Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: dbus-1-common | Distribution: SUSE Linux Framework One |
Version: 1.14.10 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: slfo.1.1.7 | Build date: Wed Aug 21 17:42:43 2024 |
Group: Unspecified | Build host: h01-ch2c |
Size: 11975 | Source RPM: dbus-1-1.14.10-slfo.1.1.7.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://dbus.freedesktop.org/ | |
Summary: D-BUS message bus configuration |
D-Bus is a message bus system, The dbus-common package provides the configuration and setup files for D-Bus implementations to provide a System and User Message Bus.
AFL-2.1 OR GPL-2.0-or-later
* Wed Sep 13 2023 dmueller@suse.com - update to 1.14.10: * Avoid a dbus-daemon crash if re-creating a connection's policy fails. If it isn't possible to re-create its policy (for example if it belongs to a user account that has been deleted or if the Name Service Switch is broken, on a system not supporting SO_PEERGROUPS), we now log a warning, continue to use its current policy, and continue to reload other connections' policies. * If getting the groups from a user ID fails, report the error correctly, instead of logging "(null)" * Return the primary group ID in GetConnectionCredentials()' UnixGroupIDs field for processes with a valid-but-empty supplementary group list * Mon Jun 12 2023 dmueller@suse.com - update to 1.14.8 (bsc#1212126, CVE-2023-34969): * Denial-of-service fixes: * Fix an assertion failure in dbus-daemon when a privileged Monitoring connection (dbus-monitor, busctl monitor, gdbus monitor or similar) is active, and a message from the bus driver cannot be delivered to a client connection due to <deny> rules or outgoing message quota. This is a denial of service if triggered maliciously by a local attacker. * Fix compilation on compilers not supporting __FUNCTION__ * Fix some memory leaks on out-of-memory conditions * Fix syntax of a code sample in dbus-api-design * Thu Feb 23 2023 gmbr3@opensuse.org - Move %tmpfiles_create to %post otherwise the file won't exist since it is now located in the correct package * Sun Feb 19 2023 gmbr3@opensuse.org - Packaging changes: * Move missed scriptlets and links for dbus.socket to common * Move sysusers and tmpfiles scriptlets, and ghost files to common * Move dbus-launch man page to correct package * Fri Feb 10 2023 dimstar@opensuse.org - Fix multibuild: do not mention main flavor in multibuild, as it is implicit built. * Thu Feb 09 2023 dmueller@suse.com - update to 1.14.6: * Fix an incorrect assertion that could be used to crash dbus-daemon or other users of DBusServer prior to authentication, if libdbus was compiled with assertions enabled. We recommend that production builds of dbus, for example in OS distributions, should be compiled with checks but without assertions. * When connected to a dbus-broker, stop dbus-monitor from incorrectly replying to Peer method calls that were sent to the dbus-broker with a NULL destination * Fix out-of-bounds varargs read in the dbus-daemon's config- parser. This is not attacker-triggerable and appears to be harmless in practice, but is technically undefined behaviour and is detected as such by AddressSanitizer. * Avoid a data race in multi-threaded use of DBusCounter * Fix a crash with some glibc versions when non-auditable SELinux events are logged (dbus!386, Jeremi Piotrowski) * If dbus_message_demarshal() runs out of memory while validating a message, report it as NoMemory rather than InvalidArgs (dbus#420, Simon McVittie) * Use C11 _Alignof if available, for better standards- compliance * Stop including an outdated copy of pkg.m4 in the git tree * Documentation: * Fix the test-apparmor-activation test after dbus#416 * Internal changes: * Fix CI builds with recent git versions (dbus#447, Simon McVittie) - switch to using multibuild * Wed Oct 26 2022 dmueller@suse.com - update to 1.14.4 (bsc#1204111, CVE-2022-42010, bsc#1204112, CVE-2022-42011, bsc#1204113, CVE-2022-42012): This is a security update for the dbus 1.14.x stable branch, fixing denial-of-service issues (CVE-2022-42010, -42011, -42012) and applying security hardening (dbus#416). Behaviour changes: * On Linux, dbus-daemon and other uses of DBusServer now create a path-based Unix socket, unix:path=..., when asked to listen on a unix:tmpdir=... address. This makes unix:tmpdir=... equivalent to unix:dir=... on all platforms. Previous versions would have created an abstract socket, unix:abstract=..., in this situation. This change primarily affects the well-known session bus when run via dbus-launch(1) or dbus-run-session(1). The user bus, enabled by configuring dbus with --enable-user-session and running it on a systemd system, already used path-based Unix sockets and is unaffected by this change. This behaviour change prevents a sandbox escape via the session bus socket in sandboxing frameworks that can share the network namespace with the host system, such as Flatpak. This change might cause a regression in situations where the abstract socket is intentionally shared between the host system and a chroot or container, such as some use-cases of schroot(1). That regression can be resolved by using a bind-mount to share either the D-Bus socket, or the whole /tmp directory, with the chroot or container. (dbus#416, Simon McVittie) * Denial of service fixes: - Evgeny Vereshchagin discovered several ways in which an authenticated local attacker could cause a crash (denial of service) in dbus-daemon --system or a custom DBusServer. In uncommon configurations these could potentially be carried out by an authenticated remote attacker. - An invalid array of fixed-length elements where the length of the array is not a multiple of the length of the element would cause an assertion failure in debug builds or an out-of-bounds read in production builds. This was a regression in version 1.3.0. (dbus#413, CVE-2022-42011; Simon McVittie) - A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical example. (dbus#418, CVE-2022-42010; Simon McVittie) - A message in non-native endianness with out-of-band Unix file descriptors would cause a use-after-free and possible memory corruption in production builds, or an assertion failure in debug builds. This was a regression in version 1.3.0. (dbus#417, CVE-2022-42012; Simon McVittie) - Preserve errno on failure to open /proc/self/oom_score_adj (dbus!285, Gentoo#834725; Mike Gilbert) - On Linux, don't log warnings if oom_score_adj is read-only but does not need to be changed (dbus!291, Simon McVittie) - Slightly improve error-handling for inotify (dbus!235, Simon McVittie) - Don't crash if dbus-daemon is asked to watch more than 128 directories for changes (dbus!302, Jan Tojnar) * Thu Oct 13 2022 dmueller@suse.com - Disable asserts (bsc#1087072) * Wed Jun 08 2022 dmueller@suse.com - version provides - add split provides - remove unused/obsolete pre_checkin.sh * Thu May 26 2022 sflees@suse.de - The great dbus package split of 22, in preperation for replacing dbus-daemon with dbus-broker currently there is no functional difference that will change later, this follows a similar setup to RedHat and Debian. * dbus-daemon is now in its own separate package * Create a dbus-1-common package with all the files and config that are shared between the dbus-daemon and dbus-broker implementations. * Create a dbus-1-tools package with the tools eventually we will likely want to move to only recommending this package Redhat and Debian have both already gone down this path. * Thu Mar 17 2022 fabian@ritter-vogt.de - Drop use of %{with libalternatives}, there's no such bcond defined and in many other places it's not optional anyway (boo#1197258) * Mon Mar 14 2022 dmueller@suse.com - set runstatedir correctly * Fri Mar 04 2022 bjorn.lie@gmail.com - Update to version 1.14.0: + Dependencies: - dbus now requires at least a basic level of support for C99 variadic macros, as implemented in gcc >= 3, all versions of Clang, and MSVC >= 2005. In practice this requirement has existed since version 1.9.2, but it is now official. - dbus now requires a C99-compatible va_copy() macro (or a __va_copy() macro with the same behaviour), except when building for Windows using MSVC and CMake. - On Unix platforms, if getpwnam_r() and getgrnam_r() are implemented, they must be POSIX-conformant. The non-POSIX signature seen in ancient Solaris versions will no longer work. - GLib >= 2.38 is required if full test coverage is enabled (reduced from 2.40 in dbus 1.12.x.) - Building using CMake now requires CMake 3.4. - Building documentation using CMake now requires xsltproc, Docbook DTDs (for example docbook-xml on Debian derivatives), and Docbook XSLT stylesheets (for example docbook-xsl on Debian derivatives). Using KDE's meinproc4 documentation processor is no longer supported. + Build-time configuration changes: Move CMake build system to top level, matching normal practice for CMake projects + Deprecations: - Third-party software should install default dbus policies for the system bus into ${datadir}/dbus-1/system.d (this has been supported since dbus 1.10, released in August 2015). Installing default dbus policies in ${sysconfdir}/dbus-1/system.d is now considered to be deprecated. Policy files in ${sysconfdir}/dbus-1/system.d continue to be read, but this directory should only be used by system administrators wishing to override the default policies. - The ${datadir} applicable to dbus is usually /usr/share and the ${sysconfdir} is usually /etc. - A similar pattern applies to the session bus policies in session.d. - The dbus-send(1) man page now documents --bus and --peer instead of the old --address synonym for --peer, which has been deprecated since the introduction of --bus and --peer in 1.7.6 - The dbus-daemon man page now has scarier warnings about <allow_anonymous/> and non-local TCP, which are insecure and should not be used, particularly for the standard system and session buses. - DBusServer (and hence the dbus-daemon) no longer accepts usernames (login names) for the recommended EXTERNAL authentication mechanism, only numeric user IDs or the empty string. See 1.13.0 release notes for full details. + New features: - On Linux 4.13 or later when built against a suitable glibc version, GetConnectionCredentials() now includes UnixGroupIDs, the effective group IDs of the initiator of the connection, taken from SO_PEERGROUPS. - On Linux 4.13 or later, <policy group="…"> now uses the SO_PEERGROUPS credentials-passing socket option to get the effective group IDs of the initiator of the connection. See 1.13.4 release notes for details. - Add a --sender option to dbus-send, which requests a name and holds it until the signal has been sent - dbus-daemon <allow> and <deny> rules can now specify a send_destination_prefix attribute, which is like a combination of send_destination and the arg0namespace keyword in match rules. See 1.13.12 release notes for more details. - The dbus-daemon now filters the messages that it relays, removing header fields that it does not understand. Clients must not rely on this behaviour unless they have confirmed that they are connected to a suitable message bus implementation, for example by querying its Features property. - The dbus-daemon now emits a signal, ActivatableServicesChanged, when the list of activatable services may have changed. Support for this signal can be discovered by querying the Features property. - It is now possible to disable traditional (non-systemd) service activation at build-time (Autotools: - -disable-traditional-activation, CMake: - DENABLE_TRADITIONAL_ACTIVATION=OFF). See 1.13.10 release notes for details. - The API reference manual can be built as a Qt compiled help file if qhelpgenerator(-qt5) is available. See 1.13.16 release notes for details. + Miscellaneous behaviour changes: - When using the "user bus" (--enable-user-session), put the dbus-daemon in the session slice - Several environment variables set by systemd are no longer passed on to activated services - If the dbus-daemon is compiled for Linux with systemd support, it now informs systemd that it is ready for use via the sd_notify() mechanism. - Tarball releases no longer contain pre-2007 changelogs and are now compressed with xz, making them around 35% smaller. - Drop conditionals for old obsolete versions of openSUSE. - Rebase patches with quilt. - Use https for source and sig URL. * Tue Mar 01 2022 bjorn.lie@gmail.com - Update to version 1.12.22: + On Linux, when using traditional (non-systemd) service activation, don't log warnings about failing to reset OOM score adjustment if the process is already more susceptible to the OOM killer, as user processes usually are with systemd ≥ 250. + On Linux, when using traditional (non-systemd) system bus activation, reset the OOM score adjustment to 0 as intended. If the system dbus-daemon is protected from the OOM killer, this avoids that protection unintentionally being inherited by every system service. + Avoid malloc() after fork on non-GNU libc. + Fix build with clang 13 by using Standard C offsetof where available. + Fix build of tests on FreeBSD. + Make documentation build more reproducible. + On Unix, make X11 autolaunch cope with slashes in DISPLAY. + Don't try to raise RLIMIT_NOFILE beyond OPEN_MAX on macOS. + Fix compilation if embedded tests are enabled but verbose mode and stats are both disabled. + On Linux, fix a race condition in the integration test for transient services. * Mon Nov 08 2021 gmbr3@opensuse.org - Add CONFIG parameter to %sysusers_generate_pre * Thu Sep 23 2021 schubi@suse.de - Added BuildRequires alts for libalternatives. * Thu Sep 16 2021 schubi@suse.de - Fixed spec file regarding removing old update-alternatives entries. * Wed Aug 04 2021 schubi@suse.de - Use libalternatives instead of update-alternatives. * Wed Apr 07 2021 dmueller@suse.com - avoid listing cmake directory - owned by cmake package * Fri Dec 04 2020 lnussel@suse.de - retire /lib/dbus-1/system-services as it's deprecated * Fri Oct 16 2020 lnussel@suse.de - prepare usrmerge (boo#1029961) * Fri Aug 21 2020 dcermak@suse.com - Require diffutils in post so that cmp is available * Thu Jul 16 2020 elimat@opensuse.org - Update to 1.12.20 * On Unix, avoid a use-after-free if two usernames have the same numeric uid. In older versions this could lead to a crash (denial of service) or other undefined behaviour, possibly including incorrect authorization decisions if <policy group=...