Accepting request 821367 from home:elimat:branches:Base:System

- Update to 1.12.20
  * On Unix, avoid a use-after-free if two usernames have the same
    numeric uid. In older versions this could lead to a crash (denial of
    service) or other undefined behaviour, possibly including incorrect
    authorization decisions if <policy group=...> is used.
    Like Unix filesystems, D-Bus' model of identity cannot distinguish
    between users of different names with the same numeric uid, so this
    configuration is not advisable on systems where D-Bus will be used.
    Thanks to Daniel Onaca.
    (dbus#305, dbus!166; Simon McVittie)
- From 1.12.18
  * CVE-2020-12049: If a message contains more file descriptors than can
    be sent, close those that did get through before reporting error.
    Previously, a local attacker could cause the system dbus-daemon (or
    another system service with its own DBusServer) to run out of file
    descriptors, by repeatedly connecting to the server and sending fds that
    would get leaked.
    Thanks to Kevin Backhouse of GitHub Security Lab.
    (dbus#294, GHSL-2020-057; Simon McVittie)
  * Fix a crash when the dbus-daemon is terminated while one or more
    monitors are active (dbus#291, dbus!140; Simon McVittie)
  * The dbus-send(1) man page now documents --bus and --peer instead of
    the old --address synonym for --peer, which has been deprecated since
	the introduction of --bus and --peer in 1.7.6
	(fd.o #48816, dbus!115; Chris Morin)
  * Fix a wrong environment variable name in dbus-daemon(1)
    (dbus#275, dbus!122; Mubin, Philip Withnall)
  * Fix formatting of dbus_message_append_args example
	(dbus!126, Felipe Franciosi)
  * Avoid a test failure on Linux when built in a container as uid 0, but
    without the necessary privileges to increase resource limits
	(dbus!58, Debian #908092; Simon McVittie)
  * When building with CMake, cope with libX11 in a non-standard location
	(dbus!129, Tuomo Rinne)
- Run spec-cleaner

OBS-URL: https://build.opensuse.org/request/show/821367
OBS-URL: https://build.opensuse.org/package/show/Base:System/dbus-1?expand=0&rev=293

dbus-1-devel-doc.spec

@@ -21,15 +21,13 @@
 %define _libname libdbus-1-3
 # Temporary code to disable service restart on update sflees@suse.de boo#1020301
 %global _backup %{_sysconfdir}/sysconfig/services.rpmbak.%{name}-%{version}-%{release}
-
 %bcond_without selinux
 Name:           dbus-1-devel-doc
-Version:        1.12.16
+Version:        1.12.20
 Release:        0
 Summary:        Developer documentation package for D-Bus
 License:        GPL-2.0-or-later OR AFL-2.1
-Group:          Development/Libraries/Other
+URL:            https://dbus.freedesktop.org/
-URL:            http://dbus.freedesktop.org/
 Source0:        http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz
 Source1:        http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz.asc
 Source2:        dbus-1.keyring
@@ -75,7 +73,7 @@ echo 'GENERATE_MAN=NO' >> Doxyfile.in
     --without-x
 
 doxygen -u
-make -C doc
+%make_build -C doc
 
 %install
 %make_install -C doc

dbus-1-x11.spec

@@ -23,12 +23,11 @@
 %endif
 %bcond_without selinux
 Name:           dbus-1-x11
-Version:        1.12.16
+Version:        1.12.20
 Release:        0
 Summary:        D-Bus Message Bus System
 License:        GPL-2.0-or-later OR AFL-2.1
-Group:          System/Daemons
+URL:            https://dbus.freedesktop.org/
-URL:            http://dbus.freedesktop.org/
 Source0:        http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz
 Source1:        http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz.asc
 Source2:        dbus-1.keyring
@@ -48,7 +47,7 @@ BuildRequires:  pkgconfig(libsystemd) >= 209
 BuildRequires:  pkgconfig(x11)
 Requires(post): update-alternatives
 Requires(preun): update-alternatives
-Supplements:    packageand(dbus-1:libX11-6)
+Supplements:    (dbus-1 and libX11-6)
 Provides:       dbus-launch
 %if %{with selinux}
 BuildRequires:  libselinux-devel
@@ -88,7 +87,7 @@ export V=1
     --with-systemdsystemunitdir=%{_unitdir} \
     --with-systemduserunitdir=%{_userunitdir} \
     --with-x
-make %{?_smp_mflags}
+%make_build
 
