SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for dbus-1-devel-32bit-1.10.20-287.1.x86_64.rpm :
Fri Jul 7 14:00:00 2017 sfleesAATTsuse.de
- No need to set --libdir anymore now that prefix is /usr/bin,

* fixes boo#1047532
- No need to set --bindir, bindir in dbus-1-x11 was incorrect
- Other fixes required to properly change prefix
- Don\'t pass --with-initscripts we don\'t use them anymore.

Fri Jun 30 14:00:00 2017 sfleesAATTsuse.de
- Update to 1.10.20

* Fixes:
+ Fix a reference leak when blocking on a pending call on a
connection that has been disconnected (fdo#101481, Shin-ichi
MORITA)
+ Don\'t put timestamps in the Doxygen-generated documentation,
for closer-to-reproducible builds (fdo#100692, Simon
McVittie)
+ Avoid an assertion failure when connecting to a
semicolon-separated series of addresses, one of which fails
(fdo#101257, Simon McVittie)

* Documentation:
+ Update git URIs in HACKING document to sync up with
cgit.freedesktop.org (fdo#100715, Simon McVittie)

Tue Jun 13 14:00:00 2017 sfleesAATTsuse.de
- swap to /usr/bin bsc#1029968
- Add the following fixes from SLE12

* bsc#980928 increase listen() backlog of AF_UNIX sockets to
SOMAXCONN fix-upstream-increase-backlog.patch
- The following bugs were already fixed but are missing changelog
entries

* bsc#867256 (No longer applicable)

* bsc#916785 (No longer applicable)

* bsc#1012564 (Not applicable)

* fdo#90004 (Fixed Upstream)
- Rename the following patches as a tidy up

* dbus-log-deny.patch to feature-suse-log-deny.patch

* dbus-do-autolaunch.patch feature-suse-do-autolaunch.patch

* 0001-Add-RefuseManualStartStop.patch to
feature-suse-refuse-manual-start-stop.patch

* 0001-Drop-Install-sections-from-user-services.patch to
fix-upstream-drop-install-sections-from-user-services.patch

Fri Apr 7 14:00:00 2017 fstrbaAATTsuse.com
- Update to 1.10.18

* Fixes
+ Re-order dbus-daemon startup so that on SELinux systems, the
thread that reads AVC notifications retains the ability to
write to the audit log (fdo#92832, Debian #857660; Laurent
Bigonville)
+ Fix a harmless read overflow and some memory leaks in a unit
test (fdo#100568, Philip Withnall)

Wed Mar 1 13:00:00 2017 sfleesAATTsuse.de
- Update to 1.10.16
Fixes:

* Prevent symlink attacks in the nonce-tcp transport on Unix that could
allow an attacker to overwrite a file named \"nonce\", in a directory
that the user running dbus-daemon can write, with a random value
known only to the user running dbus-daemon. This is unlikely to be
exploitable in practice, particularly since the nonce-tcp transport
is really only useful on Windows.
(fd.o #99828, Simon McVittie) (bsc#1025950)

* Avoid symlink attacks in the \"embedded tests\", which are not enabled
by default and should never be enabled in production builds of dbus.
(fd.o #99828, Simon McVittie) (bsc#1025951)

* Work around an undesired effect of the fix for CVE-2014-3637
(fd.o #80559), in which processes that frequently send fds, such as
logind during a flood of new PAM sessions, can get disconnected for
continuously having at least one fd \"in flight\" for too long;
dbus-daemon interprets that as a potential denial of service attack.
The workaround is to disable that check for uid 0 process such as
logind, with a message in the system log. The bug remains open while
we look for a more general solution.
(fd.o #95263, LP#1591411; Simon McVittie)

* Don\'t run the test test-dbus-launch-x11.sh if X11 autolaunching
was disabled at compile time. That test is not expected to work
in that configuration. (fd.o #98665, Simon McVittie)
Enhancements:

* Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian
stable and Debian testing in addition to the older Ubuntu that is
the default (fd.o #98889, Simon McVittie)

Thu Feb 2 13:00:00 2017 sfleesAATTsuse.de
- A note for scripts bsc#974092 (remove sysvinit script) is already
fixed here.

Wed Jan 25 13:00:00 2017 sfleesAATTsuse.de
- Don\'t restart dbus on upgrade - Includes temporary work around
for last version boo#1020301
- Add 0001-Add-RefuseManualStartStop.patch don\'t allow users to Manually
start or stop dbus.

Mon Jan 9 13:00:00 2017 marius.kittlerAATTsuse.com
- Add systemd unit files to start session bus via systemd
- Added patch:

* 0001-Drop-Install-sections-from-user-services.patch
+ remove install section from socket unit because it does not
need to be enabled explicitly (see fdo#92402)

Fri Dec 9 13:00:00 2016 fstrbaAATTsuse.com
- Requires systemd >= 209 and drop the compatibility pkg-config
names that don\'t exist in newer systemd

Thu Dec 8 13:00:00 2016 jengelhAATTinai.de
- Drop useless --with-pic which is only for static libs
- Abort installation when user/group creation fails
- Avoid calling %service_
* more than once

Tue Dec 6 13:00:00 2016 fstrbaAATTsuse.com
- Build the dbus-1 package without X in the dbus-1.spec
- Move the dbus-launch.nox11 to the dbus-1 package and install
it by default
- Build devel-doc package in dbus-1.spec and don\'t build any
documentation in dbus-1-x11
- Make dbus-1-x11 package contains only the X11-enabled dbus-launch
- Fix some rpmlint warnings
- Delete the dbus-1-x11.spec.in file, since maintaining it is
more complicated then keeping in sync a dbus-1-x11.spec file of
less then 120 lines

Mon Nov 21 13:00:00 2016 kukukAATTsuse.de
- Create new subpackage: dbus-1-nox11
- contains dbus-launch without x11 support
- Rename dbus-launch to dbus-launch.x11
- use update-alternatives to switch between dbus-launch with and
without X11
- Solves [bnc#934214]

Tue Oct 11 14:00:00 2016 fstrbaAATTsuse.com
- Update to 1.10.12

* Security fixes:
+ Do not treat ActivationFailure message received from
root-owned systemd name as a format string. In principle this
is a security vulnerability, but we do not believe it is
exploitable in practice, because only privileged processes can
own the org.freedesktop.systemd1 bus name, and systemd does
not appear to send activation failures that contain \"%\".
Please note that this probably
*was
* exploitable in dbus
versions older than 1.6.30, 1.8.16 and 1.9.10 due to a missing
check which at the time was only thought to be a denial of
service vulnerability (CVE-2015-0245). If you are still
running one of those versions, patch or upgrade immediately.
(fdo#98157, bsc#1003898, Simon McVittie)

* Other fixes:
+ Harden dbus-daemon against malicious or incorrect
ActivationFailure messages by rejecting them if they do not
come from a privileged process, or if systemd activation is
not enabled (fdo#98157, Simon McVittie)
+ Avoid undefined behaviour when setting reply serial number
without going via union DBusBasicValue (fdo#98035, Marc Mutz)
+ autogen.sh: fail cleanly if autoconf fails (Simon McVittie)

Tue Sep 13 14:00:00 2016 mvidnerAATTsuse.com
- Moved dbus-run-session from dbus-1-x11 to dbus-1 (bdo#836296)

Mon Aug 22 14:00:00 2016 fstrbaAATTsuse.com
- Update to 1.10.10

* Fixes:
+ On Linux, when dbus-daemon is run with reduced susceptibility
to the OOM killer (typically via systemd), do not let child
processes inherit that setting (fdo#32851;
Kimmo Hämäläinen, WaLyong Cho)
+ Output valid shell syntax in ~/.dbus/session-bus/ if the bus
address contains a semicolon (fdo#94746, Thiago Macieira)
+ Fix memory leaks and thread safety in subprocess starting on
Windows (fdo#95191, Ralf Habacker)
+ Do not require systemd to have a service file if using it for
activation (fdo#93194; Simon McVittie; backport from 1.11.0)
+ Stop test-dbus-daemon incorrectly failing on platforms that
cannot discover the process ID of clients (fdo#96653,
Руслан Ижбулатов)
+ In tests that exercise correct handling of crashing D-Bus
services, suppress Windows crash handler (fdo#95155;
Yiyang Fei, Ralf Habacker)
+ Explicitly check for stdint.h (Ioan-Adrian Ratiu)
+ update-activation-environment: produce better diagnostics on
error (fdo#96653, Simon McVittie)
+ Don\'t fail the build with an unused const variable warning
under gcc 6 (fdo#97282; Thomas Zimmermann, Simon McVittie)
+ Merge dbus-1.10-ci branch, containing backports from 1.11.0
in build/test code to support continuous integration
(fdo#93194, Simon McVittie)
- Avoid -Wunused-label when compiling with libselinux but no
libaudit
- In development builds, allow OOM tests to be disabled as
documented
- Accept and ignore the --tap argument in all \"embedded
tests\", and run all automated tests with that argument for
better diagnostics
- Fix the systemd activation test under CMake by installing
the required files
- In Automake, fix shell syntax for installcheck-local with
no DESTDIR
- In Automake, don\'t try to run manual tests in installcheck
- In CMake, don\'t run manual-tcp test as an automated test
- Add travis-ci.org build machinery