> is used. Like Unix filesystems, D-Bus' model of identity cannot distinguish between users of different names with the same numeric uid, so this configuration is not advisable on systems where D-Bus will be used. Thanks to Daniel Onaca. (dbus#305, dbus!166; Simon McVittie) - From 1.12.18 * CVE-2020-12049: If a message contains more file descriptors than can be sent, close those that did get through before reporting error. Previously, a local attacker could cause the system dbus-daemon (or another system service with its own DBusServer) to run out of file descriptors, by repeatedly connecting to the server and sending fds that would get leaked. Thanks to Kevin Backhouse of GitHub Security Lab. (dbus#294, GHSL-2020-057; Simon McVittie) * Fix a crash when the dbus-daemon is terminated while one or more monitors are active (dbus#291, dbus!140; Simon McVittie) * The dbus-send(1) man page now documents --bus and --peer instead of the old --address synonym for --peer, which has been deprecated since the introduction of --bus and --peer in 1.7.6 (fd.o #48816, dbus!115; Chris Morin) * Fix a wrong environment variable name in dbus-daemon(1) (dbus#275, dbus!122; Mubin, Philip Withnall) * Fix formatting of dbus_message_append_args example (dbus!126, Felipe Franciosi) * Avoid a test failure on Linux when built in a container as uid 0, but without the necessary privileges to increase resource limits (dbus!58, Debian #908092; Simon McVittie) * When building with CMake, cope with libX11 in a non-standard location (dbus!129, Tuomo Rinne) - Run spec-cleaner * Sun Jan 19 2020 stefan.bruens@rwth-aachen.de - Move generation of API docs to a separate package, avoid doxygen dependency for building main package. - Build x11 and devel-doc (API doc) using _multibuild. * Sun Jan 19 2020 stefan.bruens@rwth-aachen.de - Drop no longer required call to autoreconf, remove obsolete BuildRequires for libtool and autoconf-archive. * Fri Jan 17 2020 kukuk@suse.com - Remove left overs from blocking restart on update from May 29th 2019 - Use sysusers.d to create messagebus user * Tue Dec 03 2019 sflees@suse.de - Verify signatures * dbus-1.keyring - Key for Simon McVittie (smcv) from the Debian developer keyring. - Drop dbus_at_console.ck not needed - Clean up sources * Source2 dbus-1.desktop now Source4 * baselib.conf now source 3 - Update to 1.12.16 * CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1 authentication for identities that differ from the user running the DBusServer. Previously, a local attacker could manipulate symbolic links in their own home directory to bypass authentication and connect to a DBusServer with elevated privileges. The standard system and session dbus-daemons in their default configuration were immune to this attack because they did not allow DBUS_COOKIE_SHA1, but third-party users of DBusServer such as Upstart could be vulnerable. Thanks to Joe Vennix of Apple Information Security. (bsc#1137832, dbus#269, Simon McVittie) - From 1.12.14 * Raise soft fd limit to match hard limit, even if unprivileged. This makes session buses with many clients, or with clients that make heavy use of fd-passing, less likely to suffer from fd exhaustion. (dbus!103, Simon McVittie) * If a privileged dbus-daemon has a hard fd limit greater than 64K, don't reduce it to 64K, ensuring that we can put back the original fd limits when carrying out traditional (non-systemd) activation. This fixes a regression with systemd >= 240 in which system services inherited dbus-daemon's hard and soft limit of 64K fds, instead of the intended soft limit of 1K and hard limit of 512K or 1M. (dbus!103, Debian#928877; Simon McVittie) * Fix build failures caused by an AX_CODE_COVERAGE API change in newer autoconf-archive versions (dbus#249, dbus!88; Simon McVittie) * Fix build failures with newer autoconf-archive versions that include AX_-prefixed shell variable names (dbus#249, dbus!86; Simon McVittie) * Parse section/group names in .service files according to the syntax from the Desktop Entry Specification, rejecting control characters and non-ASCII in section/group names (dbus#208, David King) * Fix various -Wlogical-op issues that cause build failure with newer gcc versions (dbus#225, dbus!109; David King) * Don't assume we can set permissions on a directory, for the benefit of MSYS and Cygwin builds (dbus#216, dbus!110; Simon McVittie) * Don't overwrite PKG_CONFIG_PATH and related environment variables when the pkg-config-based version of DBus1Config is used in a CMake project (dbus#267, dbus!96; Clemens Lang) - Drop now upstream Patches * dbus-no-ax-check.patch * dbus-new-autoconf-archive.patch * Wed Nov 20 2019 stefan.bruens@rwth-aachen.de - Fix two inconsistencies with _libexecdir, sysusers.d and tmpfiles.d are always in %{_prefix}/lib/. - Drop update-desktop-files BuildRequires, once added for mimetypes.prov which is no longer part of update-desktop-files, and dbus-1.desktop does not even handles a single mimetype. * Wed May 29 2019 sflees@suse.de - Replace DISABLE_RESTART_ON_UPDATE with %service_del_postun_without_restart - Remove version specific code to block all updates on restart as hopefully no tumbleweed versions still have code causing those issues (was only present for a few snapshots) * Wed Apr 24 2019 tchvatal@suse.com - Remove the Leap42 conditionals that cause file conflict with filesystem package * Fri Feb 22 2019 fbui@suse.com - Drop use of $FIRST_ARG in .spec The use of $FIRST_ARG was probably required because of the %service_* rpm macros were playing tricks with the shell positional parameters. This is bad practice and error prones so let's assume that no macros should do that anymore and hence it's safe to assume that positional parameters remains unchanged after any rpm macro call. * Wed Jan 30 2019 tchvatal@suse.com - Update to 1.12.12: * Reference the freedesktop.org Code of Conduct (Simon McVittie) * Stop the dbus-daemon leaking memory (an error message) if delivering the message that triggered auto-activation is forbidden. This is technically a denial of service because the dbus-daemon will run out of memory eventually, but it's a very slow and noisy one, because all the rejected messages are also very likely to have been logged to the system log, and its scope is typically limited by the finite number of activatable services available. (dbus#234, Simon McVittie) * Remove __attribute__((__malloc__)) attribute on dbus_realloc(), which does not meet the criteria for that attribute in gcc 4.7+, potentially leading to miscompilation (fd.o #107741, Simon McVittie) * Fix some small O(1) memory leaks (fd.o #107320, Simon McVittie) * Fix printf formats for pointer-sized integers on 64-bit Windows (fd.o #105662, Ralf Habacker) * Always use select()-based poll() emulation on Darwin-based OSs (macOS, etc.) and on Interix, similar to what libcurl does (dbus#232, dbus!19; Simon McVittie) * Extend a test timeout to avoid spurious failures in CI (dbus!26, Simon McVittie) * Wed Jan 30 2019 tchvatal@suse.com - Add patch to build with new autoconf-archive, there is now bash variable AX_BLA that gets detected and autoreconf aborts; thus rather just disable the pointless check: * dbus-no-ax-check.patch - Add patch to fix codecoverage m4 macro changes in autoconf-archive: * dbus-new-autoconf-archive.patch * Tue Jan 15 2019 alarrosa@suse.com - Make libdbus-1-3 own the %{_datadir}/dbus-1/system.d directory * Mon Jan 14 2019 kukuk@suse.de - Use %license instead of %doc [bsc#1082318] * Wed Dec 19 2018 jengelh@inai.de - Avoid bashisms in scriptlets. * Tue Nov 20 2018 eich@suse.com - Avoid ugly error message from %pre(install) script when installing for the first time. * Wed Aug 22 2018 sflees@suse.de - Update to 1.12.10 * Changelog for 1.12.10 * Prevent reading up to 3 bytes beyond the end of a truncated message. This could in principle be an information leak or denial of service on the system bus, but is not believed to be exploitable to crash the system bus or leak interesting information in practice. (fd.o #107332, Simon McVittie) * Fix build with gcc 8 -Werror=cast-function-type (fd.o #107349, Simon McVittie) * Fix warning from gcc 8 about suspicious use of strncpy() when populating struct sockaddr_un (fd.o #107350, Simon McVittie) * Fix a minor memory leak when a DBusServer listens on a new address (fd.o #107194, Simon McVittie) * Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer runs out of memory (fd.o #107194, Simon McVittie) * Don't use misleading errno-derived error names if getaddrinfo() or getnameinfo() fails with a code other than EAI_SYSTEM (fd.o #106395, Simon McVittie) * Skip tests that require working TCP if we are in a container environment where 127.0.0.1 cannot be resolved (fd.o #106812, Simon McVittie) * Changelog for 1.12.8 * The Devhelp documentation index is now in version 2 format (fd.o #106186, Simon McVittie) * Give the dbus-daemon man page some scarier warnings about <allow_anonymous/> and non-local TCP, which are insecure and should not be used, particularly for the standard system and session buses (fd.o #106004, Simon McVittie) * Fix installation of Ducktype documentation with newer yelp-build versions (fd.o #106171, Simon McVittie) * Fri Mar 23 2018 sflees@suse.de - Update to 1.12.6 * Changelog for 1.12.6 * Increase system dbus-daemon's RLIMIT_NOFILE rlimit before it drops privileges, because it won't have permission afterwards. This fixes a regression in dbus 1.10.18 and 1.11.0 which made the standard system bus more susceptible to deliberate or accidental denial of service. (fdo#105165, David King) * Changelog for 1.12.4 * When iterating the DBusConnection while blocking on a pending call, don't wait for I/O if that pending call already has a result; and make sure that whether it has a result is propagated in a thread-safe way. This prevents certain multi-threaded calling patterns from blocking until their timeout even when they should have succeeded sooner. (fdo#102839; Manish Narang, Michael Searle) * Report the correct error if OOM is reached while trying to listen on a TCP socket (fdo#89104, Simon McVittie) * Fix assertion failures in recovery from OOM while setting up a DBusServer (fdo#89104, Simon McVittie) * Add a missing space to a warning message (fdo#103729, Thomas Zajic) * Expand ${bindir} correctly when pkg-config is asked for dbus_daemondir (fdo#104265, Benedikt Heine) * On Linux systems with systemd < 237, if ${localstatedir}/dbus doesn't exist, create it before trying to create ${localstatedir}/dbus/machine-id (fdo#104577, Chris Lesiak) * Fix escaping in dbus-api-design document (fdo#104925, Philip Withnall) * Thu Mar 08 2018 dimstar@opensuse.org - Don't spit out a warning if /usr/bin/dbus-daemon does not exist when we run the pre-script. * Mon Dec 11 2017 sflees@suse.de - Swap a missed libdir to libexecdir * Sun Dec 10 2017 jengelh@inai.de - Do not hide errors during useradd. * Thu Nov 23 2017 sflees@suse.de - Fix dbus-daemon-launch-helper to use proper ref to libexecdir * Wed Nov 22 2017 sflees@suse.de - use %{_libexecdir}/dbus-1 as libexecdir * Thu Nov 16 2017 sflees@suse.de - Update to 1.12.2 Deprecations: * Eavesdropping is officially deprecated in favour of BecomeMonitor. See the release notes for spec version 0.31 (in dbus 1.11.14). * [Unix] Flag files in /var/run/console/${username} are deprecated. See the release notes for 1.11.18. New APIs: * <allow> and <deny> rules in dbus-daemon configuration can now include send_broadcast="true", send_broadcast="false", max_unix_fds="N", min_unix_fds="N" (for some integer N). See the release notes for 1.11.18. * dbus_try_get_local_machine_id() is like dbus_get_local_machine_id(), but returns a DBusError. * New APIs around DBusMessageIter to simplify cleanup. See the release notes for 1.11.16. * The message bus daemon now implements the standard Introspectable, Peer and Properties interfaces. See the release notes for dbus 1.11.14 and spec version 0.31. * DTDs for introspection XML and bus configuration are installed. * [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but never uses Linux abstract sockets, which is advantageous for containers. On non-Linux it is equivalent to unix:tmpdir=…. See the release notes for dbus 1.11.14 and spec version 0.31. * [Unix] New option "dbus-launch --exit-with-x11". * [Unix] Session managers can create transient .service files in $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12. * [Unix] A sysusers.d snippet can create the messagebus user on-demand. Miscellaneous behaviour changes: * [Unix] The session bus now logs to syslog if it was started by dbus-launch. * [Unix] Internal warnings are logged to syslog if configured. * [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, or to stderr. - Enabled "make check test suite" - Patches removed, fixed upstream * fix-upstream-drop-install-sections-from-user-services.patch * fix-upstream-increase-backlog.patch * fix-upstream-timeout-reset-1.patch * fix-upstream-timeout-reset-2.patch * Mon Sep 11 2017 sflees@suse.de - boo#1027201 dbus-daemon not found - boo#978477 systemd reseting under heavy load * fix-upstream-timeout-reset-1.patch * fix-upstream-timeout-reset-2.patch * Mon Aug 28 2017 sflees@suse.de - boo#1027200 don't generate machine-id in %post systemd will do it on first boot. - swap usage of /bin/false to /usr/bin/false - Use libexecdir=%{_libdir}/dbus-1 rather then /lib/dbus-1 * Fri Jul 07 2017 sflees@suse.de - No need to set --libdir anymore now that prefix is /usr/bin, * fixes boo#1047532 - No need to set --bindir, bindir in dbus-1-x11 was incorrect - Other fixes required to properly change prefix - Don't pass --with-initscripts we don't use them anymore. * Fri Jun 30 2017 sflees@suse.de - Update to 1.10.20 * Fixes: + Fix a reference leak when blocking on a pending call on a connection that has been disconnected (fdo#101481, Shin-ichi MORITA) + Don't put timestamps in the Doxygen-generated documentation, for closer-to-reproducible builds (fdo#100692, Simon McVittie) + Avoid an assertion failure when connecting to a semicolon-separated series of addresses, one of which fails (fdo#101257, Simon McVittie) * Documentation: + Update git URIs in HACKING document to sync up with cgit.freedesktop.org (fdo#100715, Simon McVittie) * Tue Jun 13 2017 sflees@suse.de - swap to /usr/bin bsc#1029968 - Add the following fixes from SLE12 * bsc#980928 increase listen() backlog of AF_UNIX sockets to SOMAXCONN fix-upstream-increase-backlog.patch - The following bugs were already fixed but are missing changelog entries * bsc#867256 (No longer applicable) * bsc#916785 (No longer applicable) * bsc#1012564 (Not applicable) * fdo#90004 (Fixed Upstream) - Rename the following patches as a tidy up * dbus-log-deny.patch to feature-suse-log-deny.patch * dbus-do-autolaunch.patch feature-suse-do-autolaunch.patch * 0001-Add-RefuseManualStartStop.patch to feature-suse-refuse-manual-start-stop.patch * 0001-Drop-Install-sections-from-user-services.patch to fix-upstream-drop-install-sections-from-user-services.patch * Fri Apr 07 2017 fstrba@suse.com - Update to 1.10.18 * Fixes + Re-order dbus-daemon startup so that on SELinux systems, the thread that reads AVC notifications retains the ability to write to the audit log (fdo#92832, Debian #857660; Laurent Bigonville) + Fix a harmless read overflow and some memory leaks in a unit test (fdo#100568, Philip Withnall) * Wed Mar 01 2017 sflees@suse.de - Update to 1.10.16 Fixes: * Prevent symlink attacks in the nonce-tcp transport on Unix that could allow an attacker to overwrite a file named "nonce", in a directory that the user running dbus-daemon can write, with a random value known only to the user running dbus-daemon. This is unlikely to be exploitable in practice, particularly since the nonce-tcp transport is really only useful on Windows. (fd.o #99828, Simon McVittie) (bsc#1025950) * Avoid symlink attacks in the "embedded tests", which are not enabled by default and should never be enabled in production builds of dbus. (fd.o #99828, Simon McVittie) (bsc#1025951) * Work around an undesired effect of the fix for CVE-2014-3637 (fd.o #80559), in which processes that frequently send fds, such as logind during a flood of new PAM sessions, can get disconnected