CVS commit: pkgsrc/sysutils/dbus

To: pkgsrc-changes%netbsd.org@localhost
Subject: CVS commit: pkgsrc/sysutils/dbus
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Thu, 14 May 2015 17:21:06 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Thu May 14 17:21:06 UTC 2015

Modified Files:
        pkgsrc/sysutils/dbus: Makefile distinfo

Log Message:
Update to 1.8.18:

D-Bus 1.8.18 (2015-05-14)
==

The “unicorn rifts” release.

Security hardening:

• On Unix platforms, change the default configuration for the session bus
  to only allow EXTERNAL authentication (secure kernel-mediated
  credentials-passing), as was already done for the system bus.

  This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly
  unpredictable pseudo-random numbers; under certain circumstances
  (/dev/urandom unreadable or malloc() returns NULL), dbus could
  fall back to using rand(), which does not have the desired unpredictability.
  The fallback to rand() has not been changed in this stable-branch since
  the necessary code changes for correct error-handling are rather intrusive.

  If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport,
  in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using
  NFS or similar, you will need to reconfigure the session bus to accept
  DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration
  is not recommended.

  (fd.o #90414, Simon McVittie)

Other fixes:

• Add locking to DBusCounter's reference count and notify function
  (fd.o #89297, Adrian Szyndela)

• Ensure that DBusTransport's reference count is protected by the
  corresponding DBusConnection's lock (fd.o #90312, Adrian Szyndela)

• On Windows, listen on the same port for IPv4 and IPv6 (previously
  broken by an endianness mistake), and fix a failure to bind TCP
  sockets on approximately 1 attempt in 256 (fd.o #87999, Ralf Habacker)

• Correctly release DBusServer mutex before early-return if we run out
  of memory while copying authentication mechanisms (fd.o #90004,
  Ralf Habacker)

• Fix some missing \n in verbose (debug log) messages (fd.o #90004,
  Ralf Habacker)

• Clean up some memory leaks in test code (fd.o #90004, Ralf Habacker)


To generate a diff of this commit:
cvs rdiff -u -r1.82 -r1.83 pkgsrc/sysutils/dbus/Makefile
cvs rdiff -u -r1.63 -r1.64 pkgsrc/sysutils/dbus/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/comms/java-rxtx
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/comms/java-rxtx
Indexes:

Home | Main Index | Thread Index | Old Index