Mon Mar 14 13:00:00 2016 fstrbaAATTsuse.com
- Update to 1.10.8

* Fixes:
+ Enable \"large file support\" on systems where it exists:
dbus-daemon is not expected to open large files, but it might
need to stat files that happen to have large inode numbers
(fdo#93545, Hongxu Jia)
+ Eliminate padding inside DBusMessageIter on 64-bit platforms,
which might result in a pedantic C compiler not copying the
entire contents of a DBusMessageIter; statically assert that
this is not an ABI change in practice (fdo#94136, Simon
McVittie)
+ Document dbus-test-tool echo --sleep-ms=N instead of
incorrect --sleep=N (fdo#94244, Dmitri Iouchtchenko)
+ Correctly report test failures in C tests from run-test.sh
(fdo#93379; amit tewari, Simon McVittie)
+ When tests are enabled, run all the marshal-validate tests,
not just the even-numbered ones (fdo#93908, Nick Lewycky)
+ Correct the expected error from one marshal-validate test,
which was previously not run due to the above bug(fdo#93908,
Simon McVittie)

Thu Dec 3 13:00:00 2015 fstrbaAATTsuse.com
- Update to 1.10.6

* Fixes:
- On Unix when running tests as root, don\'t assert that root
and the dbus-daemon user can still call
UpdateActivationEnvironment; assert that those privileged
users can call BecomeMonitor instead (fdo#93036, Simon
McVittie)
- On Windows, fix a memory leak in the autolaunch transport
(fdo#92899, Simon McVittie)
- On Windows Autotools builds, don\'t run tests that rely on
dbus-run-session and other Unix-specifics (fdo#92899, Simon
McVittie)

Thu Nov 26 13:00:00 2015 fstrbaAATTsuse.com
- Update to 1.10.4

* Changes between 1.10.2 and 1.10.4
- Enhancements:
+ GetConnectionCredentials, GetConnectionUnixUser and
GetConnectionUnixProcessID with argument
\"org.freedesktop.DBus\" will now return details of the
dbus-daemon itself. This is required to be able to call
SetEnvironment on systemd. (fdo#92857, Jan Alexander
Steffens)
- Fixes:
+ Make UpdateActivationEnvironment always fail with
AccessDenied on the system bus. Previously, it was
possible to configure it so root could call it, but the
environment variables were not actually used, because the
launch helper would discard them. (fdo#92857, Jan Alexander
Steffens)
+ On Unix with --systemd-activation on a user bus, make
UpdateActivationEnvironment pass on its arguments to
systemd\'s SetEnvironment method, solving inconsistency
between the environments used for traditional activation
and systemd user-service activation. (fdo#92857, Jan
Alexander Steffens)
+ On Windows, don\'t crash if or --syslog is used
(fdo#92538, Ralf Habacker)
+ On Windows, fix a memory leak when setting a DBusError from
a Windows error (fdo#92721, Ralf Habacker)
+ On Windows, don\'t go into infinite recursion if we abort the
process with backtraces enabled (fdo#92721, Ralf Habacker)
+ Fix various failing tests, variously on Windows and
cross-platform:
. don\'t test system.conf features (users, groups) that only
make sense on the system bus, which is not supported on
Windows
. don\'t call _dbus_warn() when we skip a test, since it is
fatal
. fix computation of expected
. when running TAP tests, translate newlines to Unix format,
fixing cross-compiled tests under Wine on Linux
. don\'t stress-test refcounting under Wine, where it\'s
really slow
. stop assuming that a message looped-back to the test will
be received immediately
. skip some system bus tests on Windows since they make no
sense there (fdo#92538, fdo#92721; Ralf Habacker, Simon
McVittie)

* Changes between 1.10.0 and 1.10.2
- Fixes:
+ Correct error handling for activation: if there are multiple
attempts to activate the same service and it fails
immediately, the first attempt would get the correct reply,
but the rest would time out. We now send the same error
reply to each attempt. (fdo#92200, Simon McVittie)
+ If BecomeMonitor is called with a syntactically invalid
match rule, don\'t crash with an assertion failure, fixing a
regression in 1.9.10. This was not exploitable as a denial
of service, because the check for a privileged user is done
first. (fdo#92298, Simon McVittie)
+ On Linux with --enable-user-session, add the bus address to
the environment of systemd services for better backwards
compatibility (fdo#92612, Jan Alexander Steffens)
+ On Windows, fix the logic for replacing the installation
prefix in service files\' Exec lines (fdo#83539; Milan Crha,
Simon McVittie)
+ On Windows, if installed in the conventional layout with
${prefix}/etc and ${prefix}/share, use relative paths
between bus configuration files to allow the tree to be
relocated (fdo#92028, Simon McVittie)
+ Make more of the regression tests pass in Windows builds
(fdo#92538, Simon McVittie)

* Summary of major changes since 1.8.0:
- The basic setup for the well-known system and session buses is
now done in read-only files in ${datadir} (normally /usr/share).
- AppArmor integration has been merged, with features similar to
the pre-existing SELinux integration. It is mostly compatible
with the patches previously shipped by Ubuntu, with one
significant change: Ubuntu\'s GetConnectionAppArmorSecurityContext
method has been superseded by GetConnectionCredentials and was
not included.
- The --enable-user-session configure option can be enabled
by OS integrators intending to use systemd to provide a
session bus per user (in effect, treating all concurrent
graphical and non-graphical login sessions as one large session).
- The new listenable address mode \"unix:runtime=yes\" listens on
$XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the
systemd user session. libdbus and \"dbus-launch --autolaunch\"
will connect to this address by default. GLib >= 2.45.3 and
sd-bus >= 209 have a matching default.
- All executables are now dynamically linked to libdbus-1.
Previously, some executables, most notably dbus-daemon, were
statically linked to a specially-compiled variant of libdbus.
This results in various private functions in the _dbus
namespace being exposed by the shared library. These are not
API, and must not be used outside the dbus source tree.
- On platforms with ELF symbol versioning, all public symbols
are versioned LIBDBUS_1_3.

* New bus APIs:
- org.freedesktop.DBus.GetConnectionCredentials returns
LinuxSecurityLabel where supported
- org.freedesktop.DBus.Monitoring interface (privileged)
. BecomeMonitor method supersedes match rules with eavesdrop=true,
which are now deprecated
- org.freedesktop.DBus.Stats interface (semi-privileged)
. now enabled by default
. new GetAllMatchRules method
- org.freedesktop.DBus.Verbose interface (not normally compiled)
. toggles the effect of DBUS_VERBOSE

* New executables:
- dbus-test-tool
- dbus-update-activation-environment

* New optional dependencies:
- The systemd: pseudo-transport requires libsystemd or libsd-daemon
- Complete documentation requires Ducktype and yelp-tools
- Full test coverage requires GLib 2.36 and PyGI
- AppArmor integration requires libapparmor and optionally libaudit

* Dependencies removed:
- dbus-glib

Tue Nov 17 13:00:00 2015 fstrbaAATTsuse.com
- Update to 1.8.20:

* Fixes:
- Fix a memory leak when GetConnectionCredentials() succeeds
(fdo#91008, Jacek Bukarewicz)
- Ensure that dbus-monitor does not reply to messages intended
for others (fdo#90952, Simon McVittie)

Wed Sep 16 14:00:00 2015 fstrbaAATTsuse.com
- Account for openSUSE:Leap in the conditional for chosing right
local state directories (boo#941352)

Wed May 27 14:00:00 2015 hrvoje.senjanAATTgmail.com
- Move common-begin sections around to make pre_checkin work again
- Unconditionally build with systemd features, there are no cycles
now, systemd no longer buildrequires dbus-1-devel

Mon May 18 14:00:00 2015 fstrbaAATTsuse.com
- Update to 1.8.18:

* Security hardening:
- On Unix platforms, change the default configuration for the
session bus to only allow EXTERNAL authentication (secure
kernel-mediated credentials-passing), as was already done for
the system bus.
This avoids falling back to DBUS_COOKIE_SHA1, which relies on
strongly unpredictable pseudo-random numbers; under certain
circumstances (/dev/urandom unreadable or malloc() returns
NULL), dbus could fall back to using rand(), which does not
have the desired unpredictability. The fallback to rand() has
not been changed in this stable-branch since the necessary
code changes for correct error-handling are rather intrusive.
If you are using D-Bus over the (unencrypted!) tcp: or
nonce-tcp: transport, in conjunction with DBUS_COOKIE_SHA1
and a shared home directory using NFS or similar, you will
need to reconfigure the session bus to accept DBUS_COOKIE_SHA1
by commenting out the element. This configuration is
not recommended. (bsc#931066, fdo#90414, Simon McVittie)