for continuously having at least one fd "in flight" for too long; dbus-daemon interprets that as a potential denial of service attack. The workaround is to disable that check for uid 0 process such as logind, with a message in the system log. The bug remains open while we look for a more general solution. (fd.o #95263, LP#1591411; Simon McVittie) * Don't run the test test-dbus-launch-x11.sh if X11 autolaunching was disabled at compile time. That test is not expected to work in that configuration. (fd.o #98665, Simon McVittie) Enhancements: * Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian stable and Debian testing in addition to the older Ubuntu that is the default (fd.o #98889, Simon McVittie) * Thu Feb 02 2017 sflees@suse.de - A note for scripts bsc#974092 (remove sysvinit script) is already fixed here. * Wed Jan 25 2017 sflees@suse.de - Don't restart dbus on upgrade - Includes temporary work around for last version boo#1020301 - Add 0001-Add-RefuseManualStartStop.patch don't allow users to Manually start or stop dbus. * Mon Jan 09 2017 marius.kittler@suse.com - Add systemd unit files to start session bus via systemd - Added patch: * 0001-Drop-Install-sections-from-user-services.patch + remove install section from socket unit because it does not need to be enabled explicitly (see fdo#92402) * Fri Dec 09 2016 fstrba@suse.com - Requires systemd >= 209 and drop the compatibility pkg-config names that don't exist in newer systemd * Thu Dec 08 2016 jengelh@inai.de - Drop useless --with-pic which is only for static libs - Abort installation when user/group creation fails - Avoid calling %service_* more than once * Tue Dec 06 2016 fstrba@suse.com - Build the dbus-1 package without X in the dbus-1.spec - Move the dbus-launch.nox11 to the dbus-1 package and install it by default - Build devel-doc package in dbus-1.spec and don't build any documentation in dbus-1-x11 - Make dbus-1-x11 package contains only the X11-enabled dbus-launch - Fix some rpmlint warnings - Delete the dbus-1-x11.spec.in file, since maintaining it is more complicated then keeping in sync a dbus-1-x11.spec file of less then 120 lines * Mon Nov 21 2016 kukuk@suse.de - Create new subpackage: dbus-1-nox11 - contains dbus-launch without x11 support - Rename dbus-launch to dbus-launch.x11 - use update-alternatives to switch between dbus-launch with and without X11 - Solves [bnc#934214] * Tue Oct 11 2016 fstrba@suse.com - Update to 1.10.12 * Security fixes: + Do not treat ActivationFailure message received from root-owned systemd name as a format string. In principle this is a security vulnerability, but we do not believe it is exploitable in practice, because only privileged processes can own the org.freedesktop.systemd1 bus name, and systemd does not appear to send activation failures that contain "%". Please note that this probably *was* exploitable in dbus versions older than 1.6.30, 1.8.16 and 1.9.10 due to a missing check which at the time was only thought to be a denial of service vulnerability (CVE-2015-0245). If you are still running one of those versions, patch or upgrade immediately. (fdo#98157, bsc#1003898, Simon McVittie) * Other fixes: + Harden dbus-daemon against malicious or incorrect ActivationFailure messages by rejecting them if they do not come from a privileged process, or if systemd activation is not enabled (fdo#98157, Simon McVittie) + Avoid undefined behaviour when setting reply serial number without going via union DBusBasicValue (fdo#98035, Marc Mutz) + autogen.sh: fail cleanly if autoconf fails (Simon McVittie) * Tue Sep 13 2016 mvidner@suse.com - Moved dbus-run-session from dbus-1-x11 to dbus-1 (bdo#836296) * Mon Aug 22 2016 fstrba@suse.com - Update to 1.10.10 * Fixes: + On Linux, when dbus-daemon is run with reduced susceptibility to the OOM killer (typically via systemd), do not let child processes inherit that setting (fdo#32851; Kimmo Hämäläinen, WaLyong Cho) + Output valid shell syntax in ~/.dbus/session-bus/ if the bus address contains a semicolon (fdo#94746, Thiago Macieira) + Fix memory leaks and thread safety in subprocess starting on Windows (fdo#95191, Ralf Habacker) + Do not require systemd to have a service file if using it for activation (fdo#93194; Simon McVittie; backport from 1.11.0) + Stop test-dbus-daemon incorrectly failing on platforms that cannot discover the process ID of clients (fdo#96653, Руслан Ижбулатов) + In tests that exercise correct handling of crashing D-Bus services, suppress Windows crash handler (fdo#95155; Yiyang Fei, Ralf Habacker) + Explicitly check for stdint.h (Ioan-Adrian Ratiu) + update-activation-environment: produce better diagnostics on error (fdo#96653, Simon McVittie) + Don't fail the build with an unused const variable warning under gcc 6 (fdo#97282; Thomas Zimmermann, Simon McVittie) + Merge dbus-1.10-ci branch, containing backports from 1.11.0 in build/test code to support continuous integration (fdo#93194, Simon McVittie) - Avoid -Wunused-label when compiling with libselinux but no libaudit - In development builds, allow OOM tests to be disabled as documented - Accept and ignore the --tap argument in all "embedded tests", and run all automated tests with that argument for better diagnostics - Fix the systemd activation test under CMake by installing the required files - In Automake, fix shell syntax for installcheck-local with no DESTDIR - In Automake, don't try to run manual tests in installcheck - In CMake, don't run manual-tcp test as an automated test - Add travis-ci.org build machinery * Mon Mar 14 2016 fstrba@suse.com - Update to 1.10.8 * Fixes: + Enable "large file support" on systems where it exists: dbus-daemon is not expected to open large files, but it might need to stat files that happen to have large inode numbers (fdo#93545, Hongxu Jia) + Eliminate padding inside DBusMessageIter on 64-bit platforms, which might result in a pedantic C compiler not copying the entire contents of a DBusMessageIter; statically assert that this is not an ABI change in practice (fdo#94136, Simon McVittie) + Document dbus-test-tool echo --sleep-ms=N instead of incorrect --sleep=N (fdo#94244, Dmitri Iouchtchenko) + Correctly report test failures in C tests from run-test.sh (fdo#93379; amit tewari, Simon McVittie) + When tests are enabled, run all the marshal-validate tests, not just the even-numbered ones (fdo#93908, Nick Lewycky) + Correct the expected error from one marshal-validate test, which was previously not run due to the above bug(fdo#93908, Simon McVittie) * Thu Dec 03 2015 fstrba@suse.com - Update to 1.10.6 * Fixes: - On Unix when running tests as root, don't assert that root and the dbus-daemon user can still call UpdateActivationEnvironment; assert that those privileged users can call BecomeMonitor instead (fdo#93036, Simon McVittie) - On Windows, fix a memory leak in the autolaunch transport (fdo#92899, Simon McVittie) - On Windows Autotools builds, don't run tests that rely on dbus-run-session and other Unix-specifics (fdo#92899, Simon McVittie) * Thu Nov 26 2015 fstrba@suse.com - Update to 1.10.4 * Changes between 1.10.2 and 1.10.4 - Enhancements: + GetConnectionCredentials, GetConnectionUnixUser and GetConnectionUnixProcessID with argument "org.freedesktop.DBus" will now return details of the dbus-daemon itself. This is required to be able to call SetEnvironment on systemd. (fdo#92857, Jan Alexander Steffens) - Fixes: + Make UpdateActivationEnvironment always fail with AccessDenied on the system bus. Previously, it was possible to configure it so root could call it, but the environment variables were not actually used, because the launch helper would discard them. (fdo#92857, Jan Alexander Steffens) + On Unix with --systemd-activation on a user bus, make UpdateActivationEnvironment pass on its arguments to systemd's SetEnvironment method, solving inconsistency between the environments used for traditional activation and systemd user-service activation. (fdo#92857, Jan Alexander Steffens) + On Windows, don't crash if <syslog/> or --syslog is used (fdo#92538, Ralf Habacker) + On Windows, fix a memory leak when setting a DBusError from a Windows error (fdo#92721, Ralf Habacker) + On Windows, don't go into infinite recursion if we abort the process with backtraces enabled (fdo#92721, Ralf Habacker) + Fix various failing tests, variously on Windows and cross-platform: . don't test system.conf features (users, groups) that only make sense on the system bus, which is not supported on Windows . don't call _dbus_warn() when we skip a test, since it is fatal . fix computation of expected <standard_session_servicedirs/> . when running TAP tests, translate newlines to Unix format, fixing cross-compiled tests under Wine on Linux . don't stress-test refcounting under Wine, where it's really slow . stop assuming that a message looped-back to the test will be received immediately . skip some system bus tests on Windows since they make no sense there (fdo#92538, fdo#92721; Ralf Habacker, Simon McVittie) * Changes between 1.10.0 and 1.10.2 - Fixes: + Correct error handling for activation: if there are multiple attempts to activate the same service and it fails immediately, the first attempt would get the correct reply, but the rest would time out. We now send the same error reply to each attempt. (fdo#92200, Simon McVittie) + If BecomeMonitor is called with a syntactically invalid match rule, don't crash with an assertion failure, fixing a regression in 1.9.10. This was not exploitable as a denial of service, because the check for a privileged user is done first. (fdo#92298, Simon McVittie) + On Linux with --enable-user-session, add the bus address to the environment of systemd services for better backwards compatibility (fdo#92612, Jan Alexander Steffens) + On Windows, fix the logic for replacing the installation prefix in service files' Exec lines (fdo#83539; Milan Crha, Simon McVittie) + On Windows, if installed in the conventional layout with ${prefix}/etc and ${prefix}/share, use relative paths between bus configuration files to allow the tree to be relocated (fdo#92028, Simon McVittie) + Make more of the regression tests pass in Windows builds (fdo#92538, Simon McVittie) * Summary of major changes since 1.8.0: - The basic setup for the well-known system and session buses is now done in read-only files in ${datadir} (normally /usr/share). - AppArmor integration has been merged, with features similar to the pre-existing SELinux integration. It is mostly compatible with the patches previously shipped by Ubuntu, with one significant change: Ubuntu's GetConnectionAppArmorSecurityContext method has been superseded by GetConnectionCredentials and was not included. - The --enable-user-session configure option can be enabled by OS integrators intending to use systemd to provide a session bus per user (in effect, treating all concurrent graphical and non-graphical login sessions as one large session). - The new listenable address mode "unix:runtime=yes" listens on $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the systemd user session. libdbus and "dbus-launch --autolaunch" will connect to this address by default. GLib >= 2.45.3 and sd-bus >= 209 have a matching default. - All executables are now dynamically linked to libdbus-1. Previously, some executables, most notably dbus-daemon, were statically linked to a specially-compiled variant of libdbus. This results in various private functions in the _dbus namespace being exposed by the shared library. These are not API, and must not be used outside the dbus source tree. - On platforms with ELF symbol versioning, all public symbols are versioned LIBDBUS_1_3. * New bus APIs: - org.freedesktop.DBus.GetConnectionCredentials returns LinuxSecurityLabel where supported - org.freedesktop.DBus.Monitoring interface (privileged) . BecomeMonitor method supersedes match rules with eavesdrop=true, which are now deprecated - org.freedesktop.DBus.Stats interface (semi-privileged) . now enabled by default . new GetAllMatchRules method - org.freedesktop.DBus.Verbose interface (not normally compiled) . toggles the effect of DBUS_VERBOSE * New executables: - dbus-test-tool - dbus-update-activation-environment * New optional dependencies: - The systemd: pseudo-transport requires libsystemd or libsd-daemon - Complete documentation requires Ducktype and yelp-tools - Full test coverage requires GLib 2.36 and PyGI - AppArmor integration requires libapparmor and optionally libaudit * Dependencies removed: - dbus-glib * Tue Nov 17 2015 fstrba@suse.com - Update to 1.8.20: * Fixes: - Fix a memory leak when GetConnectionCredentials() succeeds (fdo#91008, Jacek Bukarewicz) - Ensure that dbus-monitor does not reply to messages intended for others (fdo#90952, Simon McVittie) * Wed Sep 16 2015 fstrba@suse.com - Account for openSUSE:Leap in the conditional for chosing right local state directories (boo#941352) * Wed May 27 2015 hrvoje.senjan@gmail.com - Move common-begin sections around to make pre_checkin work again - Unconditionally build with systemd features, there are no cycles now, systemd no longer buildrequires dbus-1-devel * Mon May 18 2015 fstrba@suse.com - Update to 1.8.18: * Security hardening: - On Unix platforms, change the default configuration for the session bus to only allow EXTERNAL authentication (secure kernel-mediated credentials-passing), as was already done for the system bus. This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly unpredictable pseudo-random numbers; under certain circumstances (/dev/urandom unreadable or malloc() returns NULL), dbus could fall back to using rand(), which does not have the desired unpredictability. The fallback to rand() has not been changed in this stable-branch since the necessary code changes for correct error-handling are rather intrusive. If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport, in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using NFS or similar, you will need to reconfigure the session bus to accept DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration is not recommended. (bsc#931066, fdo#90414, Simon McVittie) * Other fixes: - Add locking to DBusCounter's reference count and notify function (fdo#89297, Adrian Szyndela) - Ensure that DBusTransport's reference count is protected by the corresponding DBusConnection's lock (fdo#90312, Adrian Szyndela) - On Windows, listen on the same port for IPv4 and IPv6 (previously broken by an endianness mistake), and fix a failure to bind TCP sockets on approximately 1 attempt in 256 (fdo#87999, Ralf Habacker) - Correctly release DBusServer mutex before early-return if we run out of memory while copying authentication mechanisms (fdo#90021, Ralf Habacker) - Correctly initialize all fields of DBusTypeReader (fdo#90021, Ralf Habacker, Simon McVittie) - Fix some missing \n in verbose (debug log) messages (fdo#90021, Ralf Habacker) - Clean up some memory leaks in test code (fdo#90021, Ralf Habacker) * Thu Mar 26 2015 fstrba@suse.com - Sync changes from SLE12 conditionalized for suse_version <= 1315 * Mon Feb 09 2015 fstrba@suse.com - Update to 1.8.16: * Security fixes: - Do not allow non-uid-0 processes to send forged ActivationFailure messages. On Linux systems with systemd activation, this would allow a local denial of service: unprivileged processes could flood the bus with these