New changelog entries:
* REGRESSION FIX: some applications launched with the activation helper
may need DBUS_STARTER_ADDRESS. (LP: #1058343)
- debian/patches/CVE-2012-3524-regression-fix.patch: hardcode the
starter address to the default system bus address.
* REGRESSION FIX: unclean shutdown after dbus upgrade (LP: #740390)
- debian/libdbus-1-3.postinst: trigger an upstart re-exec before
shutdown or reboot so that it can safely unmount the root
filesystem.
New changelog entries:
* SECURITY UPDATE: privilege escalation via unsanitized environment
- debian/patches/CVE-2012-3524-dbus.patch: Don't access environment
variables or run dbus-launch when setuid in configure.in,
dbus/dbus-keyring.c, dbus/dbus-sysdeps*
- CVE-2012-3524
New changelog entries:
* SECURITY UPDATE: denial of service via messages with non-native byte order
- debian/patches/9000-CVE-2011-2200.patch: update dbus-marshal-header.c
to verify header->data byte order and header->byte_order match in
_dbus_header_byteswap()
- CVE-2011-2200
New changelog entries:
* debian/rules: fix up the sed of the .pc file, we need the path to be
relative to the multiarch dir. Thanks to Lionel Le Folgoc for pointing
this out.
New changelog entries:
* debian/rules: update dh_installinit to use the old '|| :' behavior instead
of the default behavior (exiting with error) by specifying
'--error-handler=:' to dh_installinit (LP: #728434)