New changelog entries:
* CVE-2012-3524: apply patches from upstream 1.6.6 to avoid arbitrary
code execution in setuid/setgid binaries that incorrectly use libdbus
without first sanitizing the environment variables inherited from
their less-privileged caller (Closes: #689070).
- As per upstream 1.6.8, do not check filesystem capabilities for now,
only setuid/setgid, fixing regressions in certain configurations of
gnome-keyring
New changelog entries:
* Update Vcs-* control fields to reflect the move to git
* Apply patch to fix CVE-2011-2200 (fd.o #38120), which is a local DoS for
system services (Closes: #629938)
New changelog entries:
* debian/patches/12-CVE-2010-4352-reject-deeply-nested-variants.patch
- Fixes CVE-2010-4352: sending messages with excessively-nested variants
can crash the bus. The existing restriction to 64-levels of nesting
previously only applied to the static type signature; now it also
applies to dynamic nesting using variants.
Patch cherry-picked from upstream Git.
* Urgency high for the security fix.
New changelog entries:
* Add patch from upstream to fix segfaults when reloaded on kFreeBSD
(Closes: #589662)
* Work around FTBFS if dh-buildinfo is installed (Closes: #590594)
New changelog entries:
[ Simon McVittie ]
* Merge from experimental
- add separate debugging symbols (dbus-1-dbg)
[ Michael Biebl ]
* Switch to source format 3.0 (quilt)
- Add debian/source/format.
- Drop Build-Depends on quilt.
- Remove /usr/share/cdbs/1/rules/patchsys-quilt.mk from debian/rules.
- Remove debian/README.source.
* debian/control
- Bump Standards-Version to 3.9.0.
- Use architecture wildcard linux-any for libselinux1-dev Build-Depends.
- Use Breaks instead of Conflicts as recommended by the new policy.
- Remove old Conflicts which is no longer relevant.
* debian/dbus.init
- Simplify check in start_it_up() by using the existing status action.
- Stop restarting dependent services. It was an ugly hack anyway and if
people want to restart dbus, they need take care of that themselves.
(Closes: #540693, #530395)
* debian/dbus.postinst
- Stop restarting dbus system bus on upgrades as it breaks too many
applications and is not supported by upstream in a sensible way.
Instead trigger a reboot-required message using update-notifier.
(Closes: #530000, #573386)
New changelog entries:
* New upstream release.
- Correctly get pointer data from DBusString when creating a syslog
message. (Closes: #574697)
* debian/dbus-Xsession
- Use new "has_option" function from x11-common instead of grepping the
option file, to avoid calling an external program. (Closes: #570480)
Thanks to Martin Pitt for the patch.
* debian/control
- Add Breaks: x11-common (<< 1:7.5+4) to dbus-x11 to ensure we have a
recent enough version with "has_option" support.
* debian/dbus.init
- Update LSB header: Remove runlevel 1 from Default-Stop and let killprocs
do the job for us.
* debian/rules
- Update DEB_DH_INSTALLINIT_ARGS accordingly.
* debian/dbus.postinst
- Remove old stop symlinks from runlevel 1 on upgrades.