forged messages, winning the race with the actual service activation and causing an error reply to be sent back when service auto-activation was requested. This does not prevent the real service from being started, so it only works while the real service is not running. (CVE-2015-0245, fdo#88811, bnc#916343; Simon McVittie) * Other fixes: - fix a Windows build failure (fdo#88009, Ralf Habacker) - on Windows, allow up to 8K connections to the dbus-daemon instead of the previous 64, completing a previous fix which only worked under Autotools (fdo#71297, Ralf Habacker) * Tue Jan 06 2015 fstrba@suse.com - Update to 1.8.14 * Security hardening: - Do not allow calls to UpdateActivationEnvironment from uids other than the uid of the dbus-daemon. If a system service installs unsafe security policy rules that allow arbitrary method calls (such as CVE-2014-8148) then this prevents memory consumption and possible privilege escalation via UpdateActivationEnvironment. We believe that in practice, privilege escalation here is avoided by dbus-daemon-launch-helper sanitizing its environment; but it seems better to be safe. - Do not allow calls to UpdateActivationEnvironment or the Stats interface on object paths other than /org/freedesktop/DBus. Some system services install unsafe security policy rules that allow arbitrary method calls to any destination, method and interface with a specified object path; while less bad than allowing arbitrary method calls, these security policies are still harmful, since dbus-daemon normally offers the same API on all object paths and other system services might behave similarly. * Other fixes: - Add missing initialization so GetExtendedTcpTable doesn't crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko) * Tue Nov 25 2014 fstrba@suse.com - Update to 1.8.12: * Fixes: - Partially revert the CVE-2014-3639 patch by increasing the default authentication timeout on the system bus from 5 seconds back to 30 seconds, since this has been reported to cause boot regressions for some users, mostly with parallel boot (systemd) on slower hardware. On fast systems where local users are considered particularly hostile, administrators can return to the 5 second timeout (or any other value in milliseconds) by saving this as /etc/dbus-1/system-local.conf: <busconfig> <limit name="auth_timeout">5000</limit> </busconfig> (fdo#86431, Simon McVittie) - Add a message in syslog/the Journal when the auth_timeout is exceeded (fdo#86431, Simon McVittie) - Send back an AccessDenied error if the addressed recipient is not allowed to receive a message (and in builds with assertions enabled, don't assert under the same conditions). (fdo#86194, Jacek Bukarewicz) * Mon Nov 10 2014 fstrba@suse.com - Update to 1.8.10: * Security fixes: - Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536 so that CVE-2014-3636 part A cannot exhaust the system bus' file descriptors, completing the incomplete fix in 1.8.8. (CVE-2014-7824, fdo#85105; Simon McVittie, Alban Crequy) * Tue Sep 30 2014 fstrba@suse.com - Reformat the spec file using spec-cleaner * Thu Sep 18 2014 fstrba@suse.com - Update baselibs.conf: Provides dbus-1-32bit in lib package * Tue Sep 16 2014 fstrba@suse.com - Update to 1.8.8: + Security fixes: - Do not accept an extra fd in the padding of a cmsg message, which could lead to a 4-byte heap buffer overrun. (CVE-2014-3635, fdo#83622, bnc#896453; Simon McVittie) - Reduce default for maximum Unix file descriptors passed per message from 1024 to 16, preventing a uid with the default maximum number of connections from exhausting the system bus' file descriptors under Linux's default rlimit. Distributors or system administrators with a more restrictive fd limit may wish to reduce these limits further. Additionally, on Linux this prevents a second denial of service in which the dbus-daemon can be made to exceed the maximum number of fds per sendmsg() and disconnect the process that would have received them. (CVE-2014-3636, fdo#82820, bnc#896453; Alban Crequy) - Disconnect connections that still have a fd pending unmarshalling after a new configurable limit, pending_fd_timeout (defaulting to 150 seconds), removing the possibility of creating an abusive connection that cannot be disconnected by setting up a circular reference to a connection's file descriptor. (CVE-2014-3637, fdo#80559, bnc#896453; Alban Crequy) - Reduce default for maximum pending replies per connection from 8192 to 128, mitigating an algorithmic complexity denial-of-service attack (CVE-2014-3638, fdo#81053, bnc#896453; Alban Crequy) - Reduce default for authentication timeout on the system bus from 30 seconds to 5 seconds, avoiding denial of service by using up all unauthenticated connection slots; and when all unauthenticated connection slots are used up, make new connection attempts block instead of disconnecting them. (CVE-2014-3639, fdo#80919, bnc#896453; Alban Crequy) + Other fixes: - Check for libsystemd from systemd >= 209, falling back to the older separate libraries if not found (Umut Tezduyar Lindskog, Simon McVittie) - On Linux, use prctl() to disable core dumps from a test executable that deliberately raises SIGSEGV to test dbus-daemon's handling of that condition (fdo#83772, Simon McVittie) - Fix compilation with --enable-stats (fdo#81043, Gentoo #507232; Alban Crequy) - Improve documentation for running tests on Windows (fdo#41252, Ralf Habacker) * Sat Jul 19 2014 crrodriguez@opensuse.org - Remove all remains of sysvinit compatibility. - Do not force-fed -fstack-protector in CFLAGS, already there and obsoleted by stack-protector-strong in gcc 4.9. - Ensure doxygen never generates timestampted html docs. * Thu Jul 10 2014 fcrozat@suse.com - Update baselibs.conf: Obsoletes dbus-1-32bit in lib package. * Wed Jul 02 2014 fstrba@suse.com - Update to 1.8.6: + Security fixes: - On Linux >= 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently drop the message. This prevents an attack in which a malicious client can make dbus-daemon disconnect a system service, which is a local denial of service. (bnc#885241 fdo#80163, CVE-2014-3532; Alban Crequy) - Track remaining Unix file descriptors correctly when more than one message in quick succession contains fds. This prevents another attack in which a malicious client can make dbus-daemon disconnect a system service. (bnc#885241 fdo#79694, fd0#80469, CVE-2014-3533; Alejandro Martínez Suárez, Simon McVittie, Alban Crequy) + Other fixes: - When dbus-launch --exit-with-session starts a dbus-daemon but then cannot attach to a session, kill the dbus-daemon as intended (fdo#74698, Роман Донченко) * Wed Jun 11 2014 fstrba@suse.com - Update to 1.8.4: + Security fix: - Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service flaw in dbus-daemon, part of the reference implementation of D-Bus. Additionally, in highly unusual environments the same flaw could lead to a side channel between processes that should not be able to communicate. (CVE-2014-3477, fdo#78979, bnc#881137) * Sat May 03 2014 hrvoje.senjan@gmail.com - Update to 1.8.2: + Enhancements: - in the CMake build system, add some hints for Linux users cross-compiling Windows D-Bus binaries to be able to run tests under Wine (fdo#41252) - add Documentation key to dbus.service (fdo#77447) + Fixes: - in "dbus-uuidgen --ensure", try to copy systemd's /etc/machine-id to /var/lib/dbus/machine-id instead of generating an entirely new ID (fdo#77941) - if dbus-launch receives an X error very quickly, do not kill unrelated processes (fdo#74698) - on Windows, allow up to 8K connections to the dbus-daemon, instead of the previous 64 (fdo#71297) - cope with \r\n newlines in regression tests, since on Windows, dbus-daemon.exe uses text mode (fdo#75863) * Mon Jan 20 2014 hrvoje.senjan@gmail.com - Update to 1.8.0 final: + This starts a new stable branch. The 1.6.x branch is now considered to be outdated, and will only receive fixes for serious bugs such as security flaws. The 1.4.x and 1.2.x branches no longer have upstream support and are unlikely to get any more releases, but if distributors still need to support them, please share security patches via upstream. + Enhancements since 1.7.10: - Enhance the CMake build system to check for GLib and compile/run a subset of the regression tests (fdo#41252, fdo#73495) + Fixes since 1.7.10: - don't rely on va_copy(), use DBUS_VA_COPY() wrapper (fdo#72840) - fix compilation of systemd journal support on older systemd versions where sd-journal.h doesn't include syslog.h (fdo#73455) - fix compilation on older MSVC versions by including stdlib.h (fdo#73455) - Allow <allow_anonymous/> to appear in an included configuration file (fdo#73475) + Test behaviour changes since 1.7.10: - If the tests crash with an assertion failure, they no longer default to blocking for a debugger to be attached. Set DBUS_BLOCK_ON_ABORT in the environment if you want the old behaviour. - To improve debuggability, the dbus-daemon and dbus-daemon-eavesdrop tests can be run with an external dbus-daemon by setting DBUS_TEST_DAEMON_ADDRESS in the environment. Test-cases that require an unusually-configured dbus-daemon are skipped. * Fri Jan 10 2014 hrvoje.senjan@gmail.com - Remove checks for obsolete openSUSE versions - Make sure that dbus-1 requires libdbus-1-3 during %post (detected when built against DBus-less systemd 209) * Thu Jan 09 2014 fridrich.strba@suse.com - Try hard to assure that /var/lib/dbus/machine-id and /etc/machine-id are the same (bnc#857377) * Tue Jan 07 2014 fridrich.strba@suse.com - Update to 1.7.10 (1.8.0 rc1) + D-Bus Specification 0.23: - don't require messages with no INTERFACE to be dispatched (fdo#68597) - document "tcp:bind=..." and "nonce-tcp:bind=..." (fdo#72301) - define "listenable" and "connectable" addresses, and discuss the difference (fdo#61303) + Enhancements: - support printing Unix file descriptors in dbus-send, dbus-monitor (fdo#70592) - don't install systemd units if --disable-systemd is given (fdo#71818) + Fixes: - don't leak memory on out-of-memory while listing activatable or active services (fdo#71526) - fix undefined behaviour in a regression test (fdo#69924) - escape Unix socket addresses correctly (fdo#46013) - on SELinux systems, don't assume that SECCLASS_DBUS, DBUS__ACQUIRE_SVC and DBUS__SEND_MSG are numerically equal to their values in the reference policy (fdo#88719) - define PROCESS_QUERY_LIMITED_INFORMATION if missing from MinGW < 4 headers (fdo#71366) - define WIN32_LEAN_AND_MEAN to avoid conflicts between winsock.h and winsock2.h (fdo#71405) - do not return failure from _dbus_read_nonce() with no error set, preventing a potential crash (fdo#72298) - on BSD systems, avoid some O(1)-per-process memory and fd leaks in kqueue, preventing test failures (fdo#69332, fdo#72213) - fix warning spam on Hurd by not trying to set SO_REUSEADDR on Unix sockets, which doesn't do anything anyway on at least Linux and FreeBSD (fdo#69492) - fix use of TCP sockets on FreeBSD and Hurd by tolerating EINVAL from sendmsg() with SCM_CREDS (retrying with plain send()), and looking for credentials more correctly (fdo#69492) - ensure that tests run with a temporary XDG_RUNTIME_DIR to avoid getting mixed up in XDG/systemd "user sessions" (fdo#61301) - refresh cached policy rules for existing connections when bus configuration changes (fdo#39463) * Wed Nov 20 2013 hrvoje.senjan@gmail.com - Drop the dbus-fall-back-to-old-run-directory.patch, and the sed workaround from dbus-1-x11 %post, now that transition from 12.3 (/var/run) to 13.1 (/run) is done * Fri Nov 01 2013 hrvoje.senjan@gmail.com - Update to 1.7.8 + Dependencies: - If systemd support is enabled, libsystemd-journal is now required. + Enhancements: - When activating a non-systemd service under systemd, annotate its stdout/stderr with its bus name in the Journal. Known limitation: because the socket is opened before forking, the process will still be logged as if it had dbus-daemon's process ID and user ID. (fdo#68559) - Document more configuration elements in dbus-daemon(1) (fdo#69125) + Fixes: - Don't leak string arrays or fds if dbus_message_iter_get_args_valist() unpacks them and then encounters an error (fdo#21259) - If compiled with libaudit, retain CAP_AUDIT_WRITE so we can write disallowed method calls to the audit log, fixing a regression in 1.7.6 (fdo#49062) - path_namespace='/' in match rules incorrectly matched nothing; it now matches everything. (fdo#70799) * Wed Oct 09 2013 hrvoje.senjan@gmail.com - Update to 1.7.6 + Build-time configuration changes: - Directory change notification via dnotify on Linux is no longer supported; it hadn't compiled successfully since 2010 in any case. If you don't have inotify (Linux) or kqueue (*BSD), you will need to send SIGHUP to the dbus-daemon when its configuration changes. (fdo#33001) - Compiling with --disable-userdb-cache is no longer supported; it didn't work since at least 2008, and would lead to an extremely slow dbus-daemon even it worked. (fdo#15589,fdo#17133,fdo#66947) - The DBUS_DISABLE_ASSERTS CMake option didn't actually disable most assertions. It has been renamed to DBUS_DISABLE_ASSERT to be consistent with the Autotools build system. (fdo#66142) - --with-valgrind=auto enables Valgrind instrumentation if and only if valgrind headers are available. The default is still - -with-valgrind=no. (fdo#56925) + Dependencies: - Platforms with no 64-bit integer type are no longer supported. (fdo#65429) - GNU make is now (documented to be) required. (fdo#48277) - Full test coverage no longer requires dbus-glib, although the tests do not exercise the shared library (only a static copy) if dbus-glib is missing. (fdo#68852) + Enhancements: - D-Bus Specification 0.22 - Document GetAdtAuditSessionData() and GetConnectionSELinuxSecurityContext() (fdo#54445) - Fix example .service file (fdo#66481) - Don't claim D-Bus is "low-latency" (lower than what?), just give factual statements about it supporting async use (fdo#65141) - Document the contents of .service files, and the fact that system services' filenames are constrained (fdo#66608) - Be thread-safe by default on all platforms, even if dbus_threads_init_default() has not been called. For compatibility with older libdbus, library users should continue to call dbus_threads_init_default(): it is harmless to do so. (fdo#54972) - Add GetConnectionCredentials() method (fdo#54445) - New API: dbus_setenv(), a simple wrapper around setenv(). Note that this is not thread-safe. (fdo#39196,) - Add dbus-send --peer=ADDRESS (connect to a given peer-to-peer connection, like --address=ADDRESS in previous versions) and dbus-send --bus=ADDRESS (connect to a given bus, like dbus-monitor --address=ADDRESS). dbus-send --address still exists for backwards compatibility, but is no longer documented. (fdo#48816) + Fixes: - Avoid an infinite busy-loop if a signal interrupts waitpid() (fdo#68945) - Clean up memory for parent nodes when objects are unexported (fdo#60176) - Make dbus_connection_set_route_peer_messages(x, FALSE) behave as documented. Previously, it assumed its second parameter was TRUE. (fdo#69165) - Escape addresses containing non-ASCII characters correctly (fdo#53499) - Document <servicedir> search order correctly (fdo#66994) - Don't crash on "dbus-send --session / x.y.z" which regressed in 1.7.4. (fdo#65923) - If malloc() returns NULL