e1a430deb3
Accepting request 1114292 from home:simotek:branches:Base:System
Simon Lees2023-09-29 09:04:59 +00:00
9077744b0e
Accepting request 1114292 from home:simotek:branches:Base:System
Simon Lees2023-09-29 09:04:59 +00:00
e99c687bd3
Accepting request 1113381 from home:simotek:branches:Broker
Dirk Mueller2023-09-28 07:43:29 +00:00
31429ce288
Accepting request 1113381 from home:simotek:branches:Broker
Dirk Mueller2023-09-28 07:43:29 +00:00
c4836eae87
Accepting request 1112496 from Base:System
Ana Guerrero2023-09-22 19:47:07 +00:00
2190cd9fb1
Accepting request 1112496 from Base:System
Ana Guerrero2023-09-22 19:47:07 +00:00
a2330cfb84
- update to 1.14.10: * Avoid a dbus-daemon crash if re-creating a connection's policy fails. If it isn't possible to re-create its policy (for example if it belongs to a user account that has been deleted or if the Name Service Switch is broken, on a system not supporting SO_PEERGROUPS), we now log a warning, continue to use its current policy, and continue to reload other connections' policies. * If getting the groups from a user ID fails, report the error correctly, instead of logging "(null)" * Return the primary group ID in GetConnectionCredentials()' UnixGroupIDs field for processes with a valid-but-empty supplementary group list - Disable asserts (bsc#1087072) - set runstatedir correctly - avoid listing cmake directory - owned by cmake package - Use sysusers.d to create messagebus user
Dirk Mueller2023-09-13 08:46:45 +00:00
31999f28c5
- update to 1.14.10: * Avoid a dbus-daemon crash if re-creating a connection's policy fails. If it isn't possible to re-create its policy (for example if it belongs to a user account that has been deleted or if the Name Service Switch is broken, on a system not supporting SO_PEERGROUPS), we now log a warning, continue to use its current policy, and continue to reload other connections' policies. * If getting the groups from a user ID fails, report the error correctly, instead of logging "(null)" * Return the primary group ID in GetConnectionCredentials()' UnixGroupIDs field for processes with a valid-but-empty supplementary group list - Disable asserts (bsc#1087072) - set runstatedir correctly - avoid listing cmake directory - owned by cmake package - Use sysusers.d to create messagebus user
Dirk Mueller2023-09-13 08:46:45 +00:00
3aa97ec44a
- update to 1.14.8: * Denial-of-service fixes: * Fix an assertion failure in dbus-daemon when a privileged Monitoring connection (dbus-monitor, busctl monitor, gdbus monitor or similar) is active, and a message from the bus driver cannot be delivered to a client connection due to <deny> rules or outgoing message quota. This is a denial of service if triggered maliciously by a local attacker. * Fix compilation on compilers not supporting __FUNCTION__ * Fix some memory leaks on out-of-memory conditions * Fix syntax of a code sample in dbus-api-design
Dirk Mueller2023-06-12 21:16:15 +00:00
a2da7f8319
- update to 1.14.8: * Denial-of-service fixes: * Fix an assertion failure in dbus-daemon when a privileged Monitoring connection (dbus-monitor, busctl monitor, gdbus monitor or similar) is active, and a message from the bus driver cannot be delivered to a client connection due to <deny> rules or outgoing message quota. This is a denial of service if triggered maliciously by a local attacker. * Fix compilation on compilers not supporting __FUNCTION__ * Fix some memory leaks on out-of-memory conditions * Fix syntax of a code sample in dbus-api-design
Dirk Mueller2023-06-12 21:16:15 +00:00
6fc53b808d
Accepting request 1064293 from home:dimstar:Factory
Fridrich Strba2023-02-10 16:29:55 +00:00
b02c06f6fb
Accepting request 1064293 from home:dimstar:Factory
Fridrich Strba2023-02-10 16:29:55 +00:00
6a83c1aecf
- update to 1.14.6: * Fix an incorrect assertion that could be used to crash dbus-daemon or other users of DBusServer prior to authentication, if libdbus was compiled with assertions enabled. We recommend that production builds of dbus, for example in OS distributions, should be compiled with checks but without assertions. * When connected to a dbus-broker, stop dbus-monitor from incorrectly replying to Peer method calls that were sent to the dbus-broker with a NULL destination * Fix out-of-bounds varargs read in the dbus-daemon's config- parser. This is not attacker-triggerable and appears to be harmless in practice, but is technically undefined behaviour and is detected as such by AddressSanitizer. * Avoid a data race in multi-threaded use of DBusCounter * Fix a crash with some glibc versions when non-auditable SELinux events are logged (dbus!386, Jeremi Piotrowski) * If dbus_message_demarshal() runs out of memory while validating a message, report it as NoMemory rather than InvalidArgs (dbus#420, Simon McVittie) * Use C11 _Alignof if available, for better standards- compliance * Stop including an outdated copy of pkg.m4 in the git tree * Documentation: * Fix the test-apparmor-activation test after dbus#416 * Internal changes: * Fix CI builds with recent git versions (dbus#447, Simon McVittie) - switch to using multibuild
Dirk Mueller2023-02-09 17:09:45 +00:00
64ca67738d
