-
dbus (1.2.24-4+squeeze2) stable; urgency=low
* CVE-2012-3524: apply patches from upstream 1.6.6 to avoid arbitrary
code execution in setuid/setgid binaries that incorrectly use libdbus
without first sanitizing the environment variables inherited from
their less-privileged caller (Closes: #689070).
- As per upstream 1.6.8, do not check filesystem capabilities for now,
only setuid/setgid, fixing regressions in certain configurations of
gnome-keyring
-- Simon McVittie <email address hidden> Thu, 04 Oct 2012 08:47:10 +0100
-
dbus (1.2.24-4+squeeze1) stable; urgency=low
* Update Vcs-* control fields to reflect the move to git * Apply patch to fix CVE-2011-2200 (fd.o #38120), which is a local DoS for system services (Closes: #629938) -- Simon McVittie <email address hidden> Tue, 14 Jun 2011 19:45:00 +0100
-
dbus (1.2.24-4) unstable; urgency=high
* debian/patches/12-CVE-2010-4352-reject-deeply-nested-variants.patch - Fixes CVE-2010-4352: sending messages with excessively-nested variants can crash the bus. The existing restriction to 64-levels of nesting previously only applied to the static type signature; now it also applies to dynamic nesting using variants. Patch cherry-picked from upstream Git. * Urgency high for the security fix. -- Michael Biebl <email address hidden> Tue, 21 Dec 2010 18:46:14 +0100
-
dbus (1.2.24-3) unstable; urgency=medium
* Add patch from upstream to fix segfaults when reloaded on kFreeBSD
(Closes: #589662)
* Work around FTBFS if dh-buildinfo is installed (Closes: #590594)
-- Simon McVittie <email address hidden> Tue, 27 Jul 2010 19:56:43 +0100
-
dbus (1.2.24-1) unstable; urgency=low
* New upstream release.
- Correctly get pointer data from DBusString when creating a syslog
message. (Closes: #574697)
* debian/dbus-Xsession
- Use new "has_option" function from x11-common instead of grepping the
option file, to avoid calling an external program. (Closes: #570480)
Thanks to Martin Pitt for the patch.
* debian/control
- Add Breaks: x11-common (<< 1:7.5+4) to dbus-x11 to ensure we have a
recent enough version with "has_option" support.
* debian/dbus.init
- Update LSB header: Remove runlevel 1 from Default-Stop and let killprocs
do the job for us.
* debian/rules
- Update DEB_DH_INSTALLINIT_ARGS accordingly.
* debian/dbus.postinst
- Remove old stop symlinks from runlevel 1 on upgrades.
-- Michael Biebl <email address hidden> Wed, 24 Mar 2010 02:04:20 +0100
-
dbus (1.2.20-2) unstable; urgency=low
* debian/patches/11_kfreebsd_kqueue_build_fix.patch
- Fix kqueue implementation on GNU/kFreeBSD. (Closes: #568338)
Thanks to Cyril Brulebois for the patch.
-- Michael Biebl <email address hidden> Wed, 03 Feb 2010 23:08:12 +0100
-
dbus (1.2.16-2) unstable; urgency=low
* Rebuild against debhelper (>= 7.2.23) that fixes a regression in
dh_install which did not correctly strip debian/tmp. (Closes: #537125)
* debian/patches/20_kbsd_cmsgcred.patch
- Fix incorrect usage of cmsgcred on kFreeBSD. Thanks to Aurelien Jarno
for the patch.
* debian/patches/30_rt-as-needed.patch
- Fix spurious build failures on alpha and ia64 when using -Wl,--as-needed
by changing the link order of libdbus-convenience.la and -lrt.
-- Michael Biebl <email address hidden> Thu, 16 Jul 2009 02:03:18 +0200
-
dbus (1.2.14-3) unstable; urgency=low
* debian/dbus.postinst
- Suppress output from adduser.
* debian/dbus.postrm
- Cleanup /var/lib/dbus on purge.
* debian/rules
- Compile dbus-daemon without -pie on mipsen. This is a workaround for a
toolchain bug on mipsen (#532821) which causes dbus-daemon to segfault.
(Closes: #528145)
-- Michael Biebl <email address hidden> Wed, 17 Jun 2009 21:03:57 +0200
-
dbus (1.2.12-1) unstable; urgency=low
[ Simon McVittie ]
* New upstream release
* Merge experimental into unstable
- Changes in packaging relative to experimental: add myself to
Uploaders, and suggest libdbus-1-dev instead of nonexistent dbus-1-dev
[ Michael Biebl ]
* Drop support for /etc/dbus-1/event.d. This interface has long been
deprecated and all affected Debian packages have been fixed for lenny.
If your (custom) service needs to be restarted on a dbus restart, add a
regular sysv init script and "Required-Start: dbus" to the LSB header.
* debian/control
- Drop ancient Conflicts/Replaces which are from pre-oldstable (sarge).
- Bump debhelper Build-Depends to (>= 7).
* debian/compat
- Bump to debhelper v7 compat mode.
* debian/copyright
- Update AFL license to version 2.1.
- Make it clear that dbus is released under version 2 of the GPL and refer
to the versioned GPL-2 file in /usr/share/common-licenses.
-- Michael Biebl <email address hidden> Mon, 16 Feb 2009 15:07:46 +0100