mirror of
https://gitlab.freedesktop.org/dbus/dbus.git
synced 2026-05-05 20:27:59 +02:00
Prepare version 1.13.12
Signed-off-by: Simon McVittie <smcv@collabora.com>
This commit is contained in:
Simon McVittie
parent
6231e7d75f
commit
df9dabe521
2 changed files with 27 additions and 4 deletions
27
NEWS
27
NEWS
|
|
@ -1,7 +1,30 @@
|
|||
dbus 1.13.12 (UNRELEASED)
|
||||
dbus 1.13.12 (2019-06-11)
|
||||
=========================
|
||||
|
||||
...
|
||||
The “patio squirrel” release.
|
||||
|
||||
Security fixes:
|
||||
|
||||
• CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1
|
||||
authentication for identities that differ from the user running the
|
||||
DBusServer. Previously, a local attacker could manipulate symbolic
|
||||
links in their own home directory to bypass authentication and connect
|
||||
to a DBusServer with elevated privileges. The standard system and
|
||||
session dbus-daemons in their default configuration were immune to this
|
||||
attack because they did not allow DBUS_COOKIE_SHA1, but third-party
|
||||
users of DBusServer such as Upstart could be vulnerable.
|
||||
Thanks to Joe Vennix of Apple Information Security.
|
||||
(dbus#269, Simon McVittie)
|
||||
|
||||
Enhancements:
|
||||
|
||||
• dbus-daemon <allow> and <deny> rules can now specify a
|
||||
send_destination_prefix attribute, which is like a combination of
|
||||
send_destination and the arg0namespace keyword in match rules: a rule
|
||||
with send_destination_prefix="com.example.Foo" matches messages sent to
|
||||
any destination that is in the queue to own well-known names like
|
||||
com.example.Foo or com.example.Foo.A.B (but not com.example.Foobar).
|
||||
(dbus!85, Adrian Szyndela)
|
||||
|
||||
dbus 1.13.10 (2019-05-13)
|
||||
=========================
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ AC_PREREQ([2.63])
|
|||
|
||||
m4_define([dbus_major_version], [1])
|
||||
m4_define([dbus_minor_version], [13])
|
||||
m4_define([dbus_micro_version], [11])
|
||||
m4_define([dbus_micro_version], [12])
|
||||
m4_define([dbus_version],
|
||||
[dbus_major_version.dbus_minor_version.dbus_micro_version])
|
||||
AC_INIT([dbus], [dbus_version], [https://gitlab.freedesktop.org/dbus/dbus/issues], [dbus])
|
||||
|
|
@ -42,7 +42,7 @@ LT_CURRENT=29
|
|||
|
||||
## increment any time the source changes; set to
|
||||
## 0 if you increment CURRENT
|
||||
LT_REVISION=0
|
||||
LT_REVISION=1
|
||||
|
||||
## increment if any interfaces have been added; set to 0
|
||||
## if any interfaces have been changed or removed. removal has
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue