New changelog entries:
* SECURITY UPDATE: denial of service via activation errors
- debian/patches/CVE-2014-3477.patch: improve error handling in
bus/activation.*, bus/services.c.
- CVE-2014-3477
* SECURITY UPDATE: denial of service via ETOOMANYREFS
- debian/patches/CVE-2014-3532.patch: drop message on ETOOMANYREFS in
dbus/dbus-sysdeps.*, dbus/dbus-transport-socket.c.
- CVE-2014-3532
* SECURITY UPDATE: denial of service via invalid file descriptor
- debian/patches/CVE-2014-3533.patch: fix memory handling in
dbus/dbus-message.c.
- CVE-2014-3533
New changelog entries:
* debian/patches/aa-mediation.patch: Attempt to open() the mask file in
apparmorfs/features/dbus rather than simply stat() the dbus directory.
This is an important difference because AppArmor does not mediate the
stat() syscall. This resulted in problems in an environment where
dbus-daemon, running inside of an LXC container, did not have the
necessary AppArmor rules to access apparmorfs but the stat() succeeded
so mediation was not properly disabled. (LP: #1238267)
This problem was exposed after dropping aa-kernel-compat-check.patch
because the compat check was an additional check that performed a test
query. The test query was failing in the above scenario, which did result
in mediation being disabled.
* debian/patches/aa-get-connection-apparmor-security-context.patch,
debian/patches/aa-mediate-eavesdropping.patch: Refresh these patches to
accomodate the above change
New changelog entries:
* debian/patches/aa-mediate-eavesdropping.patch: Fix a regression that
caused dbus-daemon to segfault when AppArmor mediation is disabled, or
unsupported by the kernel, and an application attempts to eavesdrop
(LP: #1237059)
New changelog entries:
* debian/patches/aa-kernel-compat-check.patch: Drop this patch. It was a
temporary compatibility check to paper over incompatibilities between
dbus-daemon, libapparmor, and the AppArmor kernel code while AppArmor
D-Bus mediation was in development.
* debian/patches/aa-mediation.patch: Fix a bug that resulted in all actions
denied by AppArmor to be audited. Auditing such actions is the default,
but it should be possible to quiet audit messages by using the "deny"
AppArmor rule modifier. (LP: #1226356)
* debian/patches/aa-mediation.patch: Fix a bug in the code that builds
AppArmor queries for the process that is receiving a message. The
message's destination was being used, as opposed to the message's source,
as the peer name in the query string. (LP: #1233895)
* debian/patches/aa-mediate-eavesdropping.patch: Don't allow applications
that are confined by AppArmor to eavesdrop. Ideally, this would be
configurable with AppArmor policy, but the parser does not yet support
any type of eavesdropping permission. For now, confined applications will
simply not be allowed to eavesdrop. (LP: #1229280)