* Other fixes:
- Add locking to DBusCounter\'s reference count and notify
function (fdo#89297, Adrian Szyndela)
- Ensure that DBusTransport\'s reference count is protected by
the corresponding DBusConnection\'s lock (fdo#90312,
Adrian Szyndela)
- On Windows, listen on the same port for IPv4 and IPv6
(previously broken by an endianness mistake), and fix a
failure to bind TCP sockets on approximately 1 attempt in 256
(fdo#87999, Ralf Habacker)
- Correctly release DBusServer mutex before early-return if we
run out of memory while copying authentication mechanisms
(fdo#90021, Ralf Habacker)
- Correctly initialize all fields of DBusTypeReader (fdo#90021,
Ralf Habacker, Simon McVittie)
- Fix some missing \
in verbose (debug log) messages
(fdo#90021, Ralf Habacker)
- Clean up some memory leaks in test code (fdo#90021,
Ralf Habacker)

Thu Mar 26 13:00:00 2015 fstrbaAATTsuse.com
- Sync changes from SLE12 conditionalized for suse_version <= 1315

Mon Feb 9 13:00:00 2015 fstrbaAATTsuse.com
- Update to 1.8.16:

* Security fixes:
- Do not allow non-uid-0 processes to send forged
ActivationFailure messages. On Linux systems with systemd
activation, this would allow a local denial of service:
unprivileged processes could flood the bus with these forged
messages, winning the race with the actual service activation
and causing an error reply to be sent back when service
auto-activation was requested. This does not prevent the real
service from being started, so it only works while the real
service is not running. (CVE-2015-0245, fdo#88811, bnc#916343;
Simon McVittie)

* Other fixes:
- fix a Windows build failure (fdo#88009, Ralf Habacker)
- on Windows, allow up to 8K connections to the dbus-daemon
instead of the previous 64, completing a previous fix which
only worked under Autotools (fdo#71297, Ralf Habacker)

Tue Jan 6 13:00:00 2015 fstrbaAATTsuse.com
- Update to 1.8.14

* Security hardening:
- Do not allow calls to UpdateActivationEnvironment from uids
other than the uid of the dbus-daemon. If a system service
installs unsafe security policy rules that allow arbitrary
method calls (such as CVE-2014-8148) then this prevents
memory consumption and possible privilege escalation via
UpdateActivationEnvironment.
We believe that in practice, privilege escalation here is
avoided by dbus-daemon-launch-helper sanitizing its
environment; but it seems better to be safe.
- Do not allow calls to UpdateActivationEnvironment or the
Stats interface on object paths other than
/org/freedesktop/DBus. Some system services install unsafe
security policy rules that allow arbitrary method calls to
any destination, method and interface with a specified object
path; while less bad than allowing arbitrary method calls,
these security policies are still harmful, since dbus-daemon
normally offers the same API on all object paths and other
system services might behave similarly.

* Other fixes:
- Add missing initialization so GetExtendedTcpTable doesn\'t
crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko)

Tue Nov 25 13:00:00 2014 fstrbaAATTsuse.com
- Update to 1.8.12:

* Fixes:
- Partially revert the CVE-2014-3639 patch by increasing the
default authentication timeout on the system bus from 5
seconds back to 30 seconds, since this has been reported to
cause boot regressions for some users, mostly with parallel
boot (systemd) on slower hardware.
On fast systems where local users are considered particularly
hostile, administrators can return to the 5 second timeout
(or any other value in milliseconds) by saving this as
/etc/dbus-1/system-local.conf:

5000

(fdo#86431, Simon McVittie)
- Add a message in syslog/the Journal when the auth_timeout is
exceeded (fdo#86431, Simon McVittie)
- Send back an AccessDenied error if the addressed recipient is
not allowed to receive a message (and in builds with
assertions enabled, don\'t assert under the same conditions).
(fdo#86194, Jacek Bukarewicz)

Mon Nov 10 13:00:00 2014 fstrbaAATTsuse.com
- Update to 1.8.10:

* Security fixes:
- Increase dbus-daemon\'s RLIMIT_NOFILE rlimit to 65536
so that CVE-2014-3636 part A cannot exhaust the system bus\'
file descriptors, completing the incomplete fix in 1.8.8.
(CVE-2014-7824, fdo#85105; Simon McVittie, Alban Crequy)

Tue Sep 30 14:00:00 2014 fstrbaAATTsuse.com
- Reformat the spec file using spec-cleaner

Thu Sep 18 14:00:00 2014 fstrbaAATTsuse.com
- Update baselibs.conf: Provides dbus-1-32bit in lib package

Tue Sep 16 14:00:00 2014 fstrbaAATTsuse.com
- Update to 1.8.8:
+ Security fixes:
- Do not accept an extra fd in the padding of a cmsg message,
which could lead to a 4-byte heap buffer overrun. (CVE-2014-3635,
fdo#83622, bnc#896453; Simon McVittie)
- Reduce default for maximum Unix file descriptors passed per
message from 1024 to 16, preventing a uid with the default maximum
number of connections from exhausting the system bus\' file
descriptors under Linux\'s default rlimit. Distributors or system
administrators with a more restrictive fd limit may wish to reduce
these limits further.
Additionally, on Linux this prevents a second denial of service
in which the dbus-daemon can be made to exceed the maximum number
of fds per sendmsg() and disconnect the process that would have
received them. (CVE-2014-3636, fdo#82820, bnc#896453; Alban Crequy)
- Disconnect connections that still have a fd pending unmarshalling
after a new configurable limit, pending_fd_timeout (defaulting to
150 seconds), removing the possibility of creating an abusive
connection that cannot be disconnected by setting up a circular
reference to a connection\'s file descriptor. (CVE-2014-3637,
fdo#80559, bnc#896453; Alban Crequy)
- Reduce default for maximum pending replies per connection from
8192 to 128, mitigating an algorithmic complexity
denial-of-service attack (CVE-2014-3638, fdo#81053, bnc#896453;
Alban Crequy)
- Reduce default for authentication timeout on the system bus from
30 seconds to 5 seconds, avoiding denial of service by using up
all unauthenticated connection slots; and when all unauthenticated
connection slots are used up, make new connection attempts block
instead of disconnecting them. (CVE-2014-3639, fdo#80919,
bnc#896453; Alban Crequy)
+ Other fixes:
- Check for libsystemd from systemd >= 209, falling back to the
older separate libraries if not found (Umut Tezduyar Lindskog,
Simon McVittie)
- On Linux, use prctl() to disable core dumps from a test executable
that deliberately raises SIGSEGV to test dbus-daemon\'s handling
of that condition (fdo#83772, Simon McVittie)
- Fix compilation with --enable-stats (fdo#81043, Gentoo #507232;
Alban Crequy)
- Improve documentation for running tests on Windows (fdo#41252,
Ralf Habacker)

Sat Jul 19 14:00:00 2014 crrodriguezAATTopensuse.org
- Remove all remains of sysvinit compatibility.
- Do not force-fed -fstack-protector in CFLAGS, already there
and obsoleted by stack-protector-strong in gcc 4.9.
- Ensure doxygen never generates timestampted html docs.

Thu Jul 10 14:00:00 2014 fcrozatAATTsuse.com
- Update baselibs.conf: Obsoletes dbus-1-32bit in lib package.

Wed Jul 2 14:00:00 2014 fstrbaAATTsuse.com
- Update to 1.8.6:
+ Security fixes:
- On Linux >= 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS,
silently drop the message. This prevents an attack in which
a malicious client can make dbus-daemon disconnect a system
service, which is a local denial of service.
(bnc#885241 fdo#80163, CVE-2014-3532; Alban Crequy)
- Track remaining Unix file descriptors correctly when more
than one message in quick succession contains fds. This
prevents another attack in which a malicious client can make
dbus-daemon disconnect a system service.
(bnc#885241 fdo#79694, fd0#80469, CVE-2014-3533; Alejandro
Martínez Suárez, Simon McVittie, Alban Crequy)
+ Other fixes:
- When dbus-launch --exit-with-session starts a dbus-daemon but
then cannot attach to a session, kill the dbus-daemon as
intended (fdo#74698, Роман Донченко)

Wed Jun 11 14:00:00 2014 fstrbaAATTsuse.com
- Update to 1.8.4:
+ Security fix:
- Alban Crequy at Collabora Ltd. discovered and fixed a
denial-of-service flaw in dbus-daemon, part of the reference
implementation of D-Bus.
Additionally, in highly unusual environments the same flaw
could lead to a side channel between processes that should
not be able to communicate. (CVE-2014-3477, fdo#78979,
bnc#881137)

Sat May 3 14:00:00 2014 hrvoje.senjanAATTgmail.com
- Update to 1.8.2:
+ Enhancements:
- in the CMake build system, add some hints for Linux users
cross-compiling Windows D-Bus binaries to be able to run
tests under Wine (fdo#41252)
- add Documentation key to dbus.service (fdo#77447)
+ Fixes:
- in \"dbus-uuidgen --ensure\", try to copy systemd\'s
/etc/machine-id to /var/lib/dbus/machine-id instead
of generating an entirely new ID (fdo#77941)
- if dbus-launch receives an X error very quickly, do not kill
unrelated processes (fdo#74698)
- on Windows, allow up to 8K connections to the dbus-daemon,
instead of the previous 64 (fdo#71297)
- cope with \\r\
newlines in regression tests, since on
Windows, dbus-daemon.exe uses text mode (fdo#75863)

