use __secure_getenv() as a followup to bug #52202
broke certain configurations of gnome-keyring. Given
the difficulty of making this work without extensive
changes to gnome-keyring, use of __secure_getenv() is
deferred.
D-Bus 1.6.6 (2012-09-28)
==
The "Clear the environment in your setuid binaries, please" release.
• CVE-2012-3524: Don't access environment variables (fd.o #52202)
Thanks to work and input from Colin Walters, Simon McVittie,
Geoffrey Thomas, and others.
• Unix-specific:
· Fix compilation on Solaris (fd.o #53286, Jonathan Perkin)
· Work around interdependent headers on OpenBSD by including sys/types.h
before each use of sys/socket.h (fd.o #54418, Brad Smith)
|
|
it is less than -1 to avoid kde4 session start hang
From: Sverre Froyen
Bump PKGREVISION
|
|
|
|
this is a step of two major branches, to much to list here
pkgsrc notes:
-I've left out our NETBSD_ATOMIC_OPS patch because it is very invasive
and gcc intrinsics are hopefully good enough
-A workaround for non-standard behavior of vsnprintf has been added
upstream, for HPUX as the comment says. We had a patch for __hpux||__sgi
which is removed now - the sgi case should be checked.
|
|
|
|
http://cgit.freedesktop.org/dbus/dbus/commit/?h=dbus-1.2&id=6519a1f77c61d753d4c97efd6e15630eb275336e
|
|
from the "dbus" GIT repository.
|
|
don't pass -no-pointer-sign to compiler that does not support it (gcc34)
|
|
changes: fix CVE-2009-1189 (flaw in signature validation due to
incomplete fix for CVE-2008-3834)
|
|
Pkgsrc changes:
o Modify one of the patches with a patch reported as part of
PR#40347 to make this package build on NetBSD 4.0 and probably
earlier versions as well. Many thanks to Hasso Tepper for the
patch.
|
|
This addresses the security problem CVE-2008-4311. For more
details, read
http://lists.freedesktop.org/archives/dbus/2008-December/010769.html
|
|
FreeBSD ports. Bump PKGREVISION.
|
|
and STOP BREAKING DBUS.
|
|
Noted by jmcneill.
Bump PKGREVISION.
|
|
in /var/folders/xx/...+++... via the TMPDIR environment and cheerfully
installs it in /usr/pkg/etc/dbus-1/session.conf meaning that only the
user who installed the package will be able to write to that directory...
except that dbus rejects directories with "+"'s in the filename so it
won't work anyway. use configure --with-session-socket-dir=/tmp
to work around this. found a description of this issue here:
http://wiki.gnucash.org/wiki/MacOSX/Quartz in the
"Running from the commandline" section.
dbus also cannot cope with $DISPLAY containing "/" chars (like in
darwin ... /tmp/launch-kcvznx/:0 ) so get rid of the ":" as described
here:
https://trac.macports.org/attachment/ticket/16833/patch-dbus-launch-x11.c.diff
|
|
- Security fix for CVE-2008-3834
- A small number of compilation and portability fixes
|
|
* Change "${VARBASE}/lib/dbus" to "${VARBASE}/db/dbus".
* Create "${VARBASE}/db/dbus" with OWN_DIRS_PERMS at install time.
* Generate "${VARBASE}/db/dbus/machine-id" file at install time.
* Install dbus-daemon-launch-helper with mode 04550 instead of 04750.
It solves start gimp successfully without running dbus-daemon as before.
Bump PKGREVISION.
|
|
|
