From 99996659aefc77661fbbf9e7f8e5a51c3578bcae Mon Sep 17 00:00:00 2001 From: zyppe <210hcl@gmail.com> Date: Tue, 6 Feb 2024 18:30:52 +0800 Subject: [PATCH] Initialize for dbus-1 --- .dbus-1.metadata | 1 + .gitignore | 1 + baselibs.conf | 6 + dbus-1.changes | 2225 +++++++++++++++++++ dbus-1.desktop | 4 + dbus-1.spec | 380 ++++ dbus_at_console.ck | 27 + feature-suse-do-autolaunch.patch | 26 + feature-suse-log-deny.patch | 11 + feature-suse-refuse-manual-start-stop.patch | 13 + fix-CVE-2019-12749.patch | 116 + fix-upstream-CVE-2020-12049.patch | 60 + fix-upstream-CVE-2020-12049_2.patch | 69 + fix-upstream-CVE-2020-35512.patch | 322 +++ fix-upstream-CVE-2022-42010.patch | 108 + fix-upstream-CVE-2022-42011.patch | 49 + fix-upstream-CVE-2022-42012.patch | 66 + fix-upstream-CVE-2023-34969.patch | 96 + fix-upstream-userdb-constpointer.patch | 90 + 19 files changed, 3670 insertions(+) create mode 100644 .dbus-1.metadata create mode 100644 .gitignore create mode 100644 baselibs.conf create mode 100644 dbus-1.changes create mode 100644 dbus-1.desktop create mode 100644 dbus-1.spec create mode 100644 dbus_at_console.ck create mode 100644 feature-suse-do-autolaunch.patch create mode 100644 feature-suse-log-deny.patch create mode 100644 feature-suse-refuse-manual-start-stop.patch create mode 100644 fix-CVE-2019-12749.patch create mode 100644 fix-upstream-CVE-2020-12049.patch create mode 100644 fix-upstream-CVE-2020-12049_2.patch create mode 100644 fix-upstream-CVE-2020-35512.patch create mode 100644 fix-upstream-CVE-2022-42010.patch create mode 100644 fix-upstream-CVE-2022-42011.patch create mode 100644 fix-upstream-CVE-2022-42012.patch create mode 100644 fix-upstream-CVE-2023-34969.patch create mode 100644 fix-upstream-userdb-constpointer.patch diff --git a/.dbus-1.metadata b/.dbus-1.metadata new file mode 100644 index 0000000..27be8d1 --- /dev/null +++ b/.dbus-1.metadata @@ -0,0 +1 @@ +47e96d9da9fb876ce3d8ac0b4c3d7e35e8ecdaa9fddd40e2515f516185b3ef52 dbus-1.12.2.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..177dc84 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +dbus-1.12.2.tar.gz diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..34d4bb4 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,6 @@ +dbus-1 +dbus-1-devel + requires "libdbus-1-3- = " +libdbus-1-3 + obsoletes "dbus-1- < " + provides "dbus-1- = " diff --git a/dbus-1.changes b/dbus-1.changes new file mode 100644 index 0000000..6e4da76 --- /dev/null +++ b/dbus-1.changes @@ -0,0 +1,2225 @@ +* Mon Jun 19 2023 sflees@suse.de +- Sometimes unprivileged users were able to crash dbus-daemon + (CVE-2023-34969, bsc#1212126) + * fix-upstream-CVE-2023-34969.patch +* Thu Oct 13 2022 sflees@suse.de +- Fix a potential crash that could be triggered by an invalid signature. + (CVE-2022-42010, bsc#1204111) + * fix-upstream-CVE-2022-42010.patch +- Fix an out of bounds read caused by a fixed length array (CVE-2022-42011, + bsc#1204112) + * fix-upstream-CVE-2022-42011.patch +- A message in non-native endianness with out-of-band Unix file descriptors + would cause a use-after-free and possible memory corruption CVE-2022-42012, + bsc#1204113) + * fix-upstream-CVE-2022-42012.patch +- Disable asserts (bsc#1087072) +- Refreshed patches + * fix-upstream-CVE-2020-35512.patch +* Wed Jan 5 2022 dcermak@suse.com +- Remove pointless %%%%post scriptlet leveraging non-existent systemd env + variables + FIRST_ARG has been used in our systemd macros, but this has now been gone for + years. Thus the true branch of the if has never been executed for years and is + only causing warnings when installing dbus. +* Thu Jul 15 2021 sflees@suse.de +- Add missing patch for CVE-2020-12049 + * fix-upstream-CVE-2020-12049_2.patch +* Mon Jul 12 2021 sflees@suse.de +- Fix CVE-2020-12049 truncated messages lead to resource exhaustion + (CVE-2020-12049, bsc#1172505) + * fix-upstream-CVE-2020-12049.patch +- Rebased fix-CVE-2019-12749.patch +* Fri Jun 25 2021 sflees@suse.de +- Fix CVE-2020-35512 - shared UID's caused issues (CVE-2020-35512 bsc#1187105) + * fix-upstream-userdb-constpointer.patch + * fix-upstream-CVE-2020-35512.patch +* Thu Jun 13 2019 sflees@suse.de +- Fix CVE-2019-12749 Authentication bypass (CVE-2019-12749 bsc#1137832) + * added fix-CVE-2019-12749.patch +* Tue Jan 15 2019 alarrosa@suse.com +- Make libdbus-1-3 own the %%{_datadir}/dbus-1/system.d directory +* Mon Jan 14 2019 kukuk@suse.de +- Use %%license instead of %%doc [bsc#1082318] +* Wed Dec 19 2018 jengelh@inai.de +- Avoid bashisms in scriptlets. +* Tue Nov 20 2018 eich@suse.com +- Avoid ugly error message from %%pre(install) script when installing + for the first time. +* Thu Mar 8 2018 dimstar@opensuse.org +- Don't spit out a warning if /usr/bin/dbus-daemon does not exist + when we run the pre-script. +* Mon Dec 11 2017 sflees@suse.de +- Swap a missed libdir to libexecdir +* Sun Dec 10 2017 jengelh@inai.de +- Do not hide errors during useradd. +* Thu Nov 23 2017 sflees@suse.de +- Fix dbus-daemon-launch-helper to use proper ref to libexecdir +* Wed Nov 22 2017 sflees@suse.de +- use %%{_libexecdir}/dbus-1 as libexecdir +* Thu Nov 16 2017 sflees@suse.de +- Update to 1.12.2 + Deprecations: + • Eavesdropping is officially deprecated in favour of BecomeMonitor. + See the release notes for spec version 0.31 (in dbus 1.11.14). + • [Unix] Flag files in /var/run/console/${username} are deprecated. + See the release notes for 1.11.18. + New APIs: + • and rules in dbus-daemon configuration can now + include send_broadcast="true", send_broadcast="false", + max_unix_fds="N", min_unix_fds="N" (for some integer N). + See the release notes for 1.11.18. + • dbus_try_get_local_machine_id() is like + dbus_get_local_machine_id(), but returns a DBusError. + • New APIs around DBusMessageIter to simplify cleanup. + See the release notes for 1.11.16. + • The message bus daemon now implements the standard Introspectable, + Peer and Properties interfaces. See the release notes for + dbus 1.11.14 and spec version 0.31. + • DTDs for introspection XML and bus configuration are installed. + • [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but + never uses Linux abstract sockets, which is advantageous for + containers. On non-Linux it is equivalent to unix:tmpdir=…. + See the release notes for dbus 1.11.14 and spec version 0.31. + • [Unix] New option "dbus-launch --exit-with-x11". + • [Unix] Session managers can create transient .service files in + $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12. + • [Unix] A sysusers.d snippet can create the messagebus user on-demand. + Miscellaneous behaviour changes: + • [Unix] The session bus now logs to syslog if it was started by + dbus-launch. + • [Unix] Internal warnings are logged to syslog if configured. + • [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, + or to stderr. +- Enabled "make check test suite" +- Patches removed, fixed upstream + * fix-upstream-drop-install-sections-from-user-services.patch + * fix-upstream-increase-backlog.patch + * fix-upstream-timeout-reset-1.patch + * fix-upstream-timeout-reset-2.patch +* Mon Sep 11 2017 sflees@suse.de +- boo#1027201 dbus-daemon not found +- boo#978477 systemd reseting under heavy load + * fix-upstream-timeout-reset-1.patch + * fix-upstream-timeout-reset-2.patch +* Mon Aug 28 2017 sflees@suse.de +- boo#1027200 don't generate machine-id in %%post systemd will do it + on first boot. +- swap usage of /bin/false to /usr/bin/false +- Use libexecdir=%%{_libdir}/dbus-1 rather then /lib/dbus-1 +* Fri Jul 7 2017 sflees@suse.de +- No need to set --libdir anymore now that prefix is /usr/bin, + * fixes boo#1047532 +- No need to set --bindir, bindir in dbus-1-x11 was incorrect +- Other fixes required to properly change prefix +- Don't pass --with-initscripts we don't use them anymore. +* Fri Jun 30 2017 sflees@suse.de +- Update to 1.10.20 + * Fixes: + + Fix a reference leak when blocking on a pending call on a + connection that has been disconnected (fdo#101481, Shin-ichi + MORITA) + + Don't put timestamps in the Doxygen-generated documentation, + for closer-to-reproducible builds (fdo#100692, Simon + McVittie) + + Avoid an assertion failure when connecting to a + semicolon-separated series of addresses, one of which fails + (fdo#101257, Simon McVittie) + * Documentation: + + Update git URIs in HACKING document to sync up with + cgit.freedesktop.org (fdo#100715, Simon McVittie) +* Tue Jun 13 2017 sflees@suse.de +- swap to /usr/bin bsc#1029968 +- Add the following fixes from SLE12 + * bsc#980928 increase listen() backlog of AF_UNIX sockets to + SOMAXCONN fix-upstream-increase-backlog.patch +- The following bugs were already fixed but are missing changelog + entries + * bsc#867256 (No longer applicable) + * bsc#916785 (No longer applicable) + * bsc#1012564 (Not applicable) + * fdo#90004 (Fixed Upstream) +- Rename the following patches as a tidy up + * dbus-log-deny.patch to feature-suse-log-deny.patch + * dbus-do-autolaunch.patch feature-suse-do-autolaunch.patch + * 0001-Add-RefuseManualStartStop.patch to + feature-suse-refuse-manual-start-stop.patch + * 0001-Drop-Install-sections-from-user-services.patch to + fix-upstream-drop-install-sections-from-user-services.patch +* Fri Apr 7 2017 fstrba@suse.com +- Update to 1.10.18 + * Fixes + + Re-order dbus-daemon startup so that on SELinux systems, the + thread that reads AVC notifications retains the ability to + write to the audit log (fdo#92832, Debian #857660; Laurent + Bigonville) + + Fix a harmless read overflow and some memory leaks in a unit + test (fdo#100568, Philip Withnall) +* Wed Mar 1 2017 sflees@suse.de +- Update to 1.10.16 + Fixes: + * Prevent symlink attacks in the nonce-tcp transport on Unix that could + allow an attacker to overwrite a file named "nonce", in a directory + that the user running dbus-daemon can write, with a random value + known only to the user running dbus-daemon. This is unlikely to be + exploitable in practice, particularly since the nonce-tcp transport + is really only useful on Windows. + (fd.o #99828, Simon McVittie) (bsc#1025950) + * Avoid symlink attacks in the "embedded tests", which are not enabled + by default and should never be enabled in production builds of dbus. + (fd.o #99828, Simon McVittie) (bsc#1025951) + * Work around an undesired effect of the fix for CVE-2014-3637 + (fd.o #80559), in which processes that frequently send fds, such as + logind during a flood of new PAM sessions, can get disconnected for + continuously having at least one fd "in flight" for too long; + dbus-daemon interprets that as a potential denial of service attack. + The workaround is to disable that check for uid 0 process such as + logind, with a message in the system log. The bug remains open while + we look for a more general solution. + (fd.o #95263, LP#1591411; Simon McVittie) + * Don't run the test test-dbus-launch-x11.sh if X11 autolaunching + was disabled at compile time. That test is not expected to work + in that configuration. (fd.o #98665, Simon McVittie) + Enhancements: + * Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian + stable and Debian testing in addition to the older Ubuntu that is + the default (fd.o #98889, Simon McVittie) +* Thu Feb 2 2017 sflees@suse.de +- A note for scripts bsc#974092 (remove sysvinit script) is already + fixed here. +* Wed Jan 25 2017 sflees@suse.de +- Don't restart dbus on upgrade - Includes temporary work around + for last version boo#1020301 +- Add 0001-Add-RefuseManualStartStop.patch don't allow users to Manually + start or stop dbus. +* Mon Jan 9 2017 marius.kittler@suse.com +- Add systemd unit files to start session bus via systemd +- Added patch: + * 0001-Drop-Install-sections-from-user-services.patch + + remove install section from socket unit because it does not + need to be enabled explicitly (see fdo#92402) +* Fri Dec 9 2016 fstrba@suse.com +- Requires systemd >= 209 and drop the compatibility pkg-config + names that don't exist in newer systemd +* Thu Dec 8 2016 jengelh@inai.de +- Drop useless --with-pic which is only for static libs +- Abort installation when user/group creation fails +- Avoid calling %%service_* more than once +* Tue Dec 6 2016 fstrba@suse.com +- Build the dbus-1 package without X in the dbus-1.spec +- Move the dbus-launch.nox11 to the dbus-1 package and install + it by default +- Build devel-doc package in dbus-1.spec and don't build any + documentation in dbus-1-x11 +- Make dbus-1-x11 package contains only the X11-enabled dbus-launch +- Fix some rpmlint warnings +- Delete the dbus-1-x11.spec.in file, since maintaining it is + more complicated then keeping in sync a dbus-1-x11.spec file of + less then 120 lines +* Mon Nov 21 2016 kukuk@suse.de +- Create new subpackage: dbus-1-nox11 + - contains dbus-launch without x11 support +- Rename dbus-launch to dbus-launch.x11 +- use update-alternatives to switch between dbus-launch with and + without X11 +- Solves [bnc#934214] +* Tue Oct 11 2016 fstrba@suse.com +- Update to 1.10.12 + * Security fixes: + + Do not treat ActivationFailure message received from + root-owned systemd name as a format string. In principle this + is a security vulnerability, but we do not believe it is + exploitable in practice, because only privileged processes can + own the org.freedesktop.systemd1 bus name, and systemd does + not appear to send activation failures that contain "%%". + Please note that this probably *was* exploitable in dbus + versions older than 1.6.30, 1.8.16 and 1.9.10 due to a missing + check which at the time was only thought to be a denial of + service vulnerability (CVE-2015-0245). If you are still + running one of those versions, patch or upgrade immediately. + (fdo#98157, bsc#1003898, Simon McVittie) + * Other fixes: + + Harden dbus-daemon against malicious or incorrect + ActivationFailure messages by rejecting them if they do not + come from a privileged process, or if systemd activation is + not enabled (fdo#98157, Simon McVittie) + + Avoid undefined behaviour when setting reply serial number + without going via union DBusBasicValue (fdo#98035, Marc Mutz) + + autogen.sh: fail cleanly if autoconf fails (Simon McVittie) +* Tue Sep 13 2016 mvidner@suse.com +- Moved dbus-run-session from dbus-1-x11 to dbus-1 (bdo#836296) +* Mon Aug 22 2016 fstrba@suse.com +- Update to 1.10.10 + * Fixes: + + On Linux, when dbus-daemon is run with reduced susceptibility + to the OOM killer (typically via systemd), do not let child + processes inherit that setting (fdo#32851; + Kimmo Hämäläinen, WaLyong Cho) + + Output valid shell syntax in ~/.dbus/session-bus/ if the bus + address contains a semicolon (fdo#94746, Thiago Macieira) + + Fix memory leaks and thread safety in subprocess starting on + Windows (fdo#95191, Ralf Habacker) + + Do not require systemd to have a service file if using it for + activation (fdo#93194; Simon McVittie; backport from 1.11.0) + + Stop test-dbus-daemon incorrectly failing on platforms that + cannot discover the process ID of clients (fdo#96653, + Руслан Ижбулатов) + + In tests that exercise correct handling of crashing D-Bus + services, suppress Windows crash handler (fdo#95155; + Yiyang Fei, Ralf Habacker) + + Explicitly check for stdint.h (Ioan-Adrian Ratiu) + + update-activation-environment: produce better diagnostics on + error (fdo#96653, Simon McVittie) + + Don't fail the build with an unused const variable warning + under gcc 6 (fdo#97282; Thomas Zimmermann, Simon McVittie) + + Merge dbus-1.10-ci branch, containing backports from 1.11.0 + in build/test code to support continuous integration + (fdo#93194, Simon McVittie) + - Avoid -Wunused-label when compiling with libselinux but no + libaudit + - In development builds, allow OOM tests to be disabled as + documented + - Accept and ignore the --tap argument in all "embedded + tests", and run all automated tests with that argument for + better diagnostics + - Fix the systemd activation test under CMake by installing + the required files + - In Automake, fix shell syntax for installcheck-local with + no DESTDIR + - In Automake, don't try to run manual tests in installcheck + - In CMake, don't run manual-tcp test as an automated test + - Add travis-ci.org build machinery +* Mon Mar 14 2016 fstrba@suse.com +- Update to 1.10.8 + * Fixes: + + Enable "large file support" on systems where it exists: + dbus-daemon is not expected to open large files, but it might + need to stat files that happen to have large inode numbers + (fdo#93545, Hongxu Jia) + + Eliminate padding inside DBusMessageIter on 64-bit platforms, + which might result in a pedantic C compiler not copying the + entire contents of a DBusMessageIter; statically assert that + this is not an ABI change in practice (fdo#94136, Simon + McVittie) + + Document dbus-test-tool echo --sleep-ms=N instead of + incorrect --sleep=N (fdo#94244, Dmitri Iouchtchenko) + + Correctly report test failures in C tests from run-test.sh + (fdo#93379; amit tewari, Simon McVittie) + + When tests are enabled, run all the marshal-validate tests, + not just the even-numbered ones (fdo#93908, Nick Lewycky) + + Correct the expected error from one marshal-validate test, + which was previously not run due to the above bug(fdo#93908, + Simon McVittie) +* Thu Dec 3 2015 fstrba@suse.com +- Update to 1.10.6 + * Fixes: + - On Unix when running tests as root, don't assert that root + and the dbus-daemon user can still call + UpdateActivationEnvironment; assert that those privileged + users can call BecomeMonitor instead (fdo#93036, Simon + McVittie) + - On Windows, fix a memory leak in the autolaunch transport + (fdo#92899, Simon McVittie) + - On Windows Autotools builds, don't run tests that rely on + dbus-run-session and other Unix-specifics (fdo#92899, Simon + McVittie) +* Thu Nov 26 2015 fstrba@suse.com +- Update to 1.10.4 + * Changes between 1.10.2 and 1.10.4 + - Enhancements: + + GetConnectionCredentials, GetConnectionUnixUser and + GetConnectionUnixProcessID with argument + "org.freedesktop.DBus" will now return details of the + dbus-daemon itself. This is required to be able to call + SetEnvironment on systemd. (fdo#92857, Jan Alexander + Steffens) + - Fixes: + + Make UpdateActivationEnvironment always fail with + AccessDenied on the system bus. Previously, it was + possible to configure it so root could call it, but the + environment variables were not actually used, because the + launch helper would discard them. (fdo#92857, Jan Alexander + Steffens) + + On Unix with --systemd-activation on a user bus, make + UpdateActivationEnvironment pass on its arguments to + systemd's SetEnvironment method, solving inconsistency + between the environments used for traditional activation + and systemd user-service activation. (fdo#92857, Jan + Alexander Steffens) + + On Windows, don't crash if or --syslog is used + (fdo#92538, Ralf Habacker) + + On Windows, fix a memory leak when setting a DBusError from + a Windows error (fdo#92721, Ralf Habacker) + + On Windows, don't go into infinite recursion if we abort the + process with backtraces enabled (fdo#92721, Ralf Habacker) + + Fix various failing tests, variously on Windows and + cross-platform: + . don't test system.conf features (users, groups) that only + make sense on the system bus, which is not supported on + Windows + . don't call _dbus_warn() when we skip a test, since it is + fatal + . fix computation of expected + . when running TAP tests, translate newlines to Unix format, + fixing cross-compiled tests under Wine on Linux + . don't stress-test refcounting under Wine, where it's + really slow + . stop assuming that a message looped-back to the test will + be received immediately + . skip some system bus tests on Windows