SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for dbus-1-devel-doc-1.14.10-lp156.8.1.noarch.rpm :

* Wed Oct 26 2022 Dirk Müller - update to 1.14.4 (bsc#1204111, CVE-2022-42010, bsc#1204112, CVE-2022-42011, bsc#1204113, CVE-2022-42012): This is a security update for the dbus 1.14.x stable branch, fixing denial-of-service issues (CVE-2022-42010, -42011, -42012) and applying security hardening (dbus#416). Behaviour changes:
* On Linux, dbus-daemon and other uses of DBusServer now create a path-based Unix socket, unix:path=..., when asked to listen on a unix:tmpdir=... address. This makes unix:tmpdir=... equivalent to unix:dir=... on all platforms. Previous versions would have created an abstract socket, unix:abstract=..., in this situation. This change primarily affects the well-known session bus when run via dbus-launch(1) or dbus-run-session(1). The user bus, enabled by configuring dbus with --enable-user-session and running it on a systemd system, already used path-based Unix sockets and is unaffected by this change. This behaviour change prevents a sandbox escape via the session bus socket in sandboxing frameworks that can share the network namespace with the host system, such as Flatpak. This change might cause a regression in situations where the abstract socket is intentionally shared between the host system and a chroot or container, such as some use-cases of schroot(1). That regression can be resolved by using a bind-mount to share either the D-Bus socket, or the whole /tmp directory, with the chroot or container. (dbus#416, Simon McVittie)
* Denial of service fixes: - Evgeny Vereshchagin discovered several ways in which an authenticated local attacker could cause a crash (denial of service) in dbus-daemon --system or a custom DBusServer. In uncommon configurations these could potentially be carried out by an authenticated remote attacker. - An invalid array of fixed-length elements where the length of the array is not a multiple of the length of the element would cause an assertion failure in debug builds or an out-of-bounds read in production builds. This was a regression in version 1.3.0. (dbus#413, CVE-2022-42011; Simon McVittie) - A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical example. (dbus#418, CVE-2022-42010; Simon McVittie) - A message in non-native endianness with out-of-band Unix file descriptors would cause a use-after-free and possible memory corruption in production builds, or an assertion failure in debug builds. This was a regression in version 1.3.0. (dbus#417, CVE-2022-42012; Simon McVittie) - Preserve errno on failure to open /proc/self/oom_score_adj (dbus!285, Gentoo#834725; Mike Gilbert) - On Linux, don\'t log warnings if oom_score_adj is read-only but does not need to be changed (dbus!291, Simon McVittie) - Slightly improve error-handling for inotify (dbus!235, Simon McVittie) - Don\'t crash if dbus-daemon is asked to watch more than 128 directories for changes (dbus!302, Jan Tojnar)
* Sat Oct 15 2022 Bjørn Lie - Disable asserts in dbus-1-x11.spec and dbus-1-devel-doc.spec too
* Fri Mar 04 2022 Bjørn Lie - Update to version 1.14.0: + Dependencies: - dbus now requires at least a basic level of support for C99 variadic macros, as implemented in gcc >= 3, all versions of Clang, and MSVC >= 2005. In practice this requirement has existed since version 1.9.2, but it is now official. - dbus now requires a C99-compatible va_copy() macro (or a __va_copy() macro with the same behaviour), except when building for Windows using MSVC and CMake. - On Unix platforms, if getpwnam_r() and getgrnam_r() are implemented, they must be POSIX-conformant. The non-POSIX signature seen in ancient Solaris versions will no longer work. - GLib >= 2.38 is required if full test coverage is enabled (reduced from 2.40 in dbus 1.12.x.) - Building using CMake now requires CMake 3.4. - Building documentation using CMake now requires xsltproc, Docbook DTDs (for example docbook-xml on Debian derivatives), and Docbook XSLT stylesheets (for example docbook-xsl on Debian derivatives). Using KDE\'s meinproc4 documentation processor is no longer supported. + Build-time configuration changes: Move CMake build system to top level, matching normal practice for CMake projects + Deprecations: - Third-party software should install default dbus policies for the system bus into ${datadir}/dbus-1/system.d (this has been supported since dbus 1.10, released in August 2015). Installing default dbus policies in ${sysconfdir}/dbus-1/system.d is now considered to be deprecated. Policy files in ${sysconfdir}/dbus-1/system.d continue to be read, but this directory should only be used by system administrators wishing to override the default policies. - The ${datadir} applicable to dbus is usually /usr/share and the ${sysconfdir} is usually /etc. - A similar pattern applies to the session bus policies in session.d. - The dbus-send(1) man page now documents --bus and --peer instead of the old --address synonym for --peer, which has been deprecated since the introduction of --bus and --peer in 1.7.6 - The dbus-daemon man page now has scarier warnings about and non-local TCP, which are insecure and should not be used, particularly for the standard system and session buses. - DBusServer (and hence the dbus-daemon) no longer accepts usernames (login names) for the recommended EXTERNAL authentication mechanism, only numeric user IDs or the empty string. See 1.13.0 release notes