ubuntu/+source/dbus:ubuntu/oneiric-security

Last commit made on 2012-10-04
Get this branch:
git clone -b ubuntu/oneiric-security https://git.launchpad.net/ubuntu/+source/dbus
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/oneiric-security
Repository:
lp:ubuntu/+source/dbus

Recent commits

adb6ea1... by Marc Deslauriers on 2012-10-03

Import patches-unapplied version 1.4.14-1ubuntu1.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 91802de78aa0dc0f97c7d6bc31cdf75f1dbcf485

New changelog entries:
  * REGRESSION FIX: some applications launched with the activation helper
    may need DBUS_STARTER_ADDRESS. (LP: #1058343)
    - debian/patches/CVE-2012-3524-regression-fix.patch: hardcode the
      starter address to the default system bus address.
  * REGRESSION FIX: unclean shutdown after dbus upgrade (LP: #740390)
    - debian/libdbus-1-3.postinst: trigger an upstart re-exec before
      shutdown or reboot so that it can safely unmount the root
      filesystem.

91802de... by Marc Deslauriers on 2012-09-14

Import patches-unapplied version 1.4.14-1ubuntu1.1 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 16458a9153a72492676c267103025c1d5dee070a

New changelog entries:
  * SECURITY UPDATE: privilege escalation via unsanitized environment
    - debian/patches/CVE-2012-3524-dbus.patch: Don't access environment
      variables or run dbus-launch when setuid in configure.ac,
      dbus/dbus-keyring.c, dbus/dbus-sysdeps*
    - CVE-2012-3524

16458a9... by Martin Pitt on 2011-09-02

Import patches-unapplied version 1.4.14-1ubuntu1 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: f9f04a66b8ebd872d543e405fed078564ef4935d

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - Install binaries into / rather than /usr:
      + debian/rules: Set --exec-prefix=/
      + debian/dbus.install, debian/dbus-x11.install: Install from /bin
    - Use upstart to start:
      + Add debian/dbus.upstart.
      + debian/control: Add upstart dependency.
      + debian/dbus.postinst: Use upstart call instead of invoking the init.d
        script for checking if we are already running.
      + debian/control: versioned dependency on netbase that emits the new
        deconfiguring-networking event used in upstart script.
    - 20_system_conf_limit.patch: Increase max_match_rules_per_connection for
      the system bus to 5000 (LP #454093)
    - 81-session.conf-timeout.patch: Raise the service startup timeout from 25
      to 60 seconds. It may be too short on the live CD with slow machines.
    - Add 0001-activation-allow-for-more-variation-than-just-system.patch,
      0002-bus-change-systemd-activation-to-activation-systemd.patch,
      0003-upstart-add-upstart-as-a-possible-activation-type.patch,
      0004-upstart-add-UpstartJob-to-service-desktop-files.patch,
      0005-activation-implement-upstart-activation.patch: Patches from Scott
      James Remnant to implement Upstart service activation. Not upstream.

f9f04a6... by Simon McVittie on 2011-07-29

Import patches-unapplied version 1.4.14-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a4dbf9fb75a06c0ae5dc1be0fdf6193bfe57815b

New changelog entries:
  * New upstream release
    - no longer needs workarounds to build or install the documentation
  * Remove --disable-gc-sections, unnecessary since 1.4.12

a4dbf9f... by Simon McVittie on 2011-07-15

Import patches-unapplied version 1.4.12-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1cd2a5576087d2ccf10f8621d0fa5910605a6577

New changelog entries:
  * Undo the changed invocation for dbus-launch, which seems to cause
    more problems than it solves (LP: #807614, LP: #809900, probably also
    Closes: #633652)
  * Work around #453755 by just reopening stdin from /dev/null instead,
    until fd.o #39197 gets fixed

1cd2a55... by Simon McVittie on 2011-07-01

Import patches-unapplied version 1.4.12-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 201e9c9258a11490c1f8b1657fe1580bb746988d

New changelog entries:
  * Override missing-pre-dependency-on-multiarch-support for the -dev
    package, ftp-master doesn't have lintian 2.5.1 yet
  * Check all Description fields for correct use of dbus (package name)
    vs. D-Bus (project name), and override lintian false-positives
  * Mention CVE-2011-2200 in the changelog for 1.4.12-1 now it has a CVE ID
  * Merge some things from Ubuntu, via experimental:
    - move libraries into multiarch locations (but don't move binaries
      from /usr to /, which is not needed on Debian)
    - run dbus-uuidgen --ensure in postinst
    - call ReloadConfig with dbus-send in the postinst, since that'll work
      regardless of whether dbus was started with sysvinit or Upstart; just
      call it unconditionally, and ignore any failures we might see (in
      chroots or if dbus-daemon wasn't running)
  * and more things from experimental:
    - improve comments in postinst explaining why it behaves as it does
  * Run dbus-launch for X sessions in a way that doesn't consume characters
    from startx's stdin, or the stdin of certain display managers' init scripts
    (known to affect slim, but not xdm or gdm) (Closes: #453755)
  * Remove the .la file for the debug build, not just the normal build

201e9c9... by Simon McVittie on 2011-06-11

Import patches-unapplied version 1.4.12-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 56a62215bde4e1709c749f3e1eacc9ae236c8bf6

New changelog entries:
  * Don't run tests during build (again), it appears they time out on most of
    of the buildds
  * Explicitly build-depend on automake 1.10, so buildds won't try and fail
    with automake1.9 like kfreebsd-i386 did

56a6221... by Simon McVittie on 2011-06-10

Import patches-unapplied version 1.4.12-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ec3fc2c2960213d1be566ad2e8767a3c8f35b7ad

New changelog entries:
  * New upstream release fixes local DoS (Closes: #629938, no CVE number yet)
  * Don't delete jquery.js, no longer installed by recent Doxygen
  * Build-depend on libglib2.0-dev, libdbus-glib-1-dev for better regression
    test coverage (dbus-glib is a circular dependency, but both of these
    dependencies can be dropped if bootstrapping new architectures)

ec3fc2c... by Simon McVittie on 2011-06-02

Import patches-unapplied version 1.4.10-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ea9700d8f15f39f410f35892e6a37d1a1cef607e

New changelog entries:
  * Disable silent rules so we can have useful buildd logs
  * Update Vcs-Git, Vcs-Browser to the form preferred by the Alioth admins
  * Disable -Wl,--gc-sections and related flags: the size decrease is
    negligible, and these options currently segfault ld on armel and mips*
    (Closes: #628834)
  * Disable the build-time tests for now, they need more upstream work before
    they'll pass in a minimal build chroot

ea9700d... by Simon McVittie on 2011-06-01

Import patches-unapplied version 1.4.10-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7254908fec1d7a1d4d685b352396a4a209a927d3

New changelog entries:
  * New upstream version
  * Use a separate build directory
  * Explicitly set compiler flags
  * Don't complain about not installing libdbus-1.la
  * Don't pass a version to dh_makeshlibs -V - the symbols file gives us
    exact dependencies, so the legacy shlibs mechanism is just a guard against
    old systems now, and everyone forgets to update it
  * Do a second build with tests, verbosity etc. enabled, and install it
    in /usr/lib/$DEB_HOST_MULTIARCH/dbus-1.0/debug-build in dbus-1-dbg
    (Closes: #498185)
    - increase dependencies of dbus-1-dbg to allow for this
    - run the debug build's regression tests during build, but don't make
      failures fatal yet
    - build-depend on xvfb and run the tests under xvfb-run, since one
      needs a $DISPLAY
  * Run autoconf during build, and allow parallel building
  * Don't install dcop-howto.txt - this isn't DCOP