Hello community,
here is the log from the commit of package dbus-1.1807 for openSUSE:12.3:Update
checked in at 2013-07-02 11:15:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.3:Update/dbus-1.1807 (Old)
and /work/SRC/openSUSE:12.3:Update/.dbus-1.1807.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dbus-1.1807"
Changes:
--------
New Changes file:
--- /dev/null 2013-07-02 09:26:14.908030755 +0200
+++ /work/SRC/openSUSE:12.3:Update/.dbus-1.1807.new/dbus-1-x11.changes
2013-07-02 11:15:43.000000000 +0200
@@ -0,0 +1,1878 @@
+-------------------------------------------------------------------
+Sun Jun 23 22:02:19 UTC 2013 - hrvoje.sen...@gmail.com
+
+- Added CVE-2013-2168.patch, fixes referenced vulnerability (bnc#824607)
+
+-------------------------------------------------------------------
+Mon Feb 18 13:06:24 UTC 2013 - rmila...@suse.com
+
+- Revert patch: dbus-move-everything-to-run-directory.patch (bnc#802525).
+
+-------------------------------------------------------------------
+Thu Jan 24 10:51:29 UTC 2013 - rmila...@suse.com
+
+- Move everything (pid files, lock files, etc.) to /run.
+ add: dbus-move-everything-to-run-directory.patch
+
+-------------------------------------------------------------------
+Sun Nov 18 17:59:23 UTC 2012 - hrvoje.sen...@gmail.com
+
+- Update to 1.6.8
+- remove patch dbus-cve-2012-3524.patch as incorporated upstream
+
+Changes since 1.5.12
+• Follow up to CVE-2012-3524: The additional hardening
+ work to use __secure_getenv() as a followup to bug #52202
+ broke certain configurations of gnome-keyring. Given
+ the difficulty of making this work without extensive
+ changes to gnome-keyring, use of __secure_getenv() is
+ deferred.
+
+• CVE-2012-3524: Don't access environment variables (fd.o #52202)
+ Thanks to work and input from Colin Walters, Simon McVittie,
+ Geoffrey Thomas, and others.
+
+• Detect that users are "at the console" correctly when configured with
+ a non-default path such as --enable-console-auth-dir=/run/console
+ (fd.o #51521, Dave Reisner)
+
+• Remove an incorrect assertion from DBusTransport (fd.o #51657,
+ Simon McVittie)
+
+• Change how we create /var/lib/dbus so it works under Automake >= 1.11.4
+ (fd.o #51406, Simon McVittie)
+
+• Don't return from dbus_pending_call_set_notify with a lock held on OOM
+ (fd.o #51032, Simon McVittie)
+
+• Disconnect "developer mode" (assertions, verbose mode etc.) from
+ Automake maintainer mode. D-Bus developers should now configure with
+ --enable-developer. Automake maintainer mode is now on by default;
+ distributions can disable it with --disable-maintainer-mode.
+ (fd.o #34671, Simon McVittie)
+
+• Unix-specific:
+ · Check for libpthread under CMake on Unix (fd.o #47237, Simon McVittie)
+
+• New requirements
+ · PTHREAD_MUTEX_RECURSIVE on Unix
+ · compiler support for 64-bit integers (int64_t or equivalent)
+
+• D-Bus Specification v0.19
+
+• New dbus-daemon features
+ · <allow own_prefix="com.example.Service"/> rules allow the service to
+ own names like com.example.Service.Instance3
+ · optional systemd integration when checking at_console policies
+ · --nopidfile option, mainly for use by systemd
+ · path_namespace and arg0namespace may appear in match rules
+ · eavesdropping is disabled unless the match rule contains eavesdrop=true
+
+• New public API
+ · functions to validate various string types (dbus_validate_path() etc.)
+ · dbus_type_is_valid()
+ · DBusBasicValue, a union of every basic type
+
+• Bug fixes
+ · removed an unsafe reimplementation of recursive mutexes
+ · dbus-daemon no longer busy-loops if it has far too many file descriptors
+ · dbus-daemon.exe --print-address works on Windows
+ · all the other bug fixes from 1.4.20
+
+• Other major implementation changes
+ · on Linux, dbus-daemon uses epoll if supported, for better scalability
+ · dbus_threads_init() ignores its argument and behaves like
+ dbus_threads_init_default() instead
+ · removed the per-connection link cache, improving dbus-daemon performance
+
+• Developer features
+ · optional Valgrind instrumentation (--with-valgrind)
+ · optional Stats interface on the dbus-daemon (--enable-stats)
+ · optionally abort whenever malloc() fails (--enable-embedded-tests
+ and export DBUS_MALLOC_CANNOT_FAIL=1)
+
+• Be more careful about monotonic time vs. real time, fixing DBUS_COOKIE_SHA1
+ spec-compliance (fd.o #48580, David Zeuthen)
+
+• Don't use install(1) within the source/build trees, fixing the build as
+ non-root when using OpenBSD install(1) (fd.o #48217, Antoine Jacoutot)
+
+• Add missing commas in some tcp and nonce-tcp addresses, and remove
+ an unused duplicate copy of the nonce-tcp transport in Windows builds
+ (fd.o #45896, Simon McVittie)
+
+-------------------------------------------------------------------
+Fri Nov 16 12:56:04 UTC 2012 - dims...@opensuse.org
+
+- Enable systemd integration (with_systemd 1): follow the rest of
+ the distribution enabling systemd support. As agreed, systemd is
+ the main supported way for 12.3.
