Fix regression in 1.8.10

OBS-URL: https://build.opensuse.org/package/show/Base:System/dbus-1?expand=0&rev=183

dbus-1-x11.changes

@@ -1,3 +1,28 @@
+-------------------------------------------------------------------
+Tue Nov 25 07:43:12 UTC 2014 - fstrba@suse.com
+
+- Update to 1.8.12:
+  * Fixes:
+    - Partially revert the CVE-2014-3639 patch by increasing the
+      default authentication timeout on the system bus from 5
+      seconds back to 30 seconds, since this has been reported to
+      cause boot regressions for some users, mostly with parallel
+      boot (systemd) on slower hardware.
+      On fast systems where local users are considered particularly
+      hostile, administrators can return to the 5 second timeout
+      (or any other value in milliseconds) by saving this as
+      /etc/dbus-1/system-local.conf:
+      <busconfig>
+        <limit name="auth_timeout">5000</limit>
+      </busconfig>
+      (fdo#86431, Simon McVittie)
+    - Add a message in syslog/the Journal when the auth_timeout is
+      exceeded (fdo#86431, Simon McVittie)
+    - Send back an AccessDenied error if the addressed recipient is
+      not allowed to receive a message (and in builds with
+      assertions enabled, don't assert under the same conditions).
+      (fdo#86194, Jacek Bukarewicz)
+
 -------------------------------------------------------------------
 Mon Nov 10 16:26:24 UTC 2014 - fstrba@suse.com
 

dbus-1-x11.spec

@@ -27,7 +27,7 @@
 %define _unitdir %{_libexecdir}/systemd/system
 %endif
 Name:           dbus-1-x11
-Version:        1.8.10
+Version:        1.8.12
 Release:        0
 Summary:        D-Bus Message Bus System
 License:        GPL-2.0+ or AFL-2.1

dbus-1.8.10.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:10bf87fdb68815edd01d53885101dbcdd80dacad7198912cca61a4fa22dfaf8e
-size 1864902

dbus-1.8.12.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c91428f28d2925ba32d34ffc824bfcf4d40d5e1e67befc4bcf2202f0a862501e
+size 1864609

dbus-1.changes

@@ -1,3 +1,28 @@
+-------------------------------------------------------------------
+Tue Nov 25 07:43:12 UTC 2014 - fstrba@suse.com
+
+- Update to 1.8.12:
+  * Fixes:
+    - Partially revert the CVE-2014-3639 patch by increasing the
+      default authentication timeout on the system bus from 5
+      seconds back to 30 seconds, since this has been reported to
+      cause boot regressions for some users, mostly with parallel
+      boot (systemd) on slower hardware.
+      On fast systems where local users are considered particularly
+      hostile, administrators can return to the 5 second timeout
+      (or any other value in milliseconds) by saving this as
+      /etc/dbus-1/system-local.conf:
+      <busconfig>
+        <limit name="auth_timeout">5000</limit>
+      </busconfig>
+      (fdo#86431, Simon McVittie)
+    - Add a message in syslog/the Journal when the auth_timeout is
+      exceeded (fdo#86431, Simon McVittie)
+    - Send back an AccessDenied error if the addressed recipient is
+      not allowed to receive a message (and in builds with
+      assertions enabled, don't assert under the same conditions).
+      (fdo#86194, Jacek Bukarewicz)
+
 -------------------------------------------------------------------
 Mon Nov 10 16:26:24 UTC 2014 - fstrba@suse.com
 

dbus-1.spec

@@ -26,7 +26,7 @@
 %define _unitdir %{_libexecdir}/systemd/system
 %endif
 Name:           dbus-1
-Version:        1.8.10
+Version:        1.8.12
 Release:        0
 Summary:        D-Bus Message Bus System
 License:        GPL-2.0+ or AFL-2.1