for full details. + New features: - On Linux 4.13 or later when built against a suitable glibc version, GetConnectionCredentials() now includes UnixGroupIDs, the effective group IDs of the initiator of the connection, taken from SO_PEERGROUPS. - On Linux 4.13 or later, now uses the SO_PEERGROUPS credentials-passing socket option to get the effective group IDs of the initiator of the connection. See 1.13.4 release notes for details. - Add a --sender option to dbus-send, which requests a name and holds it until the signal has been sent - dbus-daemon and rules can now specify a send_destination_prefix attribute, which is like a combination of send_destination and the arg0namespace keyword in match rules. See 1.13.12 release notes for more details. - The dbus-daemon now filters the messages that it relays, removing header fields that it does not understand. Clients must not rely on this behaviour unless they have confirmed that they are connected to a suitable message bus implementation, for example by querying its Features property. - The dbus-daemon now emits a signal, ActivatableServicesChanged, when the list of activatable services may have changed. Support for this signal can be discovered by querying the Features property. - It is now possible to disable traditional (non-systemd) service activation at build-time (Autotools: - -disable-traditional-activation, CMake: - DENABLE_TRADITIONAL_ACTIVATION=OFF). See 1.13.10 release notes for details. - The API reference manual can be built as a Qt compiled help file if qhelpgenerator(-qt5) is available. See 1.13.16 release notes for details. + Miscellaneous behaviour changes: - When using the \"user bus\" (--enable-user-session), put the dbus-daemon in the session slice - Several environment variables set by systemd are no longer passed on to activated services - If the dbus-daemon is compiled for Linux with systemd support, it now informs systemd that it is ready for use via the sd_notify() mechanism. - Tarball releases no longer contain pre-2007 changelogs and are now compressed with xz, making them around 35% smaller.- Drop conditionals for old obsolete versions of openSUSE.- Rebase patches with quilt.- Use https for source and sig URL.
* Tue Mar 01 2022 Bjørn Lie - Update to version 1.12.22: + On Linux, when using traditional (non-systemd) service activation, don\'t log warnings about failing to reset OOM score adjustment if the process is already more susceptible to the OOM killer, as user processes usually are with systemd ≥ 250. + On Linux, when using traditional (non-systemd) system bus activation, reset the OOM score adjustment to 0 as intended. If the system dbus-daemon is protected from the OOM killer, this avoids that protection unintentionally being inherited by every system service. + Avoid malloc() after fork on non-GNU libc. + Fix build with clang 13 by using Standard C offsetof where available. + Fix build of tests on FreeBSD. + Make documentation build more reproducible. + On Unix, make X11 autolaunch cope with slashes in DISPLAY. + Don\'t try to raise RLIMIT_NOFILE beyond OPEN_MAX on macOS. + Fix compilation if embedded tests are enabled but verbose mode and stats are both disabled. + On Linux, fix a race condition in the integration test for transient services.
* Thu Jul 16 2020 Matthias Eliasson - Update to 1.12.20
* On Unix, avoid a use-after-free if two usernames have the same numeric uid. In older versions this could lead to a crash (denial of service) or other undefined behaviour, possibly including incorrect authorization decisions if is used. Like Unix filesystems, D-Bus\' model of identity cannot distinguish between users of different names with the same numeric uid, so this configuration is not advisable on systems where D-Bus will be used. Thanks to Daniel Onaca. (dbus#305, dbus!166; Simon McVittie)- From 1.12.18
* CVE-2020-12049: If a message contains more file descriptors than can be sent, close those that did get through before reporting error. Previously, a local attacker could cause the system dbus-daemon (or another system service with its own DBusServer) to run out of file descriptors, by repeatedly connecting to the server and sending fds that would get leaked. Thanks to Kevin Backhouse of GitHub Security Lab. (dbus#294, GHSL-2020-057; Simon McVittie)
* Fix a crash when the dbus-daemon is terminated while one or more monitors are active (dbus#291, dbus!140; Simon McVittie)
* The dbus-send(1) man page now documents --bus and --peer instead of the old --address synonym for --peer, which has been deprecated since the introduction of --bus and --peer in 1.7.6 (fd.o #48816, dbus!115; Chris Morin)
* Fix a wrong environment variable name in dbus-daemon(1) (dbus#275, dbus!122; Mubin, Philip Withnall)
* Fix formatting of dbus_message_append_args example (dbus!126, Felipe Franciosi)
* Avoid a test failure on Linux when built in a container as uid 0, but without the necessary privileges to increase resource limits (dbus!58, Debian #908092; Simon McVittie)
* When building with CMake, cope with libX11 in a non-standard location (dbus!129, Tuomo Rinne)- Run spec-cleaner
* Sun Jan 19 2020 Stefan Brüns - Move generation of API docs to a separate package, avoid doxygen dependency for building main package.- Build x11 and devel-doc (API doc) using _multibuild.
* Sun Jan 19 2020 Stefan Brüns - Drop no longer required call to autoreconf, remove obsolete BuildRequires for libtool and autoconf-archive.
