ubuntu/+source/dbus:debian/jessie

Last commit made on 2017-01-14
Get this branch:
git clone -b debian/jessie https://git.launchpad.net/ubuntu/+source/dbus
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/jessie
Repository:
lp:ubuntu/+source/dbus

Recent commits

160c1ee... by Simon McVittie on 2016-10-10

Import patches-unapplied version 1.8.22-0+deb8u1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 40b874f928adaa53a5fd20f1f11616bf9dcd5364

New changelog entries:
  * New upstream bugfix release
    - fix a potential format string vulnerability, which is not believed
      to be exploitable in practice
  * dbus.prerm: ensure that dbus.socket is stopped before removal,
    so that a new connection to the bus won't cause dbus.service to be
    restarted (Closes: #813970)

40b874f... by Simon McVittie on 2015-07-21

Import patches-unapplied version 1.8.20-0+deb8u1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 7fab70a185c75058f8f04b728b4013a717cda33c

New changelog entries:
  * New upstream bugfix release
    - fix a memory leak when GetConnectionCredentials is called
    - stop dbus-monitor replying to org.freedesktop.DBus.Peer
      messages, including those that another process should have
      replied to

7fab70a... by Simon McVittie on 2015-05-14

Import patches-unapplied version 1.8.18-0+deb8u1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 3bd30f16c34950827a598f120d5e4565459886f7

New changelog entries:
  * New upstream bugfix release
    - Hardening: lock down the session bus to only allow EXTERNAL auth by
      default, the same as the system bus. This avoids allowing
      DBUS_COOKIE_SHA1, which can end up using a predictable random source
      on systems where /dev/urandom is unavailable or dbus-daemon runs out
      of memory. See the upstream NEWS for more details.

3bd30f1... by Simon McVittie on 2015-02-04

Import patches-unapplied version 1.8.16-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 11d1fa04c7b9f962daeee90302817cf87789d798

New changelog entries:
  * New upstream release fixes a local denial of service
    when using systemd activation (CVE-2015-0245)

11d1fa0... by Simon McVittie on 2015-02-03

Import patches-unapplied version 1.8.14-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4fc8d303602468175423ef389132f44f5c7f7f66

New changelog entries:
  * Relax the triggers from interest to interest-noawait (Closes: #771989;
    mitigates: #776063; partially reopens: #740139).
    This is not strictly correct, because the purpose of the triggers
    is to set up the .conf, .service files for system services before those
    services satisfy dependencies. However, it mitigates #776063
    (apt getting into a stuck state during upgrades), and should in
    principle be redundant anyway, because dbus-daemon is meant to use
    inotify to keep up with configuration changes. See #771989, #776063
    for details.

4fc8d30... by Simon McVittie on 2015-01-01

Import patches-unapplied version 1.8.14-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: d50a8a0edc02d92ebcbb83510b76df7d85698004

New changelog entries:
  * New upstream release to harden dbus-daemon against packages that install
    unsafe security policy configurations.

d50a8a0... by Simon McVittie on 2014-12-23

Import patches-unapplied version 1.8.12-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 01517e7ca9252080afa3114cea677bfd0d2c7a8d

New changelog entries:
  * preinst: partially revert change from 1.8.12-2. It seems that the
    preinst is too late to add a useful dpkg-statoverride entry: dpkg has
    already loaded the statoverride database by this point, and if we add
    the entry in the preinst, dpkg-statoverride won't run and have
    its --update side-effect in the postinst. (Closes: #773107, #773838)
  * postinst: don't run dpkg-statoverride with 2>/dev/null: in the unlikely
    event that it fails for a reason other than "not overridden" (which
    results in silently exiting 1), we'll want to know about it.

01517e7... by Simon McVittie on 2014-12-21

Import patches-unapplied version 1.8.12-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 34599e0f14dfe7c86a1de4bf6b223f18bfd9850d

New changelog entries:
  * postinst: use dpkg-statoverride to set the permissions for
    dbus-daemon-launch-helper (expected to be 04754 root:messagebus)
    as suggested in Policy ยง10.9. This avoids a temporarily broken state
    when an upgraded dbus is unpacked but not yet configured (Closes: #773107)
  * preinst: opportunistically set up the same dpkg-statoverride entry
    if the group already exists, to avoid the same broken state during
    upgrades from older versions without needing Pre-Depends: adduser
  * postrm: delete the dpkg-statoverride entry on purge

34599e0... by Simon McVittie on 2014-11-24

Import patches-unapplied version 1.8.12-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 08c4230790cdf4c4c9f11b1fbdb60da6790daf13

New changelog entries:
  * New upstream release 1.8.12
    - increase auth_timeout from 5 seconds back to 30 seconds since it
      appears to cause slow or failed boot on some systems, reverting a
      change in 1.8.8 (Closes: #769069)
    - add a README.Debian to the dbus package documenting how
      sysadmins with hostile local users can get the lower timeout back,
      if their systems are fast enough to boot correctly like that

08c4230... by Simon McVittie on 2014-11-06

Import patches-unapplied version 1.8.10-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f6ab8e64e2d519d1554a84a40924c1ebd202e436

New changelog entries:
  * New upstream release 1.8.10
    - raise dbus-daemon's file descriptor limit to 65536 to avoid an
      opportunity for denial of service
      (CVE-2014-7824, an incomplete fix for CVE-2014-3636)
  * Start 'dbus-daemon --system' as root under sysvinit (it already
    starts as root under systemd), so it can increase its file
    descriptor limit