- update to 1.14.6: * Fix an incorrect assertion that could be used to crash dbus-daemon or other users of DBusServer prior to authentication, if libdbus was compiled with assertions enabled. We recommend that production builds of dbus, for example in OS distributions, should be compiled with checks but without assertions. * When connected to a dbus-broker, stop dbus-monitor from incorrectly replying to Peer method calls that were sent to the dbus-broker with a NULL destination * Fix out-of-bounds varargs read in the dbus-daemon's config- parser. This is not attacker-triggerable and appears to be harmless in practice, but is technically undefined behaviour and is detected as such by AddressSanitizer. * Avoid a data race in multi-threaded use of DBusCounter * Fix a crash with some glibc versions when non-auditable SELinux events are logged (dbus!386, Jeremi Piotrowski) * If dbus_message_demarshal() runs out of memory while validating a message, report it as NoMemory rather than InvalidArgs (dbus#420, Simon McVittie) * Use C11 _Alignof if available, for better standards- compliance * Stop including an outdated copy of pkg.m4 in the git tree * Documentation: * Fix the test-apparmor-activation test after dbus#416 * Internal changes: * Fix CI builds with recent git versions (dbus#447, Simon McVittie) - switch to using multibuild
Dirk Mueller2023-02-09 17:09:45 +00:00
a8bd6c1553
- update to 1.14.4 (bsc#1204111, CVE-2022-42010, bsc#1204112, CVE-2022-42011, bsc#1204113, CVE-2022-42012): This is a security update for the dbus 1.14.x stable branch, fixing denial-of-service issues (CVE-2022-42010, -42011, -42012) and applying security hardening (dbus#416). Behaviour changes: * On Linux, dbus-daemon and other uses of DBusServer now create a path-based Unix socket, unix:path=..., when asked to listen on a unix:tmpdir=... address. This makes unix:tmpdir=... equivalent to unix:dir=... on all platforms. Previous versions would have created an abstract socket, unix:abstract=..., in this situation. This change primarily affects the well-known session bus when run via dbus-launch(1) or dbus-run-session(1). The user bus, enabled by configuring dbus with --enable-user-session and running it on a systemd system, already used path-based Unix sockets and is unaffected by this change. This behaviour change prevents a sandbox escape via the session bus socket in sandboxing frameworks that can share the network namespace with the host system, such as Flatpak. This change might cause a regression in situations where the abstract socket is intentionally shared between the host system and a chroot or container, such as some use-cases of schroot(1). That regression can be resolved by using a bind-mount to share either the D-Bus socket, or the whole /tmp directory, with the chroot or container. (dbus#416, Simon McVittie) * Denial of service fixes: - Evgeny Vereshchagin discovered several ways in which an authenticated local attacker could cause a crash (denial of service) in dbus-daemon --system or a custom DBusServer. In uncommon configurations
Dirk Mueller2022-10-26 09:05:34 +00:00
d2b9b851b0
- update to 1.14.4 (bsc#1204111, CVE-2022-42010, bsc#1204112, CVE-2022-42011, bsc#1204113, CVE-2022-42012): This is a security update for the dbus 1.14.x stable branch, fixing denial-of-service issues (CVE-2022-42010, -42011, -42012) and applying security hardening (dbus#416). Behaviour changes: * On Linux, dbus-daemon and other uses of DBusServer now create a path-based Unix socket, unix:path=..., when asked to listen on a unix:tmpdir=... address. This makes unix:tmpdir=... equivalent to unix:dir=... on all platforms. Previous versions would have created an abstract socket, unix:abstract=..., in this situation. This change primarily affects the well-known session bus when run via dbus-launch(1) or dbus-run-session(1). The user bus, enabled by configuring dbus with --enable-user-session and running it on a systemd system, already used path-based Unix sockets and is unaffected by this change. This behaviour change prevents a sandbox escape via the session bus socket in sandboxing frameworks that can share the network namespace with the host system, such as Flatpak. This change might cause a regression in situations where the abstract socket is intentionally shared between the host system and a chroot or container, such as some use-cases of schroot(1). That regression can be resolved by using a bind-mount to share either the D-Bus socket, or the whole /tmp directory, with the chroot or container. (dbus#416, Simon McVittie) * Denial of service fixes: - Evgeny Vereshchagin discovered several ways in which an authenticated local attacker could cause a crash (denial of service) in dbus-daemon --system or a custom DBusServer. In uncommon configurations
Dirk Mueller2022-10-26 09:05:34 +00:00
030bfd6f94
- update to 2.23: * Python now waits on child processes with os.wait() * open() call with O_CREAT now passes permissions * -Ttext-segment argument on aarch64 passes page size in hex * Build system improvements - add disable-morecore.patch: fix build and working with glibc >= 2.34 - rediff patches
Dirk Mueller2022-06-09 09:57:20 +00:00
0a02c9987e
- update to 2.23: * Python now waits on child processes with os.wait() * open() call with O_CREAT now passes permissions * -Ttext-segment argument on aarch64 passes page size in hex * Build system improvements - add disable-morecore.patch: fix build and working with glibc >= 2.34 - rediff patches
Dirk Mueller2022-06-09 09:57:20 +00:00
Ana Guerrero
Simon Lees
Dirk Mueller
Dominique Leuenberger
Fridrich Strba