+
+-------------------------------------------------------------------
+Fri Nov 16 11:57:13 UTC 2012 - fcro...@suse.com
+
+- Move default home from /var/run/dbus to /run/dbus
+- Fix useradd invocation: -o is useless without -u and newer
+ versions of pwdutils/shadowutils fail on this now.
+
+-------------------------------------------------------------------
+Thu Nov 8 15:38:22 UTC 2012 - tittiatc...@gmail.com
+
+- Link /usr/bin/dbus-send to /bin/dbus-send. Upower uses
+ dbus-send to receive signals from systemd regarding resuming,
+ however looks for the moment in the wrong directory.
+
+-------------------------------------------------------------------
+Sat Nov 3 16:33:15 UTC 2012 - crrodrig...@opensuse.org
+
+- Fix factory breakage on systemd units directory
+
+-------------------------------------------------------------------
+Fri Oct 26 06:07:21 UTC 2012 - co...@suse.com
+
+- remove sysvinit requires from the package
+- remove %run_permissions macro
+
+-------------------------------------------------------------------
+Wed Oct 24 21:11:19 UTC 2012 - jeng...@inai.de
+
+- baselibs: dbus-1-devel-32bit must require libdbus-1-3-32bit
+
+-------------------------------------------------------------------
+Sun Oct 7 16:57:56 UTC 2012 - co...@suse.com
+
+- remove libzio build dependency
+
+-------------------------------------------------------------------
+Mon Aug 27 13:54:45 CEST 2012 - thoe...@suse.de
+
+- dbus-cve-2012-3524.patch: Add patch for CVE-2012-3524 to fix getenv()
+ vulnerability in setuid root binaries (bnc#697105)
+
+-------------------------------------------------------------------
+Wed Aug 1 10:00:06 UTC 2012 - idon...@suse.com
+
+- Add pkgconfig(x11) as BuildRequires instead of xorg-x11-devel so
+ we don't depend on Mesa and create a build cycle.
+
+-------------------------------------------------------------------
+Tue May 15 07:18:57 UTC 2012 - vu...@opensuse.org
+
+- Move ownership of /etc/dbus-1/{session.d,system.d} and
+ /usr/share/dbus-1/{interfaces,services,system-services} to
+ libdbus-1-3 instead of dbus-1: many dbus users put files there,
+ and it's annoying to force them to own those directories.
+
+-------------------------------------------------------------------
+Sun Apr 22 16:28:41 UTC 2012 - alinm.el...@gmail.com
+
+- added libdbus-1-3 to build for -32bit...
+- adeed post and postun sections for libdbus-1-3
+
+-------------------------------------------------------------------
+Thu Apr 19 20:44:39 CEST 2012 - thoe...@suse.de
+
+- More news from the dependency hell: Let dbus-1-devel require
+ dbus-1.
+
+-------------------------------------------------------------------
+Wed Apr 18 11:54:42 CEST 2012 - thoe...@suse.de
+
+- Split dbus-1 into libdbus-1 and dbus-1.
