Colin Walters walters at verbum.org
Fri Sep 28 10:43:23 PDT 2012


D-Bus 1.6.6 (2012-09-28)

The "Clear the environment in your setuid binaries, please" release.

• CVE-2012-3524: Don't access environment variables (fd.o #52202)
  Thanks to work and input from Colin Walters, Simon McVittie,
  Geoffrey Thomas, and others.
• Unix-specific:
  · Fix compilation on Solaris (fd.o #53286, Jonathan Perkin)
  · Work around interdependent headers on OpenBSD by including sys/types.h
    before each use of sys/socket.h (fd.o #54418, Brad Smith)

More information about the dbus mailing list