ubuntu/+source/dbus:ubuntu/precise-updates

Last commit made on 2016-11-01
Get this branch:
git clone -b ubuntu/precise-updates https://git.launchpad.net/ubuntu/+source/dbus
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/precise-updates
Repository:
lp:ubuntu/+source/dbus

Recent commits

94e9dfe... by Marc Deslauriers on 2016-10-12

Import patches-unapplied version 1.4.18-1ubuntu1.8 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: cfb7906a44dd7be8cec5a233612ebc69956fb320

New changelog entries:
  * SECURITY UPDATE: denial of service via ActivationFailure signal race
    - debian/patches/CVE-2015-0245.patch: prevent forged ActivationFailure
      from non-root processes in bus/system.conf.in.
    - CVE-2015-0245
  * SECURITY UPDATE: arbitrary code execution or denial of service via
    format string vulnerability
    - debian/patches/format_string.patch: do not use non-literal format
      string in bus/activation.c.
    - No CVE number

cfb7906... by Marc Deslauriers on 2014-11-25

Import patches-unapplied version 1.4.18-1ubuntu1.7 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 19f79d46ea6f355bb5fe03d37310c71df9672660

New changelog entries:
  * SECURITY UPDATE: denial of service via large number of fds
    - debian/patches/CVE-2014-7824.patch: raise rlimit and restore it for
      activated services in bus/activation.c, bus/bus.*,
      dbus/dbus-sysdeps-util-unix.c, dbus/dbus-sysdeps-util-win.c,
      dbus/dbus-sysdeps.h.
    - debian/dbus.init: don't launch daemon as a user so the rlimit can be
      raised.
    - CVE-2014-7824
  * SECURITY REGRESSION: authentication timeout on certain slower systems
    - debian/patches/CVE-2014-3639-regression.patch: raise auth_timeout
      back up to 30 secs in bus/config-parser.c, add a warning to
      bus/connection.c.
    - CVE-2014-3639

19f79d4... by Marc Deslauriers on 2014-09-17

Import patches-unapplied version 1.4.18-1ubuntu1.6 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: ca571e752308e61988546651aacad9e11f618fc4

New changelog entries:
  * SECURITY UPDATE: buffer overrun via odd max_message_unix_fds
    - debian/patches/CVE-2014-3635.patch: do not extra fds in cmsg padding
      in dbus/dbus-sysdeps-unix.c, allow using _DBUS_STATIC_ASSERT at a
      non-global scope in dbus/dbus-internals.h, dbus/dbus-macros.h.
    - CVE-2014-3635
  * SECURITY UPDATE: denial of service via large number of fds
    - debian/patches/CVE-2014-3636.patch: reduce max number of fds in
      bus/config-parser.c, bus/session.conf.in, dbus/dbus-message.c,
      dbus/dbus-sysdeps.h.
    - CVE-2014-3636
  * SECURITY UPDATE: denial of service via persistent file descriptiors
    - debian/patches/CVE-2014-3637.patch: add a timeout to expire pending
      fds in bus/bus.*, bus/config-parser.c, bus/connection.c,
      bus/session.conf.in, cmake/bus/dbus-daemon.xml,
      dbus/dbus-connection-internal.h, dbus/dbus-connection.c,
      dbus/dbus-message-internal.h, dbus/dbus-message-private.h,
      dbus/dbus-message.c, dbus/dbus-transport.*.
    - CVE-2014-3637
  * SECURITY UPDATE: denial of service via large number of pending replies
    - debian/patches/CVE-2014-3638.patch: reduce max_replies_per_connection
      to 128 in bus/config-parser.c.
    - CVE-2014-3638
  * SECURITY UPDATE: denial of service via incomplete connections
    - debian/patches/CVE-2014-3639.patch: reduce auth_timeout in
      bus/config-parser.c, stop listening on DBusServer sockets when
      reaching max_incomplete_connections in bus/bus.*, bus/connection.*,
      dbus/dbus-server-protected.h, dbus/dbus-server.c, dbus/dbus-watch.*.
    - CVE-2014-3639

ca571e7... by Marc Deslauriers on 2014-07-03

Import patches-unapplied version 1.4.18-1ubuntu1.5 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 2fa3ad2b97d1cebd5042dbe2fa497e86883c2780