* Fri Jan 17 2020 Thorsten Kukuk - Remove left overs from blocking restart on update from May 29th 2019- Use sysusers.d to create messagebus user
* Tue Dec 03 2019 Simon Lees - Verify signatures
* dbus-1.keyring - Key for Simon McVittie (smcv) from the Debian developer keyring.- Drop dbus_at_console.ck not needed- Clean up sources
* Source2 dbus-1.desktop now Source4
* baselib.conf now source 3- Update to 1.12.16
* CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1 authentication for identities that differ from the user running the DBusServer. Previously, a local attacker could manipulate symbolic links in their own home directory to bypass authentication and connect to a DBusServer with elevated privileges. The standard system and session dbus-daemons in their default configuration were immune to this attack because they did not allow DBUS_COOKIE_SHA1, but third-party users of DBusServer such as Upstart could be vulnerable. Thanks to Joe Vennix of Apple Information Security. (bsc#1137832, dbus#269, Simon McVittie)- From 1.12.14
* Raise soft fd limit to match hard limit, even if unprivileged. This makes session buses with many clients, or with clients that make heavy use of fd-passing, less likely to suffer from fd exhaustion. (dbus!103, Simon McVittie)
* If a privileged dbus-daemon has a hard fd limit greater than 64K, don\'t reduce it to 64K, ensuring that we can put back the original fd limits when carrying out traditional (non-systemd) activation. This fixes a regression with systemd >= 240 in which system services inherited dbus-daemon\'s hard and soft limit of 64K fds, instead of the intended soft limit of 1K and hard limit of 512K or 1M. (dbus!103, Debian#928877; Simon McVittie)
* Fix build failures caused by an AX_CODE_COVERAGE API change in newer autoconf-archive versions (dbus#249, dbus!88; Simon McVittie)
* Fix build failures with newer autoconf-archive versions that include AX_-prefixed shell variable names (dbus#249, dbus!86; Simon McVittie)
* Parse section/group names in .service files according to the syntax from the Desktop Entry Specification, rejecting control characters and non-ASCII in section/group names (dbus#208, David King)
* Fix various -Wlogical-op issues that cause build failure with newer gcc versions (dbus#225, dbus!109; David King)
* Don\'t assume we can set permissions on a directory, for the benefit of MSYS and Cygwin builds (dbus#216, dbus!110; Simon McVittie)
* Don\'t overwrite PKG_CONFIG_PATH and related environment variables when the pkg-config-based version of DBus1Config is used in a CMake project (dbus#267, dbus!96; Clemens Lang)- Drop now upstream Patches
* dbus-no-ax-check.patch
* dbus-new-autoconf-archive.patch
* Wed Nov 20 2019 Stefan Brüns - Fix two inconsistencies with _libexecdir, sysusers.d and tmpfiles.d are always in %{_prefix}/lib/.- Drop update-desktop-files BuildRequires, once added for mimetypes.prov which is no longer part of update-desktop-files, and dbus-1.desktop does not even handles a single mimetype.
* Wed May 29 2019 Simon Lees - Replace DISABLE_RESTART_ON_UPDATE with %service_del_postun_without_restart- Remove version specific code to block all updates on restart as hopefully no tumbleweed versions still have code causing those issues (was only present for a few snapshots)
* Wed Apr 24 2019 Tomáš Chvátal - Remove the Leap42 conditionals that cause file conflict with filesystem package
* Fri Feb 22 2019 Franck Bui - Drop use of $FIRST_ARG in .spec The use of $FIRST_ARG was probably required because of the %service_
* rpm macros were playing tricks with the shell positional parameters. This is bad practice and error prones so let\'s assume that no macros should do that anymore and hence it\'s safe to assume that positional parameters remains unchanged after any rpm macro call.
* Wed Jan 30 2019 Tomáš Chvátal - Update to 1.12.12:
* Reference the freedesktop.org Code of Conduct (Simon McVittie)
* Stop the dbus-daemon leaking memory (an error message) if delivering the message that triggered auto-activation is forbidden. This is technically a denial of service because the dbus-daemon will run out of memory eventually, but it\'s a very slow and noisy one, because all the rejected messages are also very likely to have been logged to the system log, and its scope is typically limited by the finite number of activatable services available. (dbus#234, Simon McVittie)
* Remove __attribute__((__malloc__)) attribute on dbus_realloc(), which does not meet the criteria for that attribute in gcc 4.7+, potentially leading to miscompilation (fd.o #107741, Simon McVittie)
* Fix some small O(1) memory leaks (fd.o #107320, Simon McVittie)
* Fix printf formats for pointer-sized integers on 64-bit Windows (fd.o #105662, Ralf Habacker)
* Always use select()-based poll() emulation on Darwin-based OSs (macOS, etc.) and on Interix, similar to what libcurl does (dbus#232, dbus!19; Simon McVittie)
* Extend a test timeout to avoid spurious failures in CI (dbus!26, Simon McVittie)
* Wed Jan 30 2019 Tomáš Chvátal - Add patch to build with new autoconf-archive, there is now bash variable AX_BLA that gets detected and autoreconf aborts; thus rather just disable the pointless check:
* dbus-no-ax-check.patch- Add patch to fix codecoverage m4 macro changes in autoconf-archive:
* dbus-new-autoconf-archive.patch
* Tue Jan 15 2019 alarrosaAATTsuse.com- Make libdbus-1-3 own the %{_datadir}/dbus-1/system.d directory
* Mon Jan 14 2019 kukukAATTsuse.de- Use %license instead of %doc [bsc#1082318]
* Wed Dec 19 2018 Jan Engelhardt - Avoid bashisms in scriptlets.
* Tue Nov 20 2018 eichAATTsuse.com- Avoid ugly error message from %pre(install) script when installing for the first time.