since they make no + sense there (fdo#92538, fdo#92721; Ralf Habacker, Simon + McVittie) + * Changes between 1.10.0 and 1.10.2 + - Fixes: + + Correct error handling for activation: if there are multiple + attempts to activate the same service and it fails + immediately, the first attempt would get the correct reply, + but the rest would time out. We now send the same error + reply to each attempt. (fdo#92200, Simon McVittie) + + If BecomeMonitor is called with a syntactically invalid + match rule, don't crash with an assertion failure, fixing a + regression in 1.9.10. This was not exploitable as a denial + of service, because the check for a privileged user is done + first. (fdo#92298, Simon McVittie) + + On Linux with --enable-user-session, add the bus address to + the environment of systemd services for better backwards + compatibility (fdo#92612, Jan Alexander Steffens) + + On Windows, fix the logic for replacing the installation + prefix in service files' Exec lines (fdo#83539; Milan Crha, + Simon McVittie) + + On Windows, if installed in the conventional layout with + ${prefix}/etc and ${prefix}/share, use relative paths + between bus configuration files to allow the tree to be + relocated (fdo#92028, Simon McVittie) + + Make more of the regression tests pass in Windows builds + (fdo#92538, Simon McVittie) + * Summary of major changes since 1.8.0: + - The basic setup for the well-known system and session buses is + now done in read-only files in ${datadir} (normally /usr/share). + - AppArmor integration has been merged, with features similar to + the pre-existing SELinux integration. It is mostly compatible + with the patches previously shipped by Ubuntu, with one + significant change: Ubuntu's GetConnectionAppArmorSecurityContext + method has been superseded by GetConnectionCredentials and was + not included. + - The --enable-user-session configure option can be enabled + by OS integrators intending to use systemd to provide a + session bus per user (in effect, treating all concurrent + graphical and non-graphical login sessions as one large session). + - The new listenable address mode "unix:runtime=yes" listens on + $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the + systemd user session. libdbus and "dbus-launch --autolaunch" + will connect to this address by default. GLib >= 2.45.3 and + sd-bus >= 209 have a matching default. + - All executables are now dynamically linked to libdbus-1. + Previously, some executables, most notably dbus-daemon, were + statically linked to a specially-compiled variant of libdbus. + This results in various private functions in the _dbus + namespace being exposed by the shared library. These are not + API, and must not be used outside the dbus source tree. + - On platforms with ELF symbol versioning, all public symbols + are versioned LIBDBUS_1_3. + * New bus APIs: + - org.freedesktop.DBus.GetConnectionCredentials returns + LinuxSecurityLabel where supported + - org.freedesktop.DBus.Monitoring interface (privileged) + . BecomeMonitor method supersedes match rules with eavesdrop=true, + which are now deprecated + - org.freedesktop.DBus.Stats interface (semi-privileged) + . now enabled by default + . new GetAllMatchRules method + - org.freedesktop.DBus.Verbose interface (not normally compiled) + . toggles the effect of DBUS_VERBOSE + * New executables: + - dbus-test-tool + - dbus-update-activation-environment + * New optional dependencies: + - The systemd: pseudo-transport requires libsystemd or libsd-daemon + - Complete documentation requires Ducktype and yelp-tools + - Full test coverage requires GLib 2.36 and PyGI + - AppArmor integration requires libapparmor and optionally libaudit + * Dependencies removed: + - dbus-glib +* Tue Nov 17 2015 fstrba@suse.com +- Update to 1.8.20: + * Fixes: + - Fix a memory leak when GetConnectionCredentials() succeeds + (fdo#91008, Jacek Bukarewicz) + - Ensure that dbus-monitor does not reply to messages intended + for others (fdo#90952, Simon McVittie) +* Wed Sep 16 2015 fstrba@suse.com +- Account for openSUSE:Leap in the conditional for chosing right + local state directories (boo#941352) +* Wed May 27 2015 hrvoje.senjan@gmail.com +- Move common-begin sections around to make pre_checkin work again +- Unconditionally build with systemd features, there are no cycles + now, systemd no longer buildrequires dbus-1-devel +* Mon May 18 2015 fstrba@suse.com +- Update to 1.8.18: + * Security hardening: + - On Unix platforms, change the default configuration for the + session bus to only allow EXTERNAL authentication (secure + kernel-mediated credentials-passing), as was already done for + the system bus. + This avoids falling back to DBUS_COOKIE_SHA1, which relies on + strongly unpredictable pseudo-random numbers; under certain + circumstances (/dev/urandom unreadable or malloc() returns + NULL), dbus could fall back to using rand(), which does not + have the desired unpredictability. The fallback to rand() has + not been changed in this stable-branch since the necessary + code changes for correct error-handling are rather intrusive. + If you are using D-Bus over the (unencrypted!) tcp: or + nonce-tcp: transport, in conjunction with DBUS_COOKIE_SHA1 + and a shared home directory using NFS or similar, you will + need to reconfigure the session bus to accept DBUS_COOKIE_SHA1 + by commenting out the element. This configuration is + not recommended. (bsc#931066, fdo#90414, Simon McVittie) + * Other fixes: + - Add locking to DBusCounter's reference count and notify + function (fdo#89297, Adrian Szyndela) + - Ensure that DBusTransport's reference count is protected by + the corresponding DBusConnection's lock (fdo#90312, + Adrian Szyndela) + - On Windows, listen on the same port for IPv4 and IPv6 + (previously broken by an endianness mistake), and fix a + failure to bind TCP sockets on approximately 1 attempt in 256 + (fdo#87999, Ralf Habacker) + - Correctly release DBusServer mutex before early-return if we + run out of memory while copying authentication mechanisms + (fdo#90021, Ralf Habacker) + - Correctly initialize all fields of DBusTypeReader (fdo#90021, + Ralf Habacker, Simon McVittie) + - Fix some missing \n in verbose (debug log) messages + (fdo#90021, Ralf Habacker) + - Clean up some memory leaks in test code (fdo#90021, + Ralf Habacker) +* Thu Mar 26 2015 fstrba@suse.com +- Sync changes from SLE12 conditionalized for suse_version <= 1315 +* Mon Feb 9 2015 fstrba@suse.com +- Update to 1.8.16: + * Security fixes: + - Do not allow non-uid-0 processes to send forged + ActivationFailure messages. On Linux systems with systemd + activation, this would allow a local denial of service: + unprivileged processes could flood the bus with these forged + messages, winning the race with the actual service activation + and causing an error reply to be sent back when service + auto-activation was requested. This does not prevent the real + service from being started, so it only works while the real + service is not running. (CVE-2015-0245, fdo#88811, bnc#916343; + Simon McVittie) + * Other fixes: + - fix a Windows build failure (fdo#88009, Ralf Habacker) + - on Windows, allow up to 8K connections to the dbus-daemon + instead of the previous 64, completing a previous fix which + only worked under Autotools (fdo#71297, Ralf Habacker) +* Tue Jan 6 2015 fstrba@suse.com +- Update to 1.8.14 + * Security hardening: + - Do not allow calls to UpdateActivationEnvironment from uids + other than the uid of the dbus-daemon. If a system service + installs unsafe security policy rules that allow arbitrary + method calls (such as CVE-2014-8148) then this prevents + memory consumption and possible privilege escalation via + UpdateActivationEnvironment. + We believe that in practice, privilege escalation here is + avoided by dbus-daemon-launch-helper sanitizing its + environment; but it seems better to be safe. + - Do not allow calls to UpdateActivationEnvironment or the + Stats interface on object paths other than + /org/freedesktop/DBus. Some system services install unsafe + security policy rules that allow arbitrary method calls to + any destination, method and interface with a specified object + path; while less bad than allowing arbitrary method calls, + these security policies are still harmful, since dbus-daemon + normally offers the same API on all object paths and other + system services might behave similarly. + * Other fixes: + - Add missing initialization so GetExtendedTcpTable doesn't + crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko) +* Tue Nov 25 2014 fstrba@suse.com +- Update to 1.8.12: + * Fixes: + - Partially revert the CVE-2014-3639 patch by increasing the + default authentication timeout on the system bus from 5 + seconds back to 30 seconds, since this has been reported to + cause boot regressions for some users, mostly with parallel + boot (systemd) on slower hardware. + On fast systems where local users are considered particularly + hostile, administrators can return to the 5 second timeout + (or any other value in milliseconds) by saving this as + /etc/dbus-1/system-local.conf: + + 5000 + + (fdo#86431, Simon McVittie) + - Add a message in syslog/the Journal when the auth_timeout is + exceeded (fdo#86431, Simon McVittie) + - Send back an AccessDenied error if the addressed recipient is + not allowed to receive a message (and in builds with + assertions enabled, don't assert under the same conditions). + (fdo#86194, Jacek Bukarewicz) +* Mon Nov 10 2014 fstrba@suse.com +- Update to 1.8.10: + * Security fixes: + - Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536 + so that CVE-2014-3636 part A cannot exhaust the system bus' + file descriptors, completing the incomplete fix in 1.8.8. + (CVE-2014-7824, fdo#85105; Simon McVittie, Alban Crequy) +* Tue Sep 30 2014 fstrba@suse.com +- Reformat the spec file using spec-cleaner +* Thu Sep 18 2014 fstrba@suse.com +- Update baselibs.conf: Provides dbus-1-32bit in lib package +* Tue Sep 16 2014 fstrba@suse.com +- Update to 1.8.8: + + Security fixes: + - Do not accept an extra fd in the padding of a cmsg message, + which could lead to a 4-byte heap buffer overrun. (CVE-2014-3635, + fdo#83622, bnc#896453; Simon McVittie) + - Reduce default for maximum Unix file descriptors passed per + message from 1024 to 16, preventing a uid with the default maximum + number of connections from exhausting the system bus' file + descriptors under Linux's default rlimit. Distributors or system + administrators with a more restrictive fd limit may wish to reduce + these limits further. + Additionally, on Linux this prevents a second denial of service + in which the dbus-daemon can be made to exceed the maximum number + of fds per sendmsg() and disconnect the process that would have + received them. (CVE-2014-3636, fdo#82820, bnc#896453; Alban Crequy) + - Disconnect connections that still have a fd pending unmarshalling + after a new configurable limit, pending_fd_timeout (defaulting to + 150 seconds), removing the possibility of creating an abusive + connection that cannot be disconnected by setting up a circular + reference to a connection's file descriptor. (CVE-2014-3637, + fdo#80559, bnc#896453; Alban Crequy) + - Reduce default for maximum pending replies per connection from + 8192 to 128, mitigating an algorithmic complexity + denial-of-service attack (CVE-2014-3638, fdo#81053, bnc#896453; + Alban Crequy) + - Reduce default for authentication timeout on the system bus from + 30 seconds to 5 seconds, avoiding denial of service by using up + all unauthenticated connection slots; and when all unauthenticated + connection slots are used up, make new connection attempts block + instead of disconnecting them. (CVE-2014-3639, fdo#80919, + bnc#896453; Alban Crequy) + + Other fixes: + - Check for libsystemd from systemd >= 209, falling back to the + older separate libraries if not found (Umut Tezduyar Lindskog, + Simon McVittie) + - On Linux, use prctl() to disable core dumps from a test executable + that deliberately raises SIGSEGV to test dbus-daemon's handling + of that condition (fdo#83772, Simon McVittie) + - Fix compilation with --enable-stats (fdo#81043, Gentoo #507232; + Alban Crequy) + - Improve documentation for running tests on Windows (fdo#41252, + Ralf Habacker) +* Sat Jul 19 2014 crrodriguez@opensuse.org +- Remove all remains of sysvinit compatibility. +- Do not force-fed -fstack-protector in CFLAGS, already there + and obsoleted by stack-protector-strong in gcc 4.9. +- Ensure doxygen never generates timestampted html docs. +* Thu Jul 10 2014 fcrozat@suse.com +- Update baselibs.conf: Obsoletes dbus-1-32bit in lib package. +* Wed Jul 2 2014 fstrba@suse.com +- Update to 1.8.6: + + Security fixes: + - On Linux >= 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, + silently drop the message. This prevents an attack in which + a malicious client can make dbus-daemon disconnect a system + service, which is a local denial of service. + (bnc#885241 fdo#80163, CVE-2014-3532; Alban Crequy) + - Track remaining Unix file descriptors correctly when more + than one message in quick succession contains fds. This + prevents another attack in which a malicious client can make + dbus-daemon disconnect a system service. + (bnc#885241 fdo#79694, fd0#80469, CVE-2014-3533; Alejandro + Martínez Suárez, Simon McVittie, Alban Crequy) + + Other fixes: + - When dbus-launch --exit-with-session starts a dbus-daemon but + then cannot attach to a session, kill the dbus-daemon as + intended (fdo#74698, Роман Донченко) +* Wed Jun 11 2014 fstrba@suse.com +- Update to 1.8.4: + + Security fix: + - Alban Crequy at Collabora Ltd. discovered and fixed a + denial-of-service flaw in dbus-daemon, part of the reference + implementation of D-Bus. + Additionally, in highly unusual environments the same flaw + could lead to a side channel between processes that should + not be able to communicate. (CVE-2014-3477, fdo#78979, + bnc#881137) +* Sat May 3 2014 hrvoje.senjan@gmail.com +- Update to 1.8.2: + + Enhancements: + - in the CMake build system, add some hints for Linux users + cross-compiling Windows D-Bus binaries to be able to run + tests under Wine (fdo#41252) + - add Documentation key to dbus.service (fdo#77447) + + Fixes: + - in "dbus-uuidgen --ensure", try to copy systemd's + /etc/machine-id to /var/lib/dbus/machine-id instead + of generating an entirely new ID (fdo#77941) + - if dbus-launch receives an X error very quickly, do not kill + unrelated processes (fdo#74698) + - on Windows, allow up to 8K connections to the dbus-daemon, + instead of the previous 64 (fdo#71297) + - cope with \r\n newlines in regression tests, since on + Windows, dbus-daemon.exe uses text mode (fdo#75863) +* Mon Jan 20 2014 hrvoje.senjan@gmail.com +- Update to 1.8.0 final: + + This starts a new stable branch. The 1.6.x branch is now + considered to be outdated, and will only receive fixes for + serious bugs such as security flaws. The 1.4.x and 1.2.x branches + no longer have upstream support and are unlikely to get any more + releases, but if distributors still need to support them, + please share security patches via upstream. + + Enhancements since 1.7.10: + - Enhance the CMake build system to check for GLib and + compile/run a subset of the regression tests (fdo#41252, + fdo#73495) + + Fixes since 1.7.10: + - don't rely on va_copy(), use DBUS_VA_COPY() wrapper (fdo#72840) + - fix compilation of systemd journal support on older systemd + versions where sd-journal.h doesn't include syslog.h (fdo#73455) + - fix compilation on older MSVC versions by including stdlib.h + (fdo#73455) + - Allow to appear in an included configuration + file (fdo#73475) + + Test behaviour changes since 1.7.10: + - If the tests crash with an assertion failure, they no longer + default to blocking for a debugger to be attached. Set + DBUS_BLOCK_ON_ABORT in the environment if you want the old + behaviour. + - To improve debuggability, the dbus-daemon and + dbus-daemon-eavesdrop tests can be run with an external + dbus-daemon by setting DBUS_TEST_DAEMON_ADDRESS in the + environment. Test-cases that require an unusually-configured + dbus-daemon are skipped. +* Fri Jan 10 2014 hrvoje.senjan@gmail.com +- Remove checks for obsolete openSUSE versions +- Make sure that dbus-1 requires libdbus-1-3 during %%post (detected + when built against DBus-less systemd 209) +* Thu Jan 9 2014 fridrich.strba@suse.com +- Try hard to assure that /var/lib/dbus/machine-id and + /etc/machine-id are the same (bnc#857377) +* Tue Jan 7 2014 fridrich.strba@suse.com +- Update to 1.7.10 (1.8.0 rc1) + + D-Bus Specification 0.23: + - don't require messages with no INTERFACE to be dispatched + (fdo#68597) + - document "tcp:bind=..." and "nonce-tcp:bind=..." (fdo#72301) + - define "listenable" and "connectable" addresses, and discuss + the difference (fdo#61303) + + Enhancements: + - support printing Unix file descriptors in dbus-send, + dbus-monitor (fdo#70592) + - don't install systemd units if --disable-systemd is given + (fdo#71818) + + Fixes: + - don't leak memory on out-of-memory while listing activatable + or active services (fdo#71526) + - fix undefined behaviour in a regression test (fdo#69924) + - escape Unix socket addresses correctly (fdo#46013) + - on SELinux systems, don't assume that SECCLASS_DBUS, + DBUS__ACQUIRE_SVC and DBUS__SEND_MSG are numerically equal to + their values in the reference policy (fdo#88719) + - define PROCESS_QUERY_LIMITED_INFORMATION if missing from + MinGW < 4 headers (fdo#71366) + - define WIN32_LEAN_AND_MEAN to avoid conflicts between + winsock.h and winsock2.h (fdo#71405) + - do not return failure from _dbus_read_nonce() with no error + set, preventing a potential crash (fdo#72298) + - on BSD systems, avoid some O(1)-per-process memory and fd + leaks in kqueue, preventing test failures + (fdo#69332, fdo#72213) + - fix warning spam on Hurd by not trying to set SO_REUSEADDR + on Unix sockets, which doesn't do anything anyway on at least + Linux and FreeBSD (fdo#69492) + - fix use of TCP sockets on FreeBSD and Hurd by tolerating + EINVAL from sendmsg() with SCM_CREDS (retrying with plain + send()), and looking for credentials more correctly + (fdo#69492) + - ensure that tests run with a temporary XDG_RUNTIME_DIR to + avoid getting mixed up in XDG/systemd "user sessions" + (fdo#61301) + - refresh cached policy rules for existing connections when bus + configuration changes (fdo#39463) +* Wed Nov 20 2013 hrvoje.senjan@gmail.com +- Drop the dbus-fall-back-to-old-run-directory.patch, and the sed + workaround from dbus-1-x11 %%post, now that transition from 12.3 + (/var/run) to 13.1 (/run) is done +* Fri Nov 1 2013 hrvoje.senjan@gmail.com +- Update to 1.7.8 + + Dependencies: + - If systemd support is enabled, libsystemd-journal is + now required. + + Enhancements: + - When activating a non-systemd service under systemd, + annotate its stdout/stderr with its bus name in the Journal. + Known limitation: because the socket is opened before forking, + the process will still be logged as if it had dbus-daemon's + process ID and user ID. (fdo#68559) + - Document more configuration elements in dbus-daemon(1) + (fdo#69125) + + Fixes: + - Don't leak string arrays or fds if + dbus_message_iter_get_args_valist() unpacks them and then + encounters an error (fdo#21259) + - If compiled with libaudit, retain CAP_AUDIT_WRITE so we + can write disallowed method calls to the audit log, + fixing a regression in 1.7.6 (fdo#49062) + - path_namespace='/' in match rules incorrectly matched nothing; + it now matches everything. (fdo#70799) +* Wed Oct 9 2013 hrvoje.senjan@gmail.com +- Update to 1.7.6 + + Build-time