+
+-------------------------------------------------------------------
+Wed Mar 28 09:19:14 CEST 2012 - thoe...@suse.de
+
+- Update to version 1.5.12:
+ - Add public API to validate various string types:
+ dbus_validate_path(), dbus_validate_interface(),
+ dbus_validate_member(), dbus_validate_error_name(),
+ dbus_validate_bus_name(), dbus_validate_utf8()
+ (fd.o #39549, Simon McVittie)
+
+ - Turn DBusBasicValue into public API so bindings don't need to
+ invent their own "union of everything" type (fd.o #11191, Simon
+ McVittie)
+
+ - Enumerate data files included in the build rather than using
++++ 1681 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:12.3:Update/.dbus-1.1807.new/dbus-1-x11.changes
New Changes file:
dbus-1.changes: same change
New:
----
CVE-2013-2168.patch
baselibs.conf
dbus-1-x11.changes
dbus-1-x11.spec
dbus-1-x11.spec.in
dbus-1.6.8.tar.gz
dbus-1.changes
dbus-1.desktop
dbus-1.spec
dbus-do-autolaunch.patch
dbus-log-deny.patch
dbus_at_console.ck
pre_checkin.sh
rc.boot.dbus
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dbus-1-x11.spec ++++++
#
# spec file for package dbus-1-x11
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: dbus-1-x11
%define _name dbus
BuildRequires: pkgconfig(x11)
Url: http://dbus.freedesktop.org/
Summary: D-Bus Message Bus System
License: GPL-2.0+ or AFL-2.1
Group: System/Daemons
# COMMON1-BEGIN
# COMMON1-BEGIN
%define with_systemd 1
%if ! %{with_systemd}
%if 0%{?suse_version} < 1230
%define _unitdir /lib/systemd/system
%else
%define _unitdir /usr/lib/systemd/system
%endif
%endif
BuildRequires: audit-devel
BuildRequires: doxygen
BuildRequires: libexpat-devel
BuildRequires: libtool
BuildRequires: pkg-config
BuildRequires: update-desktop-files
%if %{with_systemd}
BuildRequires: pkgconfig(libsystemd-daemon)
BuildRequires: pkgconfig(libsystemd-login)
%endif
Version: 1.6.8
Release: 0
# bug437293
%ifarch ppc64
Obsoletes: dbus-1-64bit
%endif
#
Source0:
http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz
Source1: rc.boot.dbus
Source2: dbus-1.desktop
Source3: dbus_at_console.ck
Source4: baselibs.conf
Patch0: dbus-log-deny.patch
# PATCH-FIX-OPENSUSE co...@suse.de -- force a feature configure won't accept
without x11 in buildrequires
Patch1: dbus-do-autolaunch.patch
# PATCH-FIX-UPSTREAM CVE-2013-2168.patch
Patch2: CVE-2013-2168.patch
%if 0%{?suse_version} > 1100
%bcond_without selinux
%else
%bcond_with selinux
%endif
%if %{with selinux}
BuildRequires: libselinux-devel
%endif
BuildRequires: libcap-ng-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
# COMMON1-END
# COMMON1-END
%description
D-Bus contains some tools that require Xlib to be installed, those are
in this separate package so server systems need not install X.
%prep
# COMMON2-BEGIN
# COMMON2-BEGIN
%setup -n %{_name}-%{version} -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%build
autoreconf -fi
# We use -fpie/-pie for the whole build; this is the recommended way to harden
# the build upstream, see discussion in fdo#46570
export CFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing -fPIC -fpie"
export LDFLAGS="-pie"
export CXXFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing"
%if 0%{?suse_version} > 1000
export CFLAGS="$CFLAGS -fstack-protector"
export CXXFLAGS="$CXXFLAGS -fstack-protector"
export V=1
%endif
%configure \
--disable-static \
--with-pic \
--bindir=/bin \
--libexecdir=/lib/%{name} \
--libdir=/%{_lib} \
--with-init-scripts=suse \
--enable-inotify \
--enable-doxygen-docs \
%if %{with selinux}
--enable-selinux \
%endif
%if %{with_systemd}
--enable-systemd \
%endif
--enable-libaudit \
--with-console-auth-dir=/var/run/dbus/at_console/ \
--with-systemdsystemunitdir=%{_unitdir}
make %{?_smp_mflags}
doxygen -u && doxygen
./cleanup-man-pages.sh
%install
# COMMON2-END
# COMMON2-END
tdir=$(mktemp -d)
make DESTDIR=$tdir install
mkdir -p %{buildroot}/%{_bindir}
mkdir -p %{buildroot}/%{_mandir}/man1
mv $tdir/bin/dbus-launch %{buildroot}/%{_bindir}
mv $tdir/%{_mandir}/man1/dbus-launch.1* %{buildroot}/%{_mandir}/man1
rm -rf $tdir
%files
%defattr(-,root,root)