* Wed Aug 22 2018 sfleesAATTsuse.de- Update to 1.12.10
* Changelog for 1.12.10
* Prevent reading up to 3 bytes beyond the end of a truncated message. This could in principle be an information leak or denial of service on the system bus, but is not believed to be exploitable to crash the system bus or leak interesting information in practice. (fd.o #107332, Simon McVittie)
* Fix build with gcc 8 -Werror=cast-function-type (fd.o #107349, Simon McVittie)
* Fix warning from gcc 8 about suspicious use of strncpy() when populating struct sockaddr_un (fd.o #107350, Simon McVittie)
* Fix a minor memory leak when a DBusServer listens on a new address (fd.o #107194, Simon McVittie)
* Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer runs out of memory (fd.o #107194, Simon McVittie)
* Don\'t use misleading errno-derived error names if getaddrinfo() or getnameinfo() fails with a code other than EAI_SYSTEM (fd.o #106395, Simon McVittie)
* Skip tests that require working TCP if we are in a container environment where 127.0.0.1 cannot be resolved (fd.o #106812, Simon McVittie)
* Changelog for 1.12.8
* The Devhelp documentation index is now in version 2 format (fd.o #106186, Simon McVittie)
* Give the dbus-daemon man page some scarier warnings about and non-local TCP, which are insecure and should not be used, particularly for the standard system and session buses (fd.o #106004, Simon McVittie)
* Fix installation of Ducktype documentation with newer yelp-build versions (fd.o #106171, Simon McVittie)
* Fri Mar 23 2018 sfleesAATTsuse.de- Update to 1.12.6
* Changelog for 1.12.6
* Increase system dbus-daemon\'s RLIMIT_NOFILE rlimit before it drops privileges, because it won\'t have permission afterwards. This fixes a regression in dbus 1.10.18 and 1.11.0 which made the standard system bus more susceptible to deliberate or accidental denial of service. (fdo#105165, David King)
* Changelog for 1.12.4
* When iterating the DBusConnection while blocking on a pending call, don\'t wait for I/O if that pending call already has a result; and make sure that whether it has a result is propagated in a thread-safe way. This prevents certain multi-threaded calling patterns from blocking until their timeout even when they should have succeeded sooner. (fdo#102839; Manish Narang, Michael Searle)
* Report the correct error if OOM is reached while trying to listen on a TCP socket (fdo#89104, Simon McVittie)
* Fix assertion failures in recovery from OOM while setting up a DBusServer (fdo#89104, Simon McVittie)
* Add a missing space to a warning message (fdo#103729, Thomas Zajic)
* Expand ${bindir} correctly when pkg-config is asked for dbus_daemondir (fdo#104265, Benedikt Heine)
* On Linux systems with systemd < 237, if ${localstatedir}/dbus doesn\'t exist, create it before trying to create ${localstatedir}/dbus/machine-id (fdo#104577, Chris Lesiak)
* Fix escaping in dbus-api-design document (fdo#104925, Philip Withnall)
* Thu Mar 08 2018 dimstarAATTopensuse.org- Don\'t spit out a warning if /usr/bin/dbus-daemon does not exist when we run the pre-script.
* Mon Dec 11 2017 sfleesAATTsuse.de- Swap a missed libdir to libexecdir
* Sun Dec 10 2017 jengelhAATTinai.de- Do not hide errors during useradd.
* Thu Nov 23 2017 sfleesAATTsuse.de- Fix dbus-daemon-launch-helper to use proper ref to libexecdir
* Wed Nov 22 2017 sfleesAATTsuse.de- use %{_libexecdir}/dbus-1 as libexecdir
* Thu Nov 16 2017 sfleesAATTsuse.de- Update to 1.12.2 Deprecations:
* Eavesdropping is officially deprecated in favour of BecomeMonitor. See the release notes for spec version 0.31 (in dbus 1.11.14).
* [Unix] Flag files in /var/run/console/${username} are deprecated. See the release notes for 1.11.18. New APIs:
* and rules in dbus-daemon configuration can now include send_broadcast=\"true\", send_broadcast=\"false\", max_unix_fds=\"N\", min_unix_fds=\"N\" (for some integer N). See the release notes for 1.11.18.
* dbus_try_get_local_machine_id() is like dbus_get_local_machine_id(), but returns a DBusError.
* New APIs around DBusMessageIter to simplify cleanup. See the release notes for 1.11.16.
* The message bus daemon now implements the standard Introspectable, Peer and Properties interfaces. See the release notes for dbus 1.11.14 and spec version 0.31.
* DTDs for introspection XML and bus configuration are installed.
* [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but never uses Linux abstract sockets, which is advantageous for containers. On non-Linux it is equivalent to unix:tmpdir=…. See the release notes for dbus 1.11.14 and spec version 0.31.
* [Unix] New option \"dbus-launch --exit-with-x11\".
* [Unix] Session managers can create transient .service files in $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12.
* [Unix] A sysusers.d snippet can create the messagebus user on-demand. Miscellaneous behaviour changes:
* [Unix] The session bus now logs to syslog if it was started by dbus-launch.
* [Unix] Internal warnings are logged to syslog if configured.