 %install
 tdir=$(mktemp -d)

dbus-1.12.16.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:54a22d2fa42f2eb2a871f32811c6005b531b9613b1b93a0d269b05e7549fec80
-size 2093296

dbus-1.12.16.tar.gz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAlz9bG4ACgkQ4FrhR4+B
-TE/zjxAAs6AUPEMcTg8SWwOo+VJIcYRfqDZUVvBOGR7oWSwIWGs7w16k4NjGa5WA
-yKE/vjaUuezXwBW54ebCBLdi2MSRszIjS1O2FcRSF4M1A6kn3q0eK0SZdi7Tc63O
-8n197f7usZOLXFSx5onpm5ToHuXmj2+F6jwwpX5qNmyyRgJkEozzzxTQkiEp+xwX
-TSITwhBxJu1VAfnaq/Z+puIqQpkK8gTJ+Rg9by+OVqqN5AVaKxDDGHEjw2q+oTyH
-EPJH17BXevk7t8p4iHW6qU82tsnEw4EuxBA8GLQKAAhisrL9BOpcFpAmQpbClNlR
-Cy+vdebE1/snIwpbPrDVT3iYd4xUWcd/RYKNEtoX6m9+bvs4jqnxuepVZj6HNbf8
-0NKIdc0zI4GrDcUVkVvcfGmpU05/30RGZP1xDXml8s2EwXJBJX+yUKvGEnKado8K
-poB0Qi9I3mlfY5eWzwW8m0vdkjccEt0Q6qgbgNYpXMLWUxTKICBud4Y37T26twYy
-2+LpD/Pstlrge/vlv8zK7VSpS+b2CZhrualZ74+IcYVEndhgdRXf5PCyOWxf93kw
-xME+ijt9QG0eTUTiFcC3hNJ2IW5hrWdNBTaVj8eIPxR7MWghLpzPjZU8M6dfZ/Wn
-FuIbR/Q5XazqDUQWokSCi2sf4HktO0t28xV200ZtxgL8YbrOQzM=
-=Olzi
------END PGP SIGNATURE-----

dbus-1.12.20.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f77620140ecb4cdc67f37fb444f8a6bea70b5b6461f12f1cbe2cec60fa7de5fe
+size 2095511

dbus-1.12.20.tar.gz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAl793S8ACgkQ4FrhR4+B
+TE8Cfg//Ysb9qT9xLUvCCHdmg+efz1DCks9W21MnZ9EN7qIx/mJPZhqpy9nbaHGy
+xQl2hnYagPZXWy7ly8HpakvzYfjtyRMCd7570n/cMmVXTF5bnfOr1feScrNEEJPc
+R6LreRPVDPdiKak1bF8VeVLpil89WrtU4xRzcpWxhZLlPiN1ebOSjEKtzaW4sDYB
+KdLXLRqcVgdm44NZrTB/xic0hJrO6fhTqiJVx6Lc/CoE9FNO+/60/H2PYIWRedSm
+bEx76RmUJEn1c/+wCyixmiTE0aEWGbKIsTR5mZmnw5BFI9SegQk7cD67kLvqMgpz
+c+SMl0ivihTgcaH9jPKeg6fEvTTMkuxHQyMgYV5Rwoq0ukTgQ+b+/MjYa5OX0QqY
+4YLDqNdgVfdNabxAeGvtNoDLwIHuveB151W9/ANTd420uqkWlCjzriEAjyYv8AJt
+O53dQn6KGos8QmAKyF3dmKKZb7d2XfJLa0byHt84DeM0kAabq7P9ypf4YkbmqLCC
+Eb8kiP8FbNYaQs9i1L2D4RXK8fnZA88aQVf7yBcILJBsQDI/plZuxmSzZLMBF3dw
+SxhcGN3ArsoOqqqWnJt65Sxtt95vO9mpOvrHMB9iQWM3X2zVXh+Et8P2QY9HVhCp
+Xmj3TH9Oc6OjBipqdR8OzdTtc7lnBwjuzMhw6g2S08ZQJovniOE=
+=cwnZ
+-----END PGP SIGNATURE-----