%{_bindir}/dbus-launch
%{_mandir}/man1/dbus-launch.1*
%changelog
++++++ dbus-1.spec ++++++
#
# spec file for package dbus-1
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: dbus-1
%define _name dbus
%define _libname libdbus-1-3
Url: http://dbus.freedesktop.org/
Summary: D-Bus Message Bus System
License: GPL-2.0+ or AFL-2.1
Group: System/Daemons
# COMMON1-BEGIN
%define with_systemd 1
%if ! %{with_systemd}
%if 0%{?suse_version} < 1230
%define _unitdir /lib/systemd/system
%else
%define _unitdir /usr/lib/systemd/system
%endif
%endif
BuildRequires: audit-devel
BuildRequires: doxygen
BuildRequires: libexpat-devel
BuildRequires: libtool
BuildRequires: pkg-config
BuildRequires: update-desktop-files
%if %{with_systemd}
BuildRequires: pkgconfig(libsystemd-daemon)
BuildRequires: pkgconfig(libsystemd-login)
%endif
Version: 1.6.8
Release: 0
# bug437293
%ifarch ppc64
Obsoletes: dbus-1-64bit
%endif
#
Source0:
http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz
Source1: rc.boot.dbus
Source2: dbus-1.desktop
Source3: dbus_at_console.ck
Source4: baselibs.conf
Patch0: dbus-log-deny.patch
# PATCH-FIX-OPENSUSE co...@suse.de -- force a feature configure won't accept
without x11 in buildrequires
Patch1: dbus-do-autolaunch.patch
# PATCH-FIX-UPSTREAM CVE-2013-2168.patch
Patch2: CVE-2013-2168.patch
%if 0%{?suse_version} > 1100
%bcond_without selinux
%else
%bcond_with selinux
%endif
%if %{with selinux}
BuildRequires: libselinux-devel
%endif
BuildRequires: libcap-ng-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
# COMMON1-END
%if 0%{?suse_version} < 1230
PreReq: /sbin/insserv /etc/init.d/boot.localfs
%endif
PreReq: permissions /usr/sbin/groupadd /usr/sbin/useradd
%package -n %{_libname}
Summary: Library package for D-Bus
Group: Development/Libraries/Other
%package -n dbus-1-devel
Summary: Developer package for D-Bus
Group: Development/Libraries/Other
Requires: %{_libname} = %{version}
Requires: dbus-1
Requires: glibc-devel
%package -n dbus-1-devel-doc
Summary: Developer documentation package for D-Bus
Group: Development/Libraries/Other
Requires: %{name} = %{version}
%if 0%{?suse_version} >= 1120
BuildArch: noarch
%endif
%description
D-Bus is a message bus system, a simple way for applications to talk to
one another. D-Bus supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).
%description -n %{_libname}
D-Bus is a message bus system, a simple way for applications to talk to
one another. D-Bus supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).
%description -n dbus-1-devel
D-Bus is a message bus system, a simple way for applications to talk to
one another. D-Bus supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).
%description -n dbus-1-devel-doc
D-Bus is a message bus system, a simple way for applications to talk to
one another. D-BUS supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).
%prep
# COMMON2-BEGIN
%setup -n %{_name}-%{version} -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%build
autoreconf -fi
# We use -fpie/-pie for the whole build; this is the recommended way to harden
# the build upstream, see discussion in fdo#46570
export CFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing -fPIC -fpie"
export LDFLAGS="-pie"
export CXXFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing"
%if 0%{?suse_version} > 1000
export CFLAGS="$CFLAGS -fstack-protector"
export CXXFLAGS="$CXXFLAGS -fstack-protector"
export V=1
%endif
%configure \
--disable-static \
--with-pic \
--bindir=/bin \
--libexecdir=/lib/%{name} \
--libdir=/%{_lib} \
--with-init-scripts=suse \
--enable-inotify \
--enable-doxygen-docs \
%if %{with selinux}
--enable-selinux \
%endif
%if %{with_systemd}
--enable-systemd \
%endif
--enable-libaudit \
--with-console-auth-dir=/var/run/dbus/at_console/ \
--with-systemdsystemunitdir=%{_unitdir}
make %{?_smp_mflags}
doxygen -u && doxygen
./cleanup-man-pages.sh
%install
# COMMON2-END
make DESTDIR=%{buildroot} install
mkdir -p %{buildroot}/etc/init.d
mkdir -p %{buildroot}/usr/sbin
install -m 755 %{SOURCE1} %{buildroot}/%{_sysconfdir}/init.d/dbus