* [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, or to stderr.- Enabled \"make check test suite\"- Patches removed, fixed upstream
* fix-upstream-drop-install-sections-from-user-services.patch
* fix-upstream-increase-backlog.patch
* fix-upstream-timeout-reset-1.patch
* fix-upstream-timeout-reset-2.patch
* Mon Sep 11 2017 sfleesAATTsuse.de- boo#1027201 dbus-daemon not found- boo#978477 systemd reseting under heavy load
* fix-upstream-timeout-reset-1.patch
* fix-upstream-timeout-reset-2.patch
* Mon Aug 28 2017 sfleesAATTsuse.de- boo#1027200 don\'t generate machine-id in %post systemd will do it on first boot.- swap usage of /bin/false to /usr/bin/false- Use libexecdir=%{_libdir}/dbus-1 rather then /lib/dbus-1
* Fri Jul 07 2017 sfleesAATTsuse.de- No need to set --libdir anymore now that prefix is /usr/bin,
* fixes boo#1047532- No need to set --bindir, bindir in dbus-1-x11 was incorrect- Other fixes required to properly change prefix- Don\'t pass --with-initscripts we don\'t use them anymore.
* Fri Jun 30 2017 sfleesAATTsuse.de- Update to 1.10.20
* Fixes: + Fix a reference leak when blocking on a pending call on a connection that has been disconnected (fdo#101481, Shin-ichi MORITA) + Don\'t put timestamps in the Doxygen-generated documentation, for closer-to-reproducible builds (fdo#100692, Simon McVittie) + Avoid an assertion failure when connecting to a semicolon-separated series of addresses, one of which fails (fdo#101257, Simon McVittie)
* Documentation: + Update git URIs in HACKING document to sync up with cgit.freedesktop.org (fdo#100715, Simon McVittie)
* Tue Jun 13 2017 sfleesAATTsuse.de- swap to /usr/bin bsc#1029968- Add the following fixes from SLE12
* bsc#980928 increase listen() backlog of AF_UNIX sockets to SOMAXCONN fix-upstream-increase-backlog.patch- The following bugs were already fixed but are missing changelog entries
* bsc#867256 (No longer applicable)
* bsc#916785 (No longer applicable)
* bsc#1012564 (Not applicable)
* fdo#90004 (Fixed Upstream)- Rename the following patches as a tidy up
* dbus-log-deny.patch to feature-suse-log-deny.patch
* dbus-do-autolaunch.patch feature-suse-do-autolaunch.patch
* 0001-Add-RefuseManualStartStop.patch to feature-suse-refuse-manual-start-stop.patch
* 0001-Drop-Install-sections-from-user-services.patch to fix-upstream-drop-install-sections-from-user-services.patch
* Fri Apr 07 2017 fstrbaAATTsuse.com- Update to 1.10.18
* Fixes + Re-order dbus-daemon startup so that on SELinux systems, the thread that reads AVC notifications retains the ability to write to the audit log (fdo#92832, Debian #857660; Laurent Bigonville) + Fix a harmless read overflow and some memory leaks in a unit test (fdo#100568, Philip Withnall)
* Wed Mar 01 2017 sfleesAATTsuse.de- Update to 1.10.16 Fixes:
* Prevent symlink attacks in the nonce-tcp transport on Unix that could allow an attacker to overwrite a file named \"nonce\", in a directory that the user running dbus-daemon can write, with a random value known only to the user running dbus-daemon. This is unlikely to be exploitable in practice, particularly since the nonce-tcp transport is really only useful on Windows. (fd.o #99828, Simon McVittie) (bsc#1025950)
* Avoid symlink attacks in the \"embedded tests\", which are not enabled by default and should never be enabled in production builds of dbus. (fd.o #99828, Simon McVittie) (bsc#1025951)
* Work around an undesired effect of the fix for CVE-2014-3637 (fd.o #80559), in which processes that frequently send fds, such as logind during a flood of new PAM sessions, can get disconnected for continuously having at least one fd \"in flight\" for too long; dbus-daemon interprets that as a potential denial of service attack. The workaround is to disable that check for uid 0 process such as logind, with a message in the system log. The bug remains open while we look for a more general solution. (fd.o #95263, LP#1591411; Simon McVittie)
* Don\'t run the test test-dbus-launch-x11.sh if X11 autolaunching was disabled at compile time. That test is not expected to work in that configuration. (fd.o #98665, Simon McVittie) Enhancements:
* Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian stable and Debian testing in addition to the older Ubuntu that is the default (fd.o #98889, Simon McVittie)
* Thu Feb 02 2017 sfleesAATTsuse.de- A note for scripts bsc#974092 (remove sysvinit script) is already fixed here.
* Wed Jan 25 2017 sfleesAATTsuse.de- Don\'t restart dbus on upgrade - Includes temporary work around for last version boo#1020301- Add 0001-Add-RefuseManualStartStop.patch don\'t allow users to Manually start or stop dbus.
