Hello community, here is the log from the commit of package dbus-1 for openSUSE:Factory checked in at 2017-04-11 12:42:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dbus-1 (Old) and /work/SRC/openSUSE:Factory/.dbus-1.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dbus-1" Tue Apr 11 12:42:35 2017 rev:145 rq:486269 version:1.10.18 Changes: -------- --- /work/SRC/openSUSE:Factory/dbus-1/dbus-1-x11.changes 2017-03-05 17:58:04.402182230 +0100 +++ /work/SRC/openSUSE:Factory/.dbus-1.new/dbus-1-x11.changes 2017-04-11 12:42:39.171875749 +0200 @@ -1,0 +2,12 @@ +Fri Apr 7 05:54:09 UTC 2017 - fst...@suse.com + +- Update to 1.10.18 + * Fixes + + Re-order dbus-daemon startup so that on SELinux systems, the + thread that reads AVC notifications retains the ability to + write to the audit log (fdo#92832, Debian #857660; Laurent + Bigonville) + + Fix a harmless read overflow and some memory leaks in a unit + test (fdo#100568, Philip Withnall) + +------------------------------------------------------------------- @@ -36,0 +49,14 @@ + +------------------------------------------------------------------- +Thu Feb 2 05:31:01 UTC 2017 - sfl...@suse.de + +- A note for scripts bsc#974092 (remove sysvinit script) is already + fixed here. + +------------------------------------------------------------------- +Wed Jan 25 00:49:03 UTC 2017 - sfl...@suse.de + +- Don't restart dbus on upgrade - Includes temporary work around + for last version boo#1020301 +- Add 0001-Add-RefuseManualStartStop.patch don't allow users to Manually + start or stop dbus. --- /work/SRC/openSUSE:Factory/dbus-1/dbus-1.changes 2017-03-05 17:58:14.932691727 +0100 +++ /work/SRC/openSUSE:Factory/.dbus-1.new/dbus-1.changes 2017-04-11 12:42:40.535683049 +0200 @@ -1,0 +2,12 @@ +Fri Apr 7 05:54:09 UTC 2017 - fst...@suse.com + +- Update to 1.10.18 + * Fixes + + Re-order dbus-daemon startup so that on SELinux systems, the + thread that reads AVC notifications retains the ability to + write to the audit log (fdo#92832, Debian #857660; Laurent + Bigonville) + + Fix a harmless read overflow and some memory leaks in a unit + test (fdo#100568, Philip Withnall) + +------------------------------------------------------------------- Old: ---- dbus-1.10.16.tar.gz New: ---- dbus-1.10.18.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dbus-1-x11.spec ++++++ --- /var/tmp/diff_new_pack.g6AUtM/_old 2017-04-11 12:42:41.959481871 +0200 +++ /var/tmp/diff_new_pack.g6AUtM/_new 2017-04-11 12:42:41.967480740 +0200 @@ -23,7 +23,7 @@ %endif %bcond_without selinux Name: dbus-1-x11 -Version: 1.10.16 +Version: 1.10.18 Release: 0 Summary: D-Bus Message Bus System License: GPL-2.0+ or AFL-2.1 dbus-1.spec: same change ++++++ dbus-1.10.16.tar.gz -> dbus-1.10.18.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.10.16/Makefile.in new/dbus-1.10.18/Makefile.in --- old/dbus-1.10.16/Makefile.in 2017-02-16 14:47:18.000000000 +0100 +++ new/dbus-1.10.18/Makefile.in 2017-04-05 17:25:13.000000000 +0200 @@ -234,7 +234,7 @@ $(top_srcdir)/bus/systemd-user/dbus.service.in \ $(top_srcdir)/bus/systemd-user/dbus.socket.in AUTHORS COPYING \ ChangeLog INSTALL NEWS README build-aux/compile \ - build-aux/config.guess build-aux/config.sub \ + build-aux/config.guess build-aux/config.sub build-aux/depcomp \ build-aux/install-sh build-aux/ltmain.sh build-aux/missing DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.10.16/NEWS new/dbus-1.10.18/NEWS --- old/dbus-1.10.16/NEWS 2017-02-16 15:11:55.000000000 +0100 +++ new/dbus-1.10.18/NEWS 2017-04-05 17:24:03.000000000 +0200 @@ -1,3 +1,17 @@ +D-Bus 1.10.18 (2017-04-05) +== + +The “can't