in _dbus_string_init() or similar, don't free an invalid pointer if the string is later freed (fdo#65959) - If malloc() returns NULL in dbus_set_error(), don't va_end() a va_list that was never va_start()ed (fdo#66300) - fix build failure with --enable-stats (fdo#66004) - fix a regression test on platforms with strict alignment (fdo#67279) - Avoid calling function parameters "interface" since certain Windows headers have a namespace-polluting macro of that name (fdo#66493) - Assorted Doxygen fixes (fdo#65755) - Various thread-safety improvements to static variables (fdo#68610) - Make "make -j check" work (fdo#68852) - Fix a NULL pointer dereference on an unlikely error path (fdo#69327) - Improve valgrind memory pool tracking (fdo#69326) - Don't over-allocate memory in dbus-monitor (fdo#69329) - dbus-monitor can monitor dbus-daemon < 1.5.6 again (fdo#66107) + Unix-specific: - If accept4() fails with EINVAL, as it can on older Linux kernels with newer glibc, try accept() instead of going into a busy-loop. (fdo#69026) - If socket() or socketpair() fails with EINVAL or EPROTOTYPE, for instance on Hurd or older Linux with a new glibc, try without SOCK_CLOEXEC. (fdo#69073) - Fix a file descriptor leak on an error code path. (fdo#69182) - dbus-run-session: clear some unwanted environment variables (fdo#39196) - dbus-run-session: compile on FreeBSD (fdo#66197) - Don't fail the autolaunch test if there is no DISPLAY (fdo#40352) - Use dbus-launch from the builddir for testing, not the installed copy (fdo#37849) - Fix compilation if writev() is unavailable (fdo#69409) - Remove broken support for LOCAL_CREDS credentials passing, and document where each credential-passing scheme is used (fdo#60340) - Make autogen.sh work on *BSD by not assuming GNU coreutils functionality (fdo#35881, fdo#69787) - dbus-monitor: be portable to NetBSD (fdo#69842) - dbus-launch: stop using non-portable asprintf (fdo#37849) - Improve error reporting from the setuid activation helper (fdo#66728) + Internal changes: - add DBUS_ENABLE_ASSERT, DBUS_ENABLE_CHECKS for less confusing conditionals (fdo#66142) - improve verbose-mode output (fdo#63047) - consolidate Autotools and CMake build (fdo#64875) - fix various unused variables, unusual build configurations etc. (fdo#65712, fdo#65990, fdo#66005, fdo#66257, fdo#69165, fdo#69410, fdo#70218) - Dropped 0001-_dbus_babysitter_unref-avoid-infinite-loop-if-waitpi.patch, included in this release * Mon Oct 07 2013 fridrich.strba@suse.com - Create /var/lib/dbus/machine-id only if there is no /etc/machine-id present on the system. Dbus knows how to use the system-wide machine-id file and this solves problems where the two files have different values (bnc#831626) * Fri Oct 04 2013 hrvoje.senjan@gmail.com - Check for existence of /var/lib/old_run_path: if found, only then is dbus ListenStream swapped for old run path. This is done for supporting 12.3 to 13.1 upgrade (bnc#802525) - Fix rpmlint warnings about %verifyscript and %set_permissions * Sun Sep 29 2013 hrvoje.senjan@gmail.com - Revert to previous version of dbus-fall-back-to-old-run-directory.patch as latest version causes a fallout * Wed Sep 25 2013 hpj@suse.com - Amend dbus-fall-back-to-old-run-directory.patch to prevent a new class of hangs while upgrading D-Bus along with other services (bnc#802525). * Sat Sep 07 2013 hrvoje.senjan@gmail.com - Added 0001-_dbus_babysitter_unref-avoid-infinite-loop-if-waitpi.patch from upstream for resolving fdo#68945, bnc#782909 * Tue Jun 25 2013 coolo@suse.com - to avoid a cycle with systemd, build the daemon in dbus-x11.spec. It would be wise to rename dbus-1.spec to dbus-1-libs.spec and dbus-1-x11.spec to dbus-1.spec, but I first wanted to hear feedback * Sat Jun 22 2013 hrvoje.senjan@gmail.com - Update to 1.7.4 + CVE-2013-2168: Fix misuse of va_list that could be used as a denial of service for system services. + It should now be safe to call dbus_threads_init_default() from any thread, at any time + In dbus-daemon, don't crash if a .service file starts with key=value + Fix an assertion failure if we try to activate systemd services before systemd connects to the bus (fdo#50199) - Adjusted dbus-do-autolaunch.patch for this release * Sat Jun 22 2013 hrvoje.senjan@gmail.com - Remove the override that was added in solving bnc#802525, as it causes similar situation when upgrading dbus and systemd simultaneously. - Adjusted rc.boot.dbus script so it uses /run instead of /var/run * Thu Apr 25 2013 hrvoje.senjan@gmail.com - Update to 1.7.2 + Diagnose incorrect use of dbus_connection_get_data() with negative slot (i.e. before allocating the slot) rather than returning junk (fdo #63127) + The --with-dbus-session-bus-default-address configure option is no longer supported + Under systemd, log to syslog only, not stderr, avoiding duplication (fdo#61399, fdo#39987) + Under systemd, remove unnecessary dependency on syslog.socket (fdo#63531) + Allow use of systemd-logind without the rest of systemd (fdo#62585) - Dropped dbus-move-everything-to-run-directory.patch, since we can define location of system pid and socket with configure flags and set the flags accordingly - Added xmlto BuildRequires, it is needed now for man files * Wed Apr 24 2013 hrvoje.senjan@gmail.com - Update to 1.6.10 + Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF, U+FDD0..U+FDEF are allowed in UTF-8 strings again. (fdo#63072) + Diagnose incorrect use of dbus_connection_get_data() with negative slot (i.e. before allocating the slot) rather than returning junk (fdo#63127) + In the activation helper, when compiled for tests, do not reset the system bus address, fixing the regression tests. (fdo#52202) + Fix building with Valgrind 3.8, at the cost of causing harmless warnings with Valgrind 3.6 on some compilers (fdo#55932) + Don't leak temporary fds pointing to /dev/null (fdo#56927,) + Create session.d, system.d directories under CMake (fdo#41319) + Include alloca.h for alloca() if available, fixing compilation on Solaris 10 (fdo#63071) * Fri Feb 22 2013 hpj@suse.com - Spec file changes moving files from /var/run to /run. - Add dbus-move-everything-to-run-directory.patch by rmilasan. This moves everything (pid files, lock files, etc.) to /run. - Add dbus-fall-back-to-old-run-directory.patch (bnc#802525). * Mon Feb 18 2013 rmilasan@suse.com - Revert patch: dbus-move-everything-to-run-directory.patch (bnc#802525). * Thu Jan 24 2013 rmilasan@suse.com - Move everything (pid files, lock files, etc.) to /run. add: dbus-move-everything-to-run-directory.patch * Sun Nov 18 2012 hrvoje.senjan@gmail.com - Update to 1.6.8 * Follow up to CVE-2012-3524: The additional hardening work to use __secure_getenv() as a followup to bug #52202 broke certain configurations of gnome-keyring. Given the difficulty of making this work without extensive changes to gnome-keyring, use of __secure_getenv() is deferred. * CVE-2012-3524: Don't access environment variables (fdo#52202) Thanks to work and input from Colin Walters, Simon McVittie, Geoffrey Thomas, and others. * Detect that users are "at the console" correctly when configured with a non-default path such as --enable-console-auth-dir=/run/console (fdo#51521, Dave Reisner) * Remove an incorrect assertion from DBusTransport (fdo#51657, Simon McVittie) * Change how we create /var/lib/dbus so it works under Automake >= 1.11.4 (fdo#51406, Simon McVittie) * Don't return from dbus_pending_call_set_notify with a lock held on OOM (fdo#51032, Simon McVittie) * Disconnect "developer mode" (assertions, verbose mode etc.) from Automake maintainer mode. D-Bus developers should now configure with - -enable-developer. Automake maintainer mode is now on by default; distributions can disable it with --disable-maintainer-mode. (fdo#34671, Simon McVittie) * Unix-specific: - Check for libpthread under CMake on Unix (fdo#47237, Simon McVittie) * New requirements - PTHREAD_MUTEX_RECURSIVE on Unix - compiler support for 64-bit integers (int64_t or equivalent) * D-Bus Specification v0.19 * New dbus-daemon features - <allow own_prefix="com.example.Service"/> rules allow the service to own names like com.example.Service.Instance3 - optional systemd integration when checking at_console policies - --nopidfile option, mainly for use by systemd - path_namespace and arg0namespace may appear in match rules - eavesdropping is disabled unless the match rule contains eavesdrop=true * New public API - functions to validate various string types (dbus_validate_path() etc.) - dbus_type_is_valid() - DBusBasicValue, a union of every basic type * Bug fixes - removed an unsafe reimplementation of recursive mutexes - dbus-daemon no longer busy-loops if it has far too many file descriptors - dbus-daemon.exe --print-address works on Windows - all the other bug fixes from 1.4.20 * Other major implementation changes - on Linux, dbus-daemon uses epoll if supported, for better scalability - dbus_threads_init() ignores its argument and behaves like dbus_threads_init_default() instead - removed the per-connection link cache, improving dbus-daemon performance * Developer features - optional Valgrind instrumentation (--with-valgrind) - optional Stats interface on the dbus-daemon (--enable-stats) - optionally abort whenever malloc() fails (--enable-embedded-tests and export DBUS_MALLOC_CANNOT_FAIL=1) * Be more careful about monotonic time vs. real time, fixing DBUS_COOKIE_SHA1 spec-compliance (fdo#48580, David Zeuthen) * Don't use install(1) within the source/build trees, fixing the build as non-root when using OpenBSD install(1) (fdo#48217, Antoine Jacoutot) * Add missing commas in some tcp and nonce-tcp addresses, and remove an unused duplicate copy of the nonce-tcp transport in Windows builds (fdo#45896, Simon McVittie) - remove patch dbus-cve-2012-3524.patch as incorporated upstream * Fri Nov 16 2012 dimstar@opensuse.org - Enable systemd integration (with_systemd 1): follow the rest of the distribution enabling systemd support. As agreed, systemd is the main supported way for 12.3. * Fri Nov 16 2012 fcrozat@suse.com - Move default home from /var/run/dbus to /run/dbus - Fix useradd invocation: -o is useless without -u and newer versions of pwdutils/shadowutils fail on this now. * Thu Nov 08 2012 tittiatcoke@gmail.com - Link /usr/bin/dbus-send to /bin/dbus-send. Upower uses dbus-send to receive signals from systemd regarding resuming, however looks for the moment in the wrong directory. * Sat Nov 03 2012 crrodriguez@opensuse.org - Fix factory breakage on systemd units directory * Fri Oct 26 2012 coolo@suse.com - remove sysvinit requires from the package - remove %run_permissions macro * Wed Oct 24 2012 jengelh@inai.de - baselibs: dbus-1-devel-32bit must require libdbus-1-3-32bit * Sun Oct 07 2012 coolo@suse.com - remove libzio build dependency * Mon Aug 27 2012 thoenig@suse.de - dbus-cve-2012-3524.patch: Add patch for CVE-2012-3524 to fix getenv() vulnerability in setuid root binaries (bnc#697105) * Wed Aug 01 2012 idonmez@suse.com - Add pkgconfig(x11) as BuildRequires instead of xorg-x11-devel so we don't depend on Mesa and create a build cycle. * Tue May 15 2012 vuntz@opensuse.org - Move ownership of /etc/dbus-1/{session.d,system.d} and /usr/share/dbus-1/{interfaces,services,system-services} to libdbus-1-3 instead of dbus-1: many dbus users put files there, and it's annoying to force them to own those directories. * Sun Apr 22 2012 alinm.elena@gmail.com - added libdbus-1-3 to build for -32bit... - adeed post and postun sections for libdbus-1-3 * Thu Apr 19 2012 thoenig@suse.de - More news from the dependency hell: Let dbus-1-devel require dbus-1. * Wed Apr 18 2012 thoenig@suse.de - Split dbus-1 into libdbus-1 and dbus-1. * Wed Mar 28 2012 thoenig@suse.de - Update to version 1.5.12: - Add public API to validate various string types: dbus_validate_path(), dbus_validate_interface(), dbus_validate_member(), dbus_validate_error_name(), dbus_validate_bus_name(), dbus_validate_utf8() (fdo#39549, Simon McVittie) - Turn DBusBasicValue into public API so bindings don't need to invent their own "union of everything" type (fdo#11191, Simon McVittie) - Enumerate data files included in the build rather than using find(1) (fdo#33840, Simon McVittie) - Add support for policy rules like <allow own_prefix="com.example.Service"/> in dbus-daemon (fdo#46273, Alban Crequy) - Windows-specific: - make dbus-daemon.exe --print-address (and --print-pid) work again on Win32, but not on WinCE (fdo#46049, Simon McVittie) - fix duplicate case value when compiling against mingw-w64 (fdo#47321, Andoni Morales Alastruey) * Mon Feb 27 2012 vuntz@opensuse.org - Revert my last change completely, and go back to using -fpie in CFLAGS and -pie in LDFLAGS for the whole build: after discussion upstream in fdo#46570, it appears that this is the recommended way to harden the build. * Fri Feb 24 2012 vuntz@opensuse.org - Change the way we pass -fpie/-pie: + Stop changing CFLAGS/LDFLAGS in %build to add -fpie/-pie. + Add dbus-1-suid_flags.patch: respect SUID_CFLAGS/SUID_LDFLAGS when building the suid binary (dbus-daemon-launch-helper). + Set SUID_CFLAGS to -fPIE and SUID_LDFLAGS to -pie in %build. * Fri Feb 24 2012 coolo@suse.com - move with_systemd definition into COMMON part to fix dbus-1-x11 * Wed Feb 22 2012 vuntz@opensuse.org - Update to version 1.5.10: + D-Bus Specification 0.19: - Formally define unique connection names and well-known bus names, and document best practices for interface, bus, member and error names, and object paths (fdo#37095) - Document the search path for session and system services on Unix, and where they should be installed by build systems (fdo#21620, fdo#35306) - Document the systemd transport (fdo#35232) + Make dbus_threads_init() use the same built-in threading implementation as dbus_threads_init_default(); the user-specified primitives that it takes as a parameter are now ignored (fdo#43744) + Allow all configured auth mechanisms, not just one (fdo#45106) + Improve cmake build system. + Build tests successfully with older GLib, as found in e.g. Debian 6 (fdo#41219) + Avoid use of deprecated GThread API (fdo#44413) + Build documentation correctly if man2html doesn't support filenames on its command-line (fdo#43875) + Improve test coverage. To get even more coverage, run the tests with DBUS_TEST_SLOW=1 (fdo#38285, fdo#42811) + Reduce the size of the shared library by moving functionality only used by dbus-daemon, tests etc. into their internal library and deleting unused code (fdo#34976, fdo#39759) + Add dbus-daemon --nopidfile option, overriding the configuration, for setups where the default configuration must include <pidfile/> to avoid breaking traditional init, but the pid file is in fact unnecessary; use it under systemd to improve startup time a bit (fdo#45520) + Optionally (if configured --with-valgrind) add instrumentation to debug libdbus and associated tools more meaningfully under Valgrind (fdo#37286) + Improve the dbus-send(1) man page (fdo#14005) + Make dbus-protocol.h compatible with C++11 (fdo#46147) + If tests are enabled and DBUS_MALLOC_CANNOT_FAIL is set in the environment, abort on failure to malloc() (like GLib does), to turn runaway memory leaks into a debuggable core-dump if a resource limit is applied (fdo#41048) + Don't crash if realloc() returns NULL in a debug build (fdo#41048) + Unix-specific: - Replace our broken