* Mon Jan 09 2017 marius.kittlerAATTsuse.com- Add systemd unit files to start session bus via systemd- Added patch:
* 0001-Drop-Install-sections-from-user-services.patch + remove install section from socket unit because it does not need to be enabled explicitly (see fdo#92402)
* Fri Dec 09 2016 fstrbaAATTsuse.com- Requires systemd >= 209 and drop the compatibility pkg-config names that don\'t exist in newer systemd
* Thu Dec 08 2016 jengelhAATTinai.de- Drop useless --with-pic which is only for static libs- Abort installation when user/group creation fails- Avoid calling %service_
* more than once
* Tue Dec 06 2016 fstrbaAATTsuse.com- Build the dbus-1 package without X in the dbus-1.spec- Move the dbus-launch.nox11 to the dbus-1 package and install it by default- Build devel-doc package in dbus-1.spec and don\'t build any documentation in dbus-1-x11- Make dbus-1-x11 package contains only the X11-enabled dbus-launch- Fix some rpmlint warnings- Delete the dbus-1-x11.spec.in file, since maintaining it is more complicated then keeping in sync a dbus-1-x11.spec file of less then 120 lines
* Mon Nov 21 2016 kukukAATTsuse.de- Create new subpackage: dbus-1-nox11 - contains dbus-launch without x11 support- Rename dbus-launch to dbus-launch.x11- use update-alternatives to switch between dbus-launch with and without X11- Solves [bnc#934214]
* Tue Oct 11 2016 fstrbaAATTsuse.com- Update to 1.10.12
* Security fixes: + Do not treat ActivationFailure message received from root-owned systemd name as a format string. In principle this is a security vulnerability, but we do not believe it is exploitable in practice, because only privileged processes can own the org.freedesktop.systemd1 bus name, and systemd does not appear to send activation failures that contain \"%\". Please note that this probably
*was
* exploitable in dbus versions older than 1.6.30, 1.8.16 and 1.9.10 due to a missing check which at the time was only thought to be a denial of service vulnerability (CVE-2015-0245). If you are still running one of those versions, patch or upgrade immediately. (fdo#98157, bsc#1003898, Simon McVittie)
* Other fixes: + Harden dbus-daemon against malicious or incorrect ActivationFailure messages by rejecting them if they do not come from a privileged process, or if systemd activation is not enabled (fdo#98157, Simon McVittie) + Avoid undefined behaviour when setting reply serial number without going via union DBusBasicValue (fdo#98035, Marc Mutz) + autogen.sh: fail cleanly if autoconf fails (Simon McVittie)
* Tue Sep 13 2016 mvidnerAATTsuse.com- Moved dbus-run-session from dbus-1-x11 to dbus-1 (bdo#836296)
* Mon Aug 22 2016 fstrbaAATTsuse.com- Update to 1.10.10
* Fixes: + On Linux, when dbus-daemon is run with reduced susceptibility to the OOM killer (typically via systemd), do not let child processes inherit that setting (fdo#32851; Kimmo Hämäläinen, WaLyong Cho) + Output valid shell syntax in ~/.dbus/session-bus/ if the bus address contains a semicolon (fdo#94746, Thiago Macieira) + Fix memory leaks and thread safety in subprocess starting on Windows (fdo#95191, Ralf Habacker) + Do not require systemd to have a service file if using it for activation (fdo#93194; Simon McVittie; backport from 1.11.0) + Stop test-dbus-daemon incorrectly failing on platforms that cannot discover the process ID of clients (fdo#96653, Руслан Ижбулатов) + In tests that exercise correct handling of crashing D-Bus services, suppress Windows crash handler (fdo#95155; Yiyang Fei, Ralf Habacker) + Explicitly check for stdint.h (Ioan-Adrian Ratiu) + update-activation-environment: produce better diagnostics on error (fdo#96653, Simon McVittie) + Don\'t fail the build with an unused const variable warning under gcc 6 (fdo#97282; Thomas Zimmermann, Simon McVittie) + Merge dbus-1.10-ci branch, containing backports from 1.11.0 in build/test code to support continuous integration (fdo#93194, Simon McVittie) - Avoid -Wunused-label when compiling with libselinux but no libaudit - In development builds, allow OOM tests to be disabled as documented - Accept and ignore the --tap argument in all \"embedded tests\", and run all automated tests with that argument for better diagnostics - Fix the systemd activation test under CMake by installing the required files - In Automake, fix shell syntax for installcheck-local with no DESTDIR - In Automake, don\'t try to run manual tests in installcheck - In CMake, don\'t run manual-tcp test as an automated test - Add travis-ci.org build machinery
* Mon Mar 14 2016 fstrbaAATTsuse.com- Update to 1.10.8
* Fixes: + Enable \"large file support\" on systems where it exists: dbus-daemon is not expected to open large files, but it might need to stat files that happen to have large inode numbers (fdo#93545, Hongxu Jia) + Eliminate padding inside DBusMessageIter on 64-bit platforms, which might result in a pedantic C compiler not copying the entire contents of a DBusMessageIter; statically assert that this is not an ABI change in practice (fdo#94136, Simon McVittie) + Document dbus-test-tool echo --sleep-ms=N instead of incorrect --sleep=N (fdo#94244, Dmitri Iouchtchenko) + Correctly report test failures in C tests from run-test.sh (fdo#93379; amit tewari, Simon McVittie) + When tests are enabled, run all the marshal-validate tests, not just the even-numbered ones (fdo#93908, Nick Lewycky) + Correct the expected error from one marshal-validate test, which was previously not run due to the above bug(fdo#93908, Simon McVittie)