ln -sf %{_sysconfdir}/init.d/dbus %{buildroot}/%{_sbindir}/rcdbus
install -d %{buildroot}/var/run/dbus
mkdir -p %{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/
install -m 0644 %SOURCE2 \
%{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/dbus-1.desktop
mkdir -p %{buildroot}/%{_libdir}/pkgconfig
mkdir -p %{buildroot}/lib/dbus-1/system-services
mkdir -p %{buildroot}/%{_datadir}/dbus-1/system-services
mkdir -p %{buildroot}/%{_datadir}/dbus-1/interfaces
mkdir -p %{buildroot}/%{_libdir}/dbus-1.0/include/
mv -f %{buildroot}/%{_lib}/dbus-1.0/include/*
%{buildroot}/%{_libdir}/dbus-1.0/include/
rm -f %{buildroot}/%{_lib}/*.la
# devel stuff must not be in /lib
%{__ln_s} -v /%{_lib}/$(readlink %{buildroot}/%{_lib}/lib%{name}.so)
%{buildroot}%{_libdir}/lib%{name}.so
%{__rm} -v %{buildroot}/%{_lib}/lib%{name}.so
# fix up pkgconfig file
sed -e 's@^\(libdir=\).*@\1%{_libdir}@'
%{buildroot}/%{_lib}/pkgconfig/dbus-1.pc >
%{buildroot}/%{_libdir}/pkgconfig/dbus-1.pc
rm -f %{buildroot}/%{_lib}/pkgconfig/dbus-1.pc
#
rm -f %{buildroot}/bin/dbus-launch
rm -f %{buildroot}/%{_mandir}/man1/dbus-launch.1*
chmod a-x AUTHORS COPYING HACKING NEWS README doc/*.txt doc/file-boilerplate.c
doc/TODO
#
install -d %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d
install -m 755 %{SOURCE3} %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d
mkdir -p %{buildroot}%{_localstatedir}/lib/dbus
touch %{buildroot}/%{_localstatedir}/lib/dbus/machine-id
# Link the /bin/dbus-send binary to /usr/bin/dbus-send. This should be removed
once dbus has been fully migrated to /usr
# Currently required to make upower work together with systemd
mkdir -p %{buildroot}/usr/bin
ln -sf /bin/dbus-send %{buildroot}/usr/bin/dbus-send
%pre
/usr/sbin/groupadd -r messagebus 2> /dev/null || :
/usr/sbin/useradd -r -s /bin/false -c "User for D-Bus" -d /var/run/dbus -g
messagebus messagebus 2> /dev/null || :
%if 0%{?suse_version:1}
%preun
%{stop_on_removal dbus}
%post
/bin/dbus-uuidgen --ensure
%{insserv_force_if_yast dbus}
/sbin/ldconfig
%verifyscript
%verify_permissions -e /lib/dbus-1/dbus-daemon-launch-helper
%postun
%{insserv_cleanup}
/sbin/ldconfig
%endif
%post -n %{_libname} -p /sbin/ldconfig
%postun -n %{_libname} -p /sbin/ldconfig
%files
%defattr(-, root, root)
%dir %{_localstatedir}/lib/dbus
%dir /lib/dbus-1
%dir /lib/dbus-1/system-services
%doc AUTHORS COPYING HACKING NEWS README
%config(noreplace) %{_sysconfdir}/dbus-1/session.conf
%config(noreplace) %{_sysconfdir}/dbus-1/system.conf
%{_sysconfdir}/init.d/dbus
%{_sysconfdir}/ConsoleKit
/bin/dbus-cleanup-sockets
/bin/dbus-daemon
/bin/dbus-monitor
/bin/dbus-send
/usr/bin/dbus-send
/bin/dbus-uuidgen
%{_mandir}/man1/dbus-cleanup-sockets.1.*
%{_mandir}/man1/dbus-daemon.1.*
%{_mandir}/man1/dbus-monitor.1.*
%{_mandir}/man1/dbus-send.1.*
%{_mandir}/man1/dbus-uuidgen.1.*
%{_sbindir}/rcdbus
# See doc/system-activation.txt in source tarball for the rationale
# behind these permissions
%attr(4750,root,messagebus) %verify(not mode)
/lib/%{name}/dbus-daemon-launch-helper
%ghost /var/run/dbus
%ghost %{_localstatedir}/lib/dbus/machine-id
%if ! %{with_systemd}
%if 0%{?suse_version} < 1230
%dir /lib/systemd
%else
%dir /usr/lib/systemd
%dir %{_unitdir}
%endif
%endif
%{_unitdir}/dbus.service
%{_unitdir}/dbus.socket
%dir %{_unitdir}/dbus.target.wants
%{_unitdir}/dbus.target.wants/dbus.socket
%dir %{_unitdir}/multi-user.target.wants
%{_unitdir}/multi-user.target.wants/dbus.service
%dir %{_unitdir}/sockets.target.wants
%{_unitdir}/sockets.target.wants/dbus.socket
%files -n %{_libname}
%defattr(-, root, root)
/%{_lib}/libdbus-1.so.*
# Own those directories in the library instead of dbus-1, since dbus users
# often ship files there
%dir %{_sysconfdir}/dbus-1
%dir %{_sysconfdir}/dbus-1/session.d
%dir %{_sysconfdir}/dbus-1/system.d
%dir %{_datadir}/dbus-1
%dir %{_datadir}/dbus-1/interfaces
%dir %{_datadir}/dbus-1/services
%dir %{_datadir}/dbus-1/system-services
%files -n dbus-1-devel
%defattr(-,root,root)
%{_includedir}/*
%{_libdir}/libdbus-1.so
%dir %{_libdir}/dbus-1.0
%{_libdir}/dbus-1.0/include