configuration changes: + - Directory change notification via dnotify on Linux is no + longer supported; it hadn't compiled successfully since 2010 + in any case. If you don't have inotify (Linux) or kqueue (*BSD), + you will need to send SIGHUP to the dbus-daemon when its + configuration changes. (fdo#33001) + - Compiling with --disable-userdb-cache is no longer supported; + it didn't work since at least 2008, and would lead to an + extremely slow dbus-daemon even it worked. + (fdo#15589,fdo#17133,fdo#66947) + - The DBUS_DISABLE_ASSERTS CMake option didn't actually disable + most assertions. It has been renamed to DBUS_DISABLE_ASSERT + to be consistent with the Autotools build system. (fdo#66142) + - --with-valgrind=auto enables Valgrind instrumentation if and only + if valgrind headers are available. The default is still + - -with-valgrind=no. (fdo#56925) + + Dependencies: + - Platforms with no 64-bit integer type are no longer supported. + (fdo#65429) + - GNU make is now (documented to be) required. (fdo#48277) + - Full test coverage no longer requires dbus-glib, although the + tests do not exercise the shared library (only a static copy) + if dbus-glib is missing. (fdo#68852) + + Enhancements: + - D-Bus Specification 0.22 + - Document GetAdtAuditSessionData() and + GetConnectionSELinuxSecurityContext() (fdo#54445) + - Fix example .service file (fdo#66481) + - Don't claim D-Bus is "low-latency" (lower than what?), just + give factual statements about it supporting async use (fdo#65141) + - Document the contents of .service files, and the fact that + system services' filenames are constrained (fdo#66608) + - Be thread-safe by default on all platforms, even if + dbus_threads_init_default() has not been called. For + compatibility with older libdbus, library users should + continue to call dbus_threads_init_default(): it is + harmless to do so. (fdo#54972) + - Add GetConnectionCredentials() method (fdo#54445) + - New API: dbus_setenv(), a simple wrapper around setenv(). + Note that this is not thread-safe. (fdo#39196,) + - Add dbus-send --peer=ADDRESS (connect to a given peer-to-peer + connection, like --address=ADDRESS in previous versions) and + dbus-send --bus=ADDRESS (connect to a given bus, like + dbus-monitor --address=ADDRESS). dbus-send --address still + exists for backwards compatibility, but is no longer documented. + (fdo#48816) + + Fixes: + - Avoid an infinite busy-loop if a signal interrupts waitpid() + (fdo#68945) + - Clean up memory for parent nodes when objects are unexported + (fdo#60176) + - Make dbus_connection_set_route_peer_messages(x, FALSE) behave + as documented. Previously, it assumed its second + parameter was TRUE. (fdo#69165) + - Escape addresses containing non-ASCII characters correctly + (fdo#53499) + - Document search order correctly (fdo#66994) + - Don't crash on "dbus-send --session / x.y.z" which regressed + in 1.7.4. (fdo#65923) + - If malloc() returns NULL in _dbus_string_init() or similar, + don't free an invalid pointer if the string is later freed + (fdo#65959) + - If malloc() returns NULL in dbus_set_error(), don't va_end() + a va_list that was never va_start()ed (fdo#66300) + - fix build failure with --enable-stats (fdo#66004) + - fix a regression test on platforms with strict alignment + (fdo#67279) + - Avoid calling function parameters "interface" since certain + Windows headers have a namespace-polluting macro of that name + (fdo#66493) + - Assorted Doxygen fixes (fdo#65755) + - Various thread-safety improvements to static variables + (fdo#68610) + - Make "make -j check" work (fdo#68852) + - Fix a NULL pointer dereference on an unlikely error path + (fdo#69327) + - Improve valgrind memory pool tracking (fdo#69326) + - Don't over-allocate memory in dbus-monitor (fdo#69329) + - dbus-monitor can monitor dbus-daemon < 1.5.6 again + (fdo#66107) + + Unix-specific: + - If accept4() fails with EINVAL, as it can on older Linux + kernels with newer glibc, try accept() instead of going + into a busy-loop. (fdo#69026) + - If socket() or socketpair() fails with EINVAL or EPROTOTYPE, + for instance on Hurd or older Linux with a new glibc, try + without SOCK_CLOEXEC. (fdo#69073) + - Fix a file descriptor leak on an error code path. + (fdo#69182) + - dbus-run-session: clear some unwanted environment variables + (fdo#39196) + - dbus-run-session: compile on FreeBSD (fdo#66197) + - Don't fail the autolaunch test if there is no DISPLAY + (fdo#40352) + - Use dbus-launch from the builddir for testing, not the + installed copy (fdo#37849) + - Fix compilation if writev() is unavailable (fdo#69409) + - Remove broken support for LOCAL_CREDS credentials passing, and + document where each credential-passing scheme is used + (fdo#60340) + - Make autogen.sh work on *BSD by not assuming GNU coreutils + functionality (fdo#35881, fdo#69787) + - dbus-monitor: be portable to NetBSD (fdo#69842) + - dbus-launch: stop using non-portable asprintf (fdo#37849) + - Improve error reporting from the setuid activation helper + (fdo#66728) + + Internal changes: + - add DBUS_ENABLE_ASSERT, DBUS_ENABLE_CHECKS for less confusing + conditionals (fdo#66142) + - improve verbose-mode output (fdo#63047) + - consolidate Autotools and CMake build (fdo#64875) + - fix various unused variables, unusual build configurations etc. + (fdo#65712, fdo#65990, fdo#66005, fdo#66257, fdo#69165, fdo#69410, + fdo#70218) +- Dropped 0001-_dbus_babysitter_unref-avoid-infinite-loop-if-waitpi.patch, + included in this release +* Mon Oct 7 2013 fridrich.strba@suse.com +- Create /var/lib/dbus/machine-id only if there is no /etc/machine-id + present on the system. Dbus knows how to use the system-wide + machine-id file and this solves problems where the two files have + different values (bnc#831626) +* Fri Oct 4 2013 hrvoje.senjan@gmail.com +- Check for existence of /var/lib/old_run_path: if found, only then + is dbus ListenStream swapped for old run path. This is done for + supporting 12.3 to 13.1 upgrade (bnc#802525) +- Fix rpmlint warnings about %%verifyscript and %%set_permissions +* Sun Sep 29 2013 hrvoje.senjan@gmail.com +- Revert to previous version of dbus-fall-back-to-old-run-directory.patch + as latest version causes a fallout +* Wed Sep 25 2013 hpj@suse.com +- Amend dbus-fall-back-to-old-run-directory.patch to prevent a + new class of hangs while upgrading D-Bus along with other + services (bnc#802525). +* Sat Sep 7 2013 hrvoje.senjan@gmail.com +- Added 0001-_dbus_babysitter_unref-avoid-infinite-loop-if-waitpi.patch + from upstream for resolving fdo#68945, bnc#782909 +* Tue Jun 25 2013 coolo@suse.com +- to avoid a cycle with systemd, build the daemon in dbus-x11.spec. + It would be wise to rename dbus-1.spec to dbus-1-libs.spec and + dbus-1-x11.spec to dbus-1.spec, but I first wanted to hear feedback +* Sat Jun 22 2013 hrvoje.senjan@gmail.com +- Update to 1.7.4 + + CVE-2013-2168: Fix misuse of va_list that could be used as a + denial of service for system services. + + It should now be safe to call dbus_threads_init_default() from + any thread, at any time + + In dbus-daemon, don't crash if a .service file starts with + key=value + + Fix an assertion failure if we try to activate systemd services + before systemd connects to the bus (fdo#50199) +- Adjusted dbus-do-autolaunch.patch for this release +* Sat Jun 22 2013 hrvoje.senjan@gmail.com +- Remove the override that was added in solving bnc#802525, as it + causes similar situation when upgrading dbus and systemd + simultaneously. +- Adjusted rc.boot.dbus script so it uses /run instead of /var/run +* Thu Apr 25 2013 hrvoje.senjan@gmail.com +- Update to 1.7.2 + + Diagnose incorrect use of dbus_connection_get_data() with negative + slot (i.e. before allocating the slot) rather than returning junk + (fdo #63127) + + The --with-dbus-session-bus-default-address configure option is no + longer supported + + Under systemd, log to syslog only, not stderr, avoiding duplication + (fdo#61399, fdo#39987) + + Under systemd, remove unnecessary dependency on syslog.socket + (fdo#63531) + + Allow use of systemd-logind without the rest of systemd + (fdo#62585) +- Dropped dbus-move-everything-to-run-directory.patch, since we can + define location of system pid and socket with configure flags and + set the flags accordingly +- Added xmlto BuildRequires, it is needed now for man files +* Wed Apr 24 2013 hrvoje.senjan@gmail.com +- Update to 1.6.10 + + Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF, + U+FDD0..U+FDEF are allowed in UTF-8 strings again. (fdo#63072) + + Diagnose incorrect use of dbus_connection_get_data() with negative slot + (i.e. before allocating the slot) rather than returning junk (fdo#63127) + + In the activation helper, when compiled for tests, do not reset the system + bus address, fixing the regression tests. (fdo#52202) + + Fix building with Valgrind 3.8, at the cost of causing harmless warnings + with Valgrind 3.6 on some compilers (fdo#55932) + + Don't leak temporary fds pointing to /dev/null (fdo#56927,) + + Create session.d, system.d directories under CMake (fdo#41319) + + Include alloca.h for alloca() if available, fixing compilation on + Solaris 10 (fdo#63071) +* Fri Feb 22 2013 hpj@suse.com +- Spec file changes moving files from /var/run to /run. +- Add dbus-move-everything-to-run-directory.patch by rmilasan. This + moves everything (pid files, lock files, etc.) to /run. +- Add dbus-fall-back-to-old-run-directory.patch (bnc#802525). +* Mon Feb 18 2013 rmilasan@suse.com +- Revert patch: dbus-move-everything-to-run-directory.patch (bnc#802525). +* Thu Jan 24 2013 rmilasan@suse.com +- Move everything (pid files, lock files, etc.) to /run. + add: dbus-move-everything-to-run-directory.patch +* Sun Nov 18 2012 hrvoje.senjan@gmail.com +- Update to 1.6.8 + * Follow up to CVE-2012-3524: The additional hardening + work to use __secure_getenv() as a followup to bug #52202 + broke certain configurations of gnome-keyring. Given + the difficulty of making this work without extensive + changes to gnome-keyring, use of __secure_getenv() is + deferred. + * CVE-2012-3524: Don't access environment variables (fdo#52202) + Thanks to work and input from Colin Walters, Simon McVittie, + Geoffrey Thomas, and others. + * Detect that users are "at the console" correctly when configured with + a non-default path such as --enable-console-auth-dir=/run/console + (fdo#51521, Dave Reisner) + * Remove an incorrect assertion from DBusTransport (fdo#51657, + Simon McVittie) + * Change how we create /var/lib/dbus so it works under Automake >= 1.11.4 + (fdo#51406, Simon McVittie) + * Don't return from dbus_pending_call_set_notify with a lock held on OOM + (fdo#51032, Simon McVittie) + * Disconnect "developer mode" (assertions, verbose mode etc.) from + Automake maintainer mode. D-Bus developers should now configure with + - -enable-developer. Automake maintainer mode is now on by default; + distributions can disable it with --disable-maintainer-mode. + (fdo#34671, Simon McVittie) + * Unix-specific: + - Check for libpthread under CMake on Unix (fdo#47237, Simon McVittie) + * New requirements + - PTHREAD_MUTEX_RECURSIVE on Unix + - compiler support for 64-bit integers (int64_t or equivalent) + * D-Bus Specification v0.19 + * New dbus-daemon features + - rules allow the service to + own names like com.example.Service.Instance3 + - optional systemd integration when checking at_console policies + - --nopidfile option, mainly for use by systemd + - path_namespace and arg0namespace may appear in match rules + - eavesdropping is disabled unless the match rule contains eavesdrop=true + * New public API + - functions to validate various string types (dbus_validate_path() etc.) + - dbus_type_is_valid() + - DBusBasicValue, a union of every basic type + * Bug fixes + - removed an unsafe reimplementation of recursive mutexes + - dbus-daemon no longer busy-loops if it has far too many file descriptors + - dbus-daemon.exe --print-address works on Windows + - all the other bug fixes from 1.4.20 + * Other major implementation changes + - on Linux, dbus-daemon uses epoll if supported, for better scalability + - dbus_threads_init() ignores its argument and behaves like + dbus_threads_init_default() instead + - removed the per-connection link cache, improving dbus-daemon performance + * Developer features + - optional Valgrind instrumentation (--with-valgrind) + - optional Stats interface on the dbus-daemon (--enable-stats) + - optionally abort whenever malloc() fails (--enable-embedded-tests + and export DBUS_MALLOC_CANNOT_FAIL=1) + * Be more careful about monotonic time vs. real time, fixing DBUS_COOKIE_SHA1 + spec-compliance (fdo#48580, David Zeuthen) + * Don't use install(1) within the source/build trees, fixing the build as + non-root when using OpenBSD install(1) (fdo#48217, Antoine Jacoutot) + * Add missing commas in some tcp and nonce-tcp addresses, and remove + an unused duplicate copy of the nonce-tcp transport in Windows builds + (fdo#45896, Simon McVittie) +- remove patch dbus-cve-2012-3524.patch as incorporated upstream +* Fri Nov 16 2012 dimstar@opensuse.org +- Enable systemd integration (with_systemd 1): follow the rest of + the distribution enabling systemd support. As agreed, systemd is + the main supported way for 12.3. +* Fri Nov 16 2012 fcrozat@suse.com +- Move default home from /var/run/dbus to /run/dbus +- Fix useradd invocation: -o is useless without -u and newer + versions of pwdutils/shadowutils fail on this now. +* Thu Nov 8 2012 tittiatcoke@gmail.com +- Link /usr/bin/dbus-send to /bin/dbus-send. Upower uses + dbus-send to receive signals from systemd regarding resuming, + however looks for the moment in the wrong directory. +* Sat Nov 3 2012 crrodriguez@opensuse.org +- Fix factory breakage on systemd units directory +* Fri Oct 26 2012 coolo@suse.com +- remove sysvinit requires from the package +- remove %%run_permissions macro +* Wed Oct 24 2012 jengelh@inai.de +- baselibs: dbus-1-devel-32bit must require libdbus-1-3-32bit +* Sun Oct 7 2012 coolo@suse.com +- remove libzio build dependency +* Mon Aug 27 2012 thoenig@suse.de +- dbus-cve-2012-3524.patch: Add patch for CVE-2012-3524 to fix getenv() + vulnerability in setuid root binaries (bnc#697105) +* Wed Aug 1 2012 idonmez@suse.com +- Add pkgconfig(x11) as BuildRequires instead of xorg-x11-devel so + we don't depend on Mesa and create a build cycle. +* Tue May 15 2012 vuntz@opensuse.org +- Move ownership of /etc/dbus-1/{session.d,system.d} and + /usr/share/dbus-1/{interfaces,services,system-services} to + libdbus-1-3 instead of dbus-1: many dbus users put files there, + and it's annoying to force them to own those directories. +* Sun Apr 22 2012 alinm.elena@gmail.com +- added libdbus-1-3 to build for -32bit... +- adeed post and postun sections for libdbus-1-3 +* Thu Apr 19 2012 thoenig@suse.de +- More news from the dependency hell: Let dbus-1-devel require + dbus-1. +* Wed Apr 18 2012 thoenig@suse.de +- Split dbus-1 into libdbus-1 and dbus-1. +* Wed Mar 28 2012 thoenig@suse.de +- Update to version 1.5.12: + - Add public API to validate various string types: + dbus_validate_path(), dbus_validate_interface(), + dbus_validate_member(), dbus_validate_error_name(), + dbus_validate_bus_name(), dbus_validate_utf8() + (fdo#39549, Simon McVittie) + - Turn DBusBasicValue into public API so bindings don't need to + invent their own "union of everything" type (fdo#11191, Simon + McVittie) + - Enumerate data files included in the build rather than using + find(1) (fdo#33840, Simon McVittie) + - Add support for policy rules like + in dbus-daemon + (fdo#46273, Alban Crequy) + - Windows-specific: + - make dbus-daemon.exe --print-address (and --print-pid) work + again on Win32, but not on WinCE (fdo#46049, Simon + McVittie) + - fix duplicate case value when compiling against mingw-w64 + (fdo#47321, Andoni Morales Alastruey) +* Mon Feb 27 2012 vuntz@opensuse.org +- Revert my last change completely, and go back to using -fpie in + CFLAGS and -pie in LDFLAGS for the whole build: after discussion + upstream in fdo#46570, it appears that this is the recommended + way to harden the build. +* Fri Feb 24 2012 vuntz@opensuse.org +- Change the way we pass -fpie/-pie: + + Stop changing CFLAGS/LDFLAGS in %%build to add -fpie/-pie. + + Add dbus-1-suid_flags.patch: respect SUID_CFLAGS/SUID_LDFLAGS + when building the suid binary (dbus-daemon-launch-helper). + + Set SUID_CFLAGS to -fPIE and SUID_LDFLAGS to -pie in %%build. +* Fri Feb 24 2012 coolo@suse.com +- move with_systemd definition into COMMON part to fix dbus-1-x11 +* Wed Feb 22 2012 vuntz@opensuse.org +- Update to version 1.5.10: + + D-Bus Specification 0.19: + - Formally define unique connection names and well-known bus + names, and document best practices for interface, bus, member + and error names, and object paths (fdo#37095) + - Document the search path for session and system services on + Unix, and where they should be installed by build systems + (fdo#21620, fdo#35306) + - Document the systemd transport (fdo#35232) + + Make dbus_threads_init() use the same built-in threading + implementation as dbus_threads_init_default(); the + user-specified primitives that it takes as a parameter are now + ignored (fdo#43744) + + Allow all configured auth mechanisms, not just one (fdo#45106) + + Improve cmake build system. + + Build tests successfully with older GLib, as found in e.g. + Debian 6 (fdo#41219) + + Avoid use of deprecated GThread API (fdo#44413) + + Build documentation correctly if man2html doesn't support + filenames on its command-line (fdo#43875) + + Improve test coverage. To get even more coverage, run the tests + with DBUS_TEST_SLOW=1 (fdo#38285, fdo#42811) + + Reduce the size of the shared library by moving functionality + only used by dbus-daemon, tests etc. into their internal + library and deleting unused code (fdo#34976, fdo#39759) + + Add dbus-daemon --nopidfile option, overriding the + configuration, for setups where the default configuration must + include to avoid breaking traditional init, but the + pid file is in fact unnecessary; use it under systemd to + improve startup time a bit (fdo#45520) + + Optionally (if configured --with-valgrind) add instrumentation + to debug libdbus and associated tools more meaningfully under + Valgrind (fdo#37286) + + Improve the dbus-send(1) man page (fdo#14005) + + Make dbus-protocol.h compatible with C++11 (fdo#46147) + + If tests are enabled and DBUS_MALLOC_CANNOT_FAIL is set in the + environment, abort on failure to malloc() (like GLib does), to + turn runaway memory leaks into a debuggable core-dump if a + resource limit is applied (fdo#41048) + + Don't crash if realloc() returns NULL in a debug build (fdo#41048) + + Unix-specific: + - Replace our broken reimplementation of recursive mutexes, + which has been broken since 2006, with an ordinary pthreads + recursive mutex (fdo#43744) + - Use epoll(7) for a more efficient main loop in Linux; + equivalent patches welcomed for other OSs' equivalents like + kqueue, /dev/poll, or Solaris event ports (fdo#33337) + - When running under systemd, use it instead of ConsoleKit to + check whether to apply at_console policies (fdo#39609) + - Avoid a highly unlikely fd leak (fdo#29881) + - Don't close invalid fd -1 if getaddrinfo fails (fdo#37258) + - Don't touch ~/.dbus and ~/.dbus-keyrings when running 'make + installcheck' (fdo#41218) + - Stop pretending we respect XDG_DATA_DIRS for system services: + the launch helper doesn't obey environment variables to avoid + privilege escalation attacks, so make the system bus follow + the same rules (fdo#21620) + + Windows-specific fixes. +- Get ready for a switch to systemd: + + Add