reimplementation of recursive mutexes, which has been broken since 2006, with an ordinary pthreads recursive mutex (fdo#43744) - Use epoll(7) for a more efficient main loop in Linux; equivalent patches welcomed for other OSs' equivalents like kqueue, /dev/poll, or Solaris event ports (fdo#33337) - When running under systemd, use it instead of ConsoleKit to check whether to apply at_console policies (fdo#39609) - Avoid a highly unlikely fd leak (fdo#29881) - Don't close invalid fd -1 if getaddrinfo fails (fdo#37258) - Don't touch ~/.dbus and ~/.dbus-keyrings when running 'make installcheck' (fdo#41218) - Stop pretending we respect XDG_DATA_DIRS for system services: the launch helper doesn't obey environment variables to avoid privilege escalation attacks, so make the system bus follow the same rules (fdo#21620) + Windows-specific fixes. - Get ready for a switch to systemd: + Add a with_systemd macro, currently set to 0 as the systemd support would introduce a build cycle between dbus-1 and systemd. + Add pkgconfig(libsystemd-daemon) and pkgconfig(libsystemd-login) BuildRequires and pass - -enable-systemd to configure if we build systemd support. * Mon Feb 06 2012 dlovasko@suse.com - fixed bnc#743149 - added position independent flags to compilation and linking(-fpie/-pie) * Wed Oct 12 2011 coolo@suse.com - add patch to enable X11 autolaunch even if configure thinks it can't be done (bnc#707817) * Tue Oct 11 2011 dmueller@suse.de - update to version 1.5.8: * Clean up dead code, and make more warnings fatal in development builds (fdo#39231, fdo#41012; Simon McVittie) * Add a regression test for fdo#38005 (fdo#39836, Simon McVittie) * Add _DBUS_STATIC_ASSERT and use it to check invariants * Fix a small memory leak, and a failure to report errors, when updating a service file entry for activation (fdo#39230, Simon McVittie) * Clean up (non-abstract) Unix sockets on bus daemon exit * On systems that use libcap-ng but not systemd, drop supplemental groups when switching to the daemon user (Red Hat #726953, Steve Grubb) * Fri Sep 30 2011 coolo@suse.com - add libtool as buildrequire to make the spec file more reliable * Sun Sep 18 2011 jengelh@medozas.de - Remove redundant tags/sections from specfile (cf. packaging guidelines) * Mon Aug 01 2011 vuntz@opensuse.org - Update to version 1.5.6: + Potentially incompatible (Bustle and similar debugging tools will need changes to work as intended): - Do not allow match rules to "eavesdrop" (receive messages intended for a different recipient) by mistake: eavesdroppers must now opt-in to this behaviour by putting "eavesdrop='true'" in the match rule, which will not have any practical effect on buses where eavesdropping is not allowed (fdo#37890) + Other changes: - D-Bus Specification version 0.18 (fdo#37890, fdo#39450, fdo#38252): . add the "eavesdrop" keyword to match rules . define eavesdropping, unicast messages and broadcast messages . stop claiming that match rules are needed to match unicast messages to you . promote the type system to be a top-level section - Use DBUS_ERROR_OBJECT_PATH_IN_USE if dbus_connection_try_register_object_path or dbus_connection_try_register_fallback fails, not ...ADDRESS_IN_USE, and simplify object-path registration (fdo#38874) - Consistently use atomic operations on everything that is ever manipulated via atomic ops, as was done for changes to DBusConnection's refcount in 1.4.12 (fdo#38005) - Fix a file descriptor leak when connecting to a TCP socket (fdo#37258) - Make "make check" in a clean tree work, by not running tests until test data has been set up (fdo#34405) - The dbus-daemon no longer busy-loops if it has a very large number of file descriptors (fdo#23194) - Refactor message flow through dispatching to avoid locking violations if the bus daemon's message limit is hit; remove the per-connection link cache, which was meant to improve performance, but now reduces it (fdo#34393) - Some cmake fixes - Remove dead code, mainly from DBusString (fdo#38570, fdo#39610) - Stop storing two extra byte order indicators in each D-Bus message (fdo#38287) - Add an optional Stats interface which can be used to get statistics from a running dbus-daemon if enabled at configure time with --enable-stats (fdo#34040) - Fix various typos (fdo#27227, fdo#38284) - Documentation (fdo#36156): . let xsltproc be overridden as usual: ./configure XSLTPROC=myxsltproc . install more documentation automatically, including man2html output . put dbus.devhelp in the right place (it must go in ${htmldir}) - Unix-specific: . look for system services in /lib/dbus-1/system-services in addition to all the other well-known locations; note that this should always be /lib, even on platforms where shared libraries on the root FS would go in /lib64, /lib/x86_64-linux-gnu or similar (fdo#35229) . opt-in to fd passing on Solaris (fdo#33465) - Windows-specific: . fix use of a mutex for autolaunch server detection . don't crash on malloc failure in _dbus_printf_string_upper_bound - Manually create /lib/dbus-1/system-services in %install so that we can own it. * Fri Jul 01 2011 vuntz@opensuse.org - Update to version 1.5.4: + Security (local denial of service): - Byte-swap foreign-endian messages correctly, preventing a long-standing local DoS if foreign-endian messages are relayed through the dbus-daemon (fdo#38120, deb#629938, no CVE number yet) + New things: - The constant to use for an infinite timeout now has a name, DBUS_TIMEOUT_INFINITE. - If GLib and DBus-GLib are already installed, more tests will be built, providing better coverage.(fdo#34570) + Changes: - Consistently use atomic operations for the DBusConnection's refcount, fixing potential threading problems (fdo#38005) - Don't use -Wl,--gc-sections by default: in practice the size decrease is small (300KiB on x86-64) and it frequently doesn't work in unusual toolchains. (fdo#33466) - Use #!/bin/sh for run-with-tmp-session-bus.sh, making it work on *BSD (fdo#35880) - Use ln -fs to set up dbus for systemd, which should fix reinstallation when not using a DESTDIR (fdo#37870) - Windows-specific changes: . don't try to build dbus-daemon-launch-helper (fdo#37838) - Changes from version 1.5.2: + Notes for distributors: - This version of D-Bus no longer uses -fPIE by default. + Changes: + D-Bus Specification v0.17 . Reserve the extra characters used in signatures by GVariant (fdo#34529) . Define the ObjectManager interface (fdo#34869) + Don't force -fPIE: distributions and libtool know better than we do whether it's desirable (fdo#16621, fdo#27215) + Allow --disable-gc-sections, in case your toolchain offers the -ffunction-sections, -fdata-sections and - Wl,--gc-sections options but they're broken, as seen on Solaris (fdo#33466) + Install dbus-daemon and dbus-daemon-launch-helper in a more normal way (fdo#14512) + Ensure that maintainers upload documentation with the right permissions (fdo#36130) + Don't force users of libdbus to be linked against - lpthread, -lrt (fdo#32827) + Log system-bus activation information to syslog (fdo#35705) + Log messages dropped due to quotas to syslog (fdo#35358) + Make the nonce-tcp transport work on Unix (fdo#34569) + On Unix, if /var/lib/dbus/machine-id cannot be read, try /etc/machine-id (fdo#35228) + In the regression tests, don't report fds as "leaked" if they were open on startup (fdo#35173) + Make dbus-monitor bail out if asked to monitor more than one bus, rather than silently using the last one (fdo#26548) + Clarify documentation (fdo#35182) + Clean up minor dead code and some incorrect error handling (fdo#33128, fdo#29881) + Check that compiler options are supported before using them (fdo#19681) + Windows: . Remove obsolete workaround for winioctl.h (fdo#35083) * Tue Jun 28 2011 aj@suse.de - Fix filelist to own a directory. - Do not package html files twice. * Wed May 18 2011 coolo@novell.com - buildrequire update-desktop-files for mimetypes.prov * Thu May 05 2011 coolo@opensuse.org - switch to download_files service * Wed Apr 20 2011 coolo@opensuse.org - changes license to GPL2+ or AFL 2.1 * Fri Apr 15 2011 thoenig@suse.de - Update to 1.5.0 * D-Bus Specification v0.16 - Add support for path_namespace and arg0namespace in match rules (fdo#24317, #34870; Will Thompson, David Zeuthen, Simon McVittie) - Make argNpath support object paths, not just object-path-like strings, and document it better (fdo#31818, Will Thompson) * Let the bus daemon implement more than one interface (fdo#33757, Simon McVittie) * Optimize _dbus_string_replace_len to reduce waste (fdo#21261, Roberto Guido) * Require user intervention to compile with missing 64-bit support (fdo#35114, Simon McVittie) * Add dbus_type_is_valid as public API (fdo#20496, Simon McVittie) * Raise UnknownObject instead of UnknownMethod for calls to methods on paths that are not part of the object tree, and UnknownInterface for calls to unknown interfaces in the bus daemon (fdo#34527, Lennart Poettering) * Fri Apr 08 2011 thoenig@suse.de - Update to 1.4.8 * Rename configure.in to configure.ac, and update it to modern conventions (fdo#32245; Javier Jardón, Simon McVittie) * Correctly give XDG_DATA_HOME priority over XDG_DATA_DIRS (fdo#34496, Anders Kaseorg) * Prevent X11 autolaunching if $DISPLAY is unset or empty, and add - -disable-x11-autolaunch configure option to prevent it altogether in embedded environments (fdo#19997, NB#219964; Simon McVittie) * Install the documentation, and an index for Devhelp (fdo#13495, Debian #454142; Simon McVittie, Matthias Clasen) * If checks are not disabled, check validity of string-like types and booleans when sending them (fdo#16338, NB#223152; Simon McVittie) * Add UnknownObject, UnknownInterface, UnknownProperty and PropertyReadOnly errors to dbus-shared.h (fdo#34527, Lennart Poettering) * Break up a huge conditional in config-parser so gcov can produce coverage data (fdo#10887, Simon McVittie) * List which parts of the Desktop Entry specification are applicable to .service files (fdo#19159, Sven Herzberg) * Don't suppress service activation if two services have the same Exec= (fdo#35750, Colin Walters) * Windows: - Avoid the name ELEMENT_TYPE due to namespace-pollution from winioctl.h (Andre Heinecke) - Include _dbus_path_is_absolute in libdbus on Windows, fixing compilation (fdo#32805, Mark Brand) * Wed Mar 09 2011 coolo@novell.com - Update to 1.4.6 * Remove unfinished changes intended to support GTest-based tests, which were mistakenly included in 1.4.4 - Update to 1.4.4 * Switch back to using even micro versions for stable releases; 1.4.1 should have been called 1.4.2, so skip that version number * Don't leave bad file descriptors being watched when spawning processes, which could result in a busy-loop (fdo#32992, NB#200248; possibly also LP#656134, LP#680444, LP#713157) * Check for MSG_NOSIGNAL correctly * Fix failure to detect abstract socket support (fdo#29895) * Make _dbus_system_logv actually exit with DBUS_SYSTEM_LOG_FATAL (fdo#32262, NB#180486) * Improve some error code paths (fdo#29981, fdo#32264, fdo#32262, fdo#33128, fdo#33277, fdo#33126, NB#180486) * Avoid possible symlink attacks in /tmp during compilation (fdo#32854) * Tidy up dead code (fdo#25306, fdo#33128, fdo#34292, NB#180486) * Improve gcc malloc annotations (fdo#32710) * If the system bus is launched via systemd, protect it from the OOM killer * Documentation improvements (fdo#11190) * Avoid readdir_r, which is difficult to use correctly (fdo#8284, fdo#15922, LP#241619) * Cope with invalid files in session.d, system.d (fdo#19186, Debian #230231) * Don't distribute generated files that embed our builddir (fdo#30285, fdo#34292) * Raise the system bus's fd limit to be sufficient for its configuration (fdo#33474, LP#381063) * Fix syslog string processing * Ignore -Waddress * Remove broken gcov parsing code and --enable-gcov, and replace them with lcov HTML reports and --enable-compiler-coverage (fdo#10887) * Windows: - avoid live-lock in Windows CE due to unfair condition variables * OpenBSD: - support credentials-passing (fdo#32542) * Solaris: - opt-in to thread safety (fdo#33464) * Sun Jan 02 2011 javier@opensuse.org - Update to 1.4.1 + Fix for CVE-2010-4352: sending messages with excessively-nested variants can crash the bus. The existing restriction to 64-levels of nesting previously only applied to the static type signature; now it also applies to dynamic nesting using variants. Thanks to Rémi Denis-Courmont for discoving this issue. + Various bug fixes. + For details, see http://lists.freedesktop.org/archives/dbus/2010-December/013861.html * Mon Nov 08 2010 aj@suse.de - Fix package list, own /lib/systemd directories. * Tue Oct 12 2010 cristian.rodriguez@opensuse.org - ConsoleKit may not be installed on the system, so kill the process at "stop" only if it is running * Fri Sep 24 2010 cristian.rodriguez@opensuse.org - add missimg BuildRequires on libcap-ng-devel so dbus can drop capabilities when needed. * Mon Sep 06 2010 kay.sievers@novell.com - version 1.4.0 - make dbus-uuidgen atomic - fix socket descriptor leak in _dbus_connect_tcp_socket_with_nonce - unconditionally enable D-Bus on systemd boots * Sat Jul 24 2010 kay.sievers@novell.com - update systemd service installation * Tue Jul 13 2010 kay.sievers@novell.com - drop systemd-units * Sat Jul 10 2010 kay.sievers@novell.com - update to 1.3.2 snapshot - New standardized PropertiesChanged signal in the properties interface - Support forking bus services, for compatibility - install systemd service files * Mon Jun 28 2010 jengelh@medozas.de - use %_smp_mflags * Thu Mar 25 2010 vuntz@opensuse.org - Update to version 1.2.24: + For details, see http://lists.freedesktop.org/archives/dbus/2010-March/012436.html + Highlights: - Fix a critical crasher bug in the syslog code + [bus] While creating a syslog, correctly get pointer data from DBusString + [bus] Don't install a SIGTERM handler + [64 bit printf] Update to use DBUS_PID_FORMAT, print (omitted) + Move dispatching to destination to bus_dispatch_matches() + Dispatch post-activation messages to anyone interested + Build changes. - Changes from version 1.2.22: + For details, see http://lists.freedesktop.org/archives/dbus/2010-March/012395.html + Highlights: - Fix to avoid UI freezes in newer Evolution versions (and any other program that makes synchronous DBus calls from a non-main thread). - Monitor service directories for changes + When handling a watch, return if another thread is doing I/O + Monitor service directories for changes + Sync up UNICODE_VALID with glib, add documentation + Support inotify on older kernels + Handle OOM in reload watch + Refactor _dbus_log_info, _dbus_log_security into _dbus_log_system + Add DBUS_SYSTEM_LOG_FATAL severity + Add _dbus_credentials_to_string_append + Add a prefix to our syslog messages + Make SELinux initialization failure fatal + Don't send an reply for driver messages if one isn't requested + Fix double-free in error case. + Other simple fixes, build fixes. + Explicitly specify in the spec lower-case hex must be used + Use AM_SILENT_RULES if available - Changes from version 1.2.20: + For details, see http://lists.freedesktop.org/archives/dbus/2010-February/012156.html + Fix inotify shutdown + Fix compilation in --disable-selinux case - Changes from version 1.2.18: + For details, see http://lists.freedesktop.org/archives/dbus/2010-February/012150.html + Ignore exit code zero from activated services + Switch to libcap-ng, avoid linking libdbus against libcap[-ng] + Don't drop pending activations when reloading configuration + Update messagebus.in init script to start earlier + Clean up inotify watch handling + Don't crash when reloading if we haven't loaded user database yet + fdo#23502 - corrected wrong verbose-output + Correct timeout handling + dbus-monitor: use unbuffered stdout instead of handling SIGINT + fdo#25697 - Fix memory leak in policy reload + fdo#23977 - dbus-launch --exit-with-session not killing dbus-daemon on SIGINT + Use monotonic clock for _dbus_get_current_time() if it's available. + Make array-printing code easier to follow + Forbid zero serial numbers + Include reason when reporting corrupt messages + Add an accessor for the loader's corruption reason + Print byte arrays as nicely-formatted hex. + Print all-printable-ASCII byte arrays as strings + Build fixes, including fdo#19432, fdo#22788, fdo#22805 * Mon Dec 14 2009 jengelh@medozas.de - add baselibs.conf as a source - package documentation as noarch * Wed Sep 02 2009 mvidner@suse.cz - Implemented /etc/init.d/dbus reload (bnc#503074). * Thu Jul 23 2009 kay.sievers@novell.com - fix %changelog * Fri Jul 17 2009 meissner@suse.de - added dbus-1-devel to baselibs.conf * Fri Jul 17 2009 kay.sievers@novell.com - fix --libexecdir to be the proper /lib/dbus-1/ directory * Wed Jul 15 2009 kay.sievers@novell.com - update to 1.2.16 release - Avoid race conditions reading message from exited process - Ensure initialized variable in dbus_connection_remove_filter - Don't fail autolaunching if process has SIGCHLD handler - Ensure inotify fd is set close on exec - Make sure a pending call timeout isn't assumed - Allow a pending call to block forever - Don't allocate DBusTimeout for pending call when passed INT_MAX - Update documentation now that INT_MAX means no timeout - Fix issue where timeouts can overflow - Remove 6 hour timeout restriction - Unrestrict session bus timeout * Thu Apr 16 2009 crrodriguez@suse.de - use --disable-static instead of removing static libraries * Thu Apr 02 2009 werner@suse.de - Make boot script smart * Tue Feb 17 2009 thoenig@suse.de - update to D-Bus 1.2.12: - fdo#17969: Don't test for abstract sockets if explicitly disabled - fdo#18064: more efficient validation for fixed-size type arrays - Initialize AVC earlier so we can look up service security contexts - Print serial in dbus-monitor - fdo#15412: Add --address option to dbus-send - fdo#18446: Keep umask for session bus - Fix cross-compiling with autotools. - Some code cleanup and warning fixes; --maintainer-mode now uses -Werror by default - add patch dbus-log-deny.patch: log denies to syslog - drop patch dbus-1.2.10-compile-fix.patch * Mon Jan 26 2009 lnussel@suse.de - remove dbus-1.2.10-permissive.patch - move /lib/libdbus-1.so to /usr * Tue Jan 20 2009 thoenig@suse.de - update to 1.2.10: prepares fix for CVE-2008-4311 (bnc#443307) - fix send_requested_reply="true" allows all non-reply messages - add syslog of denials and config file reloads - system policy cleanup - add patch dbus-1.2.10-compile-fix.patch: 1.2.10 compile fix - add patch dbus-1.2.10-permissive.patch: behave like permissive branch, needs to be dropped as soon as all applications ship with correct configuration files for the system bus - drop patch dbus-do-not-abort-on-check-thoenig-01.patch * Wed Dec 10 2008 dmueller@suse.de - list the machine id as ghost file - fix filelist * Wed Dec 10 2008 olh@suse.de - use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293) * Mon Nov 03 2008 thoenig@suse.de - Remove dbus-allow-root-access-to-session-bus.patch (bnc#428963). * Thu Oct 30 2008 olh@suse.de - obsolete old -XXbit packages (bnc#437293) * Fri Oct 10 2008 hpj@novell.com - Add dbus-allow-root-access-to-session-bus.patch (bnc#428963). * Tue Oct 07 2008 thoenig@suse.de - Update to D-Bus 1.2.4 - fix for CVE-2008-3834 (bnc#432901) - compilation and portability fixes * Wed Sep 03 2008 lnussel@suse.de - hook into ConsoleKit for at_console support - only require selinux for > 11.0 * Mon Aug 25 2008 prusnak@suse.cz - enabled SELinux support [Fate#303662] * Fri Aug 22 2008 aj@suse.de - Fix init script. * Thu Aug 07 2008 thoenig@suse.de - Update to D-Bus 1.2.3 - Changes: * new UpdateActivationEnvironment bus API (fdo#16669) * Solaris Auditing (ADT) support (fdo#15740) * Various notable bug fixes (fdo#16727, fdo#16294, fdo#15947 fdo#15588 - Remove patches which went upstream (dbus-userdb-typo.patch, dbus-fix-timer-leak-dmueller-01.patch) * Mon Jun 02 2008 thoenig@suse.de - add patch dbus-userdb-typo.patch (bnc#394383) * Wed May 07 2008 thoenig@suse.de - add patch dbus-fix-timer-leak-dmueller-01.patch (bnc#381621) * Thu Apr 24 2008 thoenig@suse.de - %post: don't use invalid macro - %post: don't call %run_ldconfig (deprecated) * Mon Apr 14 2008 thoenig@suse.de - run dbus-uuidgen in %post * Thu Apr 10 2008 ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support * Tue Apr 08 2008 thoenig@suse.de - Update to D-Bus 1.2.1 - Changes: * compiles under some older versions of glibc * compiles without X support once again * fix stuck server grab if dbus-launch is run in an existing D-Bus X session * various Mac OSX build fixes added * don't use the broken poll call on Mac OSX * better checks for linker flag support should allow D-Bus to link under various linkers * exit_on_disconnect is set after the connection registers with a bus so we don't exit if we get a disconnect during the handshake * dicts now work correctly with dbus-send * inotify backend is now less aggressive * pending calls expire correctly * memleak of uuid when the bus is autolaunched fixed * Wed Feb 27 2008 thoenig@suse.de - Update to D-Bus 1.1.20 - Changes: * system bus activation * TCP address format enhancements * ANONYMOUS mechanism for authentication * autolaunched busses now save their parameters in X11 if possible * inotify is now the default backend for watching configuration file changes * better thread support * bus daemon now generates a globally-unique ID for itself * support for message serialization added * better eavesdropping support now picks up reply messages for debugging * Fixed CVE-2008-0595 * Fixes dbus-launch so the session bus goes away so does D-Bus * Builds against latest gcc/glibc changes * Correctly unref connections without guids during shutdown * API additions: o dbus_connection_set_allow_anonymous() - allow the message stream to begin if the client auths as anonymous o dbus_watch_get_unix_fd() - replaces dbus_watch_get_fd o dbus_watch_get_socket() - replaces dbus_watch_get_fd o dbus_server_get_id() - available to access the unique ID of a particular address o dbus_connection_get_server_id() - available to access the unique ID of a particular address o dbus_message_marshal() - serializes a message into a byte array o dbus_message_demarshal() - de-serializes a byte array into a message * API deprecation: o dbus_watch_get_fd() - had unclear cross-platform semantics * Protocol additions: o Argument path matching of the type arg0path=’/aa/bb/’ is now supported o New error org.freedesktop.DBus.Error.ObjectPathInUse added o ANONYMOUS auth support added o GetAll call added to the properties interface for getting a list of properties an object exports - Add patch dbus-1.1.20-fix-build.patch * Fri Jan 18 2008 thoenig@suse.de - Update to D-Bus 1.1.4 (1.2.0 RC2) - Drop patch dbus-inotify-fix-thoenig-01.patch: Merged upstream * Thu Jan 17 2008 thoenig@suse.de - Add patch dbus-inotify-fix-thoenig-01.patch: Fix inotify support * Wed Jan 16 2008 thoenig@suse.de - Update to D-Bus 1.1.3 - DTD for the introspection format is fixed and uploaded to the servers - Argument path matching of the type arg0path='/aa/bb/' is now supported (see the specification for more information) - New error org.freedesktop.DBus.Error.ObjectPathInUse added Autolaunched busses now save their parameters in X11 if possible making them behave closer to busses launched through the normal mechanisms - inotify is now the default backend for watching configuration file changes - More support for the AIX platform has been added - Numerous bug fixes and performance enhancements * Thu Dec 13 2007 thoenig@suse.de - Fix permissions for activation helper - Use bzip2 for tar ball * Mon Nov 19 2007 thoenig@suse.de - Update to snapshot of D-Bus 1.1.3 (git20071112) - Own /usr/share/dbus-1/system-services - Don't restart on update - Remove dbus-audit-user.patch (upstream) * Fri Oct 19 2007 jpr@suse.de - Correct error in fix for b.n.c 332845, extraneous $DBUS_DAEMON_PID * Fri Oct 19 2007 meissner@suse.de - adjust permissions handling * Fri Oct 12 2007 thoenig@suse.de - Don't use startproc (b.n.c 332845) - Merge D-Bus package from build service * Tue Oct 02 2007 tambet@novell.com - Update to 1.1.2 for system service activation. - Add patches from RedHat: dbus-lsb.patch dbus-audit-user.patch dbus-no-abort.patch * Tue Sep 25 2007 dmueller@suse.de - install a interfaces directory * Fri Aug 10 2007 dmueller@suse.de - package size reduction (31%) - documentation shouldn't be executable * Mon Jul 30 2007 thoenig@suse.de - Fix path in rc script for both, dbus-daemon and dbus-uuidgen * Sun Jul 29 2007 ro@suse.de - next attempt to fix path for dbus-launch * Sat Jul 28 2007 thoenig@suse.de - Fix location of dbus-1-launch for dbus-1-x11 - Fix dbus-1-devel to own %{_libdir}/dbus-1.0 * Wed Jul 25 2007 thoenig@suse.de - move D-Bus to / (b.n.c #285472) - remove static libraries * Fri Jul 20 2007 dmueller@suse.de - build against libexpat (#285472) * Tue Jun 19 2007 thoenig@suse.de - Add $local_fs to Required-Start (b.n.c #285472) * Fri Mar 16 2007 dmueller@suse.de - display error messages from dbus-launch * Sun Feb 25 2007 thoenig@suse.de - remove leading whitespace from .changes * Thu Feb 22 2007 thoenig@suse.de - Disable dbus-do-not-abort-on-check-thoenig-01.patch until we hit RC phase. * Mon Feb 19 2007 dmueller@suse.de - fix mis-placed comment marker * Tue Feb 13 2007 dmueller@suse.de - build wih x support for dbus-1-x11 package (#225627) * Wed Dec 13 2006 thoenig@suse.de - move invocation of autoreconf from %prep to %build - update to D-Bus 1.0.2 (skipped 1.0.1) - fix security bug CVE-2006-6107 match rules can be removed by apps that did not create them - pthread fix - fix bug where calling dbus_threads_init_default would assert - fix UUID output to match the spec - clear up documentation on UUIDs * Sun Nov 12 2006 thoenig@suse.de - add patch dbus-do-not-abort-on-check-thoenig-01.patch: Do not call _dbus_warn_check_failed() but _dbus_warn() on checks as _dbus_warn_check_failed() always leads to abort(3) * Sat Nov 11 2006 thoenig@suse.de - update to D-Bus 1.0.0 - documents updated with API/ABI guarantees - added missing patch FreeBSD need to run out of the box - dbus-monitor now has a profile mode - AUTHORS file updated with names from the ChangeLog. Thanks to everyone who helped get us here * Thu Nov 09 2006 thoenig@suse.de - start service for D-Bus system bus also in run level 2 (b.n.c [#216805]) * Fri Nov 03 2006 thoenig@suse.de - remove patch dbus-send-do-not-close-shared-connection-thoenig-01.patch (fix is now upstream) - run cleanup-man-pages.sh to clean up Doxygen man page output - cleanup rc script, add invocation of dbus-uuidgen - do not call dbus-uuidgen in %post - update to D-Bus 0.95 - DBUS_API_SUBJECT_TO_CHANGE no longer needs to be defined when building apps - ./configure checks now work when cross compiling - dbus-uuidgen --ensure is now run in the init script so there is no need to run it in a post script - dbus-uuidgen now writes out to /var/lib/dbus to work with systems that do not have a writable /etc. Packages should install and own the /var/lib/dbus directory - recursive locks are now used when dbus_threads_init_default is called - standard_session_servicedirs tag added to the session.conf under a normal build this specifies these service directories: /usr/local/share/dbus-1/services /usr/share/dbus-1/services $HOME/.local/share/dbus-1/services - fixed crash when a service directory is specified more than once - fixed a crash in *BSD when watching config directories for changes - fixed Irix build by using dirp->__dd_fd to get the file descriptor - cleaned up the LOCAL_CREDS vs CMGCRED credential code so * BSD's don't crash here anymore - dbus_message_iter_get_array_len deprecated - cleanup-man-pages.sh added so packagers can clean up Doxygen man page output from 7 to 2 megs - large documentation improvements - numerous bug fixes * Mon Oct 23 2006 thoenig@suse.de - add patch dbus-send-do-not-close-shared-connection-thoenig-01.patch: Do not call dbus_connection_close() for shared connection. * Sun Oct 15 2006 thoenig@suse.de - do not kill applications using D-Bus on update (b.n.c #210192) - fix 'rcdbus status' to report correctly if D-Bus was not running - run 'dbus-uuidgen --ensure' in %post section - drop patch dbus-unref-connections-on-close-thoenig-01.patch (fix is upstream) - drop patch dbus-display_DBUS_DAEMONDIR_in_configure.diff (fix is upstream) - drop patch dbus-tools_autobuild.diff (not required any more) - update to D-Bus 0.94 (skipped 0.93) - dbus-uuidgen binary added for future remote machine identification * packagers should call dbus-uuidgen --ensure in their post - GetMachineId peer method added to the bus API - dbus_connection_set_route_peer_messages API added to let the bus send peer messages directly to an app - autolaunch abilities added to dbus-launch with the - -autolaunch flag * This feature allows libdbus to start a session bus if none can be found * This is an internal feature and should not be used by scripts DBUS_SESSION_BUS_ADDRESS is still the correct way to specify a session bus - dbus-launch now prints out a simple key value pairs instead of shell scripts if one of the shell flags aren't used - support DBUS_BLOCK_ON_ABORT env variable to cause blocking waiting for gdb - weak ref are now held for shared connections so the right things happen this fixes some pretty major bugs with the way connections were handled - some refactoring for Windows (doesn't effect Unix) - Solaris build fixes - MacOSX build fixes - Cross compile build fixes. We now assume getpwnam_r is posix and va_lists can be copied by value since we can't check this in a cross compile. If this is not true for a particular target is up to the developer to patch. - dbus_threads_init_default added for initalizing threads without the need for bindings - Filters are now properly removed - dbus_connection_open now holds a hard ref to shared connections - we now print out a warning and do nothing when someone tries to close a shared connection - the --introspect switch has been added to the bus for printing out introspection data without actually running the bus - LOCAL_CREDS socket credentials are now supported for systems which support it such as NetBSD - generalize kqueue support so it works with NetBSD as well as FreeBSD - numerous bug fixes and memory leaks patched * Thu Aug 31 2006 dkukawka@suse.de - added patch dbus-display_DBUS_DAEMONDIR_in_configure.diff to expand the complete path of DBUS_DAEMONDIR (b.n.c. #202854) * Thu Aug 24 2006 thoenig@suse.de - add patch dbus-unref-connections-on-close-thoenig-01.patch: Unref connections on dbus_connection_close (b.n.c. #201164). * Sat Aug 19 2006 