Mon Jan 20 13:00:00 2014 hrvoje.senjanAATTgmail.com
- Update to 1.8.0 final:
+ This starts a new stable branch. The 1.6.x branch is now
considered to be outdated, and will only receive fixes for
serious bugs such as security flaws. The 1.4.x and 1.2.x branches
no longer have upstream support and are unlikely to get any more
releases, but if distributors still need to support them,
please share security patches via upstream.
+ Enhancements since 1.7.10:
- Enhance the CMake build system to check for GLib and
compile/run a subset of the regression tests (fdo#41252,
fdo#73495)
+ Fixes since 1.7.10:
- don\'t rely on va_copy(), use DBUS_VA_COPY() wrapper (fdo#72840)
- fix compilation of systemd journal support on older systemd
versions where sd-journal.h doesn\'t include syslog.h (fdo#73455)
- fix compilation on older MSVC versions by including stdlib.h
(fdo#73455)
- Allow to appear in an included configuration
file (fdo#73475)
+ Test behaviour changes since 1.7.10:
- If the tests crash with an assertion failure, they no longer
default to blocking for a debugger to be attached. Set
DBUS_BLOCK_ON_ABORT in the environment if you want the old
behaviour.
- To improve debuggability, the dbus-daemon and
dbus-daemon-eavesdrop tests can be run with an external
dbus-daemon by setting DBUS_TEST_DAEMON_ADDRESS in the
environment. Test-cases that require an unusually-configured
dbus-daemon are skipped.

Fri Jan 10 13:00:00 2014 hrvoje.senjanAATTgmail.com
- Remove checks for obsolete openSUSE versions
- Make sure that dbus-1 requires libdbus-1-3 during %post (detected
when built against DBus-less systemd 209)

Thu Jan 9 13:00:00 2014 fridrich.strbaAATTsuse.com
- Try hard to assure that /var/lib/dbus/machine-id and
/etc/machine-id are the same (bnc#857377)

Tue Jan 7 13:00:00 2014 fridrich.strbaAATTsuse.com
- Update to 1.7.10 (1.8.0 rc1)
+ D-Bus Specification 0.23:
- don\'t require messages with no INTERFACE to be dispatched
(fdo#68597)
- document \"tcp:bind=...\" and \"nonce-tcp:bind=...\" (fdo#72301)
- define \"listenable\" and \"connectable\" addresses, and discuss
the difference (fdo#61303)
+ Enhancements:
- support printing Unix file descriptors in dbus-send,
dbus-monitor (fdo#70592)
- don\'t install systemd units if --disable-systemd is given
(fdo#71818)
+ Fixes:
- don\'t leak memory on out-of-memory while listing activatable
or active services (fdo#71526)
- fix undefined behaviour in a regression test (fdo#69924)
- escape Unix socket addresses correctly (fdo#46013)
- on SELinux systems, don\'t assume that SECCLASS_DBUS,
DBUS__ACQUIRE_SVC and DBUS__SEND_MSG are numerically equal to
their values in the reference policy (fdo#88719)
- define PROCESS_QUERY_LIMITED_INFORMATION if missing from
MinGW < 4 headers (fdo#71366)
- define WIN32_LEAN_AND_MEAN to avoid conflicts between
winsock.h and winsock2.h (fdo#71405)
- do not return failure from _dbus_read_nonce() with no error
set, preventing a potential crash (fdo#72298)
- on BSD systems, avoid some O(1)-per-process memory and fd
leaks in kqueue, preventing test failures
(fdo#69332, fdo#72213)
- fix warning spam on Hurd by not trying to set SO_REUSEADDR
on Unix sockets, which doesn\'t do anything anyway on at least
Linux and FreeBSD (fdo#69492)
- fix use of TCP sockets on FreeBSD and Hurd by tolerating
EINVAL from sendmsg() with SCM_CREDS (retrying with plain
send()), and looking for credentials more correctly
(fdo#69492)
- ensure that tests run with a temporary XDG_RUNTIME_DIR to
avoid getting mixed up in XDG/systemd \"user sessions\"
(fdo#61301)
- refresh cached policy rules for existing connections when bus
configuration changes (fdo#39463)

Wed Nov 20 13:00:00 2013 hrvoje.senjanAATTgmail.com
- Drop the dbus-fall-back-to-old-run-directory.patch, and the sed
workaround from dbus-1-x11 %post, now that transition from 12.3
(/var/run) to 13.1 (/run) is done

Fri Nov 1 13:00:00 2013 hrvoje.senjanAATTgmail.com
- Update to 1.7.8
+ Dependencies:
- If systemd support is enabled, libsystemd-journal is
now required.
+ Enhancements:
- When activating a non-systemd service under systemd,
annotate its stdout/stderr with its bus name in the Journal.
Known limitation: because the socket is opened before forking,
the process will still be logged as if it had dbus-daemon\'s
process ID and user ID. (fdo#68559)
- Document more configuration elements in dbus-daemon(1)
(fdo#69125)
+ Fixes:
- Don\'t leak string arrays or fds if
dbus_message_iter_get_args_valist() unpacks them and then
encounters an error (fdo#21259)
- If compiled with libaudit, retain CAP_AUDIT_WRITE so we
can write disallowed method calls to the audit log,
fixing a regression in 1.7.6 (fdo#49062)
- path_namespace=\'/\' in match rules incorrectly matched nothing;
it now matches everything. (fdo#70799)

Wed Oct 9 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Update to 1.7.6
+ Build-time configuration changes:
- Directory change notification via dnotify on Linux is no
longer supported; it hadn\'t compiled successfully since 2010
in any case. If you don\'t have inotify (Linux) or kqueue (
*BSD),
you will need to send SIGHUP to the dbus-daemon when its
configuration changes. (fdo#33001)
- Compiling with --disable-userdb-cache is no longer supported;
it didn\'t work since at least 2008, and would lead to an
extremely slow dbus-daemon even it worked.
(fdo#15589,fdo#17133,fdo#66947)
- The DBUS_DISABLE_ASSERTS CMake option didn\'t actually disable
most assertions. It has been renamed to DBUS_DISABLE_ASSERT
to be consistent with the Autotools build system. (fdo#66142)
- --with-valgrind=auto enables Valgrind instrumentation if and only
if valgrind headers are available. The default is still
- -with-valgrind=no. (fdo#56925)
+ Dependencies:
- Platforms with no 64-bit integer type are no longer supported.
(fdo#65429)
- GNU make is now (documented to be) required. (fdo#48277)
- Full test coverage no longer requires dbus-glib, although the
tests do not exercise the shared library (only a static copy)
if dbus-glib is missing. (fdo#68852)
+ Enhancements:
- D-Bus Specification 0.22
- Document GetAdtAuditSessionData() and
GetConnectionSELinuxSecurityContext() (fdo#54445)
- Fix example .service file (fdo#66481)
- Don\'t claim D-Bus is \"low-latency\" (lower than what?), just
give factual statements about it supporting async use (fdo#65141)
- Document the contents of .service files, and the fact that
system services\' filenames are constrained (fdo#66608)
- Be thread-safe by default on all platforms, even if
dbus_threads_init_default() has not been called. For
compatibility with older libdbus, library users should
continue to call dbus_threads_init_default(): it is
harmless to do so. (fdo#54972)
- Add GetConnectionCredentials() method (fdo#54445)
- New API: dbus_setenv(), a simple wrapper around setenv().
Note that this is not thread-safe. (fdo#39196,)
- Add dbus-send --peer=ADDRESS (connect to a given peer-to-peer
connection, like --address=ADDRESS in previous versions) and
dbus-send --bus=ADDRESS (connect to a given bus, like
dbus-monitor --address=ADDRESS). dbus-send --address still
exists for backwards compatibility, but is no longer documented.
(fdo#48816)
+ Fixes:
- Avoid an infinite busy-loop if a signal interrupts waitpid()
(fdo#68945)
- Clean up memory for parent nodes when objects are unexported
(fdo#60176)
- Make dbus_connection_set_route_peer_messages(x, FALSE) behave
as documented. Previously, it assumed its second
parameter was TRUE. (fdo#69165)
- Escape addresses containing non-ASCII characters correctly
(fdo#53499)
- Document search order correctly (fdo#66994)
- Don\'t crash on \"dbus-send --session / x.y.z\" which regressed
in 1.7.4. (fdo#65923)
- If malloc() returns NULL in _dbus_string_init() or similar,
don\'t free an invalid pointer if the string is later freed
(fdo#65959)
- If malloc() returns NULL in dbus_set_error(), don\'t va_end()
a va_list that was never va_start()ed (fdo#66300)
- fix build failure with --enable-stats (fdo#66004)
- fix a regression test on platforms with strict alignment
(fdo#67279)
- Avoid calling function parameters \"interface\" since certain
Windows headers have a namespace-polluting macro of that name
(fdo#66493)
- Assorted Doxygen fixes (fdo#65755)
- Various thread-safety improvements to static variables
(fdo#68610)
- Make \"make -j check\" work (fdo#68852)
- Fix a NULL pointer dereference on an unlikely error path
(fdo#69327)
- Improve valgrind memory pool tracking (fdo#69326)
- Don\'t over-allocate memory in dbus-monitor (fdo#69329)
- dbus-monitor can monitor dbus-daemon < 1.5.6 again
(fdo#66107)
+ Unix-specific:
- If accept4() fails with EINVAL, as it can on older Linux
kernels with newer glibc, try accept() instead of going
into a busy-loop. (fdo#69026)
- If socket() or socketpair() fails with EINVAL or EPROTOTYPE,
for instance on Hurd or older Linux with a new glibc, try
without SOCK_CLOEXEC. (fdo#69073)
- Fix a file descriptor leak on an error code path.
(fdo#69182)
- dbus-run-session: clear some unwanted environment variables
(fdo#39196)
- dbus-run-session: compile on FreeBSD (fdo#66197)
- Don\'t fail the autolaunch test if there is no DISPLAY
(fdo#40352)
- Use dbus-launch from the builddir for testing, not the
installed copy (fdo#37849)
- Fix compilation if writev() is unavailable (fdo#69409)
- Remove broken support for LOCAL_CREDS credentials passing, and
document where each credential-passing scheme is used
(fdo#60340)
- Make autogen.sh work on
*BSD by not assuming GNU coreutils
functionality (fdo#35881, fdo#69787)
- dbus-monitor: be portable to NetBSD (fdo#69842)
- dbus-launch: stop using non-portable asprintf (fdo#37849)
- Improve error reporting from the setuid activation helper
(fdo#66728)
+ Internal changes:
- add DBUS_ENABLE_ASSERT, DBUS_ENABLE_CHECKS for less confusing
conditionals (fdo#66142)
- improve verbose-mode output (fdo#63047)
- consolidate Autotools and CMake build (fdo#64875)
- fix various unused variables, unusual build configurations etc.
(fdo#65712, fdo#65990, fdo#66005, fdo#66257, fdo#69165, fdo#69410,
fdo#70218)
- Dropped 0001-_dbus_babysitter_unref-avoid-infinite-loop-if-waitpi.patch,
included in this release