handle a self-referential paradox” release. + +Fixes: + +• Re-order dbus-daemon startup so that on SELinux systems, the thread + that reads AVC notifications retains the ability to write to the + audit log (fd.o #92832, Debian #857660; Laurent Bigonville) + +• Fix a harmless read overflow and some memory leaks in a unit test + (fd.o #100568, Philip Withnall) + D-Bus 1.10.16 (2017-02-16) == @@ -24,7 +38,7 @@ On Unix systems we strongly recommend using only the unix: and systemd: transports, together with EXTERNAL authentication. These are the only - transports and authentication mechanisms enabled by default, + transports and authentication mechanisms enabled by default. (fd.o #99828, Simon McVittie) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.10.16/bus/bus.c new/dbus-1.10.18/bus/bus.c --- old/dbus-1.10.16/bus/bus.c 2015-09-30 16:48:40.000000000 +0200 +++ new/dbus-1.10.18/bus/bus.c 2017-03-22 10:32:31.000000000 +0100 @@ -931,6 +931,27 @@ !_dbus_pipe_is_stdout_or_stderr (print_pid_pipe)) _dbus_pipe_close (print_pid_pipe, NULL); + /* Here we change our credentials if required, + * as soon as we've set up our sockets and pidfile. + * This must be done before initializing LSMs, so that the netlink + * monitoring thread started by avc_init() will not lose CAP_AUDIT_WRITE + * when the main thread calls setuid(). + * https://bugs.freedesktop.org/show_bug.cgi?id=92832 + */ + if (context->user != NULL) + { + if (!_dbus_change_to_daemon_user (context->user, error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); + goto failed; + } + } + + /* Auditing should be initialized before LSMs, so that the LSMs are able + * to log audit-events that happen during their initialization. + */ + bus_audit_init (context); + if (!bus_selinux_full_init ()) { bus_context_log (context, DBUS_SYSTEM_LOG_FATAL, "SELinux enabled but D-Bus initialization failed; check system log\n"); @@ -950,6 +971,11 @@ "AppArmor D-Bus mediation is enabled\n"); } + /* When SELinux is used, this must happen after bus_selinux_full_init() + * so that it has access to the access vector cache, which is required + * to process <associate/> elements. + * http://lists.freedesktop.org/archives/dbus/2008-October/010491.html + */ if (!process_config_postinit (context, parser, error)) { _DBUS_ASSERT_ERROR_IS_SET (error); @@ -962,20 +988,6 @@ parser = NULL; } - /* Here we change our credentials if required, - * as soon as we've set up our sockets and pidfile - */ - if (context->user != NULL) - { - if (!_dbus_change_to_daemon_user (context->user, error)) - { - _DBUS_ASSERT_ERROR_IS_SET (error); - goto failed; - } - } - - bus_audit_init (context); - dbus_server_free_data_slot (&server_data_slot); return context; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.10.16/configure new/dbus-1.10.18/configure --- old/dbus-1.10.16/configure 2017-02-16 14:47:19.000000000 +0100 +++ new/dbus-1.10.18/configure 2017-04-05 17:25:13.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for dbus 1.10.16. +# Generated by GNU Autoconf 2.69 for dbus 1.10.18. # # Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=dbus>. # @@ -591,8 +591,8 @@ # Identity of this package. PACKAGE_NAME='dbus' PACKAGE_TARNAME='dbus' -PACKAGE_VERSION='1.10.16' -PACKAGE_STRING='dbus 1.10.16' +PACKAGE_VERSION='1.10.18' +PACKAGE_STRING='dbus 1.10.18' PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=dbus' PACKAGE_URL='' @@ -1553,7 +1553,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures dbus 1.10.16 to adapt to many kinds of systems. +\`configure' configures dbus 1.10.18 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1628,7 +1628,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of dbus 1.10.16:";; + short | recursive ) echo "Configuration of dbus 1.10.18:";; esac cat <<\_ACEOF @@ -1841,7 +1841,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -dbus configure 1.10.16 +dbus configure 1.10.18 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2617,7 +2617,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by dbus $as_me 1.10.16, which was +It was created by dbus $as_me 1.10.18, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3560,7 +3560,7 @@ # Define the identity of the package. PACKAGE='dbus' - VERSION='1.10.16' + VERSION='1.10.18' cat >>confdefs.h <<_ACEOF @@ -3860,7 +3860,7 @@ ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=10 +LT_REVISION=11 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has @@ -3875,8 +3875,8 @@ DBUS_MAJOR_VERSION=1 DBUS_MINOR_VERSION=10 -DBUS_MICRO_VERSION=16 -DBUS_VERSION=1.10.16 +DBUS_MICRO_VERSION=18 +DBUS_VERSION=1.10.18 @@ -24925,7 +24925,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by dbus $as_me 1.10.16, which was +This file was extended by dbus $as_me 1.10.18, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -24991,7 +24991,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -dbus config.status 1.10.16 +dbus config.status 1.10.18 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.10.16/configure.ac new/dbus-1.10.18/configure.ac --- old/dbus-1.10.16/configure.ac 2017-02-16 14:46:56.000000000 +0100 +++ new/dbus-1.10.18/configure.ac 2017-04-05 17:23:18.000000000 +0200 @@ -3,7 +3,7 @@ m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [10]) -m4_define([dbus_micro_version], [16]) +m4_define([dbus_micro_version], [18]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus]) @@ -38,7 +38,7 @@ ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=10 +LT_REVISION=11 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.10.16/test/corrupt.c new/dbus-1.10.18/test/corrupt.c --- old/dbus-1.10.16/test/corrupt.c 2015-09-30 16:48:40.000000000 +0200 +++ new/dbus-1.10.18/test/corrupt.c 2017-04-05 17:22:43.000000000 +0200 @@ -99,14 +99,16 @@ gconstpointer addr G_GNUC_UNUSED) { dbus_bool_t have_mem; + char *address = NULL; g_assert (f->server_conn == NULL); - f->client_conn = dbus_connection_open_private ( - dbus_server_get_address (f->server), &f->e); + address = dbus_server_get_address (f->server); + f->client_conn = dbus_connection_open_private (address, &f->e); assert_no_error (&f->e); g_assert (f->client_conn != NULL); test_connection_setup (f->ctx, f->client_conn); + dbus_free (address); while (f->server_conn == NULL) { @@ -271,7 +273,6 @@ int fd; char *blob; const gchar *arg = not_a_dbus_message; - const gchar * const *args = &arg; int blob_len; DBusMessage *message; dbus_bool_t mem; @@ -283,7 +284,7 @@ /* Append 0xFF bytes, so that the length of the body when byte-swapped * is 0xFF000000, which is invalid */ mem = dbus_message_append_args (message, - DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, &args, 0xFF, + DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, &arg, 0xFF, DBUS_TYPE_INVALID); g_assert (mem); mem = dbus_message_marshal (message, &blob, &blob_len); @@ -353,6 +354,7 @@ { if (f->client_conn != NULL) { + test_connection_shutdown (f->ctx, f->client_conn); dbus_connection_close (f->client_conn); dbus_connection_unref (f->client_conn); f->client_conn = NULL; @@ -360,6 +362,7 @@ if (f->server_conn != NULL) { + test_connection_shutdown (f->ctx, f->server_conn); dbus_connection_close (f->server_conn); dbus_connection_unref (f->server_conn); f->server_conn = NULL;