thoenig@suse.de - update to D-Bus 0.92 - proper thread locking added to pending calls - threading semantics changed from init early to init before the second thread - correctly error out when an application tries to acquire or release the org.freedesktop.DBus name instead of sending false result codes - kqueue directory watching code can now be used to monitor config file changes on FreeBSD - --with-dbus-daemondir configure switch added so the daemon can be installed separate from the user binaries - Makefiles fixed for cygwin - fixed docs and comments to use the D-Bus spelling instead of D-BUS - many memleaks and bugs fixed * Thu Aug 17 2006 thoenig@suse.de - update to D-Bus 0.92 CVS snapshot 2006-08-17 - don't crash in dbus_pending_call_get_completed if D-Bus connection is used twice in one application - dbus-1-devel-doc: don't package non-existent HTML files * Wed Aug 16 2006 aj@suse.de - Do not use xmlto in BuildRequires. * Tue Aug 01 2006 thoenig@suse.de - split out binings to sparate spec files - string replacement: s/D-BUS/D-Bus - spec file cleanups - remove aaa_base from requires - drop dbus-1-qt (qt-dbus obsoletes dbus-1-qt) - new upstream version 0.91 (skipped 0.90) - remove some lingering bits left over from the bindings split - fix assertion causing D-Bus applications to crash when checks are enabled - fix a timeout bug which would block applications from being auto started - API/ABI freeze for 1.0 - bindings are now split out into seperate packages - listActivatableNames added as a method on the bus - removed deprecated dbus_connection_disconnect (use dbus_connection_close) - shared connections are now unreffed on disconnect - fixed pending calls for threaded enviornments - pending calls get timed out on connection disconnect - dbus_connection_send_with_reply returns TRUE and a NULL pending call if you call it on a connection object which has been disconnected already (it returns FALSE on Out of Memory errors only) - dbus-monitor now correctly catches methods, not just signals - dbus-monitor now prints object paths * Fri Jul 07 2006 adrian@suse.de - fix build for < 10.1 * do not use -fstack-protector - fix build for non-SUSE distros * Tue Jul 04 2006 adrian@suse.de - fix build for 10.1 - remove requires to -%release which can't work * Mon Jul 03 2006 thoenig@suse.de - call configure with --exec_prefix and --datadir - spec file clean up * Thu Jun 22 2006 thoenig@suse.de - fix build: add freetype2-devel and libpng-devel to dbus-1-qt.spec - add patch: dbus-pending-reply-revert.diff to avoid crashes of multi-threaded applications using libdbus-1. * Tue Jun 20 2006 coolo@suse.de - split out -qt and -qt3 into their own spec files * Mon Jun 12 2006 thoenig@suse.de - new upstream version 0.62 - doc fixes - add support for all data-types for the dbus tools - fix eavesdropping on method calls (dbus-monitor) - fix silent dropping of method calls with interface=NULL - fix console ownership problems in Solaris - fix installation of dbus-signature.h and #include it in dbus/dbus.h - flush the user database cache on config reload - GLib bindings: - fix memory leaks - fix properties in DBusGProxy so that they can be given in any order - add lots of assertions to ensure correct use - remove duplicated code - fix static string pointer uses in GPtrArray-based collections - Python bindings: - remove reference to sys/cdefs.h - Qt4 bindings: - code reorganized - add the dbusidl2cpp, dbuscpp2xml and dbus tools - add example programs (ping-pong, complex ping-pong, listnames, chat) - updat selftests - fix compilation and .moc- and .ui-file processing and cleaning - make central classes derive from QObject - enhance error reporting - many bugfixes - Mono bindings: - minor bugfixes - dbus-gcj_fixes.diff: remove hunk for fastjar - dbus-qt_moc_configure.diff: dropped, now upstream - dbus-qt_compile_fix.diff: dropped, now upstream - dbus-mono-args.diff: dropped, now upstream - dbus-mono-return-null.diff: dropped, now upstream - dbus-pedantic_compile.diff: dropped, now upstream - dbus-reply_pending_limit.diff: dropped, now upstream - add fastjar to requires of dbus-1-mono * Mon Apr 24 2006 thoenig@suse.de - Add patch (dbus-mono-exit-on-disconnect.diff) from Aaron Bockover to extend the API of the mono bindings for exit_on_disconnect() (Novell bug #167824). * Wed Mar 15 2006 thoenig@suse.de - disable dbus-connection-blocks-on-poll.diff as it leads to crashes in applications using dbus_connection_send_with_reply_and_block (). * Mon Mar 06 2006 thoenig@suse.de - add restart_on_update back to %postun (#143151, #150042) * Fri Mar 03 2006 thoenig@suse.de - Add patch (dbus-connection-blocks-on-poll.diff) in order to fix pending replies being delayed if an application using the bus blocks on another pending reply. (not tracked in upstream bugzilla, only on-list, Novell bug #154916) - Sync patches with dbus-1-mono * Wed Mar 01 2006 thoenig@suse.de - Add patch (dbus-reply_pending_limit.diff) in order to fix the pending replies limit not to be common for all connections. (Freedesktop bug #4200, Novell bug #153733) * Fri Feb 24 2006 aj@suse.de - Sync patches with dbus-1-mono. * Tue Feb 14 2006 ro@suse.de - move all bindings except for glib to dbus-1-mono specfile - remove restart_on_update (only restart on reboot) (#143151) * Fri Feb 03 2006 aj@suse.de - Remove unneeded BuildRequires. * Sun Jan 29 2006 aj@suse.de - Splitup packages dbus-1-qt3-devel, dbus-1-qt-devel (#144857). * Fri Jan 27 2006 mls@suse.de - converted neededforbuild to BuildRequires * Mon Jan 23 2006 thoenig@suse.de - Fixed D-BUS to restart on `rcdbus restart` id session busses are running (closes #127969) * Fri Jan 20 2006 werner@suse.de - Make rc script fully conforming with LSB * Thu Jan 19 2006 meissner@suse.de - Use -fstack-protector. - Added some missing requires to the -devel packages. * Thu Jan 05 2006 thoenig@suse.de - added libxml2-python to Requires of dbus-1-python (closes [#141225]) * Tue Dec 20 2005 dmueller@suse.de - fix Qt4/x86_64 build with Qt 4.1 * Sat Dec 17 2005 thoenig@suse.de - renamed sub package for Qt bindings from dbus-1-qt to dbus-1-qt3 - introducing Qt4 bindings, new package is dbus-1-qt - renamed dbus-qt_compile_fix.diff to dbus-qt3_compile_fix.diff - added -fno-strict-aliasing to CXXFLAGS - modified patch: * removed configure.in parts of dbus-qt3_compile_fix.diff (fixed upstream) - removed patches: * dbus-dnotify_configure-01.diff (fixed upstream) * dbus-dnotify_watchdirs-01.diff (fixed upstream) * Fri Dec 09 2005 ro@suse.de - disable selinux * Tue Nov 22 2005 coolo@suse.de - make libdbus-1-qt self containing lib * Sat Nov 12 2005 thoenig@suse.de - added patches to make dnotify actually work for configuration file changes. We now can add new bus policies at runtime. * dbus-dnotify_configure-01.diff * dbus-dnotify_watchdirs-01.diff * Thu Oct 20 2005 thoenig@suse.de - added -fPIC to CFLAGS * Wed Sep 21 2005 thoenig@suse.de - new upstream version 0.50.2 (skipped some) - removed patches: * dbus-disable_kde_dependency.diff (upstream) * dbus-transaction_fix.diff (upstream) * dbus-session-connect.diff (upstream) * dbus-gcj_fix_for_gcc4_on_x86_64.diff (duplicated, see dbus-gcj_fixes.diff) - modified patch: * dbus-gcj_fixes.diff (removed reference to $BUILD_ROOT in .la) * Sat Sep 17 2005 dmueller@suse.de - make header files compileable with -pedantic * Tue Sep 06 2005 dkukawka@suse.de - fixed return values for rchal start to be LSB conform (#115385) * Sun Sep 04 2005 aj@suse.de - Add check-build.sh script. * Tue Aug 30 2005 thoenig@suse.de - Moved man pages to correct sub-packages (closes #114036) * Tue Aug 30 2005 thoenig@suse.de - Added patch to fix session bus exploit (CAN-2005-0201, closes [#114043]) * Thu Aug 04 2005 thoenig@suse.de - Replaced previous workaround for #98264 with a proper fix * Tue Jul 26 2005 thoenig@suse.de - Reduce timeout for (wrongly assumed?) oom situations from 500ms to 50ms (closes #98264). * Mon Jul 18 2005 thoenig@suse.de - new upstream version 0.35.2 (skipped 0.35 and 0.35.1) - removed patches: * dbus-python_bindings_gcc4_fix.diff (obsolete) * dbus-console-auth-SuSE-01.diff (upstream) - new patches: * dbus-gvalue-utils-fix.diff (function returned random data) * dbus-python_bindings_fix.diff (unititialized variable) * Wed Jun 22 2005 thoenig@suse.de - new upstream version 0.34 - new patch `dbus-console-auth-SuSE-01.diff`: this patch adds the command line option "--with-console-auth-dir" for resmgr integration. * Wed Jun 22 2005 thoenig@suse.de - moved *.la *.a and *.pc files from dbus-1-glib to dbus-1-devel - added dbus-1-glib and glib2-devel to Requires of dbus-1-devel * Thu May 19 2005 adrian@suse.de - fix path to documentation in susehelp desktop file * Mon May 02 2005 lnussel@suse.de - fix init script dbus-daemon-1 -> dbus-daemon - use fastjar only on > 9.3 * Thu Apr 28 2005 thoenig@suse.de - new upstream version 0.33 - fixed typo in 'rc.boot.dbus' * Mon Apr 25 2005 thoenig@suse.de - updated e-mail address in 'rc.boot.dbus' * Thu Apr 21 2005 thoenig@suse.de - updated short description in 'rc.boot.dbus' * Wed Apr 20 2005 thoenig@suse.de - D-BUS 0.33 (CVS 2005-04-19) - ABI changes will affect packages: beagle, gnome, hal, ial, kdebase3, submount, tomboy. A tutorial to fix errors caused by the ABI/API change: http://people.redhat.com/johnp/files/dbus_0.23_to_0.30_porting_quickref.txt - enabled python bindings again. GCC4 fix is provided by dbus-python_bindings_gcc4_fix.diff. This patch is to be dropped once pyrex generates GCC4-clean C code. * Mon Apr 18 2005 ro@suse.de - use "fastjar" instead of "jar" with gcc-4 - disable python bindings for now (generated code is not really gcc-4 compliant) * Wed Mar 16 2005 thoenig@suse.de - applied 'dbus-il-fix.patch' for dbus-1-mono to prevent a crash caused by a change in mono. * Mon Mar 14 2005 schwab@suse.de - Fix name of init script. * Mon Mar 14 2005 thoenig@suse.de - changed init order for hal/dbus/resmgr * Sun Mar 13 2005 thoenig@suse.de - applied `dbus-mono-leak.diff` which fixes memory leaks of the mono bindings. * Sat Mar 12 2005 thoenig@suse.de - new upstream version 0.23.4 * Thu Mar 10 2005 thoenig@suse.de - new upstream version 0.23.3 - removed obsolete patch (python_bindings_x86_64_fix.diff) * Thu Mar 03 2005 dkukawka@suse.de - fixed boot.dbus [see bug# 65775] * Mon Feb 28 2005 thoenig@suse.de - moved files from dbus-1-devel to dbus-1-{glib,java,qt} * Tue Feb 22 2005 thoenig@suse.de - added fix for python bindings to compile on 64 bit - moved {_datadir}/dbus-1 and {_datadir}/dbus-1/services from dbus-1-x11 to dbus-1 package * Mon Feb 21 2005 gekker@suse.de - Fix dbus-1-x11, add directory so dbus-launch will work * Mon Feb 21 2005 adrian@suse.de - avoid kde dependencies to improve our build times. The only thing which does need KDE is the configure script, the bindings itself are pure Qt * Sun Feb 20 2005 thoenig@suse.de - new upstream version 0.23.2 * Sun Feb 20 2005 thoenig@suse.de - new upstream version 0.23.2 * Tue Feb 15 2005 dkukawka@suse.de - update to new version 0.23.1 * Tue Feb 15 2005 dkukawka@suse.de - update to new version 0.23.1 * Fri Feb 04 2005 gekker@suse.de - Use mono-devel-packages in neededforbuild - pass --enable-mono in ./configure - Make sure the symbolic link of dbus-sharp.dll is installed * Thu Feb 03 2005 thoenig@suse.de - fixed assignment of .pc files * dbus-1.pc is now owned by dbus-1-devel * dbus-glib-1.pc is now owned by dbus-1-glib * dbus-sharp.pc is now owned by dbus-1-mono * Thu Feb 03 2005 thoenig@suse.de - fixed assignment of .pc files * dbus-1.pc is now owned by dbus-1-devel * dbus-glib-1.pc is now owned by dbus-1-glib * dbus-sharp.pc is now owned by dbus-1-mono * Thu Feb 03 2005 ro@suse.de - use common macros in pre/post scripts * Fri Jan 28 2005 dkukawka@suse.de - fixed specfile of dbus * Fri Jan 28 2005 dkukawka@suse.de - added aaa_base to requirements - added /etc/init.d/boot.localfs to prereqy * Tue Jan 25 2005 dkukawka@suse.de - cleaned up requirements in spec-file - disabled all unneeded bindings within ./configure to reduce buildtime * Tue Jan 25 2005 dkukawka@suse.de - cleaned up requirements in spec-file * Sun Jan 23 2005 dkukawka@suse.de - fixed libdir directory for x86_64 in mono package * Sun Jan 23 2005 dkukawka@suse.de - fix libdir directory for x86_64 * Thu Jan 20 2005 adrian@suse.de - enable api docu for qt, c# and java - integrate api docu into suse help * Thu Jan 13 2005 dkukawka@suse.de - update to new version [0.23]. For more infos read the Changelog of the src * Thu Jan 13 2005 dkukawka@suse.de - update to new version [0.23]. For more info read the Changelog of the src - changed position in /etc/rc.d/boot.d/, now dbus start depending on boot.localnet (this is a workaround to the /var/run - cleanup is moved from boot.localnet to boot.localfs) * Wed Jan 12 2005 dkukawka@suse.de - changed some in dbus-1-mono.spec * Wed Jan 12 2005 dkukawka@suse.de - changed rc-script: - now dbus start in boot.d - start depends on boot.localfs - changed spec-file, now insserv instead of chkconfig - fixed bug #49410 * Tue Jan 11 2005 ro@suse.de - added /usr/lib/qt3/bin to PATH (for moc) * Mon Jan 10 2005 adrian@suse.de - fix build, qt developer tools aren't in default PATH anymore * Mon Nov 29 2004 dkukawka@suse.de - removed ExclusiveArch, since mono and gtk-sharp for other archs available (thanks to ro@suse.de) * Sun Nov 28 2004 dkukawka@suse.de - moved package to ../done/I386 , package is only for %ix86, because on other archs we don´t have gtk-sharp - changed requirements [dbus = %{version}-%{dbus_release}] * Sun Nov 28 2004 dkukawka@suse.de - init * Thu Nov 25 2004 dkukawka@suse.de - removed automatically deleting of DBUS-user and -group in uninstall-routine - readding dbus-1-python package - changed different due to new automake and python versions - added Requires and BuildRequires * Tue Nov 23 2004 dkukawka@suse.de - added packages [glib, x11] - change different things in packages, removed doupled/conflicting files in packages [base-rpm, devel, gtk, java, qt] - changed different in %pre, %preun, %post, %postun sections of the spec-file - stop dbus automatically before uninstall - add/remove now dbus automatically to/from system services * Sat Nov 20 2004 dkukawka@suse.de - fixed bug in spec-file * Thu Nov 18 2004 dkukawka@suse.de - removed binding package for Python while automake is fixed ! * Wed Nov 17 2004 dkukawka@suse.de - added binding packages [java, qt, gtk, python] * Fri Nov 05 2004 thoenig@suse.de - dynamic allocation of user id user messagebus - dynamic allocation of group id for group messagebus * Wed Oct 20 2004 thoenig@suse.de - init
/etc/dbus-1 /etc/dbus-1/session.conf /etc/dbus-1/session.d /etc/dbus-1/system.conf /etc/dbus-1/system.d /run/dbus /usr/lib/systemd/system/dbus.socket /usr/lib/systemd/system/sockets.target.wants /usr/lib/systemd/system/sockets.target.wants/dbus.socket /usr/lib/systemd/user/dbus.socket /usr/lib/systemd/user/sockets.target.wants /usr/lib/systemd/user/sockets.target.wants/dbus.socket /usr/lib/sysusers.d/dbus.conf /usr/lib/tmpfiles.d/dbus.conf /usr/share/dbus-1 /usr/share/dbus-1/interfaces /usr/share/dbus-1/services /usr/share/dbus-1/session.conf /usr/share/dbus-1/system-services /usr/share/dbus-1/system.conf /usr/share/dbus-1/system.d /var/lib/dbus /var/lib/dbus/machine-id
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Jan 23 23:30:56 2025