Mon Oct 7 14:00:00 2013 fridrich.strbaAATTsuse.com
- Create /var/lib/dbus/machine-id only if there is no /etc/machine-id
present on the system. Dbus knows how to use the system-wide
machine-id file and this solves problems where the two files have
different values (bnc#831626)

Fri Oct 4 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Check for existence of /var/lib/old_run_path: if found, only then
is dbus ListenStream swapped for old run path. This is done for
supporting 12.3 to 13.1 upgrade (bnc#802525)
- Fix rpmlint warnings about %verifyscript and %set_permissions

Sun Sep 29 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Revert to previous version of dbus-fall-back-to-old-run-directory.patch
as latest version causes a fallout

Wed Sep 25 14:00:00 2013 hpjAATTsuse.com
- Amend dbus-fall-back-to-old-run-directory.patch to prevent a
new class of hangs while upgrading D-Bus along with other
services (bnc#802525).

Sat Sep 7 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Added 0001-_dbus_babysitter_unref-avoid-infinite-loop-if-waitpi.patch
from upstream for resolving fdo#68945, bnc#782909

Tue Jun 25 14:00:00 2013 cooloAATTsuse.com
- to avoid a cycle with systemd, build the daemon in dbus-x11.spec.
It would be wise to rename dbus-1.spec to dbus-1-libs.spec and
dbus-1-x11.spec to dbus-1.spec, but I first wanted to hear feedback

Sat Jun 22 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Update to 1.7.4
+ CVE-2013-2168: Fix misuse of va_list that could be used as a
denial of service for system services.
+ It should now be safe to call dbus_threads_init_default() from
any thread, at any time
+ In dbus-daemon, don\'t crash if a .service file starts with
key=value
+ Fix an assertion failure if we try to activate systemd services
before systemd connects to the bus (fdo#50199)
- Adjusted dbus-do-autolaunch.patch for this release

Sat Jun 22 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Remove the override that was added in solving bnc#802525, as it
causes similar situation when upgrading dbus and systemd
simultaneously.
- Adjusted rc.boot.dbus script so it uses /run instead of /var/run

Thu Apr 25 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Update to 1.7.2
+ Diagnose incorrect use of dbus_connection_get_data() with negative
slot (i.e. before allocating the slot) rather than returning junk
(fdo #63127)
+ The --with-dbus-session-bus-default-address configure option is no
longer supported
+ Under systemd, log to syslog only, not stderr, avoiding duplication
(fdo#61399, fdo#39987)
+ Under systemd, remove unnecessary dependency on syslog.socket
(fdo#63531)
+ Allow use of systemd-logind without the rest of systemd
(fdo#62585)
- Dropped dbus-move-everything-to-run-directory.patch, since we can
define location of system pid and socket with configure flags and
set the flags accordingly
- Added xmlto BuildRequires, it is needed now for man files

Wed Apr 24 14:00:00 2013 hrvoje.senjanAATTgmail.com
- Update to 1.6.10
+ Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF,
U+FDD0..U+FDEF are allowed in UTF-8 strings again. (fdo#63072)
+ Diagnose incorrect use of dbus_connection_get_data() with negative slot
(i.e. before allocating the slot) rather than returning junk (fdo#63127)
+ In the activation helper, when compiled for tests, do not reset the system
bus address, fixing the regression tests. (fdo#52202)
+ Fix building with Valgrind 3.8, at the cost of causing harmless warnings
with Valgrind 3.6 on some compilers (fdo#55932)
+ Don\'t leak temporary fds pointing to /dev/null (fdo#56927,)
+ Create session.d, system.d directories under CMake (fdo#41319)
+ Include alloca.h for alloca() if available, fixing compilation on
Solaris 10 (fdo#63071)

Fri Feb 22 13:00:00 2013 hpjAATTsuse.com
- Spec file changes moving files from /var/run to /run.
- Add dbus-move-everything-to-run-directory.patch by rmilasan. This
moves everything (pid files, lock files, etc.) to /run.
- Add dbus-fall-back-to-old-run-directory.patch (bnc#802525).

Mon Feb 18 13:00:00 2013 rmilasanAATTsuse.com
- Revert patch: dbus-move-everything-to-run-directory.patch (bnc#802525).

Thu Jan 24 13:00:00 2013 rmilasanAATTsuse.com
- Move everything (pid files, lock files, etc.) to /run.
add: dbus-move-everything-to-run-directory.patch

Sun Nov 18 13:00:00 2012 hrvoje.senjanAATTgmail.com
- Update to 1.6.8

* Follow up to CVE-2012-3524: The additional hardening
work to use __secure_getenv() as a followup to bug #52202
broke certain configurations of gnome-keyring. Given
the difficulty of making this work without extensive
changes to gnome-keyring, use of __secure_getenv() is
deferred.

* CVE-2012-3524: Don\'t access environment variables (fdo#52202)
Thanks to work and input from Colin Walters, Simon McVittie,
Geoffrey Thomas, and others.

* Detect that users are \"at the console\" correctly when configured with
a non-default path such as --enable-console-auth-dir=/run/console
(fdo#51521, Dave Reisner)

* Remove an incorrect assertion from DBusTransport (fdo#51657,
Simon McVittie)

* Change how we create /var/lib/dbus so it works under Automake >= 1.11.4
(fdo#51406, Simon McVittie)

* Don\'t return from dbus_pending_call_set_notify with a lock held on OOM
(fdo#51032, Simon McVittie)

* Disconnect \"developer mode\" (assertions, verbose mode etc.) from
Automake maintainer mode. D-Bus developers should now configure with
- -enable-developer. Automake maintainer mode is now on by default;
distributions can disable it with --disable-maintainer-mode.
(fdo#34671, Simon McVittie)

* Unix-specific:
- Check for libpthread under CMake on Unix (fdo#47237, Simon McVittie)

* New requirements
- PTHREAD_MUTEX_RECURSIVE on Unix
- compiler support for 64-bit integers (int64_t or equivalent)

* D-Bus Specification v0.19

* New dbus-daemon features
- rules allow the service to
own names like com.example.Service.Instance3
- optional systemd integration when checking at_console policies
- --nopidfile option, mainly for use by systemd
- path_namespace and arg0namespace may appear in match rules
- eavesdropping is disabled unless the match rule contains eavesdrop=true

* New public API
- functions to validate various string types (dbus_validate_path() etc.)
- dbus_type_is_valid()
- DBusBasicValue, a union of every basic type

* Bug fixes
- removed an unsafe reimplementation of recursive mutexes
- dbus-daemon no longer busy-loops if it has far too many file descriptors
- dbus-daemon.exe --print-address works on Windows
- all the other bug fixes from 1.4.20