* Thu Dec 03 2015 fstrbaAATTsuse.com- Update to 1.10.6
* Fixes: - On Unix when running tests as root, don\'t assert that root and the dbus-daemon user can still call UpdateActivationEnvironment; assert that those privileged users can call BecomeMonitor instead (fdo#93036, Simon McVittie) - On Windows, fix a memory leak in the autolaunch transport (fdo#92899, Simon McVittie) - On Windows Autotools builds, don\'t run tests that rely on dbus-run-session and other Unix-specifics (fdo#92899, Simon McVittie)
* Thu Nov 26 2015 fstrbaAATTsuse.com- Update to 1.10.4
* Changes between 1.10.2 and 1.10.4 - Enhancements: + GetConnectionCredentials, GetConnectionUnixUser and GetConnectionUnixProcessID with argument \"org.freedesktop.DBus\" will now return details of the dbus-daemon itself. This is required to be able to call SetEnvironment on systemd. (fdo#92857, Jan Alexander Steffens) - Fixes: + Make UpdateActivationEnvironment always fail with AccessDenied on the system bus. Previously, it was possible to configure it so root could call it, but the environment variables were not actually used, because the launch helper would discard them. (fdo#92857, Jan Alexander Steffens) + On Unix with --systemd-activation on a user bus, make UpdateActivationEnvironment pass on its arguments to systemd\'s SetEnvironment method, solving inconsistency between the environments used for traditional activation and systemd user-service activation. (fdo#92857, Jan Alexander Steffens) + On Windows, don\'t crash if or --syslog is used (fdo#92538, Ralf Habacker) + On Windows, fix a memory leak when setting a DBusError from a Windows error (fdo#92721, Ralf Habacker) + On Windows, don\'t go into infinite recursion if we abort the process with backtraces enabled (fdo#92721, Ralf Habacker) + Fix various failing tests, variously on Windows and cross-platform: . don\'t test system.conf features (users, groups) that only make sense on the system bus, which is not supported on Windows . don\'t call _dbus_warn() when we skip a test, since it is fatal . fix computation of expected . when running TAP tests, translate newlines to Unix format, fixing cross-compiled tests under Wine on Linux . don\'t stress-test refcounting under Wine, where it\'s really slow . stop assuming that a message looped-back to the test will be received immediately . skip some system bus tests on Windows since they make no sense there (fdo#92538, fdo#92721; Ralf Habacker, Simon McVittie)
* Changes between 1.10.0 and 1.10.2 - Fixes: + Correct error handling for activation: if there are multiple attempts to activate the same service and it fails immediately, the first attempt would get the correct reply, but the rest would time out. We now send the same error reply to each attempt. (fdo#92200, Simon McVittie) + If BecomeMonitor is called with a syntactically invalid match rule, don\'t crash with an assertion failure, fixing a regression in 1.9.10. This was not exploitable as a denial of service, because the check for a privileged user is done first. (fdo#92298, Simon McVittie) + On Linux with --enable-user-session, add the bus address to the environment of systemd services for better backwards compatibility (fdo#92612, Jan Alexander Steffens) + On Windows, fix the logic for replacing the installation prefix in service files\' Exec lines (fdo#83539; Milan Crha, Simon McVittie) + On Windows, if installed in the conventional layout with ${prefix}/etc and ${prefix}/share, use relative paths between bus configuration files to allow the tree to be relocated (fdo#92028, Simon McVittie) + Make more of the regression tests pass in Windows builds (fdo#92538, Simon McVittie)
* Summary of major changes since 1.8.0: - The basic setup for the well-known system and session buses is now done in read-only files in ${datadir} (normally /usr/share). - AppArmor integration has been merged, with features similar to the pre-existing SELinux integration. It is mostly compatible with the patches previously shipped by Ubuntu, with one significant change: Ubuntu\'s GetConnectionAppArmorSecurityContext method has been superseded by GetConnectionCredentials and was not included. - The --enable-user-session configure option can be enabled by OS integrators intending to use systemd to provide a session bus per user (in effect, treating all concurrent graphical and non-graphical login sessions as one large session). - The new listenable address mode \"unix:runtime=yes\" listens on $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the systemd user session. libdbus and \"dbus-launch --autolaunch\" will connect to this address by default. GLib >= 2.45.3 and sd-bus >= 209 have a matching default. - All executables are now dynamically linked to libdbus-1. Previously, some executables, most notably dbus-daemon, were statically linked to a specially-compiled variant of libdbus. This results in various private functions in the _dbus namespace being exposed by the shared library. These are not API, and must not be used outside the dbus source tree. - On platforms with ELF symbol versioning, all public symbols are versioned LIBDBUS_1_3.