New changelog entries:
  * SECURITY UPDATE: denial of service via activation errors
    - debian/patches/CVE-2014-3477.patch: improve error handling in
      bus/activation.*, bus/services.c.
    - CVE-2014-3477
  * SECURITY UPDATE: denial of service via ETOOMANYREFS
    - debian/patches/CVE-2014-3532.patch: drop message on ETOOMANYREFS in
      dbus/dbus-sysdeps.*, dbus/dbus-transport-socket.c.
    - CVE-2014-3532
  * SECURITY UPDATE: denial of service via invalid file descriptor
    - debian/patches/CVE-2014-3533.patch: fix memory handling in
      dbus/dbus-message.c.
    - CVE-2014-3533

2fa3ad2... by Marc Deslauriers on 2013-06-13

Import patches-unapplied version 1.4.18-1ubuntu1.4 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: a4ccc069591277a9c78f273232737d08c2700889

New changelog entries:
  * SECURITY UPDATE: denial of service via _dbus_printf_string_upper_bound()
    length.
    - debian/patches/CVE-2013-2168.patch: use a copy of va_list in
      dbus/dbus-sysdeps-unix.c, dbus/dbus-sysdeps-win.c, added test to
      test/Makefile.am, test/internals/printf.c.
    - CVE-2013-2168

a4ccc06... by Marc Deslauriers on 2012-10-03

Import patches-unapplied version 1.4.18-1ubuntu1.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 3fce2da0a0dd95747853fe1303dc7cc0e7199c84

New changelog entries:
  * REGRESSION FIX: some applications launched with the activation helper
    may need DBUS_STARTER_ADDRESS. (LP: #1058343)
    - debian/patches/CVE-2012-3524-regression-fix.patch: hardcode the
      starter address to the default system bus address.
  * REGRESSION FIX: unclean shutdown after dbus upgrade (LP: #740390)
    - debian/libdbus-1-3.postinst: trigger an upstart re-exec before
      shutdown or reboot so that it can safely unmount the root
      filesystem.

3fce2da... by Marc Deslauriers on 2012-09-14

Import patches-unapplied version 1.4.18-1ubuntu1.1 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 70e7ddbfdbf23ded3410754f56a9e300d9f45fb4

New changelog entries:
  * SECURITY UPDATE: privilege escalation via unsanitized environment
    - debian/patches/CVE-2012-3524-dbus.patch: Don't access environment
      variables or run dbus-launch when setuid in configure.ac,
      dbus/dbus-keyring.c, dbus/dbus-sysdeps*
    - CVE-2012-3524

70e7ddb... by Martin Pitt on 2012-02-22

Import patches-unapplied version 1.4.18-1ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 91b8abf99c4c0c018a89f24c97b00ae7f9d4e8b7

New changelog entries:
  * Merge with Debian unstable to pick up the new bug fix release. Remaining
    Ubuntu changes:
    - Install binaries into / rather than /usr:
      + debian/rules: Set --exec-prefix=/
      + debian/dbus.install, debian/dbus-x11.install: Install from /bin
    - Use upstart to start:
      + Add debian/dbus.upstart.
      + debian/control: Add upstart dependency.
      + debian/dbus.postinst: Use upstart call instead of invoking the init.d
        script for checking if we are already running.
      + debian/control: versioned dependency on netbase that emits the new
        deconfiguring-networking event used in upstart script.
    - 20_system_conf_limit.patch: Increase max_match_rules_per_connection for
      the system bus to 5000 (LP #454093)
    - 81-session.conf-timeout.patch: Raise the service startup timeout from 25
      to 60 seconds. It may be too short on the live CD with slow machines.
    - Add 0001-activation-allow-for-more-variation-than-just-system.patch,
      0002-bus-change-systemd-activation-to-activation-systemd.patch,
      0003-upstart-add-upstart-as-a-possible-activation-type.patch,
      0004-upstart-add-UpstartJob-to-service-desktop-files.patch,
      0005-activation-implement-upstart-activation.patch: Patches from Scott
      James Remnant to implement Upstart service activation. Not upstream.

91b8abf... by Simon McVittie on 2012-02-13

Import patches-unapplied version 1.4.18-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: e2d06e59eef7439849cb42c4718279018718d639

New changelog entries:
  * New upstream release
  * Change dbus and src:dbus from Section: devel to Section: admin
    (Closes: #659357)

e2d06e5... by Simon McVittie on 2011-09-21

Import patches-unapplied version 1.4.16-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f9f04a66b8ebd872d543e405fed078564ef4935d

New changelog entries:
  * New upstream release
  * Do not symlink dcop-howto.txt.gz - no longer installed (this is D-Bus,
    not DCOP)
  * Set the build-dependencies to be enough to run all tests, but don't
    run the tests yet