* Other major implementation changes
- on Linux, dbus-daemon uses epoll if supported, for better scalability
- dbus_threads_init() ignores its argument and behaves like
dbus_threads_init_default() instead
- removed the per-connection link cache, improving dbus-daemon performance

* Developer features
- optional Valgrind instrumentation (--with-valgrind)
- optional Stats interface on the dbus-daemon (--enable-stats)
- optionally abort whenever malloc() fails (--enable-embedded-tests
and export DBUS_MALLOC_CANNOT_FAIL=1)

* Be more careful about monotonic time vs. real time, fixing DBUS_COOKIE_SHA1
spec-compliance (fdo#48580, David Zeuthen)

* Don\'t use install(1) within the source/build trees, fixing the build as
non-root when using OpenBSD install(1) (fdo#48217, Antoine Jacoutot)

* Add missing commas in some tcp and nonce-tcp addresses, and remove
an unused duplicate copy of the nonce-tcp transport in Windows builds
(fdo#45896, Simon McVittie)
- remove patch dbus-cve-2012-3524.patch as incorporated upstream

Fri Nov 16 13:00:00 2012 dimstarAATTopensuse.org
- Enable systemd integration (with_systemd 1): follow the rest of
the distribution enabling systemd support. As agreed, systemd is
the main supported way for 12.3.

Fri Nov 16 13:00:00 2012 fcrozatAATTsuse.com
- Move default home from /var/run/dbus to /run/dbus
- Fix useradd invocation: -o is useless without -u and newer
versions of pwdutils/shadowutils fail on this now.

Thu Nov 8 13:00:00 2012 tittiatcokeAATTgmail.com
- Link /usr/bin/dbus-send to /bin/dbus-send. Upower uses
dbus-send to receive signals from systemd regarding resuming,
however looks for the moment in the wrong directory.

Sat Nov 3 13:00:00 2012 crrodriguezAATTopensuse.org
- Fix factory breakage on systemd units directory

Fri Oct 26 14:00:00 2012 cooloAATTsuse.com
- remove sysvinit requires from the package
- remove %run_permissions macro

Wed Oct 24 14:00:00 2012 jengelhAATTinai.de
- baselibs: dbus-1-devel-32bit must require libdbus-1-3-32bit

Sun Oct 7 14:00:00 2012 cooloAATTsuse.com
- remove libzio build dependency

Mon Aug 27 14:00:00 2012 thoenigAATTsuse.de
- dbus-cve-2012-3524.patch: Add patch for CVE-2012-3524 to fix getenv()
vulnerability in setuid root binaries (bnc#697105)

Wed Aug 1 14:00:00 2012 idonmezAATTsuse.com
- Add pkgconfig(x11) as BuildRequires instead of xorg-x11-devel so
we don\'t depend on Mesa and create a build cycle.

Tue May 15 14:00:00 2012 vuntzAATTopensuse.org
- Move ownership of /etc/dbus-1/{session.d,system.d} and
/usr/share/dbus-1/{interfaces,services,system-services} to
libdbus-1-3 instead of dbus-1: many dbus users put files there,
and it\'s annoying to force them to own those directories.

Sun Apr 22 14:00:00 2012 alinm.elenaAATTgmail.com
- added libdbus-1-3 to build for -32bit...
- adeed post and postun sections for libdbus-1-3

Thu Apr 19 14:00:00 2012 thoenigAATTsuse.de
- More news from the dependency hell: Let dbus-1-devel require
dbus-1.

Wed Apr 18 14:00:00 2012 thoenigAATTsuse.de
- Split dbus-1 into libdbus-1 and dbus-1.

Wed Mar 28 14:00:00 2012 thoenigAATTsuse.de
- Update to version 1.5.12:
- Add public API to validate various string types:
dbus_validate_path(), dbus_validate_interface(),
dbus_validate_member(), dbus_validate_error_name(),
dbus_validate_bus_name(), dbus_validate_utf8()
(fdo#39549, Simon McVittie)
- Turn DBusBasicValue into public API so bindings don\'t need to
invent their own \"union of everything\" type (fdo#11191, Simon
McVittie)
- Enumerate data files included in the build rather than using
find(1) (fdo#33840, Simon McVittie)
- Add support for policy rules like
in dbus-daemon
(fdo#46273, Alban Crequy)
- Windows-specific:
- make dbus-daemon.exe --print-address (and --print-pid) work
again on Win32, but not on WinCE (fdo#46049, Simon
McVittie)
- fix duplicate case value when compiling against mingw-w64
(fdo#47321, Andoni Morales Alastruey)

Mon Feb 27 13:00:00 2012 vuntzAATTopensuse.org
- Revert my last change completely, and go back to using -fpie in
CFLAGS and -pie in LDFLAGS for the whole build: after discussion
upstream in fdo#46570, it appears that this is the recommended
way to harden the build.

Fri Feb 24 13:00:00 2012 vuntzAATTopensuse.org
- Change the way we pass -fpie/-pie:
+ Stop changing CFLAGS/LDFLAGS in %build to add -fpie/-pie.
+ Add dbus-1-suid_flags.patch: respect SUID_CFLAGS/SUID_LDFLAGS
when building the suid binary (dbus-daemon-launch-helper).
+ Set SUID_CFLAGS to -fPIE and SUID_LDFLAGS to -pie in %build.

Fri Feb 24 13:00:00 2012 cooloAATTsuse.com
- move with_systemd definition into COMMON part to fix dbus-1-x11

Wed Feb 22 13:00:00 2012 vuntzAATTopensuse.org
- Update to version 1.5.10:
+ D-Bus Specification 0.19:
- Formally define unique connection names and well-known bus
names, and document best practices for interface, bus, member
and error names, and object paths (fdo#37095)
- Document the search path for session and system services on
Unix, and where they should be installed by build systems
(fdo#21620, fdo#35306)
- Document the systemd transport (fdo#35232)
+ Make dbus_threads_init() use the same built-in threading
implementation as dbus_threads_init_default(); the
user-specified primitives that it takes as a parameter are now
ignored (fdo#43744)
+ Allow all configured auth mechanisms, not just one (fdo#45106)
+ Improve cmake build system.
+ Build tests successfully with older GLib, as found in e.g.
Debian 6 (fdo#41219)
+ Avoid use of deprecated GThread API (fdo#44413)
+ Build documentation correctly if man2html doesn\'t support
filenames on its command-line (fdo#43875)
+ Improve test coverage. To get even more coverage, run the tests
with DBUS_TEST_SLOW=1 (fdo#38285, fdo#42811)
+ Reduce the size of the shared library by moving functionality
only used by dbus-daemon, tests etc. into their internal
library and deleting unused code (fdo#34976, fdo#39759)
+ Add dbus-daemon --nopidfile option, overriding the
configuration, for setups where the default configuration must
include to avoid breaking traditional init, but the
pid file is in fact unnecessary; use it under systemd to
improve startup time a bit (fdo#45520)
+ Optionally (if configured --with-valgrind) add instrumentation
to debug libdbus and associated tools more meaningfully under
Valgrind (fdo#37286)
+ Improve the dbus-send(1) man page (fdo#14005)
+ Make dbus-protocol.h compatible with C++11 (fdo#46147)
+ If tests are enabled and DBUS_MALLOC_CANNOT_FAIL is set in the
environment, abort on failure to malloc() (like GLib does), to
turn runaway memory leaks into a debuggable core-dump if a
resource limit is applied (fdo#41048)
+ Don\'t crash if realloc() returns NULL in a debug build (fdo#41048)
+ Unix-specific:
- Replace our broken reimplementation of recursive mutexes,
which has been broken since 2006, with an ordinary pthreads
recursive mutex (fdo#43744)
- Use epoll(7) for a more efficient main loop in Linux;
equivalent patches welcomed for other OSs\' equivalents like
kqueue, /dev/poll, or Solaris event ports (fdo#33337)
- When running under systemd, use it instead of ConsoleKit to
check whether to apply at_console policies (fdo#39609)
- Avoid a highly unlikely fd leak (fdo#29881)
- Don\'t close invalid fd -1 if getaddrinfo fails (fdo#37258)
- Don\'t touch ~/.dbus and ~/.dbus-keyrings when running \'make
installcheck\' (fdo#41218)
- Stop pretending we respect XDG_DATA_DIRS for system services:
the launch helper doesn\'t obey environment variables to avoid
privilege escalation attacks, so make the system bus follow
the same rules (fdo#21620)
+ Windows-specific fixes.
- Get ready for a switch to systemd:
+ Add a with_systemd macro, currently set to 0 as the systemd
support would introduce a build cycle between dbus-1 and
systemd.
+ Add pkgconfig(libsystemd-daemon) and
pkgconfig(libsystemd-login) BuildRequires and pass
- -enable-systemd to configure if we build systemd support.