%{_libdir}/pkgconfig/dbus-1.pc
%files -n dbus-1-devel-doc
%defattr(-,root,root)
%dir %{_datadir}/doc/dbus
%{_datadir}/doc/dbus/api/
%doc %{_datadir}/doc/dbus/dbus-faq.html
%doc %{_datadir}/doc/dbus/dbus-specification.html
%doc %{_datadir}/doc/dbus/dbus-test-plan.html
%doc %{_datadir}/doc/dbus/dbus-tutorial.html
%doc %{_datadir}/doc/dbus/diagram.*
%doc %{_datadir}/doc/dbus/system-activation.txt
%doc doc/*.txt doc/file-boilerplate.c doc/TODO
%{_datadir}/susehelp
%changelog
++++++ CVE-2013-2168.patch ++++++
>From 954d75b2b64e4799f360d2a6bf9cff6d9fee37e7 Mon Sep 17 00:00:00 2001
From: Simon McVittie <simon.mcvit...@collabora.co.uk>
Date: Mon, 10 Jun 2013 17:06:47 +0000
Subject: CVE-2013-2168: _dbus_printf_string_upper_bound: copy the va_list for
each use
Using a va_list more than once is non-portable: it happens to work
under the ABI of (for instance) x86 Linux, but not x86-64 Linux.
This led to _dbus_printf_string_upper_bound() crashing if it should
have returned exactly 1024 bytes. Many system services can be induced
to process a caller-controlled string in ways that
end up using _dbus_printf_string_upper_bound(), so this is a denial of
service.
Reviewed-by: Thiago Macieira <thi...@kde.org>
---
diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c
index fc67799..e31c735 100644
--- a/dbus/dbus-sysdeps-unix.c
+++ b/dbus/dbus-sysdeps-unix.c
@@ -3121,8 +3121,11 @@ _dbus_printf_string_upper_bound (const char *format,
char static_buf[1024];
int bufsize = sizeof (static_buf);
int len;
+ va_list args_copy;
- len = vsnprintf (static_buf, bufsize, format, args);
+ DBUS_VA_COPY (args_copy, args);
+ len = vsnprintf (static_buf, bufsize, format, args_copy);
+ va_end (args_copy);
/* If vsnprintf() returned non-negative, then either the string fits in
* static_buf, or this OS has the POSIX and C99 behaviour where vsnprintf
@@ -3138,8 +3141,12 @@ _dbus_printf_string_upper_bound (const char *format,
* or the real length could be coincidentally the same. Which is it?
* If vsnprintf returns the truncated length, we'll go to the slow
* path. */
- if (vsnprintf (static_buf, 1, format, args) == 1)
+ DBUS_VA_COPY (args_copy, args);
+
+ if (vsnprintf (static_buf, 1, format, args_copy) == 1)
len = -1;
+
+ va_end (args_copy);
}
/* If vsnprintf() returned negative, we have to do more work.
@@ -3155,7 +3162,10 @@ _dbus_printf_string_upper_bound (const char *format,
if (buf == NULL)
return -1;
- len = vsnprintf (buf, bufsize, format, args);
+ DBUS_VA_COPY (args_copy, args);
+ len = vsnprintf (buf, bufsize, format, args_copy);
+ va_end (args_copy);
+
dbus_free (buf);
/* If the reported length is exactly the buffer size, round up to the
diff --git a/dbus/dbus-sysdeps-win.c b/dbus/dbus-sysdeps-win.c
index bc4951b..c42316f 100644
--- a/dbus/dbus-sysdeps-win.c
+++ b/dbus/dbus-sysdeps-win.c
@@ -538,9 +538,12 @@ int _dbus_printf_string_upper_bound (const char *format,
char buf[1024];
int bufsize;
int len;
+ va_list args_copy;
bufsize = sizeof (buf);
- len = _vsnprintf (buf, bufsize - 1, format, args);
+ DBUS_VA_COPY (args_copy, args);
+ len = _vsnprintf (buf, bufsize - 1, format, args_copy);
+ va_end (args_copy);
while (len == -1) /* try again */
{
@@ -553,7 +556,9 @@ int _dbus_printf_string_upper_bound (const char *format,
if (p == NULL)
return -1;
- len = _vsnprintf (p, bufsize - 1, format, args);
+ DBUS_VA_COPY (args_copy, args);
+ len = _vsnprintf (p, bufsize - 1, format, args_copy);
+ va_end (args_copy);
free (p);
}
--
cgit v0.9.0.2-2-gbebe
++++++ baselibs.conf ++++++
dbus-1
dbus-1-devel
requires "libdbus-1-3-<targettype> = <version>"
libdbus-1-3
++++++ dbus-1-x11.spec.in ++++++
#
# spec file for package dbus-1-x11 (Version 1.4.1)
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: dbus-1-x11
%define _name dbus
BuildRequires: pkgconfig(x11)
Url: http://dbus.freedesktop.org/
License: GPL2+ or AFL 2.1
Group: System/Daemons
Summary: D-Bus Message Bus System
# COMMON1-BEGIN
# COMMON1-END
%description
D-Bus contains some tools that require Xlib to be installed, those are
in this separate package so server systems need not install X.