a with_systemd macro, currently set to 0 as the systemd + support would introduce a build cycle between dbus-1 and + systemd. + + Add pkgconfig(libsystemd-daemon) and + pkgconfig(libsystemd-login) BuildRequires and pass + - -enable-systemd to configure if we build systemd support. +* Mon Feb 6 2012 dlovasko@suse.com +- fixed bnc#743149 - added position independent flags to compilation and linking(-fpie/-pie) +* Wed Oct 12 2011 coolo@suse.com +- add patch to enable X11 autolaunch even if configure thinks + it can't be done (bnc#707817) +* Tue Oct 11 2011 dmueller@suse.de +- update to version 1.5.8: + * Clean up dead code, and make more warnings fatal in development builds + (fdo#39231, fdo#41012; Simon McVittie) + * Add a regression test for fdo#38005 (fdo#39836, Simon McVittie) + * Add _DBUS_STATIC_ASSERT and use it to check invariants + * Fix a small memory leak, and a failure to report errors, when updating + a service file entry for activation (fdo#39230, Simon McVittie) + * Clean up (non-abstract) Unix sockets on bus daemon exit + * On systems that use libcap-ng but not systemd, drop supplemental groups + when switching to the daemon user (Red Hat #726953, Steve Grubb) +* Fri Sep 30 2011 coolo@suse.com +- add libtool as buildrequire to make the spec file more reliable +* Sun Sep 18 2011 jengelh@medozas.de +- Remove redundant tags/sections from specfile + (cf. packaging guidelines) +* Mon Aug 1 2011 vuntz@opensuse.org +- Update to version 1.5.6: + + Potentially incompatible (Bustle and similar debugging tools + will need changes to work as intended): + - Do not allow match rules to "eavesdrop" (receive messages + intended for a different recipient) by mistake: eavesdroppers + must now opt-in to this behaviour by putting + "eavesdrop='true'" in the match rule, which will not have any + practical effect on buses where eavesdropping is not allowed + (fdo#37890) + + Other changes: + - D-Bus Specification version 0.18 (fdo#37890, fdo#39450, + fdo#38252): + . add the "eavesdrop" keyword to match rules + . define eavesdropping, unicast messages and broadcast messages + . stop claiming that match rules are needed to match unicast + messages to you + . promote the type system to be a top-level section + - Use DBUS_ERROR_OBJECT_PATH_IN_USE if + dbus_connection_try_register_object_path or + dbus_connection_try_register_fallback fails, not + ...ADDRESS_IN_USE, and simplify object-path registration + (fdo#38874) + - Consistently use atomic operations on everything that is ever + manipulated via atomic ops, as was done for changes to + DBusConnection's refcount in 1.4.12 (fdo#38005) + - Fix a file descriptor leak when connecting to a TCP socket + (fdo#37258) + - Make "make check" in a clean tree work, by not running tests + until test data has been set up (fdo#34405) + - The dbus-daemon no longer busy-loops if it has a very large + number of file descriptors (fdo#23194) + - Refactor message flow through dispatching to avoid locking + violations if the bus daemon's message limit is hit; remove + the per-connection link cache, which was meant to improve + performance, but now reduces it (fdo#34393) + - Some cmake fixes + - Remove dead code, mainly from DBusString (fdo#38570, + fdo#39610) + - Stop storing two extra byte order indicators in each D-Bus + message (fdo#38287) + - Add an optional Stats interface which can be used to get + statistics from a running dbus-daemon if enabled at configure + time with --enable-stats (fdo#34040) + - Fix various typos (fdo#27227, fdo#38284) + - Documentation (fdo#36156): + . let xsltproc be overridden as usual: ./configure + XSLTPROC=myxsltproc + . install more documentation automatically, including + man2html output + . put dbus.devhelp in the right place (it must go in + ${htmldir}) + - Unix-specific: + . look for system services in /lib/dbus-1/system-services in + addition to all the other well-known locations; note that + this should always be /lib, even on platforms where shared + libraries on the root FS would go in /lib64, + /lib/x86_64-linux-gnu or similar (fdo#35229) + . opt-in to fd passing on Solaris (fdo#33465) + - Windows-specific: + . fix use of a mutex for autolaunch server detection + . don't crash on malloc failure in + _dbus_printf_string_upper_bound +- Manually create /lib/dbus-1/system-services in %%install so that + we can own it. +* Fri Jul 1 2011 vuntz@opensuse.org +- Update to version 1.5.4: + + Security (local denial of service): + - Byte-swap foreign-endian messages correctly, preventing a + long-standing local DoS if foreign-endian messages are + relayed through the dbus-daemon (fdo#38120, deb#629938, no + CVE number yet) + + New things: + - The constant to use for an infinite timeout now has a name, + DBUS_TIMEOUT_INFINITE. + - If GLib and DBus-GLib are already installed, more tests will be built, + providing better coverage.(fdo#34570) + + Changes: + - Consistently use atomic operations for the DBusConnection's + refcount, fixing potential threading problems (fdo#38005) + - Don't use -Wl,--gc-sections by default: in practice the size + decrease is small (300KiB on x86-64) and it frequently + doesn't work in unusual toolchains. (fdo#33466) + - Use #!/bin/sh for run-with-tmp-session-bus.sh, making it work + on *BSD (fdo#35880) + - Use ln -fs to set up dbus for systemd, which should fix + reinstallation when not using a DESTDIR (fdo#37870) + - Windows-specific changes: + . don't try to build dbus-daemon-launch-helper (fdo#37838) +- Changes from version 1.5.2: + + Notes for distributors: + - This version of D-Bus no longer uses -fPIE by default. + + Changes: + + D-Bus Specification v0.17 + . Reserve the extra characters used in signatures by GVariant + (fdo#34529) + . Define the ObjectManager interface (fdo#34869) + + Don't force -fPIE: distributions and libtool know better than + we do whether it's desirable (fdo#16621, fdo#27215) + + Allow --disable-gc-sections, in case your toolchain offers + the -ffunction-sections, -fdata-sections and + - Wl,--gc-sections options but they're broken, as seen on + Solaris (fdo#33466) + + Install dbus-daemon and dbus-daemon-launch-helper in a more + normal way (fdo#14512) + + Ensure that maintainers upload documentation with the right + permissions (fdo#36130) + + Don't force users of libdbus to be linked against + - lpthread, -lrt (fdo#32827) + + Log system-bus activation information to syslog (fdo#35705) + + Log messages dropped due to quotas to syslog (fdo#35358) + + Make the nonce-tcp transport work on Unix (fdo#34569) + + On Unix, if /var/lib/dbus/machine-id cannot be read, try + /etc/machine-id (fdo#35228) + + In the regression tests, don't report fds as "leaked" if they + were open on startup (fdo#35173) + + Make dbus-monitor bail out if asked to monitor more than one + bus, rather than silently using the last one (fdo#26548) + + Clarify documentation (fdo#35182) + + Clean up minor dead code and some incorrect error handling + (fdo#33128, fdo#29881) + + Check that compiler options are supported before using them + (fdo#19681) + + Windows: + . Remove obsolete workaround for winioctl.h (fdo#35083) +* Tue Jun 28 2011 aj@suse.de +- Fix filelist to own a directory. +- Do not package html files twice. +* Wed May 18 2011 coolo@novell.com +- buildrequire update-desktop-files for mimetypes.prov +* Thu May 5 2011 coolo@opensuse.org +- switch to download_files service +* Wed Apr 20 2011 coolo@opensuse.org +- changes license to GPL2+ or AFL 2.1 +* Fri Apr 15 2011 thoenig@suse.de +- Update to 1.5.0 + * D-Bus Specification v0.16 + - Add support for path_namespace and arg0namespace in match rules + (fdo#24317, #34870; Will Thompson, David Zeuthen, Simon McVittie) + - Make argNpath support object paths, not just object-path-like strings, + and document it better (fdo#31818, Will Thompson) + * Let the bus daemon implement more than one interface (fdo#33757, + Simon McVittie) + * Optimize _dbus_string_replace_len to reduce waste (fdo#21261, + Roberto Guido) + * Require user intervention to compile with missing 64-bit support + (fdo#35114, Simon McVittie) + * Add dbus_type_is_valid as public API (fdo#20496, Simon McVittie) + * Raise UnknownObject instead of UnknownMethod for calls to methods on + paths that are not part of the object tree, and UnknownInterface for calls + to unknown interfaces in the bus daemon (fdo#34527, Lennart Poettering) +* Fri Apr 8 2011 thoenig@suse.de +- Update to 1.4.8 + * Rename configure.in to configure.ac, and update it to modern conventions + (fdo#32245; Javier Jardón, Simon McVittie) + * Correctly give XDG_DATA_HOME priority over XDG_DATA_DIRS (fdo#34496, + Anders Kaseorg) + * Prevent X11 autolaunching if $DISPLAY is unset or empty, and add + - -disable-x11-autolaunch configure option to prevent it altogether + in embedded environments (fdo#19997, NB#219964; Simon McVittie) + * Install the documentation, and an index for Devhelp (fdo#13495, + Debian #454142; Simon McVittie, Matthias Clasen) + * If checks are not disabled, check validity of string-like types and + booleans when sending them (fdo#16338, NB#223152; Simon McVittie) + * Add UnknownObject, UnknownInterface, UnknownProperty and PropertyReadOnly + errors to dbus-shared.h (fdo#34527, Lennart Poettering) + * Break up a huge conditional in config-parser so gcov can produce coverage + data (fdo#10887, Simon McVittie) + * List which parts of the Desktop Entry specification are applicable to + .service files (fdo#19159, Sven Herzberg) + * Don't suppress service activation if two services have the same Exec= + (fdo#35750, Colin Walters) + * Windows: + - Avoid the name ELEMENT_TYPE due to namespace-pollution from winioctl.h + (Andre Heinecke) + - Include _dbus_path_is_absolute in libdbus on Windows, fixing compilation + (fdo#32805, Mark Brand) +* Wed Mar 9 2011 coolo@novell.com +- Update to 1.4.6 + * Remove unfinished changes intended to support GTest-based tests, + which were mistakenly included in 1.4.4 +- Update to 1.4.4 + * Switch back to using even micro versions for stable releases; 1.4.1 + should have been called 1.4.2, so skip that version number + * Don't leave bad file descriptors being watched when spawning processes, + which could result in a busy-loop (fdo#32992, NB#200248; possibly + also LP#656134, LP#680444, LP#713157) + * Check for MSG_NOSIGNAL correctly + * Fix failure to detect abstract socket support (fdo#29895) + * Make _dbus_system_logv actually exit with DBUS_SYSTEM_LOG_FATAL + (fdo#32262, NB#180486) + * Improve some error code paths (fdo#29981, fdo#32264, fdo#32262, + fdo#33128, fdo#33277, fdo#33126, NB#180486) + * Avoid possible symlink attacks in /tmp during compilation (fdo#32854) + * Tidy up dead code (fdo#25306, fdo#33128, fdo#34292, NB#180486) + * Improve gcc malloc annotations (fdo#32710) + * If the system bus is launched via systemd, protect it from the OOM killer + * Documentation improvements (fdo#11190) + * Avoid readdir_r, which is difficult to use correctly (fdo#8284, + fdo#15922, LP#241619) + * Cope with invalid files in session.d, system.d (fdo#19186, + Debian #230231) + * Don't distribute generated files that embed our builddir (fdo#30285, + fdo#34292) + * Raise the system bus's fd limit to be sufficient for its configuration + (fdo#33474, LP#381063) + * Fix syslog string processing + * Ignore -Waddress + * Remove broken gcov parsing code and --enable-gcov, and replace them + with lcov HTML reports and --enable-compiler-coverage (fdo#10887) + * Windows: + - avoid live-lock in Windows CE due to unfair condition variables + * OpenBSD: + - support credentials-passing (fdo#32542) + * Solaris: + - opt-in to thread safety (fdo#33464) +* Sun Jan 2 2011 javier@opensuse.org +- Update to 1.4.1 + + Fix for CVE-2010-4352: sending messages with excessively-nested + variants can crash the bus. The existing restriction to 64-levels + of nesting previously only applied to the static type signature; + now it also applies to dynamic nesting using variants. Thanks to + Rémi Denis-Courmont for discoving this issue. + + Various bug fixes. + + For details, see + http://lists.freedesktop.org/archives/dbus/2010-December/013861.html +* Mon Nov 8 2010 aj@suse.de +- Fix package list, own /lib/systemd directories. +* Tue Oct 12 2010 cristian.rodriguez@opensuse.org +- ConsoleKit may not be installed on the system, so kill + the process at "stop" only if it is running +* Fri Sep 24 2010 cristian.rodriguez@opensuse.org +- add missimg BuildRequires on libcap-ng-devel so dbus can + drop capabilities when needed. +* Mon Sep 6 2010 kay.sievers@novell.com +- version 1.4.0 + - make dbus-uuidgen atomic + - fix socket descriptor leak in _dbus_connect_tcp_socket_with_nonce + - unconditionally enable D-Bus on systemd boots +* Sat Jul 24 2010 kay.sievers@novell.com +- update systemd service installation +* Tue Jul 13 2010 kay.sievers@novell.com +- drop systemd-units +* Sat Jul 10 2010 kay.sievers@novell.com +- update to 1.3.2 snapshot + - New standardized PropertiesChanged signal in the properties interface + - Support forking bus services, for compatibility +- install systemd service files +* Mon Jun 28 2010 jengelh@medozas.de +- use %%_smp_mflags +* Thu Mar 25 2010 vuntz@opensuse.org +- Update to version 1.2.24: + + For details, see + http://lists.freedesktop.org/archives/dbus/2010-March/012436.html + + Highlights: + - Fix a critical crasher bug in the syslog code + + [bus] While creating a syslog, correctly get pointer data from + DBusString + + [bus] Don't install a SIGTERM handler + + [64 bit printf] Update to use DBUS_PID_FORMAT, print (omitted) + + Move dispatching to destination to bus_dispatch_matches() + + Dispatch post-activation messages to anyone interested + + Build changes. +- Changes from version 1.2.22: + + For details, see + http://lists.freedesktop.org/archives/dbus/2010-March/012395.html + + Highlights: + - Fix to avoid UI freezes in newer Evolution versions (and any + other program that makes synchronous DBus calls from a + non-main thread). + - Monitor service directories for changes + + When handling a watch, return if another thread is doing I/O + + Monitor service directories for changes + + Sync up UNICODE_VALID with glib, add documentation + + Support inotify on older kernels + + Handle OOM in reload watch + + Refactor _dbus_log_info, _dbus_log_security into + _dbus_log_system + + Add DBUS_SYSTEM_LOG_FATAL severity + + Add _dbus_credentials_to_string_append + + Add a prefix to our syslog messages + + Make SELinux initialization failure fatal + + Don't send an reply for driver messages if one isn't requested + + Fix double-free in error case. + + Other simple fixes, build fixes. + + Explicitly specify in the spec lower-case hex must be used + + Use AM_SILENT_RULES if available +- Changes from version 1.2.20: + + For details, see + http://lists.freedesktop.org/archives/dbus/2010-February/012156.html + + Fix inotify shutdown + + Fix compilation in --disable-selinux case +- Changes from version 1.2.18: + + For details, see + http://lists.freedesktop.org/archives/dbus/2010-February/012150.html + + Ignore exit code zero from activated services + + Switch to libcap-ng, avoid linking libdbus against libcap[-ng] + + Don't drop pending activations when reloading configuration + + Update messagebus.in init script to start earlier + + Clean up inotify watch handling + + Don't crash when reloading if we haven't loaded user database + yet + + fdo#23502 - corrected wrong verbose-output + + Correct timeout handling + + dbus-monitor: use unbuffered stdout instead of handling SIGINT + + fdo#25697 - Fix memory leak in policy reload + + fdo#23977 - dbus-launch --exit-with-session not killing + dbus-daemon on SIGINT + + Use monotonic clock for _dbus_get_current_time() if it's + available. + + Make array-printing code easier to follow + + Forbid zero serial numbers + + Include reason when reporting corrupt messages + + Add an accessor for the loader's corruption reason + + Print byte arrays as nicely-formatted hex. + + Print all-printable-ASCII byte arrays as strings + + Build fixes, including fdo#19432, fdo#22788, fdo#22805 +* Mon Dec 14 2009 jengelh@medozas.de +- add baselibs.conf as a source +- package documentation as noarch +* Wed Sep 2 2009 mvidner@suse.cz +- Implemented /etc/init.d/dbus reload (bnc#503074). +* Thu Jul 23 2009 kay.sievers@novell.com +- fix %%changelog +* Fri Jul 17 2009 meissner@suse.de +- added dbus-1-devel to baselibs.conf +* Fri Jul 17 2009 kay.sievers@novell.com +- fix --libexecdir to be the proper /lib/dbus-1/ directory +* Wed Jul 15 2009 kay.sievers@novell.com +- update to 1.2.16 release + - Avoid race conditions reading message from exited process + - Ensure initialized variable in dbus_connection_remove_filter + - Don't fail autolaunching if process has SIGCHLD handler + - Ensure inotify fd is set close on exec + - Make sure a pending call timeout isn't assumed + - Allow a pending call to block forever + - Don't allocate DBusTimeout for pending call when passed INT_MAX + - Update documentation now that INT_MAX means no timeout + - Fix issue where timeouts can overflow + - Remove 6 hour timeout restriction + - Unrestrict session bus timeout +* Thu Apr 16 2009 crrodriguez@suse.de +- use --disable-static instead of removing static libraries +* Thu Apr 2 2009 werner@suse.de +- Make boot script smart +* Tue Feb 17 2009 thoenig@suse.de +- update to D-Bus 1.2.12: + - fdo#17969: Don't test for abstract sockets if explicitly + disabled + - fdo#18064: more efficient validation for fixed-size type + arrays + - Initialize AVC earlier so we can look up service security + contexts + - Print serial in dbus-monitor + - fdo#15412: Add --address option to dbus-send + - fdo#18446: Keep umask for session bus + - Fix cross-compiling with autotools. + - Some code cleanup and warning fixes; --maintainer-mode now + uses -Werror by default +- add patch dbus-log-deny.patch: log denies to syslog +- drop patch dbus-1.2.10-compile-fix.patch +* Mon Jan 26 2009 lnussel@suse.de +- remove dbus-1.2.10-permissive.patch +- move /lib/libdbus-1.so to /usr +* Tue Jan 20 2009 thoenig@suse.de +- update to 1.2.10: prepares fix for CVE-2008-4311 (bnc#443307) + - fix send_requested_reply="true" allows all non-reply messages + - add syslog of denials and config file reloads + - system policy cleanup +- add patch dbus-1.2.10-compile-fix.patch: 1.2.10 compile fix +- add patch dbus-1.2.10-permissive.patch: behave like permissive + branch, needs to be dropped as soon as all applications ship + with correct configuration files for the system bus +- drop patch dbus-do-not-abort-on-check-thoenig-01.patch +* Wed Dec 10 2008 dmueller@suse.de +- list the machine id as ghost file +- fix filelist +* Wed Dec 10 2008 olh@suse.de +- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade + (bnc#437293) +* Mon Nov 3 2008 thoenig@suse.de +- Remove dbus-allow-root-access-to-session-bus.patch (bnc#428963). +* Thu Oct 30 2008 olh@suse.de +- obsolete old -XXbit packages (bnc#437293) +* Fri Oct 10 2008 hpj@novell.com +- Add dbus-allow-root-access-to-session-bus.patch (bnc#428963). +* Tue Oct 7 2008 thoenig@suse.de +- Update to D-Bus 1.2.4 +- fix for CVE-2008-3834 (bnc#432901) +- compilation and portability fixes +* Wed Sep 3 2008 lnussel@suse.de +- hook into ConsoleKit for at_console support +- only require selinux for > 11.0 +* Mon Aug 25 2008 prusnak@suse.cz +- enabled SELinux support [Fate#303662] +* Fri Aug 22 2008 aj@suse.de +- Fix init script. +* Thu Aug 7 2008 thoenig@suse.de +- Update to D-Bus 1.2.3 +- Changes: + * new UpdateActivationEnvironment bus API (fdo#16669) + * Solaris Auditing (ADT) support (fdo#15740) + * Various notable bug fixes (fdo#16727, fdo#16294, fdo#15947 + fdo#15588 +- Remove patches which went upstream (dbus-userdb-typo.patch, + dbus-fix-timer-leak-dmueller-01.patch) +* Mon Jun 2 2008 thoenig@suse.de +- add patch dbus-userdb-typo.patch (bnc#394383) +* Wed May 7 2008 thoenig@suse.de +- add patch dbus-fix-timer-leak-dmueller-01.patch (bnc#381621) +* Thu Apr 24 2008 thoenig@suse.de +- %%post: don't use invalid macro +- %%post: don't call %%run_ldconfig (deprecated) +* Mon Apr 14 2008 thoenig@suse.de +- run dbus-uuidgen in %%post +* Thu Apr 10 2008 ro@suse.de +- added baselibs.conf file to build xxbit packages + for multilib support +* Tue Apr 8 2008 thoenig@suse.de +- Update to D-Bus 1.2.1 +- Changes: + * compiles under some older versions of glibc + * compiles without X support once again + * fix stuck server grab if dbus-launch is run in an existing + D-Bus X session + * various Mac OSX build fixes added + * don't use the broken poll call on Mac OSX + * better checks for linker flag support should allow D-Bus to + link under various linkers + * exit_on_disconnect is set after the connection registers with + a bus so we don't exit if we get a disconnect during the + handshake + * dicts now work correctly with dbus-send + * inotify backend is now less aggressive + * pending calls expire correctly + * memleak of uuid when the bus is autolaunched fixed +* Wed Feb 27 2008 thoenig@suse.de +- Update to D-Bus 1.1.20 +- Changes: + * system bus activation + * TCP address format enhancements + * ANONYMOUS mechanism for authentication + * autolaunched busses now save their parameters in X11 if + possible + * inotify is now the default backend for watching configuration + file changes + * better thread support + * bus daemon now generates a globally-unique ID for itself + * support for message serialization added + * better eavesdropping support now picks up reply messages for + debugging + * Fixed CVE-2008-0595 + * Fixes dbus-launch so the session bus goes away so does D-Bus + * Builds against latest gcc/glibc changes + * Correctly unref connections without guids during shutdown + * API additions: + o dbus_connection_set_allow_anonymous() - allow the message + stream to begin if the client auths as anonymous + o dbus_watch_get_unix_fd() - replaces dbus_watch_get_fd + o dbus_watch_get_socket() - replaces dbus_watch_get_fd + o dbus_server_get_id() - available to access the unique ID of + a particular address + o dbus_connection_get_server_id() - available to access the + unique ID of a particular address + o dbus_message_marshal() - serializes a message into a byte + array + o dbus_message_demarshal() - de-serializes a byte array into + a message + * API deprecation: + o dbus_watch_get_fd() - had unclear cross-platform semantics + * Protocol additions: + o Argument path matching of the type arg0path=’/aa/bb/’ is now + supported + o New error org.freedesktop.DBus.Error.ObjectPathInUse added + o ANONYMOUS auth support added + o GetAll call added to the properties interface for getting a + list of properties an object exports +- Add patch dbus-1.1.20-fix-build.patch +* Fri Jan 18 2008 thoenig@suse.de +- Update to D-Bus 1.1.4 (1.2.0 RC2) +- Drop patch dbus-inotify-fix-thoenig-01.patch: Merged upstream +* Thu Jan 17 2008 thoenig@suse.de +- Add patch dbus-inotify-fix-thoenig-01.patch: Fix inotify support +* Wed Jan 16 2008 thoenig@suse.de +- Update to D-Bus 1.1.3 +- DTD for the introspection format is fixed and uploaded to the + servers +- Argument path matching of the type arg0path='/aa/bb/' is now + supported (see the specification for more information) +- New error org.freedesktop.DBus.Error.ObjectPathInUse added + Autolaunched busses now save their parameters in X11 if possible + making them behave closer to busses launched through the normal + mechanisms +- inotify is now the default backend for watching configuration + file changes +- More support for the AIX platform has been added +- Numerous bug fixes and performance enhancements +* Thu Dec 13 2007 thoenig@suse.de +- Fix permissions for activation helper +- Use bzip2 for tar ball +* Mon Nov 19 2007 thoenig@suse.de +- Update to snapshot of D-Bus 1.1.3 (git20071112) +- Own /usr/share/dbus-1/system-services +- Don't restart on update +- Remove dbus-audit-user.patch (upstream) +* Fri Oct 19 2007 jpr@suse.de +- Correct error in fix for b.n.c 332845, extraneous $DBUS_DAEMON_PID +* Fri Oct 19 2007 meissner@suse.de +- adjust permissions handling +* Fri Oct 12 2007 thoenig@suse.de +- Don't use startproc (b.n.c 332845) +- Merge D-Bus package from build service +* Tue Oct 2 2007 tambet@novell.com +- Update to 1.1.2 for system service activation. +- Add patches from RedHat: + dbus-lsb.patch + dbus-audit-user.patch + dbus-no-abort.patch +* Tue Sep 25 2007 dmueller@suse.de +- install a interfaces directory +* Fri Aug 10 2007 dmueller@suse.de +- package size reduction (31%%) +- documentation shouldn't be executable +* Mon Jul 30 2007 thoenig@suse.de +- Fix path in rc script for both, dbus-daemon and dbus-uuidgen +* Sun Jul 29 2007 ro@suse.de +- next attempt to fix path for dbus-launch +* Sat Jul 28 2007 thoenig@suse.de +- Fix location of dbus-1-launch for dbus-1-x11 +- Fix dbus-1-devel to own %%{_libdir}/dbus-1.0 +* Wed Jul 25 2007 thoenig@suse.de +- move D-Bus to / (b.n.c #285472) +- remove static libraries +* Fri Jul 20 2007 dmueller@suse.de +- build against libexpat (#285472) +* Tue Jun 19 2007 thoenig@suse.de +- Add $local_fs to Required-Start (b.n.c #285472) +* Fri Mar 16 2007 dmueller@suse.de +- display error messages from dbus-launch +* Sun Feb 25 2007 thoenig@suse.de +- remove leading whitespace from .changes +* Thu Feb 22 2007 thoenig@suse.de +- Disable dbus-do-not-abort-on-check-thoenig-01.patch until we hit + RC phase. +* Mon Feb 19 2007 dmueller@suse.de +- fix mis-placed comment marker +* Tue Feb 13 2007 dmueller@suse.de +- build wih x support for dbus-1-x11 package (#225627) +* Wed Dec 13 2006 thoenig@suse.de +- move invocation of autoreconf from %%prep to %%build +- update to D-Bus 1.0.2 (skipped 1.0.1) + - fix security bug CVE-2006-6107 match rules can be removed by + apps that did not create them + - pthread fix + - fix bug where calling dbus_threads_init_default would assert + - fix UUID output to match the spec + - clear up documentation on UUIDs +* Sun Nov 12 2006 thoenig@suse.de +- add patch dbus-do-not-abort-on-check-thoenig-01.patch: Do not + call _dbus_warn_check_failed() but _dbus_warn() on checks as + _dbus_warn_check_failed() always leads to abort(3) +* Sat Nov 11 2006 thoenig@suse.de +- update to D-Bus 1.0.0 + - documents updated with API/ABI guarantees + - added missing patch FreeBSD need to run out of the box + - dbus-monitor now has a profile mode + - AUTHORS file updated with names from the ChangeLog. Thanks to + everyone who helped get us here +* Thu Nov 9 2006 thoenig@suse.de +- start service for D-Bus system bus also in run level 2 (b.n.c + [#216805]) +* Fri Nov 3 2006 thoenig@suse.de +- remove patch + dbus-send-do-not-close-shared-connection-thoenig-01.patch (fix + is now upstream) +- run cleanup-man-pages.sh to clean up Doxygen man page output +- cleanup rc script, add invocation of dbus-uuidgen +- do not call dbus-uuidgen in %%post +- update to D-Bus 0.95 + - DBUS_API_SUBJECT_TO_CHANGE no longer needs to be defined when + building apps + - ./configure checks now work when cross compiling + - dbus-uuidgen --ensure is now run in the init script so there + is no need to run it in a post script + - dbus-uuidgen now writes out to /var/lib/dbus to work with + systems that do not have a writable /etc. Packages should + install and own the /var/lib/dbus directory + - recursive locks are now used when dbus_threads_init_default is + called + - standard_session_servicedirs tag added to the session.conf + under a normal build this specifies these service directories: + /usr/local/share/dbus-1/services + /usr/share/dbus-1/services + $HOME/.local/share/dbus-1/services + - fixed crash when a service directory is specified more than + once + - fixed a crash in *BSD when watching config directories for + changes + - fixed Irix build by using dirp->__dd_fd to get the file + descriptor + - cleaned up the LOCAL_CREDS vs CMGCRED credential code so + * BSD's don't crash here anymore + - dbus_message_iter_get_array_len deprecated + - cleanup-man-pages.sh added so packagers can clean up Doxygen + man page output from 7 to 2 megs + - large documentation improvements + - numerous bug fixes +* Mon Oct 23 2006 thoenig@suse.de +- add patch + dbus-send-do-not-close-shared-connection-thoenig-01.patch: + Do not call dbus_connection_close() for shared connection. +* Sun Oct 15 2006 thoenig@suse.de +- do not kill applications using D-Bus on update (b.n.c #210192) +- fix 'rcdbus status' to report correctly if D-Bus was not running +- run 'dbus-uuidgen --ensure' in %%post section +- drop patch dbus-unref-connections-on-close-thoenig-01.patch + (fix is upstream) +- drop patch dbus-display_DBUS_DAEMONDIR_in_configure.diff (fix is + upstream) +- drop patch dbus-tools_autobuild.diff (not required any more) +- update to D-Bus 0.94 (skipped 0.93) + - dbus-uuidgen binary added for future remote machine + identification + * packagers should call dbus-uuidgen --ensure in their post + - GetMachineId peer method added to the bus API + - dbus_connection_set_route_peer_messages API added to let the + bus send peer messages directly to an app + - autolaunch abilities added to dbus-launch with the + - -autolaunch flag + * This feature allows libdbus to start a session bus if none + can be found + * This is an internal feature and should not be used by + scripts DBUS_SESSION_BUS_ADDRESS is still the correct way to + specify a session bus + - dbus-launch now prints out a simple key value pairs instead of + shell scripts if one of the shell flags aren't used + - support DBUS_BLOCK_ON_ABORT env variable to cause blocking + waiting for gdb + - weak ref are now held for shared connections so the right + things happen this fixes some pretty major bugs with the way + connections were handled + - some refactoring for Windows (doesn't effect Unix) + - Solaris build fixes + - MacOSX build fixes + - Cross compile build fixes. We now assume getpwnam_r is posix + and va_lists can be copied by value since we can't check this + in a cross compile. If this is not true for a particular target + is up to the developer to patch. + - dbus_threads_init_default added for initalizing threads without + the need for bindings + - Filters are now properly removed + - dbus_connection_open now holds a hard ref to shared connections + - we now print out a warning and do nothing when someone tries to + close a shared connection + - the --introspect switch has been added to the bus for printing + out introspection data without actually running the bus + - LOCAL_CREDS socket credentials are now supported for systems + which support it such as NetBSD + - generalize kqueue support so it works with NetBSD as well as + FreeBSD + - numerous bug fixes and memory leaks patched +* Thu Aug 31 2006 dkukawka@suse.de +- added patch dbus-display_DBUS_DAEMONDIR_in_configure.diff to + expand the complete path of DBUS_DAEMONDIR (b.n.c. #202854) +* Thu Aug 24 2006 thoenig@suse.de +- add patch dbus-unref-connections-on-close-thoenig-01.patch: Unref + connections on dbus_connection_close (b.n.c. #201164). +* Sat Aug 19 2006 thoenig@suse.de +- update to D-Bus 0.92 + - proper thread locking added to pending calls + - threading semantics changed from init early to init before the + second thread + - correctly error out when an application tries to acquire or + release the org.freedesktop.DBus name instead of sending false + result codes + - kqueue directory watching code can now be used to monitor + config file changes on FreeBSD + - --with-dbus-daemondir configure switch added so the daemon can + be installed separate from the user binaries + - Makefiles fixed for cygwin + - fixed docs and comments to use the D-Bus spelling instead of + D-BUS + - many memleaks and bugs fixed +* Thu Aug 17 2006 thoenig@suse.de +- update to D-Bus 0.92 CVS snapshot 2006-08-17 +- don't crash in dbus_pending_call_get_completed if D-Bus + connection is used twice in one application +- dbus-1-devel-doc: don't package non-existent HTML files +* Wed Aug 16 2006 aj@suse.de +- Do not use xmlto in BuildRequires. +* Tue Aug 1 2006 thoenig@suse.de +- split out binings to sparate spec files +- string replacement: s/D-BUS/D-Bus +- spec file cleanups +- remove aaa_base from requires +- drop dbus-1-qt (qt-dbus obsoletes dbus-1-qt) +- new upstream version 0.91 (skipped 0.90) + - remove some lingering bits left over from the bindings split + - fix assertion causing D-Bus applications to crash when checks + are enabled + - fix a timeout bug which would block applications from being + auto started + - API/ABI freeze for 1.0 + - bindings are now split out into seperate packages + - listActivatableNames added as a method on the bus + - removed deprecated dbus_connection_disconnect (use + dbus_connection_close) + - shared connections are now unreffed on disconnect + - fixed pending calls for threaded enviornments + - pending calls get timed out on connection disconnect + - dbus_connection_send_with_reply returns TRUE and a NULL pending + call if you call it on a connection object which has been + disconnected already (it returns FALSE on Out of Memory errors + only) + - dbus-monitor now correctly catches methods, not just signals + - dbus-monitor now prints object paths +* Fri Jul 7 2006 adrian@suse.de +- fix build for < 10.1 + * do not use -fstack-protector +- fix build for non-SUSE distros +* Tue Jul 4 2006 adrian@suse.de +- fix build for 10.1 +- remove requires to -%%release which can't work +* Mon Jul 3 2006 thoenig@suse.de +- call configure with --exec_prefix and --datadir +- spec file clean up +* Thu Jun 22 2006 thoenig@suse.de +- fix build: add freetype2-devel and libpng-devel to dbus-1-qt.spec +- add patch: dbus-pending-reply-revert.diff to avoid crashes of + multi-threaded applications using libdbus-1. +* Tue Jun 20 2006 coolo@suse.de +- split out -qt and -qt3 into their own spec files +* Mon Jun 12 2006 thoenig@suse.de +- new upstream version 0.62 + - doc fixes + - add support for all data-types for the dbus tools + - fix eavesdropping on method calls (dbus-monitor) + - fix silent dropping of method calls with interface=NULL + - fix console ownership problems in Solaris + - fix installation of dbus-signature.h and #include it in dbus/dbus.h + - flush the user database cache on config reload + - GLib bindings: + - fix memory leaks + - fix properties in DBusGProxy so that they can be given in any + order + - add lots of assertions to ensure correct use + - remove duplicated code + - fix static string pointer uses in GPtrArray-based collections + - Python bindings: + - remove reference to sys/cdefs.h + - Qt4 bindings: + - code reorganized + - add the dbusidl2cpp, dbuscpp2xml and dbus tools + - add example programs (ping-pong, complex ping-pong, listnames, chat) + - updat selftests + - fix compilation and .moc- and .ui-file processing and cleaning + - make central classes derive from QObject + - enhance error reporting + - many bugfixes + - Mono bindings: + - minor bugfixes +- dbus-gcj_fixes.diff: remove hunk for fastjar +- dbus-qt_moc_configure.diff: dropped, now upstream +- dbus-qt_compile_fix.diff: dropped, now upstream +- dbus-mono-args.diff: dropped, now upstream +- dbus-mono-return-null.diff: dropped, now upstream +- dbus-pedantic_compile.diff: dropped, now upstream +- dbus-reply_pending_limit.diff: dropped, now upstream +- add fastjar to requires of dbus-1-mono +* Mon Apr 24 2006 thoenig@suse.de +- Add patch (dbus-mono-exit-on-disconnect.diff) from Aaron Bockover + to extend the API of the mono bindings for exit_on_disconnect() + (Novell bug #167824). +* Wed Mar 15 2006 thoenig@suse.de +- disable dbus-connection-blocks-on-poll.diff as it leads to + crashes in applications using + dbus_connection_send_with_reply_and_block (). +* Mon Mar 6 2006 thoenig@suse.de +- add restart_on_update back to %%postun (#143151, #150042) +* Fri Mar 3 2006 thoenig@suse.de +- Add patch (dbus-connection-blocks-on-poll.diff) in order to fix + pending replies being delayed if an application using the bus + blocks on another pending reply. (not tracked in upstream + bugzilla, only on-list, Novell bug #154916) +- Sync patches with dbus-1-mono +* Wed Mar 1 2006 thoenig@suse.de +- Add patch (dbus-reply_pending_limit.diff) in order to fix the + pending replies limit not to be common for all connections. + (Freedesktop bug #4200, Novell bug #153733) +* Fri Feb 24 2006 aj@suse.de +- Sync patches with dbus-1-mono. +* Tue Feb 14 2006 ro@suse.de +- move all bindings except for glib to dbus-1-mono specfile +- remove restart_on_update (only restart on reboot) (#143151) +* Fri Feb 3 2006 aj@suse.de +- Remove unneeded BuildRequires. +* Sun Jan 29 2006 aj@suse.de +- Splitup packages dbus-1-qt3-devel, dbus-1-qt-devel (#144857). +* Fri Jan 27 2006 mls@suse.de +- converted neededforbuild to BuildRequires +* Mon Jan 23 2006 thoenig@suse.de +- Fixed D-BUS to restart on `rcdbus restart` id session busses + are running (closes #127969) +* Fri Jan 20 2006 werner@suse.de +- Make rc script fully conforming with LSB +* Thu Jan 19 2006 meissner@suse.de +- Use -fstack-protector. +- Added some missing requires to the -devel packages. +* Thu Jan 5 2006 thoenig@suse.de +- added libxml2-python to Requires of dbus-1-python (closes + [#141225]) +* Tue Dec 20 2005 dmueller@suse.de +- fix Qt4/x86_64 build with Qt 4.1 +* Sat Dec 17 2005 thoenig@suse.de +- renamed sub package for Qt bindings from dbus-1-qt to dbus-1-qt3 +- introducing Qt4 bindings, new package is dbus-1-qt +- renamed dbus-qt_compile_fix.diff to dbus-qt3_compile_fix.diff +- added -fno-strict-aliasing to CXXFLAGS +- modified patch: + * removed configure.in parts of dbus-qt3_compile_fix.diff (fixed + upstream) +- removed patches: + * dbus-dnotify_configure-01.diff (fixed upstream) + * dbus-dnotify_watchdirs-01.diff (fixed upstream) +* Fri Dec 9 2005 ro@suse.de +- disable selinux +* Tue Nov 22 2005 coolo@suse.de +- make libdbus-1-qt self containing lib +* Sat Nov 12 2005 thoenig@suse.de +- added patches to make dnotify actually work for configuration + file changes. We now can add new bus policies at runtime. + * dbus-dnotify_configure-01.diff + * dbus-dnotify_watchdirs-01.diff +* Thu Oct 20 2005 thoenig@suse.de +- added -fPIC to CFLAGS +* Wed Sep 21 2005 thoenig@suse.de +- new upstream version 0.50.2 (skipped some) +- removed patches: + * dbus-disable_kde_dependency.diff (upstream) + * dbus-transaction_fix.diff (upstream) + * dbus-session-connect.diff (upstream) + * dbus-gcj_fix_for_gcc4_on_x86_64.diff (duplicated, see + dbus-gcj_fixes.diff) +- modified patch: + * dbus-gcj_fixes.diff (removed reference to $BUILD_ROOT in .la) +* Sat Sep 17 2005 dmueller@suse.de +- make header files compileable with -pedantic +* Tue Sep 6 2005 dkukawka@suse.de +- fixed return values for rchal start to be LSB conform (#115385) +* Sun Sep 4 2005 aj@suse.de +- Add check-build.sh script. +* Tue Aug 30 2005 thoenig@suse.de +- Moved man pages to correct sub-packages (closes #114036) +* Tue Aug 30 2005 thoenig@suse.de +- Added patch to fix session bus exploit (CAN-2005-0201, closes + [#114043]) +* Thu Aug 4 2005 thoenig@suse.de +- Replaced previous workaround for #98264 with a proper fix +* Tue Jul 26 2005 thoenig@suse.de +- Reduce timeout for (wrongly assumed?) oom situations from 500ms + to 50ms (closes #98264). +* Mon Jul 18 2005 thoenig@suse.de +- new upstream version 0.35.2 (skipped 0.35 and 0.35.1) +- removed patches: + * dbus-python_bindings_gcc4_fix.diff (obsolete) + * dbus-console-auth-SuSE-01.diff (upstream) +- new patches: + * dbus-gvalue-utils-fix.diff (function returned random data) + * dbus-python_bindings_fix.diff (unititialized variable) +* Wed Jun 22 2005 thoenig@suse.de +- new upstream version 0.34 +- new patch `dbus-console-auth-SuSE-01.diff`: this patch adds the + command line option "--with-console-auth-dir" for resmgr + integration. +* Wed Jun 22 2005 thoenig@suse.de +- moved *.la *.a and *.pc files from dbus-1-glib to dbus-1-devel +- added dbus-1-glib and glib2-devel to Requires of dbus-1-devel +* Thu May 19 2005 adrian@suse.de +- fix path to documentation in susehelp desktop file +* Mon May 2 2005 lnussel@suse.de +- fix init script dbus-daemon-1 -> dbus-daemon +- use fastjar only on > 9.3 +* Thu Apr 28 2005 thoenig@suse.de +- new upstream version 0.33 +- fixed typo in 'rc.boot.dbus' +* Mon Apr 25 2005 thoenig@suse.de +- updated e-mail address in 'rc.boot.dbus' +* Thu Apr 21 2005 thoenig@suse.de +- updated short description in 'rc.boot.dbus' +* Wed Apr 20 2005 thoenig@suse.de +- D-BUS 0.33 (CVS 2005-04-19) +- ABI changes will affect packages: beagle, gnome, hal, + ial, kdebase3, submount, tomboy. A tutorial to fix errors caused + by the ABI/API change: + http://people.redhat.com/johnp/files/dbus_0.23_to_0.30_porting_quickref.txt +- enabled python bindings again. GCC4 fix is provided by + dbus-python_bindings_gcc4_fix.diff. This patch is to be dropped + once pyrex generates GCC4-clean C code. +* Mon Apr 18 2005 ro@suse.de +- use "fastjar" instead of "jar" with gcc-4 +- disable python bindings for now + (generated code is not really gcc-4 compliant) +* Wed Mar 16 2005 thoenig@suse.de +- applied 'dbus-il-fix.patch' for dbus-1-mono to prevent a crash + caused by a change in mono. +* Mon Mar 14 2005 schwab@suse.de +- Fix name of init script. +* Mon Mar 14 2005 thoenig@suse.de +- changed init order for hal/dbus/resmgr +* Sun Mar 13 2005 thoenig@suse.de +- applied `dbus-mono-leak.diff` which fixes memory leaks of the + mono bindings. +* Sat Mar 12 2005 thoenig@suse.de +- new upstream version 0.23.4 +* Thu Mar 10 2005 thoenig@suse.de +- new upstream version 0.23.3 +- removed obsolete patch (python_bindings_x86_64_fix.diff) +* Thu Mar 3 2005 dkukawka@suse.de +- fixed boot.dbus [see bug# 65775] +* Mon Feb 28 2005 thoenig@suse.de +- moved files from dbus-1-devel to dbus-1-{glib,java,qt} +* Tue Feb 22 2005 thoenig@suse.de +- added fix for python bindings to compile on 64 bit +- moved {_datadir}/dbus-1 and {_datadir}/dbus-1/services from + dbus-1-x11 to dbus-1 package +* Mon Feb 21 2005 gekker@suse.de +- Fix dbus-1-x11, add directory so dbus-launch will work +* Mon Feb 21 2005 adrian@suse.de +- avoid kde dependencies to improve our build times. + The only thing which does need KDE is the configure script, + the bindings itself are pure Qt +* Sun Feb 20 2005 thoenig@suse.de +- new upstream version 0.23.2 +* Sun Feb 20 2005 thoenig@suse.de +- new upstream version 0.23.2 +* Tue Feb 15 2005 dkukawka@suse.de +- update to new version 0.23.1 +* Tue Feb 15 2005 dkukawka@suse.de +- update to new version 0.23.1 +* Fri Feb 4 2005 gekker@suse.de +- Use mono-devel-packages in neededforbuild +- pass --enable-mono in ./configure +- Make sure the symbolic link of dbus-sharp.dll is installed +* Thu Feb 3 2005 thoenig@suse.de +- fixed assignment of .pc files + * dbus-1.pc is now owned by dbus-1-devel + * dbus-glib-1.pc is now owned by dbus-1-glib + * dbus-sharp.pc is now owned by dbus-1-mono +* Thu Feb 3 2005 thoenig@suse.de +- fixed assignment of .pc files + * dbus-1.pc is now owned by dbus-1-devel + * dbus-glib-1.pc is now owned by dbus-1-glib + * dbus-sharp.pc is now owned by dbus-1-mono +* Thu Feb 3 2005 ro@suse.de +- use common macros in pre/post scripts +* Fri Jan 28 2005 dkukawka@suse.de +- fixed specfile of dbus +* Fri Jan 28 2005 dkukawka@suse.de +- added aaa_base to requirements +- added /etc/init.d/boot.localfs to prereqy +* Tue Jan 25 2005 dkukawka@suse.de +- cleaned up requirements in spec-file +- disabled all unneeded bindings within ./configure to reduce + buildtime +* Tue Jan 25 2005 dkukawka@suse.de +- cleaned up requirements in spec-file +* Sun Jan 23 2005 dkukawka@suse.de +- fixed libdir directory for x86_64 in mono package +* Sun Jan 23 2005 dkukawka@suse.de +- fix libdir directory for x86_64 +* Thu Jan 20 2005 adrian@suse.de +- enable api docu for qt, c# and java +- integrate api docu into suse help +* Thu Jan 13 2005 dkukawka@suse.de +- update to new version [0.23]. For more infos read the Changelog + of the src +* Thu Jan 13 2005 dkukawka@suse.de +- update to new version [0.23]. For more info read the Changelog + of the src +- changed position in /etc/rc.d/boot.d/, now dbus start depending + on boot.localnet (this is a workaround to the /var/run - cleanup + is moved from boot.localnet to boot.localfs) +* Wed Jan 12 2005 dkukawka@suse.de +- changed some in dbus-1-mono.spec +* Wed Jan 12 2005 dkukawka@suse.de +- changed rc-script: + - now dbus start in boot.d + - start depends on boot.localfs +- changed spec-file, now insserv instead of chkconfig +- fixed bug #49410 +* Tue Jan 11 2005 ro@suse.de +- added /usr/lib/qt3/bin to PATH (for moc) +* Mon Jan 10 2005 adrian@suse.de +- fix build, qt developer tools aren't in default PATH anymore +* Mon Nov 29 2004 dkukawka@suse.de +- removed ExclusiveArch, since mono and gtk-sharp for other + archs available (thanks to ro@suse.de) +* Sun Nov 28 2004 dkukawka@suse.de +- moved package to ../done/I386 , package is only for %%ix86, + because on other archs we don´t have gtk-sharp +- changed requirements [dbus = %%{version}-%%{dbus_release}] +* Sun Nov 28 2004 dkukawka@suse.de +- init +* Thu Nov 25 2004 dkukawka@suse.de +- removed automatically deleting of DBUS-user and -group in + uninstall-routine +- readding dbus-1-python package +- changed different due to new automake and python versions +- added Requires and BuildRequires +* Tue Nov 23 2004 dkukawka@suse.de +- added packages [glib, x11] +- change different things in packages, removed doupled/conflicting + files in packages [base-rpm, devel, gtk, java, qt] +- changed different in %%pre, %%preun, %%post, %%postun sections of the + spec-file +- stop dbus automatically before uninstall +- add/remove now dbus automatically to/from system services +* Sat Nov 20 2004 dkukawka@suse.de +- fixed bug in spec-file +* Thu Nov 18 2004 dkukawka@suse.de +- removed binding package for Python while automake is fixed ! +* Wed Nov 17 2004 dkukawka@suse.de +- added binding packages [java, qt, gtk, python] +* Fri Nov 5 2004 thoenig@suse.de +- dynamic allocation of user id user messagebus +- dynamic allocation of group id for group messagebus +* Wed Oct 20 2004 thoenig@suse.de +- init diff --git a/dbus-1.desktop b/dbus-1.desktop new file mode 100644 index 0000000..7588cea --- /dev/null +++ b/dbus-1.desktop @@ -0,0 +1,4 @@ +[Desktop Entry] +Name=D-Bus API Documentation +DocPath=/usr/share/doc/packages/dbus-1-devel/html/index.html +X-DOC-SearchMethod=htdig diff --git a/dbus-1.spec b/dbus-1.spec new file mode 100644 index 0000000..138bb35 --- /dev/null +++ b/dbus-1.spec @@ -0,0 +1,380 @@ +# +# spec file for package dbus-1 +# +# Copyright (c) 2022-2023 ZhuningOS +# + + +%define with_systemd 1 +%define _name dbus +%define _libname libdbus-1-3 +# Temporary code to disable service restart on update sflees@suse.de boo#1020301 +%global _backup /etc/sysconfig/services.rpmbak.%{name}-%{version}-%{release} +%if 0%{?suse_version} <= 1320 +%define _userunitdir %{_prefix}/lib/systemd/user +%endif +%bcond_without selinux +Name: dbus-1 +Version: 1.12.2 +Release: 150400.18.8.1 +Summary: D-Bus Message Bus System +License: GPL-2.0-or-later OR AFL-2.1 +Group: System/Daemons +Url: http://dbus.freedesktop.org/ +Source0: http://dbus.freedesktop.org/releases/dbus/%{_name}-%{version}.tar.gz +Source2: dbus-1.desktop +Source3: dbus_at_console.ck +Source4: baselibs.conf +Patch0: feature-suse-log-deny.patch +# PATCH-FIX-OPENSUSE coolo@suse.de -- force a feature configure won't accept without x11 in buildrequires +Patch1: feature-suse-do-autolaunch.patch +# Patch-Feature-opensuse sflees@suse.de, users shouldn't be allowed to start / stop the dbus service. +Patch2: feature-suse-refuse-manual-start-stop.patch +Patch3: fix-CVE-2019-12749.patch +# bsc#1187105 +Patch4: fix-upstream-userdb-constpointer.patch +Patch5: fix-upstream-CVE-2020-35512.patch +# bsc#1172505 +Patch6: fix-upstream-CVE-2020-12049.patch +Patch7: fix-upstream-CVE-2020-12049_2.patch +Patch8: fix-upstream-CVE-2022-42010.patch +Patch9: fix-upstream-CVE-2022-42011.patch +Patch10: fix-upstream-CVE-2022-42012.patch +Patch11: fix-upstream-CVE-2023-34969.patch +BuildRequires: audit-devel +BuildRequires: autoconf-archive +BuildRequires: doxygen +BuildRequires: libcap-ng-devel +BuildRequires: libexpat-devel >= 2.1.0 +BuildRequires: libtool +BuildRequires: permissions +BuildRequires: pkg-config +BuildRequires: update-desktop-files +BuildRequires: xmlto +BuildRequires: pkgconfig(libsystemd) >= 209 +Requires(post): %{_libname} = %{version} +Requires(post): update-alternatives +Requires(pre): permissions +Requires(pre): shadow +Requires(preun): update-alternatives +Provides: dbus-launch +BuildRoot: %{_tmppath}/%{name}-%{version}-build +%if %{with selinux} +BuildRequires: libselinux-devel +%endif + +%package -n %{_libname} +Summary: Library package for D-Bus +Group: Development/Libraries/Other + +%package devel +Summary: Developer package for D-Bus +Group: Development/Libraries/Other +Requires: %{_libname} = %{version} +Requires: dbus-1 = %{version} +Requires: glibc-devel + +%package devel-doc +Summary: Developer documentation package for D-Bus +Group: Development/Libraries/Other +Requires: dbus-1 = %{version} +BuildArch: noarch + +%description +D-Bus is a message bus system, a simple way for applications to talk to +one another. D-Bus supplies both a system daemon and a +per-user-login-session daemon. Also, the message bus is built on top of +a general one-to-one message passing framework, which can be used by +any two apps to communicate directly (without going through the message +bus daemon). + +%description -n %{_libname} +D-Bus is a message bus system, a simple way for applications to talk to +one another. D-Bus supplies both a system daemon and a +per-user-login-session daemon. Also, the message bus is built on top of +a general one-to-one message passing framework, which can be used by +any two apps to communicate directly (without going through the message +bus daemon). + +%description devel +D-Bus is a message bus system, a simple way for applications to talk to +one another. D-Bus supplies both a system daemon and a +per-user-login-session daemon. Also, the message bus is built on top of +a general one-to-one message passing framework, which can be used by +any two apps to communicate directly (without going through the message +bus daemon). + +%description devel-doc +D-Bus is a message bus system, a simple way for applications to talk to +one another. D-BUS supplies both a system daemon and a +per-user-login-session daemon. Also, the message bus is built on top of +a general one-to-one message passing framework, which can be used by +any two apps to communicate directly (without going through the message +bus daemon). + +%prep +%setup -q -n %{_name}-%{version} +%autopatch -p1 + +%build +echo 'HTML_TIMESTAMP=NO' >> Doxyfile.in +autoreconf -fi +# We use -fpie/-pie for the whole build; this is the recommended way to harden +# the build upstream, see discussion in fdo#46570 +export CFLAGS="%{optflags} -fno-strict-aliasing -fPIC -fpie" +export LDFLAGS="-pie" +export CXXFLAGS="%{optflags} -fno-strict-aliasing" +export V=1 +# is_opensuse was first defined after openSUSE 13.2 +%configure \ + --disable-static \ + --disable-asserts \ + --libexecdir=%{_libexecdir}/dbus-1 \ + --enable-inotify \ + --enable-doxygen-docs \ +%if %{with selinux} + --enable-selinux \ +%endif + --enable-systemd \ + --enable-user-session \ + --enable-libaudit \ +%if 0%{?suse_version} <= 1315 && !0%{?is_opensuse} + --with-console-auth-dir=%{_localstatedir}/run/dbus/at_console/ \ + --with-system-pid-file=%{_localstatedir}/run/dbus/pid \ + --with-system-socket=%{_localstatedir}/run/dbus/system_bus_socket \ +%else + --with-console-auth-dir=/run/dbus/at_console/ \ + --with-system-pid-file=/run/dbus/pid \ + --with-system-socket=/run/dbus/system_bus_socket \ +%endif + --with-systemdsystemunitdir=%{_unitdir} \ + --with-systemduserunitdir=%{_userunitdir} \ + --without-x +make %{?_smp_mflags} + +doxygen -u && doxygen +./cleanup-man-pages.sh + +%check +make check + +%install +%make_install + +mkdir -p %{buildroot}/lib/dbus-1/system-services +# dbus-launch, too +mv -f %{buildroot}/%{_bindir}/dbus-launch %{buildroot}%{_bindir}/dbus-launch.nox11 +mkdir -p %{buildroot}%{_sbindir} +ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rcdbus +%if 0%{?suse_version} <= 1315 && !0%{?is_opensuse} +install -d %{buildroot}%{_localstatedir}/run/dbus +%else +install -d %{buildroot}/run/dbus +%endif +mkdir -p %{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/ +install -m 0644 %{SOURCE2} \ + %{buildroot}/%{_datadir}/susehelp/meta/Development/Libraries/dbus-1.desktop +mkdir -p %{buildroot}/%{_libdir}/pkgconfig +mkdir -p %{buildroot}/lib/dbus-1/system-services + +for i in %{_sysconfdir}/dbus-1/session.d %{_sysconfdir}/dbus-1/system.d \ + %{_datadir}/dbus-1/interfaces %{_datadir}/dbus-1/services \ + %{_datadir}/dbus-1/system.d %{_datadir}/dbus-1/system-services; do + mkdir -p %{buildroot}$i +done + +install -d %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d +install -m 755 %{SOURCE3} %{buildroot}%{_sysconfdir}/ConsoleKit/run-session.d +mkdir -p %{buildroot}%{_localstatedir}/lib/dbus + +# don't ship executables in doc +chmod -x %{buildroot}%{_datadir}/doc/dbus/examples/GetAllMatchRules.py + +# Link the binaries that were in /bin back to /bin for compat (maybe remove for SLE-16) +# Currently required to make upower work together with systemd +mkdir -p %{buildroot}/bin + +ln -sf /%{_bindir}/dbus-cleanup-sockets %{buildroot}/bin/dbus-cleanup-sockets +ln -sf /%{_bindir}/dbus-daemon %{buildroot}/bin/dbus-daemon +ln -sf /%{_bindir}/dbus-monitor %{buildroot}/bin/dbus-monitor +ln -sf /%{_bindir}/dbus-send %{buildroot}/bin/dbus-send +ln -sf /%{_bindir}/dbus-test-tool %{buildroot}/bin/dbus-test-tool +ln -sf /%{_bindir}/dbus-update-activation-environment %{buildroot}/bin/dbus-update-activation-environment +ln -sf /%{_bindir}/dbus-uuidgen %{buildroot}/bin/dbus-uuidgen + +mkdir -p %{buildroot}%{_sysconfdir}/alternatives +ln -s -f %{_sysconfdir}/alternatives/dbus-launch %{buildroot}%{_bindir}/dbus-launch + +find %{buildroot} -type f -name "*.la" -delete -print + +%verifyscript -n dbus-1 +%verify_permissions -e %{_libexecdir}/dbus-1/dbus-daemon-launch-helper + +%post -n %{_libname} -p /sbin/ldconfig +%postun -n %{_libname} -p /sbin/ldconfig +%pre +getent group messagebus >/dev/null || \ + %{_sbindir}/groupadd -r messagebus +%if 0%{?suse_version} <= 1315 && !0%{?is_opensuse} +getent passwd messagebus >/dev/null || \ + %{_sbindir}/useradd -r -s /usr/bin/false -c "User for D-Bus" -d %{_localstatedir}/run/dbus -g messagebus messagebus +%else +getent passwd messagebus >/dev/null || \ + %{_sbindir}/useradd -r -s /usr/bin/false -c "User for D-Bus" -d /run/dbus -g messagebus messagebus +%endif +%service_add_pre dbus.service dbus.socket + +%post +if [ -e %{_localstatedir}/lib/dbus/machine-id -a -e %{_sysconfdir}/machine-id ]; then + cmp -s %{_localstatedir}/lib/dbus/machine-id %{_sysconfdir}/machine-id > /dev/null + if [ $? ]; then + rm -f %{_localstatedir}/lib/dbus/machine-id + fi +fi +if [ ! -L %{_localstatedir}/lib/dbus/machine-id ]; then + mkdir -p %{_localstatedir}/lib/dbus/ + ln -s %{_sysconfdir}/machine-id %{_localstatedir}/lib/dbus/machine-id +fi + +/sbin/ldconfig +%set_permissions %{_libexecdir}/dbus-1/dbus-daemon-launch-helper +%{_sbindir}/update-alternatives --install %{_bindir}/dbus-launch dbus-launch %{_bindir}/dbus-launch.nox11 10 +%service_add_post dbus.service dbus.socket +%tmpfiles_create %_tmpfilesdir/dbus.conf + +%preun +if [ "$1" = 0 ] ; then + %{_sbindir}/update-alternatives --remove dbus-launch %{_bindir}/dbus-launch.nox11 +fi +%service_del_preun dbus.service dbus.socket + +%postun +# immediately restarting the dbus service causes issues, As such wait for the next reboot to restart +export DISABLE_RESTART_ON_UPDATE=yes +%service_del_postun dbus.service dbus.socket + +%posttrans +# See comments in pre +if [ -s "%{_backup}" ]; then + mv -f %{_backup} /etc/sysconfig/services +elif [ -e "%{_backup}" ]; then + rm -f /etc/sysconfig/services +fi + +%files +%defattr(-, root, root) +%dir %{_localstatedir}/lib/dbus +%dir /lib/dbus-1 +%dir /lib/dbus-1/system-services +%dir %{_libexecdir}/dbus-1/ +%license COPYING +%doc AUTHORS HACKING NEWS README +%config(noreplace) %{_sysconfdir}/dbus-1/session.conf +%config(noreplace) %{_sysconfdir}/dbus-1/system.conf +%{_datadir}/dbus-1/session.conf +%{_datadir}/dbus-1/system.conf +%{_sysconfdir}/ConsoleKit +%{_bindir}/dbus-cleanup-sockets +%{_bindir}/dbus-daemon +%{_bindir}/dbus-monitor +%{_bindir}/dbus-run-session +%{_bindir}/dbus-send +%{_bindir}/dbus-test-tool +%{_bindir}/dbus-update-activation-environment +%{_bindir}/dbus-uuidgen +/bin/dbus-cleanup-sockets +/bin/dbus-daemon +/bin/dbus-monitor +/bin/dbus-send +/bin/dbus-test-tool +/bin/dbus-update-activation-environment +/bin/dbus-uuidgen +%{_mandir}/man1/dbus-cleanup-sockets.1* +%{_mandir}/man1/dbus-daemon.1* +%{_mandir}/man1/dbus-monitor.1* +%{_mandir}/man1/dbus-run-session.1* +%{_mandir}/man1/dbus-send.1* +%{_mandir}/man1/dbus-test-tool.1* +%{_mandir}/man1/dbus-update-activation-environment.1* +%{_mandir}/man1/dbus-uuidgen.1* +%{_mandir}/man1/dbus-launch.1* +%{_sbindir}/rcdbus +# See doc/system-activation.txt in source tarball for the rationale +# behind these permissions +%attr(4750,root,messagebus) %verify(not mode) %{_libexecdir}/dbus-1/dbus-daemon-launch-helper +%if 0%{?suse_version} <= 1315 && !0%{?is_opensuse} +%ghost %{_localstatedir}/run/dbus +%else +%ghost /run/dbus +%endif +%ghost %{_localstatedir}/lib/dbus/machine-id +%{_libexecdir}/sysusers.d/dbus.conf +%{_libexecdir}/tmpfiles.d/dbus.conf +%{_unitdir}/dbus.service +%{_unitdir}/dbus.socket +# %dir %{_unitdir}/dbus.target.wants +# %{_unitdir}/dbus.target.wants/dbus.socket +%dir %{_unitdir}/multi-user.target.wants +%{_unitdir}/multi-user.target.wants/dbus.service +%dir %{_unitdir}/sockets.target.wants +%{_unitdir}/sockets.target.wants/dbus.socket +%{_userunitdir}/dbus.service +%{_userunitdir}/dbus.socket +%dir %{_userunitdir}/sockets.target.wants +%{_userunitdir}/sockets.target.wants/dbus.socket +%ghost %{_sysconfdir}/alternatives/dbus-launch +%{_bindir}/dbus-launch.nox11 +%{_bindir}/dbus-launch + +%files -n %{_libname} +%defattr(-, root, root) +%{_libdir}/libdbus-1.so.* +# Own those directories in the library instead of dbus-1, since dbus users +# often ship files there +%dir %{_sysconfdir}/dbus-1 +%dir %{_sysconfdir}/dbus-1/session.d +%dir %{_sysconfdir}/dbus-1/system.d +%dir %{_datadir}/dbus-1 +%dir %{_datadir}/dbus-1/interfaces +%dir %{_datadir}/dbus-1/services +%dir %{_datadir}/dbus-1/system.d +%dir %{_datadir}/dbus-1/system-services + +%files devel +%defattr(-,root,root) +%{_includedir}/* +%{_libdir}/libdbus-1.so +%dir %{_libdir}/dbus-1.0 +%{_libdir}/dbus-1.0/include +%{_libdir}/pkgconfig/dbus-1.pc +%{_libdir}/cmake/ +%{_datadir}/xml/dbus-1 + +%files devel-doc +%defattr(-,root,root) +%dir %{_datadir}/doc/dbus +%dir %{_datadir}/doc/dbus/examples +%{_datadir}/doc/dbus/api/ +%doc %{_datadir}/doc/dbus/dbus-faq.html +%doc %{_datadir}/doc/dbus/dbus-specification.html +%doc %{_datadir}/doc/dbus/dbus-test-plan.html +%doc %{_datadir}/doc/dbus/dbus-tutorial.html +%doc %{_datadir}/doc/dbus/diagram.