dbus-1.2.12 and dbus-1.2.4.4permissive
Colin Walters
walters at verbum.org
Wed Jan 7 13:03:45 PST 2009
New releases of dbus are available.
Due to a security issue (CVE-2008-4311) for which a large number of
system services need fixes, the dbus 1.2 stable branch has been split
into two streams. The "1.2.4Xpermissive" branch originates from 1.2.4,
and maintains the unintended permissive default for messages. Releases
1.2.6 and later have a default deny. It is intended that the
permissive branch only be used temporarily by vendors. For more
information, see this mail:
http://lists.freedesktop.org/archives/dbus/2008-December/010769.html
Primary stream: http://dbus.freedesktop.org/releases/dbus/dbus-1.2.12.tar.gz
SHA1: 13de8dc28c9edae7b9d2928ff691549bb2bef21a
Permissive stream:
http://dbus.freedesktop.org/releases/dbus/dbus-1.2.4.4permissive.tar.gz
SHA1: 5886697a7df2da5dd67975c68465480e7a8044f2
As before, these two releases only differ in the default policy for
method calls.
This stable release finally merges in a good number of patches which
had already been committed to master. Notably the speedup for
fixed-element-size arrays. I know there are still some portability
and other fixes outstanding and I plan to get to them for the next
stable release; I wanted to get a release out sooner rather than later
which actually compiles. Changes in this release:
* Bug 17969: Don't test for abstract sockets if explicitly disabled
* Bug 18064: more efficient validation for fixed-size type arrays
* Initialize AVC earlier so we can look up service security contexts
* Print serial in dbus-monitor
* Bug 15412: Add --address option to dbus-send
* Bug 18446: Keep umask for session bus
* Fix cross-compiling with autotools.
* Some code cleanup and warning fixes; --maintainer-mode now uses
-Werror by default
Contributors to this release: Diego E. 'Flameeyes' Pettenò, Lawrence
R. Steeger, Colin Walters, Matt McCutchen, Michael Meeks, Tor
Lillqvist, Lionel Landwerlin, Jon Gosting, James Carter.
Full git log:
commit 1757a749c331f874047d7b3689a7d4ad41d719f4
Author: Colin Walters <walters at verbum.org>
Date: Tue Jan 6 19:35:55 2009 -0500
Release 1.2.12.
commit be4745734689d78e606a69e09a4e07c33d7d51c2
Author: Colin Walters <walters at verbum.org>
Date: Tue Sep 23 14:56:41 2008 -0400
Add Scott to HACKING
commit 2895b793ebbb63fcb6d4b1c5516d779959e5264b
Author: Colin Walters <walters at verbum.org>
Date: Mon Aug 11 16:50:39 2008 -0400
Bug 17060: Explicitly hard fail if expat is not available
* configure.in: Tweak libxml/expat detection and handling.
commit 1334ecb435990ba48d3fd4d49aece3927efb0f37
Author: Lionel Landwerlin <lionel.landwerlin at openwide.fr>
Date: Sat Oct 18 14:25:52 2008 -0400
Bug 17969: Don't test for abstract sockets if explicitly disabled
Signed-off-by: Colin Walters <walters at verbum.org>
commit d437d9202efd8190ec6405d04627b34cb47bcc86
Author: Jon Gosting <yukarionsen at gmail.com>
Date: Mon Nov 10 23:29:05 2008 -0500
Bug 18064 - more efficient validation for fixed-size type arrays
* dbus/dbus-marshal-validate.c: If an array is fixed size,
skip validation
Signed-off-by: Colin Walters <walters at verbum.org>
commit 1f3bcd241e5a54fa4ad8b515893783323eff6feb
Author: James Carter <jwcart2 at tycho.nsa.gov>
Date: Wed Oct 1 16:40:33 2008 -0400
Initialize AVC earlier so we can look up service security contexts
* bus/bus.c: Initialize AVC earlier:
http://lists.freedesktop.org/archives/dbus/2008-October/010493.html
Signed-off-by: Colin Walters <walters at verbum.org>
commit 2f561c2fc55858a9909e0035d564ce19e6a9722d
Author: Michael Meeks <michael.meeks at novell.com>
Date: Fri Aug 29 08:48:45 2008 -0400
Print serial in dbus-monitor
* tools/dbus-print-message.c: Print serial too.
Signed-off-by: Colin Walters <walters at verbum.org>
commit 100027007254aaec3ba0388bd0f42e29e512a678
Author: Tor Lillqvist <tml at iki.fi>
Date: Thu Sep 18 19:40:50 2008 -0400
[win32] Protect usage of SIGHUP with #ifdef
Signed-off-by: Colin Walters <walters at verbum.org>
commit fc08b432a3df4e3ebb5f5f33ae8d0850aed5f996
Author: Lawrence R. Steeger <lsteeger at gmail.com>
Date: Sat Oct 18 14:50:49 2008 -0400
Bug 15412: Add --address option to dbus-send
Signed-off-by: Colin Walters <walters at verbum.org>
commit 6663d1dd35f94717209cd6fca86045bca853ef79
Author: Matt McCutchen <matt at mattmccutchen.net>
Date: Mon Nov 10 08:55:27 2008 -0500
Bug 18446: Keep umask for session bus
Signed-off-by: Colin Walters <walters at verbum.org>
commit 9928648f16afd45078fb93116b6529a7dcca80dc
Author: Diego E. 'Flameeyes' Pettenò <flameeyes at gmail.com>
Date: Sun Jan 4 01:16:50 2009 +0100
Fix cross-compiling with autotools.
The AC_CANONICAL_TARGET macro and the $target_os variables are used for the
target of compilers and other code-generation tools, and should not be used
during cross-compile of generic software. Replace them with
AC_CANONICAL_HOST and $host_os instead, as they should have been from the
start.
For a breakdown of what host, build and target machines are, please see
http://blog.flameeyes.eu/s/canonical-target .
commit eebad8668d2b56a4b9a269f65513592eb1882b68
Author: Peter Breitenlohner <peb at mppmu.mpg.de>
Date: Tue Jan 6 16:48:39 2009 -0500
Avoid possible use of uninitialized variable
Signed-off-by: Colin Walters <walters at verbum.org>
commit 6413acafefb307021d91ddaf21c4b0489ebf3bff
Author: Colin Walters <walters at verbum.org>
Date: Fri Dec 19 20:02:14 2008 -0500
Enable -Werror by default with --enable-maintainer-mode, and change warnings
Important compiler warnings were being lost in the noise from warnings
we know about but aren't problems, and moreover made using -Werror
difficult. Now we expect *all* developers and testers to be using
-Werror.
commit 4e4f0de8cc8c3127641013fd833349dab34b676b
Author: Colin Walters <walters at verbum.org>
Date: Fri Dec 19 18:54:59 2008 -0500
Various compiler warning fixes
commit eb1ba381f62ae0defc9b0cfaa3a228f2c6a3d623
Author: Colin Walters <walters at verbum.org>
Date: Fri Dec 19 15:17:49 2008 -0500
Bump for unstable cycle
More information about the dbus
mailing list