%prep
# COMMON2-BEGIN
# COMMON2-END
tdir=$(mktemp -d)
make DESTDIR=$tdir install
mkdir -p %{buildroot}/%{_bindir}
mkdir -p %{buildroot}/%{_mandir}/man1
mv $tdir/bin/dbus-launch %{buildroot}/%{_bindir}
mv $tdir/%{_mandir}/man1/dbus-launch.1* %{buildroot}/%{_mandir}/man1
rm -rf $tdir
%files
%defattr(-,root,root)
%{_bindir}/dbus-launch
%{_mandir}/man1/dbus-launch.1*
%changelog
++++++ dbus-1.desktop ++++++
[Desktop Entry]
Name=D-Bus API Documentation
DocPath=/usr/share/doc/packages/dbus-1-devel/html/index.html
X-DOC-SearchMethod=htdig
++++++ dbus-do-autolaunch.patch ++++++
From: Stephan Kulow <co...@suse.de>
We want x11 autolaunch even if we have no x11 in the build environment
Index: dbus-1.6.8/dbus/dbus-sysdeps-unix.c
===================================================================
--- dbus-1.6.8.orig/dbus/dbus-sysdeps-unix.c
+++ dbus-1.6.8/dbus/dbus-sysdeps-unix.c
@@ -3424,7 +3424,7 @@ _dbus_get_autolaunch_address (const char
DBusString *address,
DBusError *error)
{
-#ifdef DBUS_ENABLE_X11_AUTOLAUNCH
+#if 1
/* Perform X11-based autolaunch. (We also support launchd-based autolaunch,
* but that's done elsewhere, and if it worked, this function wouldn't
* be called.) */
++++++ dbus-log-deny.patch ++++++
--- a/bus/system.conf.in
+++ b/bus/system.conf.in
@@ -48,7 +48,7 @@
<!-- Holes must be punched in service configuration files for
name ownership and sending method calls -->
<deny own="*"/>
- <deny send_type="method_call"/>
+ <deny send_type="method_call" log="true"/>
<!-- Signals and reply messages (method returns, errors) are allowed
by default -->
++++++ dbus_at_console.ck ++++++
#!/bin/bash
#
# use consolekit to support legacy at_console setting
#
reason="$1"
dir=/var/run/dbus/at_console
# for at_console we are only interested in local sessions
test "$CK_SESSION_IS_LOCAL" = true || exit 0
test "$reason" = "session_added" -o "$reason" = "session_removed" || exit 0
sessid=${CK_SESSION_ID##*/}
sessid=${sessid//[^A-Za-z0-9]/_}
test -n "$sessid" || exit 1
name=`getent passwd "$CK_SESSION_USER_UID" 2>/dev/null | awk -F: '{print $1}'`
test -n "$name" || exit 1
if test "$reason" = "session_added"; then
mkdir -p "$dir/$name"
touch "$dir/$name/$sessid"
else
rm "$dir/$name/$sessid"
rmdir "$dir/$name"
fi
++++++ pre_checkin.sh ++++++
#!/bin/bash
# vim:sw=4 et
# This script is called automatically during autobuild checkin.
cp -lf dbus-1.changes dbus-1-x11.changes
for spec in dbus-1-x11.spec; do
cp -f $spec.in $spec
for n in $(seq 1 10); do
grep -q "COMMON$n-BEGIN" dbus-1.spec || continue
{ sed -n -e "1,/COMMON$n-BEGIN/p" $spec
sed -n -e "/COMMON$n-BEGIN/,/COMMON$n-END/p" dbus-1.spec
sed -n -e "/COMMON$n-END/,\$p" $spec.in; } > $spec.tmp && mv
$spec.tmp $spec
done
# assuming hilbert has no such dir
#if test -x /mounts/work/src/bin/tools/prepare_spec; then
# /mounts/work/src/bin/tools/prepare_spec $spec > $spec.tmp && mv
$spec.tmp $spec
#fi
done
osc service localrun format_spec_file
++++++ rc.boot.dbus ++++++
#!/bin/sh
# Author: Timo Hoenig <thoe...@suse.de>
#
# /etc/init.d/dbus
#
### BEGIN INIT INFO
# Provides: dbus
# Required-Start: $local_fs
# Should-Start:
# Required-Stop: $local_fs
# Should-Stop:
# Default-Start: 2 3 5
# Default-Stop:
# Short-Description: D-Bus is a message bus system for applications to talk to
one another.