* +%doc %{_datadir}/doc/dbus/system-activation.txt +%doc %{_datadir}/doc/dbus/dbus-cleanup-sockets.1.html +%doc %{_datadir}/doc/dbus/dbus-daemon.1.html +%doc %{_datadir}/doc/dbus/dbus-launch.1.html +%doc %{_datadir}/doc/dbus/dbus-run-session.1.html +%doc %{_datadir}/doc/dbus/dbus-monitor.1.html +%doc %{_datadir}/doc/dbus/dbus-send.1.html +%doc %{_datadir}/doc/dbus/dbus-uuidgen.1.html +%doc %{_datadir}/doc/dbus/dbus.devhelp +%doc %{_datadir}/doc/dbus/dbus-test-tool.1.html +%doc %{_datadir}/doc/dbus/dbus-update-activation-environment.1.html +%doc %{_datadir}/doc/dbus/examples/GetAllMatchRules.py +%doc %{_datadir}/doc/dbus/examples/example-session-disable-stats.conf +%doc %{_datadir}/doc/dbus/examples/example-system-enable-stats.conf +%doc doc/*.txt doc/file-boilerplate.c doc/TODO +%{_datadir}/susehelp + +%changelog diff --git a/dbus_at_console.ck b/dbus_at_console.ck new file mode 100644 index 0000000..411eb6d --- /dev/null +++ b/dbus_at_console.ck @@ -0,0 +1,27 @@ +#!/bin/bash +# +# use consolekit to support legacy at_console setting +# +reason="$1" + +dir=/var/run/dbus/at_console + +# for at_console we are only interested in local sessions +test "$CK_SESSION_IS_LOCAL" = true || exit 0 +test "$reason" = "session_added" -o "$reason" = "session_removed" || exit 0 + +sessid=${CK_SESSION_ID##*/} +sessid=${sessid//[^A-Za-z0-9]/_} +test -n "$sessid" || exit 1 + +name=`getent passwd "$CK_SESSION_USER_UID" 2>/dev/null | awk -F: '{print $1}'` + +test -n "$name" || exit 1 + +if test "$reason" = "session_added"; then + mkdir -p "$dir/$name" + touch "$dir/$name/$sessid" +else + rm "$dir/$name/$sessid" + rmdir "$dir/$name" +fi diff --git a/feature-suse-do-autolaunch.patch b/feature-suse-do-autolaunch.patch new file mode 100644 index 0000000..de2284a --- /dev/null +++ b/feature-suse-do-autolaunch.patch @@ -0,0 +1,26 @@ +From: Stephan Kulow + +We want x11 autolaunch even if we have no x11 in the build environment + +Index: dbus-1.12.2/dbus/dbus-sysdeps-unix.c +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-sysdeps-unix.c ++++ dbus-1.12.2/dbus/dbus-sysdeps-unix.c +@@ -3552,7 +3552,7 @@ _dbus_get_tmpdir(void) + return tmpdir; + } + +-#if defined(DBUS_ENABLE_X11_AUTOLAUNCH) || defined(DBUS_ENABLE_LAUNCHD) ++#if 1 + /** + * Execute a subprocess, returning up to 1024 bytes of output + * into @p result. +@@ -3787,7 +3787,7 @@ _dbus_get_autolaunch_address (const char + DBusString *address, + DBusError *error) + { +-#ifdef DBUS_ENABLE_X11_AUTOLAUNCH ++#if 1 + static const char arg_dbus_launch[] = "dbus-launch"; + static const char arg_autolaunch[] = "--autolaunch"; + static const char arg_binary_syntax[] = "--binary-syntax"; diff --git a/feature-suse-log-deny.patch b/feature-suse-log-deny.patch new file mode 100644 index 0000000..1ee1755 --- /dev/null +++ b/feature-suse-log-deny.patch @@ -0,0 +1,11 @@ +--- a/bus/system.conf.in ++++ b/bus/system.conf.in +@@ -48,7 +48,7 @@ + + +- ++ + + diff --git a/feature-suse-refuse-manual-start-stop.patch b/feature-suse-refuse-manual-start-stop.patch new file mode 100644 index 0000000..21e3412 --- /dev/null +++ b/feature-suse-refuse-manual-start-stop.patch @@ -0,0 +1,13 @@ +Index: dbus-1.12.2/bus/dbus.service.in +=================================================================== +--- dbus-1.12.2.orig/bus/dbus.service.in ++++ dbus-1.12.2/bus/dbus.service.in +@@ -2,6 +2,8 @@ + Description=D-Bus System Message Bus + Documentation=man:dbus-daemon(1) + Requires=dbus.socket ++RefuseManualStart=true ++RefuseManualStop=true + + [Service] + ExecStart=@EXPANDED_BINDIR@/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only diff --git a/fix-CVE-2019-12749.patch b/fix-CVE-2019-12749.patch new file mode 100644 index 0000000..b8c61d1 --- /dev/null +++ b/fix-CVE-2019-12749.patch @@ -0,0 +1,116 @@ +From 47b1a4c41004bf494b87370987b222c934b19016 Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Thu, 30 May 2019 12:53:03 +0100 +Subject: [PATCH] auth: Reject DBUS_COOKIE_SHA1 for users other than the server + owner + +The DBUS_COOKIE_SHA1 authentication mechanism aims to prove ownership +of a shared home directory by having the server write a secret "cookie" +into a .dbus-keyrings subdirectory of the desired identity's home +directory with 0700 permissions, and having the client prove that it can +read the cookie. This never actually worked for non-malicious clients in +the case where server uid != client uid (unless the server and client +both have privileges, such as Linux CAP_DAC_OVERRIDE or traditional +Unix uid 0) because an unprivileged server would fail to write out the +cookie, and an unprivileged client would be unable to read the resulting +file owned by the server. + +Additionally, since dbus 1.7.10 we have checked that ~/.dbus-keyrings +is owned by the uid of the server (a side-effect of a check added to +harden our use of XDG_RUNTIME_DIR), further ruling out successful use +by a non-malicious client with a uid differing from the server's. + +Joe Vennix of Apple Information Security discovered that the +implementation of DBUS_COOKIE_SHA1 was susceptible to a symbolic link +attack: a malicious client with write access to its own home directory +could manipulate a ~/.dbus-keyrings symlink to cause the DBusServer to +read and write in unintended locations. In the worst case this could +result in the DBusServer reusing a cookie that is known to the +malicious client, and treating that cookie as evidence that a subsequent +client connection came from an attacker-chosen uid, allowing +authentication bypass. + +This is mitigated by the fact that by default, the well-known system +dbus-daemon (since 2003) and the well-known session dbus-daemon (in +stable releases since dbus 1.10.0 in 2015) only accept the EXTERNAL +authentication mechanism, and as a result will reject DBUS_COOKIE_SHA1 +at an early stage, before manipulating cookies. As a result, this +vulnerability only applies to: + +* system or session dbus-daemons with non-standard configuration +* third-party dbus-daemon invocations such as at-spi2-core (although + in practice at-spi2-core also only accepts EXTERNAL by default) +* third-party uses of DBusServer such as the one in Upstart + +Avoiding symlink attacks in a portable way is difficult, because APIs +like openat() and Linux /proc/self/fd are not universally available. +However, because DBUS_COOKIE_SHA1 already doesn't work in practice for +a non-matching uid, we can solve this vulnerability in an easier way +without regressions, by rejecting it early (before looking at +~/.dbus-keyrings) whenever the requested identity doesn't match the +identity of the process hosting the DBusServer. + +Signed-off-by: Simon McVittie +Closes: https://gitlab.freedesktop.org/dbus/dbus/issues/269 +Closes: CVE-2019-12749 +--- + dbus/dbus-auth.c | 32 ++++++++++++++++++++++++++++++++ + 1 file changed, 32 insertions(+) + +Index: dbus-1.12.2/dbus/dbus-auth.c +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-auth.c ++++ dbus-1.12.2/dbus/dbus-auth.c +@@ -529,6 +529,7 @@ sha1_handle_first_client_response (DBusA + DBusString tmp2; + dbus_bool_t retval = FALSE; + DBusError error = DBUS_ERROR_INIT; ++ DBusCredentials *myself = NULL; + + _dbus_string_set_length (&auth->challenge, 0); + +@@ -565,6 +566,34 @@ sha1_handle_first_client_response (DBusA + return FALSE; + } + ++ myself = _dbus_credentials_new_from_current_process (); ++ ++ if (myself == NULL) ++ goto out; ++ ++ if (!_dbus_credentials_same_user (myself, auth->desired_identity)) ++ { ++ /* ++ * DBUS_COOKIE_SHA1 is not suitable for authenticating that the ++ * client is anyone other than the user owning the process ++ * containing the DBusServer: we probably aren't allowed to write ++ * to other users' home directories. Even if we can (for example ++ * uid 0 on traditional Unix or CAP_DAC_OVERRIDE on Linux), we ++ * must not, because the other user controls their home directory, ++ * and could carry out symlink attacks to make us read from or ++ * write to unintended locations. It's difficult to avoid symlink ++ * attacks in a portable way, so we just don't try. This isn't a ++ * regression, because DBUS_COOKIE_SHA1 never worked for other ++ * users anyway. ++ */ ++ _dbus_verbose ("%s: client tried to authenticate as \"%s\", " ++ "but that doesn't match this process", ++ DBUS_AUTH_NAME (auth), ++ _dbus_string_get_const_data (data)); ++ retval = send_rejected (auth); ++ goto out; ++ } ++ + /* we cache the keyring for speed, so here we drop it if it's the + * wrong one. FIXME caching the keyring here is useless since we use + * a different DBusAuth for every connection. +@@ -679,6 +708,9 @@ sha1_handle_first_client_response (DBusA + _dbus_string_zero (&tmp2); + _dbus_string_free (&tmp2); + ++ if (myself != NULL) ++ _dbus_credentials_unref (myself); ++ + return retval; + } + diff --git a/fix-upstream-CVE-2020-12049.patch b/fix-upstream-CVE-2020-12049.patch new file mode 100644 index 0000000..fabda7e --- /dev/null +++ b/fix-upstream-CVE-2020-12049.patch @@ -0,0 +1,60 @@ +commit 8bc1381819e5a845331650bfa28dacf6d2ac1748 +Author: Simon McVittie +Date: Thu Apr 16 14:41:48 2020 +0100 + + fdpass test: Assert that we don't leak file descriptors + + This version is for the dbus-1.12 branch, and doesn't rely on dbus!153 + or dbus!120. + + Reproduces: dbus#294 + Reproduces: CVE-2020-12049 + Reproduces: GHSL-2020-057 + Signed-off-by: Simon McVittie + +Index: dbus-1.12.2/test/fdpass.c +=================================================================== +--- dbus-1.12.2.orig/test/fdpass.c ++++ dbus-1.12.2/test/fdpass.c +@@ -50,6 +50,14 @@ + + #include "test-utils-glib.h" + ++#ifdef DBUS_ENABLE_EMBEDDED_TESTS ++#include ++#else ++typedef struct _DBusInitialFDs DBusInitialFDs; ++#define _dbus_check_fdleaks_enter() NULL ++#define _dbus_check_fdleaks_leave(fds) do {} while (0) ++#endif ++ + /* Arbitrary; included here to avoid relying on the default */ + #define MAX_MESSAGE_UNIX_FDS 20 + /* This test won't work on Linux unless this is true. */ +@@ -91,6 +99,7 @@ typedef struct { + GQueue messages; + + int fd_before; ++ DBusInitialFDs *initial_fds; + } Fixture; + + static void oom (const gchar *doing) G_GNUC_NORETURN; +@@ -172,6 +181,8 @@ test_connect (Fixture *f, + { + char *address; + ++ f->initial_fds = _dbus_check_fdleaks_enter (); ++ + g_assert (f->left_server_conn == NULL); + g_assert (f->right_server_conn == NULL); + +@@ -837,6 +848,9 @@ teardown (Fixture *f, + if (f->fd_before >= 0 && close (f->fd_before) < 0) + g_error ("%s", g_strerror (errno)); + #endif ++ ++ if (f->initial_fds != NULL) ++ _dbus_check_fdleaks_leave (f->initial_fds); + } + + int diff --git a/fix-upstream-CVE-2020-12049_2.patch b/fix-upstream-CVE-2020-12049_2.patch new file mode 100644 index 0000000..f4af252 --- /dev/null +++ b/fix-upstream-CVE-2020-12049_2.patch @@ -0,0 +1,69 @@ +commit 272d484283883fa9ff95b69d924fff6cd34842f5 +Author: Simon McVittie +Date: Thu Apr 16 14:45:11 2020 +0100 + + sysdeps-unix: On MSG_CTRUNC, close the fds we did receive + + MSG_CTRUNC indicates that we have received fewer fds that we should + have done because the buffer was too small, but we were treating it + as though it indicated that we received *no* fds. If we received any, + we still have to make sure we close them, otherwise they will be leaked. + + On the system bus, if an attacker can induce us to leak fds in this + way, that's a local denial of service via resource exhaustion. + + Reported-by: Kevin Backhouse, GitHub Security Lab + Fixes: dbus#294 + Fixes: CVE-2020-12049 + Fixes: GHSL-2020-057 + +diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c +index e8cd5b33..f9dc2a6e 100644 +--- a/dbus/dbus-sysdeps-unix.c ++++ b/dbus/dbus-sysdeps-unix.c +@@ -435,18 +435,6 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd, + struct cmsghdr *cm; + dbus_bool_t found = FALSE; + +- if (m.msg_flags & MSG_CTRUNC) +- { +- /* Hmm, apparently the control data was truncated. The bad +- thing is that we might have completely lost a couple of fds +- without chance to recover them. Hence let's treat this as a +- serious error. */ +- +- errno = ENOSPC; +- _dbus_string_set_length (buffer, start); +- return -1; +- } +- + for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm)) + if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS) + { +@@ -501,6 +489,26 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd, + if (!found) + *n_fds = 0; + ++ if (m.msg_flags & MSG_CTRUNC) ++ { ++ unsigned int i; ++ ++ /* Hmm, apparently the control data was truncated. The bad ++ thing is that we might have completely lost a couple of fds ++ without chance to recover them. Hence let's treat this as a ++ serious error. */ ++ ++ /* We still need to close whatever fds we *did* receive, ++ * otherwise they'll never get closed. (CVE-2020-12049) */ ++ for (i = 0; i < *n_fds; i++) ++ close (fds[i]); ++ ++ *n_fds = 0; ++ errno = ENOSPC; ++ _dbus_string_set_length (buffer, start); ++ return -1; ++ } ++ + /* put length back (doesn't actually realloc) */ + _dbus_string_set_length (buffer, start + bytes_read); + diff --git a/fix-upstream-CVE-2020-35512.patch b/fix-upstream-CVE-2020-35512.patch new file mode 100644 index 0000000..ea45702 --- /dev/null +++ b/fix-upstream-CVE-2020-35512.patch @@ -0,0 +1,322 @@ +commit 2b7948ef907669e844b52c4fa2268d6e3162a70c +Author: Simon McVittie +Date: Tue Jun 30 19:29:06 2020 +0100 + + userdb: Reference-count DBusUserInfo, DBusGroupInfo + + Previously, the hash table indexed by uid (or gid) took ownership of the + single reference to the heap-allocated struct, and the hash table + indexed by username (or group name) had a borrowed pointer to the same + struct that exists in the other hash table. + + However, this can break down if you have two or more distinct usernames + that share a numeric identifier. This is generally a bad idea, because + the user-space model in such situations does not match the kernel-space + reality, and in particular there is no effective kernel-level security + boundary between such users, but it is sometimes done anyway. + + In this case, when the second username is looked up in the userdb, it + overwrites (replaces) the entry in the hash table that is indexed by + uid, freeing the DBusUserInfo. This results in both the key and the + value in the hash table that is indexed by username becoming dangling + pointers (use-after-free), leading to undefined behaviour, which is + certainly not what we want to see when doing access control. + + An equivalent situation can occur with groups, in the rare case where + a numeric group ID has two names (although I have not heard of this + being done in practice). + + Solve this by reference-counting the data structure. There are up to + three references in practice: one held temporarily while the lookup + function is populating and storing it, one held by the hash table that + is indexed by uid, and one held by the hash table that is indexed by + name. + + Closes: dbus#305 + Signed-off-by: Simon McVittie + +Index: dbus-1.12.2/dbus/dbus-sysdeps-unix.h +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-sysdeps-unix.h ++++ dbus-1.12.2/dbus/dbus-sysdeps-unix.h +@@ -105,6 +105,7 @@ typedef struct DBusGroupInfo DBusGroupIn + */ + struct DBusUserInfo + { ++ size_t refcount; /**< Reference count */ + dbus_uid_t uid; /**< UID */ + dbus_gid_t primary_gid; /**< GID */ + dbus_gid_t *group_ids; /**< Groups IDs, *including* above primary group */ +@@ -118,6 +119,7 @@ struct DBusUserInfo + */ + struct DBusGroupInfo + { ++ size_t refcount; /**< Reference count */ + dbus_gid_t gid; /**< GID */ + char *groupname; /**< Group name */ + }; +Index: dbus-1.12.2/dbus/dbus-userdb-util.c +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-userdb-util.c ++++ dbus-1.12.2/dbus/dbus-userdb-util.c +@@ -38,6 +38,15 @@ + * @{ + */ + ++static DBusGroupInfo * ++_dbus_group_info_ref (DBusGroupInfo *info) ++{ ++ _dbus_assert (info->refcount > 0); ++ _dbus_assert (info->refcount < SIZE_MAX); ++ info->refcount++; ++ return info; ++} ++ + /** + * Checks to see if the UID sent in is the console user + * +@@ -287,13 +296,14 @@ _dbus_user_database_lookup_group (DBusUs + dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); + return NULL; + } ++ info->refcount = 1; + + if (gid != DBUS_GID_UNSET) + { + if (!_dbus_group_info_fill_gid (info, gid, error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); +- _dbus_group_info_free_allocated (info); ++ _dbus_group_info_unref (info); + return NULL; + } + } +@@ -302,7 +312,7 @@ _dbus_user_database_lookup_group (DBusUs + if (!_dbus_group_info_fill (info, groupname, error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); +- _dbus_group_info_free_allocated (info); ++ _dbus_group_info_unref (info); + return NULL; + } + } +@@ -311,23 +321,35 @@ _dbus_user_database_lookup_group (DBusUs + gid = DBUS_GID_UNSET; + groupname = NULL; + +- if (!_dbus_hash_table_insert_uintptr (db->groups, info->gid, info)) ++ if (_dbus_hash_table_insert_uintptr (db->groups, info->gid, info)) ++ { ++ _dbus_group_info_ref (info); ++ } ++ else + { + dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); +- _dbus_group_info_free_allocated (info); ++ _dbus_group_info_unref (info); + return NULL; + } + + +- if (!_dbus_hash_table_insert_string (db->groups_by_name, +- info->groupname, +- info)) ++ if (_dbus_hash_table_insert_string (db->groups_by_name, ++ info->groupname, ++ info)) ++ { ++ _dbus_group_info_ref (info); ++ } ++ else + { + _dbus_hash_table_remove_uintptr (db->groups, info->gid); ++ _dbus_group_info_unref (info); + dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); + return NULL; + } +- ++ ++ /* Release the original reference */ ++ _dbus_group_info_unref (info); ++ + /* Return a borrowed reference to the DBusGroupInfo owned by the + * two hash tables */ + return info; +Index: dbus-1.12.2/dbus/dbus-userdb.c +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-userdb.c ++++ dbus-1.12.2/dbus/dbus-userdb.c +@@ -35,34 +35,57 @@ + * @{ + */ + ++static DBusUserInfo * ++_dbus_user_info_ref (DBusUserInfo *info) ++{ ++ _dbus_assert (info->refcount > 0); ++ _dbus_assert (info->refcount < SIZE_MAX); ++ info->refcount++; ++ return info; ++} ++ + /** +- * Frees the given #DBusUserInfo's members with _dbus_user_info_free() ++ * Decrements the reference count. If it reaches 0, ++ * frees the given #DBusUserInfo's members with _dbus_user_info_free() + * and also calls dbus_free() on the block itself + * + * @param info the info + */ + void +-_dbus_user_info_free_allocated (DBusUserInfo *info) ++_dbus_user_info_unref (DBusUserInfo *info) + { + if (info == NULL) /* hash table will pass NULL */ + return; + ++ _dbus_assert (info->refcount > 0); ++ _dbus_assert (info->refcount < SIZE_MAX); ++ ++ if (--info->refcount > 0) ++ return; ++ + _dbus_user_info_free (info); + dbus_free (info); + } + + /** +- * Frees the given #DBusGroupInfo's members with _dbus_group_info_free() ++ * Decrements the reference count. If it reaches 0, ++ * frees the given #DBusGroupInfo's members with _dbus_group_info_free() + * and also calls dbus_free() on the block itself + * + * @param info the info + */ + void +-_dbus_group_info_free_allocated (DBusGroupInfo *info) ++_dbus_group_info_unref (DBusGroupInfo *info) + { + if (info == NULL) /* hash table will pass NULL */ + return; + ++ _dbus_assert (info->refcount > 0); ++ _dbus_assert (info->refcount < SIZE_MAX); ++ ++ if (--info->refcount > 0) ++ return; ++ + _dbus_group_info_free (info); + dbus_free (info); + } +@@ -170,13 +193,14 @@ _dbus_user_database_lookup (DBusUserData + dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); + return NULL; + } ++ info->refcount = 1; + + if (uid != DBUS_UID_UNSET) + { + if (!