CVS commit: pkgsrc/sysutils/dbus

To: pkgsrc-changes%netbsd.org@localhost
Subject: CVS commit: pkgsrc/sysutils/dbus
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Tue, 17 Feb 2015 13:48:24 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Tue Feb 17 13:48:24 UTC 2015

Modified Files:
        pkgsrc/sysutils/dbus: Makefile distinfo

Log Message:
Update to 1.8.16:

D-Bus 1.8.16 (2015-02-09)
==

The “poorly concealed wrestlers” release.

Security fixes:

• Do not allow non-uid-0 processes to send forged ActivationFailure
  messages. On Linux systems with systemd activation, this would
  allow a local denial of service: unprivileged processes could
  flood the bus with these forged messages, winning the race with
  the actual service activation and causing an error reply
  to be sent back when service auto-activation was requested.
  This does not prevent the real service from being started,
  so it only works while the real service is not running.
  (CVE-2015-0245, fd.o #88811; Simon McVittie)

Other fixes:

• fix a Windows build failure (fd.o #88009, Ralf Habacker)

• on Windows, allow up to 8K connections to the dbus-daemon instead of the
  previous 64, completing a previous fix which only worked under
  Autotools (fd.o #71297, Ralf Habacker)


To generate a diff of this commit:
cvs rdiff -u -r1.80 -r1.81 pkgsrc/sysutils/dbus/Makefile
cvs rdiff -u -r1.62 -r1.63 pkgsrc/sysutils/dbus/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/x11/ruby-wxruby
Next by Date: CVS commit: pkgsrc/sysutils/dbus-glib
Previous by Thread: CVS commit: pkgsrc/x11/ruby-wxruby
Next by Thread: CVS commit: pkgsrc/sysutils/dbus-glib
Indexes:

Home | Main Index | Thread Index | Old Index