# Description: D-Bus supplies both a system daemon and a
per-user-login-session daemon.
# Also, the message bus is built on top of a general
one-to-one message
# passing framework, which can be used by any two apps to
communicate
# directly (without going through the message bus daemon).
### END INIT INFO
DBUS_DAEMON_BIN=/bin/dbus-daemon
test -x $DBUS_DAEMON_BIN || exit 5
DBUS_DAEMON_PARAMETER="--system";
DBUS_DAEMON_PID_DIR="/var/run/dbus"
DBUS_DAEMON_PID=$DBUS_DAEMON_PID_DIR/pid
DBUS_MACHINE_ID_DIR="/var/lib/dbus"
DBUS_MACHINE_ID=$DBUS_MACHINE_ID_DIR/machine-id
DBUS_UUIIDGEN_BIN=/bin/dbus-uuidgen
CONSOLEKIT_DAEMON_BIN="/usr/sbin/console-kit-daemon"
CONSOLEKIT_PID_DIR="/var/run/ConsoleKit"
CONSOLEKIT_PID=$CONSOLEKIT_PID_DIR/pid
# Source LSB init functions
# providing start_daemon, killproc, pidofproc,
# log_success_msg, log_failure_msg and log_warning_msg.
# This is currently not used by UnitedLinux based distributions and
# not needed for init scripts for UnitedLinux only. If it is used,
# the functions from rc.status should not be sourced or used.
#. /lib/lsb/init-functions
. /etc/rc.status
# Reset status of this service
rc_reset
case "$1" in
start)
if [ -x $DBUS_UUIIDGEN_BIN -a ! -e $DBUS_MACHINE_ID ] ; then
if [ ! -d $DBUS_MACHINE_ID_DIR ] ; then
mkdir -p $DBUS_MACHINE_ID_DIR
chown messagebus:messagebus $DBUS_MACHINE_ID_DIR
fi
echo -n "Creating universally unique ID..."
$DBUS_UUIIDGEN_BIN --ensure
rc_status -v
fi
if checkproc -k -p $DBUS_DAEMON_PID $DBUS_DAEMON_BIN ; then
echo "D-Bus already started. Not starting."
exit 0
fi
if [ ! -d $DBUS_DAEMON_PID_DIR ] ; then
mkdir -p $DBUS_DAEMON_PID_DIR
chown messagebus:messagebus $DBUS_DAEMON_PID_DIR
fi
if [ -e $DBUS_DAEMON_PID ] ; then
echo "Removing stale PID file $DBUS_DAEMON_PID."
rm -f $DBUS_DAEMON_PID
fi
echo -n "Starting D-Bus daemon"
start_daemon -f $DBUS_DAEMON_BIN $DBUS_DAEMON_PARAMETER
rc_status -v
;;
stop)
echo -n "Shutting down D-Bus daemon"
if [ -x $CONSOLEKIT_DAEMON_BIN ] ; then
killproc -p $CONSOLEKIT_PID -TERM $CONSOLEKIT_DAEMON_BIN
fi
killproc -p $DBUS_DAEMON_PID -TERM $DBUS_DAEMON_BIN
rc_status -v
;;
try-restart)
$0 status >/dev/null && $0 restart
rc_status
;;
restart)
$0 stop
$0 start
rc_status
;;
force-reload)
$0 reload
rc_status
;;
reload)
echo -n "Reload service D-Bus daemon"
dbus-send --type=method_call --system --dest=org.freedesktop.DBus /
org.freedesktop.DBus.ReloadConfig
rc_status -v
;;
status)
echo -n "Checking for service D-Bus daemon"
checkproc -k -p $DBUS_DAEMON_PID $DBUS_DAEMON_BIN
if [ $? -eq 7 ]; then
rc_failed 3
fi
rc_status -v
;;
probe)
## Optional: Probe for the necessity of a reload, print out the
## argument to this init script which is required for a reload.
## Note: probe is not (yet) part of LSB (as of 1.2)
# test /etc/FOO/FOO.conf -nt /var/run/FOO.pid && echo reload
;;
*)
echo "Usage: $0
{start|stop|status|try-restart|restart|force-reload|reload|probe}"
exit 1
;;
esac
rc_exit
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