_dbus_user_info_fill_uid (info, uid, error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); +- _dbus_user_info_free_allocated (info); ++ _dbus_user_info_unref (info); + return NULL; + } + } +@@ -185,7 +209,7 @@ _dbus_user_database_lookup (DBusUserData + if (!_dbus_user_info_fill (info, username, error)) + { + _DBUS_ASSERT_ERROR_IS_SET (error); +- _dbus_user_info_free_allocated (info); ++ _dbus_user_info_unref (info); + return NULL; + } + } +@@ -195,22 +219,33 @@ _dbus_user_database_lookup (DBusUserData + username = NULL; + + /* insert into hash */ +- if (!_dbus_hash_table_insert_uintptr (db->users, info->uid, info)) ++ if (_dbus_hash_table_insert_uintptr (db->users, info->uid, info)) ++ { ++ _dbus_user_info_ref (info); ++ } ++ else + { + dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); +- _dbus_user_info_free_allocated (info); ++ _dbus_user_info_unref (info); + return NULL; + } + +- if (!_dbus_hash_table_insert_string (db->users_by_name, +- info->username, +- info)) ++ if (_dbus_hash_table_insert_string (db->users_by_name, ++ info->username, ++ info)) ++ { ++ _dbus_user_info_ref (info); ++ } ++ else + { + _dbus_hash_table_remove_uintptr (db->users, info->uid); + dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL); ++ _dbus_user_info_unref (info); + return NULL; + } +- ++ ++ _dbus_user_info_unref (info); ++ + /* Return a borrowed pointer to the DBusUserInfo owned by the + * hash tables */ + return info; +@@ -570,24 +605,24 @@ _dbus_user_database_new (void) + db->refcount = 1; + + db->users = _dbus_hash_table_new (DBUS_HASH_UINTPTR, +- NULL, (DBusFreeFunction) _dbus_user_info_free_allocated); ++ NULL, (DBusFreeFunction) _dbus_user_info_unref); + + if (db->users == NULL) + goto failed; + + db->groups = _dbus_hash_table_new (DBUS_HASH_UINTPTR, +- NULL, (DBusFreeFunction) _dbus_group_info_free_allocated); ++ NULL, (DBusFreeFunction) _dbus_group_info_unref); + + if (db->groups == NULL) + goto failed; + + db->users_by_name = _dbus_hash_table_new (DBUS_HASH_STRING, +- NULL, NULL); ++ NULL, (DBusFreeFunction) _dbus_user_info_unref); + if (db->users_by_name == NULL) + goto failed; + + db->groups_by_name = _dbus_hash_table_new (DBUS_HASH_STRING, +- NULL, NULL); ++ NULL, (DBusFreeFunction) _dbus_group_info_unref); + if (db->groups_by_name == NULL) + goto failed; + +Index: dbus-1.12.2/dbus/dbus-userdb.h +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-userdb.h ++++ dbus-1.12.2/dbus/dbus-userdb.h +@@ -85,10 +85,10 @@ const DBusGroupInfo* _dbus_user_database + dbus_gid_t gid, + const DBusString *groupname, + DBusError *error); ++ ++void _dbus_user_info_unref (DBusUserInfo *info); + DBUS_PRIVATE_EXPORT +-void _dbus_user_info_free_allocated (DBusUserInfo *info); +-DBUS_PRIVATE_EXPORT +-void _dbus_group_info_free_allocated (DBusGroupInfo *info); ++void _dbus_group_info_unref (DBusGroupInfo *info); + #endif /* DBUS_USERDB_INCLUDES_PRIVATE */ + + DBUS_PRIVATE_EXPORT diff --git a/fix-upstream-CVE-2022-42010.patch b/fix-upstream-CVE-2022-42010.patch new file mode 100644 index 0000000..b8a86cd --- /dev/null +++ b/fix-upstream-CVE-2022-42010.patch @@ -0,0 +1,108 @@ +commit 9d07424e9011e3bbe535e83043d335f3093d2916 +Author: Simon McVittie +Date: Tue Sep 13 15:10:22 2022 +0100 + + dbus-marshal-validate: Check brackets in signature nest correctly + + In debug builds with assertions enabled, a signature with incorrectly + nested `()` and `{}`, for example `a{i(u}` or `(a{ii)}`, could result + in an assertion failure. + + In production builds without assertions enabled, a signature with + incorrectly nested `()` and `{}` could potentially result in a crash + or incorrect message parsing, although we do not have a concrete example + of either of these failure modes. + + Thanks: Evgeny Vereshchagin + Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/418 + Resolves: CVE-2022-42010 + Signed-off-by: Simon McVittie + +diff --git a/dbus/dbus-marshal-validate.c b/dbus/dbus-marshal-validate.c +index 4d492f3f..ae68414d 100644 +--- a/dbus/dbus-marshal-validate.c ++++ b/dbus/dbus-marshal-validate.c +@@ -62,6 +62,8 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, + + int element_count; + DBusList *element_count_stack; ++ char opened_brackets[DBUS_MAXIMUM_TYPE_RECURSION_DEPTH * 2 + 1] = { '\0' }; ++ char last_bracket; + + result = DBUS_VALID; + element_count_stack = NULL; +@@ -93,6 +95,10 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, + + while (p != end) + { ++ _dbus_assert (struct_depth + dict_entry_depth >= 0); ++ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); ++ _dbus_assert (opened_brackets[struct_depth + dict_entry_depth] == '\0'); ++ + switch (*p) + { + case DBUS_TYPE_BYTE: +@@ -136,6 +142,10 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, + goto out; + } + ++ _dbus_assert (struct_depth + dict_entry_depth >= 1); ++ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); ++ _dbus_assert (opened_brackets[struct_depth + dict_entry_depth - 1] == '\0'); ++ opened_brackets[struct_depth + dict_entry_depth - 1] = DBUS_STRUCT_BEGIN_CHAR; + break; + + case DBUS_STRUCT_END_CHAR: +@@ -151,9 +161,20 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, + goto out; + } + ++ _dbus_assert (struct_depth + dict_entry_depth >= 1); ++ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); ++ last_bracket = opened_brackets[struct_depth + dict_entry_depth - 1]; ++ ++ if (last_bracket != DBUS_STRUCT_BEGIN_CHAR) ++ { ++ result = DBUS_INVALID_STRUCT_ENDED_BUT_NOT_STARTED; ++ goto out; ++ } ++ + _dbus_list_pop_last (&element_count_stack); + + struct_depth -= 1; ++ opened_brackets[struct_depth + dict_entry_depth] = '\0'; + break; + + case DBUS_DICT_ENTRY_BEGIN_CHAR: +@@ -178,6 +199,10 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, + goto out; + } + ++ _dbus_assert (struct_depth + dict_entry_depth >= 1); ++ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); ++ _dbus_assert (opened_brackets[struct_depth + dict_entry_depth - 1] == '\0'); ++ opened_brackets[struct_depth + dict_entry_depth - 1] = DBUS_DICT_ENTRY_BEGIN_CHAR; + break; + + case DBUS_DICT_ENTRY_END_CHAR: +@@ -186,8 +211,19 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, + result = DBUS_INVALID_DICT_ENTRY_ENDED_BUT_NOT_STARTED; + goto out; + } +- ++ ++ _dbus_assert (struct_depth + dict_entry_depth >= 1); ++ _dbus_assert (struct_depth + dict_entry_depth < _DBUS_N_ELEMENTS (opened_brackets)); ++ last_bracket = opened_brackets[struct_depth + dict_entry_depth - 1]; ++ ++ if (last_bracket != DBUS_DICT_ENTRY_BEGIN_CHAR) ++ { ++ result = DBUS_INVALID_DICT_ENTRY_ENDED_BUT_NOT_STARTED; ++ goto out; ++ } ++ + dict_entry_depth -= 1; ++ opened_brackets[struct_depth + dict_entry_depth] = '\0'; + + element_count = + _DBUS_POINTER_TO_INT (_dbus_list_pop_last (&element_count_stack)); diff --git a/fix-upstream-CVE-2022-42011.patch b/fix-upstream-CVE-2022-42011.patch new file mode 100644 index 0000000..778eaf2 --- /dev/null +++ b/fix-upstream-CVE-2022-42011.patch @@ -0,0 +1,49 @@ +commit 079bbf16186e87fb0157adf8951f19864bc2ed69 +Author: Simon McVittie +Date: Mon Sep 12 13:14:18 2022 +0100 + + dbus-marshal-validate: Validate length of arrays of fixed-length items + + This fast-path previously did not check that the array was made up + of an integer number of items. This could lead to assertion failures + and out-of-bounds accesses during subsequent message processing (which + assumes that the message has already been validated), particularly after + the addition of _dbus_header_remove_unknown_fields(), which makes it + more likely that dbus-daemon will apply non-trivial edits to messages. + + Thanks: Evgeny Vereshchagin + Fixes: e61f13cf "Bug 18064 - more efficient validation for fixed-size type arrays" + Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/413 + Resolves: CVE-2022-42011 + Signed-off-by: Simon McVittie + +Index: dbus-1.12.2/dbus/dbus-marshal-validate.c +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-marshal-validate.c ++++ dbus-1.12.2/dbus/dbus-marshal-validate.c +@@ -498,13 +498,24 @@ validate_body_helper (DBusTypeReader + */ + if (dbus_type_is_fixed (array_elem_type)) + { ++ /* Note that fixed-size types all have sizes equal to ++ * their alignments, so this is really the item size. */ ++ alignment = _dbus_type_get_alignment (array_elem_type); ++ _dbus_assert (alignment == 1 || alignment == 2 || ++ alignment == 4 || alignment == 8); ++ ++ /* Because the alignment is a power of 2, this is ++ * equivalent to: (claimed_len % alignment) != 0, ++ * but avoids slower integer division */ ++ if ((claimed_len & (alignment - 1)) != 0) ++ return DBUS_INVALID_ARRAY_LENGTH_INCORRECT; ++ + /* bools need to be handled differently, because they can + * have an invalid value + */ + if (array_elem_type == DBUS_TYPE_BOOLEAN) + { + dbus_uint32_t v; +- alignment = _dbus_type_get_alignment (array_elem_type); + + while (p < array_end) + { diff --git a/fix-upstream-CVE-2022-42012.patch b/fix-upstream-CVE-2022-42012.patch new file mode 100644 index 0000000..3bd23bf --- /dev/null +++ b/fix-upstream-CVE-2022-42012.patch @@ -0,0 +1,66 @@ +commit 236f16e444e88a984cf12b09225e0f8efa6c5b44 +Author: Simon McVittie +Date: Fri Sep 30 13:46:31 2022 +0100 + + dbus-marshal-byteswap: Byte-swap Unix fd indexes if needed + + When a D-Bus message includes attached file descriptors, the body of the + message contains unsigned 32-bit indexes pointing into an out-of-band + array of file descriptors. Some D-Bus APIs like GLib's GDBus refer to + these indexes as "handles" for the associated fds (not to be confused + with a Windows HANDLE, which is a kernel object). + + The assertion message removed by this commit is arguably correct up to + a point: fd-passing is only reasonable on a local machine, and no known + operating system allows processes of differing endianness even on a + multi-endian ARM or PowerPC CPU, so it makes little sense for the sender + to specify a byte-order that differs from the byte-order of the recipient. + + However, this doesn't account for the fact that a malicious sender + doesn't have to restrict itself to only doing things that make sense. + On a system with untrusted local users, a message sender could crash + the system dbus-daemon (a denial of service) by sending a message in + the opposite endianness that contains handles to file descriptors. + + Before this commit, if assertions are enabled, attempting to byteswap + a fd index would cleanly crash the message recipient with an assertion + failure. If assertions are disabled, attempting to byteswap a fd index + would silently do nothing without advancing the pointer p, causing the + message's type and the pointer into its contents to go out of sync, which + can result in a subsequent crash (the crash demonstrated by fuzzing was + a use-after-free, but other failure modes might be possible). + + In principle we could resolve this by rejecting wrong-endianness messages + from a local sender, but it's actually simpler and less code to treat + wrong-endianness messages as valid and byteswap them. + + Thanks: Evgeny Vereshchagin + Fixes: ba7daa60 "unix-fd: add basic marshalling code for unix fds" + Resolves: https://gitlab.freedesktop.org/dbus/dbus/-/issues/417 + Resolves: CVE-2022-42012 + Signed-off-by: Simon McVittie + +Index: dbus-1.12.2/dbus/dbus-marshal-byteswap.c +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-marshal-byteswap.c ++++ dbus-1.12.2/dbus/dbus-marshal-byteswap.c +@@ -61,6 +61,7 @@ byteswap_body_helper (DBusTypeReader + case DBUS_TYPE_BOOLEAN: + case DBUS_TYPE_INT32: + case DBUS_TYPE_UINT32: ++ case DBUS_TYPE_UNIX_FD: + { + p = _DBUS_ALIGN_ADDRESS (p, 4); + *((dbus_uint32_t*)p) = DBUS_UINT32_SWAP_LE_BE (*((dbus_uint32_t*)p)); +@@ -188,11 +189,6 @@ byteswap_body_helper (DBusTypeReader + } + break; + +- case DBUS_TYPE_UNIX_FD: +- /* fds can only be passed on a local machine, so byte order must always match */ +- _dbus_assert_not_reached("attempted to byteswap unix fds which makes no sense"); +- break; +- + default: + _dbus_assert_not_reached ("invalid typecode in supposedly-validated signature"); + break; diff --git a/fix-upstream-CVE-2023-34969.patch b/fix-upstream-CVE-2023-34969.patch new file mode 100644 index 0000000..07c7fb8 --- /dev/null +++ b/fix-upstream-CVE-2023-34969.patch @@ -0,0 +1,96 @@ +From 37a4dc5835731a1f7a81f1b67c45b8dfb556dd1c Mon Sep 17 00:00:00 2001 +From: hongjinghao +Date: Mon, 5 Jun 2023 18:17:06 +0100 +Subject: [PATCH] bus: Assign a serial number for messages from the driver + +Normally, it's enough to rely on a message being given a serial number +by the DBusConnection just before it is actually sent. However, in the +rare case where the policy blocks the driver from sending a message +(due to a deny rule or the outgoing message quota being full), we need +to get a valid serial number sooner, so that we can copy it into the +DBUS_HEADER_FIELD_REPLY_SERIAL field (which is mandatory) in the error +message sent to monitors. Otherwise, the dbus-daemon will crash with +an assertion failure if at least one Monitoring client is attached, +because zero is not a valid serial number to copy. + +This fixes a denial-of-service vulnerability: if a privileged user is +monitoring the well-known system bus using a Monitoring client like +dbus-monitor or `busctl monitor`, then an unprivileged user can cause +denial-of-service by triggering this crash. A mitigation for this +vulnerability is to avoid attaching Monitoring clients to the system +bus when they are not needed. If there are no Monitoring clients, then +the vulnerable code is not reached. + +Co-authored-by: Simon McVittie +Resolves: dbus/dbus#457 +(cherry picked from commit b159849e031000d1dbc1ab876b5fc78a3ce9b534) +--- + bus/connection.c | 15 +++++++++++++++ + dbus/dbus-connection-internal.h | 2 ++ + dbus/dbus-connection.c | 11 ++++++++++- + 3 files changed, 27 insertions(+), 1 deletion(-) + +diff --git a/bus/connection.c b/bus/connection.c +index b35834338..215f02307 100644 +--- a/bus/connection.c ++++ b/bus/connection.c +@@ -2350,6 +2350,21 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + if (!dbus_message_set_sender (message, DBUS_SERVICE_DBUS)) + return FALSE; + ++ /* Make sure the message has a non-zero serial number, otherwise ++ * bus_transaction_capture_error_reply() will not be able to mock up ++ * a corresponding reply for it. Normally this would be delayed until ++ * the first time we actually send the message out from a ++ * connection, when the transaction is committed, but that's too late ++ * in this case. ++ */ ++ if (dbus_message_get_serial (message) == 0) ++ { ++ dbus_uint32_t next_serial; ++ ++ next_serial = _dbus_connection_get_next_client_serial (connection); ++ dbus_message_set_serial (message, next_serial); ++ } ++ + if (bus_connection_is_active (connection)) + { + if (!dbus_message_set_destination (message, +diff --git a/dbus/dbus-connection-internal.h b/dbus/dbus-connection-internal.h +index 483573212..ba79b1928 100644 +--- a/dbus/dbus-connection-internal.h ++++ b/dbus/dbus-connection-internal.h +@@ -54,6 +54,8 @@ DBUS_PRIVATE_EXPORT + DBusConnection * _dbus_connection_ref_unlocked (DBusConnection *connection); + DBUS_PRIVATE_EXPORT + void _dbus_connection_unref_unlocked (DBusConnection *connection); ++DBUS_PRIVATE_EXPORT ++dbus_uint32_t _dbus_connection_get_next_client_serial (DBusConnection *connection); + void _dbus_connection_queue_received_message_link (DBusConnection *connection, + DBusList *link); + dbus_bool_t _dbus_connection_has_messages_to_send_unlocked (DBusConnection *connection); +diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c +index c525b6dc1..09cef2788 100644 +--- a/dbus/dbus-connection.c ++++ b/dbus/dbus-connection.c +@@ -1456,7 +1456,16 @@ _dbus_connection_unref_unlocked (DBusConnection *connection) + _dbus_connection_last_unref (connection); + } + +-static dbus_uint32_t ++/** ++ * Allocate and return the next non-zero serial number for outgoing messages. ++ * ++ * This method is only valid to call from single-threaded code, such as ++ * the dbus-daemon, or with the connection lock held. ++ * ++ * @param connection the connection ++ * @returns A suitable serial number for the next message to be sent on the connection. ++ */ ++dbus_uint32_t + _dbus_connection_get_next_client_serial (DBusConnection *connection) + { + dbus_uint32_t serial; +-- +GitLab + diff --git a/fix-upstream-userdb-constpointer.patch b/fix-upstream-userdb-constpointer.patch new file mode 100644 index 0000000..7e8502c --- /dev/null +++ b/fix-upstream-userdb-constpointer.patch @@ -0,0 +1,90 @@ +commit 6ee66ff7bcc91803111d950512f02651e664f74f +Author: Simon McVittie +Date: Tue Jun 30 19:13:17 2020 +0100 + + userdb: Make lookups return a const pointer + + This makes it more obvious that the returned pointer points to a + struct owned by the userdb, which must not be freed or have its + contents modified, and is only valid to dereference until the next + modification to the userdb's underlying hash tables (which in practice + means until the lock is released, because after that we have no + guarantees about what might be going on in another thread). + + Signed-off-by: Simon McVittie + +Index: dbus-1.12.2/dbus/dbus-userdb-util.c +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-userdb-util.c ++++ dbus-1.12.2/dbus/dbus-userdb-util.c +@@ -240,9 +240,9 @@ _dbus_get_user_id_and_primary_group (con + * @param gid the group ID or #DBUS_GID_UNSET + * @param groupname group name or #NULL + * @param error error to fill in +- * @returns the entry in the database ++ * @returns the entry in the database (borrowed, do not free) + */ +-DBusGroupInfo* ++const DBusGroupInfo * + _dbus_user_database_lookup_group (DBusUserDatabase *db, + dbus_gid_t gid, + const DBusString *groupname, +@@ -328,6 +328,8 @@ _dbus_user_database_lookup_group (DBusUs + return NULL; + } + ++ /* Return a borrowed reference to the DBusGroupInfo owned by the ++ * two hash tables */ + return info; + } + } +Index: dbus-1.12.2/dbus/dbus-userdb.c +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-userdb.c ++++ dbus-1.12.2/dbus/dbus-userdb.c +@@ -122,9 +122,9 @@ _dbus_is_a_number (const DBusString *str + * @param uid the user ID or #DBUS_UID_UNSET + * @param username username or #NULL + * @param error error to fill in +- * @returns the entry in the database ++ * @returns the entry in the database (borrowed, do not free) + */ +-DBusUserInfo* ++const DBusUserInfo * + _dbus_user_database_lookup (DBusUserDatabase *db, + dbus_uid_t uid, + const DBusString *username, +@@ -211,6 +211,8 @@ _dbus_user_database_lookup (DBusUserData + return NULL; + } + ++ /* Return a borrowed pointer to the DBusUserInfo owned by the ++ * hash tables */ + return info; + } + } +Index: dbus-1.12.2/dbus/dbus-userdb.h +=================================================================== +--- dbus-1.12.2.orig/dbus/dbus-userdb.h ++++ dbus-1.12.2/dbus/dbus-userdb.h +@@ -76,15 +76,15 @@ dbus_bool_t _dbus_user_database_ge + DBusError *error); + + DBUS_PRIVATE_EXPORT +-DBusUserInfo* _dbus_user_database_lookup (DBusUserDatabase *db, ++const DBusUserInfo *_dbus_user_database_lookup (DBusUserDatabase *db, + dbus_uid_t uid, + const DBusString *username, + DBusError *error); + DBUS_PRIVATE_EXPORT +-DBusGroupInfo* _dbus_user_database_lookup_group (DBusUserDatabase *db, +- dbus_gid_t gid, +- const DBusString *groupname, +- DBusError *error); ++const DBusGroupInfo* _dbus_user_database_lookup_group (DBusUserDatabase *db, ++ dbus_gid_t gid, ++ const DBusString *groupname, ++ DBusError *error); + DBUS_PRIVATE_EXPORT + void _dbus_user_info_free_allocated (DBusUserInfo *info); + DBUS_PRIVATE_EXPORT