Mon Feb 6 13:00:00 2012 dlovaskoAATTsuse.com
- fixed bnc#743149 - added position independent flags to compilation and linking(-fpie/-pie)

Wed Oct 12 14:00:00 2011 cooloAATTsuse.com
- add patch to enable X11 autolaunch even if configure thinks
it can\'t be done (bnc#707817)

Tue Oct 11 14:00:00 2011 dmuellerAATTsuse.de
- update to version 1.5.8:

* Clean up dead code, and make more warnings fatal in development builds
(fdo#39231, fdo#41012; Simon McVittie)

* Add a regression test for fdo#38005 (fdo#39836, Simon McVittie)

* Add _DBUS_STATIC_ASSERT and use it to check invariants

* Fix a small memory leak, and a failure to report errors, when updating
a service file entry for activation (fdo#39230, Simon McVittie)

* Clean up (non-abstract) Unix sockets on bus daemon exit

* On systems that use libcap-ng but not systemd, drop supplemental groups
when switching to the daemon user (Red Hat #726953, Steve Grubb)

Fri Sep 30 14:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to make the spec file more reliable

Sun Sep 18 14:00:00 2011 jengelhAATTmedozas.de
- Remove redundant tags/sections from specfile
(cf. packaging guidelines)

Mon Aug 1 14:00:00 2011 vuntzAATTopensuse.org
- Update to version 1.5.6:
+ Potentially incompatible (Bustle and similar debugging tools
will need changes to work as intended):
- Do not allow match rules to \"eavesdrop\" (receive messages
intended for a different recipient) by mistake: eavesdroppers
must now opt-in to this behaviour by putting
\"eavesdrop=\'true\'\" in the match rule, which will not have any
practical effect on buses where eavesdropping is not allowed
(fdo#37890)
+ Other changes:
- D-Bus Specification version 0.18 (fdo#37890, fdo#39450,
fdo#38252):
. add the \"eavesdrop\" keyword to match rules
. define eavesdropping, unicast messages and broadcast messages
. stop claiming that match rules are needed to match unicast
messages to you
. promote the type system to be a top-level section
- Use DBUS_ERROR_OBJECT_PATH_IN_USE if
dbus_connection_try_register_object_path or
dbus_connection_try_register_fallback fails, not
...ADDRESS_IN_USE, and simplify object-path registration
(fdo#38874)
- Consistently use atomic operations on everything that is ever
manipulated via atomic ops, as was done for changes to
DBusConnection\'s refcount in 1.4.12 (fdo#38005)
- Fix a file descriptor leak when connecting to a TCP socket
(fdo#37258)
- Make \"make check\" in a clean tree work, by not running tests
until test data has been set up (fdo#34405)
- The dbus-daemon no longer busy-loops if it has a very large
number of file descriptors (fdo#23194)
- Refactor message flow through dispatching to avoid locking
violations if the bus daemon\'s message limit is hit; remove
the per-connection link cache, which was meant to improve
performance, but now reduces it (fdo#34393)
- Some cmake fixes
- Remove dead code, mainly from DBusString (fdo#38570,
fdo#39610)
- Stop storing two extra byte order indicators in each D-Bus
message (fdo#38287)
- Add an optional Stats interface which can be used to get
statistics from a running dbus-daemon if enabled at configure
time with --enable-stats (fdo#34040)
- Fix various typos (fdo#27227, fdo#38284)
- Documentation (fdo#36156):
. let xsltproc be overridden as usual: ./configure
XSLTPROC=myxsltproc
. install more documentation automatically, including
man2html output
. put dbus.devhelp in the right place (it must go in
${htmldir})
- Unix-specific:
. look for system services in /lib/dbus-1/system-services in
addition to all the other well-known locations; note that
this should always be /lib, even on platforms where shared
libraries on the root FS would go in /lib64,
/lib/x86_64-linux-gnu or similar (fdo#35229)
. opt-in to fd passing on Solaris (fdo#33465)
- Windows-specific:
. fix use of a mutex for autolaunch server detection
. don\'t crash on malloc failure in
_dbus_printf_string_upper_bound
- Manually create /lib/dbus-1/system-services in %install so that
we can own it.

Fri Jul 1 14:00:00 2011 vuntzAATTopensuse.org
- Update to version 1.5.4:
+ Security (local denial of service):
- Byte-swap foreign-endian messages correctly, preventing a
long-standing local DoS if foreign-endian messages are
relayed through the dbus-daemon (fdo#38120, deb#629938, no
CVE number yet)
+ New things:
- The constant to use for an infinite timeout now has a name,
DBUS_TIMEOUT_INFINITE.
- If GLib and DBus-GLib are already installed, more tests will be built,
providing better coverage.(fdo#34570)
+ Changes:
- Consistently use atomic operations for the DBusConnection\'s
refcount, fixing potential threading problems (fdo#38005)
- Don\'t use -Wl,--gc-sections by default: in practice the size
decrease is small (300KiB on x86-64) and it frequently
doesn\'t work in unusual toolchains. (fdo#33466)
- Use #!/bin/sh for run-with-tmp-session-bus.sh, making it work
on
*BSD (fdo#35880)
- Use ln -fs to set up dbus for systemd, which should fix
reinstallation when not using a DESTDIR (fdo#37870)
- Windows-specific changes:
. don\'t try to build dbus-daemon-launch-helper (fdo#37838)
- Changes from version 1.5.2:
+ Notes for distributors:
- This version of D-Bus no longer uses -fPIE by default.
+ Changes:
+ D-Bus Specification v0.17
. Reserve the extra characters used in signatures by GVariant
(fdo#34529)
. Define the ObjectManager interface (fdo#34869)
+ Don\'t force -fPIE: distributions and libtool know better than
we do whether it\'s desirable (fdo#16621, fdo#27215)
+ Allow --disable-gc-sections, in case your toolchain offers
the -ffunction-sections, -fdata-sections and
- Wl,--gc-sections options but they\'re broken, as seen on
Solaris (fdo#33466)
+ Install dbus-daemon and dbus-daemon-launch-helper in a more
normal way (fdo#14512)
+ Ensure that maintainers upload documentation with the right
permissions (fdo#36130)
+ Don\'t force users of libdbus to be linked against
- lpthread, -lrt (fdo#32827)
+ Log system-bus activation information to syslog (fdo#35705)
+ Log messages dropped due to quotas to syslog (fdo#35358)
+ Make the nonce-tcp transport work on Unix (fdo#34569)
+ On Unix, if /var/lib/dbus/machine-id cannot be read, try
/etc/machine-id (fdo#35228)
+ In the regression tests, don\'t report fds as \"leaked\" if they
were open on startup (fdo#35173)
+ Make dbus-monitor bail out if asked to monitor more than one
bus, rather than silently using the last one (fdo#26548)
+ Clarify documentation (fdo#35182)
+ Clean up minor dead code and some incorrect error handling
(fdo#33128, fdo#29881)
+ Check that compiler options are supported before using them
(fdo#19681)
+ Windows:
. Remove obsolete workaround for winioctl.h (fdo#35083)

Tue Jun 28 14:00:00 2011 ajAATTsuse.de
- Fix filelist to own a directory.
- Do not package html files twice.

Wed May 18 14:00:00 2011 cooloAATTnovell.com
- buildrequire update-desktop-files for mimetypes.prov

Thu May 5 14:00:00 2011 cooloAATTopensuse.org
- switch to download_files service

Wed Apr 20 14:00:00 2011 cooloAATTopensuse.org
- changes license to GPL2+ or AFL 2.1

Fri Apr 15 14:00:00 2011 thoenigAATTsuse.de
- Update to 1.5.0

* D-Bus Specification v0.16
- Add support for path_namespace and arg0namespace in match rules
(fdo#24317, #34870; Will Thompson, David Zeuthen, Simon McVittie)
- Make argNpath support object paths, not just object-path-like strings,
and document it better (fdo#31818, Will Thompson)

* Let the bus daemon implement more than one interface (fdo#33757,
Simon McVittie)

* Optimize _dbus_string_replace_len to reduce waste (fdo#21261,
Roberto Guido)

* Require user intervention to compile with missing 64-bit support
(fdo#35114, Simon McVittie)

* Add dbus_type_is_valid as public API (fdo#20496, Simon McVittie)

* Raise UnknownObject instead of UnknownMethod for calls to methods on
paths that are not part of the object tree, and UnknownInterface for calls
to unknown interfaces in the bus daemon (fdo#34527, Lennart Poettering)

Fri Apr 8 14:00:00 2011 thoenigAATTsuse.de
- Update to 1.4.8

* Rename configure.in to configure.ac, and update it to modern conventions
(fdo#32245; Javier Jardón, Simon McVittie)

* Correctly give XDG_DATA_HOME priority over XDG_DATA_DIRS (fdo#34496,
Anders Kaseorg)

* Prevent X11 autolaunching if $DISPLAY is unset or empty, and add
- -disable-x11-autolaunch configure option to prevent it altogether
in embedded environments (fdo#19997, NB#219964; Simon McVittie)

* Install the documentation, and an index for Devhelp (fdo#13495,
Debian #454142; Simon McVittie, Matthias Clasen)

