Hello community, here is the log from the commit of package dbus-1 for openSUSE:Factory checked in at 2015-02-12 10:22:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dbus-1 (Old) and /work/SRC/openSUSE:Factory/.dbus-1.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dbus-1" Changes: -------- --- /work/SRC/openSUSE:Factory/dbus-1/dbus-1-x11.changes 2015-01-07 09:38:16.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.dbus-1.new/dbus-1-x11.changes 2015-02-12 10:22:23.000000000 +0100 @@ -1,0 +2,21 @@ +Mon Feb 9 19:37:23 UTC 2015 - [email protected] + +- Update to 1.8.16: + * Security fixes: + - Do not allow non-uid-0 processes to send forged + ActivationFailure messages. On Linux systems with systemd + activation, this would allow a local denial of service: + unprivileged processes could flood the bus with these forged + messages, winning the race with the actual service activation + and causing an error reply to be sent back when service + auto-activation was requested. This does not prevent the real + service from being started, so it only works while the real + service is not running. (CVE-2015-0245, fdo#88811, bnc#916343; + Simon McVittie) + * Other fixes: + - fix a Windows build failure (fdo#88009, Ralf Habacker) + - on Windows, allow up to 8K connections to the dbus-daemon + instead of the previous 64, completing a previous fix which + only worked under Autotools (fdo#71297, Ralf Habacker) + +------------------------------------------------------------------- dbus-1.changes: same change Old: ---- dbus-1.8.14.tar.gz New: ---- dbus-1.8.16.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dbus-1-x11.spec ++++++ --- /var/tmp/diff_new_pack.KZE67E/_old 2015-02-12 10:22:24.000000000 +0100 +++ /var/tmp/diff_new_pack.KZE67E/_new 2015-02-12 10:22:24.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package dbus-1-x11 # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,7 +27,7 @@ %define _unitdir %{_libexecdir}/systemd/system %endif Name: dbus-1-x11 -Version: 1.8.14 +Version: 1.8.16 Release: 0 Summary: D-Bus Message Bus System License: GPL-2.0+ or AFL-2.1 dbus-1.spec: same change ++++++ dbus-1.8.14.tar.gz -> dbus-1.8.16.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.8.14/Makefile.in new/dbus-1.8.16/Makefile.in --- old/dbus-1.8.14/Makefile.in 2015-01-02 00:33:31.000000000 +0100 +++ new/dbus-1.8.16/Makefile.in 2015-02-04 17:49:01.000000000 +0100 @@ -123,8 +123,8 @@ $(top_srcdir)/test/data/invalid-service-files-system/org.freedesktop.DBus.TestSuiteNoExec.service.in \ $(top_srcdir)/test/data/invalid-service-files-system/org.freedesktop.DBus.TestSuiteNoUser.service.in \ $(top_srcdir)/test/data/invalid-service-files-system/org.freedesktop.DBus.TestSuiteNoService.service.in \ - COPYING compile config.guess config.sub depcomp install-sh \ - missing ltmain.sh + COPYING compile config.guess config.sub install-sh missing \ + ltmain.sh subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/as-ac-expand.m4 \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.8.14/NEWS new/dbus-1.8.16/NEWS --- old/dbus-1.8.14/NEWS 2015-01-02 00:42:32.000000000 +0100 +++ new/dbus-1.8.16/NEWS 2015-02-04 17:48:51.000000000 +0100 @@ -1,3 +1,28 @@ +D-Bus 1.8.16 (2015-02-09) +== + +The “poorly concealed wrestlers” release. + +Security fixes: + +• Do not allow non-uid-0 processes to send forged ActivationFailure + messages. On Linux systems with systemd activation, this would + allow a local denial of service: unprivileged processes could + flood the bus with these forged messages, winning the race with + the actual service activation and causing an error reply + to be sent back when service auto-activation was requested. + This does not prevent the real service from being started, + so it only works while the real service is not running. + (CVE-2015-0245, fd.o #88811; Simon McVittie) + +Other fixes: + +• fix a Windows build failure (fd.o #88009, Ralf Habacker) + +• on Windows, allow up to 8K connections to the dbus-daemon instead of the + previous 64, completing a previous fix which only worked under + Autotools (fd.o #71297, Ralf Habacker) + D-Bus 1.8.14 (2015-01-05) == diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.8.14/bus/system.conf.in new/dbus-1.8.16/bus/system.conf.in --- old/dbus-1.8.14/bus/system.conf.in 2014-12-31 16:41:32.000000000 +0100 +++ new/dbus-1.8.16/bus/system.conf.in 2015-02-04 17:45:16.000000000 +0100 @@ -68,6 +68,14 @@ <deny send_destination="org.freedesktop.DBus" send_interface="org.freedesktop.DBus" send_member="UpdateActivationEnvironment"/> + <deny send_destination="org.freedesktop.DBus" + send_interface="org.freedesktop.systemd1.Activator"/> + </policy> + + <!-- Only systemd, which runs as root, may report activation failures. --> + <policy user="root"> + <allow send_destination="org.freedesktop.DBus" + send_interface="org.freedesktop.systemd1.Activator"/> </policy> <!