ubuntu/+source/dbus:applied/debian/squeeze

Last commit made on 2013-02-23
Get this branch:
git clone -b applied/debian/squeeze https://git.launchpad.net/ubuntu/+source/dbus
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/debian/squeeze
Repository:
lp:ubuntu/+source/dbus

Recent commits

6f4319b... by Simon McVittie on 2012-10-04

Import patches-applied version 1.2.24-4+squeeze2 to applied/debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 357709a6ac1262e177f68abfd43cd7d937920f09
Unapplied parent: 49fd4b6ad5de8d7c8c70cff88aebf0b2ad8529d5

New changelog entries:
  * CVE-2012-3524: apply patches from upstream 1.6.6 to avoid arbitrary
    code execution in setuid/setgid binaries that incorrectly use libdbus
    without first sanitizing the environment variables inherited from
    their less-privileged caller (Closes: #689070).
    - As per upstream 1.6.8, do not check filesystem capabilities for now,
      only setuid/setgid, fixing regressions in certain configurations of
      gnome-keyring

49fd4b6... by Simon McVittie on 2012-10-04

[PATCH 4/5] activation-helper: Ensure DBUS_STARTER_ADDRESS is set

Gbp-Pq: 0004-activation-helper-Ensure-DBUS_STARTER_ADDRESS-is-set.patch.

3299ec2... by Simon McVittie on 2012-10-04

[PATCH 3/5] hardening: Remove activation helper handling for

Gbp-Pq: 0003-hardening-Remove-activation-helper-handling-for-DBUS.patch.

50454c3... by Simon McVittie on 2012-10-04

[PATCH 2/5] hardening: Ensure _dbus_check_setuid() is initialized

Gbp-Pq: 0002-hardening-Ensure-_dbus_check_setuid-is-initialized-t.patch.

847d486... by Simon McVittie on 2012-10-04

[PATCH 1/5] CVE-2012-3524: Don't access environment variables or run

Gbp-Pq: 0001-CVE-2012-3524-Don-t-access-environment-variables-or-.patch.

41c11c6... by Simon McVittie on 2012-10-04

[PATCH] _dbus_header_byteswap: change the first byte of the message,

Gbp-Pq: 13-629938-_dbus_header_byteswap.patch.

376f6d1... by Simon McVittie on 2012-10-04

[PATCH 1/4] CVE 2010-4352: Reject deeply nested variants

Gbp-Pq: 12-CVE-2010-4352-reject-deeply-nested-variants.patch.

2252de9... by Simon McVittie on 2012-10-04

kqueue set_watched_dirs: fix termination condition

Gbp-Pq: 11-589662-reload-kqueue.patch.

de2db7a... by Simon McVittie on 2012-10-04

10_dbus-1.0.1-generate-xml-docs.patch

No DEP3 Subject or Description header found

Gbp-Pq: 10_dbus-1.0.1-generate-xml-docs.patch.

60850f1... by Simon McVittie on 2012-10-04

01_no-fatal-warnings.patch

No DEP3 Subject or Description header found

Gbp-Pq: 01_no-fatal-warnings.patch.