dbus-1.changes

@@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Thu Jul 16 21:28:10 UTC 2020 - Matthias Eliasson <elimat@opensuse.org>
+
+- Update to 1.12.20
+  * On Unix, avoid a use-after-free if two usernames have the same
+    numeric uid. In older versions this could lead to a crash (denial of
+    service) or other undefined behaviour, possibly including incorrect
+    authorization decisions if <policy group=...> is used.
+    Like Unix filesystems, D-Bus' model of identity cannot distinguish
+    between users of different names with the same numeric uid, so this
+    configuration is not advisable on systems where D-Bus will be used.
+    Thanks to Daniel Onaca.
+    (dbus#305, dbus!166; Simon McVittie)
+- From 1.12.18
+  * CVE-2020-12049: If a message contains more file descriptors than can
+    be sent, close those that did get through before reporting error.
+    Previously, a local attacker could cause the system dbus-daemon (or
+    another system service with its own DBusServer) to run out of file
+    descriptors, by repeatedly connecting to the server and sending fds that
+    would get leaked.
+    Thanks to Kevin Backhouse of GitHub Security Lab.
+    (dbus#294, GHSL-2020-057; Simon McVittie)
+  * Fix a crash when the dbus-daemon is terminated while one or more
+    monitors are active (dbus#291, dbus!140; Simon McVittie)
+  * The dbus-send(1) man page now documents --bus and --peer instead of
+    the old --address synonym for --peer, which has been deprecated since
+	the introduction of --bus and --peer in 1.7.6
+	(fd.o #48816, dbus!115; Chris Morin)
+  * Fix a wrong environment variable name in dbus-daemon(1)
+    (dbus#275, dbus!122; Mubin, Philip Withnall)
+  * Fix formatting of dbus_message_append_args example
+	(dbus!126, Felipe Franciosi)
+  * Avoid a test failure on Linux when built in a container as uid 0, but
+    without the necessary privileges to increase resource limits
+	(dbus!58, Debian #908092; Simon McVittie)
+  * When building with CMake, cope with libX11 in a non-standard location
+	(dbus!129, Tuomo Rinne)
+- Run spec-cleaner
+
 -------------------------------------------------------------------
 Sun Jan 19 02:59:34 UTC 2020 - Stefan Brüns <stefan.bruens@rwth-aachen.de>
 

dbus-1.spec

@@ -19,15 +19,13 @@
 %define with_systemd 1
 %define _name   dbus
 %define _libname libdbus-1-3
-
 %bcond_without selinux
 Name:           dbus-1
-Version:        1.12.16
+Version:        1.12.20
 Release:        0
 Summary:        D-Bus Message Bus System
 License:        GPL-2.0-or-later OR AFL-2.1
-Group:          System/Daemons
+URL:            https://dbus.freedesktop.org/
-URL:            http://dbus.freedesktop.org/
 Source0:        http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz
 Source1:        http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz.asc
 Source2:        dbus-1.keyring
@@ -53,18 +51,16 @@ Requires(post): update-alternatives
 Requires(pre):  permissions
 Requires(preun): update-alternatives
 Provides:       dbus-launch
+%sysusers_requires
 %if %{with selinux}
 BuildRequires:  libselinux-devel
 %endif
-%sysusers_requires
 
 %package -n %{_libname}
 Summary:        Library package for D-Bus
-Group:          Development/Libraries/Other
 
 %package devel
 Summary:        Developer package for D-Bus
-Group:          Development/Libraries/Other
 Requires:       %{_libname} = %{version}
 Requires:       dbus-1 = %{version}
 Requires:       glibc-devel
@@ -122,14 +118,14 @@ export V=1
     --with-systemdsystemunitdir=%{_unitdir} \
     --with-systemduserunitdir=%{_userunitdir} \
     --without-x
-make %{?_smp_mflags}
+%make_build
 # The original dbus sysusers config does not create our account,
 # overwrite it with our user definition
 cp %{SOURCE5} bus/sysusers.d/dbus.conf
 %sysusers_generate_pre %{SOURCE5} messagebus
 
 %check
-make %{?_smp_mflags} check
+%make_build check
 
 %install
 %make_install
@@ -175,7 +171,6 @@ rm -Rf %{buildroot}%{_datadir}/doc/dbus
 
 %post -n %{_libname} -p /sbin/ldconfig
 %postun -n %{_libname} -p /sbin/ldconfig
-
 %pre -f messagebus.pre
 %service_add_pre dbus.service dbus.socket