* New bus APIs: - org.freedesktop.DBus.GetConnectionCredentials returns LinuxSecurityLabel where supported - org.freedesktop.DBus.Monitoring interface (privileged) . BecomeMonitor method supersedes match rules with eavesdrop=true, which are now deprecated - org.freedesktop.DBus.Stats interface (semi-privileged) . now enabled by default . new GetAllMatchRules method - org.freedesktop.DBus.Verbose interface (not normally compiled) . toggles the effect of DBUS_VERBOSE
* New executables: - dbus-test-tool - dbus-update-activation-environment
* New optional dependencies: - The systemd: pseudo-transport requires libsystemd or libsd-daemon - Complete documentation requires Ducktype and yelp-tools - Full test coverage requires GLib 2.36 and PyGI - AppArmor integration requires libapparmor and optionally libaudit
* Dependencies removed: - dbus-glib
* Tue Nov 17 2015 fstrbaAATTsuse.com- Update to 1.8.20:
* Fixes: - Fix a memory leak when GetConnectionCredentials() succeeds (fdo#91008, Jacek Bukarewicz) - Ensure that dbus-monitor does not reply to messages intended for others (fdo#90952, Simon McVittie)
* Wed Sep 16 2015 fstrbaAATTsuse.com- Account for openSUSE:Leap in the conditional for chosing right local state directories (boo#941352)
* Wed May 27 2015 hrvoje.senjanAATTgmail.com- Move common-begin sections around to make pre_checkin work again- Unconditionally build with systemd features, there are no cycles now, systemd no longer buildrequires dbus-1-devel
* Mon May 18 2015 fstrbaAATTsuse.com- Update to 1.8.18:
* Security hardening: - On Unix platforms, change the default configuration for the session bus to only allow EXTERNAL authentication (secure kernel-mediated credentials-passing), as was already done for the system bus. This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly unpredictable pseudo-random numbers; under certain circumstances (/dev/urandom unreadable or malloc() returns NULL), dbus could fall back to using rand(), which does not have the desired unpredictability. The fallback to rand() has not been changed in this stable-branch since the necessary code changes for correct error-handling are rather intrusive. If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport, in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using NFS or similar, you will need to reconfigure the session bus to accept DBUS_COOKIE_SHA1 by commenting out the element. This configuration is not recommended. (bsc#931066, fdo#90414, Simon McVittie)
* Other fixes: - Add locking to DBusCounter\'s reference count and notify function (fdo#89297, Adrian Szyndela) - Ensure that DBusTransport\'s reference count is protected by the corresponding DBusConnection\'s lock (fdo#90312, Adrian Szyndela) - On Windows, listen on the same port for IPv4 and IPv6 (previously broken by an endianness mistake), and fix a failure to bind TCP sockets on approximately 1 attempt in 256 (fdo#87999, Ralf Habacker) - Correctly release DBusServer mutex before early-return if we run out of memory while copying authentication mechanisms (fdo#90021, Ralf Habacker) - Correctly initialize all fields of DBusTypeReader (fdo#90021, Ralf Habacker, Simon McVittie) - Fix some missing \
in verbose (debug log) messages (fdo#90021, Ralf Habacker) - Clean up some memory leaks in test code (fdo#90021, Ralf Habacker)
* Thu Mar 26 2015 fstrbaAATTsuse.com- Sync changes from SLE12 conditionalized for suse_version <= 1315
* Mon Feb 09 2015 fstrbaAATTsuse.com- Update to 1.8.16:
* Security fixes: - Do not allow non-uid-0 processes to send forged ActivationFailure messages. On Linux systems with systemd activation, this would allow a local denial of service: unprivileged processes could flood the bus with these forged messages, winning the race with the actual service activation and causing an error reply to be sent back when service auto-activation was requested. This does not prevent the real service from being started, so it only works while the real service is not running. (CVE-2015-0245, fdo#88811, bnc#916343; Simon McVittie)
* Other fixes: - fix a Windows build failure (fdo#88009, Ralf Habacker) - on Windows, allow up to 8K connections to the dbus-daemon instead of the previous 64, completing a previous fix which only worked under Autotools (fdo#71297, Ralf Habacker)
* Tue Jan 06 2015 fstrbaAATTsuse.com- Update to 1.8.14
* Security hardening: - Do not allow calls to UpdateActivationEnvironment from uids other than the uid of the dbus-daemon. If a system service installs unsafe security policy rules that allow arbitrary method calls (such as CVE-2014-8148) then this prevents memory consumption and possible privilege escalation via UpdateActivationEnvironment. We believe that in practice, privilege escalation here is avoided by dbus-daemon-launch-helper sanitizing its environment; but it seems better to be safe. - Do not allow calls to UpdateActivationEnvironment or the Stats interface on object paths other than /org/freedesktop/DBus. Some system services install unsafe security policy rules that allow arbitrary method calls to any destination, method and interface with a specified object path; while less bad than allowing arbitrary method calls, these security policies are still harmful, since dbus-daemon normally offers the same API on all object paths and other system services might behave similarly.
* Other fixes: - Add missing initialization so GetExtendedTcpTable doesn\'t crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko)
* Tue Nov 25 2014 fstrbaAATTsuse.com- Update to 1.8.12:
* Fixes: - Partially revert the CVE-2014-3639 patch by increasing the default authentication timeout on the system bus from 5 seconds back to 30 seconds, since this has been reported to cause boot regressions for some users, mostly with parallel boot (systemd) on slower hardware. On fast systems where local users are considered particularly hostile, administrators can return to the 5 second timeout (or any other value in milliseconds) by saving this as /etc/dbus-1/system-local.conf: 5000 (fdo#86431, Simon McVittie) - Add a message in syslog/the Journal when the auth_timeout is exceeded (fdo#86431, Simon McVittie) - Send back an AccessDenied error if the addressed recipient is not allowed to receive a message (and in builds with assertions enabled, don\'t assert under the same conditions). (fdo#86194, Jacek Bukarewicz)
* Mon Nov 10 2014 fstrbaAATTsuse.com- Update to 1.8.10:
* Security fixes: - Increase dbus-daemon\'s RLIMIT_NOFILE rlimit to 65536 so that CVE-2014-3636 part A cannot exhaust the system bus\' file descriptors, completing the incomplete fix in 1.8.8. (CVE-2014-7824, fdo#85105; Simon McVittie, Alban Crequy)
  
ICM