New changelog entries:
* SECURITY UPDATE: Signature spoofing via incorrect logic
- debian/patches/84-security-CVE-2009-1189.patch: fix logic in
dbus/dbus-marshal-validate.c and fix test in
dbus/dbus-marshal-validate-util.c.
- CVE-2009-1189
New changelog entries:
* debian/patches/dbus-python-service-py-typo.diff:
+ Fix typo in a variable name in service.py (Closes: Malone #30043)
* debian/dbus.preinst:
+ Remove /etc/X11/Xsession.d/75dbus-1-utils_dbus-launch when we update
from something lower than 0.60-6ubuntu6, not only for updates from below
0.50-2. (Closes: Malone #31998)
New changelog entries:
* debian/dbus.{install,postinst}: Install dbus-foreground-console into
/usr/lib/dbus-1.0, not into /usr/bin, since it's not supposed (and
possible) to call as normal user.
* debian/patches/dbus-change-at-console-policy.patch:
- Change default path of dbus-foreground-console to /usr/lib/dbus-1.0/.
- Use fork/exec instead of system() to call dbus-foreground-console; this
avoids invoking the shell and nasty shell errors if it cannot be
executed (like in the test suite).
- Do not set a dbus error if dbus-foreground-console could be successfully
called, but returns 0 (i. e. it could not determine a dbus console).
This broke dbus clients like hal if there was no foreground console (on
headless machines, for example).
New changelog entries:
* Add debian/patches/dbus-poll-hang.patch:
- Check to see if our data has already been read off the connection by
another blocking pending call before we block in poll.
(check_for_reply_and_update_dispatch_unlocked): Code taken from
_dbus_connection_block_pending_call - checks for an already read reply and
updates the dispatch if there is one.
- This fixes e. g. the long startup hang of hal-device-manager.
(Malone #31517)
- Patch taken from upstream CVS.