-- Config files are placed here that among other things, punch diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.8.14/cmake/config.h.cmake new/dbus-1.8.16/cmake/config.h.cmake --- old/dbus-1.8.14/cmake/config.h.cmake 2014-12-31 16:41:32.000000000 +0100 +++ new/dbus-1.8.16/cmake/config.h.cmake 2015-02-03 16:47:02.000000000 +0100 @@ -248,4 +248,8 @@ #define inline __inline #endif +#ifdef DBUS_WIN +#define FD_SETSIZE @FD_SETSIZE@ +#endif + #endif // _DBUS_CONFIG_H diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.8.14/cmake/test/CMakeLists.txt new/dbus-1.8.16/cmake/test/CMakeLists.txt --- old/dbus-1.8.14/cmake/test/CMakeLists.txt 2014-12-31 16:41:32.000000000 +0100 +++ new/dbus-1.8.16/cmake/test/CMakeLists.txt 2015-02-03 16:47:02.000000000 +0100 @@ -1,3 +1,4 @@ +include_directories(${CMAKE_SOURCE_DIR}/../test) add_definitions(${DBUS_INTERNAL_CLIENT_DEFINITIONS}) @@ -66,7 +67,6 @@ include_directories( ${GLIB2_INCLUDE_DIR} ${GOBJECT_INCLUDE_DIR} - ${CMAKE_SOURCE_DIR}/../test ) set(TEST_LIBRARIES ${DBUS_INTERNAL_LIBRARIES} dbus-testutils ${GLIB2_LIBRARIES} ${GOBJECT_LIBRARIES}) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.8.14/config.sub new/dbus-1.8.16/config.sub --- old/dbus-1.8.14/config.sub 2014-09-12 16:53:21.000000000 +0200 +++ new/dbus-1.8.16/config.sub 2014-09-13 01:10:20.000000000 +0200 @@ -2,7 +2,7 @@ # Configuration validation subroutine script. # Copyright 1992-2014 Free Software Foundation, Inc. -timestamp='2014-05-01' +timestamp='2014-09-11' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -302,6 +302,7 @@ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle \ | pyramid \ + | riscv32 | riscv64 \ | rl78 | rx \ | score \ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ @@ -828,6 +829,10 @@ basic_machine=powerpc-unknown os=-morphos ;; + moxiebox) + basic_machine=moxie-unknown + os=-moxiebox + ;; msdos) basic_machine=i386-pc os=-msdos @@ -1373,7 +1378,7 @@ | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ | -linux-newlib* | -linux-musl* | -linux-uclibc* \ - | -uxpv* | -beos* | -mpeix* | -udk* \ + | -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.8.14/configure new/dbus-1.8.16/configure --- old/dbus-1.8.14/configure 2015-01-02 00:33:31.000000000 +0100 +++ new/dbus-1.8.16/configure 2015-02-04 17:49:03.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for dbus 1.8.14. +# Generated by GNU Autoconf 2.69 for dbus 1.8.16. # # Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=dbus>. # @@ -591,8 +591,8 @@ # Identity of this package. PACKAGE_NAME='dbus' PACKAGE_TARNAME='dbus' -PACKAGE_VERSION='1.8.14' -PACKAGE_STRING='dbus 1.8.14' +PACKAGE_VERSION='1.8.16' +PACKAGE_STRING='dbus 1.8.16' PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=dbus' PACKAGE_URL='' @@ -1513,7 +1513,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures dbus 1.8.14 to adapt to many kinds of systems. +\`configure' configures dbus 1.8.16 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1587,7 +1587,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of dbus 1.8.14:";; + short | recursive ) echo "Configuration of dbus 1.8.16:";; esac cat <<\_ACEOF @@ -1784,7 +1784,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -dbus configure 1.8.14 +dbus configure 1.8.16 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2503,7 +2503,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by dbus $as_me 1.8.14, which was +It was created by dbus $as_me 1.8.16, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3446,7 +3446,7 @@ # Define the identity of the package. PACKAGE='dbus' - VERSION='1.8.14' + VERSION='1.8.16' cat >>confdefs.h <<_ACEOF @@ -3746,7 +3746,7 @@ ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=10 +LT_REVISION=11 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has @@ -3759,8 +3759,8 @@ DBUS_MAJOR_VERSION=1 DBUS_MINOR_VERSION=8 -DBUS_MICRO_VERSION=14 -DBUS_VERSION=1.8.14 +DBUS_MICRO_VERSION=16 +DBUS_VERSION=1.8.16 @@ -23428,7 +23428,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by dbus $as_me 1.8.14, which was +This file was extended by dbus $as_me 1.8.16, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23494,7 +23494,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -dbus config.status 1.8.14 +dbus config.status 1.8.16 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.8.14/configure.ac new/dbus-1.8.16/configure.ac --- old/dbus-1.8.14/configure.ac 2015-01-02 00:33:20.000000000 +0100 +++ new/dbus-1.8.16/configure.ac 2015-02-04 17:45:19.000000000 +0100 @@ -3,7 +3,7 @@ m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [8]) -m4_define([dbus_micro_version], [14]) +m4_define([dbus_micro_version], [16]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus]) @@ -37,7 +37,7 @@ ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=10 +LT_REVISION=11 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