* If checks are not disabled, check validity of string-like types and
booleans when sending them (fdo#16338, NB#223152; Simon McVittie)

* Add UnknownObject, UnknownInterface, UnknownProperty and PropertyReadOnly
errors to dbus-shared.h (fdo#34527, Lennart Poettering)

* Break up a huge conditional in config-parser so gcov can produce coverage
data (fdo#10887, Simon McVittie)

* List which parts of the Desktop Entry specification are applicable to
.service files (fdo#19159, Sven Herzberg)

* Don\'t suppress service activation if two services have the same Exec=
(fdo#35750, Colin Walters)

* Windows:
- Avoid the name ELEMENT_TYPE due to namespace-pollution from winioctl.h
(Andre Heinecke)
- Include _dbus_path_is_absolute in libdbus on Windows, fixing compilation
(fdo#32805, Mark Brand)

Wed Mar 9 13:00:00 2011 cooloAATTnovell.com
- Update to 1.4.6

* Remove unfinished changes intended to support GTest-based tests,
which were mistakenly included in 1.4.4
- Update to 1.4.4

* Switch back to using even micro versions for stable releases; 1.4.1
should have been called 1.4.2, so skip that version number

* Don\'t leave bad file descriptors being watched when spawning processes,
which could result in a busy-loop (fdo#32992, NB#200248; possibly
also LP#656134, LP#680444, LP#713157)

* Check for MSG_NOSIGNAL correctly

* Fix failure to detect abstract socket support (fdo#29895)

* Make _dbus_system_logv actually exit with DBUS_SYSTEM_LOG_FATAL
(fdo#32262, NB#180486)

* Improve some error code paths (fdo#29981, fdo#32264, fdo#32262,
fdo#33128, fdo#33277, fdo#33126, NB#180486)

* Avoid possible symlink attacks in /tmp during compilation (fdo#32854)

* Tidy up dead code (fdo#25306, fdo#33128, fdo#34292, NB#180486)

* Improve gcc malloc annotations (fdo#32710)

* If the system bus is launched via systemd, protect it from the OOM killer

* Documentation improvements (fdo#11190)

* Avoid readdir_r, which is difficult to use correctly (fdo#8284,
fdo#15922, LP#241619)

* Cope with invalid files in session.d, system.d (fdo#19186,
Debian #230231)

* Don\'t distribute generated files that embed our builddir (fdo#30285,
fdo#34292)

* Raise the system bus\'s fd limit to be sufficient for its configuration
(fdo#33474, LP#381063)

* Fix syslog string processing

* Ignore -Waddress

* Remove broken gcov parsing code and --enable-gcov, and replace them
with lcov HTML reports and --enable-compiler-coverage (fdo#10887)

* Windows:
- avoid live-lock in Windows CE due to unfair condition variables

* OpenBSD:
- support credentials-passing (fdo#32542)

* Solaris:
- opt-in to thread safety (fdo#33464)

Sun Jan 2 13:00:00 2011 javierAATTopensuse.org
- Update to 1.4.1
+ Fix for CVE-2010-4352: sending messages with excessively-nested
variants can crash the bus. The existing restriction to 64-levels
of nesting previously only applied to the static type signature;
now it also applies to dynamic nesting using variants. Thanks to
Rémi Denis-Courmont for discoving this issue.
+ Various bug fixes.
+ For details, see
http://lists.freedesktop.org/archives/dbus/2010-December/013861.html

Mon Nov 8 13:00:00 2010 ajAATTsuse.de
- Fix package list, own /lib/systemd directories.

Tue Oct 12 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- ConsoleKit may not be installed on the system, so kill
the process at \"stop\" only if it is running

Fri Sep 24 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- add missimg BuildRequires on libcap-ng-devel so dbus can
drop capabilities when needed.

Mon Sep 6 14:00:00 2010 kay.sieversAATTnovell.com
- version 1.4.0
- make dbus-uuidgen atomic
- fix socket descriptor leak in _dbus_connect_tcp_socket_with_nonce
- unconditionally enable D-Bus on systemd boots

Sat Jul 24 14:00:00 2010 kay.sieversAATTnovell.com
- update systemd service installation

Tue Jul 13 14:00:00 2010 kay.sieversAATTnovell.com
- drop systemd-units

Sat Jul 10 14:00:00 2010 kay.sieversAATTnovell.com
- update to 1.3.2 snapshot
- New standardized PropertiesChanged signal in the properties interface
- Support forking bus services, for compatibility
- install systemd service files

Mon Jun 28 14:00:00 2010 jengelhAATTmedozas.de
- use %_smp_mflags

Thu Mar 25 13:00:00 2010 vuntzAATTopensuse.org
- Update to version 1.2.24:
+ For details, see
http://lists.freedesktop.org/archives/dbus/2010-March/012436.html
+ Highlights:
- Fix a critical crasher bug in the syslog code
+ [bus] While creating a syslog, correctly get pointer data from
DBusString
+ [bus] Don\'t install a SIGTERM handler
+ [64 bit printf] Update to use DBUS_PID_FORMAT, print (omitted)
+ Move dispatching to destination to bus_dispatch_matches()
+ Dispatch post-activation messages to anyone interested
+ Build changes.
- Changes from version 1.2.22:
+ For details, see
http://lists.freedesktop.org/archives/dbus/2010-March/012395.html
+ Highlights:
- Fix to avoid UI freezes in newer Evolution versions (and any
other program that makes synchronous DBus calls from a
non-main thread).
- Monitor service directories for changes
+ When handling a watch, return if another thread is doing I/O
+ Monitor service directories for changes
+ Sync up UNICODE_VALID with glib, add documentation
+ Support inotify on older kernels
+ Handle OOM in reload watch
+ Refactor _dbus_log_info, _dbus_log_security into
_dbus_log_system
+ Add DBUS_SYSTEM_LOG_FATAL severity
+ Add _dbus_credentials_to_string_append
+ Add a prefix to our syslog messages
+ Make SELinux initialization failure fatal
+ Don\'t send an reply for driver messages if one isn\'t requested
+ Fix double-free in error case.
+ Other simple fixes, build fixes.
+ Explicitly specify in the spec lower-case hex must be used
+ Use AM_SILENT_RULES if available
- Changes from version 1.2.20:
+ For details, see
http://lists.freedesktop.org/archives/dbus/2010-February/012156.html
+ Fix inotify shutdown
+ Fix compilation in --disable-selinux case
- Changes from version 1.2.18:
+ For details, see
http://lists.freedesktop.org/archives/dbus/2010-February/012150.html
+ Ignore exit code zero from activated services
+ Switch to libcap-ng, avoid linking libdbus against libcap[-ng]
+ Don\'t drop pending activations when reloading configuration
+ Update messagebus.in init script to start earlier
+ Clean up inotify watch handling
+ Don\'t crash when reloading if we haven\'t loaded user database
yet
+ fdo#23502 - corrected wrong verbose-output
+ Correct timeout handling
+ dbus-monitor: use unbuffered stdout instead of handling SIGINT
+ fdo#25697 - Fix memory leak in policy reload
+ fdo#23977 - dbus-launch --exit-with-session not killing
dbus-daemon on SIGINT
+ Use monotonic clock for _dbus_get_current_time() if it\'s
available.
+ Make array-printing code easier to follow
+ Forbid zero serial numbers
+ Include reason when reporting corrupt messages
+ Add an accessor for the loader\'s corruption reason
+ Print byte arrays as nicely-formatted hex.
+ Print all-printable-ASCII byte arrays as strings
+ Build fixes, including fdo#19432, fdo#22788, fdo#22805

Mon Dec 14 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source
- package documentation as noarch

Wed Sep 2 14:00:00 2009 mvidnerAATTsuse.cz
- Implemented /etc/init.d/dbus reload (bnc#503074).

Thu Jul 23 14:00:00 2009 kay.sieversAATTnovell.com
- fix %changelog

Fri Jul 17 14:00:00 2009 meissnerAATTsuse.de
- added dbus-1-devel to baselibs.conf

Fri Jul 17 14:00:00 2009 kay.sieversAATTnovell.com
- fix --libexecdir to be the proper /lib/dbus-1/ directory

Wed Jul 15 14:00:00 2009 kay.sieversAATTnovell.com
- update to 1.2.16 release
- Avoid race conditions reading message from exited process
- Ensure initialized variable in dbus_connection_remove_filter
- Don\'t fail autolaunching if process has SIGCHLD handler
- Ensure inotify fd is set close on exec
- Make sure a pending call timeout isn\'t assumed
- Allow a pending call to block forever
- Don\'t allocate DBusTimeout for pending call when passed INT_MAX
- Update documentation now that INT_MAX means no timeout
- Fix issue where timeouts can overflow
- Remove 6 hour timeout restriction
- Unrestrict session bus timeout

Thu Apr 16 14:00:00 2009 crrodriguezAATTsuse.de
- use --disable-static instead of removing static libraries

Thu Apr 2 14:00:00 2009 wernerAATTsuse.de
- Make boot script smart


 
ICM